Telegram - . ? :)

4

Mikrotik . , SOHO Mikrotik . , Mikrotik.


Mikrotik

1.

. , Mikrotik admin . : Winbox SystemUsers. admin, :

      admin  Mikrotik

, (/). , + :

Mikrotik:

, Group full, . admin .

2.

, . , . , IPServices:

    Mikrotik

Mikrotik Winbox, , winbox ssh ( ssh), :

  • api
  • api-ssl
  • ftp
  • www
  • www-ssl

. SSH , , 22 6022. , SSH :

 SSH   Mikrotik

Apply .

3. ()

Mikrotik , FTP SSH . FTP , , , SSH . , . , . , New Terminal. :

/ip firewall filter

#   FTP
add chain=input protocol=tcp dst-port=21 src-address-list=ftp_blacklist action=drop \
comment="drop ftp brute forcers"

add chain=output action=accept protocol=tcp content="530 Login incorrect" dst-limit=1/1m,9,dst-address/1m

add chain=output action=add-dst-to-address-list protocol=tcp content="530 Login incorrect" \
address-list=ftp_blacklist address-list-timeout=3h

#   SSH
add chain=input protocol=tcp dst-port=22 src-address-list=ssh_blacklist action=drop \
comment="drop ssh brute forcers" disabled=no

add chain=input protocol=tcp dst-port=22 connection-state=new \
src-address-list=ssh_stage3 action=add-src-to-address-list address-list=ssh_blacklist \
address-list-timeout=10d comment="" disabled=no

add chain=input protocol=tcp dst-port=22 connection-state=new \
src-address-list=ssh_stage2 action=add-src-to-address-list address-list=ssh_stage3 \
address-list-timeout=1m comment="" disabled=no

add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage1 \
action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m comment="" disabled=no

add chain=input protocol=tcp dst-port=22 connection-state=new action=add-src-to-address-list \
address-list=ssh_stage1 address-list-timeout=1m comment="" disabled=no

, . : , New Terminal :

export file=backup2019-04-24_15:54:54

Files. , Download

   Mikrotik

. , , Youtube, Facebook . , IPFirewall. Layer 7 Protocol + :

     Mikrotik

, 7 OSI, Regexp :

^.+(youtube.com|facebook.com|vk.com).*$

OK Filter Rules +:

 Filter Rules

Chain Forward. Advanced Layer 7 Protocol :

  7   OSI  Mikrotik

Action, Action = Drop:

     Mikrotik

Apply OK.


?


: