'

Firewall Filter Blok Virus dan Penyusup

Firewall Filter Blok Virus dan Penyusup

11/27/2015 02:39:00 PM
Selamat Siang, saya Admin Whuss akan membagi info Firewall Filter Blok Virus dan Penyusup yang dapat mencegah ganguan internet untuk warnet . semoga postingan ini bermanfaat.


                                 * Klik di sini jika anda mau mencopy paste isi blog saya
                                    Atau setelah Select kalimat tekan Ctr+C 

 [admin@.............] > ip firewall filter print
Flags: X - disabled, I - invalid, D - dynamic
 0    chain=forward action=drop protocol=tcp dst-port=135-139 log=no
      log-prefix=""

  1    chain=forward action=drop protocol=udp dst-port=135-139 log=no
      log-prefix=""

  2    chain=forward action=drop protocol=tcp dst-port=445 log=no log-prefix=""

  3    chain=forward action=drop protocol=udp dst-port=445 log=no log-prefix=""

  4    chain=forward action=drop protocol=tcp dst-port=593 log=no log-prefix=""

  5    chain=forward action=drop protocol=tcp dst-port=4444 log=no log-prefix=""

  6    chain=forward action=drop protocol=tcp dst-port=5554 log=no log-prefix=""

  7    chain=forward action=drop protocol=tcp dst-port=9996 log=no log-prefix=""

  8    chain=forward action=drop protocol=udp dst-port=995-999 log=no
      log-prefix=""

  9    chain=forward action=drop protocol=tcp dst-port=53 log=no log-prefix=""

 10    chain=forward action=drop protocol=tcp dst-port=55 log=no log-prefix=""

 11    ;;; hromgrafx
      chain=virus action=drop protocol=tcp dst-port=1373 log=no log-prefix=""

 12    ;;; cichlid
      chain=virus action=drop protocol=tcp dst-port=1377 log=no log-prefix=""

 13    ;;; Worm
      chain=virus action=drop protocol=tcp dst-port=1433-1434 log=no
      log-prefix=""

 14    ;;; Worm
      chain=virus action=drop protocol=tcp dst-port=4444 log=no log-prefix=""

 15    ;;; Worm
      chain=virus action=drop protocol=udp dst-port=4444 log=no log-prefix=""

 16    chain=input action=accept protocol=tcp dst-port=8291 log=no log-prefix=""

 17    chain=forward action=drop connection-state=invalid log=no log-prefix=""

 18    chain=virus action=drop protocol=tcp dst-port=135-139 log=no log-prefix=">

 19    chain=virus action=drop protocol=tcp dst-port=1433-1434 log=no
      log-prefix=""

 20    chain=virus action=drop protocol=tcp dst-port=445 log=no log-prefix=""

 21    chain=virus action=drop protocol=udp dst-port=445 log=no log-prefix=""

 22    chain=virus action=drop protocol=tcp dst-port=593 log=no log-prefix=""

 23    chain=virus action=drop protocol=tcp dst-port=1024-1030 log=no
      log-prefix=""

 24    chain=virus action=drop protocol=tcp dst-port=1080 log=no log-prefix=""

 25    chain=virus action=drop protocol=tcp dst-port=1214 log=no log-prefix=""

 26    chain=virus action=drop protocol=tcp dst-port=1363 log=no log-prefix=""

 27    chain=virus action=drop protocol=tcp dst-port=1364 log=no log-prefix=""

 28    chain=virus action=drop protocol=tcp dst-port=1368 log=no log-prefix=""

 29    chain=virus action=drop protocol=tcp dst-port=1373 log=no log-prefix=""

 30    chain=virus action=drop protocol=tcp dst-port=1377 log=no log-prefix=""

 31    chain=virus action=drop protocol=tcp dst-port=2745 log=no log-prefix=""

 32    chain=virus action=drop protocol=tcp dst-port=2283 log=no log-prefix=""

 33    chain=virus action=drop protocol=tcp dst-port=2535 log=no log-prefix=""

 34    chain=virus action=drop protocol=tcp dst-port=2745 log=no log-prefix=""

 35    chain=virus action=drop protocol=tcp dst-port=3127 log=no log-prefix=""

 36    chain=virus action=drop protocol=tcp dst-port=3410 log=no log-prefix=""

 37    chain=virus action=drop protocol=tcp dst-port=4444 log=no log-prefix=""

 38    chain=virus action=drop protocol=udp dst-port=4444 log=no log-prefix=""

