Controlar banda de dispositivos moveis.

Este script tem por finalidade o controle de banda de dispositivos móveis,
atualmente usado para fins de área aberta onde se disponibiliza internet
gratuita em praças, prefeituras, forums etc.
Ele vai capturar o nome dos dispositivos e limitar.


:local DHCPSERVER "dhcp1";
:local LIMITE "256k";

:foreach i in=[/ip dhcp-server lease find active-server=$DHCPSERVER] do={
log warning "Hola";
:local DhcpDynMAC [/ip dhcp-server lease get $i mac-address];
:local DhcpDynCLIENTID [/ip dhcp-server lease get $i active-client-id];
:local DhcpDynHOST [/ip dhcp-server lease get $i host-name];
:local phoneNAME [:pick $DhcpDynHOST 0 4];:if ( ($phoneNAME="BLUS") || ($phoneNAME="iPad") || ($phoneNAME="andr") || ($phoneNAME="Andr") || ($phoneNAME="Wind") || ($phoneNAME="iPho") || ($phoneNAME="BLAC") ) do={
/ip dhcp-server lease set $i block-access=no  rate-limit="$LIMITE" insert-queue-before=first  mac-address="$DhcpDynMAC" use-src-mac=yes comment="$DhcpDynHOST" server="$DHCPSERVER" client-id="$DhcpDynCLIENTID";
}
}

Proteger a rede dos spammers

/system script add name=”Download_openbl” source={
/tool fetch url=”http://joshaven.com/openbl.rsc” mode=http;
:log info “Baixado openbl.rsc “;
}

/system script add name=”Replace_openbl” source={
:foreach i in=[/ip firewall address-list find ] do={
:if ( [/ip firewall address-list get $i comment] = “OpenBL” ) do={
/ip firewall address-list remove $i
}
}
/import file-name=openbl.rsc;
:log info “Remove o velho e atualiza”;
}

Schedule the download and application of the openbl list

/system scheduler add comment=”Download openbl list” interval=7d name=”DownloadBegoneList” on-event=Download_openbl start-date=jan/01/1970 start-time=01:05:00
/system scheduler add comment=”Apply openbl List” interval=7d name=”InstallBegoneList” on-event=Replace_openbl start-date=jan/01/1970 start-time=01:15:00

/system script add name=”Download_spamhaus” source={
/tool fetch url=”http://joshaven.com/spamhaus.rsc” mode=http;
:log info “Baixado spamhaus.rsc”;
}

/system script add name=”Replace_spamhaus” source={
:foreach i in=[/ip firewall address-list find ] do={
:if ( [/ip firewall address-list get $i comment] = “SpamHaus” ) do={
/ip firewall address-list remove $i
}
}
/import file-name=spamhaus.rsc;
:log info “Remover o antigo e atualizar”;
}

Coloca no Schedule

/system scheduler add comment=”Download spamnaus list” interval=7d name=”DownloadSpamhausList” on-event=Download_spamhaus start-date=jan/01/1970 start-time=02:02:00
/system scheduler add comment=”Apply spamnaus List” interval=7d name=”InstallSpamhausList” on-event=Replace_spamhaus start-date=jan/01/1970 start-time=02:12:00

IP scan via DOS (script)

Ontem precisei saber quais ips estavam respondendo em um servidor mas o AD não deixa baixar e  instalar absolutamente nada, dai a alternativa que me salvou.

C:\>FOR /L %x in (1,1,255) do ping -n 1 192.168.2.%x | find /I "reply" >> c:\temp\pingresultado.txt

Mude o bloco de ip para o da sua rede e o resultado em uma pasta onde tenha permissão de escrita ;).

Firewall padrão simples

/ip firewall filter
add action=accept chain=forward comment=”Accepted Connections” \
connection-state=established disabled=no
add action=accept chain=input comment=”” disabled=no dst-port=80 protocol=tcp
add action=accept chain=input comment=”” disabled=no dst-port=25 protocol=tcp
add action=drop chain=forward comment=”Drop invalid connections” \
connection-state=invalid disabled=no

