RWF MikroTik Firewall 4.0 MY Free Version

################################################################################
#########################
# Rick Frey's Basic MikroTik Firewall Rev 4.0 (Free Version)
#
################################################################################
#########################
# Author: Rick Frey
#
# email: support@rickfreyconsulting.com
#
# Username in MikroTik Forum is rickfrey
#
################################################################################
#########################
#
License
#
# This script has been created for use by the general public and may be used fre
ely. This script may
#
# not be sold!
#
################################################################################
#########################
################################################################################
#########################
# Features
#
# -Detect and block brute force attacks to the routers via SSH, Telnet, and Winb
ox (Disables WWW & FTP) #
# -Basic Antivirus filtering
#
# -P2P Blocking
#
# -High Connection Rate detection
#
# -Basic Spam detection
#
# -Basic Port Scanner Detection
#
# -Bogon Address Blocking
#
################################################################################
#########################
################################################################################
###########################################
################################################################################
###########################################
#### Firewall Settings
####
################################################################################
###########################################
/ip firewall connection tracking
################################################################################
###########################################
#### Drop Invalid Connections
####
################################################################################
###########################################
/ip firewall filter
add chain=SectionBreak comment="################################################
###########################################################################
#### Drop Invalid Connections
####
################################################################################
###########################################" disabled=yes
add action=drop chain=input comment="Drop Invalid Connections" connection-state=
invalid disabled=no
add action=drop chain=forward comment="Drop Invalid Connections" connection-stat
e=invalid disabled=no
add chain=SectionBreak comment="Section-Break" disabled=yes
################################################################################
###########################################
#### Must Add Admin IP Addresses in the Address List for Administering the Netwo
rk#########################################
#### BE SURE TO INCLUDE ALL LAN SUBNETS!!!!#####################################
###########################################
################################################################################
###########################################
###########################################################################
#### Must Add Admin IP Addresses in the Address List for Administering the Netwo
rk#########################################
#### BE SURE TO INCLUDE ALL LAN SUBNETS!!!!#####################################
###########################################
################################################################################
###########################################" disabled=yes
add action=accept chain=input comment="Accept Exempt IP Addresses" disabled=no s
rc-address-list="Exempt Addresses"
add action=accept chain=forward comment="Accept Exempt IP Addresses" disabled=no
src-address-list="Exempt Addresses"
################################################################################
############################################
#### Multiple "Black Lists" have been created to help identify why any given per
son has been blocked.#######################
#### By default Port Scanners Black List is disabled. The Firewall will continue
to add these people to the ################
#### the Black List, but will not block them unless the Black List is enabled. U
se with caution!!!! ########################
#### Once someone is on a Black List they are permanently recorded there. To rem
ove them, go to the address list.###########
################################################################################
############################################
############################################################################
#### Multiple "Black Lists" have been created to help identify why any given per
son has been blocked.#######################
#### By default Port Scanners Black List is disabled. The Firewall will continue
to add these people to the ################
#### the Black List, but will not block them unless the Black List is enabled. U
se with caution!!!! ########################
#### Once someone is on a Black List they are permanently recorded there. To rem
ove them, go to the address list.###########
################################################################################
############################################" disabled=yes
add action=drop chain=input comment="Drop anyone in the Black List (Manually Add
ed)" disabled=no src-address-list="Black List"
add action=drop chain=forward comment="Drop anyone in the Black List (Manually A
dded)" disabled=no src-address-list="Black List"
add action=drop chain=input comment="Drop anyone in the Black List (SSH)" disabl
ed=no src-address-list="Black List (SSH)"
add action=drop chain=forward comment="Drop anyone in the Black List (SSH)" disa
bled=no src-address-list="Black List (SSH)"
add action=drop chain=input comment="Drop anyone in the Black List (Telnet)" dis
abled=no src-address-list="Black List (Telnet)"
add action=drop chain=forward comment="Drop anyone in the Black List (Telnet)" d
isabled=no src-address-list="Black List (Telnet)"
add action=drop chain=input comment="Drop anyone in the Black List (Winbox)" dis
abled=no src-address-list="Black List (Winbox)"
add action=drop chain=forward comment="Drop anyone in the Black List (Winbox)" d
isabled=no src-address-list="Black List (Winbox)"
add action=drop chain=input comment="Drop anyone in the Port Scanner List" disab
led=yes src-address-list="WAN Port Scanners"
add action=drop chain=forward comment="Drop anyone in the Port Scanner List" dis
abled=yes src-address-list="WAN Port Scanners"
add action=drop chain=input comment="Drop anyone in the Port Scanner List" disab
led=yes src-address-list="LAN Port Scanners"
add action=drop chain=forward comment="Drop anyone in the Port Scanner List" dis
abled=yes src-address-list="LAN Port Scanners"
add action=drop chain=forward comment="Drop anyone in the Black List (High Conne
ctions)" disabled=yes src-address-list="(High Connection Rates)"
add action=drop chain=input comment="Drop all Bogons" disabled=yes src-address-l
ist=Bogons
add action=drop chain=forward comment="Drop all Bogons" disabled=yes src-address
-list=Bogons
add action=drop chain=forward comment="Drop all P2P" disabled=yes p2p=all-p2p
add chain=output comment="Section Break" disabled=yes
################################################################################
###########################################
#### Detect & Block Brute Force Login Attempts
####
################################################################################
###########################################
###########################################################################
#### Detect & Block Brute Force Login Attempts
####
################################################################################
###########################################" disabled=yes
add action=jump chain=input comment="Jump to RWF SSH Chain" disabled=no jump-tar
get="RWF SSH Chain"
add action=add-src-to-address-list address-list="Black List (SSH)" address-listtimeout=0s chain="RWF SSH Chain" comment="Transfer repeated attempts from SSH St
age 3 to Black-List" connection-state=new disabled=no dst-port=22 protocol=tcp s
rc-address-list="SSH Stage 3"
add action=add-src-to-address-list address-list="SSH Stage 3" address-list-timeo
ut=1m chain="RWF SSH Chain" comment="Add succesive attempts to SSH Stage 3" conn
ection-state=new disabled=no dst-port=22 protocol=tcp src-address-list="SSH Stag
e 2"
ut=1m chain="RWF SSH Chain" comment="Add succesive attempts to SSH Stage 2" conn
ection-state=new disabled=no dst-port=22 protocol=tcp src-address-list="SSH Stag
e 1"
ut=1m chain="RWF SSH Chain" comment="Add intial attempt to SSH Stage 1 List" con
nection-state=new disabled=no dst-port=22 protocol=tcp
add action=log chain="RWF SSH Chain" comment="Log Black Listed IPs" disabled=no
log-prefix="SSH Black List - " src-address-list="Black List (SSH)"
add action=return chain="RWF SSH Chain" comment="Return From RWF SSH Chain" disa
bled=no
add action=jump chain=input comment="Jump to RWF Telnet Chain" disabled=no jumptarget="RWF Telnet Chain"
add action=add-src-to-address-list address-list="Black List (Telnet)" address-li
st-timeout=0s chain="RWF Telnet Chain" comment="Transfer repeated attempts from
Telnet Stage 3 to Black-List" connection-state=new disabled=no dst-port=23 proto
col=tcp src-address-list="Telnet Stage 3"
add action=add-src-to-address-list address-list="Telnet Stage 3" address-list-ti
meout=1m chain="RWF Telnet Chain" comment="Add succesive attempts to Telnet Stag
e 3" connection-state=new disabled=no dst-port=23 protocol=tcp src-address-list=
"Telnet Stage 2"
meout=1m chain="RWF Telnet Chain" comment="Add succesive attempts to Telnet Stag
e 2" connection-state=new disabled=no dst-port=23 protocol=tcp src-address-list=
"Telnet Stage 1"
meout=1m chain="RWF Telnet Chain" comment="Add Intial attempt to Telnet Stage 1"
connection-state=new disabled=no dst-port=23 protocol=tcp
add action=log chain="RWF Telnet Chain" comment="Log Black Listed IPs" disabled=
no log-prefix="Telnet Black List - " src-address-list="Black List (Telnet)"
add action=return chain="RWF Telnet Chain" comment="Return From RWF Telnet Chain
" disabled=no
add action=jump chain=input comment="Jump to RWF Winbox Chain" disabled=no jumptarget="RWF Winbox Chain"
add action=add-src-to-address-list address-list="Black List (Winbox)" address-li
st-timeout=0s chain="RWF Winbox Chain" comment="Transfer repeated attempts from
Winbox Stage 3 to Black-List" connection-state=new disabled=no dst-port=8291 pro
tocol=tcp src-address-list="Winbox Stage 3"
add action=add-src-to-address-list address-list="Winbox Stage 3" address-list-ti
meout=1m chain="RWF Winbox Chain" comment="Add succesive attempts to Winbox Stag
e 3" connection-state=new disabled=no dst-port=8291 protocol=tcp src-address-lis
t="Winbox Stage 2"
meout=1m chain="RWF Winbox Chain" comment="Add succesive attempts to Winbox Stag
e 2" connection-state=new disabled=no dst-port=8291 protocol=tcp src-address-lis
t="Winbox Stage 1"
meout=1m chain="RWF Winbox Chain" comment="Add Intial attempt to Winbox Stage 1"
connection-state=new disabled=no dst-port=8291 protocol=tcp
add action=log chain="RWF Winbox Chain" comment="Log Black Listed IPs" disabled=
no log-prefix="Winbox Black List - " src-address-list="Black List (Winbox)"
add action=return chain="RWF Winbox Chain" comment="Return From RWF Winbox Chain
" disabled=no

