Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Flags: X - disabled, I - invalid, D - dynamic
- 0 X ;;; DROP DNS request (see Mangle)
- chain=input action=drop packet-mark=DNS_block log=no log-prefix=""
- 1 X ;;; INPUT DROP all country EXPECT RU & services
- chain=input action=drop src-address-list=!RU in-interface-list=WAN log=no log-prefix=""
- 2 ;;; INPUT drop INVALID packet state
- chain=input action=drop connection-state=invalid log=no log-prefix="DROP_INVALID_INPUT"
- 3 chain=input action=drop in-interface-list=VLAN log=no log-prefix=""
- 4 ;;; INPUT other DROP
- chain=input action=drop in-interface-list=!LAN+PERSONAL log=no log-prefix="OTHER_INPUT_DROP"
- 5 X ;;; DROP DNS request (see Mangle)
- chain=forward action=drop packet-mark=DNS_block log=no log-prefix=""
- 6 X ;;; FORWARD drop hack soft
- chain=forward action=drop dst-address-list=SOFT log=yes log-prefix="TO HACK SOFT"
- 7 X ;;; FORWARD drop to PSD-scan list via WAN&VPN
- chain=forward action=drop dst-address-list=PSD-scan in-interface-list=LAN+PERSONAL log=yes log-prefix="TO PSD-scan"
- 8 X ;;; FORWARD drop to sbl spamhaus list via WAN&VPN
- chain=forward action=drop dst-address-list=sbl spamhaus in-interface-list=LAN+PERSONAL log=no log-prefix="TO sbl spamhaus"
- 9 X ;;; FORWARD drop to sbl dshield list via WAN&VPN
- chain=forward action=drop dst-address-list=sbl dshield in-interface-list=LAN+PERSONAL log=no log-prefix="TO sbl dshield"
- 10 X ;;; FORWARD drop to sbl blocklist.de list via WAN&VPN
- chain=forward action=drop dst-address-list=sbl blocklist.de in-interface-list=LAN+PERSONAL log=no log-prefix="TO sbl blocklist.de"
- 11 ;;; FORWARD drop INVALID packet state
- chain=forward action=drop connection-state=invalid log=no log-prefix="DROP_INVALID_FORWARD"
- 12 ;;; FORWARD DROP to WAN
- chain=forward action=drop src-address-list=notWAN dst-address-list=!notWAN_EXCLUDE out-interface-list=WAN log=no log-prefix=""
- 13 ;;; FORWARD DROP from 191
- chain=forward action=drop src-address=172.22.22.191 log=no log-prefix=""
- 14 ;;; FORWARD DROP from 192
- chain=forward action=drop src-address=172.22.22.192 log=no log-prefix=""
- 15 ;;; FORWARD DROP from 197
- chain=forward action=drop src-address=172.22.22.197 log=no log-prefix=""
- 16 X ;;; FORWARD DROP from 2
- chain=forward action=drop src-address=172.22.22.2 log=no log-prefix=""
- 17 ;;; FORWARD DROP from 3
- chain=forward action=drop src-address=172.22.22.3 log=no log-prefix=""
- 18 ;;; FORWARD drop from Chains & VPS
- chain=forward action=drop in-interface-list=Chain+VPS+VPS-TOR log=no log-prefix="VPS-forward"
- 19 ;;; FORWARD drop from work VPN
- chain=forward action=drop src-address-list=!KNOCK_ACCEPT in-interface-list=VPN_work log=yes log-prefix="WORK_DROP"
- 20 X ;;; FORWARD from mama
- chain=forward action=drop dst-address=!172.22.22.22 src-address-list=!KNOCK_ACCEPT in-interface=l2tp-in-mama log=yes log-prefix="mama DROP"
- 21 chain=forward action=drop in-interface=vlan5_MON out-interface-list=!WAN+VPS log=no log-prefix=""
- 22 chain=forward action=drop in-interface=vlan8_TESTING log=no log-prefix=""
- 23 chain=forward action=drop in-interface=vlan9_WiFi-guest out-interface-list=!WAN+VPS log=no log-prefix=""
- 24 ;;; FORWARD drop all from WAN not DST NATed
- chain=forward action=drop connection-nat-state=!dstnat in-interface-list=WAN log=yes log-prefix="WAN_FORWARD"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
