SlideShare a Scribd company logo

Reglas de Firewall.docx

Download as DOCX, PDF
R
RuahTelematicsTechno

redes

Internet
1 of 1
Reglas de Firewall: /ip firewall filter add action=add-src-to-address-list address-list=Block- DDoS address-list-timeout=none-dynamic chain=input comment=" Block DDoS" connection- limit=32,32 disabled=yes protocol=tcp add action=tarpit chain=input connection-limit=10,32 protocol=tcp src-address-list=Block-DDoS comment="" disabled=yes add action=accept chain=input comment="Acceso winbox desde trunk" dst-port= 8291 disabled=yes protocol=tcp add action=drop chain=input dst-port=53 in-interface=ether4 log-prefix= DNS protocol=udp disabled=yes comment=" Bloquea consultas DNS desde Internet" add action=accept chain=input disabled=yes comment= " Permite sesiones TCP input establecidas" connection- state=established add action=accept chain=input comment= " Permite sesiones TCP input relacionadas" disabled=yes connection-state=related add action=accept chain=input comment=" Acceso al DHCP server" disabled=yes dst-port=67-68 log-prefix="DHCP REQUEST" protocol=udp add action=accept chain=input comment= " Permite utilizar el MK como DNS Server" disabled=yes dst-port=53 protocol=udp add action=drop chain=input comment=" No permite sesiones TCP input invalidas" connection-state=invalid log- prefix="DROP INPUT INVALIDAS" disabled=yes add action=drop chain=input comment=" DENIEGO TODO LO QUE ENTRE AL ROUTER Y NO ESTC9 EXPLICITAMENTE PERMITIDO" log-prefix="DROP INPUT" protocol=!icmp disabled=yes add action=accept chain=forward comment=" Permite sesiones TCP establecidas" connection-state=established disabled=yes add action=accept chain=forward comment=" Permite sesiones TCP relacionadas" connection-state=related disabled=yes add action=accept chain=forward comment=" Permite PING" log-prefix=PING protocol=icmp disabled=yes add action=accept chain=forward comment=" Permite HTTP" dst-port=80 protocol= tcp disabled=yes add action=accept chain=forward comment=" Permite 587 Secure Mail" dst-port=587 protocol=tcp disabled=yes add action=accept chain=forward comment=" Permite HTTPS" dst-port=443 protocol=tcp disabled=yes add action=accept chain=forward comment=" Permite FTP" dst- port=21 protocol= tcp disabled=yes add action=accept chain=forward comment=" Permite SSH" dst-port=22 protocol= tcp disabled=yes add action=accept chain=forward comment=" Permite SSH 1122" dst-port=1122 protocol=tcp disabled=yes add action=accept chain=forward comment=" Permite DNS" dst-port=53 protocol= udp disabled=yes add action=accept chain=forward comment=" Permite SMTP" dst-port=25 protocol= tcp disabled=yes add action=accept chain=forward comment=" Permite SMTP" dst-port=465 protocol= tcp disabled=yes add action=accept chain=forward comment=" Permite POP3" dst- port=110 protocol= tcp disabled=yes add action=accept chain=forward comment=" Permite POP3S" dst-port=995 protocol=tcp disabled=yes add action=accept chain=forward comment=" Permite IMAP" dst-port=143 protocol= tcp disabled=yes add action=accept chain=forward comment=" Permite IMAPS" dst-port=993 protocol=tcp disabled=yes add action=accept chain=forward comment=" Permite RDP" dst-port=3389 protocol= tcp disabled=yes add action=drop chain=forward comment=" DISABLED No permite sesiones TCP invalidas" connection-state=invalid disabled=yes log-prefix="DROP FORWARD INVALIDAS" add action=drop chain=forward comment=" DENIEGO TODO LO QUE ATRAVIESE EL ROUTER _Y NO ESTC9 EXPLICITAMENTE PERMITIDO" log=yes log- prefix="DROP FORWARD" disabled=yes

Recommended

Scrip firewall filter
Scrip firewall filterScrip firewall filter
Scrip firewall filterMarco Arias
 
Blokir port anti virus
Blokir port anti virusBlokir port anti virus
Blokir port anti virusDedy Zuhary
 
Firewall filters
Firewall filtersFirewall filters
Firewall filtersprivado
 
Ip firewall mangle
Ip firewall mangleIp firewall mangle
Ip firewall mangleMarco Arias
 
