19 November 2011

Blok Situs TERTENTU dengan pada Mikrotik

Blok Situs TERTENTU dengan pada Mikrotik

Baik kali ini saya akan berbagi bagaimana caranya kita untuk memblok situs-situs tertentu. Dengan cara kita blok konten yang mempunyai unsur dari situs-situs yang akan kita blok.
Baiklah kita mulai untuk simak sedikit, :cool:
Kita langsung menuju di IP>FIREWALL>MANGLE>

  • Kita Mau blok facebook : /ip firewall mangle add src-address=10.1.1.0/24 chain=forward content=facebook action=mark-packet  new-packet-mark=blok
  • Kita Mau blok Porno-porno / yang berbau seks : /ip firewall mangle add src-address=10.1.1.0/24 chain=forward content=porn action=mark-packet  new-packet-mark=blok
    /ip firewall mangle add src-address=10.1.1.0/24 chain=forward content=seks action=mark-packet  new-packet-mark=blok
    /ip firewall mangle add src-address=10.1.1.0/24 chain=forward content=sex action=mark-packet  new-packet-mark=blok
List tersebut kita masih bisa tambah sesuai dengan keinginan kita, Nah setelah itu kita buat untuk action dari yang telah kita buat di atas, dengan cara :
/ip firewall filter add chain=forward packet-mark=blok action=drop
Nah Setelah itu coba dari ip yang telah sesuai dengan kita buat tadi anda akses situs2 yang bersangkutan dengan content di atas, misalkan porn.net,facebook.com,sex.com atau apa saja yang mengandung beberapa unsur yang kita buat tadi. Jika anda tidak bisa membuka situs-situs yang bersangkutan berarti anda telah berhasil membuatnya dengan baik.
NB :

  • IP 10.1.1.0/24 itu sesuaikan dengan ip di jaringan anda.
  • Semakin banyak content yang anda blok semakin banyak juga situs yang memiliki unsur yang tercantum akan terblok.
SETTING REMOTE PC VIA INTERNET DI BELAKANG MIKROTIK DENGAN APLIKASI REMOTE PC RADMIN

SETTING REMOTE PC VIA INTERNET DI BELAKANG MIKROTIK DENGAN APLIKASI REMOTE PC RADMIN

Sementara aplikasi remote yg dipakai adalah Radmin karena menurut saya yg paling mudah digunakan, tp sebenarnya berbagai macam aplikasi remote PC dapat digunakan tergantung selera masing-masing.
Tulisan ini saya buat berdasarkan pengalaman membuat beberapa warnet, karena kebetulan usaha saya bergerak di bidang penjualan komputer, yang mau tidak mau juga melayani jasa pembuatan warnet..
Seringnya trouble di warnet pelanggan saya, yang mengharuskan saya utk mendatangi warnet tersebut membuat kerepotan saya sendiri, apalagi jika trouble itu pada malam hari.
Sehingga saya berpikir untuk memudahkan pekerjaan saya, saya perlu melakukan remote PC dari manapun saya berada yg penting tersedia koneksi internet dan komputer , bahkan HP sekalipun bisa digunakan untuk remote PC.
Daripada berbelit – belit langsung aja ke praktek lapangan.

Sebelumnya topologi jaringan yang saya gunakan

Internet------modem ADSL------mikrotik--------PC Target

Dalam artian koneksi PC yang akan remote (PC Target) sudah dapat melakukan koneksi internet.Langkah2 yg dipersiapkan sbb:

1. Siapkan IP Public, IP Mikrotik, dam IP PC yg akan di remote
2. Setting MODEM ADSL (Saya menggunakan modem ADSL TP Link, utk yg lain sebenarnya sama aja) dpt dilakukan langsung ataupun via internet
3. Setting NAT MIKROTIK, dpt dilakukan langsung ataupun via internet
4. Setting Radmin server di PC Target, dan Radmin Viewer di PC yang akan meremote (instalasi harus di lakukan langsung di PC Target)

Sbg contoh :
· IP Public 200.137.100.87 utk setting dari internet pada modem, mikrotik, dan remote PC
· IP local 192.168.1.100 (Mikrotik) jika setting dilakukan langsung
· IP local 192.168.0.1 s/d 192.168.0.22 ( PC Target)

1.Setting Modem ADSL

Masuklah ke modem ADSL lewat browser dengan mengisi IP Public anda jika via internet, isi username dan password anda, sbb contoh saya menggunakan modem TP Link
a. Advanced Setup
b. NAT
c. Virtual Server---dengan menggunakan port default mikrotik 8291 dan port Radmin dari 4899 s/d 4920 (dengan ini saya asumsikan dpt meremote 22 PC di belakang mikrotik), local IP address = IP local mikrotik



2. Setting NAT di Mikrotik

a. Buka mikrotik di WINBOX isi IP Public, username dan Password
b. IP-Firewall-NAT
Bikin rule dengan klik tanda +
· General
· chain=srcnat
· Out.Interface=either1(koneksi internet mikrotik) , sbg contoh koneksi internet dr mikrotik saya namakan speedy.
· Action=masquerade


Bikin rule lagi dengan klik tanda +
· General
· Chain=dstnat
· Protocol=tcp
· Dst port=4899 s/d 4920 ( utk melakukan remote 22 PC)
· In.Interface=Speedy (koneksi internet mikrotik)
· Action=dst-nat
· To Addresses=192.168.0.1 s/d 192.168.0.22 (sebanyak 22 PC yg akan diremote)
· To port =4901 (saya asumsikan setting port utk radmin server di IP 192.168.0.1 adalah 4901, utk seting port IP local yg lain terserah anda tadi saya membuat batasan port dari 4899 s/d 4920)
· Coment=Radmin1 (penamaan terserah anda)



Hasil setting mikrotik tadi utk beberapa PC yg akan di remote seperti gbr dibawah ini :

3. Setting Radmin Server dan Radmin viewer.

a. Setting Radmin Server PC Target
Setting radmin server di PC Target saya kasih contoh PC operator :
· Permissions--radmin security--add user( buat username dan password PC Target)-centang semua pilihan.
· Option--general--port(4899 utk PC operator, utk PC yg lain mulai 4899 s/d 4920 tadi terserah digunakan utk IP local PC Target yang dipakai)
Buatlah semua setting ini di tiap PC yg akan di remote dengan penamaan add user berbeda dan port yg berbeda, jgn sama karena tidak akan connect




b.Setting Radmin Viewer di PC Remote

Langkah terakhir instlasi Radmin viewer di computer kita yg akan meremote semua PC yg telah di setting tersebut.Saya tidak membahas cara install langsung aja ke tahap setting Radmin Viewer.
· Adds a new connection
· Isi Nama(terserah)--IP Public PC Target--port (sesuai dengan setting port di radmin server tiap PC target)





