Welcome to Scribd!

Skip carousel

Firewall Filters: Las Reglas Más Básicas Que Debe Tener Un RB Mikrotik

Uploaded by

Sergio Rait Choque

0% found this document useful (0 votes)

47 views3 pages

FIREWALL FILTERS

Original Title

Firewall Filters

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

FIREWALL FILTERS

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

47 views3 pages

Firewall Filters: Las Reglas Más Básicas Que Debe Tener Un RB Mikrotik

Uploaded by

Sergio Rait Choque

FIREWALL FILTERS

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 3

Search inside document

Firewall Filters

Las reglas ms bsicas que debe tener un RB Mikrotik

/ ip firewall filter
add chain=input connection-state=established comment="Accept established
connections"
add chain=input connection-state=related comment="Accept related
connections"
add chain=input connection-state=invalid action=drop comment="Drop invalid
connections"
add chain=input protocol=udp action=accept comment="UDP" disabled=no
add chain=input protocol=icmp limit=50/5s,2 comment="Allow limited pings"
add chain=input protocol=icmp action=drop comment="Drop excess pings"
add chain=input protocol=tcp dst-port=22 comment="SSH for secure shell"
add chain=input protocol=tcp dst-port=8291 comment="winbox"
# Edit these rules to reflect your actual IP addresses! #
add chain=input src-address=159.148.172.192/28 comment="From Mikrotikls
network"
add chain=input src-address=10.0.0.0/8 comment="From our private LAN"
# End of Edit #
add chain=input action=log log-prefix="DROP INPUT" comment="Log everything
else"
add chain=input action=drop comment="Drop everything else"

Ahora tenemos la proteccin contra: synflood, ICMP Flood, escaneo de puertos, spam por
correo electrnico y mucho ms. Para obtener ms informacin, lea los comentarios.

/ip firewall filter

add action=add-src-to-address-list address-list=Syn_Flooder

address-list-timeout=30m chain=input comment="Add Syn Flood IP to the list"
connection-limit=30,32 protocol=\

tcp tcp-flags=syn

add action=drop chain=input comment="Drop to syn flood list"

src-address-list=Syn_Flooder

add action=add-src-to-address-list address-list=Port_Scanner

address-list-timeout=1w chain=input comment="Port Scanner Detect"
protocol=tcp psd=21,3s,3,1
add action=drop chain=input comment="Drop to port scan list"
src-address-list=Port_Scanner

add action=jump chain=input comment="Jump for icmp input flow"

jump-target=ICMP protocol=icmp

add action=accept chain=input comment="Allows access to winbox from the WAN

# DO NOT ENABLE THIS RULE IF YOU DO NOT WANT TO ACCESS FROM THE
INTERNET" disabled=yes \

dst-port=8291 in-interface="ISP ether10" protocol=tcp

add action=drop chain=input comment="Block all access to the winbox - except

to support list # DO NOT ENABLE THIS RULE BEFORE ADD YOUR SUBNET IN THE
SUPPORT ADDRESS LIST" \

disabled=yes dst-port=8291 protocol=tcp src-address-list=!support

add action=jump chain=forward comment="Jump for icmp forward flow"

jump-target=ICMP protocol=icmp

add action=drop chain=forward comment="Drop to bogon list"

dst-address-list=bogons

add action=drop chain=forward comment="Avoid spammers action"

dst-port=25,587 protocol=tcp src-address-list=spammers

add action=accept chain=input comment="Accept DNS - UDP" port=53

protocol=udp

add action=accept chain=input comment="Accept DNS - TCP" port=53

protocol=tcp

add action=accept chain=input comment="Accept to established connections"

connection-state=established

add action=accept chain=input comment="Accept to related connections"

connection-state=related

add action=accept chain=input comment="Full access to SUPPORT address list"

src-address-list=support

add action=drop chain=input comment="Drop anything else! # DO NOT ENABLE

THIS RULE BEFORE YOU MAKE SURE ABOUT ALL ACCEPT RULES YOU NEED"
disabled=yes

add action=accept chain=ICMP comment="Echo reply" icmp-options=0:0

protocol=icmp

add action=accept chain=ICMP comment="Time Exceeded" icmp-options=11:0

protocol=icmp
add action=accept chain=ICMP comment="Destination unreachable"
icmp-options=3:0-1 protocol=icmp