 39    chain=virus action=drop protocol=tcp dst-port=5554 log=no log-prefix=""

 40    chain=virus action=drop protocol=tcp dst-port=8866 log=no log-prefix=""

 41    chain=virus action=drop protocol=tcp dst-port=9898 log=no log-prefix=""

 42    chain=virus action=drop protocol=tcp dst-port=10080 log=no log-prefix=""

 43    chain=virus action=drop protocol=tcp dst-port=12345 log=no log-prefix=""

 44    chain=virus action=drop protocol=tcp dst-port=17300 log=no log-prefix=""

 45    chain=virus action=drop protocol=tcp dst-port=27374 log=no log-prefix=""

 46    chain=virus action=drop protocol=tcp dst-port=65506 log=no log-prefix=""

 47    chain=forward action=jump jump-target=virus log=no log-prefix=""

 48    chain=input action=drop connection-state=invalid log=no log-prefix=""

 49    chain=input action=accept protocol=udp log=no log-prefix=""

 50    chain=input action=accept protocol=icmp limit=50/5s,2 log=no log-prefix=">

 51    chain=input action=drop protocol=icmp log=no log-prefix=""

 52    chain=input action=accept protocol=tcp dst-port=21 log=no log-prefix=""

 53    chain=input action=accept protocol=tcp dst-port=22 log=no log-prefix=""

 54    chain=input action=accept protocol=tcp dst-port=23 log=no log-prefix=""

 55    chain=input action=accept protocol=tcp dst-port=80 log=no log-prefix=""

 56    chain=input action=accept protocol=tcp dst-port=8291 log=no log-prefix=""

 57    chain=input action=accept protocol=tcp dst-port=1723 log=no log-prefix=""

 58    chain=input action=accept protocol=tcp dst-port=23 log=no log-prefix=""

 59    chain=input action=accept protocol=tcp dst-port=80 log=no log-prefix=""

 60    chain=input action=accept protocol=tcp dst-port=1723 log=no log-prefix=""

 61    chain=input action=add-src-to-address-list protocol=tcp address-list=DDOS
      address-list-timeout=15s dst-port=1337 log=no log-prefix=""

 62    chain=input action=add-src-to-address-list protocol=tcp
      src-address-list=knock address-list=DDOS address-list-timeout=15m
      dst-port=7331 log=no log-prefix=""

 63    ;;; Port scanners to list
      chain=input action=add-src-to-address-list protocol=tcp psd=21,3s,3,1
      address-list=port scanners address-list-timeout=2w log=no log-prefix=""

 64    ;;; SYN/FIN scan
      chain=input action=add-src-to-address-list tcp-flags=fin,syn
      protocol=tcp address-list=port scanners address-list-timeout=2w log=no
      log-prefix=""

 65    ;;; SYN/RST scan
      chain=input action=add-src-to-address-list tcp-flags=syn,rst
      protocol=tcp address-list=port scanners address-list-timeout=2w log=no
      log-prefix=""

 66    ;;; FIN/PSH/URG scan
      chain=input action=add-src-to-address-list
      tcp-flags=fin,psh,urg,!syn,!rst,!ack protocol=tcp
      address-list=port scanners address-list-timeout=2w log=no log-prefix=""

 67    ;;; ALL/ALL scan
      chain=input action=add-src-to-address-list
      tcp-flags=fin,syn,rst,psh,ack,urg protocol=tcp
      address-list=port scanners address-list-timeout=2w log=no log-prefix=""

 68    ;;; NMAP NULL scan
      chain=input action=add-src-to-address-list
      tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg protocol=tcp
      address-list=port scanners address-list-timeout=2w log=no log-prefix=""

 69    ;;; ANTI NETCUT
      chain=input action=accept protocol=tcp
      src-address=61.213.183.1-61.213.183.254 dst-port=0-65535 log=no
      log-prefix=""

 70    ;;; ANTI NETCUT
      chain=input action=accept protocol=tcp
      src-address=67.195.134.1-67.195.134.254 dst-port=0-65535 log=no
      log-prefix=""

 71    ;;; ANTI NETCUT
      chain=input action=accept protocol=tcp
      src-address=68.142.233.1-68.142.233.254 dst-port=0-65535 log=no
      log-prefix=""

 72    ;;; ANTI NETCUT
      chain=input action=accept protocol=tcp
      src-address=68.180.217.1-68.180.217.254 dst-port=0-65535 log=no
      log-prefix=""