Terakhir tinggal klik PC mana yg akan di remote dari list setting yg telah kita buat sebelumnya. Jika setting benar dan sesuai petunjuk, maka akan meminta username dan password yg telah kita buat dengan radmin server di masing2 PC target


Akhirnya hasil dari remote PC Target dari laptop yang saya gunakan



Jika ada kekurangan mohof maaf sekiranya auditornya juga masih manusia biasa , sekadar berbagi ilmu semoga lebih barokah

Sumber : http://blogyusron.blogspot.com/ 
sumber http://andyangkasa.blogspot.com/2011/04/remote-komputer-via-mikrotik.html

Tutorial Membagi Download Dan Upload Di Queues Mikrotik


Disini kita akan membahas masalah manajemen bandwith di Queues mikrotik, kalau seandainya ingin bandwidth tersebut dibagi sama rata oleh Mikrotik, seperti bandwidth 256kbps Download dan 256kbps Upload. Sedangkan client yang akan mengakses sebanyak 10 clients, maka otomatis masing-masing client mendapat jatah bandwidth upstream dan downstream sebanyak 256kbps dibagi 10. Jadi masing-masing dapat 25,6kbps. Dan seandainya hanya ada 2 Client yang terhubung ke internet maka masing-masing dapat 128kbps. Maka untuk itu disini kita akan memakai type PCQ (Per Connection Queue), yang bisa secara otomatis membagi trafik per client


Kemudian Copy / paste perintah Simple Queues di bawah ini pada "New terminal"

/queue simple
add name="trafikshaping" target-addresses=192.168.66.0/24 dst-address=0.0.0.0/0 \ interface=all parent=none priority=1 queue=default/default \ limit-at=0/64000 max-limit=0/192000 total-queue=default disabled=no
add name="01" target-addresses=192.168.66.1/24 dst-address=0.0.0.0/0 \ interface=all parent=trafikshaping priority=1 queue=default/default \ limit-at=0/8000 max-limit=0/48000 total queue=default disabled=no
add name="02" target-addresses=192.168.66.2/24 dst-address=0.0.0.0/0 \ interface=all parent=trafikshaping priority=1 queue=default/default \ limit-at=0/8000 max-limit=0/48000 total-queue=default disabled=no
add name="03" target-addresses=192.168.66.3/24 dst-address=0.0.0.0/0 \ interface=all parent=trafikshaping priority=1 queue=default/default \ limit-at=0/8000 max-limit=0/48000 total-queue=default disabled=no
add name="04" target-addresses=192.168.66.4/24 dst-address=0.0.0.0/0 \ interface=all parent=trafikshaping priority=1 queue=default/default \ limit-at=0/8000 max-limit=0/48000 total-queue=default disabled=no
add name="10" target-addresses=192.168.66.25/24 dst-address=0.0.0.0/0 \ interface=all parent=trafikshaping priority=1 queue=default/default \ limit-at=0/8000 max-limit=0/48000 total-queue=default disabled=no
add name="05" target-addresses=192.168.66.5/24 dst-address=0.0.0.0/0 \ interface=all parent=trafikshaping priority=1 queue=default/default \ limit-at=0/8000 max-limit=0/48000 total-queue=default disabled=no
add name="06" target-addresses=192.168.66.6/24dst-address=0.0.0.0/0 \ interface=all parent=trafikshaping priority=1 queue=default/default \ limit-at=0/8000 max-limit=0/48000 total-queue=default disabled=no
add name="07" target-addresses=192.168.66.7/24 dst-address=0.0.0.0/0 \ interface=all parent=trafikshaping priority=1 queue=default/default \ limit-at=0/8000 max-limit=0/48000 total-queue=default disabled=no
add name="08" target-addresses=192.168.66.8/24 dst-address=0.0.0.0/0 \ interface=all parent=trafikshaping priority=1 queue=default/default \ limit-at=0/8000 max-limit=0/48000 total-queue=default disabled=no
add name="09" target-addresses=192.168.66.9/24 dst-address=0.0.0.0/0 \ interface=all parent=trafikshaping priority=1 queue=default/default \ limit-at=0/8000 max-limit=0/48000 total-queue=default disabled=no
add name="10" target-addresses=192.168.66.10/24 dst-address=0.0.0.0/0 \ interface=all parent=trafikshaping priority=1 queue=default/default \ limit-at=0/8000 max-limit=0/48000 total-queue=default disabled=no
add name="11" target-addresses=192.168.66.11/24 dst-address=0.0.0.0/0 \ interface=all parent=trafikshaping priority=1 queue=default/default \ limit-at=0/8000 max-limit=0/48000 total-queue=default disabled=no
add name="12" target-addresses=192.168.66.12/24 dst-address=0.0.0.0/0 \ interface=all parent=trafikshaping priority=1 queue=default/default \ limit-at=0/8000 max-limit=0/48000 total-queue=default disabled=no
add name="13" target-addresses=192.168.66.13/24dst-address=0.0.0.0/0 \ interface=all parent=trafikshaping priority=1 queue=default/default \ limit-at=0/8000 max-limit=0/48000 total-queue=default disabled=no
add name="14" target-addresses=192.168.66.14/24 dst-address=0.0.0.0/0 \ interface=all parent=trafikshaping priority=1 queue=default/default \ limit-at=0/8000 max-limit=0/48000 total-queue=default disabled=no
add name="15" target-addresses=192.168.66.15/24 dst-address=0.0.0.0/0 \ interface=all parent=trafikshaping priority=1 queue=default/default \ limit-at=0/8000 max-limit=0/48000 total-queue=default disabled=no

Hasilnya dapat dilihat pada gambar dibawah ini


Kemudian buat aturan di magle nya

/ip firewall mangle add chain=forward src-address=192.168.0.0/27 \ action=mark-connection new-connection-mark=users-con
/ip firewall mangle add connection-mark=users-con action=mark-packet \ new-packet-mark=users chain=forward

Maka hasilnya seperti ini


kemudian buat pada PCQ yaitu "pcq-download dan pcq-upload" yang akan mengatur semua trafik
melalui alamat tujuan/destination address. Trafik ini melewati interface Local. Sehingga semua traffik download/downstream yang datang dari jaringan 192.168.66.0/24 akan dibagi secara otomatis. maka copy paste perintah dibawah ini

