/ ip firewall filter
add chain=input action=jump jump-target=virus comment=”Check for well-known \
viruses !!!” disabled=no
add chain=input action=jump jump-target=blocking in-interface=local \
comment=”Check for IP address allowed !!!” disabled=no
add chain=input action=drop connection-state=invalid comment=”Drop invalid \
connections” disabled=no
add chain=input action=accept connection-state=established comment=”Allow \
esatblished connections” disabled=no
add chain=input action=accept connection-state=related comment=”Allow related \
connections” disabled=no
add chain=input action=accept protocol=udp comment=”Allow UDP” disabled=no
add chain=input action=accept protocol=icmp comment=”Allow ICMP” disabled=no
add chain=input action=accept in-interface=local dst-port=3128 protocol=tcp \
comment=”Allow Acess Proxy” disabled=no
add chain=input action=accept in-interface=local comment=”Allow connection to \
router from local network” disabled=no
add chain=forward action=jump jump-target=virus comment=”Check for well-known \
viruses !!!” disabled=no
add chain=forward action=jump jump-target=blocking in-interface=local \
comment=”Check for IP address allowed !!!” disabled=no
add chain=forward action=jump jump-target=customer in-interface=public \
comment=”Security Customer” disabled=no
add chain=customer action=drop connection-state=invalid comment=”Drop invalid \
connection packets” disabled=no
add chain=customer action=accept connection-state=established comment=”Allow \
established connections” disabled=no
add chain=customer action=accept connection-state=related comment=”Allow \
related connections” disabled=no
add chain=customer action=accept protocol=udp comment=”Allow UDP connection” \
disabled=no
add chain=virus action=drop dst-port=69 protocol=tcp comment=”drop TFTP” \
disabled=no
add chain=virus action=drop dst-port=69 protocol=udp comment=”drop TFTP” \
disabled=no
add chain=virus action=drop dst-port=111 protocol=tcp comment=”drop PRC \
portmapper” disabled=no
add chain=virus action=drop dst-port=111 protocol=udp comment=”drop PRC \
portmapper” disabled=no
add chain=virus action=drop dst-port=135-139 protocol=tcp comment=”Drop \
Blaster Worm” disabled=no
add chain=virus action=drop dst-port=135-139 protocol=udp comment=”Drop \
Blaster Worm” disabled=no
add chain=virus action=drop dst-port=445 protocol=udp comment=”Drop Blaster \
Worm” disabled=no
add chain=virus action=drop dst-port=445 protocol=tcp comment=”Drop Blaster \
Worm” disabled=no
add chain=virus action=drop dst-port=593 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=1024-1030 protocol=tcp comment=”” \
disabled=no
add chain=virus action=drop dst-port=1080 protocol=tcp comment=”Drop MyDoom” \
disabled=no
add chain=virus action=drop dst-port=1214 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=1363 protocol=tcp comment=”ndm requester” \
disabled=no
add chain=virus action=drop dst-port=1364 protocol=tcp comment=”ndm server” \
disabled=no
add chain=virus action=drop dst-port=1368 protocol=tcp comment=”screen cast” \
disabled=no
add chain=virus action=drop dst-port=1373 protocol=tcp comment=”hromgrafx” \
disabled=no
add chain=virus action=drop dst-port=1377 protocol=tcp comment=”cichlid” \
disabled=no
add chain=virus action=drop dst-port=1433-1434 protocol=tcp comment=”worm” \
disabled=no
add chain=virus action=drop dst-port=2745 protocol=tcp comment=”Bagle Virus” \
disabled=no
add chain=virus action=drop dst-port=2283 protocol=tcp comment=”Drop Dumaru.Y” \
disabled=no
add chain=virus action=drop dst-port=2535 protocol=tcp comment=”Drop Dumaru” \
disabled=no
add chain=virus action=drop dst-port=3127 protocol=tcp comment=”Drop MyDoom” \
disabled=no
add chain=virus action=drop dst-port=3410 protocol=tcp comment=”Drop Backdoor \
OptixPro” disabled=no
add chain=virus action=drop dst-port=4444 protocol=tcp comment=”Worm” \
disabled=no
add chain=virus action=drop dst-port=4444 protocol=udp comment=”Worm” \
disabled=no
add chain=virus action=drop dst-port=5554 protocol=tcp comment=”Drop Sasser” \
disabled=no
add chain=virus action=drop dst-port=8866 protocol=tcp comment=”Drop Beagle.B” \
disabled=no
add chain=virus action=drop dst-port=10000 protocol=tcp comment=”Drop \
Dumaru.Y” disabled=no
add chain=virus action=drop dst-port=10080 protocol=tcp comment=”Drop \
MyDoom.B” disabled=no
add chain=virus action=drop dst-port=12345 protocol=tcp comment=”Drop Netbus” \
disabled=no
add chain=virus action=drop dst-port=17300 protocol=tcp comment=”Drop Kuang2″ \
disabled=no
add chain=virus action=drop dst-port=27374 protocol=tcp comment=”Drop \
Subseven” disabled=no
add chain=virus action=drop dst-port=65506 protocol=tcp comment=”Drop Phatbot, \
Agobot, Gaobot” disabled=no
add chain=virus action=drop dst-port=7 protocol=tcp comment=”windows update” \
disabled=no
