ros如何禁用防火墙

2016-11-07

我的ros想禁用一下防火墙!用什么方法好呢?下面由小编给你做出详细的ros禁用防火墙方法一介绍!希望对你有帮助!

ros禁用防火墙方法一:

用winbox登录ROS

打开new terminal,把以下内容粘贴上回车,注意以粘贴以前把192.168.0.2改成要封QQ的那台电脑的IP

/ ip firewall filter

ad chain=forward src-address=192.168.0.2/32 pr tcp dst-po 8000 act drop

ad chain=forward src-address=192.168.0.2/32 pr udp dst-po 8000 act drop

add chain=forward src-address=192.168.0.2/32 dst-address=61.144.238.0/24 action=drop

add chain=forward src-address=192.168.0.2/32 dst-address=61.152.100.0/24 action=drop

add chain=forward src-address=192.168.0.2/32 dst-address=61.141.194.0/24 action=drop

add chain=forward src-address=192.168.0.2/32 dst-address=202.96.170.163/32 action=drop

add chain=forward src-address=192.168.0.2/32 dst-address=202.104.129.0/24 action=drop

add chain=forward src-address=192.168.0.2/32 dst-address=202.104.193.20/32 action=drop

add chain=forward src-address=192.168.0.2/32 dst-address=202.104.193.11/32 action=drop

add chain=forward src-address=192.168.0.2/32 dst-address=202.104.193.12/32 action=drop

add chain=forward src-address=192.168.0.2/32 dst-address=218.17.209.23/32 action=drop

add chain=forward src-address=192.168.0.2/32 dst-address=218.18.95.153/32 action=drop

add chain=forward src-address=192.168.0.2/32 dst-address=218.18.95.165/32 action=drop

add chain=forward src-address=192.168.0.2/32 dst-address=218.18.95.220/32 action=drop

add chain=forward src-address=192.168.0.2/32 dst-address=218.85.138.70/32 action=drop

add chain=forward src-address=192.168.0.2/32 dst-address=219.133.38.0/24 action=drop

add chain=forward src-address=192.168.0.2/32 dst-address=219.133.49.0/24 action=drop

add chain=forward src-address=192.168.0.2/32 dst-address=220.133.40.0/24 action=drop

add chain=forward src-address=192.168.0.2/32 content=sz.tencent.com action=reject

add chain=forward src-address=192.168.0.2/32 content=sz2.tencent.com action=reject

add chain=forward src-address=192.168.0.2/32 content=sz3.tencent.com action=reject

add chain=forward src-address=192.168.0.2/32 content=sz4.tencent.com action=reject

add chain=forward src-address=192.168.0.2/32 content=sz5.tencent.com action=reject

add chain=forward src-address=192.168.0.2/32 content=sz6.tencent.com action=reject

add chain=forward src-address=192.168.0.2/32 content=sz7.tencent.com action=reject

add chain=forward src-address=192.168.0.2/32 content=sz8.tencent.com action=rejec

add chain=forward src-address=192.168.0.2/32 content=sz9.tencent.com action=rejec

add chain=forward src-address=192.168.0.2/32 content=tcpconn.tencent.com action=reject

add chain=forward src-address=192.168.0.2/32 content=tcpconn2.tencent.com action=reject

add chain=forward src-address=192.168.0.2/32 content=tcpconn3.tencent.com action=reject

add chain=forward src-address=192.168.0.2/32 content=tcpconn4.tencent.com action=reject

add chain=forward src-address=192.168.0.2/32 content=tcpconn5.tencent.com action=reject

add chain=forward src-address=192.168.0.2/32 content=tcpconn6.tencent.com action=reject

add chain=forward src-address=192.168.0.2/32 content=tcpconn7.tencent.com action=reject

add chain=forward src-address=192.168.0.2/32 content=tcpconn8.tencent.com action=reject

add chain=forward src-address=192.168.0.2/32 content=qq.com action=reject

add chain=forward src-address=192.168.0.2/32 content=www.qq.com action=reject

QQ服务器IP不断增加中,发现还能登录QQ,就要找到新的IP加上,用360安全卫士或netstat都可以看到QQ连接的IP,照样子再加上行了。

ros禁用防火墙方法二:

IP DROP掉

防火墙设置

/ ip firewall filter

add chain=forward src-address="0.0.0.0/0" action=drop comment="禁止网" disabled=no

0.0.0.0表示所IP

单 写 192.168.1.X/32

或者 192.168.1.X-192.168.1.X

ros禁用防火墙方法三:

要禁止某用户网,直接pppSecrets,disable该用户.先梆定该用户网卡址.

要禁止某段IP,流设置

FireWall - Mamgle 已设wan口 属性Src.Address 设置

更多相关阅读

最新发布的文章