ROS对接VLAN交换机多线设置,可用于多线拔号,里面超多脚本
更新时间:2024-05-17 11:33:01 阅读量: 综合文库 文档下载
# oct/16/2011 08:49:03 by RouterOS 3.30 # software id = 4NFS-WNWC #
#我的QQ307237303 #以下为网卡设置 /interface ethernet
set 0 arp=enabled auto-negotiation=yes cable-settings=default comment=\ disable-running-check=yes disabled=no full-duplex=yes mac-address=\\ 00:07:E9:0E:A3:1C mtu=1500 name=LAN speed=100Mbps
set 1 arp=enabled auto-negotiation=yes cable-settings=default comment=\ disable-running-check=yes disabled=no full-duplex=yes mac-address=\\ 00:10:DC:D4:6D:18 mtu=1500 name=WAN_KONG speed=100Mbps set 2 arp=enabled auto-negotiation=yes cable-settings=default comment=\ disable-running-check=yes disabled=no full-duplex=yes mac-address=\\ 00:07:E9:0E:A3:0A mtu=1500 name=WAN speed=100Mbps /interface bridge
add admin-mac=00:90:27:74:FF:A3 ageing-time=5m arp=enabled auto-mac=no \\
comment=\ mtu=1500 name=bridge2 priority=0x8000 protocol-mode=none \\ transmit-hold-count=6
add admin-mac=00:90:27:74:FF:A4 ageing-time=5m arp=enabled auto-mac=no \\
comment=\ mtu=1500 name=bridge3 priority=0x8000 protocol-mode=none \\ transmit-hold-count=6
add admin-mac=00:90:27:74:FF:A5 ageing-time=5m arp=enabled auto-mac=no \\
comment=\ mtu=1500 name=bridge5 priority=0x8000 protocol-mode=none \\ transmit-hold-count=6
add admin-mac=00:90:27:74:FF:A6 ageing-time=5m arp=enabled auto-mac=no \\
comment=\ name=bridge6 priority=0x8000 protocol-mode=none transmit-hold-count=6 add admin-mac=00:90:27:74:FF:A7 ageing-time=5m arp=enabled auto-mac=no \\
comment=\ name=bridge7 priority=0x8000 protocol-mode=none transmit-hold-count=6 add admin-mac=00:90:27:74:FF:A8 ageing-time=5m arp=enabled auto-mac=no \\
comment=\ name=bridge8 priority=0x8000 protocol-mode=none transmit-hold-count=6 add admin-mac=00:91:27:74:FF:A5 ageing-time=5m arp=enabled auto-mac=no \\
comment=\ mtu=1500 name=bridge4 priority=0x8000 protocol-mode=none \\ transmit-hold-count=6
add admin-mac=00:90:27:74:FF:A2 ageing-time=5m arp=enabled auto-mac=no \\
comment=\ mtu=1500 name=bridge1 priority=0x8000 protocol-mode=none \\ transmit-hold-count=6
add admin-mac=00:90:27:74:FF:A9 ageing-time=5m arp=enabled auto-mac=no \\
comment=\ name=bridge9 priority=0x8000 protocol-mode=none transmit-hold-count=6 add admin-mac=00:90:27:74:F1:A9 ageing-time=5m arp=enabled auto-mac=no \\
comment=\ mtu=1500 name=bridge10 priority=0x8000 protocol-mode=none \\
transmit-hold-count=6 #以下为VLAN设置 /interface vlan
add arp=enabled comment=\AN mtu=1500 name=vlan2 \\ use-service-tag=no vlan-id=2
add arp=enabled comment=\AN mtu=1500 name=vlan3 \\ use-service-tag=no vlan-id=3
add arp=enabled comment=\AN mtu=1500 name=vlan5 \\ use-service-tag=no vlan-id=5
add arp=enabled comment=\AN mtu=1500 name=vlan6 \\ use-service-tag=no vlan-id=6
add arp=enabled comment=\AN mtu=1500 name=vlan7 \\ use-service-tag=no vlan-id=7
add arp=enabled comment=\AN mtu=1500 name=vlan8 \\ use-service-tag=no vlan-id=8
add arp=enabled comment=\AN mtu=1500 name=vlan1 \\ use-service-tag=no vlan-id=1
add arp=enabled comment=\AN mtu=1500 name=vlan9 \\ use-service-tag=no vlan-id=9
add arp=enabled comment=\AN mtu=1500 name=\\ vlan10 use-service-tag=no vlan-id=10
add arp=enabled comment=\AN mtu=1500 name=vlan4 \\ use-service-tag=no vlan-id=4 #以下为ROS默认设置
/interface wireless security-profiles
set default authentication-types=\ group-key-update=5m interim-update=0s mode=none name=default \\ radius-eap-accounting=no radius-mac-accounting=no \\
radius-mac-authentication=no radius-mac-caching=disabled \\
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \\ static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=\\ none static-key-0=\ static-sta-private-algo=none static-sta-private-key=\
static-transmit-key=key-0 supplicant-identity=MikroTik tls-certificate=\\ none tls-mode=no-certificates unicast-ciphers=\ wpa2-pre-shared-key=\#以下为L7脚本设置 /ip firewall layer7-protocol
add comment=\ \ \\n\
add comment=\ \add comment=\
\
add comment=\add comment=\
\
add comment=\add comment=\
add comment=\
add comment=\add comment=\
\add comment=\
\add comment=\add comment=\add comment=\
add comment=\ \\?.\\?\\\\xD3|^get.+\\\\video.\\?\\\\qq.+\\\\mp4)\
add comment=\ \\\\x06\\\\x19\\\\x1A\\\\x5F\\\\x1B\\\\x6F\\\\xAE\\\\xE1|^get.+\\\\mp4.\\?\\\\key.+\\\\pplive)\add comment=\
\
add comment=\
\\15\\16\\18\\19\\1A\\1B\\1C !234568@ABCFGHIJKLMNOPQRSTUVWX[`\\81\\82\\90\\91\\93\\96\\ \\97\\98\\99\\9A\\9B\\9C\\9E\\A0\\A1\\A2\\A3\\A4]|Y................\\?[ -~]|\\96....\\$)\
add comment=\ get /queue_register\\\\.cgi\\\\\\?|^get /getupdowninfo\\\\.cgi\\\\\\?\add comment=\
\\nFilename|^\\01.\\?.\\?.\\?(Q:\\\\+|Q2:)|^\\10[\\14-\\16]\\10[\\15-\\17].\\?.\\?.\\?.\\?\\ \\$\
add comment=\
add comment=\ /[012]\\\\.[0-9]\\r\\
