conficker bloker with mikrotik

conficker.txt

*****************
konficker blocker
*****************


/ip firewall filter add chain=virus protocol= udp dst-port=135 action=drop comment=”Confiker” disabled=no
/ip firewall mangle
	add chain=prerouting protocol=udp dst-port=445 action=mark-connection new-connection-mark=conn-conficker comment=”445-UDP” disabled=no passthrough=yes
 	add chain=prerouting protocol=tcp  dst-port=445 action=mark-connection new-connection-mark=conn-conficker comment=”445-TCP” disabled=no passthrough=yes
 	add chain=prerouting protocol=tcp  dst-port= 135,137,138,139 action=mark-connection new-connection-mark=conn-conficker comment=”135,137,138,139-TCP” disabled=no passthrough=yes
 	add chain=prerouting protocol=udp  dst-port=135,137,138,139 action=mark-connection new-connection-mark=conn-conficker comment=”135,137,138,139-UDP” disabled=no passthrough=yes
 	add chain=prerouting connection-mark=conn-conficker action=mark-packet new-packet-mark=conficker-pkt passthrough=no comment=”conficker-pkt” disabled=no

/ip firewall filter
	add chain=forward packet-mark=conficker-pkt action=drop comment=”drop conficker” disabled=no