################################################################################
###########################################
#### Detect & Manage Port Scanners
####
################################################################################
###########################################
add chain=output comment="######################################################
#####################################################################
#### Detect & Manage Port Scanners
####
################################################################################
###########################################" disabled=yes
add action=jump chain=input comment="Jump to RWF WAN Port Scanners" disabled=no
jump-target="RWF WAN Port Scanners"
add action=add-src-to-address-list address-list="Wan Port Scanners" address-list
-timeout=0s chain="RWF WAN Port Scanners" comment="Add TCP Port Scanners to Addr
ess List" disabled=no protocol=tcp psd=40,3s,2,1
add action=log chain="RWF WAN Port Scanners" comment="Log Black Listed IPs" disa
bled=no log-prefix="WAN Port Scanners - " src-address-list="Wan Port Scanners"
add action=return chain="RWF WAN Port Scanners" comment="Return From RWF WAN Por
t Scanners" disabled=no
add action=jump chain=forward comment="Jump to RWF LAN Port Scanners" disabled=n
o jump-target="RWF LAN Port Scanners"
add action=add-src-to-address-list address-list="RWF LAN Port Scanners" addresslist-timeout=0s chain="RWF LAN Port Scanners" comment="Add TCP Port Scanners to
Address List" disabled=no protocol=tcp psd=40,3s,2,1
add action=log chain="RWF LAN Port Scanners" comment="Log Black Listed IPs" disa
bled=no log-prefix="LAN Port Scanners - " src-address-list="LAN Port Scanners"
add action=return chain="RWF LAN Port Scanners" comment="Return From RWF LAN Por
t Scanners" disabled=no
################################################################################
###########################################
#### Detect & Manage High Connection Rates
####
################################################################################
###########################################
###########################################################################
#### Detect & Manage High Connection Rates
####
################################################################################
###########################################" disabled=yes
add action=jump chain=forward comment="Jump to High Connection Limiting Chain" j
ump-target="RWF Conn Limit Chain (LAN)"
add action=add-src-to-address-list address-list="(LAN High Connection Rates)" ch
ain="RWF Conn Limit Chain (LAN)" comment="Add LAN High Connections to Address Li
st" connection-limit=100,32 protocol=tcp
add action=log chain="RWF Conn Limit Chain (LAN)" comment="Log Black Listed IPs"
log-prefix="LAN High Conn Limit - " src-address-list="(LAN High Connection Rate
s)"
add action=return chain="RWF Conn Limit Chain (LAN)" comment="Return From High C
onnection Limit Chain"
add action=jump chain=input comment="Jump to High Connection Limiting Chain" jum
p-target="RWF Conn Limit Chain (WAN)"
add action=add-src-to-address-list address-list="(WAN High Connection Rates)" ch
ain="RWF Conn Limit Chain (WAN)" comment="Add WAN High Connections to Address Li
st" connection-limit=100,32 protocol=tcp
add action=log chain="RWF Conn Limit Chain (WAN)" comment="Log Black Listed IPs"
disabled=yes log-prefix="WAN High Conn Limit - " src-address-list="(WAN High Co
nnection Rates)"
add action=return chain="RWF Conn Limit Chain (WAN)" comment="Return From High C
onnection Limit Chain"
################################################################################
############################################
#### The Virus Chain has been added at the request of customers, but there is no
guarantee expressed or implied with the ###
#### Virus Chain. ##############################################################
############################################
################################################################################
############################################
############################################################################
#### The Virus Chain has been added at the request of customers, but there is no
guarantee expressed or implied with the ###
#### Virus Chain. ##############################################################
############################################
################################################################################
############################################
" disabled=yes
add action=jump chain=input comment="Jump to Virus Chain" disabled=no jump-targe
t=Virus
add action=drop chain=Virus comment="Drop Blaster Worm" disabled=no dst-port=135
-139 protocol=tcp
protocol=tcp
protocol=udp
add action=drop chain=Virus comment="Drop Messenger Worm" disabled=no dst-port=1
35-139 protocol=udp
add action=drop chain=Virus comment=Conficker disabled=no dst-port=593 protocol=
tcp
add action=drop chain=Virus comment=Worm disabled=no dst-port=1024-1030 protocol
=tcp
add action=drop chain=Virus comment="ndm requester" disabled=no dst-port=1363 pr
otocol=tcp
add action=drop chain=Virus comment="ndm server" disabled=no dst-port=1364 proto
col=tcp
add action=drop chain=Virus comment="screen cast" disabled=no dst-port=1368 prot
ocol=tcp
add action=drop chain=Virus comment=hromgrafx disabled=no dst-port=1373 protocol
=tcp
add action=drop chain=Virus comment="Drop MyDoom" disabled=no dst-port=1080 prot
ocol=tcp
add action=drop chain=Virus comment=cichlid disabled=no dst-port=1377 protocol=t
cp
add action=drop chain=Virus comment=Worm disabled=no dst-port=1433-1434 protocol

