我设置的IP过滤规则 for MT800
create ipf rule entry ruleid 500 dir in act accept transprot eq num 1 icmptype eq num 0 log enable seclevelmedium logtag "ping"create ipf rule entry ruleid 502 dir in act accept transprot eq num 1 icmptype eq num 11 seclevelmedium
create ipf rule entry ruleid 504 dir in act accept transprot eq num 1 icmptype eq num 3 seclevelmedium
create ipf rule entry ruleid 506 ifname private dir in act accept transprot eq num 1 icmptype eq num 8 seclevelmedium
create ipf rule entry ruleid 508 ifname public dir in transprot eq num 1 icmptype eq num 8 seclevelmedium blistprotect enable
create ipf rule entry ruleid 600 ifname public dir in transprot eq num 1 seclevelmedium blistprotect enable logtag "ICMP hack"
create ipf rule entry ruleid 700 ifname public dir out act accept transprot eq num 6 destport eq num 80 seclevelmedium logtag "WEB 80"
create ipf rule entry ruleid 702 ifname public dir out act accept transprot eq num 6 destport eq num 443 seclevelmedium logtag "web 443"
create ipf rule entry ruleid 704 ifname public dir out act accept transprot eq num 6 destport eq num 110 seclevelmedium logtag "POP"
create ipf rule entry ruleid 706 ifname public dir out act accept transprot eq num 6 destport eq num 1995 seclevelmedium logtag "POP SSL"
create ipf rule entry ruleid 708 ifname public dir out act accept transprot eq num 6 destport eq num 995 seclevelmedium logtag "POP SSL"
create ipf rule entry ruleid 710 ifname public dir out act accept transprot eq num 6 destport eq num 465 seclevelmedium logtag "SMTP SSL465"
create ipf rule entry ruleid 712 ifname public dir out act accept transprot eq num 6 destport eq num 25 seclevelmedium logtag "SMTP25"
create ipf rule entry ruleid 714 ifname public dir out act accept transprot eq num 6 destport eq num 21 seclevelmedium logtag "FTP"
create ipf rule entry ruleid 716 ifname public dir in act accept transprot eq num 6 destport eq num 21 seclevelmedium logtag "ftp in"
create ipf rule entry ruleid 718 ifname public dir out act accept transprot eq num 6 srcport eq num 21 seclevelmedium logtag "ftp out"
create ipf rule entry ruleid 720 ifname public dir out act accept transprot eq num 6 destport eq num 7708 seclevelmedium logtag "shares1"
create ipf rule entry ruleid 722 ifname public dir out act accept transprot eq num 6 destport eq num 7709 seclevelmedium logtag "shares2"
create ipf rule entry ruleid 724 ifname public dir out act accept transprot eq num 6 destport eq num 8601 seclevelmedium logtag "shares3"
create ipf rule entry ruleid 780 dir out destaddr eq 219.133.60.243 seclevelmedium logtag "QQ backdoor"
create ipf rule entry ruleid 790 dir out transprot eq num 6 destport range 3075 3078 seclevelmedium logtag "Deny Thunder"
create ipf rule entry ruleid 800 ifname public dir out transprot eq num 6 seclevelmedium logtag "Deny TCP"
create ipf rule entry ruleid 810 ifname public dir out act accept transprot eq num 17 destport eq num 53 seclevelmedium logtag "DNS53"
create ipf rule entry ruleid 880 dir out transprot eq num 17 destport range 13000 14000 seclevelmedium logtag "QQ Live"
create ipf rule entry ruleid 900 ifname public dir out transprot eq num 17 seclevelmedium logtag "Deny UDP"
我设置的IP过滤规则 for MT800
大家帮忙看看有无问题?设置后能稳定运行(接12台电脑),而且速度还可以
这条规则是防止QQ做坏事的,因为QQ会分析你是否访问敏感话题,
是的话就连去服务器,然后就……
219.133.60.243 seclevelmedium logtag "QQ backdoor"
我可不想替人受罪,干脆屏蔽,如果还有其它IP地址的话,请告知。
谢谢
我设置的IP过滤规则 for MT800
楼主真行,向你学习啊!
页:
[1]