info_dlsong
January 26th, 2011, 16:06
با عرض سلام خدمت دوستان
برای جلوگیری از ارسال اسپم توسط کاربران من پورت های زیادی رو با دستورات زیر میبندم - آیا این روش کامل هست یا کار های دیگه ای هم باید انجام داد؟
/ip firewall filter
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=25
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=25
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=587
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=587
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=445
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=445
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=110
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=110
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=135
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=135
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=993
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=993
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=994
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=994
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=995
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=995
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=143
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=143
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=220
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=220
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=585
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=585
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=2390
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=2390
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=24
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=24
---------- Post added at 04:06 PM ---------- Previous post was at 03:53 PM ----------
البته ببخشید یه مقدار پورت های اضافی هم مخلوط شده
در هر حال ممنون میشم دوستان کامل توضیح بدن
برای جلوگیری از ارسال اسپم توسط کاربران من پورت های زیادی رو با دستورات زیر میبندم - آیا این روش کامل هست یا کار های دیگه ای هم باید انجام داد؟
/ip firewall filter
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=25
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=25
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=587
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=587
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=445
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=445
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=110
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=110
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=135
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=135
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=993
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=993
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=994
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=994
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=995
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=995
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=143
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=143
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=220
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=220
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=585
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=585
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=2390
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=2390
add chain=forward disabled=no action=drop in-interface=ether1 protocol=tcp dst-port=24
add chain=forward disabled=no action=drop in-interface=ether1 protocol=udp dst-port=24
---------- Post added at 04:06 PM ---------- Previous post was at 03:53 PM ----------
البته ببخشید یه مقدار پورت های اضافی هم مخلوط شده
در هر حال ممنون میشم دوستان کامل توضیح بدن