Forum

pagina de bloqueio

Postado por welington sousa em 30 de Janeiro de 2010 às 17:54

NAO CONSIGO FAZER MEU MK-ATHU FUNCIONA BLOQUEANDO UM CLIENTE TIPO EU MIM COMO LA BLOQUEADO MESMO ASIM TA NAVEGANDO NORMAL NAO AVISO ALGUM DE QUE TO BLOQUEADO

ALGUEM AI PODE MIM AJUDA
Visualizações: 46

Para adicionar comentários, você deve ser membro de MK-AUTH.

Join MK-AUTH

Marcações: bloqueio, erro
Votos 0
Enviar-me um email quando as pessoas responderem –
Seguir

Respostas

  • André Janeiro 31, 2010 20:13
    /ip firewall filter
    add action=drop chain=virus comment="bloqueio de VIRUS conhecidos" \
    disabled=yes dst-port=445 protocol=tcp
    add action=drop chain=virus comment="" disabled=yes dst-port=445 protocol=udp
    add action=drop chain=virus comment="" disabled=yes dst-port=593 protocol=tcp
    add action=drop chain=virus comment="" disabled=yes dst-port=1080 protocol=tcp
    add action=drop chain=virus comment="" disabled=yes dst-port=1363 protocol=tcp
    add action=drop chain=virus comment="" disabled=yes dst-port=1364 protocol=tcp
    add action=drop chain=virus comment="" disabled=yes dst-port=1373 protocol=tcp
    add action=drop chain=virus comment="" disabled=yes dst-port=1377 protocol=tcp
    add action=drop chain=virus comment="" disabled=yes dst-port=1368 protocol=tcp
    add action=drop chain=virus comment="" disabled=yes dst-port=1433-1434 \
    protocol=tcp
    add action=drop chain=virus comment="" disabled=yes dst-port=1024-1030 \
    protocol=tcp
    add action=drop chain=virus comment="" disabled=yes dst-port=1214 protocol=tcp
    add action=drop chain=virus comment="Drop Blaster Worm" disabled=yes \
    dst-port=135-139 protocol=tcp
    add action=drop chain=virus comment="Drop Messenger Worm" disabled=yes \
    dst-port=135-139 protocol=udp
    add action=drop chain=virus comment="Drop Blaster Worm" disabled=yes \
    dst-port=445 protocol=tcp
    add action=drop chain=virus comment="Drop Blaster Worm" disabled=yes \
    dst-port=445 protocol=udp
    add action=drop chain=virus comment="________" disabled=yes dst-port=593 \
    protocol=tcp
    add action=drop chain=virus comment="________" disabled=yes dst-port=1024-1030 \
    protocol=tcp
    add action=drop chain=virus comment="Drop MyDoom" disabled=yes dst-port=1080 \
    protocol=tcp
    add action=drop chain=virus comment="________" disabled=yes dst-port=1214 \
    protocol=tcp
    add action=drop chain=virus comment="ndm requester" disabled=yes dst-port=1363 \
    protocol=tcp
    add action=drop chain=virus comment="ndm server" disabled=yes dst-port=1364 \
    protocol=tcp
    add action=drop chain=virus comment="screen cast" disabled=yes dst-port=1368 \
    protocol=tcp
    add action=drop chain=virus comment="hromgrafx" disabled=yes dst-port=1373 \
    protocol=tcp
    add action=drop chain=virus comment="cichlid" disabled=yes dst-port=1377 \
    protocol=tcp
    add action=drop chain=virus comment="Worm" disabled=yes dst-port=1433-1434 \
    protocol=tcp
    add action=drop chain=virus comment="Bagle Virus" disabled=yes dst-port=2745 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Dumaru.Y" disabled=yes dst-port=2283 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Beagle" disabled=yes dst-port=2535 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Beagle.C-K" disabled=yes \
    dst-port=2745 protocol=tcp
    add action=drop chain=virus comment="Drop porta proxy" disabled=yes \
    dst-port=3127-3128 protocol=tcp
    add action=drop chain=virus comment="Drop Backdoor OptixPro" disabled=yes \
    dst-port=3410 protocol=tcp
    add action=drop chain=virus comment="Worm" disabled=yes dst-port=4444 \
    protocol=tcp
    add action=drop chain=virus comment="Worm" disabled=yes dst-port=4444 \
    protocol=udp
    add action=drop chain=virus comment="Drop Sasser" disabled=yes dst-port=5554 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Beagle.B" disabled=yes dst-port=8866 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Dabber.A-B" disabled=yes \
