mikrotik:rdp-prtct
Различия
Показаны различия между двумя версиями страницы.
— | mikrotik:rdp-prtct [2024/05/02 13:20] (текущий) – создано - внешнее изменение 127.0.0.1 | ||
---|---|---|---|
Строка 1: | Строка 1: | ||
+ | ====== Некоторая защита RDP внутри сети ====== | ||
+ | <code bash> | ||
+ | /ip firewall mangle | ||
+ | |||
+ | add action=add-src-to-address-list address-list=rdp_drop address-list-timeout=30m chain=forward comment=rdp_drop connection-state=\ | ||
+ | new dst-port=3389 protocol=tcp src-address-list=rdp_stage5 | ||
+ | |||
+ | add action=add-src-to-address-list address-list=rdp_stage5 address-list-timeout=30s chain=forward comment=rdp_stage5 \ | ||
+ | connection-state=new dst-port=3389 protocol=tcp src-address-list=rdp_stage4 | ||
+ | |||
+ | add action=add-src-to-address-list address-list=rdp_stage4 address-list-timeout=30s chain=forward comment=rdp_stage4 \ | ||
+ | connection-state=new dst-port=3389 protocol=tcp src-address-list=rdp_stage3 | ||
+ | |||
+ | add action=add-src-to-address-list address-list=rdp_stage3 address-list-timeout=30s chain=forward comment=rdp_stage3 \ | ||
+ | connection-state=new dst-port=3389 protocol=tcp src-address-list=rdp_stage2 | ||
+ | |||
+ | add action=add-src-to-address-list address-list=rdp_stage2 address-list-timeout=30s chain=forward comment=rdp_stage2 \ | ||
+ | connection-state=new dst-port=3389 protocol=tcp src-address-list=rdp_stage1 | ||
+ | |||
+ | add action=add-src-to-address-list address-list=rdp_stage1 address-list-timeout=1m chain=forward comment=rdp_stage1 \ | ||
+ | connection-state=new dst-port=3389 log-prefix=MANGLE protocol=tcp | ||
+ | |||
+ | </ | ||
+ | |||
+ | <code bash> | ||
+ | /ip firewall raw | ||
+ | |||
+ | add action=drop chain=prerouting comment="// | ||
+ | </ |
mikrotik/rdp-prtct.txt · Последнее изменение: 2024/05/02 13:20 — 127.0.0.1