/ip firewall filter add chain=virus comment="KarimZI Academy Antivirus"
/ip firewall filter add chain=forward connection-state=invalid action=drop comment="Drop invalid connections" disabled=no
/ip firewall filter add chain=forward connection-state=established action=accept comment="Established Connections" disabled=no
/ip firewall filter add chain=forward connection-state=related action=accept comment="Related connections" disabled=no
/ip firewall filter add chain=forward action=jump jump-target=virus comment="!!! Check for well-known viruses !!!" disabled=no
/ip firewall filter add chain=forward protocol=udp action=accept comment="UDP" disabled=no
/ip firewall filter add chain=forward protocol=icmp limit=50/5,2 action=accept comment="Allow limited Pings" disabled=no
/ip firewall filter add chain=forward protocol=icmp action=drop comment="Drop excess pings" disabled=no
/ip firewall filter add chain=input connection-state=invalid action=drop comment="Drop invalid connections" disabled=no
/ip firewall filter add chain=input tcp-flags=!syn connection-state=established action=accept comment="Accept established connections" disabled=no
/ip firewall filter add chain=input connection-state=related action=accept comment="Accept related connections" disabled=no
/ip firewall filter add chain=input action=jump jump-target=virus comment="!!! Check for well-known viruses !!!" disabled=no
/ip firewall filter add chain=input protocol=udp action=accept comment="UDP" disabled=no
/ip firewall filter add chain=input protocol=icmp limit=50/5,2 action=accept comment="Allow limited pings" disabled=no
/ip firewall filter add chain=input protocol=icmp action=drop comment="Drop excess pings" disabled=no
/ip firewall filter add chain=input dst-port=22 protocol=tcp action=accept comment="SSH for demo purposes" disabled=no
/ip firewall filter add chain=input dst-port=23 protocol=tcp action=accept comment="Telnet for demo purposes" disabled=no
/ip firewall filter add chain=input dst-port=80 protocol=tcp action=accept comment="http for demo purposes" disabled=no
/ip firewall filter add chain=input dst-port=3987 protocol=tcp action=accept comment="winbox for demo purposes" disabled=no
/ip firewall filter add chain=input action=accept log=yes comment="Log and drop everything else" disabled=no
/ip firewall filter add chain=virus dst-port=135-139 protocol=tcp action=drop comment="Drop Blaster Worm" disabled=no
/ip firewall filter add chain=virus dst-port=135-139 protocol=udp action=drop comment="Drop Messenger Worm" disabled=no
/ip firewall filter add chain=virus dst-port=445 protocol=tcp action=drop comment="Drop Blaster Worm" disabled=no
/ip firewall filter add chain=virus dst-port=445 protocol=udp action=drop comment="Drop Blaster Worm" disabled=no
/ip firewall filter add chain=virus dst-port=593 protocol=tcp action=drop comment="________" disabled=no
/ip firewall filter add chain=virus dst-port=1024-1030 protocol=tcp action=drop comment="________" disabled=no
/ip firewall filter add chain=virus dst-port=1080 protocol=tcp action=drop comment="Drop MyDoom" disabled=no
/ip firewall filter add chain=virus dst-port=1214 protocol=tcp action=drop comment="________" disabled=no
/ip firewall filter add chain=virus dst-port=1363 protocol=tcp action=drop comment="ndm requester" disabled=no
/ip firewall filter add chain=virus dst-port=1364 protocol=tcp action=drop comment="ndm server" disabled=no
/ip firewall filter add chain=virus dst-port=1368 protocol=tcp action=drop comment="screen cast" disabled=no
/ip firewall filter add chain=virus dst-port=1373 protocol=tcp action=drop comment="hromgrafx" disabled=no
/ip firewall filter add chain=virus dst-port=1377 protocol=tcp action=drop comment="cichlid" disabled=no
/ip firewall filter add chain=virus dst-port=1433-1434 protocol=tcp action=drop comment="Worm" disabled=no
/ip firewall filter add chain=virus dst-port=2745 protocol=tcp action=drop comment="Bagle Virus" disabled=no
/ip firewall filter add chain=virus dst-port=2283 protocol=tcp action=drop comment="Drop Dumaru.Y" disabled=no
/ip firewall filter add chain=virus dst-port=2535 protocol=tcp action=drop comment="Drop Beagle" disabled=no
/ip firewall filter add chain=virus dst-port=2745 protocol=tcp action=drop comment="Drop Beagle.C-K" disabled=no
/ip firewall filter add chain=virus dst-port=3127-3128 protocol=tcp action=drop comment="Drop MyDoom" disabled=no
/ip firewall filter add chain=virus dst-port=3410 protocol=tcp action=drop comment="Drop Backdoor OptixPro" disabled=no
/ip firewall filter add chain=virus dst-port=4444 protocol=tcp action=drop comment="Worm" disabled=no
/ip firewall filter add chain=virus dst-port=4444 protocol=udp action=drop comment="Worm" disabled=no
/ip firewall filter add chain=virus dst-port=5554 protocol=tcp action=drop comment="Drop Sasser" disabled=no
/ip firewall filter add chain=virus dst-port=8866 protocol=tcp action=drop comment="Drop Beagle.B" disabled=no
/ip firewall filter add chain=virus dst-port=9898 protocol=tcp action=drop comment="Drop Dabber.A-B" disabled=no
/ip firewall filter add chain=virus dst-port=10000 protocol=tcp action=drop comment="Drop Dumaru.Y" disabled=no
/ip firewall filter add chain=virus dst-port=10080 protocol=tcp action=drop comment="Drop MyDoom.B" disabled=no
/ip firewall filter add chain=virus dst-port=12345 protocol=tcp action=drop comment="Drop NetBus" disabled=no
/ip firewall filter add chain=virus dst-port=17300 protocol=tcp action=drop comment="Drop Kuang2" disabled=no
/ip firewall filter add chain=virus dst-port=27374 protocol=tcp action=drop comment="Drop SubSeven" disabled=no
/ip firewall filter add chain=virus dst-port=65506 protocol=tcp action=drop comment="Drop PhatBot, Agobot, Gaobot" disabled=no
Comments
Post a Comment