astro.alireza
July 21st, 2011, 11:16
سلام دوستان
من برای اعمال ***** روی ترافیک سرور به وسیله فایروال اقدام به جمع آوری لیستی از آی پی های مفید کردم که فکر نکنم باز گذاشتنشون مشکلی داشته باشه.
من این لیست رو از سایت ویکی پدیا (لینک زیر) استخراج کردم که به نظر کامل می یاد (اما پورت ریموت دسکتاپ ویندوز توش نبود!)
List of TCP and UDP port numbers - Wikipedia, the free encyclopedia (http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers)
لیستی که من استخراج کردم اینه:
Port Protoc Description
20 TCP FTP—data transfer
21 TCP FTP—control (command)
22 TCP UDP Secure Shell (SSH)—used for secure logins, fil
23 TCP Telnet protocol—unencrypted text communication
80 TCP UDP Hypertext Transfer Protocol (HTTP)
115 TCP Simple File Transfer Protocol (SFTP)
194 TCP UDP Internet Relay Chat (IRC)
443 TCP HTTPS (Hypertext Transfer Protocol over SSL/TL
531 TCP UDP AOL Instant Messenger, IRC
989 TCP UDP FTPS Protocol (data): FTP over TLS/SSL
990 TCP UDP FTPS Protocol (control): FTP over TLS/SSL
1194 TCP UDP Open***
1293 TCP UDP IPSec (Internet Protocol Security)
1503 TCP UDP Windows Live Messenger (Whiteboard and Applica
1645 TCP UDP radius auth, RADIUS authentication protocol (d
1646 TCP UDP radius acct, RADIUS authentication protocol (d
1701 UDP Layer 2 Forwarding Protocol (L2F) & Layer 2 Tu
1707 TCP Romtoc Packet Protocol (L2F) & Layer 2 Tunneli
1812 TCP UDP radius, RADIUS authentication protocol
1813 TCP UDP radacct, RADIUS accounting protocol
2082 TCP CPanel default
2083 TCP Secure Radius Service (radsec)
2083 TCP CPanel default SSL
2086 TCP WebHost Manager default
2087 TCP WebHost Manager default SSL
2095 TCP CPanel default Web mail
2096 TCP CPanel default SSL Web mail
2222 TCP DirectAdmin default & ESET Remote Administrati
3389 TCP Remote Desktop
3723 TCP UDP Used by many Battle.net Blizzard games (Diablo
3724 UDP World of Warcraft Online gaming MMORPG
3724 TCP World of Warcraft Online gaming MMORPG
3724 TCP Club Penguin Disney online game for kids
3978 TCP UDP OpenTTD game (masterserver and content service
3979 TCP UDP OpenTTD game
4000 TCP UDP Diablo II game
4001 TCP Microsoft Ants game
4500 UDP IPSec NAT Traversal (RFC 3947)
4664 TCP Google Desktop Search
4711 TCP McAfee Web Gateway 7 - Default GUI Port HTTP
4712 TCP McAfee Web Gateway 7 - Default GUI Port HTTPS
5000 TCP VTun—*** Software
5050 TCP Yahoo! Messenger
5190 TCP ICQ and AOL Instant Messenger
5500 TCP VNC remote desktop protocol—for incoming liste
5517 TCP Setiqueue ***** server client for SETI@Home pr
5800 TCP VNC remote desktop protocol—for use over HTTP
5900 TCP UDP Virtual Network Computing (VNC) remote desktop
5938 TCP UDP TeamViewer[58] remote desktop protocol
6112 TCP Warcraft III
6571 Windows Live FolderShare client
6891–690 TCP UDP Windows Live Messenger (File transfer)
6901 TCP UDP Windows Live Messenger (Voice)
8008 TCP HTTP Alternate
8080 TCP HTTP alternate (http_alt)—commonly used for We
8086 TCP HELM Web Host Automation Windows Control Panel
8086 TCP Kaspersky AV Control Center
8087 TCP Hosting Accelerator Control Panel
8087 TCP Parallels Plesk Control Panel
8087 UDP Kaspersky AV Control Center
8090 TCP HTTP Alternate (http_alt_alt)—used as an alter
8291 TCP Winbox—Default on a MikroTik RouterOS for a Wi
8880 TCP Win Media Streamer to Server SOAP connector de
8887 TCP HyperVM HTTP
8888 TCP HyperVM HTTPS
9030 TCP Tor often used
9050 TCP Tor
9051 TCP Tor
10000 Webmin—Web-based Linux admin tool
19294 TCP Google Talk Voice and Video connections [80]
19295 UDP Google Talk Voice and Video connections [80]
19302 UDP Google Talk Voice and Video connections [80]
28960 UDP Call of Duty; Call of Duty: United Offensive;
سلام دوستان
من برای اعمال ***** روی ترافیک سرور به وسیله فایروال اقدام به جمع آوری لیستی از آی پی های مفید کردم که فکر نکنم باز گذاشتنشون مشکلی داشته باشه.
