Created
September 26, 2018 11:55
-
-
Save arysandi/98813aa413b5b6eaeb06b6a2aef9e6f8 to your computer and use it in GitHub Desktop.
firewall mikrotik raw
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /ip firewall address-list | |
| add list="private-lokal" address=0.0.0.0/8 | |
| add list="private-lokal" address=10.0.0.0/8 | |
| add list="private-lokal" address=100.64.0.0/10 | |
| add list="private-lokal" address=127.0.0.0/8 | |
| add list="private-lokal" address=169.254.0.0/16 | |
| add list="private-lokal" address=172.16.0.0/12 | |
| add list="private-lokal" address=192.0.0.0/24 | |
| add list="private-lokal" address=192.0.2.0/24 | |
| add list="private-lokal" address=192.168.0.0/16 | |
| add list="private-lokal" address=198.18.0.0/15 | |
| add list="private-lokal" address=198.51.100.0/24 | |
| add list="private-lokal" address=203.0.113.0/24 | |
| add list="private-lokal" address=224.0.0.0/3 | |
| /ip firewall raw | |
| add action=drop chain=prerouting dst-port=53,5353 protocol=tcp src-address-list=!private-lokal | |
| add action=drop chain=prerouting dst-port=53,5353 protocol=udp src-address-list=!private-lokal | |
| add action=drop chain=prerouting dst-port=443 protocol=udp | |
| add action=drop chain=prerouting protocol=tcp src-address-list=!private-lokal src-port=135-139,445 | |
| add action=drop chain=prerouting dst-address-list=!private-lokal dst-port=135-139,445 protocol=tcp | |
| add action=drop chain=prerouting protocol=udp src-address-list=!private-lokal src-port=135-139,445 | |
| add action=drop chain=prerouting dst-address-list=!private-lokal dst-port=135-139,445 protocol=udp |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment