API tools faq
paste
Advertisement
punces

dns-jam-malam

punces
Jan 20th, 2017
3,060
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.15 KB | None | 0 0
raw download clone embed print report
  1. /ip firewall address-list
  2. add address=10.0.0.0/8 list=private-lokal
  3. add address=172.16.0.0/12 list=private-lokal
  4. add address=192.168.0.0/16 list=private-lokal
  5.  
  6. /ip firewall filter
  7. add action=drop chain=input comment=dns-flood dst-port=53,5353 protocol=tcp src-address-list=!private-lokal
  8. add action=drop chain=input comment=dns-flood dst-port=53,5353 protocol=udp src-address-list=!private-lokal
  9.  
  10. /ip dns
  11. set allow-remote-requests=no servers=208.67.222.222,208.67.220.220
  12.  
  13. /ip fi nat
  14. add action=dst-nat chain=dstnat comment=dns-block src-address-list=private-lokal dst-port=53,5353 nth=4,1 protocol=tcp time=7h1s-22h59m59s,sun,mon,tue,wed,thu,fri,sat to-addresses=103.80.80.248 to-ports=5353
  15. add action=dst-nat chain=dstnat comment=dns-block src-address-list=private-lokal dst-port=53,5353 nth=2,1 protocol=tcp time=7h1s-22h59m59s,sun,mon,tue,wed,thu,fri,sat to-addresses=103.80.80.249 to-ports=5353
  16. add action=dst-nat chain=dstnat comment=dns-block src-address-list=private-lokal dst-port=53,5353 nth=3,1 protocol=udp time=7h1s-22h59m59s,sun,mon,tue,wed,thu,fri,sat to-addresses=103.80.80.248 to-ports=5353
  17. add action=dst-nat chain=dstnat comment=dns-block src-address-list=private-lokal dst-port=53,5353 nth=1,1 protocol=udp time=7h1s-22h59m59s,sun,mon,tue,wed,thu,fri,sat to-addresses=103.80.80.249 to-ports=5353
  18. # inactive time
  19. add action=dst-nat chain=dstnat comment=dns-open src-address-list=private-lokal dst-port=53,5353 nth=4,1 protocol=tcp time=23h-7h,sun,mon,tue,wed,thu,fri,sat to-addresses=208.67.222.222 to-ports=5353
  20. # inactive time
  21. add action=dst-nat chain=dstnat comment=dns-open src-address-list=private-lokal dst-port=53,5353 nth=3,1 protocol=udp time=23h-7h,sun,mon,tue,wed,thu,fri,sat to-addresses=208.67.222.222 to-ports=5353
  22. # inactive time
  23. add action=dst-nat chain=dstnat comment=dns-open src-address-list=private-lokal dst-port=53,5353 nth=2,1 protocol=tcp time=23h-7h,sun,mon,tue,wed,thu,fri,sat to-addresses=208.67.220.220 to-ports=5353
  24. # inactive time
  25. add action=dst-nat chain=dstnat comment=dns-open src-address-list=private-lokal dst-port=53,5353 nth=1,1 protocol=udp time=23h-7h,sun,mon,tue,wed,thu,fri,sat to-addresses=208.67.220.220 to-ports=5353
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!