=tcp
add action=drop chain=Virus comment="Drop Dumaru.Y" disabled=no dst-port=2283 pr
otocol=tcp
add action=drop chain=Virus comment="Drop Beagle" disabled=no dst-port=2535 prot
ocol=tcp
add action=drop chain=Virus comment="Drop Beagle.C-K" disabled=no dst-port=2745
protocol=tcp
add action=drop chain=Virus comment="Drop MyDoom" disabled=no dst-port=3127-3128
protocol=tcp
add action=drop chain=Virus comment="Drop Backdoor OptixPro" disabled=no dst-por
t=3410 protocol=tcp
add action=drop chain=Virus comment="Drop Sasser" disabled=no dst-port=5554 prot
ocol=tcp
add action=drop chain=Virus comment=Worm disabled=no dst-port=4444 protocol=tcp
add action=drop chain=Virus comment=Worm disabled=no dst-port=4444 protocol=udp
add action=drop chain=Virus comment="Drop Beagle.B" disabled=no dst-port=8866 pr
otocol=tcp
add action=drop chain=Virus comment="Drop Dabber.A-B" disabled=no dst-port=9898
protocol=tcp
add action=drop chain=Virus comment="Drop Dumaru.Y" disabled=no dst-port=10000 p
rotocol=tcp
add action=drop chain=Virus comment="Drop MyDoom.B" disabled=no dst-port=10080 p
rotocol=tcp
add action=drop chain=Virus comment="Drop NetBus" disabled=no dst-port=12345 pro
tocol=tcp
add action=drop chain=Virus comment="Drop Kuang2" disabled=no dst-port=17300 pro
tocol=tcp
add action=drop chain=Virus comment="Drop SubSeven" disabled=no dst-port=27374 p
rotocol=tcp
add action=drop chain=Virus comment="Drop PhatBot, Agobot, Gaobot" disabled=no d
st-port=65506 protocol=tcp
add action=return chain=Virus comment="Return From Virus Chain" disabled=no
################################################################################
###########################################
#### This is the short list that is published on the web at http://www.team-cymr
u.org/Services/Bogons/bogon-bn-nonagg.txt##
#### This list must be maintained or it will cause problems. Check for updates a
t least monthly.###########################
####!!!!! All subnets in this list will be blocked!!! Disable or remove any subn
ets that you are using!!!##################
################################################################################
###########################################
/ip
add
add
add
add
add
add
add
add
add
firewall address-list
list= Bogons address=0.0.0.0/8
disabled=yes
disabled=yes
disabled=yes
disabled=yes
disabled=yes
disabled=yes
disabled=yes
disabled=yes
disabled=yes
add
add
add
add
add
list=
list=
list=
list=
list=
Bogons
Bogons
Bogons
Bogons
Bogons
address=198.18.0.0/15 disabled=yes
address=224.0.0.0/4
disabled=yes
address=240.0.0.0/4
disabled=yes
################################################################################
###########################################
#### This is a list of all common ports as found on http://en.wikipedia.org/wiki
/List_of_TCP_and_UDP_port_numbers
##
#### By default they are enabled to prevent immediate problems when applying the
script. Carefully review the list of
##
#### ports and remove or disable entries that are not needed.
##
################################################################################
###########################################
/ip firewall filter
###########################################################################
#### This is a list of all common ports as found on http://en.wikipedia.org/wiki
/List_of_TCP_and_UDP_port_numbers
##
#### By default they are enabled to prevent immediate problems when applying the
script. Carefully review the list of
##
#### ports and remove or disable entries that are not needed.
##
################################################################################
###########################################" disabled=yes
add action=jump chain=forward comment="Jump to \"Manage Common Ports\" Chain" ju
mp-target="Manage Common Ports"
add chain="Manage Common Ports" comment="TCP Port Service Multiplexer(TCPMUX)" p
ort=1 protocol=tcp
add chain="Manage Common Ports" comment="TCP Port Service Multiplexer(TCPMUX) "
port=1 protocol=udp
add chain="Manage Common Ports" comment="CompressNETManagement Utility" port=2 p
rotocol=tcp
add chain="Manage Common Ports" comment="CompressNETManagement Utility " port=2
protocol=udp
add chain="Manage Common Ports" comment="CompressNETCompression Process" port=3
protocol=tcp
add chain="Manage Common Ports" comment="CompressNETCompression Process " port=
3 protocol=udp
add chain="Manage Common Ports" comment="Remote Job Entry" port=5 protocol=tcp
add chain="Manage Common Ports" comment="Remote Job Entry " port=5 protocol=udp
add chain="Manage Common Ports" comment="Echo Protocol" port=7 protocol=tcp
add chain="Manage Common Ports" comment="Echo Protocol " port=7 protocol=udp
add chain="Manage Common Ports" comment=Cyberdeck port=8 protocol=tcp
add chain="Manage Common Ports" comment="Cyberdeck " port=8 protocol=udp
add chain="Manage Common Ports" comment="Discard Protocol" port=9 protocol=tcp
add chain="Manage Common Ports" comment="Discard Protocol & Wake-on-LAN " port
=9 protocol=udp
add chain="Manage Common Ports" comment="Active Users (systatservice)" port=11 p
rotocol=tcp
add chain="Manage Common Ports" comment="Active Users (systatservice) " port=11
protocol=udp
add chain="Manage Common Ports" comment="Daytime Protocol(RFC 867)" port=13 prot
ocol=tcp
add chain="Manage Common Ports" comment="Daytime Protocol(RFC 867) " port=13 pr
otocol=udp
add chain="Manage Common Ports"

l=tcp
tocol=udp
p
=tcp
ol=udp
port=19 protocol=tcp
" port=19 protocol=udp
p
tcp
udp
ations" port=23 protocol=tcp
ations " port=23 protocol=udp
=24 protocol=tcp
rt=24 protocol=udp
rt=25 protocol=tcp
port=25 protocol=udp
p
udp
col=tcp
tocol=udp
=35 protocol=tcp
rt=35 protocol=udp
9 protocol=tcp
=39 protocol=udp
comment=Previouslynetstatservice port=15 protoco

comment="Previouslynetstatservice " port=15 pro
comment="Quote of the Day" port=17 protocol=tcp
comment="Quote of the Day " port=17 protocol=ud
comment="Message Send Protocol" port=18 protocol
comment="Message Send Protocol " port=18 protoc
comment="Character Generator Protocol(CHARGEN)"
comment="Character Generator Protocol(CHARGEN)
comment="FTPdata transfer" port=20 protocol=tcp
comment="FTPdata transfer " port=20 protocol=ud
comment="FTPcontrol (command)" port=21 protocol=
comment="Secure Shell(SSH)" port=22 protocol=tcp
comment="Secure Shell(SSH) " port=22 protocol=
comment="Telnetprotocolunencrypted text communic
comment="Telnetprotocolunencrypted text communic
comment="Priv-mail: any privatemailsystem." port
comment="Priv-mail: any privatemailsystem. " po
comment="Simple Mail Transfer Protocol(SMTP)" po
comment="Simple Mail Transfer Protocol(SMTP) "
comment="NSW User System FE" port=27 protocol=tc
comment="NSW User System FE " port=27 protocol=
comment="MSG ICP" port=29 protocol=tcp
comment="MSG ICP " port=29 protocol=udp
comment="Display Support Protocol" port=33 proto
comment="Display Support Protocol " port=33 pro
comment="Any privateprinter serverprotocol" port
comment="Any privateprinter serverprotocol " po
comment="TIME protocol" port=37 protocol=tcp
comment="TIME protocol " port=37 protocol=udp
comment="Resource Location Protocol(RLP)" port=3
comment="Resource Location Protocol(RLP) " port
comment="ARPA Host Name Server Protocol & WINS"
comment="ARPA Host Name Server Protocol & WINS
comment=WHOISprotocol port=43 protocol=tcp
add chain="Manage Common Ports" comment="WHOISprotocol " port=43 protocol=udp

