API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 21st, 2018
161
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.71 KB | None | 0 0
raw download clone embed print report
  1. /ip proxy set port=8403,8402 enabled=yes
  2. /ip proxy access
  3. add action=deny local-port=8402 disabled=no \
  4. redirect-to="http://sgp.net.br/bloqueio/netbox/atraso"
  5. add action=deny local-port=8403 disabled=no \
  6. redirect-to="http://sgp.net.br/bloqueio/netbox/"
  7.  
  8. /ip firewall address-list
  9. add address=144.202.13.29 list=SITES-LIBERADOS
  10. add address=208.67.222.222 list=SITES-LIBERADOS
  11. add address=208.67.222.220 list=SITES-LIBERADOS
  12. add address=8.8.8.8 list=SITES-LIBERADOS
  13. add address=8.8.4.4 list=SITES-LIBERADOS
  14. add address=10.24.0.0/22 list=BLOQUEADOS
  15.  
  16. /ip firewall filter
  17. add action=drop chain=forward dst-address-list=!SITES-LIBERADOS src-address-list=BLOQUEADOS comment="SGP REGRAS"
  18.  
  19. /ip firewall nat
  20. add action=masquerade chain=srcnat \
  21. src-address-list=BLOQUEADOS comment="SGP REGRAS"
  22. add action=redirect chain=dstnat src-address-list= BLOQUEADOS \
  23. dst-address-list=!SITES-LIBERADOS dst-port=80,443 protocol=tcp to-ports=8403 comment="SGP REGRAS"
  24. add chain=dstnat connection-mark=BLOQUEIO-AVISAR protocol=tcp action=redirect to-ports=8402 comment="SGP REGRAS"
  25.  
  26. # Aviso bloqueio
  27. /ip firewall mangle
  28. add chain=prerouting connection-state=new src-address-list=BLOQUEIO-AVISAR protocol=tcp dst-port=80 \
  29. action=mark-connection new-connection-mark=BLOQUEIO-VERIFICAR passthrough=yes comment="SGP REGRAS"
  30. add chain=prerouting connection-mark=BLOQUEIO-VERIFICAR src-address-list=!BLOQUEIO-AVISADOS \
  31. action=mark-connection new-connection-mark=BLOQUEIO-AVISAR comment="SGP REGRAS"
  32.  
  33. /ip firewall filter
  34. add chain=input connection-mark=BLOQUEIO-AVISAR action=add-src-to-address-list \
  35. address-list=BLOQUEIO-AVISADOS address-list-timeout=4h comment="SGP REGRAS"
  36.  
  37. /ip pool
  38. add name=bloqueados ranges=10.24.0.0/22
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!