sukriborneo

drop-icmp-attack

Apr 30th, 2018
99
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. /ip firewall address-list
  2. add list="private-lokal" address=0.0.0.0/8
  3. add list="private-lokal" address=10.0.0.0/8
  4. add list="private-lokal" address=100.64.0.0/10
  5. add list="private-lokal" address=127.0.0.0/8
  6. add list="private-lokal" address=169.254.0.0/16
  7. add list="private-lokal" address=172.16.0.0/12
  8. add list="private-lokal" address=192.0.0.0/24
  9. add list="private-lokal" address=192.0.2.0/24
  10. add list="private-lokal" address=192.168.0.0/16
  11. add list="private-lokal" address=198.18.0.0/15
  12. add list="private-lokal" address=198.51.100.0/24
  13. add list="private-lokal" address=203.0.113.0/24
  14. add list="private-lokal" address=224.0.0.0/3
  15.  
  16. /ip firewall filter
  17. add action=accept chain=input comment=in-to-in connection-rate=0-4k dst-address-list=private-lokal protocol=icmp src-address-list=private-lokal
  18. add action=accept chain=forward comment=in-to-in connection-rate=0-4k dst-address-list=private-lokal protocol=icmp src-address-list=private-lokal
  19. add action=accept chain=output comment=in-to-in connection-rate=0-4k dst-address-list=private-lokal protocol=icmp src-address-list=private-lokal
  20. add action=accept chain=input comment=in-to-out connection-rate=0-4k protocol=icmp src-address-list=!private-lokal
  21. add action=accept chain=input comment=in-to-out connection-rate=0-4k dst-address-list=!private-lokal protocol=icmp
  22. add action=accept chain=forward comment=in-to-out connection-rate=0-4k protocol=icmp src-address-list=!private-lokal
  23. add action=accept chain=forward comment=in-to-out connection-rate=0-4k dst-address-list=!private-lokal protocol=icmp
  24. add action=accept chain=output comment=in-to-out connection-rate=0-4k protocol=icmp src-address-list=!private-lokal
  25. add action=accept chain=output comment=in-to-out connection-rate=0-4k dst-address-list=!private-lokal protocol=icmp
  26. add action=drop chain=input comment=in-to-in dst-address-list=private-lokal protocol=icmp src-address-list=private-lokal
  27. add action=drop chain=forward comment=in-to-in dst-address-list=private-lokal protocol=icmp src-address-list=private-lokal
  28. add action=drop chain=output comment=in-to-in dst-address-list=private-lokal protocol=icmp src-address-list=private-lokal
  29. add action=drop chain=input comment=in-to-out protocol=icmp src-address-list=!private-lokal
  30. add action=drop chain=input comment=in-to-out dst-address-list=!private-lokal protocol=icmp
  31. add action=drop chain=forward comment=in-to-out protocol=icmp src-address-list=!private-lokal
  32. add action=drop chain=forward comment=in-to-out dst-address-list=!private-lokal protocol=icmp
  33. add action=drop chain=output comment=in-to-out protocol=icmp src-address-list=!private-lokal
  34. add action=drop chain=output comment=in-to-out dst-address-list=!private-lokal protocol=icmp
Add Comment
Please, Sign In to add comment