Setting mikrotik untuk game online campur browsing
Setting mikrotik untuk game online campur browsingSetting mikrotik untuk game online campur browsing
Setting mikrotik untuk game online campur browsingimanariepin24
 
Load balancing + squid
Load balancing + squidLoad balancing + squid
Load balancing + squidYan To
 
Top 10 F5 iRules to migrate to a modern load balancing platform
Top 10 F5 iRules to migrate to a modern load balancing platformTop 10 F5 iRules to migrate to a modern load balancing platform
Top 10 F5 iRules to migrate to a modern load balancing platformAvi Networks
 
TechTalkThursday 29.06.2017: Wie verhält sich DDoS in der Realität?
TechTalkThursday 29.06.2017: Wie verhält sich DDoS in der Realität?TechTalkThursday 29.06.2017: Wie verhält sich DDoS in der Realität?
TechTalkThursday 29.06.2017: Wie verhält sich DDoS in der Realität?nine
 

Recommended

Scrip firewall filter
Scrip firewall filterScrip firewall filter
Scrip firewall filterMarco Arias
 
Blokir port anti virus
Blokir port anti virusBlokir port anti virus
Blokir port anti virusDedy Zuhary
 
Firewall filters
Firewall filtersFirewall filters
Firewall filtersprivado
 
Ip firewall mangle
Ip firewall mangleIp firewall mangle
Ip firewall mangleMarco Arias
 
Setting mikrotik untuk game online campur browsing
Setting mikrotik untuk game online campur browsingSetting mikrotik untuk game online campur browsing
Setting mikrotik untuk game online campur browsingimanariepin24
 
Load balancing + squid
Load balancing + squidLoad balancing + squid
Load balancing + squidYan To
 
Top 10 F5 iRules to migrate to a modern load balancing platform
Top 10 F5 iRules to migrate to a modern load balancing platformTop 10 F5 iRules to migrate to a modern load balancing platform
Top 10 F5 iRules to migrate to a modern load balancing platformAvi Networks
 
TechTalkThursday 29.06.2017: Wie verhält sich DDoS in der Realität?
TechTalkThursday 29.06.2017: Wie verhält sich DDoS in der Realität?TechTalkThursday 29.06.2017: Wie verhält sich DDoS in der Realität?
TechTalkThursday 29.06.2017: Wie verhält sich DDoS in der Realität?nine
 
Balance pcc para 3 links adsl com modem em bridge
Balance pcc para 3 links adsl com modem em bridgeBalance pcc para 3 links adsl com modem em bridge
Balance pcc para 3 links adsl com modem em bridgejoadsoNjo
 
Fail2ban
Fail2banFail2ban
Fail2banRuslan Conk
 
Configure Mikrotik Khmer.pdf
Configure Mikrotik Khmer.pdfConfigure Mikrotik Khmer.pdf
Configure Mikrotik Khmer.pdfBT Digital
 
Speedtest
SpeedtestSpeedtest
SpeedtestAgus Aldi
 
Net game 2 wan Mikrosik
Net game 2 wan MikrosikNet game 2 wan Mikrosik
Net game 2 wan MikrosikKhunut Thi-ai
 
Lightning fast with Varnish
Lightning fast with VarnishLightning fast with Varnish
Lightning fast with VarnishVarnish Software
 
Balanceo con 2 wan
Balanceo con 2 wanBalanceo con 2 wan
Balanceo con 2 wanrodolfin007
 
Balanceo con 2 wan
Balanceo con 2 wanBalanceo con 2 wan
Balanceo con 2 wanrodolfin007
 
Modul dhcp server menggunakan mikrotik os
Modul dhcp server menggunakan mikrotik osModul dhcp server menggunakan mikrotik os
Modul dhcp server menggunakan mikrotik osEen Pahlefi
 
3 queue firewall
3 queue firewall3 queue firewall
3 queue firewallmaster 82
 
Counting on God
Counting on GodCounting on God
Counting on GodJames Gray
 
Puppet Camp Charlotte 2015: Exporting Resources: There and Back Again
Puppet Camp Charlotte 2015: Exporting Resources: There and Back AgainPuppet Camp Charlotte 2015: Exporting Resources: There and Back Again
Puppet Camp Charlotte 2015: Exporting Resources: There and Back AgainPuppet
 
Limitar traff brdg-mkt
Limitar traff brdg-mktLimitar traff brdg-mkt
Limitar traff brdg-mktJose Sanchez
 
