tspmy 发表于 2005-9-15 17:33:30

大家帮我看看这个fir网吧用有问题吗?

/ ip firewall rule forward
add connection-state=invalid action=drop comment="Drop invalid connections" disabled=no
add connection-state=established action=accept comment="Established connections" disabled=no
add connection-state=related action=accept comment="Related connections" disabled=no
add action=jump jump-target=virus comment="!!! Check for well-known viruses !!!" disabled=no
add protocol=udp action=accept comment="UDP" disabled=no
add protocol=icmp limit-count=50 limit-burst=2 limit-time=5s action=accept comment="Allow limited pings" disabled=no
add protocol=icmp action=drop comment="Drop excess pings" disabled=no
/ ip firewall rule input
add connection-state=invalid action=drop comment="Drop invalid connections" disabled=no
add tcp-options=non-syn-only connection-state=established action=accept comment="Accept established connections" \
    disabled=no
add connection-state=related action=accept comment="Accept related connections" disabled=no
add action=jump jump-target=virus comment="!!! Check for well-known viruses !!!" disabled=no
add protocol=udp action=accept comment="UDP" disabled=no
add protocol=icmp limit-count=50 limit-burst=2 limit-time=5s action=accept comment="Allow limited pings" disabled=no
add src-address=10.0.0.0/16 action=accept comment="network" disabled=no
add action=drop log=yes comment="Log and drop everything else" disabled=no
/ ip firewall rule virus
add dst-address=:34555 protocol=tcp action=drop comment="Trin00" disabled=no
add dst-address=:134-139 protocol=tcp action=drop comment="Drop Blaster Worm" disabled=no
add dst-address=:134-139 protocol=udp action=drop comment="Drop Messenger Worm" disabled=no
add dst-address=:445 protocol=tcp action=drop comment="Drop Blaster Worm" disabled=no
add dst-address=:445 protocol=udp action=drop comment="Drop Blaster Worm" disabled=no
add dst-address=:1068 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:593 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:1024-1030 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:1080 protocol=tcp action=drop comment="Drop MyDoom" disabled=no
add dst-address=:1214 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:1363 protocol=tcp action=drop comment="ndm requester" disabled=no
add dst-address=:1364 protocol=tcp action=drop comment="ndm server" disabled=no
add dst-address=:1368 protocol=tcp action=drop comment="screen cast" disabled=no
add dst-address=:1373 protocol=tcp action=drop comment="hromgrafx" disabled=no
add dst-address=:1377 protocol=tcp action=drop comment="cichlid" disabled=no
add dst-address=:1433-1434 protocol=tcp action=drop comment="Worm" disabled=no
add dst-address=:2283 protocol=tcp action=drop comment="Drop Dumaru.Y" disabled=no
add dst-address=:2535 protocol=tcp action=drop comment="Drop Beagle" disabled=no
add dst-address=:3127-3128 protocol=tcp action=drop comment="Drop MyDoom" disabled=no
add dst-address=:3410 protocol=tcp action=drop comment="Drop Backdoor OptixPro" disabled=no
add dst-address=:4444 protocol=tcp action=drop comment="Worm" disabled=no
add dst-address=:4444 protocol=udp action=drop comment="Worm" disabled=no
add dst-address=:5554 protocol=tcp action=drop comment="Drop Sasser" disabled=no
add dst-address=:8866 protocol=tcp action=drop comment="Drop Beagle.B" disabled=no
add dst-address=:9898 protocol=tcp action=drop comment="Drop Dabber.A-B" disabled=no
add dst-address=:10000 protocol=tcp action=drop comment="Drop Dumaru.Y" disabled=no
add dst-address=:10080 protocol=tcp action=drop comment="Drop MyDoom.B" disabled=no
add dst-address=:12345 protocol=tcp action=drop comment="Drop NetBus" disabled=no
add dst-address=:17300 protocol=tcp action=drop comment="Drop Kuang2" disabled=no
add dst-address=:27374 protocol=tcp action=drop comment="Drop SubSeven" disabled=no
add dst-address=:65506 protocol=tcp action=drop comment="Drop PhatBot, Agobot, Gaobot" disabled=no
