Cara Blok Virus Conficker di MikrotiK

Untuk blok virus conficker melalui mikrotik dapat menggunakan script berikut ini. Buka Terminal di mikrotik terllebih dahulu. Lalu copy script di bawah ini.

/ip firewall mangle

add chain=prerouting protocol=udp dst-port=445 action=mark-connection new-connection-mark=conn-conficker comment=”445-UDP” disabled=no passthrough=yes

add chain=prerouting protocol=tcp  dst-port=445 action=mark-connection new-connection-mark=conn-conficker comment=”445-TCP” disabled=no passthrough=yes

add chain=prerouting protocol=tcp  dst-port= 135,137,138,139 action=mark-connection new-connection-mark=conn-conficker comment=”135,137,138,139-TCP” disabled=no passthrough=yes

add chain=prerouting protocol=udp  dst-port=135,137,138,139 action=mark-connection new-connection-mark=conn-conficker comment=”135,137,138,139-UDP” disabled=no passthrough=yes

add chain=prerouting connection-mark=conn-conficker action=mark-packet new-packet-mark=conficker-pkt passthrough=no comment=”conficker-pkt” disabled=no

/ip firewall filter

add chain=forward packet-mark=conficker-pkt action=drop comment=”drop conficker” disabled=no

Advertisements

One Response

  1. tu mark connectionnya empat2 dinamai sama ya pak…?trus pada saat pemanggilan mark paketnya cma dipanggil sekali..?kalo di winbox koq jadi merah ya..?apa ada masalah…?mohon penjelasannya… makasih

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: