/ip firewall filter
Код: Выделить всё
add action=accept chain=forward protocol=tcp src-address=10.0.8.47
add action=accept chain=forward protocol=udp src-address=10.0.8.47
add action=drop chain=forward comment=team layer7-protocol=teamviewer src-address-list=!en-teamview
add action=drop chain=forward layer7-protocol=teamviewer1 src-address-list=!en-teamview
add action=drop chain=forward layer7-protocol=ammyy src-address-list=!en-teamview
add action=reject chain=forward dst-port=5938 protocol=tcp reject-with=tcp-reset src-address-list=!en-teamview
add action=reject chain=forward dst-port=5939 protocol=tcp reject-with=tcp-reset src-address-list=!en-teamview
add action=drop chain=forward dst-port=5938 protocol=udp src-address-list=en-teamview
add action=drop chain=forward dst-port=5939 protocol=udp src-address-list=!en-teamview
add action=drop chain=forward content=teamviewer.com src-address-list=!en-teamview
add action=accept chain=output comment=out protocol=udp
add action=accept chain=output protocol=tcp
add action=accept chain=forward comment="Minimum access" protocol=tcp src-port=80,443,25,143
add action=accept chain=forward comment="Minimum access" dst-port=80,443,25,143 protocol=tcp
add action=drop chain=input comment="Drop invalid connections" connection-state=invalid
add action=drop chain=input in-interface=bridge_wan
add action=drop chain=forward out-interface=bridge_wan
add action=drop chain=forward src-address=0.0.0.0/8
add action=drop chain=forward dst-address=0.0.0.0/8
add action=drop chain=forward src-address=127.0.0.0/8
add action=drop chain=forward dst-address=127.0.0.0/8
add action=drop chain=forward src-address=224.0.0.0/3
add action=drop chain=forward dst-address=224.0.0.0/3
Код: Выделить всё
add name=teamviewer regexp="^(post|get) /d(out|in).aspx\?.*client=dyngate"
add name=teamviewer1 regexp="^\\x17"
add name=ammyy regexp=^.*rl.ammyy.com.*
Код: Выделить всё
add address=10.0.8.47 list=en-teamview