add action=accept chain=ICMP comment=PMTUD icmp-options=3:4

protocol=icmp

add action=drop chain=ICMP comment="Drop to the other ICMPs" protocol=icmp

Basic Universal Firewall Script
Document3 pages
Basic Universal Firewall Script
Cesar Rolando Gomez Rodas
No ratings yet
Reglas Firewall Basicas
Document3 pages
Reglas Firewall Basicas
Alexander Hernandez
No ratings yet
Escrip Basica RB Mikrotik
Document3 pages
Escrip Basica RB Mikrotik
Wireless Networks Empresa de telecomunicaciones
No ratings yet
Basic Universal Firewall Script - MikroTik Wiki PDF
Document2 pages
Basic Universal Firewall Script - MikroTik Wiki PDF
Decio Ramires
No ratings yet
Configuring firewall rules, NAT, DHCP, and interfaces for home router
Document8 pages
Configuring firewall rules, NAT, DHCP, and interfaces for home router
MagicLink Bd internet service providers
No ratings yet
Firewall FBasic Examples
Document3 pages
Firewall FBasic Examples
Kayode Emmanuel
No ratings yet
Port Flooding Mikrotik
Document3 pages
Port Flooding Mikrotik
Maulana Kurniantoro
No ratings yet
Ip Firewall filter-MIKROTIK BLOQUEO DE VULNERABILIDADES
Document1 page
Ip Firewall filter-MIKROTIK BLOQUEO DE VULNERABILIDADES
Mario Alcides Calo
No ratings yet
Firewall MK
Document3 pages
Firewall MK
Arman Nthree
No ratings yet
Firewall Mikrotik
Document4 pages
Firewall Mikrotik
tec_danielsoto
No ratings yet
Workshop Firewall
Document10 pages
Workshop Firewall
Zetri Aldino
No ratings yet
الفيروسات
Document6 pages
الفيروسات
ahmedaliaref2020
No ratings yet
Load Balancing Dengan Mikrotik Untuk Router Warnet
Document9 pages
Load Balancing Dengan Mikrotik Untuk Router Warnet
mafiades
No ratings yet
Mikrotik Warnet
Document43 pages
Mikrotik Warnet
boedie_m
No ratings yet
Firewall Rules for ICMP, Port Knocking, Port Scanning and Virus Protection
Document14 pages
Firewall Rules for ICMP, Port Knocking, Port Scanning and Virus Protection
Franklin Pinto
No ratings yet
Firewall Mikrotic
Document1 page
Firewall Mikrotic
guillermo maso
No ratings yet
Detect and Block Port Scanners
Document2 pages
Detect and Block Port Scanners
Bedest Cakep
0% (1)
Firewall Mikrotik L3
Document5 pages
Firewall Mikrotik L3
jhonnathan0103
No ratings yet
Firewall
Document4 pages
Firewall
Andika87
No ratings yet
Firewall Avanzado v6
Document1 page
Firewall Avanzado v6
Pedro Mancilla Salazar
No ratings yet
Firewall
Document3 pages
Firewall
Wawan Naning A'im
No ratings yet
Versi Lite 2isp
Document4 pages
Versi Lite 2isp
Replay Gaming
No ratings yet
Firewall Basico
Document1 page
Firewall Basico
Soporte BJ
No ratings yet
Add Chain Input Src-Address 11.11.11.0/24 Comment "From Local Net1"
Document2 pages
Add Chain Input Src-Address 11.11.11.0/24 Comment "From Local Net1"
Devroy Malakar
No ratings yet
Script Configuracion rB2011
Document5 pages
Script Configuracion rB2011
Soldier
No ratings yet
Mikrotik Antihack-Antivirus
Document2 pages
Mikrotik Antihack-Antivirus
Franklin Pinto
No ratings yet
Simple IP Firewall Filter
Document2 pages
Simple IP Firewall Filter
Dedl Supra
No ratings yet
Basic CPE configuration script for Star Network
Document15 pages
Basic CPE configuration script for Star Network
Israel Aguirre
No ratings yet
Isp Anti Detect
Document2 pages
Isp Anti Detect
Mhine Kho
100% (1)
Copia RB 2011 Rita ... Mikrotik
Document9 pages
Copia RB 2011 Rita ... Mikrotik
Wireless Networks Empresa de telecomunicaciones
No ratings yet
Load Balancing + Proxy Eksternal (Game Poker & Poinblank LANCAR... !!)
Document11 pages