    dst-port=9898 protocol=tcp
    add action=drop chain=virus comment="Drop Dumaru.Y" disabled=yes \
    dst-port=10000 protocol=tcp
    add action=drop chain=virus comment="Drop MyDoom.B" disabled=yes \
    dst-port=10080 protocol=tcp
    add action=drop chain=virus comment="Drop NetBus" disabled=yes dst-port=12345 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Kuang2" disabled=yes dst-port=17300 \
    protocol=tcp
    add action=drop chain=virus comment="Drop SubSeven" disabled=yes \
    dst-port=27374 protocol=tcp
    add action=drop chain=virus comment="Drop PhatBot, Agobot, Gaobot" \
    disabled=yes dst-port=65506 protocol=tcp
    add action=drop chain=virus comment="Drop Blaster Worm" disabled=yes \
    dst-port=135-139 protocol=tcp
    add action=drop chain=virus comment="Drop Messenger Worm" disabled=yes \
    dst-port=135-139 protocol=udp
    add action=drop chain=virus comment="Drop Blaster Worm" disabled=yes \
    dst-port=445 protocol=tcp
    add action=drop chain=virus comment="Drop Blaster Worm" disabled=yes \
    dst-port=445 protocol=udp
    add action=drop chain=virus comment="________" disabled=yes dst-port=593 \
    protocol=tcp
    add action=drop chain=virus comment="________" disabled=yes dst-port=1024-1030 \
    protocol=tcp
    add action=drop chain=virus comment="Drop MyDoom" disabled=yes dst-port=1080 \
    protocol=tcp
    add action=drop chain=virus comment="________" disabled=yes dst-port=1214 \
    protocol=tcp
    add action=drop chain=virus comment="ndm requester" disabled=yes dst-port=1363 \
    protocol=tcp
    add action=drop chain=virus comment="ndm server" disabled=yes dst-port=1364 \
    protocol=tcp
    add action=drop chain=virus comment="screen cast" disabled=yes dst-port=1368 \
    protocol=tcp
    add action=drop chain=virus comment="hromgrafx" disabled=yes dst-port=1373 \
    protocol=tcp
    add action=drop chain=virus comment="cichlid" disabled=yes dst-port=1377 \
    protocol=tcp
    add action=drop chain=virus comment="Worm" disabled=yes dst-port=1433-1434 \
    protocol=tcp
    add action=drop chain=virus comment="Bagle Virus" disabled=yes dst-port=2745 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Dumaru.Y" disabled=yes dst-port=2283 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Beagle" disabled=yes dst-port=2535 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Beagle.C-K" disabled=yes \
    dst-port=2745 protocol=tcp
    add action=drop chain=virus comment="Drop MyDoom" disabled=yes \
    dst-port=3127-3128 protocol=tcp
    add action=drop chain=virus comment="Drop Backdoor OptixPro" disabled=yes \
    dst-port=3410 protocol=tcp
    add action=drop chain=virus comment="Worm" disabled=yes dst-port=4444 \
    protocol=tcp
    add action=drop chain=virus comment="Worm" disabled=yes dst-port=4444 \
    protocol=udp
    add action=drop chain=virus comment="Drop Sasser" disabled=yes dst-port=5554 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Beagle.B" disabled=yes dst-port=8866 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Dabber.A-B" disabled=yes \
    dst-port=9898 protocol=tcp
    add action=drop chain=virus comment="Drop Dumaru.Y" disabled=yes \
    dst-port=10000 protocol=tcp
    add action=drop chain=virus comment="Drop MyDoom.B" disabled=yes \
    dst-port=10080 protocol=tcp
    add action=drop chain=virus comment="Drop NetBus" disabled=yes dst-port=12345 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Kuang2" disabled=yes dst-port=17300 \
    protocol=tcp
    add action=drop chain=virus comment="Drop SubSeven" disabled=yes \
    dst-port=27374 protocol=tcp
    add action=drop chain=virus comment="Drop PhatBot, Agobot, Gaobot" \
    disabled=yes dst-port=65506 protocol=tcp
    add action=drop chain=forward comment="" disabled=yes protocol=tcp \
    src-address=172.128.254.0/24 src-port=0
    add action=drop chain=forward comment="Controle P2P ARES e Semelhantes" \
    disabled=yes protocol=udp src-address=172.128.254.0/24 src-port=0
    add action=drop chain=forward comment="" disabled=yes dst-port=0 protocol=udp \
