API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 14th, 2019
167
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.89 KB | None | 0 0
raw download clone embed print report
  1. 0 D chain=forward action=jump jump-target=hs-unauth hotspot=from-client,!auth
  2.  
  3. 1 D chain=forward action=jump jump-target=hs-unauth-to hotspot=to-client,!auth
  4.  
  5. 2 D chain=input action=jump jump-target=hs-input hotspot=from-client
  6.  
  7. 3 D chain=input action=drop protocol=tcp hotspot=!from-client
  8. dst-port=64872-64875
  9.  
  10. 4 D chain=hs-input action=jump jump-target=pre-hs-input
  11.  
  12. 5 D chain=hs-input action=accept protocol=udp dst-port=64872
  13.  
  14. 6 D chain=hs-input action=accept protocol=tcp dst-port=64872-64875
  15.  
  16. 7 D chain=hs-input action=jump jump-target=hs-unauth hotspot=!auth
  17.  
  18. 8 D chain=hs-unauth action=reject reject-with=tcp-reset protocol=tcp
  19.  
  20. 9 D chain=hs-unauth action=reject reject-with=icmp-net-prohibited
  21.  
  22. 10 D chain=hs-unauth-to action=reject reject-with=icmp-host-prohibited
  23.  
  24. 11 X ;;; place hotspot rules here
  25. chain=unused-hs-chain action=passthrough
  26.  
  27. 12 ;;; drop ssh brute forcers
  28. chain=input action=drop protocol=tcp src-address-list=ssh_blacklist
  29. dst-port=221 log=no log-prefix=""
  30.  
  31. 13 chain=input action=add-src-to-address-list connection-state=new
  32. protocol=tcp src-address-list=ssh_stage3 address-list=ssh_blacklist
  33. address-list-timeout=1w3d dst-port=221 log=no log-prefix=""
  34.  
  35. 14 chain=input action=add-src-to-address-list connection-state=new
  36. protocol=tcp src-address-list=ssh_stage2 address-list=ssh_stage3
  37. address-list-timeout=1m dst-port=221 log=no log-prefix=""
  38.  
  39. 15 chain=input action=add-src-to-address-list connection-state=new
  40. protocol=tcp src-address-list=ssh_stage1 address-list=ssh_stage2
  41. address-list-timeout=1m dst-port=221 log=no log-prefix=""
  42.  
  43. 16 chain=input action=add-src-to-address-list connection-state=new
  44. protocol=tcp address-list=ssh_stage1 address-list-timeout=1h1m
  45. dst-port=221 log=no log-prefix=""
  46.  
  47. 17 X ;;; torrent /announce...
  48. chain=forward action=drop protocol=tcp src-address=!192.168.88.83
  49. in-interface=bridge-lan dst-port=2710,80 content=info_hash= log=no
  50. log-prefix=""
  51.  
  52. 18 X ;;; torrent-DHT-Out-Magnet d1:ad2:id20:
  53. chain=forward action=drop protocol=udp src-address=!192.168.88.83
  54. in-interface=bridge-lan dst-port=1025-65535 content=d1:ad2:id20:
  55. packet-size=95-190 log=no log-prefix=""
  56.  
  57. 19 chain=input action=drop protocol=tcp in-interface=pppoe-out1 dst-port=80
  58. log=no log-prefix=""
  59.  
  60. 20 chain=input action=accept protocol=tcp dst-address=94.255.83.207
  61. dst-port=8080 log=no log-prefix=""
  62.  
  63. 21 ;;; VPN guard
  64. chain=input action=drop protocol=udp src-address-list=!home dst-port=1701
  65. log=yes log-prefix="PVN drop----"
  66.  
  67. 22 ;;; VPN guard 500p
  68. chain=input action=drop protocol=udp src-address-list=!home dst-port=500
  69. log=yes log-prefix="PVN 500----"
  70.  
  71. 23 ;;; Dostup Admina k seti
  72. chain=forward action=accept src-address=192.168.20.22
  73. dst-address=192.168.0.0/24 log=no log-prefix="YA-"
  74.  
