Home > Others

Collected Ros firewall scripts

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

# Feb/18/2006 22:28:00 by routeros 2.9.2.7 QQ "415736

# Software id = 83re-sn0
#
/IP firewall filter
Add chain = input connection-state = Invalid action = drop \
Comment = "discard illegal connection packets" Disabled = No
Add chain = input protocol = tcp dst-Port = 80 connection-Limit = 90, 0 action = drop \
Comment = "limit the total number of HTTP connections to 90" Disabled = No
Add chain = input protocol = tcp psd = 21,3 S, 3,1 action = drop \
Comment = "detect and discard Port Scan connection" Disabled = No
Add chain = input protocol = TCP connection-Limit = 3,32 Src-address-list = black_list \
Action = tarpit comment = "suppress DoS Attacks" Disabled = No
Add chain = input protocol = TCP connection-Limit = 10, 32 \
Action = add-Src-to-address-list = black_list \
Address-list-Timeout = 1D comment = "DoS attack detection" Disabled = No
Add chain = input DST-address-type =! Local Action = drop comment = "discard non-local data "\
Disabled = No
Add chain = input Src-address-type =! Unicast action = drop \
Comment = "discard all non-Unicast data" Disabled = No
Add chain = input protocol = ICMP action = Jump-target = ICMP \
Comment = "Jump to ICMP linked list" Disabled = No
Add chain = input protocol = TCP action = Jump-target = virus \
Comment = "Jump to virus linked list" Disabled = No
Add chain = ICMP protocol = ICMP-Options = 0: 0-255 Limit = 5 Action = accept \
Comment = "Ping response limit: 5 packets per second" Disabled = No
Add chain = ICMP protocol = ICMP-Options = Limit = 5, 5 Action = accept \
Comment = "traceroute limit: 5 packets per second" Disabled = No
Add chain = ICMP protocol = ICMP-Options = Limit = 5, 5 Action = accept \
Comment = "MTU line detection limit: 5 packets per second" Disabled = No
Add chain = ICMP protocol = ICMP-Options =-255 Limit = 5 Action = accept \
Comment = "ping requests are limited to 5 packets per second" Disabled = No
Add chain = ICMP protocol = ICMP-Options =-255 Limit = 5 Action = accept \
Comment = "trace TTL limit: 5 packets per second" Disabled = No
Add chain = ICMP protocol = ICMP action = drop comment = "Discard any ICMP data "\
Disabled = No
Add chain = forward connection-state = established action = accept \
Comment = "Accept connected packets" Disabled = No
Add chain = forward connection-state = related action = accept \
Comment = "accept related packets" Disabled = No
Add chain = forward connection-state = Invalid action = drop \
Comment = "discard illegal packets" Disabled = No
Add chain = forward protocol = TCP connection-Limit = 50, 32 action = drop \
Comment = "Limit the number of TCP connections per host to 50" Disabled = No
Add chain = forward Src-address-type =! Unicast action = drop \
Comment = "discard all non-Unicast data" Disabled = No
Add chain = forward protocol = ICMP action = Jump-target = ICMP \
Comment = "Jump to ICMP linked list" Disabled = No
Add chain = forward action = Jump-target = virus comment = "Jump to the virus linked list "\
Disabled = No
Add chain = virus protocol = tcp dst-Port = 41 action = drop \
Comment = "deepthroat. Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 82 action = drop \
Comment = "worm. Netsky. Y @ MM" Disabled = No
Add chain = virus protocol = tcp dst-Port = 113 action = drop \
Comment = "w32.korgo. A/B/C/D/E/F-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 2041 action = drop \
Comment = "w33.korgo. A/B/C/D/E/F-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 3150 action = drop \
Comment = "deepthroat. Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 3067 action = drop \
Comment = "w32.korgo. A/B/C/D/E/F-3" Disabled = No
Add chain = virus protocol = tcp dst-Port = 3422 action = drop \
Comment = "backdoor. IRC. aladdinz. R-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 6667 action = drop \
Comment = "w32.korgo. A/B/C/D/E/F-4" Disabled = No
Add chain = virus protocol = tcp dst-Port = 6789 action = drop \
