====== fail2ban для Mikrotik ====== Взято отсюда: http://wiki.mikrotik.com/wiki/Bruteforce_login_prevention_(FTP_%26_SSH) /ip firewall filter add chain=input protocol=tcp dst-port=8291,22 src-address-list=ssh_blacklist \ action=drop comment="drop ssh brute forcers" add chain=input protocol=tcp dst-port=8291,22 connection-state=new src-address-list=ssh_stage4 \ action=add-src-to-address-list address-list=ssh_blacklist address-list-timeout=1h add chain=input protocol=tcp dst-port=8291,22 connection-state=new src-address-list=ssh_stage3 \ action=add-src-to-address-list address-list=ssh_stage4 address-list-timeout=1m add chain=input protocol=tcp dst-port=8291,22 connection-state=new src-address-list=ssh_stage2 \ action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m add chain=input protocol=tcp dst-port=8291,22 connection-state=new src-address-list=ssh_stage1 \ action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m add chain=input protocol=tcp dst-port=8291,22 connection-state=new \ action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout=1m Динамически банит IP на 1 час после 4 неудачных попыток входа в течении минуты по Winbox или SSH