Инструменты пользователя
mikrotik:rdp-prtct
Различия
Показаны различия между двумя версиями страницы.
| Предыдущая версия справа и слева Предыдущая версия | |||
|
mikrotik:rdp-prtct [2022/12/25 17:21] Alexey Leonchik |
mikrotik:rdp-prtct [2022/12/25 17:23] (текущий) Alexey Leonchik |
||
|---|---|---|---|
| Строка 2: | Строка 2: | ||
| <code bash> | <code bash> | ||
| - | [admin@kost] > /ip firewall mangle export | ||
| - | # dec/25/2022 16:21:03 by RouterOS 6.45.8 | ||
| - | # software id = TYR5-29EM | ||
| - | # | ||
| - | # model = RBD52G-5HacD2HnD | ||
| - | # serial number = B4A00C118CC1 | ||
| /ip firewall mangle | /ip firewall mangle | ||
| + | |||
| add action=add-src-to-address-list address-list=rdp_drop address-list-timeout=30m chain=forward comment=rdp_drop connection-state=\ | add action=add-src-to-address-list address-list=rdp_drop address-list-timeout=30m chain=forward comment=rdp_drop connection-state=\ | ||
| new dst-port=3389 protocol=tcp src-address-list=rdp_stage5 | new dst-port=3389 protocol=tcp src-address-list=rdp_stage5 | ||
| + | |||
| add action=add-src-to-address-list address-list=rdp_stage5 address-list-timeout=30s chain=forward comment=rdp_stage5 \ | add action=add-src-to-address-list address-list=rdp_stage5 address-list-timeout=30s chain=forward comment=rdp_stage5 \ | ||
| connection-state=new dst-port=3389 protocol=tcp src-address-list=rdp_stage4 | connection-state=new dst-port=3389 protocol=tcp src-address-list=rdp_stage4 | ||
| + | |||
| add action=add-src-to-address-list address-list=rdp_stage4 address-list-timeout=30s chain=forward comment=rdp_stage4 \ | add action=add-src-to-address-list address-list=rdp_stage4 address-list-timeout=30s chain=forward comment=rdp_stage4 \ | ||
| connection-state=new dst-port=3389 protocol=tcp src-address-list=rdp_stage3 | connection-state=new dst-port=3389 protocol=tcp src-address-list=rdp_stage3 | ||
| + | |||
| add action=add-src-to-address-list address-list=rdp_stage3 address-list-timeout=30s chain=forward comment=rdp_stage3 \ | add action=add-src-to-address-list address-list=rdp_stage3 address-list-timeout=30s chain=forward comment=rdp_stage3 \ | ||
| connection-state=new dst-port=3389 protocol=tcp src-address-list=rdp_stage2 | connection-state=new dst-port=3389 protocol=tcp src-address-list=rdp_stage2 | ||
| + | |||
| add action=add-src-to-address-list address-list=rdp_stage2 address-list-timeout=30s chain=forward comment=rdp_stage2 \ | add action=add-src-to-address-list address-list=rdp_stage2 address-list-timeout=30s chain=forward comment=rdp_stage2 \ | ||
| connection-state=new dst-port=3389 protocol=tcp src-address-list=rdp_stage1 | connection-state=new dst-port=3389 protocol=tcp src-address-list=rdp_stage1 | ||
| + | |||
| add action=add-src-to-address-list address-list=rdp_stage1 address-list-timeout=1m chain=forward comment=rdp_stage1 \ | add action=add-src-to-address-list address-list=rdp_stage1 address-list-timeout=1m chain=forward comment=rdp_stage1 \ | ||
| connection-state=new dst-port=3389 log-prefix=MANGLE protocol=tcp | connection-state=new dst-port=3389 log-prefix=MANGLE protocol=tcp | ||
| Строка 24: | Строка 24: | ||
| </ | </ | ||
| - | < | + | < |
| /ip firewall raw | /ip firewall raw | ||
| add action=drop chain=prerouting comment="// | add action=drop chain=prerouting comment="// | ||
| </ | </ | ||
mikrotik/rdp-prtct.txt · Последнее изменение: 2022/12/25 17:23 — Alexey Leonchik
Инструменты страницы
Если не указано иное, содержимое этой вики предоставляется на условиях следующей лицензии: Public Domain