Comment = "worm. Netsky. S/T/u @ MM" Disabled = No
Add chain = virus protocol = tcp dst-Port = 8787 action = drop \
Comment = "back. orifice.2000.trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 8879 action = drop \
Comment = "back. orifice.2000.trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 8967 action = drop \
Comment = "w32.dabber. A/B-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 9999 action = drop \
Comment = "w32.dabber. A/B-3" Disabled = No
Add chain = virus protocol = tcp dst-Port = 20034 action = drop \
Comment = "block. NetBus. Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 21554 action = drop \
Comment = "girlfriend. Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 31666 action = drop \
Comment = "back. orifice.2000.trojan-3" Disabled = No
Add chain = virus protocol = tcp dst-Port = 43958 action = drop \
Comment = "backdoor. IRC. aladdinz. R-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 999 action = drop \
Comment = "deepthroat. Trojan-3" Disabled = No
Add chain = virus protocol = tcp dst-Port = 6670 action = drop \
Comment = "deepthroat. Trojan-4" Disabled = No
Add chain = virus protocol = tcp dst-Port = 6771 action = drop \
Comment = "deepthroat. Trojan-5" Disabled = No
Add chain = virus protocol = tcp dst-Port = 60000 action = drop \
Comment = "deepthroat. Trojan-6" Disabled = No
Add chain = virus protocol = tcp dst-Port = 2140 action = drop \
Comment = "deepthroat. Trojan-7" Disabled = No
Add chain = virus protocol = tcp dst-Port = 10067 action = drop \
Comment = "portal. Of. Doom. Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 10167 action = drop \
Comment = "portal. Of. Doom. Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 3700 action = drop \
Comment = "portal. Of. Doom. Trojan-3" Disabled = No
Add chain = virus protocol = tcp dst-Port = 9872-9875 action = drop \
Comment = "portal. Of. Doom. Trojan-4" Disabled = No
Add chain = virus protocol = tcp dst-Port = 6883 action = drop \
Comment = "Delta. Source. Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 26274 action = drop \
Comment = "Delta. Source. Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 4444 action = drop \
Comment = "Delta. Source. Trojan-3" Disabled = No
Add chain = virus protocol = tcp dst-Port = 47262 action = drop \
Comment = "Delta. Source. Trojan-4" Disabled = No
Add chain = virus protocol = tcp dst-Port = 3791 action = drop \
Comment = "Eclypse. Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 3801 action = drop \
Comment = "Eclypse. Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 65390 action = drop \
Comment = "Eclypse. Trojan-3" Disabled = No
Add chain = virus protocol = tcp dst-Port = 5880-5882 action = drop \
Comment = "Y3K. Rat. Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 5888-5889 action = drop \
Comment = "Y3K. Rat. Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 30100-30103 action = drop \
Comment = "NetSphere. Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 30133 action = drop \
Comment = "NetSphere. Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 7300-7301 action = drop \
Comment = "NetMonitor. Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 7306-7308 action = drop \
Comment = "NetMonitor. Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 79 action = drop \
Comment = "firehotcker. Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 5031 action = drop \
Comment = "firehotcker. Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 5321 action = drop \
Comment = "firehotcker. Trojan-3" Disabled = No
Add chain = virus protocol = tcp dst-Port = 6400 action = drop \
Comment = "thething. Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 7777 action = drop \
Comment = "thething. Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 1047 action = drop \
Comment = "javascrasher. Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 6969-6970 action = drop \
Comment = "javascrasher. Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 2774 action = drop comment = "SubSeven-1 "\
