rev="post-866" No Comments
Най-елементарното против навлеци, което май го има даже и в официалната документация. За ползване тип copy/paste:
/ip firewall filter
add action=drop chain=input comment=“Drop all blacklisted“ src-address-list=blacklist
add action=add-src-to-address-list address-list=blacklist address-list-timeout=1w3d chain=input comment=’Add to blacklist’ connection-state=new dst-port=22 log=yes log-prefix=Blacklisted protocol=tcp src-address-list=stage3
add action=add-src-to-address-list address-list=stage3 address-list-timeout=30m chain=input comment=’Add to stage3′ connection-state=new dst-port=22 protocol=tcp src-address-list=stage2
add action=add-src-to-address-list address-list=stage2 address-list-timeout=5m chain=input comment=’Add to stage2′ connection-state=new dst-port=22 protocol=tcp src-address-list=stage1
add action=add-src-to-address-list address-list=stage1 address-list-timeout=1m chain=input comment=’Add to stage1′ connection-state=new dst-port=22 protocol=tcp
Последни коментари