Probably was not one for one but I am quite certain the concept was yours. On Oct 3, 2010 11:01 PM, "Butch Evans" <but...@butchevans.com> wrote: > On Fri, 2010-10-01 at 22:38 -0400, Josh Luthman wrote: >> Compliments of Butch Evans > > This script doesn't look like my work. Not sure who it is, but I would > ordinarily comment every rule. If it IS mine (and I have put a lot of > these snippets out there), then I apologize for lack of comments. :-) > >> /ip firewal filt >> add action=accept chain=forward comment="drop ssh brute forcers" >> disabled=\ >> no dst-port=22 protocol=tcp src-address-list=ssh_blacklist >> add action=add-src-to-address-list address-list=ssh_blacklist \ >> address-list-timeout=1w3d chain=forward comment="" >> connection-state=new \ >> disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage3 >> add action=add-src-to-address-list address-list=ssh_stage3 \ >> address-list-timeout=1m chain=forward comment="" >> connection-state=new \ >> disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage2 >> add action=add-src-to-address-list address-list=ssh_stage2 \ >> address-list-timeout=1m chain=forward comment="" >> connection-state=new \ >> disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage1 >> add action=add-src-to-address-list address-list=ssh_stage1 \ >> address-list-timeout=1m chain=forward comment="" >> connection-state=new \ >> disabled=no dst-port=22 protocol=tcp src-address-list=! >> heavysshservers > > > -- > ******************************************************************** > * Butch Evans * Professional Network Consultation* > * http://www.butchevans.com/ * Network Engineering * > * http://store.wispgear.net/ * Wired or Wireless Networks * > * http://blog.butchevans.com/ * ImageStream, Mikrotik and MORE! * > ******************************************************************** > > > > -------------------------------------------------------------------------------- > WISPA Wants You! Join today! > http://signup.wispa.org/ > -------------------------------------------------------------------------------- > > WISPA Wireless List: wireless@wispa.org > > Subscribe/Unsubscribe: > http://lists.wispa.org/mailman/listinfo/wireless > > Archives: http://lists.wispa.org/pipermail/wireless/
-------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/