交流 › RouterOS › Router OS Prot ban~

gb43254 发表于 2005-8-22 05:01:38

Router OS Prot ban~

请问 怎么封锁prot,就是不给人家访问我的端口

bow 发表于 2005-8-22 09:17:39

/ ip firewall rule input
add dst-address=:500 protocol=udp action=drop comment="" disabled=no
    disabled=no
add tcp-options=non-syn-only connection-state=established action=accept comment="Accept \
    established connections" disabled=no
add connection-state=invalid action=drop comment="Drop invalid connections" disabled=no
add connection-state=related action=accept comment="Accept related connections" \
    disabled=no
add action=jump jump-target=virus comment="!!! Check for well-known viruses !!!" \
    disabled=no
add protocol=udp action=accept comment="UDP" disabled=no
add protocol=icmp action=drop comment="Drop excess pings" disabled=no
add src-address=192.168.1.0/24 dst-address=:22 protocol=tcp action=accept comment="SSH forpurposes"   disabled=no
add src-address=192.168.1.0/24 dst-address=:3987 protocol=tcp action=accept comment="winbox forpurposes"   disabled=no
add src-address=192.168.1.0/24 dst-address=:80 protocol=tcp action=accept comment="" disabled=no
add action=drop comment="Log and drop everything else" disabled=no

查看完整版本: Router OS Prot ban~