Disabled = No
Add chain = virus protocol = tcp dst-Port = 27374 action = drop comment = "SubSeven-2 "\
Disabled = No
Add chain = virus protocol = tcp dst-Port = 1243 action = drop comment = "SubSeven-3 "\
Disabled = No
Add chain = virus protocol = tcp dst-Port = 1234 action = drop comment = "SubSeven-4 "\
Disabled = No
Add chain = virus protocol = tcp dst-Port = 6711-6713 action = drop \
Comment = "SubSeven-5" Disabled = No
Add chain = virus protocol = tcp dst-Port = 16959 action = drop comment = "SubSeven-7 "\
Disabled = No
Add chain = virus protocol = tcp dst-Port = 25685-25686 action = drop \
Comment = "moonpie. Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 25982 action = drop \
Comment = "moonpie. Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 31337-31339 action = drop \
Comment = "NetSpy. Trojan-3" Disabled = No
Add chain = virus protocol = tcp dst-Port = 8102 action = drop comment = "Trojan "\
Disabled = No
Add chain = virus protocol = tcp dst-Port = 8011 action = drop comment = "way. Trojan "\
Disabled = No
Add chain = virus protocol = tcp dst-Port = 7626 action = drop comment = "Trojan. binghe "\
Disabled = No
Add chain = virus protocol = tcp dst-Port = 19191 action = drop \
Comment = "Trojan. niansehoyian" Disabled = No
Add chain = virus protocol = tcp dst-Port = 23444-23445 action = drop \
Comment = "netbull. Trojan" Disabled = No
Add chain = virus protocol = tcp dst-Port = 2583 action = drop \
Comment = "WinCrash. Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 3024 action = drop \
Comment = "WinCrash. Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 4092 action = drop \
Comment = "WinCrash. Trojan-3" Disabled = No
Add chain = virus protocol = tcp dst-Port = 5714 action = drop \
Comment = "WinCrash. Trojan-4" Disabled = No
Add chain = virus protocol = tcp dst-Port = 1010-1012 action = drop \
Comment = "doly1.0/1.35/1.5trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 1015 action = drop \
Comment = "doly1.0/1.35/1.5trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 2004-2005 Action = drop \
Comment = "transscout. Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 9878 action = drop \
Comment = "transscout. Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 2773 action = drop \
Comment = "backdoor. Yai... Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 7215 action = drop \
Comment = "backdoor. Yai. Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 54283 action = drop \
Comment = "backdoor. Yai. Trojan-3" Disabled = No
Add chain = virus protocol = tcp dst-Port = 1003 action = drop \
Comment = "BackDoorTrojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 5598 action = drop \
Comment = "BackDoorTrojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 5698 action = drop \
Comment = "BackDoorTrojan-3" Disabled = No
Add chain = virus protocol = tcp dst-Port = 31554 action = drop \
Comment = "SchainwindlerTrojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 18753 action = drop \
Comment = "Shaft. DDoS. Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 20432 action = drop \
Comment = "Shaft. DDoS. Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 65000 action = drop \
Comment = "dedevil. DDoS. Trojan" Disabled = No
Add chain = virus protocol = tcp dst-Port = 11831 action = drop \
Comment = "LatinusTrojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 29559 action = drop \
Comment = "LatinusTrojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 1784 action = drop \
Comment = "Snid. X2Trojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 3586 action = drop \
Comment = "Snid. X2Trojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 7609 action = drop \
Comment = "Snid. X2Trojan-3" Disabled = No
Add chain = virus protocol = tcp dst-Port = 12348-12349 action = drop \
Comment = "BionetTrojan-1" Disabled = No
Add chain = virus protocol = tcp dst-Port = 12478 action = drop \
Comment = "BionetTrojan-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 57922 action = drop \