\\n|get /uri-res/n2r\\\\\\?urn:sha1:|get /.*user-agent: (gtk-gnutella|bearshar\\ e|mactella|gnucleus|gnotella|limewire|imesh)|get /.*content-type: applicat\\ ion/x-gnutella-packets|giv [0-9]*:[0-9a-f]*/|queue [0-9a-f]* [1-9][0-9]\\?[\\ 0-9]\\?\\\\.[1-9][0-9]\\?[0-9]\\?\\\\.[1-9][0-9]\\?[0-9]\\?\\\\.[1-9][0-9]\\?[0-9]\\?:[\\ 1-9][0-9]\\?[0-9]\\?[0-9]\\?|gnutella.*content-type: application/x-gnutella|.\\ ..................\\?lime)\
add comment=\ \\n\
add comment=\add comment=\
\
add comment=\ ][a-z0-9][\\01-\\?a-z]*[\\02-\\06][a-z][a-z][fglmoprstuvz]\\?[aeop]\\?(um)\\?[\\01\\ -\\10\\1C][\\01\\03\\04\\FF]\
add comment=\add comment=\ \\n\\01....\\1F\\9E\
add comment=\add comment=\
add comment=\add comment=\ \\n\
add comment=\add comment=\add comment=\
\
add comment=\ \\r -~]*(connection:|content-type:|content-length:|date:)|post [\\t-\\r -~]* \\ http/[01]\\\\.[019]\
add comment=\
\add comment=\add comment=\
add comment=\add comment=\ \\n.[\\01\\02\\03][\\01-\\
\\n -~]*|[\\03\\04][!-~]+[\\t-\\r]+[a-z][\\t-\\r -~]*|\\05[!-~]+[\\t-\\r]+([a-z][!-~\\ ]*[\\t-\\r]+[1-9][0-9]\\?[0-9]\\?|root[\\t-\\r]+[!-~]+).*)\\ \\n\\$\
add comment=\ \ \\nEnd(Public|AES)Key\\ \\n\\$\
add comment=\add comment=\
\
add comment=\ \\_/scrape\\\\\\?info_hash=)|d1:ad2:id20:|\\08'7P\\\\)[RP]\
add comment=\add comment=\
\
add comment=\
add comment=\ -P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][\\ A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P]\\ [A-P][A-P][A-P][A-P]\
add comment=\add comment=\
add comment=\add comment=\add comment=\add comment=\add comment=\
\
add comment=\add comment=\ ]*ssdp:(alive|byebye)|^m-search[\\t-\\r ]\\\\*[\\t-\\r ]http/1\\\\.1[\\t-\\r -~]*ssd\\ p:discover\
add comment=\add comment=\
add comment=\ |/.status[ -~]|/.network[ -~]*|/.files|/.hash=[0-9a-f]*/[ -~]*) http/1.1|u\\
ser-agent: kazaa|x-kazaa(-username|-network|-ip|-supernodeip|-xferid|-xfer\\ uid|tag)|^give [0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]\\?[0-9]\\?[0-9]\\?\add comment=\add comment=\ \\n\
add comment=\
\add comment=\
add comment=\ \ \\nver msnftp\\r\\
\\nusr|method msnmsgr:)\
add comment=\
\
add comment=\ \\01\\?.*\\0B).*(thawte|equifax secure|rsa data security, inc|verisign, inc|g\\ te cybertrust root|entrust\\\\.net limited)\
add comment=\ .\\?.\\?.\\?.\\?.\\?.\\?[\\C6-\\FF])\
add comment=\
\add comment=\ \\n\\$\
add comment=\
\add comment=\add comment=\add comment=\
\add comment=\
\
add comment=\ \\t-\\r]*[1-9][0-9]\\?[0-9]\\?[0-9]\\?[0-9]\\?(\\r\\ \\n|[\\r\\ \\n])\\?\\$\
add comment=\ \\n\\$\
add comment=\
\
add comment=\ \\01\\03].*\\05[\\01-\\08]\\?[\\01\\03]\
add comment=\add comment=\
add comment=\add comment=\
add comment=\ ]*cvr0\\r\\
\\n\\$|usr 1 [!-~]+ [0-9. ]+\\r\\ \\n\\$|ans 1 [!-~]+ [0-9. ]+\\r\\ \\n\\$\
add comment=\ ~]*:[\\02-\\r -~]*nick[\\t-\\r -~]*\\r\\ \\n)\
add comment=\ \\t[a-z0-9.]*\\\\.[a-z][a-z].\\?.\\?\\t[1-9]\
add comment=\
#以下为ROS默认设置 /queue type
set default kind=pfifo name=default pfifo-limit=50
set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50 set wireless-default kind=sfq name=wireless-default sfq-allot=1514 \\ sfq-perturb=5
set synchronous-default kind=red name=synchronous-default red-avg-packet=1000 \\ red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10 set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=\\ 5
set default-small kind=pfifo name=default-small pfifo-limit=10 /routing bgp instance
set default as=65530 client-to-client-reflection=yes comment=\ ignore-as-path-len=no name=default out-filter=\ no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no \\ redistribute-static=no router-id=0.0.0.0 /routing ospf area
set backbone area-id=0.0.0.0 authentication=none disabled=no name=backbone \\ type=default /snmp
set contact=\ time-window=15 trap-sink=0.0.0.0 trap-version=1 /snmp community
set public address=0.0.0.0/0 authentication-password=\
authentication-protocol=MD5 encryption-password=\ DES name=public read-access=yes security=none write-access=no /system logging action
set memory memory-lines=100 memory-stop-on-full=no name=memory target=memory set disk disk-file-count=2 disk-file-name=log disk-lines-per-file=100 \\ disk-stop-on-full=no name=disk target=disk set echo name=echo remember=yes target=echo
set remote bsd-syslog=no name=remote remote=0.0.0.0:514 src-address=0.0.0.0 \\ syslog-facility=daemon syslog-severity=auto target=remote /user group
add comment=\ word,web,sniff,sensitive,!ftp,!write,!policy\
add comment=\ ox,password,web,sniff,sensitive,!ftp,!policy\
add comment=\ ,test,winbox,password,web,sniff,sensitive\#以下为ROS管理用户设置 /user
add address=0.0.0.0/0 comment=\ name=admin
add address=0.0.0.0/0 comment=\#以下为BRIDGE桥的设置 /interface bridge port
add bridge=bridge2 comment=\ horizon=none interface=vlan2 path-cost=10 point-to-point=auto priority=\\ 0x80
add bridge=bridge3 comment=\