/queue type add name=pcq-download kind=pcq pcq-classifier=dst-address
/queue type add name=pcq-upload kind=pcq pcq-classifier=src-address

Kemudian jika bandwith itu tidak stabil atau tidak murni 512kbs yang kita terima bisa menggunakan Queues Tree seperti ini :

/queue tree add parent=Local queue=pcq-download packet-mark=users
/queue tree add parent=Public queue=pcq-upload packet-mark=users

Dan untuk mengeset jika Bandwith yang kita terima itu murni 512kbs maka kita akan membuat download 512kbs dan upload 512kbs yaitu dengan menggunakan Queuen tree atau seperti dibawah ini :

/queue tree add name=Download parent=Local max-limit=256k
/queue tree add parent=Download queue=pcq-download packet-mark=users

kemudian ini

/queue tree add name=Upload parent=Public max-limit=256k
/queue tree add parent=Upload queue=pcq-upload packet-mark=users

Maka hasilnya dapat kita lihat pada gambar berikut ini

Menjaga Mikrotik Agar Tidak Terjangkit Virus

Disini kita akan mengedrop virus pada mikirotik untuk menghindari yang tidak di inginkan, ni tinggal copy / paste aja di New Terminal, seperti gambar dibawah ini



Drop Virus :

/ip firewall filter add chain=forward connection-state=invalid action=drop comment=”drop_invalid_connections”

/ip firewall filter add chain=virus protocol=tcp dst-port=135-139 action=drop comment=”Drop_Blaster_Worm”

/ip firewall filter add chain=virus protocol=tcp dst-port=1433-1434 action=drop comment=”Worm”

/ip firewall filter add chain=virus protocol=tcp dst-port=445 action=drop comment=”Drop_Blaster_Worm”

/ip firewall filter chain=virus protocol=udp dst-port=445 action=drop comment=”Drop_Blaster_Worm”

/ip firewall filter add chain=virus protocol=tcp dst-port=593 action=drop comment=”________”

/ip firewall filter add chain=virus protocol=tcp dst-port=1024-1030 action=drop comment=”__________”

/ip firewall filter add chain=virus protocol=tcp dst-port=1080 action=drop comment=” Drop_MyDoom”

/ip firewall filter add chain=virus protocol=tcp dst-port=1214 action=drop comment=”______”

/ip firewall filter add chain=virus protocol=tcp dst-port=1363 action=drop comment=”ndmrequester”

/ip firewall filter add chain=virus protocol=tcp dst-port=1364 action=drop comment=”ndmserver”

/ip firewall filter add chain=virus protocol=tcp dst-port=1368 action=drop comment=”screencast”

/ip firewall filter add chain=virus protocol=tcp dst-port=1373 action=drop comment=”hromgrafx”

/ip firewall filter add chain=virus protocol=tcp dst-port=1377 action=drop comment=”cichlid”

/ip firewall filter add chain=virus protocol=tcp dst-port=2745 action=drop comment=”BagleVirus”

/ip firewall filter add chain=virus protocol=tcp dst-port=2283 action=drop comment=”DropDumaruY”

/ip firewall filter add chain=virus protocol=tcp dst-port=2535 action=drop comment=”DropBeagle”

/ip firewall filter add chain=virus protocol=tcp dst-port=2745 action=drop comment=”DropBeagle_C-K”

/ip firewall filter add chain=virus protocol=tcp dst-port=3127 action=drop comment=”DropMyDoom”

/ip firewall filter add chain=virus protocol=tcp dst-port=3410 action=drop comment=”DropBackdoorOptixPro”

/ip firewall filter add chain=virus protocol=tcp dst-port=4444 action=drop comment=”Worm1”

/ip firewall filter add chain=virus protocol=udp dst-port=4444 action=drop comment=”Worm2”

/ip firewall filter add chain=virus protocol=tcp dst-port=5554 action=drop comment=”DropSasser”

/ip firewall filter add chain=virus protocol=tcp dst-port=8866 action=drop comment=”DropBeagleB”

/ip firewall filter add chain=virus protocol=tcp dst-port=9898 action=drop comment=”DropDabber-A-B”

/ip firewall filter add chain=virus protocol=tcp dst-port=10080 action=drop comment=”DropMyDoom-B”

/ip firewall filter add chain=virus protocol=tcp dst-port=12345 action=drop comment=”DropNetBus”

/ip firewall filter add chain=virus protocol=tcp dst-port=17300 action=drop comment=”DropKuang2”

/ip firewall filter add chain=virus protocol=tcp dst-port=27374 action=drop comment=”DropSubSeven”

/ip firewall filter add chain=virus protocol=tcp dst-port=65506 action=drop comment=”DropPhatBot,Agobot,Gaobot”

/ip firewall filter add chain=forward action=jump jump-target=virus comment=”jump to the virus chain”

/ip firewall filter add chain=virus protocol=tcp dst-port=1 action=drop comment=" Breach.2001 SocketsDeTroie.230, SocketsDeTroie.250"

/ip firewall filter add chain=virus protocol=tcp dst-port=28 action=drop comment=" Amanda.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=31 action=drop comment=" MastersParadise.920"

/ip firewall filter add chain=virus protocol=tcp dst-port=68 action=drop comment=" Subseven.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=142 action=drop comment=" NetTaxi.180"

/ip firewall filter add chain=virus protocol=tcp dst-port=146 action=drop comment="Infector.141,Intruder.100,Intruder.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=171 action=drop comment=" ATrojan.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=285-286 action=drop comment=" WCTrojan.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=334 action=drop comment=" Backage.310"

/ip firewall filter add chain=virus protocol=tcp dst-port=370 action=drop comment=" NeuroticKat.120,NeuroticKat.130"

/ip firewall filter add chain=virus protocol=tcp dst-port=413 action=drop comment=" Coma.109"

/ip firewall filter add chain=virus protocol=tcp dst-port=420 action=drop comment=" Breach.450"

/ip firewall filter add chain=virus protocol=tcp dst-port=555 action=drop comment=" Id2001.100, PhaseZero.100, StealthSpy.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=623 action=drop comment=" Rtb666.160"

/ip firewall filter add chain=virus protocol=tcp dst-port=660 action=drop comment=" Zaratustra.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=661 action=drop comment=" Noknok.800, Noknok.820"

/ip firewall filter add chain=virus protocol=tcp dst-port=666 action=drop comment=" BackConstruction.210, BackConstruction.250, Bla.100, Bla.200, Bla.400, Bla.503, Cain.150, Dimbus.100, Noknok.820, Ripper.100, SatansBackdoor.100, SatansBackdoor.101, SatansBackdoor.102, Unicorn.100, Unicorn.101, Unicorn.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=667 action=drop comment=" SniperNet.210, Snipernet.220"

/ip firewall filter add chain=virus protocol=tcp dst-port=668 action=drop comment=" Unicorn.101, Unicorn.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=680 action=drop comment=" Rtb666.160"

/ip firewall filter add chain=virus protocol=tcp dst-port=777 action=drop comment=" Tiny.100, Undetected.230, Undetected.300, Undetected.310, Undetected.320, Undetected.330, Undetected.331,Undetected.332"

/ip firewall filter add chain=virus protocol=tcp dst-port=785 action=drop comment=" NetworkTerrorist.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=800 action=drop comment=" NeuroticKitten.010"

/ip firewall filter add chain=virus protocol=tcp dst-port=831 action=drop comment=" NeuroticKat.100, NeuroticKat.120, NeuroticKat.130"

/ip firewall filter add chain=virus protocol=tcp dst-port=901 action=drop comment=" NetDevil.130,NetDevil.140"

/ip firewall filter add chain=virus protocol=tcp dst-port=1000 action=drop comment=" DerSpaeher.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=1001 action=drop comment=" Silencer.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=1008 action=drop comment=" AutoSpy.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=1010 action=drop comment=" DerSpaeher.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=1015 action=drop comment=" Doly.150"

/ip firewall filter add chain=virus protocol=tcp dst-port=1111 action=drop comment=" TPort.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=1130 action=drop comment=" Noknok.800, Noknok.820"

/ip firewall filter add chain=virus protocol=tcp dst-port=1207 action=drop comment=" SoftWAR.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=1243 action=drop comment=" Subseven.100, SubSeven.110, SubSeven.180, SubSeven.190, Subseven.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=1245 action=drop comment=" VoodooDoll.006"

/ip firewall filter add chain=virus protocol=tcp dst-port=1269 action=drop comment=" Matrix.130"

/ip firewall filter add chain=virus protocol=tcp dst-port=1480 action=drop comment=" RemoteHack.130"

/ip firewall filter add chain=virus protocol=tcp dst-port=1568 action=drop comment=" RemoteHack.100, RemoteHack.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=1600-1602 action=drop comment=" DirectConnection.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=1634 action=drop comment=" NetCrack.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=1784 action=drop comment=" Snid.120, Snid.212"

/ip firewall filter add chain=virus protocol=tcp dst-port=1999 action=drop comment=" TransmissionScout.100,TransmissionScout.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=2000 action=drop comment=" ATrojan.200, InsaneNetwork.400"

/ip firewall filter add chain=virus protocol=tcp dst-port=2001 action=drop comment=" DIRT.220, TrojanCow.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=2003 action=drop comment=" TransmissionScout.100,TransmissionScout.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=2023 action=drop comment=" RipperPro.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=2040 action=drop comment=" InfernoUploader.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=2115 action=drop comment=" Bugs.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=2140 action=drop comment=" DeepThroat.100, DeepThroat.200, DeepThroat.310"

/ip firewall filter add chain=virus protocol=tcp dst-port=2332 action=drop comment=" SilentSpy.202"

/ip firewall filter add chain=virus protocol=tcp dst-port=2589 action=drop comment=" Dagger.140"

/ip firewall filter add chain=virus protocol=tcp dst-port=2600 action=drop comment=" DigitalRootbeer.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=2989 action=drop comment=" Rat.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=3128 action=drop comment=" MastersParadise.970"

/ip firewall filter add chain=virus protocol=tcp dst-port=3129 action=drop comment=" MastersParadise.920, MastersParadise.970"

/ip firewall filter add chain=virus protocol=tcp dst-port=3150 action=drop comment=" DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=3215 action=drop comment=" BlackStar.100, Ghost.230"

/ip firewall filter add chain=virus protocol=tcp dst-port=3333 action=drop comment=" Daodan.123"

/ip firewall filter add chain=virus protocol=tcp dst-port=3410 action=drop comment=" OptixPro.100, OptixPro.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=3456 action=drop comment=" Force.155, TerrorTrojan.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=3505 action=drop comment=" AutoSpy.130, AutoSpy.140"

/ip firewall filter add chain=virus protocol=tcp dst-port=3586 action=drop comment=" Snid.120, Snid.212"

/ip firewall filter add chain=virus protocol=tcp dst-port=3700 action=drop comment=" PortalOfDoom.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=3723 action=drop comment=" Mantis.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=3800 action=drop comment=" Eclypse.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=3996 action=drop comment=" RemoteAnything.364"

/ip firewall filter add chain=virus protocol=tcp dst-port=4000 action=drop comment=" SkyDance.220, SkyDance.229"

/ip firewall filter add chain=virus protocol=tcp dst-port=4201 action=drop comment=" Wartrojan.160, Wartrojan.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=4225 action=drop comment=" SilentSpy.202"

/ip firewall filter add chain=virus protocol=tcp dst-port=4321 action=drop comment=" Bobo.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=4444 action=drop comment=" AlexTrojan.200, Crackdown.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=4488 action=drop comment=" EventHorizon.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=4523 action=drop comment=" Celine.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=4545 action=drop comment=" InternalRevise.100, RemoteRevise.150"

/ip firewall filter add chain=virus protocol=tcp dst-port=4567 action=drop comment=" FileNail.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=4666 action=drop comment=" Mneah.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=4950 action=drop comment=" ICQTrojan.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=5005 action=drop comment=" Aladino.060"

/ip firewall filter add chain=virus protocol=tcp dst-port=5025 action=drop comment=" Keylogger.WMRemote.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=5031 action=drop comment=" NetMetro.104"

/ip firewall filter add chain=virus protocol=tcp dst-port=5032 action=drop comment=" NetMetro.104"

/ip firewall filter add chain=virus protocol=tcp dst-port=5033 action=drop comment=" NetMetro.104"

/ip firewall filter add chain=virus protocol=tcp dst-port=5050 action=drop comment=" RoxRat.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=5151 action=drop comment=" OptixLite.020, OptixLite.030, OptixLite.040"

/ip firewall filter add chain=virus protocol=tcp dst-port=5190 action=drop comment=" MBomber.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=5277 actio n=drop comment=" WinShell.400"