    src-address=172.128.254.0/24
    add action=drop chain=forward comment="" disabled=yes dst-port=0 protocol=tcp \
    src-address=172.128.254.0/24
    add action=drop chain=forward comment="" disabled=yes p2p=!warez \
    src-address=172.128.254.0/24
    add action=accept chain=input comment="CHEQUEAR LINEA A LINEA FALLA WEB-PROXY" \
    disabled=yes
    add action=drop chain=forward comment="Bloqueio de portas UDP e TCP" \
    disabled=yes dst-port=1025-65535 protocol=udp src-address=172.128.254.109
    add action=drop chain=forward comment="" disabled=yes dst-port=10000-65535 \
    protocol=tcp src-address=172.128.254.109
    add action=drop chain=input comment="" disabled=yes protocol=tcp \
    src-address=172.128.254.110 src-port=1900-2500
    add action=drop chain=forward comment="" disabled=yes dst-port=1025-65535 \
    protocol=udp src-address=172.128.254.111
    add action=drop chain=forward comment="" disabled=yes dst-port=10000-65535 \
    protocol=tcp src-address=172.128.254.111
    add action=drop chain=input comment="" disabled=yes protocol=tcp \
    src-address=172.128.254.113 src-port=63000-65535
    add action=drop chain=input comment="" disabled=yes protocol=tcp \
    src-address=172.128.254.118 src-port=1200-1500
    add action=drop chain=forward comment="" disabled=yes dst-port=1025-65535 \
    protocol=udp src-address=172.128.254.126
    add action=drop chain=forward comment="" disabled=yes dst-port=10000-65535 \
    protocol=tcp src-address=172.128.254.126
    add action=drop chain=forward comment="Limitando a 20 o n mero conexoes simult \
    neas" connection-limit=20,32 disabled=yes packet-mark=!semlimite \
    protocol=tcp src-address=172.128.254.0/24 tcp-flags=syn
    add action=drop chain=virus comment="Drop Blaster Worm" disabled=yes \
    dst-port=135-139 protocol=tcp
    add action=drop chain=virus comment="Drop Messenger Worm" disabled=yes \
    dst-port=135-139 protocol=udp
    add action=drop chain=virus comment="Drop Blaster Worm" disabled=yes \
    dst-port=445 protocol=tcp
    add action=drop chain=virus comment="Drop Blaster Worm" disabled=yes \
    dst-port=445 protocol=udp
    add action=drop chain=virus comment="________" disabled=yes dst-port=593 \
    protocol=tcp
    add action=drop chain=virus comment="________" disabled=yes dst-port=1024-1030 \
    protocol=tcp
    add action=drop chain=virus comment="Drop MyDoom" disabled=yes dst-port=1080 \
    protocol=tcp
    add action=drop chain=virus comment="________" disabled=yes dst-port=1214 \
    protocol=tcp
    add action=drop chain=virus comment="ndm requester" disabled=yes dst-port=1363 \
    protocol=tcp
    add action=drop chain=virus comment="ndm server" disabled=yes dst-port=1364 \
    protocol=tcp
    add action=drop chain=virus comment="screen cast" disabled=yes dst-port=1368 \
    protocol=tcp
    add action=drop chain=virus comment="hromgrafx" disabled=yes dst-port=1373 \
    protocol=tcp
    add action=drop chain=virus comment="cichlid" disabled=yes dst-port=1377 \
    protocol=tcp
    add action=drop chain=virus comment="Worm" disabled=yes dst-port=1433-1434 \
    protocol=tcp
    add action=drop chain=virus comment="Bagle Virus" disabled=yes dst-port=2745 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Dumaru.Y" disabled=yes dst-port=2283 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Beagle" disabled=yes dst-port=2535 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Beagle.C-K" disabled=yes \
    dst-port=2745 protocol=tcp
    add action=drop chain=virus comment="Drop MyDoom" disabled=yes \
    dst-port=3127-3128 protocol=tcp
    add action=drop chain=virus comment="Drop Backdoor OptixPro" disabled=yes \
    dst-port=3410 protocol=tcp
    add action=drop chain=virus comment="Worm" disabled=yes dst-port=4444 \
    protocol=tcp
    add action=drop chain=virus comment="Worm" disabled=yes dst-port=4444 \
    protocol=udp