Dropar Virus

/ip firewall filter
add action=drop chain=forward comment=”Drop Virus Port” disabled=no \
dst-port=40016 protocol=udp
add action=drop chain=virus comment=”” disabled=no dst-port=135-139 protocol=\
udp
add action=drop chain=virus comment=”” disabled=no dst-port=135-139 protocol=\
tcp
add action=drop chain=virus comment=”” disabled=no dst-port=1433-1434 \
protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=445 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=445 protocol=udp
add action=drop chain=virus comment=”” disabled=no dst-port=593 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=1024-1030 \
protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=1080 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=1214 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=1363 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=1364 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=1368 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=1373 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=1377 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=2745 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=2283 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=2535 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=2745 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=3127 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=3410 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=4444 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=4444 protocol=udp
add action=drop chain=virus comment=”” disabled=no dst-port=5554 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=8866 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=9898 protocol=tcp
add action=drop chain=virus comment=”” disabled=no dst-port=10080 protocol=\
tcp
add action=drop chain=virus comment=”” disabled=no dst-port=12345 protocol=\
tcp
add action=drop chain=virus comment=”” disabled=no dst-port=17300 protocol=\
tcp
add action=drop chain=virus comment=”” disabled=no dst-port=27374 protocol=\
tcp
add action=drop chain=virus comment=”” disabled=no dst-port=65506 protocol=\
tcp

Dropar Port Scanner

/ip firewall filter
add action=add-src-to-address-list address-list=PortScanner \
address-list-timeout=2w chain=input comment=”Drop Port Scanner” disabled=\
no protocol=tcp psd=21,3s,3,1
add action=add-src-to-address-list address-list=PortScanner \
address-list-timeout=2w chain=input comment=”” disabled=no protocol=tcp \
tcp-flags=fin,!syn,!rst,!psh,!ack,!urg
add action=add-src-to-address-list address-list=PortScanner \
address-list-timeout=2w chain=input comment=”” disabled=no protocol=tcp \
tcp-flags=fin,syn
add action=add-src-to-address-list address-list=PortScanner \
address-list-timeout=2w chain=input comment=”” disabled=no protocol=tcp \
tcp-flags=fin,syn,rst,psh,ack,urg
add action=add-src-to-address-list address-list=PortScanner \
address-list-timeout=2w chain=input comment=”” disabled=no protocol=tcp \
tcp-flags=syn,rst
add action=add-src-to-address-list address-list=PortScanner \
address-list-timeout=2w chain=input comment=”” disabled=no protocol=tcp \
tcp-flags=fin,psh,urg,!syn,!rst,!ack
add action=add-src-to-address-list address-list=PortScanner \
address-list-timeout=2w chain=input comment=”” disabled=no protocol=tcp \
tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
add action=drop chain=input comment=”” disabled=no src-address-list=\
PortScanner

Dropar Brute Force

/ip firewall filter
add action=accept chain=output comment=”Drop Brute Force” content=\
“530 Login incorrect” disabled=no dst-limit=1/1m,9,dst-address/1m \
protocol=tcp
add action=add-dst-to-address-list address-list=Blacklist \
address-list-timeout=23h chain=output comment=”” content=\
“530 Login incorrect” disabled=no protocol=tcp
add action=drop chain=input comment=”” disabled=no dst-port=22 protocol=tcp \
src-address-list=Blacklist

Dropar Trace route

/ip firewall filter
add action=drop chain=forward comment=”Drop Traceroute” disabled=no \
icmp-options=11:0 protocol=icmp
add action=drop chain=forward comment=”” disabled=no icmp-options=3:3 \
protocol=icmp
add action=drop chain=input comment=”” disabled=no protocol=\
icmp src-address-list=!Local

Dropar ICMP Ping

/ip firewall filter
add action=drop chain=input comment=”Drop ICMP Ping” disabled=no protocol=\
icmp

Dropar Netcut Attack

/ip firewall filter
add action=accept chain=input comment=”NETCUT BLOCK” disabled=no dst-port=\
0-65535 protocol=tcp src-address=61.213.183.0/24
add action=accept chain=input comment=”” disabled=no dst-port=0-65535 \
protocol=tcp src-address=67.195.134.0/24
add action=accept chain=input comment=”” disabled=no dst-port=0-65535 \
protocol=tcp src-address=68.142.233.0/24
add action=accept chain=input comment=”” disabled=no dst-port=0-65535 \
protocol=tcp src-address=68.180.217.0/24
add action=accept chain=input comment=”” disabled=no dst-port=0-65535 \
protocol=tcp src-address=203.84.204.0/24
add action=accept chain=input comment=”” disabled=no dst-port=0-65535 \
protocol=tcp src-address=69.63.176.0/24
add action=accept chain=input comment=”” disabled=no dst-port=0-65535 \
protocol=tcp src-address=69.63.181.0/24