進行PORT掃描的IP自動加入黑名單
發表於 : 2012-01-02 21:39:08
http://www.mobile01.com/topicdetail.php ... 7&r=10&p=3
代碼: 選擇全部
/ip firewall filter
#將"drop_scan_ip"名單內的IP 拒絕訪問
add action=drop chain=input comment=drop_scan_ip disabled=no src-address-list=drop_scan_ip
#對進行PORT掃描的IP自動加入到"drop_scan_ip"這名單.
add action=add-src-to-address-list address-list=drop_scan_ip address-list-timeout=1d chain=input comment=ip_scan disabled=no protocol=tcp psd=21,3s,3,1