 73    ;;; ANTI NETCUT
      chain=input action=accept protocol=tcp
      src-address=203.84.204.1-203.84.204.254 dst-port=0-65535 log=no
      log-prefix=""

 74    ;;; ANTI NETCUT
      chain=input action=accept protocol=tcp
      src-address=69.63.176.1-69.63.176.254 dst-port=0-65535 log=no
      log-prefix=""

 75    ;;; ANTI NETCUT
      chain=input action=accept protocol=tcp
      src-address=69.63.181.1-69.63.181.254 dst-port=0-65535 log=no
      log-prefix=""

 76    ;;; ANTI NETCUT
      chain=input action=accept protocol=tcp
      src-address=63.245.209.1-63.245.209.254 dst-port=0-65535 log=no
      log-prefix=""

 77    ;;; ANTI NETCUT
      chain=input action=accept protocol=tcp
      src-address=63.245.213.1-63.245.213.254 dst-port=0-65535 log=no
      log-prefix=""

 78    chain=input action=jump jump-target=icmp protocol=icmp log=no
      log-prefix=""

 79    ;;; Limited Ping Flood
      chain=icmp action=accept protocol=icmp icmp-options=0:0-255 limit=5,5
      log=no log-prefix=""

 80    chain=icmp action=accept protocol=icmp icmp-options=3:3 limit=5,5 log=no
      log-prefix=""

 81    chain=icmp action=accept protocol=icmp icmp-options=3:4 limit=5,5 log=no
      log-prefix=""

 82    chain=icmp action=accept protocol=icmp icmp-options=8:0-255 limit=5,5
      log=no log-prefix=""

 83    chain=icmp action=accept protocol=icmp icmp-options=11:0-255 limit=5,5
      log=no log-prefix=""

 84    chain=icmp action=drop protocol=icmp log=no log-prefix=""

 85    ;;; Flood protect
      chain=input action=jump jump-target=SYN-Protect tcp-flags=syn
      connection-state=new protocol=tcp log=no log-prefix=""

 86    chain=SYN-Protect action=accept tcp-flags=syn connection-state=new
      protocol=tcp limit=400,5 log=no log-prefix=""

 87    chain=SYN-Protect action=drop tcp-flags=syn connection-state=new
      protocol=tcp log=no log-prefix=""

 88    ;;; Flood protect
      chain=forward action=jump jump-target=SYN-Protect tcp-flags=syn
      connection-state=new protocol=tcp log=no log-prefix=""

 89    chain=input action=jump jump-target=SYN-Protect tcp-flags=syn
      connection-state=new protocol=tcp log=no log-prefix=""

 90    chain=SYN-Protect action=accept tcp-flags=syn connection-state=new
      protocol=tcp limit=400,5 log=no log-prefix=""

 91    chain=SYN-Protect action=drop tcp-flags=syn connection-state=new
      protocol=tcp log=no log-prefix=""

 92    ;;; drop port
      chain=input action=drop connection-mark=drop-port log=no log-prefix=""

 93    chain=forward action=drop connection-mark=drop-port log=no log-prefix=""

 94    ;;; Block UltraSurf
      chain=forward action=drop protocol=tcp src-address-list=UltraSurfUsers
      dst-port=443 log=no log-prefix=""

 95    ;;; allow
      chain=forward action=accept connection-state=established log=no
      log-prefix=""

 96    ;;; allow
      chain=forward action=accept connection-state=related log=no
      log-prefix=""

 97    chain=input action=accept tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
      protocol=tcp log=no log-prefix=""

 98    ;;; Allow
      chain=input action=accept connection-state=established log=no
      log-prefix=""

 99    ;;; detect and drop port scan connections
      chain=input action=drop protocol=tcp psd=21,3s,3,1 log=no log-prefix=""

 100    ;;; detect DoS attack
      chain=input action=add-src-to-address-list protocol=tcp
      address-list=black_list address-list-timeout=1d connection-limit=10,32
      log=no log-prefix=""

 101    ;;; Accept established connections
      chain=input action=accept connection-state=established log=no
      log-prefix=""

 102    ;;; Accept related connections
      chain=input action=accept connection-state=related log=no log-prefix=""

 103    ;;; Drop invalid connections
      chain=input action=drop connection-state=invalid log=no log-prefix=""

 104    ;;; UDP
      chain=input action=accept protocol=udp log=no log-prefix=""

 105    ;;; drop invalid connections
      chain=forward action=drop connection-state=invalid log=no log-prefix=""

