CODE
/ ip firewallset input name="input" policy=accept comment=""set forward name="forward" policy=accept comment=""set output name="output" policy=accept comment=""add name="virus" policy=none comment=""/ ip firewall rule forwardadd connection-state=invalid action=drop comment="Drop invalid connections" \ disabled=noadd connection-state=established action=accept comment="Established \ connections" disabled=noadd connection-state=related action=accept comment="Related connections" \ disabled=noadd action=jump jump-target=virus comment="!!! Check for well-known viruses \ !!!" disabled=noadd protocol=udp action=accept comment="UDP" disabled=noadd protocol=icmp limit-count=50 limit-burst=2 limit-time=5s action=accept \ comment="Allow limited pings" disabled=noadd protocol=icmp action=drop comment="Drop excess pings" disabled=no/ ip firewall rule inputadd connection-state=invalid action=drop comment="Drop invalid connections" \ disabled=noadd connection-state=established action=accept comment="Accept established \ connections" disabled=noadd connection-state=related action=accept comment="Accept related \ connections" disabled=noadd action=jump jump-target=virus comment="!!! Check for well-known viruses \ !!!" disabled=noadd protocol=udp action=accept comment="UDP" disabled=noadd protocol=icmp limit-count=50 limit-burst=2 limit-time=5s action=accept \ comment="Allow limited pings" disabled=noadd protocol=icmp action=drop comment="Drop excess pings" disabled=noadd src-address=192.168.0.0/24 action=accept comment="From my local network" \ disabled=noadd dst-address=:22 protocol=tcp action=accept comment="SSH for demo \ purposes" disabled=noadd action=drop log=yes comment="Log and drop everything else" disabled=no/ ip firewall rule virusadd dst-address=:135-139 protocol=tcp action=drop comment="Drop Blaster Worm" \ disabled=noadd dst-address=:135-139 protocol=udp action=drop comment="Drop Messenger \ Worm" disabled=noadd dst-address=:445 protocol=tcp action=drop comment="Drop Blaster Worm" \ disabled=noadd dst-address=:445 protocol=udp action=drop comment="Drop Blaster Worm" \ disabled=noadd dst-address=:593 protocol=tcp action=drop comment="________" disabled=noadd dst-address=:1024-1030 protocol=tcp action=drop comment="________" \ disabled=noadd dst-address=:1080 protocol=tcp action=drop comment="Drop MyDoom\(Disable \ for Enable Socks Proxy\)" disabled=yesadd dst-address=:1214 protocol=tcp action=drop comment="________" disabled=noadd dst-address=:1363 protocol=tcp action=drop comment="ndm requester" \ disabled=noadd dst-address=:1364 protocol=tcp action=drop comment="ndm server" \ disabled=noadd dst-address=:1368 protocol=tcp action=drop comment="screen cast" \ disabled=noadd dst-address=:1373 protocol=tcp action=drop comment="hromgrafx" \ disabled=noadd dst-address=:1377 protocol=tcp action=drop comment="cichlid" disabled=noadd dst-address=:1433-1434 protocol=tcp action=drop comment="Worm" \ disabled=noadd dst-address=:2745 protocol=tcp action=drop comment="Bagle Virus" \ disabled=noadd dst-address=:2283 protocol=tcp action=drop comment="Drop Dumaru.Y" \ disabled=noadd dst-address=:2535 protocol=tcp action=drop comment="Drop Beagle" \ disabled=noadd dst-address=:2745 protocol=tcp action=drop comment="Drop Beagle.C-K" \ disabled=noadd dst-address=:3127-3128 protocol=tcp action=drop comment="Drop MyDoom" \ disabled=noadd dst-address=:3410 protocol=tcp action=drop comment="Drop Backdoor \ OptixPro" disabled=noadd dst-address=:4444 protocol=tcp action=drop comment="Drop Blaster Worm" \ disabled=noadd dst-address=:4444 protocol=udp action=drop comment="Drop Blaster Worm" \ disabled=noadd dst-address=:5554 protocol=tcp action=drop comment="Drop Sasser" \ disabled=noadd dst-address=:8866 protocol=tcp action=drop comment="Drop Beagle.B" \ disabled=noadd dst-address=:9898 protocol=tcp action=drop comment="Drop Dabber.A-B" \ disabled=noadd dst-address=:10000 protocol=tcp action=drop comment="Drop Dumaru.Y" \ disabled=noadd dst-address=:10080 protocol=tcp action=drop comment="Drop MyDoom.B" \ disabled=noadd dst-address=:12345 protocol=tcp action=drop comment="Drop NetBus" \ disabled=noadd dst-address=:17300 protocol=tcp action=drop comment="Drop Kuang2" \ disabled=noadd dst-address=:27374 protocol=tcp action=drop comment="Drop SubSeven" \ disabled=noadd dst-address=:39213 protocol=tcp action=drop comment="Drop Blaster Worm" \ disabled=noadd dst-address=:39213 protocol=udp action=drop comment="Drop Blaster Worm" \ disabled=noadd dst-address=:65506 protocol=tcp action=drop comment="Drop PhatBot, \ Agobot, Gaobot" disabled=no 楼上那是什么啊? 唉,你得让我们怎么帮你?基础都不会,全帖图会贴死人的 那应该怎么做啊吧什么贴出来啊 我吧配置文件贴出来 请教下
页:
[1]