Comment = "BionetTrojan-3" Disabled = No
Add chain = virus protocol = tcp dst-Port = 3127 action = drop \
Comment = "worm. Novarg. A. Mydoom. A1." Disabled = No
Add chain = virus protocol = tcp dst-Port = 6777 action = drop \
Comment = "worm. bbeagle. A. Bagle. A." Disabled = No
Add chain = virus protocol = tcp dst-Port = 8866 action = drop \
Comment = "worm. bbeagle. B" Disabled = No
Add chain = virus protocol = tcp dst-Port = 2745 action = drop \
Comment = "worm. bbeagle. C-g/J-L" Disabled = No
Add chain = virus protocol = tcp dst-Port = 2556 action = drop \
Comment = "worm. bbeagle. P/Q/R/N" Disabled = No
Add chain = virus protocol = tcp dst-Port = 20742 action = drop \
Comment = "worm. bbeagle. m-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 4751 action = drop \
Comment = "worm. bbeagle. S/T/u/V" Disabled = No
Add chain = virus protocol = tcp dst-Port = 2535 action = drop \
Comment = "worm. bbeagle. AA/AB/W/x-z-2" Disabled = No
Add chain = virus protocol = tcp dst-Port = 5238 action = drop \
Comment = "worm. lovgate. R. rpcexploit" Disabled = No
Add chain = virus protocol = tcp dst-Port = 1068 action = drop comment = "worm. Sasser. "\
Disabled = No
Add chain = virus protocol = tcp dst-Port = 5554 action = drop \
Comment = "worm. Sasser. B/C/F" Disabled = No
Add chain = virus protocol = tcp dst-Port = 9996 action = drop \
Comment = "worm. Sasser. B/C/F" Disabled = No
Add chain = virus protocol = tcp dst-Port = 9995 action = drop comment = "worm. Sasser. d "\
Disabled = No
Add chain = virus protocol = tcp dst-Port = 10168 action = drop \
Comment = "worm. lovgate. A/B/C/D" Disabled = No
Add chain = virus protocol = tcp dst-Port = 20808 action = drop \
Comment = "worm. lovgate. V. QQ" Disabled = No
Add chain = virus protocol = tcp dst-Port = 1092 action = drop \
Comment = "worm. lovgate. F/G" Disabled = No
Add chain = virus protocol = tcp dst-Port = 20168 action = drop \
Comment = "worm. lovgate. F/G" Disabled = No
Add chain = virus protocol = tcp dst-Port = 1363-1364 action = drop \
Comment = "NDM. requester" Disabled = No
Add chain = virus protocol = tcp dst-Port = 1368 action = drop comment = "screen. Cast "\
Disabled = No
Add chain = virus protocol = tcp dst-Port = 1373 action = drop comment = "hromgrafx "\
Disabled = No
Add chain = virus protocol = tcp dst-Port = 1377 action = drop comment = "cichainlid "\
Disabled = No
Add chain = virus protocol = tcp dst-Port = 3410 action = drop \
Comment = "backdoor. optixprotocol" Disabled = No
Add chain = virus protocol = tcp dst-Port = 8888 action = drop \
Comment = "worm. bbeagle. B" Disabled = No
Add chain = virus protocol = udp dst-Port = 44444 action = drop \
Comment = "Delta. Source. Trojan-7" Disabled = No
Add chain = virus protocol = udp dst-Port = 8998 action = drop \
Comment = "worm. sobig. F-3" Disabled = No
Add chain = virus protocol = udp dst-Port = 123 action = drop comment = "worm. sobig. F-1 "\
Disabled = No
Add chain = virus protocol = tcp dst-Port = 3198 action = drop \
Comment = "worm. Novarg. A. Mydoom. A2." Disabled = No
Add chain = virus protocol = tcp dst-Port = 139 action = drop comment = "Drop blster \
Worm "Disabled = No
Add chain = virus protocol = tcp dst-Port = 135 action = drop comment = "Drop blster \
Worm "Disabled = No
Add chain = virus protocol = tcp dst-Port = 445 action = drop comment = "Drop blster \
Worm "Disabled = No

/IP Firewall Connection Tracking
set enabled = Yes TCP-syn-sent-Timeout = 5S TCP-syn-modified ed-Timeout = 5S \
TCP-established -Timeout = 10 h TCP-fin-wait-Timeout = 2 m \
TCP-close-wait-Timeout = 1 m TCP-last-ack-Timeout = 30 s \
TCP-time-wait-Timeout = 2 m TCP-close-Timeout = 10 s UDP-Timeout = 30 s \
UDP-stream-Timeout = 3 m ICMP -Timeout = 10 s generic-Timeout = 10 m \
TCP-syncookie = Yes

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
ros docker ros robot install gazebo ros ros robot operating system ros virtual machine irobot create ros ros robot arm

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More