  75. 24 ;;; Dostup Admina k seti
  76. chain=forward action=accept src-address=192.168.88.33
  77. dst-address=192.168.0.0/24 log=no log-prefix="YA-"
  78.  
  79. 25 ;;; Dostup Admina k seti lenovo
  80. chain=forward action=accept src-address=192.168.88.60
  81. dst-address=192.168.0.0/24 log=yes log-prefix="YA-"
  82.  
  83. 26 ;;; Dostup vova k seti
  84. chain=forward action=accept src-address=192.168.88.83
  85. dst-address=192.168.0.0/24 log=no log-prefix=""
  86.  
  87. 27 ;;; Dostup vova k seti
  88. chain=forward action=accept src-address=192.168.88.163
  89. dst-address=192.168.0.0/24 log=no log-prefix=""
  90.  
  91. 28 ;;; Dostup vova k seti
  92. chain=forward action=accept src-address=192.168.88.75
  93. dst-address=192.168.0.0/24 log=no log-prefix=""
  94.  
  95. 29 ;;; Dostup vova k seti
  96. chain=forward action=accept src-address=192.168.20.83
  97. dst-address=192.168.0.0/24 log=no log-prefix=""
  98.  
  99. 30 ;;; Dostup Admina k seti lenovo
  100. chain=forward action=accept src-address=192.168.20.42
  101. dst-address=192.168.0.0/24 log=yes log-prefix="YA-"
  102.  
  103. 31 ;;; Block Hotspot-Lan
  104. chain=forward action=drop src-address=192.168.20.0/24
  105. dst-address=192.168.0.0/24 log=yes log-prefix="LEZUT-"
  106.  
  107. 32 ;;; Block Hotspot-Lan
  108. chain=forward action=drop src-address=10.24.93.0/24
  109. dst-address=192.168.0.0/24 log=yes log-prefix="LEZUT-"
  110.  
  111. 33 ;;; Block Hotspot-Lan 0.88
  112. chain=forward action=drop src-address=192.168.88.0/24
  113. dst-address=192.168.0.0/24 src-address-list=!INPUT-IP log=yes
  114. log-prefix="LEZUT 0.88-"
  115.  
  116. 34 ;;; BLOCKasCAN TO ADRESS
  117. chain=input action=add-src-to-address-list protocol=tcp psd=21,3s,3,1
  118. address-list=BlockScan address-list-timeout=none-dynamic log=no
  119. log-prefix="BLOCKSCAN-----"
  120.  
  121. 35 chain=input action=drop protocol=udp in-interface=pppoe-out1 dst-port=53
  122. log=yes log-prefix="scan-"
  123.  
  124. 36 chain=input action=drop protocol=udp in-interface=pppoe-out1 dst-port=25
  125. log=yes log-prefix="scan-25"
  126.  
  127. 37 chain=input action=drop protocol=tcp in-interface=pppoe-out1 dst-port=80
  128. log=yes log-prefix="scan-25"
  129.  
  130. 38 chain=input action=drop src-address-list=BlockScan log=no
  131. log-prefix="dropScan-----"
  132.  
  133. 39 X ;;; anti-floood block out 80 port (253.268.245:80 --- 94.255.56.32:>
  134. 9)
  135. chain=input action=drop protocol=tcp in-interface=pppoe-out1 src-port=80
  136. log=no log-prefix="80"
  137.  
  138. 40 ;;; anti-floood block out 25 port (253.268.245:25 --- 94.255.56.32:>
  139. 9)
  140. chain=input action=drop protocol=tcp in-interface=pppoe-out1 src-port=25
  141. log=no log-prefix=""
  142.  
  143. 41 chain=input
  144.  
  145. 42 chain=input
  146.  
  147. 43 chain=input
  148.  
  149. 44 chain=input
  150.  
  151. 45 chain=forward action=add-src-to-address-list dst-address=216.218.185.162
  152. address-list=Trojanes_pc_src address-list-timeout=none-static
  153. in-interface=bridge-lan out-interface=pppoe-out1 log=no log-prefix=""
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!