add dst-address=:5354 protocol=tcp action=drop comment="PP" disabled=no
add dst-address=:5354 protocol=udp action=drop comment="pp" disabled=no
add dst-address=218.109.143.98/32 action=drop comment="poco" disabled=no
add dst-address=61.145.116.233/32 action=drop comment="poco" disabled=no
add dst-address=:25 protocol=tcp action=drop comment="SMTP&IMAP" disabled=no
add dst-address=:79 protocol=tcp action=drop comment="Drop Blaster Worm" disabled=no
add dst-address=:69 protocol=udp action=drop comment="Drop Blaster Worm" disabled=no
add dst-address=:113 protocol=tcp action=drop comment="113" disabled=no
add dst-address=:113 protocol=udp action=drop comment="113" disabled=no
add dst-address=:123 protocol=tcp action=drop comment="113" disabled=no
add dst-address=:123 protocol=udp action=drop comment="113" disabled=no
add dst-address=:143 protocol=tcp action=drop comment="143" disabled=no
add dst-address=:161-162 protocol=tcp action=drop comment="snmp" disabled=no
add dst-address=:161-162 protocol=udp action=drop comment="snmp" disabled=no
add dst-address=:500 protocol=udp action=drop comment="drop ISAKMP" disabled=no
add dst-address=:500 protocol=tcp action=drop comment="drop ISAKMP" disabled=no
add dst-address=:1024-1030 protocol=udp action=drop comment="________" disabled=no
add dst-address=:1043 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:1043 protocol=udp action=drop comment="________" disabled=no
add dst-address=:1092 protocol=tcp action=drop comment="爱情后门" disabled=no
add dst-address=:1243 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:1524 protocol=tcp action=drop comment="drop 1524 ingreslock" disabled=no
add dst-address=:1723 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:1723 protocol=udp action=drop comment="________" disabled=no
add dst-address=:1900 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:1900 protocol=udp action=drop comment="________" disabled=no
add dst-address=:1999 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:1999-2001 protocol=udp action=drop comment="________" disabled=no
add dst-address=:2140 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:2140 protocol=udp action=drop comment="________" disabled=no
add dst-address=:2745 protocol=tcp action=drop comment="Bagle Virus Beagle.C-K" disabled=no
add dst-address=:2745 protocol=udp action=drop comment="Bagle Virus Beagle.C-K" disabled=no
add dst-address=:3150 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:3150 protocol=udp action=drop comment="________" disabled=no
add dst-address=:3306 protocol=tcp action=drop comment="Drop Sub3306" disabled=no
add dst-address=:3306 protocol=udp action=drop comment="Drop Sub3306" disabled=no
add dst-address=:3389 protocol=tcp action=drop comment="远程连接" disabled=no
add dst-address=:3389 protocol=udp action=drop comment="远程连接" disabled=no
add dst-address=:3410 protocol=tcp action=drop comment="Drop Backdoor OptixPro" disabled=no
add dst-address=:3801 protocol=tcp action=drop comment="Eclypse Trojan - 2" disabled=no
add dst-address=:5000 protocol=udp action=drop comment="Bobax5000" disabled=no
add dst-address=:5800 protocol=tcp action=drop comment="rule 8 deny tcp" disabled=no
add dst-address=:5800 protocol=udp action=drop comment="rule 8 deny tcp" disabled=no
add dst-address=:5880-5882 protocol=udp action=drop comment="________" disabled=no
add dst-address=:5888-5889 protocol=udp action=drop comment="________" disabled=no
add dst-address=:5900 protocol=tcp action=drop comment="rule 8 deny tcp destination-port eq " disabled=no
add dst-address=:5900 protocol=udp action=drop comment="rule 8 deny tcp destination-port eq " disabled=no
add dst-address=:6000 protocol=udp action=drop comment="________" disabled=no
add dst-address=:6129 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:6129 protocol=udp action=drop comment="________" disabled=no
add dst-address=:6267 protocol=tcp action=drop comment="广外女生" disabled=no
add dst-address=:6667 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:6667 protocol=udp action=drop comment="________" disabled=no
add dst-address=:6678 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:6678 protocol=udp action=drop comment="________" disabled=no
add dst-address=:6711 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:6711 protocol=udp action=drop comment="________" disabled=no
add dst-address=:7070 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:7070 protocol=udp action=drop comment="________" disabled=no
add dst-address=:7306-7308 protocol=tcp action=drop comment="TCP i NetMonitor" disabled=no
add dst-address=:7306-7308 protocol=udp action=drop comment="TCP i NetMonitor" disabled=no
add dst-address=:6129 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:6129 protocol=udp action=drop comment="________" disabled=no
add dst-address=:7511 protocol=tcp action=drop comment="聪明基因" disabled=no
add dst-address=:7511 protocol=udp action=drop comment="聪明基因" disabled=no
add dst-address=:7626 protocol=tcp action=drop comment="冰河" disabled=no
add dst-address=:8011 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:8011 protocol=udp action=drop comment="________" disabled=no
add dst-address=:8225 protocol=tcp action=drop comment="灰鸽子8225" disabled=no
add dst-address=:8225 protocol=udp action=drop comment="灰鸽子8225" disabled=no
add dst-address=:8311 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:8311 protocol=udp action=drop comment="________" disabled=no
add dst-address=:8998 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:10000 protocol=udp action=drop comment="Drop Dumaru.Y" disabled=no
add dst-address=:12345-12346 protocol=tcp action=drop comment="Drop NetBus" disabled=no
add dst-address=:12345-12346 protocol=udp action=drop comment="Drop NetBus" disabled=no
add dst-address=:17027 protocol=tcp action=drop comment="drop 17027" disabled=no
add dst-address=:17027 protocol=udp action=drop comment="drop 17027" disabled=no
add dst-address=:27374 protocol=udp action=drop comment="Drop SubSeven" disabled=no
add dst-address=:20162 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:20162 protocol=udp action=drop comment="________" disabled=no
add dst-address=:20168 protocol=tcp action=drop comment="Drop BackDoor Love" disabled=no
add dst-address=:20168 protocol=udp action=drop comment="Drop BackDoor Love" disabled=no
add dst-address=:23444 protocol=tcp action=drop comment="网络公牛" disabled=no
add dst-address=:23444 protocol=udp action=drop comment="网络公牛" disabled=no
add dst-address=:30100 protocol=tcp action=drop comment=" NetSphere" disabled=no
add dst-address=:31337-31338 protocol=tcp action=drop comment="NetSpy" disabled=no
add dst-address=:31337-31338 protocol=udp action=drop comment="NetSpy" disabled=no
add dst-address=:31789-31790 protocol=tcp action=drop comment="Hack-a-tac" disabled=no
add dst-address=:31789-31790 protocol=udp action=drop comment="Hack-a-tac" disabled=no
add dst-address=:35555 protocol=tcp action=drop comment="Trin00" disabled=no
add dst-address=:39213 protocol=tcp action=drop comment="Sasser冲击波" disabled=no
add dst-address=:39213 protocol=udp action=drop comment="Sasser冲击波" disabled=no
add dst-address=:45576 protocol=tcp action=drop comment="代理软件的控制端口" disabled=no
add dst-address=:45576 protocol=udp action=drop comment="代理软件的控制端口" disabled=no
add dst-address=:54320-54321 protocol=tcp action=drop comment="________" disabled=no
add dst-address=:54320-54321 protocol=udp action=drop comment="________" disabled=no
add dst-address=:65506 protocol=tcp action=drop comment="PhatBot, Agobot, Gaobot" disabled=no

[ 本帖最后由 tspmy 于 2005-9-15 05:37 PM 编辑 ]

lishinian 发表于 2005-9-16 00:37:04

zhaozm 发表于 2005-9-16 08:06:27

只有真正用了,你才知道那里有问题,比如:cs宽带中国的端口27015你就没有开,你的宽带中国是玩不了的;还有你们哪里有没有一卡通呀,端口也没有开,这样一卡通是不会在线的。。。。。。。

tspmy 发表于 2005-9-16 12:13:10

保存成一个rsc文件就可以导入了
我们这没有一卡通
我关心的是input和forward中的几个drop和几个accept
我也是抄的别人的,有些看不懂
页: [1]
查看完整版本: 大家帮我看看这个fir网吧用有问题吗?