add chain=virus action=drop dst-port=9 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=11 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=19 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=109 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=110 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=119 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=513-514 protocol=tcp comment=”” \
disabled=no
add chain=virus action=drop dst-port=7 protocol=udp comment=”” disabled=no
add chain=virus action=drop dst-port=9 protocol=udp comment=”” disabled=no
add chain=virus action=drop dst-port=11 protocol=udp comment=”” disabled=no
add chain=virus action=drop dst-port=19 protocol=udp comment=”” disabled=no
add chain=virus action=drop dst-port=109 protocol=udp comment=”” disabled=no
add chain=virus action=drop dst-port=110 protocol=udp comment=”” disabled=no
add chain=virus action=drop dst-port=119 protocol=udp comment=”” disabled=no
add chain=virus action=drop dst-port=513-514 protocol=udp comment=”” \
disabled=no
add chain=virus action=drop dst-port=2323 protocol=tcp comment=”bad port” \
disabled=no
add chain=virus action=drop dst-port=4242 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=5555 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=6346 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=6347 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=1214 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=8888 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=11295 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=14753 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=7760 protocol=tcp comment=”” disabled=no
add chain=virus action=drop dst-port=7778 protocol=tcp comment=”” disabled=no
add chain=virus action=drop src-address=64.94.89.0/24 comment=”ip spam” \
disabled=no
add chain=virus action=drop src-address=61.77.78.0/24 comment=”” disabled=no
add chain=virus action=drop src-address=200.42.0.0/24 comment=”” disabled=no
add chain=virus action=drop src-address=66.70.14.0/24 comment=”” disabled=no
add chain=virus action=drop src-address=61.11.48.0/24 comment=”” disabled=no
add chain=virus action=drop src-address=64.80.217.0/24 comment=”” disabled=no
add chain=virus action=drop src-address=67.96.136.0/24 comment=”” disabled=no
add chain=virus action=drop src-address=209.63.68.0/24 comment=”” disabled=no
add chain=virus action=drop src-address=66.35.247.0/24 comment=”” disabled=no
add chain=virus action=drop src-address=66.35.229.0/24 comment=”” disabled=no
add chain=virus action=drop src-address=202.108.44.0/24 comment=”” disabled=no
add chain=virus action=drop src-address=62.253.164.0/24 comment=”” disabled=no
add chain=virus action=drop src-address=193.252.19.0/24 comment=”” disabled=no
add chain=virus action=drop src-address=209.125.37.0/24 comment=”” disabled=no
add chain=virus action=drop src-address=155.247.210.0/24 comment=”” \
disabled=no
add chain=virus action=drop src-address=164.109.168.0/24 comment=”” \
disabled=no
add chain=virus action=drop src-address=207.134.171.0/24 comment=”” \
disabled=no
add chain=virus action=drop src-address=216.191.203.0/24 comment=”” \
disabled=no
add chain=virus action=drop src-address=193.110.136.0/24 comment=”” \
disabled=no
add chain=virus action=drop src-address=65.57.163.0/25 comment=”” disabled=no
add chain=virus action=drop src-address=200.59.91.10 comment=”” disabled=no
add chain=virus action=drop src-address=216.251.43.11 comment=”” disabled=no
add chain=virus action=drop src-address=195.225.177.27 comment=”” disabled=no
add chain=virus action=drop src-address=200.163.190.151 comment=”” disabled=no
add chain=virus action=drop src-address=0.0.0.0/8 comment=”ip bogons” \
disabled=no
add chain=virus action=drop dst-address=0.0.0.0/8 comment=”” disabled=no
add chain=virus action=drop src-address=127.0.0.0/8 comment=”” disabled=no
add chain=virus action=drop dst-address=127.0.0.0/8 comment=”” disabled=no
add chain=virus action=drop src-address=172.16.0.0/12 comment=”” disabled=no
add chain=virus action=drop dst-address=172.16.0.0/12 comment=”” disabled=no
add chain=virus action=drop src-address=224.0.0.0/3 comment=”” disabled=no
add chain=virus action=drop dst-address=224.0.0.0/3 comment=”” disabled=no
add chain=virus action=drop dst-port=67-68 protocol=tcp comment=”drop DHCP” \
disabled=no
add chain=virus action=drop dst-port=2049 protocol=tcp comment=”drop NFS” \
disabled=no
add chain=virus action=drop dst-port=12345-12346 protocol=tcp comment=”drop \
NetBus” disabled=no
add chain=virus action=drop dst-port=20034 protocol=tcp comment=”drop NetBus” \
disabled=no
add chain=virus action=drop dst-port=3133 protocol=tcp comment=”drop \
BackOffice” disabled=no
add chain=virus action=drop dst-port=2049 protocol=udp comment=”drop NFS” \
disabled=no
add chain=virus action=drop dst-port=3133 protocol=udp comment=”drop \
BackOffice” disabled=no
Leave a comment