horizon=none interface=vlan3 path-cost=10 point-to-point=auto priority=\\ 0x80
add bridge=bridge5 comment=\ horizon=none interface=vlan5 path-cost=10 point-to-point=auto priority=\\ 0x80
add bridge=bridge6 comment=\ horizon=none interface=vlan6 path-cost=10 point-to-point=auto priority=\\ 0x80
add bridge=bridge7 comment=\ horizon=none interface=vlan7 path-cost=10 point-to-point=auto priority=\\ 0x80
add bridge=bridge8 comment=\ horizon=none interface=vlan8 path-cost=10 point-to-point=auto priority=\\ 0x80
add bridge=bridge1 comment=\ horizon=none interface=vlan1 path-cost=10 point-to-point=auto priority=\\ 0x80
add bridge=bridge9 comment=\ horizon=none interface=vlan9 path-cost=10 point-to-point=auto priority=\\ 0x80
add bridge=bridge10 comment=\ horizon=none interface=vlan10 path-cost=10 point-to-point=auto priority=\\ 0x80
add bridge=bridge4 comment=\ horizon=none interface=vlan4 path-cost=10 point-to-point=auto priority=\\ 0x80
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=\\ no
#以下为ROS默认设置 /interface ethernet mirror set
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=\\
default-encryption enabled=no max-mru=1460 max-mtu=1460 mrru=disabled /interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\\ default enabled=no keepalive-timeout=60 mac-address=FE:FE:D0:BC:47:AF \\ max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no /interface pppoe-server server
add authentication=pap,chap,mschap1,mschap2 default-profile=default disabled=\\ no interface=LAN keepalive-timeout=10 max-mru=1480 max-mtu=1480 \\ max-sessions=0 mrru=disabled one-session-per-host=yes service-name=\\ PPPOE_SER
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption \\
enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled /interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=\\ 00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300 \\ frames-per-second=25 receive-all=no ssid-all=no
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name=\
multiple-channels=no only-headers=no receive-errors=no streaming-enabled=\\ no streaming-max-rate=0 streaming-server=0.0.0.0 /interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no /ip accounting
set account-local-traffic=no enabled=no threshold=256 /ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0 #以下为ADD地址设置 /ip address
add address=192.168.10.1/24 broadcast=192.168.10.255 comment=\ interface=LAN network=192.168.10.0
add address=192.168.10.2/24 broadcast=192.168.10.255 comment=\ interface=vlan1 network=192.168.10.0 #以下为DHCP服务,DNS设置 /ip dhcp-server config set store-leases-disk=5m /ip dhcp-server network
add address=192.168.10.0/24 comment=\/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \\ max-udp-packet-size=512 primary-dns=202.96.128.86 secondary-dns=\\ 202.96.134.133
#以下为防火墙,mangle,NTA,内网通知,端口优先,设置 /ip firewall address-list
add address=10.0.0.0/24 comment=\/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \\ tcp-close-wait-timeout=10s tcp-established-timeout=1d \\ tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \\
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \\ tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s /ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\\ \
add action=drop chain=forward comment=\ protocol=tcp
add action=drop chain=input comment=packets connection-state=invalid \\ disabled=no
add action=drop chain=input comment=http60 connection-limit=60,0 disabled=no \\ dst-port=80 protocol=tcp
add action=drop chain=input comment=\add action=tarpit chain=input comment=DoS connection-limit=3,32 disabled=no \\ protocol=tcp src-address-list=black_list
add action=add-src-to-address-list address-list=black_list \\
address-list-timeout=1d chain=input comment=DoS connection-limit=10,32 \\ disabled=no protocol=tcp
add action=drop chain=input comment=\add action=drop chain=input comment=\
add action=jump chain=input comment=ICMP disabled=no jump-target=ICMP \\ protocol=icmp
add action=jump chain=input comment=\ protocol=tcp
add action=accept chain=ICMP comment=Ping5 disabled=no icmp-options=0:0-255 \\ limit=5,5 protocol=icmp
add action=accept chain=ICMP comment=Traceroute5 disabled=no icmp-options=3:3 \\ limit=5,5 protocol=icmp
add action=accept chain=ICMP comment=MTU5 disabled=no icmp-options=3:4 limit=\\ 5,5 protocol=icmp
add action=accept chain=ICMP comment=Ping5 disabled=no icmp-options=8:0-255 \\ limit=5,5 protocol=icmp
add action=accept chain=ICMP comment=\ 11:0-255 limit=5,5 protocol=icmp
add action=drop chain=ICMP comment=ICMP disabled=no protocol=icmp add action=accept chain=forward comment=\ disabled=no
add action=accept chain=forward comment=\ no
add action=drop chain=forward comment=\add action=drop chain=forward comment=TCP30 connection-limit=30,32 disabled=\\ no protocol=tcp
add action=drop chain=forward comment=\ !unicast
