{"id":483,"date":"2022-12-23T09:14:54","date_gmt":"2022-12-23T01:14:54","guid":{"rendered":"https:\/\/blog.worren.net\/?p=483"},"modified":"2022-12-23T09:15:26","modified_gmt":"2022-12-23T01:15:26","slug":"routeros-%e9%98%b2%e6%ad%a2-port-scan","status":"publish","type":"post","link":"https:\/\/blog.worren.net\/?p=483","title":{"rendered":"RouterOS \u9632\u6b62 port scan"},"content":{"rendered":"<div class='drop-case'> <p> \u7b46\u8a18\u4e00\u4e0b , \u8b93 RouterOS \u53ef\u4ee5\u9632\u6b62 port scan  <!--more--> <\/div>\n<pre><code>\r\n\/ip firewall filter \r\nadd chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list=\"port scanners\" address-list-timeout=14d comment=\"Port scanners to list\" disabled=no  \r\nadd chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list=\"port scanners\" address-list-timeout=14d comment=\"NMAP FIN Stealth scan\"\r\nadd chain=input protocol=tcp tcp-flags=fin,syn action=add-src-to-address-list address-list=\"port scanners\" address-list-timeout=14d comment=\"SYN\/FIN scan\"\r\nadd chain=input protocol=tcp tcp-flags=syn,rst action=add-src-to-address-list address-list=\"port scanners\" address-list-timeout=14d comment=\"SYN\/RST scan\"\r\nadd chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack action=add-src-to-address-list address-list=\"port scanners\" address-list-timeout=14d comment=\"FIN\/PSH\/URG scan\"\r\nadd chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=add-src-to-address-list address-list=\"port scanners\" address-list-timeout=14d comment=\"ALL\/ALL scan\"\r\nadd chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list=\"port scanners\" address-list-timeout=14d comment=\"NMAP NULL scan\"\r\nadd chain=input src-address-list=\"port scanners\" action=drop comment=\"dropping port scanners\" disabled=no\r\n\r\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":" <p> \u7b46\u8a18\u4e00\u4e0b , \u8b93 RouterOS \u53ef\u4ee5\u9632\u6b62 port scan <\/p> \n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[2],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.worren.net\/index.php?rest_route=\/wp\/v2\/posts\/483"}],"collection":[{"href":"https:\/\/blog.worren.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.worren.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.worren.net\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.worren.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=483"}],"version-history":[{"count":2,"href":"https:\/\/blog.worren.net\/index.php?rest_route=\/wp\/v2\/posts\/483\/revisions"}],"predecessor-version":[{"id":485,"href":"https:\/\/blog.worren.net\/index.php?rest_route=\/wp\/v2\/posts\/483\/revisions\/485"}],"wp:attachment":[{"href":"https:\/\/blog.worren.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=483"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.worren.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=483"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.worren.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=483"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}