 106    ;;; Allow limited pings
      chain=input action=accept protocol=icmp limit=50/5s,2 log=no
      log-prefix=""

 107    ;;; Drop excess pings
      chain=input action=drop protocol=icmp log=no log-prefix=""

 108    ;;; Drop Blaster Worm
      chain=virus action=drop protocol=tcp dst-port=135-139 log=no
      log-prefix=""

 109    ;;; Drop Messenger Worm
      chain=virus action=drop protocol=udp dst-port=135-139 log=no
      log-prefix=""

 110    ;;; Drop Blaster Worm
      chain=virus action=drop protocol=tcp dst-port=445 log=no log-prefix=""

 111    ;;; Drop Blaster Worm
      chain=virus action=drop protocol=udp dst-port=445 log=no log-prefix=""

 112    ;;; ________
      chain=virus action=drop protocol=tcp dst-port=593 log=no log-prefix=""

 113    ;;; ________
      chain=virus action=drop protocol=tcp dst-port=1024-1030 log=no
      log-prefix=""

 114    ;;; Drop MyDoom
      chain=virus action=drop protocol=tcp dst-port=1080 log=no log-prefix=""

 115    ;;; ________
      chain=virus action=drop protocol=tcp dst-port=1214 log=no log-prefix=""

 116    ;;; ndm requester
      chain=virus action=drop protocol=tcp dst-port=1363 log=no log-prefix=""

 117    ;;; ndm server
      chain=virus action=drop protocol=tcp dst-port=1364 log=no log-prefix=""

 118    ;;; screen cast
      chain=virus action=drop protocol=tcp dst-port=1368 log=no log-prefix=""

 119    ;;; hromgrafx
      chain=virus action=drop protocol=tcp dst-port=1373 log=no log-prefix=""

 120    ;;; cichlid
      chain=virus action=drop protocol=tcp dst-port=1377 log=no log-prefix=""

 121    ;;; Worm
      chain=virus action=drop protocol=tcp dst-port=1433-1434 log=no
      log-prefix=""

 122    ;;; Bagle Virus
      chain=virus action=drop protocol=tcp dst-port=2745 log=no log-prefix=""

 123    ;;; Drop Dumaru.Y
      chain=virus action=drop protocol=tcp dst-port=2283 log=no log-prefix=""

 124    ;;; Drop Beagle
      chain=virus action=drop protocol=tcp dst-port=2535 log=no log-prefix=""

 125    ;;; Drop Beagle.C-K
      chain=virus action=drop protocol=tcp dst-port=2745 log=no log-prefix=""

 126    ;;; Drop MyDoom
      chain=virus action=drop protocol=tcp dst-port=3127-3128 log=no
      log-prefix=""

 127    ;;; Drop Backdoor OptixPro
      chain=virus action=drop protocol=tcp dst-port=3410 log=no log-prefix=""

 128    ;;; Worm
      chain=virus action=drop protocol=tcp dst-port=4444 log=no log-prefix=""

 129    ;;; Worm
      chain=virus action=drop protocol=udp dst-port=4444 log=no log-prefix=""

 130    ;;; Drop Sasser
      chain=virus action=drop protocol=tcp dst-port=5554 log=no log-prefix=""

 131    ;;; Drop Beagle.B
      chain=virus action=drop protocol=tcp dst-port=8866 log=no log-prefix=""

 132    ;;; Drop Dabber.A-B
      chain=virus action=drop protocol=tcp dst-port=9898 log=no log-prefix=""

 133    ;;; Drop Dumaru.Y
      chain=virus action=drop protocol=tcp dst-port=10000 log=no log-prefix=""

 134    ;;; Drop MyDoom.B
      chain=virus action=drop protocol=tcp dst-port=10080 log=no log-prefix=""

 135    ;;; Drop NetBus
      chain=virus action=drop protocol=tcp dst-port=12345 log=no log-prefix=""

 136    ;;; Drop Kuang2
      chain=virus action=drop protocol=tcp dst-port=17300 log=no log-prefix=""

 137    ;;; Drop SubSeven
      chain=virus action=drop protocol=tcp dst-port=27374 log=no log-prefix=""

 138    ;;; Drop PhatBot, Agobot, Gaobot
      chain=virus action=drop protocol=tcp dst-port=65506 log=no log-prefix=""

 139    ;;; jump to the virus chain
      chain=forward action=jump jump-target=virus log=no log-prefix=""

 140    ;;; Port scanners to list
      chain=input action=add-src-to-address-list protocol=tcp psd=21,3s,3,1
      address-list=port scanners address-list-timeout=2w log=no log-prefix=""