add chain="Manage Common Ports" comment="NI FTP" port=47 protocol=tcp
add chain="Manage Common Ports" comment="NI FTP " port=47 protocol=udp
add chain="Manage Common Ports" comment="TACACSLogin Host protocol" port=49 prot
ocol=tcp
add chain="Manage Common Ports" comment="TACACSLogin Host protocol " port=49 pr
otocol=udp
add chain="Manage Common Ports" comment="Remote Mail Checking Protocol" port=50
protocol=tcp
add chain="Manage Common Ports" comment="Remote Mail Checking Protocol " port=5
0 protocol=udp
add chain="Manage Common Ports" comment="IMP Logical Address Maintenance" port=5
1 protocol=tcp
add chain="Manage Common Ports" comment="IMP Logical Address Maintenance " port
=51 protocol=udp
add chain="Manage Common Ports" comment="XNS (Xerox Network Systems) Time Protoc
ol" port=52 protocol=tcp
add chain="Manage Common Ports" comment="XNS (Xerox Network Systems) Time Protoc
ol " port=52 protocol=udp
add chain="Manage Common Ports" comment="Domain Name System(DNS)" port=53 protoc
ol=tcp
add chain="Manage Common Ports" comment="Domain Name System(DNS) " port=53 prot
ocol=udp
add chain="Manage Common Ports" comment="XNS (Xerox Network Systems) Clearinghou
se" port=54 protocol=tcp
add chain="Manage Common Ports" comment="XNS (Xerox Network Systems) Clearinghou
se " port=54 protocol=udp
add chain="Manage Common Ports" comment="ISI Graphics Language(ISI-GL)" port=55
protocol=tcp
add chain="Manage Common Ports" comment="ISI Graphics Language(ISI-GL) " port=5
5 protocol=udp
add chain="Manage Common Ports" comment="XNS (Xerox Network Systems) Authenticat
ion & RAP" port=56 protocol=tcp
add chain="Manage Common Ports" comment="XNS (Xerox Network Systems) Authenticat
ion & RAP" port=56 protocol=udp
add chain="Manage Common Ports" comment="Mail Transfer Protocol(RFC 780)" port=5
7 protocol=tcp
add chain="Manage Common Ports" comment="XNS (Xerox Network Systems) Mail" port=
58 protocol=tcp
add chain="Manage Common Ports" comment="XNS (Xerox Network Systems) Mail " por
t=58 protocol=udp
add chain="Manage Common Ports" comment="CI (Travelport) (formerly Covia) Comms
Integrator" port=64 protocol=tcp
add chain="Manage Common Ports" comment="CI (Travelport) (formerly Covia) Comms
Integrator " port=64 protocol=udp
add chain="Manage Common Ports" comment="(BOOTP) Server & (DHCP) " port=67 prot
ocol=udp
add chain="Manage Common Ports" comment="(BOOTP) Client & (DHCP) " port=68 prot
ocol=udp
add chain="Manage Common Ports" comment="Trivial File Transfer Protocol(TFTP) "
add chain="Manage Common Ports" comment="Gopher protocol" port=70 protocol=tcp
add chain="Manage Common Ports" comment=NETRJSprotocol port=71 protocol=tcp
add chain="Manage Common Ports" comment="Finger protocol" port=79 protocol=tcp
add chain="Manage Common Ports" comment="Hypertext Transfer Protocol(HTTP)" port
=80 protocol=tcp
add chain="Manage Common Ports" comment="TorparkOnion routing" port=81 protocol=
tcp
add chain="Manage Common Ports" comment="TorparkControl " port=82 protocol=udp
add chain="Manage Common Ports" comment="Kerberos authentication system" port=88
protocol=tcp
add chain="Manage Common Ports" comment="Kerberos authentication system " port=
88 protocol=udp
add chain="Manage Common Ports" comment="dnsix (DoDNetwork Security for Informat
ion Exchange) Securit Attribute Token Map & PointCast (dotcom)" port=90 protocol
=tcp
add chain="Manage Common Ports" comment="dnsix (DoDNetwork Security for Informat
ion Exchange) Securit Attribute Token Map & PointCast (dotcom) " port=90 proto
col=udp
add chain="Manage Common Ports" comment="WIP Messageprotocol" port=99 protocol=t
cp
add chain="Manage Common Ports" comment="WIP Messageprotocol " port=99 protocol
=udp
add chain="Manage Common Ports" comment="CyberGate RAT protocol " port=100 prot
ocol=udp
add chain="Manage Common Ports" comment="NIChost name" port=101 protocol=tcp
add chain="Manage Common Ports" comment="ISO-TSAP(Transport Service Access Point
)" port=102 protocol=tcp
add chain="Manage Common Ports" comment="ACR/NEMADigital Imaging and Communicati
ons in Medicine(DICOM)" port=104 protocol=tcp
add chain="Manage Common Ports" comment="ACR/NEMADigital Imaging and Communicati
ons in Medicine(DICOM) " port=104 protocol=udp
add chain="Manage Common Ports" comment="CCSO Nameserver Protocol (Qi/Ph)" port=
105 protocol=tcp
add chain="Manage Common Ports" comment="CCSO Nameserver Protocol (Qi/Ph) " por
t=105 protocol=udp
add chain="Manage Common Ports" comment=RemoteTELNETServiceprotocol port=107 pro
tocol=tcp
add chain="Manage Common Ports" comment="SNAGateway Access Server" port=108 prot
ocol=tcp
add chain="Manage Common Ports" comment="SNAGateway Access Server " port=108 pr
otocol=udp
add chain="Manage Common Ports" comment="Post Office Protocolv2 (POP2)" port=109
protocol=tcp
add chain="Manage Common Ports" comment="Post Office Protocolv3 (POP3)" port=110
protocol=tcp
add chain="Manage Common Ports" comment="ONC RPC(SunRPC)" port=111 protocol=tcp
add chain="Manage Common Ports" comment="ONC RPC(SunRPC) " port=111 protocol=ud
p
add chain="Manage Common Ports" comment="IdentAuthentication Service/Identificat
ion Protocol" port=113 protocol=tcp
add chain="Manage Common Ports" comment="Authentication Service(auth) " port=11
3 protocol=udp
add chain="Manage Common Ports" comment="Simple File Transfer Protocol(SFTP)" po
rt=115 protocol=tcp
add chain="Manage Common Ports" comment="SQL(Structured Query Language) Services
" port=118 protocol=tcp
add chain="Manage Common Ports" comment="SQL(Structured Query Language) Services
add chain="Manage Common Ports" comment="Network News Transfer Protocol(NNTP)" p
ort=119 protocol=tcp
add chain="Manage Common Ports" comment="Network Time Protocol(NTP)" port=123 pr
otocol=udp
add chain="Manage Common Ports" comment="FormerlyUnisysUnitary Login, renamed by
Unisys to NXEdit." port=126 protocol=tcp
add chain="Manage Common Ports" comment="FormerlyUnisysUnitary Login, renamed by
Unisys to NXEdit. " port=126 protocol=udp
add chain="Manage Common Ports" comment="DCEendpointresolution & MicrosoftEPMAP