    add action=drop chain=virus comment="Drop Sasser" disabled=yes dst-port=5554 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Beagle.B" disabled=yes dst-port=8866 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Dabber.A-B" disabled=yes \
    dst-port=9898 protocol=tcp
    add action=drop chain=virus comment="Drop Dumaru.Y" disabled=yes \
    dst-port=10000 protocol=tcp
    add action=drop chain=virus comment="Drop MyDoom.B" disabled=yes \
    dst-port=10080 protocol=tcp
    add action=drop chain=virus comment="Drop NetBus" disabled=yes dst-port=12345 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Kuang2" disabled=yes dst-port=17300 \
    protocol=tcp
    add action=drop chain=virus comment="Drop SubSeven" disabled=yes \
    dst-port=27374 protocol=tcp
    add action=drop chain=virus comment="Drop PhatBot, Gaobot" disabled=yes \
    dst-port=65506 protocol=tcp
    add action=jump chain=forward comment="conex o de forward analizada por virus" \
    disabled=yes jump-target=virus
    add action=drop chain=forward comment="Drop NetBios" disabled=yes \
    dst-port=445-449 protocol=udp src-address=172.128.254.0/24
    add action=jump chain=input comment="Sanity Check" disabled=yes \
    jump-target=sanity-check
    add action=jump chain=sanity-check comment="Deny illegal NAT traversal" \
    disabled=yes jump-target="drop sanyt-check" packet-mark=nat-traversal
    add action=add-src-to-address-list address-list=ether1-addr \
    address-list-timeout=10h chain=sanity-check comment="Block port scans" \
    disabled=yes protocol=tcp psd=20,3s,3,1
    add action=add-src-to-address-list address-list=ether1-addr \
    address-list-timeout=10h chain=sanity-check comment="Block TCP Null scan" \
    disabled=yes protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
    add action=add-src-to-address-list address-list=ether1-addr \
    address-list-timeout=10h chain=sanity-check comment="Block TCP Xmas scan" \
    disabled=yes protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
    add action=jump chain=sanity-check comment="" disabled=yes jump-target=drop \
    protocol=tcp src-address-list=blocked-addr
    add action=jump chain=sanity-check comment="Drop TCP RST" disabled=yes \
    jump-target="drop sanyt-check" protocol=tcp tcp-flags=rst
    add action=jump chain=sanity-check comment="Drop TCP SYN+FIN" disabled=yes \
    jump-target="drop sanyt-check" protocol=tcp tcp-flags=fin,syn
    add action=jump chain=sanity-check comment="Dropping invalid connections at \
    once" connection-state=invalid disabled=yes jump-target="drop sanyt-check"
    add action=accept chain=sanity-check comment="Accepting already established \
    connections" connection-state=established disabled=yes
    add action=accept chain=sanity-check comment="Also accepting related \
    connections" connection-state=related disabled=yes
    add action=jump chain=sanity-check comment="Drop all traffic that goes to \
    multicast or broadcast addresses" disabled=yes \
    dst-address-type=broadcast,multicast jump-target="drop Multicast y \
    broadcast" src-address=172.128.254.0/24
    add action=jump chain=sanity-check comment="Drop everything that goes from \
    ether1 interface but not from ether1 address" disabled=yes \
    jump-target="drop sanyt-check" src-address=172.128.254.0/24 \
    src-address-list=!ether1-addr
    add action=jump chain=sanity-check comment="Drop illegal source addresses" \
    disabled=yes jump-target="drop sanyt-check" src-address=172.128.254.0/24 \
    src-address-list=illegal-addr
    add action=jump chain=sanity-check comment="Drop all traffic that goes from \
    multicast or broadcast addresses" disabled=yes jump-target="drop \
    sanyt-check" src-address=172.128.254.0/24 \
    src-address-type=broadcast,multicast
    add action=drop chain="drop sanyt-check" comment="dropping port scanners -- \
    Esto viene de Sanity Check" disabled=yes src-address-list=ether1-addr
    add action=drop chain="drop Multicast y broadcast" comment="Bloqueo todo el \
    Multicast y Broadcast" disabled=yes dst-address-type=broadcast,multicast