/ip firewall filter add chain=virus protocol=tcp dst-port=5343 action=drop comment=" WCRat.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=5400 action=drop comment=" BackConstruction.120, BackConstruction.150, BladeRunner.080, DeepThroat.300"

/ip firewall filter add chain=virus protocol=tcp dst-port=5401 action=drop comment=" BackConstruction.120, BackConstruction.150, BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=5402 action=drop comment=" BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=5534 action=drop comment=" TheFlu.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=5550 action=drop comment=" XTCP.200, XTCP.201"

/ip firewall filter add chain=virus protocol=tcp dst-port=5555 action=drop comment=" Noxcape.100, Noxcape.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=5695 action=drop comment=" Assassin.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=5714 action=drop comment=" WinCrash.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=5741 action=drop comment=" WinCrash.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=5742 action=drop comment=" WinCrash.103"

/ip firewall filter add chain=virus protocol=tcp dst-port=5802 action=drop comment=" Y3KRat.160"

/ip firewall filter add chain=virus protocol=tcp dst-po rt=5810 action=drop comment=" Y3KRat.160"

/ip firewall filter add chain=virus protocol=tcp dst-port=5838 action=drop comment=" Y3KRat.170"

/ip firewall filter add chain=virus protocol=tcp dst-port=5858 action=drop comment=" Y3KRat.110, Y3KRat.120, Y3KRat.140"

/ip firewall filter add chain=virus protocol=tcp dst-port=5880 action=drop comment=" Y3KRat.140"

/ip firewall filter add chain=virus protocol=tcp dst-port=5881 action=drop comment=" Y3KRat.110, Y3KRat.120, Y3KRat.140"

/ip firewall filter add chain=virus protocol=tcp dst-port=5882 action=drop comment=" Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150"

/ip firewall filter add chain=virus protocol=tcp dst-port=5883 action=drop comment=" Y3KRat.110, Y3KRat.140"

/ip firewall filter add chain=virus protocol=tcp dst-port=5884 action=drop comment=" Y3KRat.140, Y3KRat.150"

/ip firewall filter add chain=virus protocol=tcp dst-port=5885 action=drop comment=" Y3KRat.110, Y3KRat.120, Y3KRat.140"

/ip firewall filter add chain=virus protocol=tcp dst-port=5886 action=drop comment=" Y3KRat.120, Y3KRat.140"

/ip firewall filter add chain=virus protocol=tcp dst-port=5887 action=drop comment=" Y3KRat.110, Y3KRat.120, Y3KRat.140"

/ip firewall filter add chain=virus protocol=tcp dst-port=5888 action=drop comment=" Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150"

/ip firewall filter add chain=virus protocol=tcp dst-port=5889 action=drop comment=" Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150"

/ip firewall filter add chain=virus protocol=tcp dst-port=5890 action=drop comment=" Y3KRat.140"

/ip firewall filter add chain=virus protocol=tcp dst-port=6400 action=drop comment=" Thething.100, Thething.150"

/ip firewall filter add chain=virus protocol=tcp dst-port=6556 action=drop comment=" AutoSpy.120, AutoSpy.122"

/ip firewall filteradd chain=virus protocol=tcp dst-port=6655 action=drop comment=" Aqua.020"

/ip firewall filter add chain=virus protocol=tcp dst-port=6660 action=drop comment=" LameSpy.095"

/ip firewall filter add chain=virus protocol=tcp dst-port=6666 action=drop comment=" LameRemote.100, ProjectMayhem.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=6669 action=drop comment=" Vampire.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=6670 action=drop comment=" DeepThroat.200, DeepThroat.210"

/ip firewall filter add chain=virus protocol=tcp dst-port=6671 action=drop comment=" DeepThroat.310"

/ip firewall filter add chain=virus protocol=tcp dst-port=6699 action=drop comment=" HostControl.101"

/ip firewall filter add chain=virus protocol=tcp dst-port=6711 action=drop comment=" DeepThroat.300, Noknok.820, SubSeven.180, SubSeven.190"

/ip firewall filter add chain=virus protocol=tcp dst-port=6712 action=drop comment=" Subseven.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=6713 action=drop comment=" Subseven.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=6767 action=drop comment=" NTRC.120"

/ip firewall filter add chain=virus protocol=tcp dst-port=6776 action=drop comment=" SubSeven.180, SubSeven.190, Subseven.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=6789 action=drop comment=" Doly.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=6796 action=drop comment=" SubSeven.214"

/ip firewall filter add chain=virus protocol=tcp dst-port=6912 action=drop comment=" ShitHeep.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=6939 action=drop comment=" Indoctrination.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=6953 action=drop comment=" Lithium.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=6969 action=drop comment=" 2000Cracks.100, Bigorna.100, Danton.110, Danton.210, Danton.220, Danton.310, Danton.320, Danton.330, GateCrasher.110, NetController.108, Sparta.110, VagrNocker.120"

/ip firewall filter add chain=virus protocol=tcp dst-port=6970 action=drop comment=" Danton.330"

/ip firewall filter add chain=virus protocol=tcp dst-port=7001 action=drop comment=" Freak88.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=7119 action=drop comment=" Massaker.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=7200 action=drop comment=" Massaker.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=7300 action=drop comment=" Coced.221"

/ip firewall filter add chain=virus protocol=tcp dst-port=7301action=drop comment=" Coced.221"

/ip firewall filter add chain=virus protocol=tcp dst-port=7306 action=drop comment=" NetSpy.200, NetSpy.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=7410 action=drop comment=" Phoenix.190, Phoenix.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=7511 action=drop comment=" Genue.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=7609 action=drop comment=" Snid.120, Snid.212"

/ip firewall filter add chain=virus protocol=tcp dst-port=7614 action=drop comment=" Wollf.130"

/ip firewall filter add chain=virus protocol=tcp dst-port=7648 action=drop comment=" BlackStar.100, Ghost.230"

/ip firewall filter add chain=virus protocol=tcp dst-port=7788 action=drop comment=" Last.2000, Matrix.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=7826 action=drop comment=" MiniOblivion.010, Oblivion.010"

/ip firewall filter add chain=virus protocol=tcp dst-port=7887 action=drop comment=" SmallFun.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=7891 action=drop comment=" Revenger.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=7979 action=drop comment=" VagrNocker.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=7997 action=drop comment=" VagrNocker.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=8000 action=drop comment=" XConsole.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=8011 action=drop comment=" Way.240"

/ip firewall filter add chain=virus protocol=tcp dst-port=8012 action=drop comment=" Ptakks.215, Ptakks.217"