(End Point Mapper)" port=135 protocol=tcp
add chain="Manage Common Ports" comment="DCEendpointresolution & MicrosoftEPMAP
(End Point Mapper) " port=135 protocol=udp
add chain="Manage Common Ports" comment="NetBIOSNetBIOS Name Service" port=137 p
rotocol=tcp
add chain="Manage Common Ports" comment="NetBIOSNetBIOS Name Service " port=137
protocol=udp
add chain="Manage Common Ports" comment="NetBIOSNetBIOS Datagram Service" port=1
38 protocol=tcp
add chain="Manage Common Ports" comment="NetBIOSNetBIOS Datagram Service " port
=138 protocol=udp
add chain="Manage Common Ports" comment="NetBIOSNetBIOS Session Service" port=13
9 protocol=tcp
add chain="Manage Common Ports" comment="NetBIOSNetBIOS Session Service " port=
139 protocol=udp
add chain="Manage Common Ports" comment="Internet Message Access Protocol(IMAP)"
add chain="Manage Common Ports" comment="Background File Transfer Program (BFTP)
add chain="Manage Common Ports" comment="Background File Transfer Program (BFTP)
add chain="Manage Common Ports" comment="SGMP,Simple Gateway Monitoring Protocol
add chain="Manage Common Ports" comment="SGMP,Simple Gateway Monitoring Protocol
add chain="Manage Common Ports" comment=SQLService port=156 protocol=tcp
add chain="Manage Common Ports" comment="SQLService " port=156 protocol=udp
add chain="Manage Common Ports" comment="DMSP, Distributed Mail Service Protocol
add chain="Manage Common Ports" comment="DMSP, Distributed Mail Service Protocol
add chain="Manage Common Ports" comment="Simple Network Management Protocol(SNMP
) " port=161 protocol=udp
add chain="Manage Common Ports" comment="Simple Network Management ProtocolTrap
(SNMPTRAP)" port=162 protocol=tcp
add chain="Manage Common Ports" comment="Simple Network Management ProtocolTrap
(SNMPTRAP) " port=162 protocol=udp
add chain="Manage Common Ports" comment="Print-srv, NetworkPostScript" port=170
protocol=tcp
add chain="Manage Common Ports" comment="VMNET (IBM z/VM, z/OS & z/VSE - Network
Job Entry(NJE))" port=175 protocol=tcp
add chain="Manage Common Ports" comment="X Display ManagerControl Protocol (XDMC
P)" port=177 protocol=tcp
add chain="Manage Common Ports" comment="X Display ManagerControl Protocol (XDMC
P) " port=177 protocol=udp
add chain="Manage Common Ports" comment="BGP(Border Gateway Protocol)" port=179
protocol=tcp
add chain="Manage Common Ports" comment="Internet Relay Chat(IRC)" port=194 prot
ocol=tcp
add chain="Manage Common Ports" comment="Internet Relay Chat(IRC) " port=194 pr
otocol=udp
add chain="Manage Common Ports" comment="SMUX,SNMPUnix Multiplexer" port=199 pro
tocol=tcp
add chain="Manage Common Ports" comment="SMUX,SNMPUnix Multiplexer " port=199 p
rotocol=udp
add chain="Manage Common Ports" comment="AppleTalkRouting Maintenance" port=201
protocol=tcp
add chain="Manage Common Ports" comment="AppleTalkRouting Maintenance " port=20
1 protocol=udp
add chain="Manage Common Ports" comment="TheQuick Mail Transfer Protocol" port=2

09 protocol=tcp
add chain="Manage Common Ports" comment="TheQuick Mail Transfer Protocol " port
=209 protocol=udp
add chain="Manage Common Ports" comment=ANSIZ39.50 port=210 protocol=tcp
add chain="Manage Common Ports" comment="ANSIZ39.50 " port=210 protocol=udp
add chain="Manage Common Ports" comment="Internetwork Packet Exchange(IPX)" port
=213 protocol=tcp
add chain="Manage Common Ports" comment="Internetwork Packet Exchange(IPX) " po
rt=213 protocol=udp
add chain="Manage Common Ports" comment="Message posting protocol(MPP)" port=218
protocol=tcp
add chain="Manage Common Ports" comment="Message posting protocol(MPP) " port=2
18 protocol=udp
add chain="Manage Common Ports" comment="Internet Message Access Protocol(IMAP),
version 3" port=220 protocol=tcp
add chain="Manage Common Ports" comment="Internet Message Access Protocol(IMAP),
version 3 " port=220 protocol=udp
add chain="Manage Common Ports" comment="ESRO, Efficient Short Remote Operations
add chain="Manage Common Ports" comment="ESRO, Efficient Short Remote Operations
add chain="Manage Common Ports" comment="BGMP, Border Gateway Multicast Protocol
add chain="Manage Common Ports" comment="BGMP, Border Gateway Multicast Protocol
add chain="Manage Common Ports" comment=http-mgmt port=280 protocol=tcp
add chain="Manage Common Ports" comment="http-mgmt " port=280 protocol=udp
add chain="Manage Common Ports" comment="ThinLincWeb Access" port=300 protocol=t
cp
add chain="Manage Common Ports" comment="Novastor Online Backup" port=308 protoc
ol=tcp
add chain="Manage Common Ports" comment="Mac OS X ServerAdmin (officially AppleS
hare IP Web administration)" port=311 protocol=tcp
add chain="Manage Common Ports" comment="PKIX TSP,Time Stamp Protocol" port=318
protocol=tcp
add chain="Manage Common Ports" comment="PKIX TSP,Time Stamp Protocol " port=31
8 protocol=udp
add chain="Manage Common Ports" comment="Precision time protocolevent messages
add chain="Manage Common Ports" comment="Precision time protocolgeneral messages
add chain="Manage Common Ports" comment="MATIP-Type A, Mapping of Airline Traffi
c over Internet Protocol" port=350 protocol=tcp
add chain="Manage Common Ports" comment="MATIP-Type A, Mapping of Airline Traffi
c over Internet Protocol " port=350 protocol=udp
add chain="Manage Common Ports" comment="MATIP-Type B, Mapping of Airline Traffi
c over Internet Protocol" port=351 protocol=tcp
add chain="Manage Common Ports" comment="MATIP-Type B, Mapping of Airline Traffi
c over Internet Protocol " port=351 protocol=udp
add chain="Manage Common Ports" comment="ODMR, On-Demand Mail Relay" port=366 pr
otocol=tcp
add chain="Manage Common Ports" comment="ODMR, On-Demand Mail Relay " port=366
protocol=udp
add chain="Manage Common Ports" comment=Rpc2portmap port=369 protocol=tcp
add chain="Manage Common Ports" comment="Rpc2portmap " port=369 protocol=udp
add chain="Manage Common Ports" comment="codaauth2Coda authentication server" po
rt=370 protocol=tcp
add chain="Manage Common Ports" comment="codaauth2Coda authentication server" po
rt=370 protocol=udp
add chain="Manage Common Ports" comment="ClearCase albd" port=371 protocol=tcp

