1 頁 (共 1 頁)

進行PORT掃描的IP自動加入黑名單

發表於 : 2012-01-02 21:39:08
yehlu
http://www.mobile01.com/topicdetail.php ... 7&r=10&p=3

代碼: 選擇全部

/ip firewall filter

#將"drop_scan_ip"名單內的IP 拒絕訪問
add action=drop chain=input comment=drop_scan_ip disabled=no src-address-list=drop_scan_ip

#對進行PORT掃描的IP自動加入到"drop_scan_ip"這名單.
add action=add-src-to-address-list address-list=drop_scan_ip address-list-timeout=1d chain=input comment=ip_scan disabled=no protocol=tcp psd=21,3s,3,1