SHARE
TWEET

tproxy drop koneksi aneh

punces Oct 26th, 2016 365 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #OnlyTPROXY
  2. === drop koneksi "aneh" dari ip proxy ke inet ===
  3. example:
  4. ip proxy 10.212.212.212
  5. ether1 = ether mikrotik ke proxy
  6.  
  7. /ip firewall filter
  8. add action=accept chain=forward comment=proxy-to-local disabled=no dst-address-list=lokal in-interface=ether1 src-address=10.212.212.0/24
  9. add action=accept chain=forward comment=proxy-icmp disabled=no in-interface=ether1 protocol=icmp src-address=10.212.212.0/24
  10. add action=accept chain=forward comment=proxy-dns disabled=no dst-port=53,5353 in-interface=ether1 protocol=tcp src-address=10.212.212.0/24
  11. add action=accept chain=forward comment=proxy-dns disabled=no dst-port=53,5353 in-interface=ether1 protocol=udp src-address=10.212.212.0/24
  12. add action=drop chain=forward comment=drop-proxy-to-out disabled=no in-interface=ether1 src-address=10.212.212.0/24
RAW Paste Data
Top