Http capturing
Http capturingHttp capturing
Http capturingEric Ahn
 
Mail server configuration
Mail server configurationMail server configuration
Mail server configurationchacheng oo
 
presentation_microtik y sus buenas practicas.pdf
presentation_microtik y sus buenas practicas.pdfpresentation_microtik y sus buenas practicas.pdf
presentation_microtik y sus buenas practicas.pdfYsraelSaucedoRojas
 
Memcache as udp traffic reflector
Memcache as udp traffic reflectorMemcache as udp traffic reflector
Memcache as udp traffic reflectorBangladesh Network Operators Group
 
Command
CommandCommand
Commandgajshield
 
Debugging: Rules & Tools
Debugging: Rules & ToolsDebugging: Rules & Tools
Debugging: Rules & ToolsIan Barber
 
DJ-08-Forms-HTML.pptx
DJ-08-Forms-HTML.pptxDJ-08-Forms-HTML.pptx
DJ-08-Forms-HTML.pptxDamien Raczy
 
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...Varun Mithran
 
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...musaddumba454
 

More Related Content

Similar to Reglas de Firewall.docx

Balance pcc para 3 links adsl com modem em bridge
Balance pcc para 3 links adsl com modem em bridgeBalance pcc para 3 links adsl com modem em bridge
Balance pcc para 3 links adsl com modem em bridgejoadsoNjo
 
Configure Mikrotik Khmer.pdf
Configure Mikrotik Khmer.pdfConfigure Mikrotik Khmer.pdf
Configure Mikrotik Khmer.pdfBT Digital
 
Net game 2 wan Mikrosik
Net game 2 wan MikrosikNet game 2 wan Mikrosik
Net game 2 wan MikrosikKhunut Thi-ai
 
Lightning fast with Varnish
Lightning fast with VarnishLightning fast with Varnish
Lightning fast with VarnishVarnish Software
 
Balanceo con 2 wan
Balanceo con 2 wanBalanceo con 2 wan
Balanceo con 2 wanrodolfin007
 
Balanceo con 2 wan
Balanceo con 2 wanBalanceo con 2 wan
Balanceo con 2 wanrodolfin007
 
Modul dhcp server menggunakan mikrotik os
Modul dhcp server menggunakan mikrotik osModul dhcp server menggunakan mikrotik os
Modul dhcp server menggunakan mikrotik osEen Pahlefi
 
3 queue firewall
3 queue firewall3 queue firewall
3 queue firewallmaster 82
 
Counting on God
Counting on GodCounting on God
Counting on GodJames Gray
 
Puppet Camp Charlotte 2015: Exporting Resources: There and Back Again
Puppet Camp Charlotte 2015: Exporting Resources: There and Back AgainPuppet Camp Charlotte 2015: Exporting Resources: There and Back Again
Puppet Camp Charlotte 2015: Exporting Resources: There and Back AgainPuppet
 
Limitar traff brdg-mkt
Limitar traff brdg-mktLimitar traff brdg-mkt
Limitar traff brdg-mktJose Sanchez
 
Http capturing
Http capturingHttp capturing
Http capturingEric Ahn
 
Mail server configuration
Mail server configurationMail server configuration
Mail server configurationchacheng oo
 
presentation_microtik y sus buenas practicas.pdf
presentation_microtik y sus buenas practicas.pdfpresentation_microtik y sus buenas practicas.pdf
presentation_microtik y sus buenas practicas.pdfYsraelSaucedoRojas
 
Debugging: Rules & Tools
Debugging: Rules & ToolsDebugging: Rules & Tools
Debugging: Rules & ToolsIan Barber
 
DJ-08-Forms-HTML.pptx
DJ-08-Forms-HTML.pptxDJ-08-Forms-HTML.pptx
DJ-08-Forms-HTML.pptxDamien Raczy
 

Similar to Reglas de Firewall.docx (20)

Balance pcc para 3 links adsl com modem em bridge
Balance pcc para 3 links adsl com modem em bridgeBalance pcc para 3 links adsl com modem em bridge
Balance pcc para 3 links adsl com modem em bridge
 
Fail2ban
Fail2banFail2ban
Fail2ban
 
Configure Mikrotik Khmer.pdf
Configure Mikrotik Khmer.pdfConfigure Mikrotik Khmer.pdf
Configure Mikrotik Khmer.pdf
 
Speedtest
SpeedtestSpeedtest
Speedtest
 
Net game 2 wan Mikrosik
Net game 2 wan MikrosikNet game 2 wan Mikrosik
Net game 2 wan Mikrosik
 
Lightning fast with Varnish
Lightning fast with VarnishLightning fast with Varnish
Lightning fast with Varnish
 
Balanceo con 2 wan
Balanceo con 2 wanBalanceo con 2 wan
Balanceo con 2 wan
 
Balanceo con 2 wan
Balanceo con 2 wanBalanceo con 2 wan
Balanceo con 2 wan
 
Modul dhcp server menggunakan mikrotik os
Modul dhcp server menggunakan mikrotik osModul dhcp server menggunakan mikrotik os
Modul dhcp server menggunakan mikrotik os
 
3 queue firewall
3 queue firewall3 queue firewall
3 queue firewall
 
Counting on God
Counting on GodCounting on God
Counting on God
 
Puppet Camp Charlotte 2015: Exporting Resources: There and Back Again
Puppet Camp Charlotte 2015: Exporting Resources: There and Back AgainPuppet Camp Charlotte 2015: Exporting Resources: There and Back Again
Puppet Camp Charlotte 2015: Exporting Resources: There and Back Again
 
Limitar traff brdg-mkt
Limitar traff brdg-mktLimitar traff brdg-mkt
Limitar traff brdg-mkt
 
Http capturing
Http capturingHttp capturing
Http capturing
 
Mail server configuration
Mail server configurationMail server configuration
Mail server configuration
 
presentation_microtik y sus buenas practicas.pdf
presentation_microtik y sus buenas practicas.pdfpresentation_microtik y sus buenas practicas.pdf
presentation_microtik y sus buenas practicas.pdf
 
Memcache as udp traffic reflector
Memcache as udp traffic reflectorMemcache as udp traffic reflector
Memcache as udp traffic reflector
 
Command
CommandCommand
Command
 
Debugging: Rules & Tools
Debugging: Rules & ToolsDebugging: Rules & Tools
Debugging: Rules & Tools
 
DJ-08-Forms-HTML.pptx
DJ-08-Forms-HTML.pptxDJ-08-Forms-HTML.pptx
DJ-08-Forms-HTML.pptx
 

Recently uploaded

SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...Varun Mithran
 
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...musaddumba454
 
一比一原版(Wintec毕业证书)新西兰怀卡托理工学院毕业证原件一模一样
一比一原版(Wintec毕业证书)新西兰怀卡托理工学院毕业证原件一模一样一比一原版(Wintec毕业证书)新西兰怀卡托理工学院毕业证原件一模一样
一比一原版(Wintec毕业证书)新西兰怀卡托理工学院毕业证原件一模一样AS
 
Loker Pemandu Lagu LC Semarang 085746015303
Loker Pemandu Lagu LC Semarang 085746015303Loker Pemandu Lagu LC Semarang 085746015303
Loker Pemandu Lagu LC Semarang 085746015303Dewi Agency
 
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样Fi
 
Abortion Clinic in Kwa thema +27791653574 Kwa thema WhatsApp Abortion Clinic ...
Abortion Clinic in Kwa thema +27791653574 Kwa thema WhatsApp Abortion Clinic ...Abortion Clinic in Kwa thema +27791653574 Kwa thema WhatsApp Abortion Clinic ...
Abortion Clinic in Kwa thema +27791653574 Kwa thema WhatsApp Abortion Clinic ...mikehavy0
 
TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.
TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.
TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.Tortogel
 
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWebiThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWebJie Liau
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...APNIC
 
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样AS
 
The Rise of Subscription-Based Digital Services.pdf
The Rise of Subscription-Based Digital Services.pdfThe Rise of Subscription-Based Digital Services.pdf
The Rise of Subscription-Based Digital Services.pdfe-Market Hub
 
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download Now
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download NowHUMANIZE YOUR BRAND - FREE E-WORKBOOK Download Now
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download NowIdeoholics
 
一比一原版(Design毕业证书)新加坡科技设计大学毕业证原件一模一样
一比一原版(Design毕业证书)新加坡科技设计大学毕业证原件一模一样一比一原版(Design毕业证书)新加坡科技设计大学毕业证原件一模一样
一比一原版(Design毕业证书)新加坡科技设计大学毕业证原件一模一样AS
 
