封闭端口和协议 - RouterOS - 自由的生活_软路由

ospace 发表于 2005-4-22 10:31:14

在这里看了很多好文章,自己设了一下封闭端口和协议,大家来探讨一下.01.IP-->filter chains-->+ 随便起名字(假设为closep)--->ok

ospace 发表于 2005-4-22 10:32:04

02.IP-->filter rules在右边选择栏内选择closep

ospace 发表于 2005-4-22 10:33:27

03.把要封闭的端口和协议在Terminal用/import*.rsc命令导入.

ospace 发表于 2005-4-22 10:35:40

/ ip firewall rule closep add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:25 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:69 \ out-interface=all protocol=udp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:113 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:113 \ out-interface=all protocol=udp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:123 \ out-interface=all protocol=udp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:134-139 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:134-139 out-interface=all protocol=udp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:161-162 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:161-162 out-interface=all protocol=udp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:445 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:445 \ out-interface=all protocol=udp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:500 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:500 \ out-interface=all protocol=udp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:1080 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:1092 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:1363-1364 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:1368 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:1373 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:1433-1434 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:1524 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:2535 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:2745 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:2745 \ out-interface=all protocol=udp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:2283 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:3127-3128 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:3150 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:3306 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:3306 \ out-interface=all protocol=udp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:3389 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:3389 \ out-interface=all protocol=udp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:3410 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:3801 \ out-interface=all protocol=udp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:4444 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:4444 \ out-interface=all protocol=udp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:5000 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:5000 \ out-interface=all protocol=udp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:5354 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:5354 \ out-interface=all protocol=udp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:5554 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:5800 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:5800 \ out-interface=all protocol=udp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:5900 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:5900 \ out-interface=all protocol=udp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:6267 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:7306-7308 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:7306-7308 out-interface=all protocol=udp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:7511 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:7511 \ out-interface=all protocol=udp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:7626 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:8225 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:8225 \ out-interface=all protocol=udp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:8866 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:9898 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:10000 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:10000 out-interface=all protocol=udp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:10080 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:12345-12346 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:12345-12346 out-interface=all protocol=udp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:17027 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:17027 out-interface=all protocol=udp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:17300 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:27374 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:27374 out-interface=all protocol=udp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:20168 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:20168 out-interface=all protocol=udp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:23444 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:23444 out-interface=all protocol=udp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:30100 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:31337-31338 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:31337-31338 out-interface=all protocol=udp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:31789-31790 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:31789-31790 out-interface=all protocol=udp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:34555 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:35555 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:39213 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:39213 out-interface=all protocol=udp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:45576 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:45576 out-interface=all protocol=udp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all \ dst-address=0.0.0.0/0:65506 out-interface=all protocol=tcp \ icmp-options=any:any tcp-options=any connection-state=any flow="" \ connection="" content="" src-mac-address=00:00:00:00:00:00 limit-count=0 \ limit-burst=0 limit-time=0s action=drop log=no comment="" disabled=no add src-address=0.0.0.0/0:0-65535 in-interface=all dst-address=0.0.0.0/0:23 \ out-interface=all protocol=tcp icmp-options=any:any tcp-options=any \ connection-state=any flow="" connection="" content="" \ src-mac-address=00:00:00:00:00:00 limit-count=0 limit-burst=0 \ limit-time=0s action=drop log=no comment="" disabled=no

ospace 发表于 2005-4-22 10:36:15

04.在input,forward,output内都加上选+-->Action Action:jump jump target:closep

ospace 发表于 2005-4-22 10:37:39

05.在input内只加上内网管理winbox的IP, 最后一条全部DROP06.需要添加/更改新的端口和协议只要在closep内改

ospace 发表于 2005-4-22 10:40:54

forward

ospace 发表于 2005-4-22 10:41:38

output

netlea 发表于 2005-4-22 11:53:27

支持楼主的发表!谢谢!

hzkane 发表于 2005-4-22 12:02:05

QUOTE (ospace @ Apr 22 2005, 10:31 AM)
在这里看了很多好文章,自己设了一下封闭端口和协议,大家来探讨一下.01.IP-->filter chains-->+ 随便起名字(假设为closep)--->ok
有?步，??，?可以根??些，做到其他的方面。嘿嘿

mywangba 发表于 2005-4-23 10:41:13

强这样方便多了

yuhe7919 发表于 2005-4-29 15:31:20

Script file loaded successfullyERROR: input does not match any value of chain > 这是怎么回事啊？

页: [1]

自由的生活_软路由's Archiver