    ALICSON R. MIRANDA disse:
    /ip firewall nat
    add action=dst-nat chain=dstnat comment="PG CORTE" disabled=no protocol=tcp \
    src-address-list=pgcorte to-addresses=172.31.255.2 to-ports=85


    Lembrando que essa regra tem que está abaixo das dinamicas ( regras criadas automaticamente pelo mikrotik )
    e acima de todas staticas ( criadas pelo usuário ) ...

    depois disso... tem que habilitar o auto-ip e no cadastro do cliente tem que ter o ramal selecionado no cadastro...
    não tem erro !!!!!

    poste resultado para os demais !!!!

    t+

    www.discoverybrasil.br.gp
    www.thunder3.br.gp
  • welington sousa Janeiro 31, 2010 12:13
    FIZ ISSO ALISO SO QUE MESMOASIM NAO DEU MIM BLOQIEI LA NO MK-AUTH MESMO ASIM NAVEGO NORMAL NAO CORTA

    ALICSON R. MIRANDA disse:
    /ip firewall nat
    add action=dst-nat chain=dstnat comment="PG CORTE" disabled=no protocol=tcp \
    src-address-list=pgcorte to-addresses=172.31.255.2 to-ports=85


    Lembrando que essa regra tem que está abaixo das dinamicas ( regras criadas automaticamente pelo mikrotik )
    e acima de todas staticas ( criadas pelo usuário ) ...

    depois disso... tem que habilitar o auto-ip e no cadastro do cliente tem que ter o ramal selecionado no cadastro...
    não tem erro !!!!!

    poste resultado para os demais !!!!

    t+

    www.discoverybrasil.br.gp
    www.thunder3.br.gp
  • Alicson R. Miranda Janeiro 31, 2010 6:51
    /ip firewall nat
    add action=dst-nat chain=dstnat comment="PG CORTE" disabled=no protocol=tcp \
    src-address-list=pgcorte to-addresses=172.31.255.2 to-ports=85


    Lembrando que essa regra tem que está abaixo das dinamicas ( regras criadas automaticamente pelo mikrotik )
    e acima de todas staticas ( criadas pelo usuário ) ...

    depois disso... tem que habilitar o auto-ip e no cadastro do cliente tem que ter o ramal selecionado no cadastro...
    não tem erro !!!!!

    poste resultado para os demais !!!!

    t+

    www.discoverybrasil.br.gp
    www.thunder3.br.gp
  • Vinicius Argolo Janeiro 31, 2010 1:25
    Sim, aquih aparece o mac o ip na address list

    Alexandre de Moura Andrade disse:
    no cadastro do cliente no mk-auth ta com o ip e mac e verefica se quando vc bloqueia, aparece o ip no addesses lists

    welington sousa disse:
    pois e vinicius eu to aque sem sabe o que fazer mais pq ja fiz de tudo tbm e nao funciona vou la bloqueio o cliente e ele fica de boa navegando mesmo tano bloqueado la no mk-auth naos sei mais o que fazer ja reistalei meu mikrotik ja fiz tudo que eu sei ate agora nao tive susseço
  • ItaNet - Provedor de Internet Janeiro 30, 2010 23:52
    no cadastro do cliente no mk-auth ta com o ip e mac e verefica se quando vc bloqueia, aparece o ip no addesses lists

    welington sousa disse:
    pois e vinicius eu to aque sem sabe o que fazer mais pq ja fiz de tudo tbm e nao funciona vou la bloqueio o cliente e ele fica de boa navegando mesmo tano bloqueado la no mk-auth naos sei mais o que fazer ja reistalei meu mikrotik ja fiz tudo que eu sei ate agora nao tive susseço

    imagem.JPG

  • welington sousa Janeiro 30, 2010 23:05
    pois e vinicius eu to aque sem sabe o que fazer mais pq ja fiz de tudo tbm e nao funciona vou la bloqueio o cliente e ele fica de boa navegando mesmo tano bloqueado la no mk-auth naos sei mais o que fazer ja reistalei meu mikrotik ja fiz tudo que eu sei ate agora nao tive susseço
  • Vinicius Argolo Janeiro 30, 2010 23:01
    eu estou com o mesmo problema, jah fiz de td e a hp de bloqueio não aparece para o cliente bloqueado. outra coisa q prestei atenção é que no NAT a regra não trafega pacotes.
  • Rogerio Alves Janeiro 30, 2010 19:31
    Não esquecer de informar o ip e ramal para o cliente no cadastro!
  • welington sousa Janeiro 30, 2010 19:17
    BLZ VOU FAZER O TESTE AQUE E POSTO RESULTADO VALEW GALERA BRIGADO PELA FORÇA
  • ItaNet - Provedor de Internet Janeiro 30, 2010 19:12
    vc tem que colocar a regra em cima das outra ela tem que ser a primeira, ak no meu nao tava funcionando ai eu fiz isso funcionou.

    welington sousa disse:
    SIM EU COLOQUEI ESSA REGRA TBM MESMO ASIM NAO FUNCIONOU NEM SEI MAIS O QUE FAZER
This reply was deleted.