Hirdetés

  2. Fórumok
  3. Hálózat, szolgáltatók
  4. Mikrotik routerek
  • Téma összefoglaló
    Utoljára frissítve: 2025-08-03 17:27

    LOGOUT

    Mikrotik routerekkel foglalkozó téma. Mikrotik router típusok, hardverek, router beállítások, programozás (scriptek írása), frissítés, és minden Mikrotik routerrel kapcsolatos beszélgetés helye.

Új hozzászólás Aktív témák

  • #1669 #96292352 törölt tag vjozsef #1668
    Új Válasz #1669
    Új hozzászólás
    Összes hozzászólása itt Válaszok az összes hozzászólására itt Válaszok erre a hozzászólásra

    #96292352

    törölt tag

    válasz vjozsef #1668 üzenetére

    add action=drop chain=forward comment=\
    "Tilitja a youtube.com-ot a Public-r\F3l 30.volt" layer7-protocol=\
    "youtube.com_Tilt\E1s" protocol=tcp src-address=192.168.248.0/24
    add action=drop chain=forward comment=\
    "Tilitja a youtube.com-ot a Public-r\F3l 30.volt" dst-address=\
    192.168.248.0/24 layer7-protocol="youtube.com_Tilt\E1s" protocol=tcp
    add chain=forward src-address-list="Local subnet 248"
    add action=add-src-to-address-list address-list=Knock-IN \
    address-list-timeout=1h chain=input dst-port=***** protocol=tcp
    add chain=input disabled=yes log=yes log-prefix=ping_accept_Whitelist \
    protocol=icmp src-address-list=Knock-IN
    add chain=input src-address=*.*.*.*
    add chain=input src-address-list=Knock-IN
    add action=drop chain=input comment="Mindent inputot blokkol a pppoe fel\F5l" \
    disabled=yes in-interface=Free_Wifi log=yes log-prefix="block input"
    add action=drop chain=input comment="drop ftp brute forcers" dst-port=21 \
    protocol=tcp src-address-list=ftp_blacklist
    add chain=output content="530 Login incorrect" dst-limit=\
    1/1m,9,dst-address/1m protocol=tcp
    add action=add-dst-to-address-list address-list=ftp_blacklist \
    address-list-timeout=3h chain=output content="530 Login incorrect" \
    protocol=tcp
    add action=drop chain=input comment="drop ssh brute forcers" dst-port=22 \
    protocol=tcp src-address-list=ssh_blacklist
    add action=add-src-to-address-list address-list=ssh_blacklist \
    address-list-timeout=1w3d chain=input connection-state=new dst-port=22 \
    protocol=tcp src-address-list=ssh_stage3
    add action=add-src-to-address-list address-list=ssh_stage3 \
    address-list-timeout=1m chain=input connection-state=new dst-port=22 \
    protocol=tcp src-address-list=ssh_stage2
    add action=add-src-to-address-list address-list=ssh_stage2 \
    address-list-timeout=1m chain=input connection-state=new dst-port=22 \
    protocol=tcp src-address-list=ssh_stage1
    add action=add-src-to-address-list address-list=ssh_stage1 \
    address-list-timeout=1m chain=input connection-state=new dst-port=22 \
    protocol=tcp
    add action=drop chain=forward comment="drop ssh brute downstream" dst-port=22 \
    protocol=tcp src-address-list=ssh_blacklist
    add action=fasttrack-connection chain=forward connection-state=\
    established,related
    add chain=forward p2p=all-p2p src-address-list=Torrent_Enable
    add chain=input comment="Enged\E9lyezi a Pingel\E9st a 247-es subnetr\F5l" \
    src-address=192.168.247.0/24
    add chain=input connection-state=related disabled=yes
    add chain=input connection-state=established disabled=yes
    add chain=forward comment=P2P_enable_Whitelist p2p=all-p2p src-address-list=\
    Torrent_Enable
    add action=drop chain=forward comment=P2P_disable_on_public p2p=all-p2p \
    src-address=192.168.248.0/24
    add action=drop chain=input comment=\
    "Tiltja a Pingel\E9st a 248-as subnetr\F5l" protocol=icmp src-address=\
    192.168.248.0/24
    add action=drop chain=input comment=\
    "Minden ami a routert \E9ri a publicb\F3l az dropped." log=yes \
    log-prefix="public to router" src-address=192.168.248.0/24
    add action=drop chain=input comment="Tilitja a Public-r\F3l a routert" \
    dst-address=192.168.248.1 src-address=192.168.248.0/24
    add action=drop chain=input comment="Tilitja a Public-r\F3l a routert" \
    dst-address=192.168.247.1 src-address=192.168.248.0/24
    add action=drop chain=input comment="Tilitja a Public-r\F3l a routert" \
    dst-address=192.168.248.1 src-address=192.168.248.0/24
    add action=drop chain=forward comment="Letiltja az \F6sszes TCP portot a Publi\
    c-Bridge-r\F5l, kiv\E9ve a 80 \E9s 443 portokat" dst-address=\
    192.168.248.0/24 protocol=tcp src-port=1-52,54-66,69-79,81-442,444-65535
    add action=drop chain=forward comment="Letiltja az \F6sszes UDP portot a Publi\
    c-Bridge-r\F5l, kiv\E9ve a 80 \E9s 443 portokat" dst-address=\
    192.168.248.0/24 protocol=udp src-port=1-52,54-66,69-79,81-442,444-65535
    add action=drop chain=forward comment="Tilitja a videokat a Public-r\F3l" \
    in-interface=Public_Bridge layer7-protocol=http-video
    add action=drop chain=forward comment=\
    "A Public-Bridge-b\F5l nem lesz el\E9rhet\F5 a Home-Bridge" dst-address=\
    192.168.247.0/24 src-address=192.168.248.0/24
    add action=drop chain=forward comment="Blockolja a Torrentet a Publicon" \
    dst-address=192.168.248.0/24 p2p=all-p2p
    add action=return chain=forward comment=. disabled=yes
    add action=drop chain=forward comment="http-video blocking" disabled=yes \
    packet-mark=http-video

    Jó sok szemét is van benne :DDD

Új hozzászólás Aktív témák