Buat firewall untuk block akses ke facebook
/system script add name="fb-unblock" policy=write,read,policy,test,sniff source={/ip firewall filter set [/ip firewall filter find content="facebook"] disable="yes"
/system script add name="fb-block" policy=write,read,policy,test,sniff source={/ip firewall filter set [/ip firewall filter find content="facebook"] disable="no"
Kemudian Atur jadwal sesuai kebutuhan Anda :
/system scheduler add name="fb-08:00" start-date=Nov/09/2009 start-time=08:00:00 interval=1d on-event="fb-block"
/system scheduler add name="fb-12:00" start-date=Nov/09/2009 start-time=12:00:00 interval=1d on-event="fb-unblock
/system scheduler add name="fb-13:00" start-date=Nov/09/2009 start-time=13:00:00 interval=1d on-event="fb-block"
/system scheduler add name="fb-17:00" start-date=Nov/09/2009 start-time=17:00:00 interval=1d on-event="fb-unblock"
Thanks To Majapahit Crew
Jumat, 29 April 2011
Setting Anti DDOS di Router Mikrotik
Mencegah lebih baik dari pada mengobati, itulah pepatah lama yang masih berlaku dari jaman sebelum peradaban sampai dengan akhir dunia ini,
begitu juga di dunia Cyber ini, untuk kelancaran arus keluar masuka internet dan untuk menghindari traffic berlebihan yang sengaja seseorang kirimkan untuk mempengaruhi koneksi kita , bahkan bisa membuat koneksi internet kita drop, maka dari itu saya mencoba untuk berbagi setingan Anti DDOS di router Mikrotik
adapun setingannya sebagai berikut :
/ip firewall filter add chain=input protocol=tcp dst-port=1337 action=add-src-to-address-list address-list=DDOS address-list-timeout=15s comment="" disabled=no
/ip firewall filter add chain=input protocol=tcp dst-port=7331 src-address-list=knock action=add-src-to-address-list address-list=DDOS address-list-timeout=15m comment="" disabled=no
/ip firewall filter add chain=input connection-state=established action=accept comment="accept established connection packets" disabled=no
/ip firewall filter add chain=input connection-state=related action=accept comment="accept related connection packets" disabled=no
/ip firewall filter add chain=input connection-state=invalid action=drop comment="drop invalid packets" disabled=no
/ip firewall filter add chain=input protocol=tcp psd=21,3s,3,1 action=drop comment="Prot Scanner Detection" disabled=no
/ip firewall filteradd chain=input protocol=tcp connection-limit=10,32 action=add-src-to-address-list address-list=black_list address-list-timeout=1d comment="enter to blok ip black attacker" disabled=no
/ip firewall filter add chain=input protocol=icmp action=jump jump-target=ICMP comment="jump target chain ICMP" disabled=no
/ip firewall filter add chain=input action=jump jump-target=services comment="jump target chain services" disabled=no
/ip firewall filter add chain=input action=log log-prefix="Filter" comment="Write review Attacker's" disabled=no
/ip firewall filter add chain=input src-address=Subnet wAN action= accept comment="list IP yang boleh akses ke router"
/ip firewall filter add chain=input src-address=Subnet LAN action=accept
/ip firewall filter add chain=input src-address=Subnet DMZ action=accept
/ip firewall filter add chain=input action=drop comment="Blok All Undetection" disabled=no
Selamat mencoba,
Thanks To Mojopahit Crew
begitu juga di dunia Cyber ini, untuk kelancaran arus keluar masuka internet dan untuk menghindari traffic berlebihan yang sengaja seseorang kirimkan untuk mempengaruhi koneksi kita , bahkan bisa membuat koneksi internet kita drop, maka dari itu saya mencoba untuk berbagi setingan Anti DDOS di router Mikrotik
adapun setingannya sebagai berikut :
/ip firewall filter add chain=input protocol=tcp dst-port=1337 action=add-src-to-address-list address-list=DDOS address-list-timeout=15s comment="" disabled=no
/ip firewall filter add chain=input protocol=tcp dst-port=7331 src-address-list=knock action=add-src-to-address-list address-list=DDOS address-list-timeout=15m comment="" disabled=no
/ip firewall filter add chain=input connection-state=established action=accept comment="accept established connection packets" disabled=no
/ip firewall filter add chain=input connection-state=related action=accept comment="accept related connection packets" disabled=no
/ip firewall filter add chain=input connection-state=invalid action=drop comment="drop invalid packets" disabled=no
/ip firewall filter add chain=input protocol=tcp psd=21,3s,3,1 action=drop comment="Prot Scanner Detection" disabled=no
/ip firewall filteradd chain=input protocol=tcp connection-limit=10,32 action=add-src-to-address-list address-list=black_list address-list-timeout=1d comment="enter to blok ip black attacker" disabled=no
/ip firewall filter add chain=input protocol=icmp action=jump jump-target=ICMP comment="jump target chain ICMP" disabled=no
/ip firewall filter add chain=input action=jump jump-target=services comment="jump target chain services" disabled=no
/ip firewall filter add chain=input action=log log-prefix="Filter" comment="Write review Attacker's" disabled=no
/ip firewall filter add chain=input src-address=Subnet wAN action= accept comment="list IP yang boleh akses ke router"
/ip firewall filter add chain=input src-address=Subnet LAN action=accept
/ip firewall filter add chain=input src-address=Subnet DMZ action=accept
/ip firewall filter add chain=input action=drop comment="Blok All Undetection" disabled=no
Selamat mencoba,
Thanks To Mojopahit Crew
Langganan:
Postingan (Atom)