找回密码
 注册

QQ登录

只需一步,快速开始

搜索
查看: 1839|回复: 2

[其它] 可否把ros2.9x防火墙缩短代码

[复制链接]
发表于 2007-10-29 10:14:40 | 显示全部楼层 |阅读模式

马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。

您需要 登录 才可以下载或查看,没有账号?注册

×
就最近的IGM病毒.我在ros中写下如下的防范:
/ ip firewall filter
add chain=forward dst-address=60.190.203.150 action=drop comment="封IGM病毒" \
    disabled=no
add chain=forward content=t.11se.com action=drop comment="drop t.11se.com" \
    disabled=no
add chain=forward content=www.94ak.com action=drop comment="drop w ww.94ak.com" \
    disabled=no
add chain=forward content=www.99mmm.com action=drop comment="drop \
    ww w.99mmm.com" disabled=no
add chain=forward content=ask.35832.com action=drop comment="drop \
    ask.35832.com" disabled=no
add chain=forward content=www.35832.com action=drop comment="drop \
    w ww.35832.com" disabled=no
add chain=forward dst-address=212.22.225.82 action=drop comment="drop \
    212.22.225.82" disabled=no
add chain=forward dst-address=203.174.87.210 action=drop comment="drop \
    203.174.87.210" disabled=no
add chain=forward dst-address=64.233.167.99 action=drop comment="drop \
    64.233.167.99" disabled=no
add chain=forward dst-address=58.211.79.107 action=drop comment="drop \
    58.211.79.107" disabled=no
add chain=forward dst-address=219.153.42.98 action=drop comment="drop \
    219.153.42.98" disabled=no
add chain=forward dst-address=221.130.191.207 action=drop comment="drop \
    221.130.191.207" disabled=no
add chain=forward dst-address=60.190.203.150 action=log log-prefix="" \
    comment="封IGM病毒" disabled=no
add chain=forward content=t.11se.com action=log log-prefix="" comment="drop \
    t.11se.com" disabled=no
add chain=forward content=www.94ak.com action=log log-prefix="" comment="drop \
    w ww.94ak.com" disabled=no
add chain=forward content=www.99mmm.com action=log log-prefix="" comment="drop \
    w ww.99mmm.com" disabled=no
add chain=forward content=ask.35832.com action=log log-prefix="" comment="drop \
    ask.35832.com" disabled=no
add chain=forward content=www.35832.com action=log log-prefix="" comment="drop \
    w ww.35832.com" disabled=no
add chain=forward dst-address=212.22.225.82 action=log log-prefix="" \
    comment="drop 212.22.225.82" disabled=no
add chain=forward dst-address=203.174.87.210 action=log log-prefix="" \
    comment="drop 203.174.87.210" disabled=no
add chain=forward dst-address=64.233.167.99 action=log log-prefix="" \
    comment="drop 64.233.167.99" disabled=no
add chain=forward dst-address=58.211.79.107 action=log log-prefix="" \
    comment="drop 58.211.79.107" disabled=no
add chain=forward dst-address=219.153.42.98 action=log log-prefix="" \
    comment="drop 219.153.42.98" disabled=no
add chain=forward dst-address=221.130.191.207 action=log log-prefix="" \
    comment="drop 221.130.191.207" disabled=no
===================
现在的问题是:您有没有什么好的办法让防火墙与上面代码作用相同.但代码段短些?(为了不让www成链接.我在中间加了空格)

比如:把发现有防问规则地址记录到日志的做到一条里面去.我试着写为:add chain=forward dst=address=212.22.225.82;......;221.130.191.207 action=log comm="发现病毒做记录" dis=no

请高手帮忙.来为我缩写上面的代码.一定要作用一样吧.不可缩水.

[ 本帖最后由 baisen 于 2007-10-29 10:19 编辑 ]
routeros
发表于 2007-10-29 10:33:51 | 显示全部楼层
你说的是IP地址吗?用地址列表
routeros
回复

使用道具 举报

 楼主| 发表于 2007-10-29 11:46:50 | 显示全部楼层
地址列表??ros里怎么做啊.怎么应用啊?请写出代码来好不.谢谢.
routeros
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 注册

本版积分规则

QQ|Archiver|手机版|小黑屋|软路由 ( 渝ICP备15001194号-1|渝公网安备 50011602500124号 )

GMT+8, 2024-12-23 03:49 , Processed in 0.045131 second(s), 4 queries , Gzip On, Redis On.

Powered by Discuz! X3.5 Licensed

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表