Beyond Inbound: Unlocking the Secrets of API Egress Traffic Management
Beyond Inbound: Unlocking the Secrets of API Egress Traffic ManagementBeyond Inbound: Unlocking the Secrets of API Egress Traffic Management
Beyond Inbound: Unlocking the Secrets of API Egress Traffic Managementseank14
 
Thank You Luv I’ll Never Walk Alone Again T shirts
Thank You Luv I’ll Never Walk Alone Again T shirtsThank You Luv I’ll Never Walk Alone Again T shirts
Thank You Luv I’ll Never Walk Alone Again T shirtsrahman018755
 
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理Fir
 
一比一定制(USC毕业证书)美国南加州大学毕业证学位证书
一比一定制(USC毕业证书)美国南加州大学毕业证学位证书一比一定制(USC毕业证书)美国南加州大学毕业证学位证书
一比一定制(USC毕业证书)美国南加州大学毕业证学位证书Fir
 
AI Generated 3D Models | AI 3D Model Generator
AI Generated 3D Models | AI 3D Model GeneratorAI Generated 3D Models | AI 3D Model Generator
AI Generated 3D Models | AI 3D Model Generator3DailyAI1
 
Discovering OfficialUSA.com Your Go-To Resource.pdf
Discovering OfficialUSA.com Your Go-To Resource.pdfDiscovering OfficialUSA.com Your Go-To Resource.pdf
Discovering OfficialUSA.com Your Go-To Resource.pdfSadaf Khan
 

Recently uploaded (20)

SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
 
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
 
一比一原版(Wintec毕业证书)新西兰怀卡托理工学院毕业证原件一模一样
一比一原版(Wintec毕业证书)新西兰怀卡托理工学院毕业证原件一模一样一比一原版(Wintec毕业证书)新西兰怀卡托理工学院毕业证原件一模一样
一比一原版(Wintec毕业证书)新西兰怀卡托理工学院毕业证原件一模一样
 
Loker Pemandu Lagu LC Semarang 085746015303
Loker Pemandu Lagu LC Semarang 085746015303Loker Pemandu Lagu LC Semarang 085746015303
Loker Pemandu Lagu LC Semarang 085746015303
 
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样
 
Abortion Clinic in Kwa thema +27791653574 Kwa thema WhatsApp Abortion Clinic ...
Abortion Clinic in Kwa thema +27791653574 Kwa thema WhatsApp Abortion Clinic ...Abortion Clinic in Kwa thema +27791653574 Kwa thema WhatsApp Abortion Clinic ...
Abortion Clinic in Kwa thema +27791653574 Kwa thema WhatsApp Abortion Clinic ...
 
TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.
TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.
TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.
 
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWebiThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
 
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
 
The Rise of Subscription-Based Digital Services.pdf
The Rise of Subscription-Based Digital Services.pdfThe Rise of Subscription-Based Digital Services.pdf
The Rise of Subscription-Based Digital Services.pdf
 
GOOGLE Io 2024 At takes center stage.pdf
GOOGLE Io 2024 At takes center stage.pdfGOOGLE Io 2024 At takes center stage.pdf
GOOGLE Io 2024 At takes center stage.pdf
 
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download Now
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download NowHUMANIZE YOUR BRAND - FREE E-WORKBOOK Download Now
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download Now
 
一比一原版(Design毕业证书)新加坡科技设计大学毕业证原件一模一样
一比一原版(Design毕业证书)新加坡科技设计大学毕业证原件一模一样一比一原版(Design毕业证书)新加坡科技设计大学毕业证原件一模一样
一比一原版(Design毕业证书)新加坡科技设计大学毕业证原件一模一样
 
Beyond Inbound: Unlocking the Secrets of API Egress Traffic Management
Beyond Inbound: Unlocking the Secrets of API Egress Traffic ManagementBeyond Inbound: Unlocking the Secrets of API Egress Traffic Management
Beyond Inbound: Unlocking the Secrets of API Egress Traffic Management
 
Thank You Luv I’ll Never Walk Alone Again T shirts
Thank You Luv I’ll Never Walk Alone Again T shirtsThank You Luv I’ll Never Walk Alone Again T shirts
Thank You Luv I’ll Never Walk Alone Again T shirts
 
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理
 
一比一定制(USC毕业证书)美国南加州大学毕业证学位证书
一比一定制(USC毕业证书)美国南加州大学毕业证学位证书一比一定制(USC毕业证书)美国南加州大学毕业证学位证书
一比一定制(USC毕业证书)美国南加州大学毕业证学位证书
 
