Mikrotik
58
Вклад в тег
/ip firewall filter
add action=jump chain=input comment="sshbruteforces chain" connection-state=\
new dst-port=22 jump-target=sshbruteforces protocol=tcp
add action=drop chain=sshbruteforces comment="drop ssh brute forcers" \
src-address-list=ssh_blacklist
add action=add-src-to-address-list address-list=ssh_blacklist \
address-list-timeout=1w3d chain=sshbruteforces connection-state=new \
src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_stage3 \
address-list-timeout=1m chain=sshbruteforces connection-state=new \
src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage2 \
address-list-timeout=1m chain=sshbruteforces connection-state=new \
src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage1 \
address-list-timeout=1m chain=sshbruteforces connection-state=new
add chain=sshbruteforces dst-port=22 protocol=tcp
add action=drop chain=forward comment="drop ssh brute downstream" disabled=\
no dst-port=22 protocol=tcp src-address-list=ssh_blacklist
add chain=sshbruteforces dst-port=22 protocol=tcp connection-state=new
add action=drop chain=forward comment="drop ssh brute downstream" dst-port=22 \
protocol=tcp src-address-list=ssh_blacklist
/ip firewall filter
add chain=forward src-address=10.10.10.10 dst-address=11.11.11.11 action=passthrough comment="upload to 11.11.11.11"
add chain=forward src-address=11.11.11.11 dst-address=10.10.10.10 action=passthrough comment="download from 11.11.11.11"