Load Balancing + Proxy Eksternal (Game Poker & Poinblank LANCAR... !!)
Violetz Fauza
100% (1)
Setingan Mikrotik
Document6 pages
Setingan Mikrotik
tuyul seken
No ratings yet
Blockportvirusdimikrotik Akbartk Wordpress Com
Document24 pages
Blockportvirusdimikrotik Akbartk Wordpress Com
semeru telecom
No ratings yet
Balanceo PCC Failover
Document4 pages
Balanceo PCC Failover
telecomunicacionesos
No ratings yet
Simple and Powerfull Firewall Filter
Document4 pages
Simple and Powerfull Firewall Filter
Dedl Supra
No ratings yet
Mikrrotik
Document6 pages
Mikrrotik
mookielampsherd
No ratings yet
Block Brute Force Attack in Mikrotik Router
Document1 page
Block Brute Force Attack in Mikrotik Router
Pedro Hernandez
No ratings yet
FTP, SSH STP Brute Forte (Bloqueo de Ataques)
Document1 page
FTP, SSH STP Brute Forte (Bloqueo de Ataques)
David Bracho
No ratings yet
Block Brute Force Attack in Mikrotik Router
Document1 page
Block Brute Force Attack in Mikrotik Router
ReyRodriguezPalencia
No ratings yet
Block Brute Force Attack in Mikrotik Router
Document1 page
Block Brute Force Attack in Mikrotik Router
Guillermo Cabrera Contrera
No ratings yet
Configuração RB SPECELESS - Filter
Document5 pages
Configuração RB SPECELESS - Filter
Flash Internet
No ratings yet
Backup Mikrotik 951g
Document9 pages
Backup Mikrotik 951g
XxjeanpieroxX
No ratings yet
Cara Setting Mikrotik Anti NetCut Firewall Mikrotik
Document2 pages
Cara Setting Mikrotik Anti NetCut Firewall Mikrotik
Sigit Subagyo
No ratings yet
Configuracion Firewall
Document1 page
Configuracion Firewall
telecomunicacionesos
No ratings yet
Bandwidth Setup
Document3 pages
Bandwidth Setup
Twine Kiosk
No ratings yet
1ejBykHuwyxQ4rrIFqrS4CMf7W7XxB Et
Document3 pages
1ejBykHuwyxQ4rrIFqrS4CMf7W7XxB Et
ketut ttri oktaria
No ratings yet
SCRIIIIIIIIIIIIIIP
Document8 pages
SCRIIIIIIIIIIIIIIP
teguh
No ratings yet
Regras Firewall
Document2 pages
Regras Firewall
Fernanda Amaroke
No ratings yet
Border Router Firewall
Document2 pages
Border Router Firewall
Rocky Klapuh
No ratings yet
Balanceo 7 Lineas Ppoe
Document5 pages
Balanceo 7 Lineas Ppoe
Dario Rafael Lopez Fana
No ratings yet
Annisa Rezdky Andini Ab Xii TKJ 5
Document6 pages
Annisa Rezdky Andini Ab Xii TKJ 5
Annisa Rezdky Andini
No ratings yet
MT Single Config
Document3 pages
MT Single Config
Carlo Fortunado
No ratings yet
Configuraciones Routers Puntos de Venta
Document5 pages
Configuraciones Routers Puntos de Venta
angela castro
No ratings yet
Aula 36 - Prevenindo Ataques de Login Por Força-Bruta
Document2 pages
Aula 36 - Prevenindo Ataques de Login Por Força-Bruta
Victor Senna
No ratings yet
Bảo Mật
Document2 pages
Bảo Mật
Minh Nghia Pham
No ratings yet
Script VPN by SHS
Document3 pages
Script VPN by SHS
Memet Gitu Loh
No ratings yet
Some Tutorials in Computer Networking Hacking
From Everand
Some Tutorials in Computer Networking Hacking
Dr. Hidaia Mahmood Alassouli
No ratings yet
Network with Practical: ALL PACKET TRACER LABS
From Everand
Network with Practical: ALL PACKET TRACER LABS
MULAYAM SINGH
No ratings yet
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
From Everand
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
Mulayam Singh
No ratings yet
Network Simulator-3 (N S-3) practical Lab Manual
From Everand
Network Simulator-3 (N S-3) practical Lab Manual
Vikram Patalbansi
No ratings yet
EPON OLT CLI User Manual PDF
Document97 pages
EPON OLT CLI User Manual PDF
sgomespro
No ratings yet
Escaneo TEST
Document7 pages