add action=jump chain=forward comment=ICMP disabled=no jump-target=ICMP \\ protocol=icmp
add action=jump chain=forward comment=\add action=accept chain=forward comment=\
add action=drop chain=input comment=\ icmp-options=8:0 packet-size=!0-600 protocol=icmp
add action=drop chain=forward comment=http60 disabled=no in-interface=LAN \\ src-address=192.168.10.0/24 /ip firewall mangle
add action=accept chain=prerouting comment=\
add action=change-mss chain=postrouting comment=\ protocol=tcp tcp-flags=syn
add action=mark-routing chain=prerouting comment=\ new-routing-mark=add passthrough=no src-address-list=src1
add action=add-src-to-address-list address-list=src1 address-list-timeout=15s \\
chain=prerouting comment=\ 80 protocol=tcp src-address=20.0.0.2-20.0.0.200 src-address-list=!src2 add action=add-src-to-address-list address-list=src2 address-list-timeout=4h \\ chain=prerouting comment=\ src-address=20.0.0.2-20.0.0.200
add action=accept chain=prerouting comment=\ in-interface=LAN protocol=tcp
add action=mark-connection chain=input comment=\ pppoe-out1 new-connection-mark=1 passthrough=yes
add action=mark-connection chain=input comment=\ pppoe-out2 new-connection-mark=2 passthrough=yes
add action=mark-connection chain=input comment=\
pppoe-out3 new-connection-mark=3 passthrough=yes
add action=mark-connection chain=input comment=\ pppoe-out4 new-connection-mark=4 passthrough=yes
add action=mark-connection chain=input comment=\ pppoe-out5 new-connection-mark=5 passthrough=yes
add action=mark-connection chain=input comment=\ pppoe-out6 new-connection-mark=6 passthrough=yes
add action=mark-connection chain=input comment=\ pppoe-out7 new-connection-mark=7 passthrough=yes
add action=mark-routing chain=output comment=\ new-routing-mark=to_1 out-interface=!LAN passthrough=yes
add action=mark-routing chain=output comment=\ new-routing-mark=to_2 out-interface=!LAN passthrough=yes
add action=mark-routing chain=output comment=\ new-routing-mark=to_3 out-interface=!LAN passthrough=yes
add action=mark-routing chain=output comment=\ new-routing-mark=to_4 out-interface=!LAN passthrough=yes
add action=mark-routing chain=output comment=\ new-routing-mark=to_5 out-interface=!LAN passthrough=yes
add action=mark-routing chain=output comment=\ yes new-routing-mark=to_6 out-interface=!LAN passthrough=yes
add action=mark-routing chain=output comment=\ yes new-routing-mark=to_7 out-interface=!LAN passthrough=yes add action=mark-connection chain=prerouting comment=\\
\ no dst-address-type=!local new-connection-mark=1 passthrough=yes \\ per-connection-classifier=both-addresses:5/0 src-address=10.0.0.0/24 add action=mark-connection chain=prerouting comment=\ dst-address-type=!local new-connection-mark=2 passthrough=yes \\ per-connection-classifier=both-addresses:5/1 src-address=10.0.0.0/24 add action=mark-connection chain=prerouting comment=\ dst-address-type=!local new-connection-mark=3 passthrough=yes \\ per-connection-classifier=both-addresses:5/2 src-address=10.0.0.0/24 add action=mark-connection chain=prerouting comment=\ dst-address-type=!local new-connection-mark=4 passthrough=yes \\ per-connection-classifier=both-addresses:5/3 src-address=10.0.0.0/24 add action=mark-connection chain=prerouting comment=\ dst-address-type=!local new-connection-mark=5 passthrough=yes \\ per-connection-classifier=both-addresses:5/4 src-address=10.0.0.0/24 add action=mark-connection chain=prerouting comment=\ dst-address-type=!local new-connection-mark=6 passthrough=yes \\ per-connection-classifier=both-addresses:7/5 src-address=10.0.0.0/24 add action=mark-connection chain=prerouting comment=\ dst-address-type=!local new-connection-mark=6 passthrough=yes \\ per-connection-classifier=both-addresses:7/6 src-address=10.0.0.0/24 add action=mark-routing chain=prerouting comment=\
disabled=no new-routing-mark=to_1 passthrough=yes src-address=10.0.0.0/24 add action=mark-routing chain=prerouting comment=\
disabled=no new-routing-mark=to_2 passthrough=yes src-address=10.0.0.0/24 add action=mark-routing chain=prerouting comment=\
disabled=no new-routing-mark=to_3 passthrough=yes src-address=10.0.0.0/24
add action=mark-routing chain=prerouting comment=\
disabled=no new-routing-mark=to_4 passthrough=yes src-address=10.0.0.0/24 add action=mark-routing chain=prerouting comment=\
disabled=no new-routing-mark=to_5 passthrough=yes src-address=10.0.0.0/24 add action=mark-routing chain=prerouting comment=\ disabled=yes new-routing-mark=to_6 passthrough=yes src-address=\\ 10.0.0.0/24
add action=mark-routing chain=prerouting comment=\ disabled=yes new-routing-mark=to_7 passthrough=yes src-address=\\ 10.0.0.0/24
add action=mark-connection chain=prerouting comment=\ 8291 in-interface=pppoe-out3 new-connection-mark=in_3 passthrough=yes \\ protocol=tcp