/ip firewall filter add chain=virus protocol=tcp dst-port=8110 action=drop comment=" LoseLove.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=8111 action=drop comment=" LoseLove.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=8301 action=drop comment=" LoseLove.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=8302 action=drop comment=" LoseLove.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=8372 action=drop comment=" NetBoy.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=8720 action=drop comment=" Connection.130"

/ip firewall filter add chain=virus protocol=tcp dst-port=8734 action=drop comment=" AutoSpy.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=8811 action=drop comment=" Force.155"

/ip firewall filter add chain=virus protocol=tcp dst-port=8899 action=drop comment=" Last.2000"

/ip firewall filter add chain=virus protocol=tcp dst-port=9000 action=drop comment=" Aristotles.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=9301 action=drop comment=" LoseLove.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=9400 action=drop comment=" InCommand.100, InCommand.110, InCommand.120, InCommand.130, InCommand.140, InCommand.150, InCommand.153, InCommand.160, InCommand.167, InCommand.170"

/ip firewall filter add chain=virus protocol=tcp dst-port=9401 action=drop comment=" InCommand.100, InCommand.110, InCommand.170"

/ip firewall filter add chain=virus protocol=tcp dst-port=9402 action=drop comment=" InCommand.100, InCommand.110"

ip firewall filter add chain=virus protocol=tcp dst-port=9561 action=drop comment=" CRatPro.110"

ip firewall filter add chain=virus protocol=tcp dst-port=9563 action=drop comment=" CRatPro.110"

ip firewall filter add chain=virus protocol=tcp dst-port=9580 action=drop comment=" TheefLE.100"

ip firewall filter add chain=virus protocol=tcp dst-port=9696 action=drop comment=" Danton.210, Ghost.230"

ip firewall filter add chain=virus protocol=tcp dst-port=9697 action=drop comment=" Danton.320, Danton.330, Ghost.230"

/ip firewall filter add chain=virus protocol=tcp dst-port=9870 action=drop comment=" R3C.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=9872 action=drop comment=" PortalOfDoom.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=9873 action=drop comment=" PortalOfDoom.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=9874 action=drop comment=" PortalOfDoom.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=9875 action=drop comment=" PortalOfDoom.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=9876 action=drop comment=" Rux.100, SheepGoat.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=9877 action=drop comment=" SmallBigBrother.020"

/ip firewall filter add chain=virus protocol=tcp dst-port=9878 action=drop comment=" SmallBigBrother.020, TransmissionScout.100, TransmissionScout.110, TransmissionScout.120"

/ip firewall filter add chain=virus protocol=tcp dst-port=9879 action=drop comment=" SmallBigBrother.020"

/ip firewall filter add chain=virus protocol=tcp dst-port=9999 action=drop comment=" ForcedEntry.100,Infra.100, Prayer.120, Prayer.130, TakeOver.200, TakeOver.300"

/ip firewall filter add chain=virus protocol=tcp dst-port=10013 action=drop comment=" Amanda.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=10067 action=drop comment=" PortalOfDoom.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=10100 action=drop comment=" Gift.240"

/ip firewall filter add chain=virus protocol=tcp dst-port=10101 action=drop comment=" NewSilencer.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=10167 action=drop comment=" PortalOfDoom.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=10528 action=drop comment=" HostControl.100, HostControl.260"

/ip firewall filter add chain=virus protocol=tcp dst-port=10607 action=drop comment=" Coma.109"

/ip firewall filter add chain=virus protocol=tcp dst-port=10666 action=drop comment=" Ambush.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=11011 action=drop comment=" Amanda.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=11050 action=drop comment=" HostControl.101"

/ip firewall filter add chain=virus protocol=tcp dst-port=11051 action=drop comment=" HostControl.100, HostControl.260"

/ip firewall filter add chain=virus protocol=tcp dst-port=11223 action=drop comment=" AntiNuke.100, Progenic.100, Progenic.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=11225 action=drop comment=" Cyn.100, Cyn.103, Cyn.120"

/ip firewall filter add chain=virus protocol=tcp dst-port=11306 action=drop comment=" Noknok.800, Noknok.820"

/ip firewall filter add chain=virus protocol=tcp dst-port=11831 action=drop comment=" Katux.200, Latinus.140,Latinus.150, Pest.100, Pest.400"

/ip firewall filter add chain=virus protocol=tcp dst-port=11991 action=drop comment=" PitfallSurprise.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=12043 action=drop comment=" Frenzy.2000"

/ip firewall filter add chain=virus protocol=tcp dst-port=12345 action=drop comment=" Fade.100, Netbus.160,Netbus.170, VagrNocker.400"

/ip firewall filter add chain=virus protocol=tcp dst-port=12346 action=drop comment=" Netbus.160, Netbus.170"

/ip firewall filter add chain=virus protocol=tcp dst-port=12348 action=drop comment=" Bionet.210, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.316, Bionet.317"

/ip firewall filter add chain=virus protocol=tcp dst-port=12349 action=drop comment=" Bionet.084,Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.314, Bionet.316, Bionet.317, Bionet.401, Bionet.402"

/ip firewall filter add chain=virus protocol=tcp dst-port=12389 action=drop comment=" KheSanh.210"

/ip firewall filter add chain=virus protocol=tcp dst-port=12478 action=drop comment=" Bionet.210"

/ip firewall filter add chain=virus protocol=tcp dst-port=12623 action=drop comment=" Buttman.090, Buttman.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=12624 action=drop comment=" Buttman.090, Buttman.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=12625 action=drop comment=" Buttman.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=12904 action=drop comment=" Akropolis.100, Rocks.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=13473 action=drop comment=" Chupacabra.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=13753 action=drop comment=" AFTP.010"

/ip firewall filter add chain=virus protocol=tcp dst-port=14100 action=drop comment=" Eurosol.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=14194 action=drop comment=" CyberSpy.840"

/ip firewall filter add chain=virus protocol=tcp dst-port=14286 action=drop comment=" HellDriver.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=14500 action=drop comment=" PCInvader.050, PCInvader.060, PCInvader.070"

/ip firewall filter add chain=virus protocol=tcp dst-port=14501 action=drop comment=" PCInvader.060, PCInvader.070"

/ip firewall filter add chain=virus protocol=tcp dst-port=14502 action=drop comment=" PCInvader.050, PCInvader.060, PCInvader.070"

/ip firewall filter add chain=virus protocol=tcp dst-port=14503 action=drop comment=" PCInvader.050, PCInvader.060, PCInvader.070"

