|
|
# local netword 192.168.1.0/24
# mikrote 2.9.26
# :277370403
/ ip firewall filter
add chain=input connection-state=established action=accept \
comment="Established connections" disabled=no
add chain=input connection-state=related action=accept comment="Related \
connections" disabled=no
add chain=input connection-state=invalid action=drop comment="Drop invalid \
connections" disabled=no
add chain=input action=jump jump-target=viruses comment="!!!Viruse \
detection!!!" disabled=no
add chain=input protocol=udp action=accept comment="UDP protocol" disabled=no
add chain=input protocol=icmp action=accept comment="ICMP protocol" \
disabled=no
add chain=input src-address=192.168.1.0/24 action=accept comment="From local \
netword 192.168.1.0/24" disabled=no
add chain=input protocol=tcp dst-port=1723 action=accept comment="Allow PPTP" \
disabled=no
add chain=input protocol=gre action=accept comment="" disabled=no
add chain=input protocol=tcp dst-port=21 action=accept comment="Allow \
FTP,SSH,TELNET,WEB,WINBOX to router" disabled=no
add chain=input protocol=tcp dst-port=22 action=accept comment="" disabled=no
add chain=input protocol=tcp dst-port=23 action=accept comment="" disabled=no
add chain=input protocol=tcp dst-port=80 action=accept comment="" disabled=no
add chain=input protocol=tcp dst-port=8291 action=accept comment="" \
disabled=no
add chain=input protocol=tcp dst-port=9998 action=accept comment="Allow \
digital video recorder TCP:9998 UDP:9998" disabled=no
add chain=input protocol=udp dst-port=9998 action=accept comment="" \
disabled=no
add chain=input action=drop comment="Drop rything else" disabled=no
add chain=forward connection-state=established action=accept \
comment="Established connections" disabled=no
add chain=forward connection-state=related action=accept comment="Related \
connections" disabled=no
ad
1 |
|
发表于 2019-4-12 10:36:05