add action=mark-routing chain=output comment=\ disabled=no new-routing-mark=3 passthrough=no add action=mark-connection chain=prerouting comment=\\
\ Server-conn passthrough=yes src-address-list=\add action=mark-packet chain=postrouting comment=\ Server-conn disabled=no new-packet-mark=Server-up passthrough=no \\ src-address-list=\
add action=mark-packet chain=prerouting comment=\
Server-conn disabled=no new-packet-mark=Server-down passthrough=no \\ src-address-type=!local
add action=mark-connection chain=prerouting comment=\\
\ passthrough=yes protocol=icmp
add action=mark-connection chain=prerouting comment=\
layer7-protocol=DNS new-connection-mark=Small-conn passthrough=yes add action=mark-packet chain=postrouting comment=\ Small-conn disabled=no new-packet-mark=Small-up passthrough=no \\ src-address-list=\
add action=mark-packet chain=prerouting comment=\ disabled=no new-packet-mark=Small-down passthrough=no src-address-type=\\ !local
add action=jump chain=prerouting comment=\ connection-rate=0-80k disabled=no jump-target=Game_list packet-size=0-500 \\ protocol=udp
add action=jump chain=prerouting comment=\ jump-target=Game_list packet-size=0-500 protocol=tcp
add action=mark-connection chain=Game_list comment=Winbox disabled=no \\
dst-port=8291 new-connection-mark=Games-conn passthrough=yes protocol=tcp add action=mark-connection chain=Game_list comment=\ 2347 new-connection-mark=Games-conn passthrough=yes protocol=tcp
add action=mark-connection chain=Game_list comment=\ 443 new-connection-mark=Games-conn passthrough=yes protocol=tcp
add action=mark-connection chain=Game_list comment=\ disabled=no dst-port=14300,14400-14405,14500 new-connection-mark=\\ Games-conn passthrough=yes protocol=tcp
add action=mark-connection chain=Game_list comment=\ 14300,15100-15110 new-connection-mark=Games-conn passthrough=yes \\
protocol=udp
add action=mark-connection chain=Game_list comment=\ disabled=no dst-port=25510-25530 new-connection-mark=Games-conn \\ passthrough=yes protocol=tcp
add action=mark-connection chain=Game_list comment=\ 16400-16600 new-connection-mark=Games-conn passthrough=yes protocol=udp add action=mark-connection chain=Game_list comment=\ disabled=no dst-port=9028,27005-27020 new-connection-mark=Games-conn \\ passthrough=yes protocol=udp
add action=mark-connection chain=Game_list comment=\ 27005,27030 new-connection-mark=Games-conn passthrough=yes protocol=udp
add action=mark-connection chain=Game_list comment=\ disabled=no dst-port=10001,10011 new-connection-mark=Games-conn \\ passthrough=yes protocol=tcp
add action=mark-connection chain=Game_list comment=\ 17065 new-connection-mark=Games-conn passthrough=yes protocol=udp add action=mark-connection chain=Game_list comment=\\
\ new-connection-mark=Games-conn passthrough=yes protocol=tcp
add action=mark-connection chain=Game_list comment=\ 39311 new-connection-mark=Games-conn passthrough=yes protocol=udp add action=mark-connection chain=Game_list comment=\ disabled=no dst-port=8585 new-connection-mark=Games-conn passthrough=yes \\ protocol=tcp
add action=mark-connection chain=Game_list comment=\ no dst-port=3620,36581,62534,4550,3133,12721,1764,39311,29919,1884,4894 \\ new-connection-mark=Games-conn passthrough=yes protocol=udp
add action=mark-connection chain=Game_list comment=\ no dst-port=28008 new-connection-mark=Games-conn passthrough=yes \\ protocol=tcp
add action=mark-connection chain=Game_list comment=CS disabled=no dst-port=\\ 27005,27030 new-connection-mark=Games-conn passthrough=yes protocol=udp add action=mark-connection chain=Game_list comment=\ no dst-port=31414 new-connection-mark=Games-conn passthrough=yes \\ protocol=tcp
add action=mark-connection chain=Game_list comment=\ disabled=no dst-port=28004 new-connection-mark=Games-conn passthrough=yes \\ protocol=tcp
add action=mark-connection chain=Game_list comment=\ 16400-16600 new-connection-mark=Games-conn passthrough=yes protocol=udp add action=mark-connection chain=Game_list comment=\\
\ 22788,21388,10156,10116,4588,4188,4088,7788 new-connection-mark=\\ Games-conn passthrough=yes protocol=tcp
add action=mark-connection chain=Game_list comment=\ dst-port=9010-9018 new-connection-mark=Games-conn passthrough=yes \\ protocol=tcp
add action=mark-connection chain=Game_list comment=\\ \
9628,2191,1561,1925,4377,1590,2111,50801,1998,1845,2191,2040,2327 \\ new-connection-mark=Games-conn passthrough=yes protocol=udp
add action=mark-connection chain=Game_list comment=\ no dst-port=7081,8081,8442-8452,12371,12471 new-connection-mark=\\ Games-conn passthrough=yes protocol=tcp
add action=mark-connection chain=Game_list comment=\ 22,3001,7081,8445-8455 new-connection-mark=Games-conn passthrough=yes \\ protocol=udp