/ip firewall filter add chain=virus protocol=tcp dst-port=14504 action=drop comment=" PCInvader.050, PCInvader.060"

/ip firewall filter add chain=virus protocol=tcp dst-port=15092 action=drop comment=" HostControl.100, HostControl.260"

/ip firewall filter add chain=virus protocol=tcp dst-port=15382 action=drop comment=" SubZero.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=15432 action=drop comment=" Cyn.210"

/ip firewall filter add chain=virus protocol=tcp dst-port=15555 action=drop comment=" ICMIBC.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=16322 action=drop comment=" LastDoor.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=16484 action=drop comment=" MoSucker.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=16661 action=drop comment=" Dfch.010"

/ip firewall filter add chain=virus protocol=tcp dst-port=16969 action=drop comment=" Progenic.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=16982 action=drop comment=" AcidShiver.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=17300 action=drop comment=" Kuang.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=17499 action=drop comment=" CrazzyNet.370, CrazzyNet.375, CrazzyNet.521"

/ip firewall filter add chain=virus protocol=tcp dst-port=17500 action=drop comment=" CrazzyNet.370, CrazzyNet.375, CrazzyNet.521"

/ip firewall filter add chain=virus protocol=tcp dst-port=17569 action=drop comment=" Infector.141, Infector.160, Infector.170, Infector.180, Infector.190, Infector.200, Intruder.100, Intruder.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=17593 action=drop comment=" AudioDoor.120"

/ip firewall filter add chain=virus protocol=tcp dst-port=19191 action=drop comment=" BlueFire.035, BlueFire.041"

/ip firewall filter add chain=virus protocol=tcp dst-port=19604 action=drop comment=" Metal.270"

/ip firewall filter add chain=virus protocol=tcp dst-port=19605 action=drop comment=" Metal.270"

/ip firewall filter add chain=virus protocol=tcp dst-port=19991 action=drop comment=" Dfch.010"

/ip firewall filter add chain=virus protocol=tcp dst-port=20000 action=drop comment=" Millenium.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=20001 action=drop comment=" Millenium.100, PshychoFiles.180"

/ip firewall filter add chain=virus protocol=tcp dst-port=20002 action=drop comment=" AcidKor.100, PshychoFiles.180"

/ip firewall filter add chain=virus protocol=tcp dst-port=20005 action=drop comment=" MoSucker.200, MoSucker.210, MoSucker.220"

/ip firewall filter add chain=virus protocol=tcp dst-port=21212 action=drop comment=" Schwindler.182"

/ip firewall filter add chain=virus protocol=tcp dst-port=21554 action=drop comment=" Exploiter.100, Exploiter.110, Girlfriend.130, GirlFriend.135"

/ip firewall filter add chain=virus protocol=tcp dst-port=21579 action=drop comment=" Breach.2001"

/ip firewall filter add chain=virus protocol=tcp dst-port=21584 action=drop comment=" Breach.2001"

/ip firewall filter add chain=virus protocol=tcp dst-port=21684 action=drop comment=" Intruse.134"

/ip firewall filter add chain=virus protocol=tcp dst-port=22068 action=drop comment=" AcidShiver.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=22115 action=drop comment=" Cyn.120"

/ip firewall filter add chain=virus protocol=tcp dst-port=22222 action=drop comment=" Prosiak.047, Ruler.141, Rux.300, Rux.400, Rux.500, Rux.600"

/ip firewall filter add chain=virus protocol=tcp dst-port=22223 action=drop comment=" Rux.400, Rux.500, Rux.600"

/ip firewall filter add chain=virus protocol=tcp dst-port=22456 action=drop comment=" Bla.200, Bla.503"

/ip firewall filter add chain=virus protocol=tcp dst-port=22457 action=drop comment=" AcidShiver.120, Bla.200, Bla.503"

/ip firewall filter add chain=virus protocol=tcp dst-port=22784 action=drop comment=" Intruzzo.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=22845 action=drop comment=" Breach.450"

/ip firewall filter add chain=virus protocol=tcp dst-port=22847 action=drop comment=" Breach.450"

/ip firewall filter add chain=virus protocol=tcp dst-port=23005 action=drop comment=" Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=23006 action=drop comment=" Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=23032 action=drop comment=" Amanda.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=23432 action=drop comment=" Asylum.010, Asylum.012, Asylum.013, Asylum.014, MiniAsylum.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=23456 action=drop comment=" EvilFTP.100, VagrNocker.400"

/ip firewall filter add chain=virus protocol=tcp dst-port=23476 action=drop comment=" DonaldDick.153, DonaldDick.154, DonaldDick.155"

/ip firewall filter add chain=virus protocol=tcp dst-port=23477 action=drop comment=" DonaldDick.153"

/ip firewall filter add chain=virus protocol=tcp dst-port=24000 action=drop comment=" Infector.170"

/ip firewall filter add chain=virus protocol=tcp dst-port=24307 action=drop comment=" Wildek.020"

/ip firewall filter add chain=virus protocol=tcp dst-port=25386 action=drop comment=" MoonPie.220"

/ip firewall filter add chain=virus protocol=tcp dst-port=25486 action=drop comment=" MoonPie.220"

/ip firewall filter add chain=virus protocol=tcp dst-port=25555 action=drop comment=" FreddyK.100, FreddyK.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=25556 action=drop comment=" FreddyK.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=25685 action=drop comment=" MoonPie.010, MoonPie.012, MoonPie.130, MoonPie.220, MoonPie.240, MoonPie.400"

/ip firewall filter add chain=virus protocol=tcp dst-port=25686 action=drop comment=" MoonPie.135, MoonPie.200, MoonPie.400"

/ip firewall filter add chain=virus protocol=tcp dst-port=25982 action=drop comment=" MoonPie.135, MoonPie.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=26274 action=drop comment=" Delta.050"

/ip firewall filter add chain=virus protocol=tcp dst-port=27160 action=drop comment=" MoonPie.135, MoonPie.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=27184 action=drop comment=" Alvgus.100, Alvgus.800"

/ip firewall filter add chain=virus protocol=tcp dst-port=27374 action=drop comment=" Muerte.110, Subseven.210, SubSeven.213"

/ip firewall filter add chain=virus protocol=tcp dst-port=28429-28436 action=drop comment=" Hack'a'Tack.2000"

/ip firewall filter add chain=virus protocol=tcp dst-port=29559 action=drop comment=" DuckToy.100, DuckToy.101, Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400"

