-
Fototrend
Mikrotik routerekkel foglalkozó téma. Mikrotik router típusok, hardverek, router beállítások, programozás (scriptek írása), frissítés, és minden Mikrotik routerrel kapcsolatos beszélgetés helye.
Új hozzászólás Aktív témák
-
Pille99
tag
válasz
E.Kaufmann
#11637
üzenetére
most látom, hogy UDP-re semmit.
Van ajánlatod? -
#11638
amargo
addikt
E.Kaufmann
#11637
amargo
addikt
válasz
E.Kaufmann
#11637
üzenetére
Itt a port scanneres megoldás ez innen van# block port scanner#near the top #5 add action=drop chain=input comment="Drop user that has tried blocked ports" in-interface=ether1-Wan log-prefix=\ FW_Drop_all_from_WAN src-address-list=FW_Block_user_try_unkown_port . . . . # at the bottom of the filter list #15 add action=add-src-to-address-list address-list=FW_Block_user_try_unkown_port address-list-timeout=1d chain=input in-interface=ether1-Wan #16 add action=drop chain=input comment="Drop all from WAN " in-interface=ether1-Wan log=yes log-prefix=FW_Drop_all_from_WAN# block port scanner
Ez pedig egy script, amit pár percenként futtatok le (ha a két futtatás között volt probálkozás, akkor noveli a counter-t), lehet nem a legjobb, de teszi a dolgát, 5leteket fogadok
#check if logging action exists, if not create action:if ([:len [/system logging action find name=l2tp]]=0) do={/system logging action add name=l2tp target=memory}#check if logging rule exists, if not create rule:if ([:len [/system logging find action=l2tp]]=0) do={/system logging add topics=ipsec,error action=l2tp}#l2tp failure attempts:local attempt 3:if ([:len [/log find where buffer=l2tp message~"phase1 negotiation failed"]]>0) do={#get IP <=> log:local getIP do={# :log info "getIP - string: $string":if ([:type [:find $string "<=>"]]!="nil") do={:local cut [:pick $string ([:find $string "<=>"]+[:len "<=>"]) [:len $string]]:if ([:len [:find $cut "["]]>0) do={:return [:pick $cut 0 [:find $cut "["]]} else={:return [:pick $cut 0 [:len $cut]]}} else={:if ([:len [:find $string " "]]>0) do={:return [:pick $string 0 [:find $string " "]]} else={:return ""}}}#read value from string:local getKeyValue do={# :log info "getKeyValue - string: $string, name: $name":if ([:type [:find $string $name]]!="nil") do={:local cut [:pick $string ([:find $string $name]+[:len $name]+1) [:len $string]]:if ([:len [:find $cut ";"]]>0) do={:return [:pick $cut 0 [:find $cut ";"]]} else={:return [:pick $cut 0 [:len $cut]]}} else={:if ([:len $default]>0) do={:return $default} else={:return ""}}}#set key and value to string:local setKeyValue do={# :log info "setKeyValue - string: $string, name: $name":if ([:typeof [:find $string $name]]!="nil") do={:local current:local cut [:pick $string ([:find $string $name]) [:len $string]]:if ([:len [:find $cut ";"]]>0) do={:set current [:pick $cut 0 [:find $cut ";"]]} else={:set current [:pick $cut 0 [:len $cut]]}:return ([:pick $string 0 [:find $string $current]]."$name=$value".[:pick $string ([:find $string $current]+[:len $current]) [:len $string]])} else={:if (([:len $value]>0) and ([:len $name]>0)) do={:if (([:len $string]=0) or ([:pick $string ([:len $string]-1) [:len $string]]=";")) do={:return ($string."$name=$value;")} else={:return ($string.";$name=$value;")}} else={:return ($string)}}}#del key and value to string:local delKeyValue do={# :log info "delKeyValue - string: $string, name: $name":if ([:typeof [:find $string $name]]!="nil") do={:local current:local cut [:pick $string ([:find $string $name]) [:len $string]]:if ([:len [:find $cut ";"]]>0) do={:set current [:pick $cut 0 [:find $cut ";"]]} else={:set current [:pick $cut 0 [:len $cut]]}:return ([:pick $string 0 [:find $string $current]].[:pick $string ([:find $string $current]+[:len $current]+1) [:len $string]])} else={:return ($string)}}#check log for "phase1 negotiation failed":local retry:global l2tpFailures:foreach index in=[/log find where buffer=l2tp message~"phase1 negotiation failed"] do={:log info [/log get $index message]:set retry [:tonum [$getKeyValue string=$l2tpFailures name=[$getIP string=[/log get $index message]]]]:if (($retry+1)>=$attempt) do={/ip firewall address-list add address=[$getIP string=[/log get $index message]] list=l2tp_failure comment=([/log get $index message].", added at ".[/system clock get date]." ".[/system clock get time]) timeout=1d:set l2tpFailures [$delKeyValue string=$l2tpFailures name=[$getIP string=[/log get $index message]]]} else={:if ([:len [/ip firewall address-list find where address=[$getIP string=[/log get $index message]] and list=l2tp_failure]]=0) do={:set l2tpFailures [$setKeyValue string=$l2tpFailures name=[$getIP string=[/log get $index message]] value=($retry+1)]}}}#clear log:log info "clear l2tp log"/system logging disable [find action=l2tp]/system logging enable [find action=l2tp]:if ([:len $l2tpFailures]=0) do={/system script environment remove l2tpFailures}:if ([:len [/ip firewall filter find comment="block address that reach maximum l2tp login attempts"]]=0) do={/ip firewall filter add chain=input src-address-list=l2tp_failure action=drop comment="block address that reach maximum l2tp login attempts" place-before=0}}
Új hozzászólás Aktív témák
ekkold- AMD Ryzen 7 5700X processzor eladó /Garanciás/
- Xbox Series S + 2 kontroller
- Dell laptop eladó i5 11. gen, 8GB RAM, 512GB SSD, újszerű állapotban!
- Bomba ár! HP EliteBook Folio 1040 G1 - i5-G4 I 8GB I 256GB SSD I 14" HD+ I Cam I W10 I Garancia!
- Bomba ár! HP Elitebook Folio 9470M - i5-3GEN I 8GB I 256GB SSD I 14" I DP I Cam I W10 I Garancia!
- Használt és ÚJ Gamer Monitor Felvásárlás Gyors és Korrekt Ügyintézés!
- Tablet felvásárlás!! Apple iPad, iPad Mini, iPad Air, iPad Pro
- LG 55C4 - 48" OLED evo - 4K 144Hz - 0.1ms - NVIDIA G-Sync - FreeSync - HDMI 2.1 - A9 Gen7 CPU
- AKCIÓ! ASUS B650M R5 7600X 64GB DDR5 1TB SSD RTX 3080Ti 12GB Be Quiet! Pure Base 500FX ASUS 1000W
- ÁRGARANCIA! Épített KomPhone Ryzen 5 7600X 32/64GB DDR5 RTX 5060Ti 8GB GAMER PC termékbeszámítással
Állásajánlatok
Cég: Promenade Publishing House Kft.
Város: Budapest
Cég: PC Trade Systems Kft.
Város: Szeged