API tools faq
paste
aloenk

block bruteforce 21 22 23 mikrotiksquidlovers :v

aloenk
Aug 27th, 2015
111
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.77 KB | None | 0 0
raw download clone embed print report
  1. FTP Blocker:
  2. /ip firewall filter
  3. add chain=input protocol=tcp dst-port=21 src-address-list=black_list action=drop \
  4. comment="drop ftp brute forcers" disabled=no
  5. add chain=input protocol=tcp dst-port=21 connection-state=new \
  6. src-address-list=ftp_stage3 action=add-src-to-address-list address-list=black_list address-list-timeout=1d \
  7. comment="" disabled=no
  8. add chain=input protocol=tcp dst-port=21 connection-state=new \
  9. src-address-list=ftp_stage2 action=add-src-to-address-list address-list=ftp_stage3 address-list-timeout=1m \
  10. comment="" disabled=no
  11. add chain=input protocol=tcp dst-port=21 connection-state=new \
  12. src-address-list=ftp_stage1 action=add-src-to-address-list address-list=ftp_stage2 address-list-timeout=1m \
  13. comment="" disabled=no
  14. add chain=input protocol=tcp dst-port=21 connection-state=new \
  15. action=add-src-to-address-list address-list=ftp_stage1 address-list-timeout=1m comment="" \
  16. disabled=no
  17.  
  18.  
  19.  
  20. SSH Blocker:
  21. /ip firewall filter
  22. add chain=input protocol=tcp dst-port=22 src-address-list=black_list action=drop \
  23. comment="drop ssh brute forcers" disabled=no
  24. add chain=input protocol=tcp dst-port=22 connection-state=new \
  25. src-address-list=ssh_stage3 action=add-src-to-address-list address-list=black_list address-list-timeout=1d \
  26. comment="" disabled=no
  27. add chain=input protocol=tcp dst-port=22 connection-state=new \
  28. src-address-list=ssh_stage2 action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m \
  29. comment="" disabled=no
  30. add chain=input protocol=tcp dst-port=22 connection-state=new \
  31. src-address-list=ssh_stage1 action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m \
  32. comment="" disabled=no
  33. add chain=input protocol=tcp dst-port=22 connection-state=new \
  34. action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout=1m comment="" \
  35. disabled=no
  36.  
  37.  
  38.  
  39. Telnet Blocker:
  40. /ip firewall filter
  41. add chain=input protocol=tcp dst-port=23 src-address-list=black_list action=drop \
  42. comment="drop telnet brute forcers" disabled=no
  43. add chain=input protocol=tcp dst-port=23 connection-state=new \
  44. src-address-list=telnet_stage3 action=add-src-to-address-list address-list=black_list address-list-timeout=1d \
  45. comment="" disabled=no
  46. add chain=input protocol=tcp dst-port=23 connection-state=new \
  47. src-address-list=telnet_stage2 action=add-src-to-address-list address-list=telnet_stage3 address-list-timeout=1m \
  48. comment="" disabled=no
  49. add chain=input protocol=tcp dst-port=23 connection-state=new \
  50. src-address-list=telnet_stage1 action=add-src-to-address-list address-list=telnet_stage2 address-list-timeout=1m \
  51. comment="" disabled=no
  52. add chain=input protocol=tcp dst-port=23 connection-state=new \
  53. action=add-src-to-address-list address-list=telnet_stage1 address-list-timeout=1m comment="" \
  54. disabled=no
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!