/ip firewall filter add chain=virus protocol=tcp dst-port=29891 action=drop comment=" Unexplained.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=30000 action=drop comment=" Infector.170"

/ip firewall filter add chain=virus protocol=tcp dst-port=30001 action=drop comment=" Error32.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=30003 action=drop comment=" LamersDeath.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=30029action=drop comment=" AOLTrojan.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=30100-30103 action=drop comment=" NetSphere.127, NetSphere.130, NetSphere.131"

/ip firewall filter add chain=virus protocol=tcp dst-port=30103 action=drop comment=" NetSphere.131"

/ip firewall filter add chain=virus protocol=tcp dst-port=30947 action=drop comment=" Intruse.134"

/ip firewall filter add chain=virus protocol=tcp dst-port=31320 action=drop comment=" LittleWitch.400, LittleWitch.420"

/ip firewall filter add chain=virus protocol=tcp dst-port=31337 action=drop comment=" BackOrifice.120, Khaled.100, OPC.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=31415 action=drop comment=" Lithium.101"

/ip firewall filter add chain=virus protocol=tcp dst-port=31416 action=drop comment=" Lithium.100, Lithium.101"

/ip firewall filter add chain=virus protocol=tcp dst-port=31557 action=drop comment=" Xanadu.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=31631 action=drop comment=" CleptoManicos.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=31745 action=drop comment=" Buschtrommel.100, Buschtrommel.122"

/ip firewall filter add chain=virus protocol=tcp dst-port=31785 action=drop comment=" Hack'a'Tack.100, Hack'a'Tack.112"

/ip firewall filter add chain=virus protocol=tcp dst-port=31787 action=drop comment=" Hack'a'Tack.100, Hack'a'Tack.112"

/ip firewall filter add chain=virus protocol=tcp dst-port=31789 action=drop comment=" Hack'a'Tack.100, Hack'a'Tack.112"

/ip firewall filter add chain=virus protocol=tcp dst-port=31791 action=drop comment=" Hack'a'Tack.100, Hack'a'Tack.112"

/ip firewall filter add chain=virus protocol=tcp dst-port=31887 action=drop comment=" BDDT.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=31889 action=drop comment=" BDDT.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=32100 action=drop comment=" ProjectNext.053"

/ip firewall filter add chain=virus protocol=tcp dst-port=32418 action=drop comment=" AcidBattery.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=32791 action=drop comment=" Akropolis.100, Rocks.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=33291 action=drop comment=" RemoteHak.001"

/ip firewall filter add chain=virus protocol=tcp dst-port=33333 action=drop comment=" Blackharaz.100, Prosiak.047, SubSeven.214"

/ip firewall filter add chain=virus protocol=tcp dst-port=33577 action=drop comment=" SonOfPsychward.020"

/ip firewall filter add chain=virus protocol=tcp dst-port=34324 action=drop comment=" TelnetServer.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=34763 action=drop comment=" Infector.180, Infector.190, Infector.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=35000 action=drop comment=" Infector.190, Infector.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=35600 action=drop comment=" Subsari.140"

/ip firewall filter add chain=virus protocol=tcp dst-port=36794 action=drop comment=" BugBear.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=37237 action=drop comment=" Mantis.020"

/ip firewall filter add chain=virus protocol=tcp dst-port=37651 action=drop comment=" YAT.210"

/ip firewall filter add chain=virus protocol=tcp dst-port=37653 action=drop comment=" YAT.310"

/ip firewall filter add chain=virus protocol=tcp dst-port=40308 action=drop comment=" Subsari.140"

/ip firewall filter add chain=virus protocol=tcp dst-port=40412 actio n=drop comment=" TheSpy.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=40421 action=drop comment=" MastersParadise.970"

/ip firewall filter add chain=virus protocol=tcp dst-port=40422 action=drop comment=" MastersParadise.970"

/ip firewall filter add chain=virus protocol=tcp dst-port=40999 action=drop comment=" DiemsMutter.110, DiemsMutter.140"

/ip firewall filter add chain=virus protocol=tcp dst-port=41626 action=drop comment=" Shah.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=44444 action=drop comment=" Prosiak.070"

/ip firewall filter add chain=virus protocol=tcp dst-port=45673 action=drop comment=" Akropolis.100, Rocks.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=47262 action=drop comment=" Delta.050"

/ip firewall filter add chain=virus protocol=tcp dst-port=48006 action=drop comment=" Fragglerock.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=49683 action=drop comment=" HolzPferd.210"

/ip firewall filter add chain=virus protocol=tcp dst-port=50000 action=drop comment=" Infector.180"

/ip firewall filter add chain=virus protocol=tcp dst-port=50130 action=drop comment=" Enterprise.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=50766 action=drop comment=" Fore.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=51234 action=drop comment=" Cyn.210"

/ip firewall filter add chain=virus protocol=tcp dst-port=51966 action=drop comment=" Cafeini.080, Cafeini.110"

/ip firewall filter add chain=virus protocol=tcp dst-port=54321 action=drop comment=" PCInvader.010"

/ip firewall filter add chain=virus protocol=tcp dst-port=57341 action=drop comment=" NetRaider.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=57922 action=drop comment=" Bionet.084"

/ip firewall filter add chain=virus protocol=tcp dst-port=58008 action=drop comment=" Tron.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=58009 action=drop comment=" Tron.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=59090 action=drop comment=" AcidReign.200"

/ip firewall filter add chain=virus protocol=tcp dst-port=59211 action=drop comment=" DuckToy.100, DuckToy.101"

/ip firewall filter add chain=virus protocol=tcp dst-port=59345 action=drop comment=" NewFuture.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=60000 action=drop comment=" DeepThroat.300, MiniBacklash.100, MiniBacklash.101, MiniBacklash.101"

/ip firewall filter add chain=virus protocol=tcp dst-port=60411 action=drop comment=" Connection.100, Connection.130"

/ip firewall filter add chain=virus protocol=tcp dst-port=60412 action=drop comment=" Connection.130"

/ip firewall filter add chain=virus protocol=tcp dst-port=60552 action=drop comment=" RoxRat.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=63536 action=drop comment=" InsaneNetwork.500"

/ip firewall filter add chain=virus protocol=tcp dst-port=63878 action=drop comment=" AphexFTP.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=63879 action=drop comment=" AphexFTP.100"

/ip firewall filter add chain=virus protocol=tcp dst-port=64969 action=drop comment=" Lithium.100"
 
sumber: http://interfacewirelessbridge.blogspot.com/2011/05/menjaga-mikrotik-agar-tidak-terjangkit.html