搜索

RouterOS软路由防火墙禁止公网端口扫描


发布时间: 2022-11-24 18:30:03    浏览次数:32 次

https://www.ros9.com/866.html

https://www.ros9.com/index.php/soft-routing/ros-course

 

/ip firewall filter

add action=add-src-to-address-list address-list="port scanners" \

address-list-timeout=2w chain=input comment="port scanners to list " \

protocol=tcp psd=21,3s,3,1

add action=add-src-to-address-list address-list="port scanners" \

address-list-timeout=2w chain=input comment="NMAP FIN Stealth scan" \

protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg

add action=add-src-to-address-list address-list="port scanners" \

address-list-timeout=2w chain=input comment="SYN/FIN scan" protocol=tcp \

tcp-flags=fin,syn

add action=add-src-to-address-list address-list="port scanners" \

address-list-timeout=2w chain=input comment="SYN/RST scan" protocol=tcp \

tcp-flags=syn,rst

add action=add-src-to-address-list address-list="port scanners" \

address-list-timeout=2w chain=input comment="FIN/PSH/URG scan" protocol=\

tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack

add action=add-src-to-address-list address-list="port scanners" \

address-list-timeout=2w chain=input comment="ALL/ALL scan" protocol=tcp \

tcp-flags=fin,syn,rst,psh,ack,urg

add action=add-src-to-address-list address-list="port scanners" \

address-list-timeout=2w chain=input comment="NMAP NULL scan" protocol=tcp \

tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg

add action=drop chain=input comment="dropping port scanners" \

src-address-list="port scanners"

免责声明 RouterOS软路由防火墙禁止公网端口扫描,资源类别:文本, 浏览次数:32 次, 文件大小:-- , 由本站蜘蛛搜索收录2022-11-24 06:30:03。此页面由程序自动采集,只作交流和学习使用,本站不储存任何资源文件,如有侵权内容请联系我们举报删除, 感谢您对本站的支持。 原文链接:https://www.cnblogs.com/walkersss/p/16803412.html