Filter Rule Mikrotik Mode Dasar

Setinggan ini adalah setinggan dasar mikrotik ane, semua dalam kondisi disable, silahkan aktifkan mana yang di perlukan boleh juga semua, cuma untuk menjaga latensi untuk koneksi icmp di disablekan saja

add chain=input protocol=tcp tcp-flags=syn,rst action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w comment=”” disabled=yes
add chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w comment=”” disabled=yes
add chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w comment=”” disabled=yes
add chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w comment=”” disabled=yes
add chain=input src-address-list=”port scanners” action=drop comment=”” disabled=yes
add chain=input protocol=tcp dst-port=21 src-address-list=ftp_blacklist action=drop comment=”Filter FTP to Box” disabled=yes
add chain=output protocol=tcp content=”530 Login incorrect” dst-limit=1/1m,9,dst-address/1m action=accept comment=”” disabled=yes
add chain=output protocol=tcp content=”530 Login incorrect” action=add-dst-to-address-list address-list=ftp_blacklist address-list-timeout=3h comment=”” disabled=yes
add chain=forward protocol=tcp action=jump jump-target=tcp comment=”Separate Protocol into Chains” disabled=yes
add chain=forward protocol=udp action=jump jump-target=udp comment=”” disabled=yes
add chain=forward protocol=icmp action=jump jump-target=icmp comment=”” disabled=yes
add chain=udp protocol=udp dst-port=69 action=drop comment=”Blocking UDP Packet” disabled=yes
add chain=udp protocol=udp dst-port=111 action=drop comment=”” disabled=yes
add chain=udp protocol=udp dst-port=135 action=drop comment=”” disabled=yes
add chain=udp protocol=udp dst-port=137-139 action=drop comment=”” disabled=yes
add chain=udp protocol=udp dst-port=2049 action=drop comment=”” disabled=yes
add chain=udp protocol=udp dst-port=3133 action=drop comment=”” disabled=yes
add chain=tcp protocol=tcp dst-port=69 action=drop comment=”Bloking TCP Packet” disabled=yes
add chain=tcp protocol=tcp dst-port=111 action=drop comment=”” disabled=yes
add chain=tcp protocol=tcp dst-port=119 action=drop comment=”” disabled=yes
add chain=tcp protocol=tcp dst-port=135 action=drop comment=”” disabled=yes
add chain=tcp protocol=tcp dst-port=137-139 action=drop comment=”” disabled=yes
add chain=tcp protocol=tcp dst-port=445 action=drop comment=”” disabled=yes
add chain=tcp protocol=tcp dst-port=2049 action=drop comment=”” disabled=yes
add chain=tcp protocol=tcp dst-port=12345-12346 action=drop comment=”” disabled=yes
add chain=tcp protocol=tcp dst-port=20034 action=drop comment=”” disabled=yes
add chain=tcp protocol=tcp dst-port=3133 action=drop comment=”” disabled=yes
add chain=tcp protocol=tcp dst-port=67-68 action=drop comment=”” disabled=yes
add chain=icmp protocol=icmp icmp-options=0:0-255 limit=5,5 action=accept comment=”Limited Ping Flood” disabled=yes
add chain=icmp protocol=icmp icmp-options=3:3 limit=5,5 action=accept comment=”” disabled=yes
add chain=icmp protocol=icmp icmp-options=3:4 limit=5,5 action=accept comment=”” disabled=yes
add chain=icmp protocol=icmp icmp-options=8:0-255 limit=5,5 action=accept comment=”” disabled=yes
add chain=icmp protocol=icmp icmp-options=11:0-255 limit=5,5 action=accept comment=”” disabled=yes
add chain=icmp protocol=icmp action=drop comment=”” disabled=yes
add chain=input dst-address-type=broadcast action=accept comment=”Allow Broadcast Traffic” disabled=yes
add chain=input connection-state=established action=accept comment=”Connection State” disabled=yes
add chain=input connection-state=related action=accept comment=”” disabled=yes
add chain=input connection-state=invalid action=drop comment=”” disabled=yes

One Comment

Add a Comment

Alamat email Anda tidak akan dipublikasikan. Ruas yang wajib ditandai *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Open chat