 141    ;;; NMAP FIN Stealth scan
      chain=input action=add-src-to-address-list
      tcp-flags=fin,!syn,!rst,!psh,!ack,!urg protocol=tcp
      address-list=port scanners address-list-timeout=2w log=no log-prefix=""

 142    ;;; SYN/FIN scan
      chain=input action=add-src-to-address-list tcp-flags=fin,syn
      protocol=tcp address-list=port scanners address-list-timeout=2w log=no
      log-prefix=""

 143    ;;; SYN/RST scan
      chain=input action=add-src-to-address-list tcp-flags=syn,rst
      protocol=tcp address-list=port scanners address-list-timeout=2w log=no
      log-prefix=""

 144    ;;; FIN/PSH/URG scan
      chain=input action=add-src-to-address-list
      tcp-flags=fin,psh,urg,!syn,!rst,!ack protocol=tcp
      address-list=port scanners address-list-timeout=2w log=no log-prefix=""

 145    ;;; ALL/ALL scan
      chain=input action=add-src-to-address-list
      tcp-flags=fin,syn,rst,psh,ack,urg protocol=tcp
      address-list=port scanners address-list-timeout=2w log=no log-prefix=""

 146    ;;; NMAP NULL scan
      chain=input action=add-src-to-address-list
      tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg protocol=tcp
      address-list=port scanners address-list-timeout=2w log=no log-prefix=""

 147    ;;; dropping port scanners
      chain=input action=drop src-address-list=port scanners log=no
      log-prefix=""

 148    ;;; drop ftp brute forcers
      chain=input action=drop protocol=tcp src-address-list=ftp_blacklist
      dst-port=21 log=no log-prefix=""

 149    chain=output action=accept protocol=tcp content=530 Login incorrect
      dst-limit=1/1m,9,dst-address/1m log=no log-prefix=""

 150    chain=output action=add-dst-to-address-list protocol=tcp
      address-list=ftp_blacklist address-list-timeout=3h
      content=530 Login incorrect log=no log-prefix=""

 151    ;;; drop ssh brute forcers
      chain=input action=drop protocol=tcp src-address-list=ssh_blacklist
      dst-port=22 log=no log-prefix=""

 152    chain=input action=add-src-to-address-list connection-state=new
      protocol=tcp src-address-list=ssh_stage3 address-list=ssh_blacklist
      address-list-timeout=3d dst-port=22 log=no log-prefix=""

 153    chain=input action=add-src-to-address-list connection-state=new
      protocol=tcp src-address-list=ssh_stage2 address-list=ssh_stage3
      address-list-timeout=1m dst-port=22 log=no log-prefix=""

 154    chain=input action=add-src-to-address-list connection-state=new
      protocol=tcp src-address-list=ssh_stage1 address-list=ssh_stage2
      address-list-timeout=1m dst-port=22 log=no log-prefix=""

 155    chain=input action=add-src-to-address-list connection-state=new
      protocol=tcp address-list=ssh_stage1 address-list-timeout=1m dst-port=22
      log=no log-prefix=""

 156    ;;; drop ssh brute downstream
      chain=forward action=drop protocol=tcp src-address-list=ssh_blacklist
      dst-port=22 log=no log-prefix=""

 157    ;;; Accept established connections
      chain=input action=accept connection-state=established log=no
      log-prefix=""

 158    ;;; Accept related connections
      chain=input action=accept connection-state=related log=no log-prefix=""

 159    ;;; Drop invalid connections
      chain=input action=drop connection-state=invalid log=no log-prefix=""

 160    ;;; UDP
      chain=input action=accept protocol=udp log=no log-prefix=""

 161    ;;; drop invalid connections
      chain=forward action=drop connection-state=invalid log=no log-prefix=""

 162    ;;; Allow limited pings
      chain=input action=accept protocol=icmp limit=50/5s,2 log=no
      log-prefix=""

 163    ;;; Drop excess pings
      chain=input action=drop protocol=icmp log=no log-prefix=""

 164    ;;; DROP PING REPLY
      chain=input action=drop protocol=icmp src-address=!10.10.0.4 log=no
      log-prefix=""

 165    chain=forward action=drop layer7-protocol=ultrasurf log=no log-prefix="
Unknown

Share Postingan Ini

Klik if you like :

Related Posts

Next
« Prev Post
Previous
Next Post »

Subscribe to: Post Comments (Atom)