Escaneo TEST
Sergio Rait Choque
No ratings yet
Administrator Guide Serie S PDF
Document123 pages
Administrator Guide Serie S PDF
Sergio Rait Choque
No ratings yet
Mypbx Standard Administrator Guide en PDF
Document219 pages
Mypbx Standard Administrator Guide en PDF
Sergio Rait Choque
No ratings yet
Orion Summary Home PDF
Document2 pages
Orion Summary Home PDF
Sergio Rait Choque
No ratings yet
QR Code Details
Document2 pages
QR Code Details
Rb143
No ratings yet
Design and Implementation of An Android Face Detection and Recognition Systemwqaas8cpdq
Document16 pages
Design and Implementation of An Android Face Detection and Recognition Systemwqaas8cpdq
nweke sunday Basilica
No ratings yet
Secret US Embassy Cables
Document3 pages
Secret US Embassy Cables
gedankenverbrecher2009
No ratings yet
Enemy of The State
Document124 pages
Enemy of The State
Rahul Gabda
No ratings yet
Virtualization Security
Document33 pages
Virtualization Security
Stéphane Kenthor
No ratings yet
Finger Vein Authentication White Paper CCD CAMERA
Document4 pages
Finger Vein Authentication White Paper CCD CAMERA
Mihir Pathak
No ratings yet
It Audit Report
Document2 pages
It Audit Report
athabascans
0% (1)
Prasanna Resume PDF
Document4 pages
Prasanna Resume PDF
Prasanna
No ratings yet
PCI-PIN Consultancy and Certification
Document6 pages
PCI-PIN Consultancy and Certification
Abu Sufian Mahi
No ratings yet
ch30 PDF
Document54 pages
ch30 PDF
ani
No ratings yet
E 968 Katalog
Document351 pages
E 968 Katalog
romulolamas
0% (1)
DRM
Document54 pages
DRM
the_tigdra
No ratings yet
SimNow Link User Registration
Document11 pages
SimNow Link User Registration
irmelody
No ratings yet
ECall Letter
Document2 pages
ECall Letter
Giriraj Deora
No ratings yet
Slashnext Targeted Phishing Defense Datasheet
Document2 pages
Slashnext Targeted Phishing Defense Datasheet
Nasir
No ratings yet
PowerMaxExpress V17 Eng User Guide D-303974 PDF
Document38 pages
PowerMaxExpress V17 Eng User Guide D-303974 PDF
Sreten
No ratings yet
Ds Gigavue HC Series
Document22 pages
Ds Gigavue HC Series
abidou
No ratings yet
457975
Document48 pages
457975
Marc Gleb
No ratings yet
Powder Horns Shot Pouches Scribd R
Document14 pages
Powder Horns Shot Pouches Scribd R
Herman Karl
No ratings yet
Cavalry Journal, Volume 2, Nos. 4, 5, 6 & 7
Document222 pages
Cavalry Journal, Volume 2, Nos. 4, 5, 6 & 7
"Rufus"
No ratings yet
Annexure 7 - Extract of Annual Return: Form No. MGT-9 Registration and Other Details
Document1 page
Annexure 7 - Extract of Annual Return: Form No. MGT-9 Registration and Other Details
Jittu Elsa Jose
No ratings yet
RUSE Manual English
Document11 pages
RUSE Manual English
Jason Howard
No ratings yet
Click To Get Netflix Cookies #10
Document23 pages
Click To Get Netflix Cookies #10
kmkmkm
No ratings yet
BSOD - System Error Codes (English Version)
Document98 pages
BSOD - System Error Codes (English Version)
Mohamad Ridzuan Abdul Majid
No ratings yet
Software Engineer & Security Expert Résumé
Document3 pages
Software Engineer & Security Expert Résumé
Sathvik S Prabhu
No ratings yet
Mobile Threat Landscape Report
Document32 pages
Mobile Threat Landscape Report
Ninth Ray
No ratings yet
Indian Channels 2019
Document115 pages
Indian Channels 2019
Ansar Bajwa
100% (1)
Ferragamo QR Code
Document7 pages
Ferragamo QR Code
Simone Zema
No ratings yet
Manual
Document356 pages
Manual
gcarrera32972
No ratings yet
Resume - Gokulsoman
Document4 pages
Resume - Gokulsoman
api-437680622
No ratings yet