من این لیست رو از سایت ویکی پدیا (لینک زیر) استخراج کردم که به نظر کامل می یاد (اما پورت ریموت دسکتاپ ویندوز توش نبود!)
List of TCP and UDP port numbers - Wikipedia, the free encyclopedia (http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers)
دوستان لطف کنند به اون لینک سر بزنن و نظر خودشون رو اعلام کنند و اگه پورتی از قلم افتاده ذکر کنند.
من با یه رول کل ترافیک رو drop کردم بعد کل پورتهای بالا در جهت src و dst روی tcp رو accept کردم. تنها مشکلی که اینجا هست اینه که همه پورت های udp هم drop شدن. البته من به پورت 53 udp که مربوط به dns هست accept دادم اما در مورد بقیه نظری ندارم. اگه می شه راهنمایی کنید
برای دوستانی که از میکروتیک استفاده می کنند قوانین فایروال رو نوشتم. کافیه توی ترمینال paste کنن.
دوستان لطفا نظرشون رو در مورد قوانین زیر اعلام کنند
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=20
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=21
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=22
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=23
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=80
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=115
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=194
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=443
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=531
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=989
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=990
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1194
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1293
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1503
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1645
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1646
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1701
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1707
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1812
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1813
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=2082
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=2083
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=2083
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=2086
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=2087
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=2095
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=2096
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=2222
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=3389
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=3723
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=3724
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=3724
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=3724
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=3978
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=3979
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=4000
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=4001
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=4500
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=4664
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=4711
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=4712
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=5000
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=5050
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=5190
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=5500
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=5517
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=5800
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=5900
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=5938
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=6112
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=6571
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=6891-6900
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=6901
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8008
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8080
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8086
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8086
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8087
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8087
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8087
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8090
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8291
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8880
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8887
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8888
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=9030
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=9050
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=9051
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=10000
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=19294
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=19295
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=19302
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=28960
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=udp port=53
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=icmp
ip firewall filter add chain=forward disabled=no action=drop in-interface=ether1
ip firewall filter add action=drop chain=forward disabled=no in-interface=ether1 p2p=all-p2p
من برای اعمال ***** روی ترافیک سرور به وسیله فایروال اقدام به جمع آوری لیستی از آی پی های مفید کردم که فکر نکنم باز گذاشتنشون مشکلی داشته باشه.
من این لیست رو از سایت ویکی پدیا (لینک زیر) استخراج کردم که به نظر کامل می یاد (اما پورت ریموت دسکتاپ ویندوز توش نبود!)
List of TCP and UDP port numbers - Wikipedia, the free encyclopedia (http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers)
لیستی که من استخراج کردم اینه:
Port Protoc Description
20 TCP FTP—data transfer
21 TCP FTP—control (command)
22 TCP UDP Secure Shell (SSH)—used for secure logins, fil
23 TCP Telnet protocol—unencrypted text communication
80 TCP UDP Hypertext Transfer Protocol (HTTP)
115 TCP Simple File Transfer Protocol (SFTP)
194 TCP UDP Internet Relay Chat (IRC)
443 TCP HTTPS (Hypertext Transfer Protocol over SSL/TL
531 TCP UDP AOL Instant Messenger, IRC
989 TCP UDP FTPS Protocol (data): FTP over TLS/SSL
990 TCP UDP FTPS Protocol (control): FTP over TLS/SSL
1194 TCP UDP Open***
1293 TCP UDP IPSec (Internet Protocol Security)
1503 TCP UDP Windows Live Messenger (Whiteboard and Applica
1645 TCP UDP radius auth, RADIUS authentication protocol (d
1646 TCP UDP radius acct, RADIUS authentication protocol (d
1701 UDP Layer 2 Forwarding Protocol (L2F) & Layer 2 Tu
1707 TCP Romtoc Packet Protocol (L2F) & Layer 2 Tunneli
1812 TCP UDP radius, RADIUS authentication protocol
1813 TCP UDP radacct, RADIUS accounting protocol
2082 TCP CPanel default
2083 TCP Secure Radius Service (radsec)
2083 TCP CPanel default SSL
2086 TCP WebHost Manager default
2087 TCP WebHost Manager default SSL
2095 TCP CPanel default Web mail
2096 TCP CPanel default SSL Web mail
2222 TCP DirectAdmin default & ESET Remote Administrati
3389 TCP Remote Desktop
3723 TCP UDP Used by many Battle.net Blizzard games (Diablo
3724 UDP World of Warcraft Online gaming MMORPG
3724 TCP World of Warcraft Online gaming MMORPG