AI Generated 3D Models | AI 3D Model Generator
AI Generated 3D Models | AI 3D Model GeneratorAI Generated 3D Models | AI 3D Model Generator
AI Generated 3D Models | AI 3D Model Generator
 
Discovering OfficialUSA.com Your Go-To Resource.pdf
Discovering OfficialUSA.com Your Go-To Resource.pdfDiscovering OfficialUSA.com Your Go-To Resource.pdf
Discovering OfficialUSA.com Your Go-To Resource.pdf
 

Reglas de Firewall.docx

  • 1. Reglas de Firewall: /ip firewall filter add action=add-src-to-address-list address-list=Block- DDoS address-list-timeout=none-dynamic chain=input comment=" Block DDoS" connection- limit=32,32 disabled=yes protocol=tcp add action=tarpit chain=input connection-limit=10,32 protocol=tcp src-address-list=Block-DDoS comment="" disabled=yes add action=accept chain=input comment="Acceso winbox desde trunk" dst-port= 8291 disabled=yes protocol=tcp add action=drop chain=input dst-port=53 in-interface=ether4 log-prefix= DNS protocol=udp disabled=yes comment=" Bloquea consultas DNS desde Internet" add action=accept chain=input disabled=yes comment= " Permite sesiones TCP input establecidas" connection- state=established add action=accept chain=input comment= " Permite sesiones TCP input relacionadas" disabled=yes connection-state=related add action=accept chain=input comment=" Acceso al DHCP server" disabled=yes dst-port=67-68 log-prefix="DHCP REQUEST" protocol=udp add action=accept chain=input comment= " Permite utilizar el MK como DNS Server" disabled=yes dst-port=53 protocol=udp add action=drop chain=input comment=" No permite sesiones TCP input invalidas" connection-state=invalid log- prefix="DROP INPUT INVALIDAS" disabled=yes add action=drop chain=input comment=" DENIEGO TODO LO QUE ENTRE AL ROUTER Y NO ESTC9 EXPLICITAMENTE PERMITIDO" log-prefix="DROP INPUT" protocol=!icmp disabled=yes add action=accept chain=forward comment=" Permite sesiones TCP establecidas" connection-state=established disabled=yes add action=accept chain=forward comment=" Permite sesiones TCP relacionadas" connection-state=related disabled=yes add action=accept chain=forward comment=" Permite PING" log-prefix=PING protocol=icmp disabled=yes add action=accept chain=forward comment=" Permite HTTP" dst-port=80 protocol= tcp disabled=yes add action=accept chain=forward comment=" Permite 587 Secure Mail" dst-port=587 protocol=tcp disabled=yes add action=accept chain=forward comment=" Permite HTTPS" dst-port=443 protocol=tcp disabled=yes add action=accept chain=forward comment=" Permite FTP" dst- port=21 protocol= tcp disabled=yes add action=accept chain=forward comment=" Permite SSH" dst-port=22 protocol= tcp disabled=yes add action=accept chain=forward comment=" Permite SSH 1122" dst-port=1122 protocol=tcp disabled=yes add action=accept chain=forward comment=" Permite DNS" dst-port=53 protocol= udp disabled=yes add action=accept chain=forward comment=" Permite SMTP" dst-port=25 protocol= tcp disabled=yes add action=accept chain=forward comment=" Permite SMTP" dst-port=465 protocol= tcp disabled=yes add action=accept chain=forward comment=" Permite POP3" dst- port=110 protocol= tcp disabled=yes add action=accept chain=forward comment=" Permite POP3S" dst-port=995 protocol=tcp disabled=yes add action=accept chain=forward comment=" Permite IMAP" dst-port=143 protocol= tcp disabled=yes add action=accept chain=forward comment=" Permite IMAPS" dst-port=993 protocol=tcp disabled=yes add action=accept chain=forward comment=" Permite RDP" dst-port=3389 protocol= tcp disabled=yes add action=drop chain=forward comment=" DISABLED No permite sesiones TCP invalidas" connection-state=invalid disabled=yes log-prefix="DROP FORWARD INVALIDAS" add action=drop chain=forward comment=" DENIEGO TODO LO QUE ATRAVIESE EL ROUTER _Y NO ESTC9 EXPLICITAMENTE PERMITIDO" log=yes log- prefix="DROP FORWARD" disabled=yes