add chain="Manage Common Ports" comment="ClearCase albd " port=371 protocol=udp
add chain="Manage Common Ports" comment="HP data alarm manager" port=383 protoco
l=tcp
add chain="Manage Common Ports" comment="HP data alarm manager " port=383 proto
col=udp
add chain="Manage Common Ports" comment="A Remote Network Server System" port=38
4 protocol=tcp
add chain="Manage Common Ports" comment="A Remote Network Server System " port=
384 protocol=udp
add chain="Manage Common Ports" comment="AURP, AppleTalk Update-based Routing Pr
otocol" port=387 protocol=tcp
add chain="Manage Common Ports" comment="AURP, AppleTalk Update-based Routing Pr
otocol " port=387 protocol=udp
add chain="Manage Common Ports" comment="Lightweight Directory Access Protocol(L
DAP)" port=389 protocol=tcp
add chain="Manage Common Ports" comment="Lightweight Directory Access Protocol(L
DAP) " port=389 protocol=udp
add chain="Manage Common Ports" comment="Digital Equipment CorporationDECnet(Pha
se V+) over TCP/IP" port=399 protocol=tcp
add chain="Manage Common Ports" comment="Digital Equipment CorporationDECnet(Pha
se V+) over TCP/IP " port=399 protocol=udp
add chain="Manage Common Ports" comment="UPSUninterruptible Power Supply" port=4
01 protocol=tcp
add chain="Manage Common Ports" comment="UPSUninterruptible Power Supply " port
=401 protocol=udp
add chain="Manage Common Ports" comment="Timbuktu Proby Netopia" port=407 protoc
ol=tcp
add chain="Manage Common Ports" comment="Timbuktu Proby Netopia " port=407 prot
ocol=udp
add chain="Manage Common Ports" comment="Service Location Protocol(SLP)" port=42
7 protocol=tcp
add chain="Manage Common Ports" comment="Service Location Protocol(SLP) " port=
427 protocol=udp
add chain="Manage Common Ports" comment="Hypertext Transfer ProtocoloverTLS/SSL(
HTTPS)" port=443 protocol=tcp
add chain="Manage Common Ports" comment="SNPP, Simple Network Paging Protocol (R
FC 1568)" port=444 protocol=tcp
add chain="Manage Common Ports" comment="SNPP, Simple Network Paging Protocol (R
FC 1568) " port=444 protocol=udp
add chain="Manage Common Ports" comment="Microsoft-DSActive Directory, Windows s
hares" port=445 protocol=tcp
add chain="Manage Common Ports" comment="KerberosChange/Set password" port=464 p
rotocol=tcp
add chain="Manage Common Ports" comment="KerberosChange/Set password " port=464
protocol=udp
add chain="Manage Common Ports" comment="URL Rendesvous Directory for SSM (Cisco
protocol)" port=465 protocol=tcp
add chain="Manage Common Ports" comment="tcpnethaspsrv (Aladdin Knowledge System
sHasp services, TCP/IP version)" port=475 protocol=tcp
add chain="Manage Common Ports" comment="tcpnethaspsrv (Aladdin Knowledge System
sHasp services, TCP/IP version) " port=475 protocol=udp
add chain="Manage Common Ports" comment="GoGlobal TCP/IP version)" port=491 prot
ocol=tcp
add chain="Manage Common Ports" comment="GoGlobal TCP/IP version) " port=491 pr
otocol=udp
add chain="Manage Common Ports" comment="Dantz Retrospect" port=497 protocol=tcp
add chain="Manage Common Ports" comment="Internet Security Association and Key M
anagement Protocol(ISAKMP) " port=500 protocol=udp
add chain="Manage Common Ports" comment="Modbus, Protocol" port=502 protocol=tcp
add chain="Manage Common Ports" comment="Modbus, Protocol " port=502 protocol=u

dp
add chain="Manage Common Ports" comment="Citadel multiservice protocol" port=504
protocol=tcp
add chain="Manage Common Ports" comment="Citadel multiservice protocol" port=504
protocol=udp
add chain="Manage Common Ports" comment="Rexec, Remote Process Execution & comsa
t, together withbiff" port=512 protocol=tcp
add chain="Manage Common Ports" comment="comsat, together withbiff " port=512 p
rotocol=udp
add chain="Manage Common Ports" comment=rlogin port=513 protocol=tcp
add chain="Manage Common Ports" comment="rlogin & Who " port=513 protocol=udp
add chain="Manage Common Ports" comment="Shell (Remote Shell, rsh, remsh)" port=
514 protocol=tcp
add chain="Manage Common Ports" comment="Syslogused for system logging " port=5
14 protocol=udp
add chain="Manage Common Ports" comment="Line Printer Daemonprint service" port=
515 protocol=tcp
add chain="Manage Common Ports" comment="Talk " port=517 protocol=udp
add chain="Manage Common Ports" comment="NTalk " port=518 protocol=udp
add chain="Manage Common Ports" comment="efs, extended file name server" port=52
0 protocol=tcp
add chain="Manage Common Ports" comment="Routing Information Protocol(RIP) " po
rt=520 protocol=udp
add chain="Manage Common Ports" comment="NetWare Core Protocol(NCP)" port=524 pr
otocol=tcp
add chain="Manage Common Ports" comment="NetWare Core Protocol(NCP) " port=524
protocol=udp
add chain="Manage Common Ports" comment="Timed,Timeserver " port=525 protocol=u
dp
add chain="Manage Common Ports" comment=RPC port=530 protocol=tcp
add chain="Manage Common Ports" comment="RPC " port=530 protocol=udp
add chain="Manage Common Ports" comment="AOL Instant Messenger" port=531 protoco
l=tcp
add chain="Manage Common Ports" comment="AOL Instant Messenger " port=531 proto
col=udp
add chain="Manage Common Ports" comment=netnews port=532 protocol=tcp
add chain="Manage Common Ports" comment="netnews " port=532 protocol=udp
add chain="Manage Common Ports" comment="netwall, For Emergency Broadcasts " po
rt=533 protocol=udp
add chain="Manage Common Ports" comment="UUCP(Unix-to-Unix Copy Protocol)" port=
540 protocol=tcp
add chain="Manage Common Ports" comment="commerce(Commerce Applications)" port=5
42 protocol=tcp
add chain="Manage Common Ports" comment="commerce(Commerce Applications) " port
=542 protocol=udp
add chain="Manage Common Ports" comment=klogin,Kerberoslogin port=543 protocol=t
cp
add chain="Manage Common Ports" comment="kshell,KerberosRemote shell" port=544 p
rotocol=tcp
add chain="Manage Common Ports" comment="OSIsoftPI (VMS), OSISoft PI Server Clie
nt Access" port=545 protocol=tcp
add chain="Manage Common Ports" comment=DHCPv6client port=546 protocol=tcp
add chain="Manage Common Ports" comment="DHCPv6client " port=546 protocol=udp
add chain="Manage Common Ports" comment=DHCPv6server port=547 protocol=tcp
add chain="Manage Common Ports" comment="DHCPv6server " port=547 protocol=udp
add chain="Manage Common Ports" comment="Apple Filing Protocol(AFP) overTCP" por
t=548 protocol=tcp
add chain="Manage Common Ports" comment="new-rwho, new-who" port=550 protocol=tc
p
add chain="Manage Common Ports" comment="new-rwho, new-who " port=550 protocol=

udp
add chain="Manage Common Ports" comment="Real Time Streaming Protocol(RTSP)" por
t=554 protocol=tcp
add chain="Manage Common Ports" comment="Real Time Streaming Protocol(RTSP) " p
ort=554 protocol=udp
add chain="Manage Common Ports" comment="Remotefs,RFS, rfs_server" port=556 prot
ocol=tcp
add chain="Manage Common Ports" comment="rmonitor, Remote Monitor " port=560 pr
otocol=udp
add chain="Manage Common Ports" comment="monitor " port=561 protocol=udp
add chain="Manage Common Ports" comment="NNTPprotocol overTLS/SSL(NNTPS)" port=5
63 protocol=tcp
add chain="Manage Common Ports" comment="NNTPprotocol overTLS/SSL(NNTPS) " port
=563 protocol=udp
add chain="Manage Common Ports" comment="e-mail message submission(SMTP)" port=5
87 protocol=tcp
add chain="Manage Common Ports" comment="FileMaker6.0 (and later) Web Sharing" p
add chain="Manage Common Ports" comment="HTTP RPC Ep Map" port=593 protocol=tcp
add chain="Manage Common Ports" comment="HTTP RPC Ep Map " port=593 protocol=ud
p
add chain="Manage Common Ports" comment="TUNNEL profile" port=604 protocol=tcp
add chain="Manage Common Ports" comment="ASF Remote Management and Control Proto
col (ASF-RMCP) " port=623 protocol=udp
add chain="Manage Common Ports" comment="Internet Printing Protocol(IPP) & Commo
n Unix Printing System(CUPS)" port=631 protocol=tcp
add chain="Manage Common Ports" comment="Internet Printing Protocol(IPP) & Commo
n Unix Printing System(CUPS) " port=631 protocol=udp
add chain="Manage Common Ports" comment="RLZ DBase" port=635 protocol=tcp
add chain="Manage Common Ports" comment="RLZ DBase " port=635 protocol=udp
add chain="Manage Common Ports" comment="Lightweight Directory Access Protocolov
erTLS/SSL(LDAPS)" port=636 protocol=tcp
add chain="Manage Common Ports" comment="Lightweight Directory Access Protocolov
erTLS/SSL(LDAPS) " port=636 protocol=udp
add chain="Manage Common Ports" comment="MSDP,Multicast Source Discovery Protoco
l" port=639 protocol=tcp
add chain="Manage Common Ports" comment="MSDP,Multicast Source Discovery Protoco
l " port=639 protocol=udp
add chain="Manage Common Ports" comment="SupportSoft Nexus Remote Command (contr
ol/listening)" port=641 protocol=tcp
add chain="Manage Common Ports" comment="SupportSoft Nexus Remote Command (contr
ol/listening) " port=641 protocol=udp
add chain="Manage Common Ports" comment="LDP,Label Distribution Protocol" port=6
46 protocol=tcp
add chain="Manage Common Ports" comment="LDP,Label Distribution Protocol" port=6
46 protocol=udp
add chain="Manage Common Ports" comment="DHCP Failoverprotocol" port=647 protoco
l=tcp
add chain="Manage Common Ports" comment="RRP (Registry Registrar Protocol)" port
=648 protocol=tcp
add chain="Manage Common Ports" comment=IEEE-MMS port=651 protocol=tcp
add chain="Manage Common Ports" comment="IEEE-MMS " port=651 protocol=udp
add chain="Manage Common Ports" comment="SupportSoft Nexus Remote Command (data)
add chain="Manage Common Ports" comment="SupportSoft Nexus Remote Command (data)
add chain="Manage Common Ports" comment="Media Management System (MMS) Media Man
agement Protocol (MMP)" port=654 protocol=tcp
add chain="Manage Common Ports" comment="IBMRMC (Remote monitoring and Control)
protocol" port=657 protocol=tcp

add chain="Manage Common Ports" comment="IBMRMC (Remote monitoring and Control)
protocol " port=657 protocol=udp
add chain="Manage Common Ports" comment="Mac OS X Serveradministration" port=660
protocol=tcp
add chain="Manage Common Ports" comment="Doom & airserv-ng" port=666 protocol=tc
p
add chain="Manage Common Ports" comment=Doom port=666 protocol=udp
add chain="Manage Common Ports" comment="ACAP (Application Configuration Access
Protocol)" port=674 protocol=tcp
add chain="Manage Common Ports" comment="REALM-RUSD (ApplianceWare Server Applia
nce Management Protocol)" port=688 protocol=tcp
add chain="Manage Common Ports" comment="REALM-RUSD (ApplianceWare Server Applia
nce Management Protocol) " port=688 protocol=udp
add chain="Manage Common Ports" comment=MSExchangeRouting port=691 protocol=tcp
add chain="Manage Common Ports" comment="Linux-HAHigh availability Heartbeat" po
rt=694 protocol=tcp
add chain="Manage Common Ports" comment="Linux-HAHigh availability Heartbeat "
add chain="Manage Common Ports" comment="IEEE-MMS-SSL (IEEEMedia Management Syst
em overSSL)" port=695 protocol=tcp
add chain="Manage Common Ports" comment="OLSR(Optimized Link State Routing) " p
add chain="Manage Common Ports" comment="EPP (Extensible Provisioning Protocol),
(RFC 5734)" port=700 protocol=tcp
add chain="Manage Common Ports" comment="LMP (Link Management Protocol (Internet
))" port=701 protocol=tcp
add chain="Manage Common Ports" comment="IRIS(Internet Registry Information Serv
ice) overBEEP(Blocks Extensible Exchange Protocol)(RFC 3983)" port=702 protocol=
tcp
add chain="Manage Common Ports" comment="Secure Internet Live Conferencing(SILC)
add chain="Manage Common Ports" comment="CiscoTag Distribution Protocol" port=71
1 protocol=tcp
add chain="Manage Common Ports" comment="Topology Broadcast based on Reverse-Pat
h Forwarding routing protocol(TBRPF) (RFC 3684)" port=712 protocol=tcp
add chain="Manage Common Ports" comment="Kerberos (protocol)administration" port
=749 protocol=tcp
add chain="Manage Common Ports" comment="Kerberos (protocol)administration " po
rt=749 protocol=udp
add chain="Manage Common Ports" comment="kerberos-iv,Kerberosversion IV " port=
750 protocol=udp
add chain="Manage Common Ports" comment=kerberos_master,Kerberosauthentication p
add chain="Manage Common Ports" comment="kerberos_master,Kerberosauthentication
add chain="Manage Common Ports" comment="passwd_server,KerberosPassword (kpasswd
) server " port=752 protocol=udp
add chain="Manage Common Ports" comment="Reverse Routing Header (rrh)" port=753
protocol=tcp
add chain="Manage Common Ports" comment="Reverse Routing Header (rrh) & userreg
_server,Kerberosuserreg server " port=753 protocol=udp
add chain="Manage Common Ports" comment="tell send & krb5_prop,Kerberosv5 slave
propagation" port=754 protocol=tcp
add chain="Manage Common Ports" comment="tell send " port=754 protocol=udp
add chain="Manage Common Ports" comment="krbupdate [kreg],Kerberosregistration"
add chain="Manage Common Ports" comment="krbupdate [kreg],Kerberosregistration
add chain="Manage Common Ports" comment="Conserverserial-console management serv
er" port=782 protocol=tcp