3724 TCP Club Penguin Disney online game for kids
3978 TCP UDP OpenTTD game (masterserver and content service
3979 TCP UDP OpenTTD game
4000 TCP UDP Diablo II game
4001 TCP Microsoft Ants game
4500 UDP IPSec NAT Traversal (RFC 3947)
4664 TCP Google Desktop Search
4711 TCP McAfee Web Gateway 7 - Default GUI Port HTTP
4712 TCP McAfee Web Gateway 7 - Default GUI Port HTTPS
5000 TCP VTun—*** Software
5050 TCP Yahoo! Messenger
5190 TCP ICQ and AOL Instant Messenger
5500 TCP VNC remote desktop protocol—for incoming liste
5517 TCP Setiqueue ***** server client for SETI@Home pr
5800 TCP VNC remote desktop protocol—for use over HTTP
5900 TCP UDP Virtual Network Computing (VNC) remote desktop
5938 TCP UDP TeamViewer[58] remote desktop protocol
6112 TCP Warcraft III
6571 Windows Live FolderShare client
6891–690 TCP UDP Windows Live Messenger (File transfer)
6901 TCP UDP Windows Live Messenger (Voice)
8008 TCP HTTP Alternate
8080 TCP HTTP alternate (http_alt)—commonly used for We
8086 TCP HELM Web Host Automation Windows Control Panel
8086 TCP Kaspersky AV Control Center
8087 TCP Hosting Accelerator Control Panel
8087 TCP Parallels Plesk Control Panel
8087 UDP Kaspersky AV Control Center
8090 TCP HTTP Alternate (http_alt_alt)—used as an alter
8291 TCP Winbox—Default on a MikroTik RouterOS for a Wi
8880 TCP Win Media Streamer to Server SOAP connector de
8887 TCP HyperVM HTTP
8888 TCP HyperVM HTTPS
9030 TCP Tor often used
9050 TCP Tor
9051 TCP Tor
10000 Webmin—Web-based Linux admin tool
19294 TCP Google Talk Voice and Video connections [80]
19295 UDP Google Talk Voice and Video connections [80]
19302 UDP Google Talk Voice and Video connections [80]
28960 UDP Call of Duty; Call of Duty: United Offensive;
سلام دوستان
من برای اعمال ***** روی ترافیک سرور به وسیله فایروال اقدام به جمع آوری لیستی از آی پی های مفید کردم که فکر نکنم باز گذاشتنشون مشکلی داشته باشه.
من این لیست رو از سایت ویکی پدیا (لینک زیر) استخراج کردم که به نظر کامل می یاد (اما پورت ریموت دسکتاپ ویندوز توش نبود!)
List of TCP and UDP port numbers - Wikipedia, the free encyclopedia (http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers)
دوستان لطف کنند به اون لینک سر بزنن و نظر خودشون رو اعلام کنند و اگه پورتی از قلم افتاده ذکر کنند.
من با یه رول کل ترافیک رو drop کردم بعد کل پورتهای بالا در جهت src و dst روی tcp رو accept کردم. تنها مشکلی که اینجا هست اینه که همه پورت های udp هم drop شدن. البته من به پورت 53 udp که مربوط به dns هست accept دادم اما در مورد بقیه نظری ندارم. اگه می شه راهنمایی کنید
برای دوستانی که از میکروتیک استفاده می کنند قوانین فایروال رو نوشتم. کافیه توی ترمینال paste کنن.
دوستان لطفا نظرشون رو در مورد قوانین زیر اعلام کنند
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=20
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=21
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=22
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=23
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=80
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=115
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=194
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=443
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=531
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=989
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=990
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1194
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1293
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1503
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1645
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1646
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1701
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1707
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1812
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=1813
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=2082
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=2083
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=2083
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=2086
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=2087
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=2095
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=2096
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=2222
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=3389
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=3723
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=3724
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=3724
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=3724
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=3978
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=3979
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=4000
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=4001
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=4500
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=4664
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=4711
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=4712
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=5000
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=5050
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=5190
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=5500
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=5517
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=5800
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=5900
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=5938
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=6112
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=6571
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=6891-6900
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=6901
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8008
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8080
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8086
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8086
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8087
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8087
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8087
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8090
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8291
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8880
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8887
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=8888
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=9030
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=9050
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=9051
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=10000
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=19294
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=19295
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=19302
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=tcp port=28960
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=udp port=53
ip firewall filter add chain=forward disabled=no action=accept in-interface=ether1 protocol=icmp
ip firewall filter add chain=forward disabled=no action=drop in-interface=ether1
ip firewall filter add action=drop chain=forward disabled=no in-interface=ether1 p2p=all-p2p