add chain="Manage Common Ports" comment="SpamAssassinspamd daemon" port=783 prot
ocol=tcp
add chain="Manage Common Ports" comment="mdbe daemon " port=800 protocol=udp
add chain="Manage Common Ports" comment="Microsoft Net.TCP Port Sharing Service"
add chain="Manage Common Ports" comment="Certificate Management Protocol" port=8
29 protocol=tcp
add chain="Manage Common Ports" comment="Adobe Flash" port=843 protocol=tcp
add chain="Manage Common Ports" comment="DHCP Failoverprotocol" port=847 protoco
l=tcp
add chain="Manage Common Ports" comment="Group Domain Of Interpretation (GDOI) p
rotocol" port=848 protocol=tcp
add chain="Manage Common Ports" comment="Group Domain Of Interpretation (GDOI) p
rotocol " port=848 protocol=udp
add chain="Manage Common Ports" comment="iSCSI(RFC 3720)" port=860 protocol=tcp
add chain="Manage Common Ports" comment="OWAMP control (RFC 4656)" port=861 prot
ocol=tcp
add chain="Manage Common Ports" comment="OWAMP control (RFC 4656) " port=861 pr
otocol=udp
add chain="Manage Common Ports" comment="TWAMP control (RFC 5357)" port=862 prot
ocol=tcp
add chain="Manage Common Ports" comment="TWAMP control (RFC 5357) " port=862 pr
otocol=udp
add chain="Manage Common Ports" comment="rsyncfile synchronization protocol" por
t=873 protocol=tcp
add chain="Manage Common Ports" comment="cddbp,CD DataBase(CDDB) protocol (CDDBP
add chain="Manage Common Ports" comment="BrocadeSMI-S RPC" port=897 protocol=tcp
add chain="Manage Common Ports" comment="BrocadeSMI-S RPC " port=897 protocol=u
dp
add chain="Manage Common Ports" comment="BrocadeSMI-S RPC SSL" port=898 protocol
=tcp
add chain="Manage Common Ports" comment="BrocadeSMI-S RPC SSL " port=898 protoc
ol=udp
add chain="Manage Common Ports" comment="SambaWeb Administration Tool (SWAT)" po
rt=901 protocol=tcp
add chain="Manage Common Ports" comment="VMwareVirtual Infrastructure Client (UD
P from server being managed to management console) " port=901 protocol=udp
add chain="Manage Common Ports" comment="VMwareServer Console (TCP from manageme
nt console to server being Managed)" port=902 protocol=tcp
add chain="Manage Common Ports" comment="VMwareServer Console" port=902 protocol
=udp
add chain="Manage Common Ports" comment="VMwareRemote Console" port=903 protocol
=tcp
add chain="Manage Common Ports" comment="VMwareServer Alternate (if 902 is in us
e, i.e. SUSE linux)" port=904 protocol=tcp
add chain="Manage Common Ports" comment="Network Console on Acid(NCA)localttyred
irection overOpenSSH" port=911 protocol=tcp
add chain="Manage Common Ports" comment="Network File System (protocol)Service
add chain="Manage Common Ports" comment="Domain Name System(DNS) RNDC Service" p
add chain="Manage Common Ports" comment="Domain Name System(DNS) RNDC Service "
add chain="Manage Common Ports" comment="Network File System (protocol)overIPv6S
ervice " port=973 protocol=udp
add chain="Manage Common Ports" comment="SofaWare TechnologiesRemote HTTPS manag
ement for firewall devices running embeddedCheck PointFireWall-1software" port=9
81 protocol=tcp
add chain="Manage Common Ports" comment="Microsoft CorporationMicrosoft Windows

SBS SharePoint" port=987 protocol=tcp
add chain="Manage Common Ports" comment="FTPSProtocol (data):FTPoverTLS/SSL" por
t=989 protocol=tcp
add chain="Manage Common Ports" comment="FTPSProtocol (data):FTPoverTLS/SSL " p
add chain="Manage Common Ports" comment="FTPSProtocol (control):FTPoverTLS/SSL"
add chain="Manage Common Ports" comment="FTPSProtocol (control):FTPoverTLS/SSL
add chain="Manage Common Ports" comment="NAS (NetnewsAdministration System)" por
t=991 protocol=tcp
add chain="Manage Common Ports" comment="NAS (NetnewsAdministration System) " p
add chain="Manage Common Ports" comment="TELNETprotocol overTLS/SSL" port=992 pr
otocol=tcp
add chain="Manage Common Ports" comment="TELNETprotocol overTLS/SSL " port=992
protocol=udp
add chain="Manage Common Ports" comment="Internet Message Access ProtocoloverTLS
/SSL(IMAPS)" port=993 protocol=tcp
add chain="Manage Common Ports" comment="Internet Relay ChatoverTLS/SSL(IRCS)" p
add chain="Manage Common Ports" comment="Internet Relay ChatoverTLS/SSL(IRCS) "
add chain="Manage Common Ports" comment="Post Office Protocol3 overTLS/SSL(POP3S
add chain="Manage Common Ports" comment="ScimoreDBDatabase System" port=999 prot
ocol=tcp
add chain="Manage Common Ports" comment="Opswareagent (aka cogbot)" port=1002 pr
otocol=tcp
add chain="Manage Common Ports" comment="ThinLincWeb Administration" port=1010 p
rotocol=tcp
################################################################################
###########################################
#### OpenDNS
####
################################################################################
###########################################

###########################################################################
#### OpenDNS
####
################################################################################
###########################################" disabled=yes
add action=accept chain=forward comment="Accept New Connections" connection-stat
e=new disabled=yes
add action=accept chain=input comment="Accept Related Connections" connection-st
ate=related disabled=yes
add action=accept chain=forward comment="Accept Related Connections" connectionstate=related disabled=yes
add action=accept chain=input comment="Accept Established Connections" connectio
n-state=established disabled=yes
add action=accept chain=forward comment="Accept Established Connections" connect
ion-state=established disabled=yes
################################################################################
##########################################
#### Enable this rule in SAFE MODE and test before using########################
##########################################
################################################################################
##########################################
##########################################################################
#### Enable this rule in SAFE MODE and test before using########################
##########################################
################################################################################
##########################################" disabled=yes
add action=drop chain=forward comment="Drop all other LAN Traffic" disabled=yes
add action=drop chain=input comment="Drop all other WAN Traffic" disabled=yes
/ip
set
set
set
set
set
set
set
service
telnet disabled=no port=23
ftp disabled=yes port=21
www disabled=no port=80
ssh disabled=no port=22
www-ssl certificate=none disabled=yes port=443
api disabled=yes port=8728
winbox disabled=no port=8291
/ip
set
set
set
set
set
set
firewall service-port
ftp disabled=no ports=21
tftp disabled=no ports=69
irc disabled=no ports=6667
h323 disabled=no
sip disabled=no ports=5060,5061
pptp disabled=no

RWF MikroTik Firewall 4.0 MY Free Version

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

RWF MikroTik Firewall 4.0 MY Free Version

Uploaded by

Copyright:

Available Formats

################################################################################

add chain=output comment="Section Break" disabled=yes

add action=drop chain=Virus comment=Worm disabled=no dst-port=1433-1434 protocol

add chain="Manage Common Ports"

comment=Previouslynetstatservice port=15 protoco

add chain="Manage Common Ports" comment="WHOISprotocol " port=43 protocol=udp

add chain="Manage Common Ports" comment="DCEendpointresolution & MicrosoftEPMAP

add chain="Manage Common Ports" comment="TheQuick Mail Transfer Protocol" port=2

add chain="Manage Common Ports" comment="ClearCase albd" port=371 protocol=tcp

add chain="Manage Common Ports" comment="Modbus, Protocol " port=502 protocol=u

add chain="Manage Common Ports" comment="new-rwho, new-who " port=550 protocol=

protocol" port=657 protocol=tcp

er" port=782 protocol=tcp

add chain="Manage Common Ports" comment="Microsoft CorporationMicrosoft Windows

add chain=SectionBreak comment="################################################

You might also like