add action=mark-connection chain=Game_list comment=\ disabled=no new-connection-mark=Games-conn passthrough=yes protocol=udp \\ src-port=13330
add action=mark-connection chain=Game_list comment=\ new-connection-mark=Games-conn passthrough=yes protocol=udp add action=mark-connection chain=Game_list comment=\\
\ new-connection-mark=Games-conn passthrough=yes protocol=tcp
add action=mark-connection chain=Game_list comment=\ 1511,9000,27005-27030 new-connection-mark=Games-conn passthrough=yes \\ protocol=udp
add action=mark-connection chain=Game_list comment=\ no dst-port=6000-6080 new-connection-mark=Games-conn passthrough=yes \\ protocol=udp
add action=mark-connection chain=Game_list comment=\ 8000-8080 new-connection-mark=Games-conn passthrough=yes protocol=udp
add action=mark-connection chain=Game_list comment=\ disabled=no dst-port=10008,13006,5692,28012,2349 new-connection-mark=\\ Games-conn passthrough=yes protocol=tcp
add action=mark-connection chain=Game_list comment=\ 12000-12190,28012,2349 new-connection-mark=Games-conn passthrough=yes \\ protocol=udp
add action=mark-connection chain=Game_list comment=\\
\
10001-10070,7001,7101-7103 new-connection-mark=Games-conn passthrough=yes \\ protocol=tcp
add action=mark-connection chain=Game_list comment=\ 2533,5063,2311-2312 new-connection-mark=Games-conn passthrough=yes \\ protocol=udp
add action=mark-packet chain=postrouting comment=\ Games-conn disabled=no new-packet-mark=Game-up passthrough=no \\ src-address-list=\
add action=mark-packet chain=prerouting comment=\ disabled=no new-packet-mark=Game-down passthrough=no src-address-type=\\ !local
add action=mark-connection chain=prerouting comment=WebTV disabled=no \\ layer7-protocol=WebTV new-connection-mark=WebTV-conn passthrough=yes add action=mark-packet chain=postrouting comment=\ WebTV-conn disabled=no new-packet-mark=WebTV-up passthrough=no \\ src-address-list=\
add action=mark-packet chain=prerouting comment=\ disabled=no new-packet-mark=WebTV-down passthrough=no src-address-type=\\ !local
add action=mark-connection chain=prerouting comment=File disabled=no \\ layer7-protocol=File new-connection-mark=File-conn passthrough=yes
add action=mark-packet chain=postrouting comment=\ disabled=no new-packet-mark=File-up passthrough=no src-address-list=\\ \
add action=mark-packet chain=prerouting comment=\ disabled=no new-packet-mark=File-down passthrough=no src-address-type=\\ !local
add action=mark-connection chain=prerouting comment=Www disabled=no \\ layer7-protocol=Jpg new-connection-mark=Http-conn passthrough=yes add action=mark-connection chain=prerouting comment=\ layer7-protocol=http new-connection-mark=Http-conn passthrough=yes
add action=mark-connection chain=prerouting comment=\ 80,8080 new-connection-mark=Http-conn passthrough=yes protocol=tcp
add action=mark-packet chain=postrouting comment=\ disabled=no new-packet-mark=Www-up passthrough=no src-address-list=\\ \
add action=mark-packet chain=prerouting comment=\ disabled=no new-packet-mark=Www-down passthrough=no src-address-type=\\ !local
add action=mark-connection chain=prerouting comment=NetTV disabled=no \\ new-connection-mark=\
\\n-conn\
add action=mark-connection chain=prerouting comment=\ layer7-protocol=Kugou new-connection-mark=\ \\n\\r\\
\\n-conn\
add action=mark-connection chain=prerouting comment=\ layer7-protocol=QQMusic new-connection-mark=\ \\n\\r\\
\\n-conn\
add action=mark-connection chain=prerouting comment=\ layer7-protocol=QQLive new-connection-mark=\ \\n\\r\\
\\n-conn\
add action=mark-connection chain=prerouting comment=\ layer7-protocol=QQsp new-connection-mark=\ \\n-conn\
add action=mark-connection chain=prerouting comment=\ layer7-protocol=PPLive new-connection-mark=\ \\n-conn\
add action=mark-connection chain=prerouting comment=\ layer7-protocol=PPS new-connection-mark=\ \\n-conn\
add action=mark-packet chain=postrouting comment=\ \
\\n-conn\ \\n\\r\\
\\n-up\
add action=mark-packet chain=prerouting comment=\ \
\\n-conn\ \\n\\r\\
\\n-down\
add action=mark-connection chain=prerouting comment=Heavy disabled=no \\ new-connection-mark=Heavy-conn packet-size=501-1500 passthrough=yes add action=mark-connection chain=prerouting comment=\ 500000-0 disabled=no new-connection-mark=Heavy-conn passthrough=yes \\ protocol=tcp
add action=mark-connection chain=prerouting comment=\ 500000-0 disabled=no new-connection-mark=Heavy-conn passthrough=yes \\ protocol=udp
add action=mark-packet chain=postrouting comment=\ Heavy-conn disabled=no new-packet-mark=\ \\n\\r\\
\\n-up\
add action=mark-packet chain=prerouting comment=\ disabled=no new-packet-mark=\ \\n\\r\\ \\n\\r\\ \\n\\r\\
\\n-down\
add action=mark-packet chain=postrouting comment=\ connection-mark=Other-conn disabled=no new-packet-mark=Other-up \\ passthrough=no src-address-list=\
add action=mark-packet chain=prerouting comment=\ disabled=no new-packet-mark=Other-down passthrough=no src-address-type=\\ !local /ip firewall nat
add action=redirect chain=dstnat comment=\ no dst-port=80 protocol=tcp src-address=20.0.0.2-20.0.0.200 \\ src-address-list=src1 to-ports=8080
add action=masquerade chain=srcnat comment=\ pppoe-out1
add action=masquerade chain=srcnat comment=\ pppoe-out2
add action=masquerade chain=srcnat comment=\ pppoe-out3
add action=masquerade chain=srcnat comment=\ pppoe-out4
add action=masquerade chain=srcnat comment=\ pppoe-out5
add action=masquerade chain=srcnat comment=\ pppoe-out6
add action=masquerade chain=srcnat comment=\ pppoe-out7
add action=masquerade chain=srcnat comment=\ pppoe-out8
add action=masquerade chain=srcnat comment=\ pppoe-out9
add action=masquerade chain=srcnat comment=\ 192.168.10.0/24
add action=accept chain=srcnat comment=\/ip firewall service-port
set ftp disabled=no ports=21 set tftp disabled=yes ports=69 set irc disabled=no ports=6667 set h323 disabled=no
set sip disabled=no ports=5060,5061 set pptp disabled=no /ip hotspot service-port
set ftp disabled=no ports=21 /ip neighbor discovery set LAN discover=yes
set WAN_KONG discover=yes set pppoe-out2 discover=no set vlan2 discover=no set vlan3 discover=no set vlan5 discover=no set vlan6 discover=no set vlan7 discover=no set vlan8 discover=no set bridge2 discover=yes set bridge3 discover=yes set bridge5 discover=yes set bridge6 discover=yes set bridge7 discover=yes set bridge8 discover=yes set bridge4 discover=yes set pppoe-out3 discover=no set pppoe-out4 discover=no set pppoe-out5 discover=no set pppoe-out6 discover=no set pppoe-out7 discover=no set pppoe-out8 discover=no set vlan1 discover=no set bridge1 discover=yes set pppoe-out1 discover=no set bridge9 discover=yes set vlan9 discover=no set vlan10 discover=no set bridge10 discover=yes set pppoe-out9 discover=no set vlan4 discover=no set WAN discover=yes #以下为内网通知设置 /ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 \\
cache-on-disk=yes enabled=yes max-cache-size=none max-client-connections=\\ 600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 \\ parent-proxy-port=0 port=8080 serialize-connections=yes src-address=\\ 0.0.0.0 /ip proxy access
add action=deny comment=\ 192.168.10.1/77/index.htm
#以下为路由设置 /ip route
add comment=WAN3 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\\ pppoe-out3 routing-mark=to_3
add comment=\ gateway=pppoe-out1 routing-mark=to_1
add comment=WAN2 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\\ pppoe-out2 routing-mark=to_2
add comment=WAN4 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\\ pppoe-out4 routing-mark=to_4
add check-gateway=ping comment=WAN1 disabled=no distance=2 dst-address=\\ 0.0.0.0/0 gateway=pppoe-out1
add check-gateway=ping comment=WAN5 disabled=no distance=2 dst-address=\\ 0.0.0.0/0 gateway=pppoe-out5
add check-gateway=ping comment=WAN4 disabled=no distance=2 dst-address=\\ 0.0.0.0/0 gateway=pppoe-out4
add check-gateway=ping comment=WAN7 disabled=no distance=2 dst-address=\\ 0.0.0.0/0 gateway=pppoe-out7
add comment=WAN5 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\\ pppoe-out5 routing-mark=to_5
add check-gateway=ping comment=WAN3 disabled=no distance=2 dst-address=\\ 0.0.0.0/0 gateway=pppoe-out3
add check-gateway=ping comment=WAN1 disabled=no distance=1 dst-address=\\ 0.0.0.0/0 gateway=pppoe-out1
add comment=WAN6 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\\ pppoe-out6 routing-mark=to_6
add check-gateway=ping comment=WAN6 disabled=no distance=2 dst-address=\\ 0.0.0.0/0 gateway=pppoe-out6
add comment=WAN7 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\\ pppoe-out7 routing-mark=to_7
add check-gateway=ping comment=WAN2 disabled=no distance=2 dst-address=\\ 0.0.0.0/0 gateway=pppoe-out2 /ip route rule
add action=lookup comment=\ 192.168.10.0/24 table=gm100_r /ip service
set telnet address=0.0.0.0/0 disabled=no port=23 set ftp address=0.0.0.0/0 disabled=no port=21 set www address=0.0.0.0/0 disabled=no port=80 set ssh address=0.0.0.0/0 disabled=yes port=22
set www-ssl address=0.0.0.0/0 certificate=none disabled=no port=443 set api address=0.0.0.0/0 disabled=yes port=8728 set winbox address=0.0.0.0/0 disabled=no port=8291 /ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080 /ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no \\ inactive-flow-timeout=15s interfaces=all /ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes /ipv6 nd
add advertise-dns=no advertise-mac-address=yes disabled=no hop-limit=\\ unspecified interface=all managed-address-configuration=no mtu=\\
unspecified other-configuration=no ra-delay=3s ra-interval=3m20s-10m \\ ra-lifetime=30m reachable-time=unspecified retransmit-interval=\\ unspecified
/ipv6 nd prefix default
set autoconfig=yes on-link=yes preferred-lifetime=1w valid-lifetime=4w2d #以下为PPPOE拔号用户设置 /ppp aaa
set accounting=yes interim-update=0s use-radius=no /ppp secret
add caller-id=\ name=857 password=5182179 profile=PPPOE_2M routes=\add caller-id=\
limit-bytes-out=0 name=1004 password=123456 profile=PPPOE_1M routes=\ service=any
add caller-id=\
limit-bytes-out=0 name=965 password=13243800112 profile=PPPOE_1M routes=\\ \
/queue interface
set LAN queue=ethernet-default
set WAN_KONG queue=ethernet-default set pppoe-out2 queue=default set vlan2 queue=default set vlan3 queue=default set vlan5 queue=default set vlan6 queue=default set vlan7 queue=default set vlan8 queue=default set bridge2 queue=default set bridge3 queue=default set bridge5 queue=default set bridge6 queue=default set bridge7 queue=default set bridge8 queue=default set bridge4 queue=default set pppoe-out3 queue=default set pppoe-out4 queue=default set pppoe-out5 queue=default set pppoe-out6 queue=default set pppoe-out7 queue=default set pppoe-out8 queue=default set vlan1 queue=default set bridge1 queue=default set pppoe-out1 queue=default set bridge9 queue=default set vlan9 queue=default set vlan10 queue=default set bridge10 queue=default set pppoe-out9 queue=default
set vlan4 queue=default
set WAN queue=ethernet-default /radius incoming
set accept=no port=3799 /routing igmp-proxy
set query-interval=2m5s query-response-interval=10s quick-leave=no /routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m \\
gateway-selection=no-gateway origination-interval=5s preferred-gateway=\\ 0.0.0.0 timeout=1m ttl=50 /routing ospf
set distribute-default=never metric-bgp=20 metric-connected=20 \\
metric-default=1 metric-rip=20 metric-static=20 mpls-te-area=unspecified \\ mpls-te-router-id=unspecified redistribute-bgp=no redistribute-connected=\\ no redistribute-rip=no redistribute-static=no router-id=0.0.0.0 /routing pim
set switch-to-spt=no switch-to-spt-bytes=0 switch-to-spt-interval=0s /routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \\ metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \\ redistribute-connected=no redistribute-ospf=no redistribute-static=no \\ timeout-timer=3m update-timer=30s /routing ripng
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \\ metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \\ redistribute-connected=no redistribute-ospf=no redistribute-static=no \\ timeout-timer=3m update-timer=30s /store
add comment=\ user-manager
add comment=\/system clock
set time-zone-name=manual /system clock manual
set dst-delta=+00:00 dst-end=\ \/system console
add disabled=no port=serial0 term=vt102 set [ find vcno=1 ] disabled=no term=linux set [ find vcno=2 ] disabled=no term=linux set [ find vcno=3 ] disabled=no term=linux set [ find vcno=4 ] disabled=no term=linux set [ find vcno=5 ] disabled=no term=linux set [ find vcno=6 ] disabled=no term=linux set [ find vcno=7 ] disabled=no term=linux set [ find vcno=8 ] disabled=no term=linux /system console screen set line-count=25 /system gps
set enabled=no set-system-time=yes /system hardware
set multi-cpu=yes /system health
set state-after-reboot=enabled /system identity set name=MikroTik /system lcd
set contrast=0 enabled=no port=parallel type=24x4 /system lcd page
set time disabled=yes display-time=5s set resources disabled=yes display-time=5s set uptime disabled=yes display-time=5s set packets disabled=yes display-time=5s set bits disabled=yes display-time=5s set version disabled=yes display-time=5s set bridge6 disabled=yes display-time=5s set bridge7 disabled=yes display-time=5s set bridge2 disabled=yes display-time=5s set bridge3 disabled=yes display-time=5s set bridge5 disabled=yes display-time=5s set bridge4 disabled=yes display-time=5s set bridge1 disabled=yes display-time=5s set bridge10 disabled=yes display-time=5s set bridge8 disabled=yes display-time=5s set LAN disabled=yes display-time=5s set WAN disabled=yes display-time=5s
set WAN_KONG disabled=yes display-time=5s set
set pppoe-out4 disabled=yes display-time=5s
set vlan6 disabled=yes display-time=5s set vlan7 disabled=yes display-time=5s set vlan8 disabled=yes display-time=5s set vlan9 disabled=yes display-time=5s set vlan10 disabled=yes display-time=5s set vlan4 disabled=yes display-time=5s
set
set
set
add action=memory disabled=no prefix=\add action=memory disabled=no prefix=\add action=memory disabled=no prefix=\add action=echo disabled=no prefix=\/system note
set note=\/system ntp client
set enabled=no mode=unicast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0 /system ntp server
set broadcast=no enabled=no manycast=yes multicast=no /system routerboard bios set
#以下为网关更新脚本设置 /system scheduler
add comment=\ \\r\\
\\n:global new\\r\\ \\n:global status\\r\\ \\n:global x\\r\\
\\n:set x 4\\A3\\A8ADSL\\CC\\F5\\CA\\FD\\A3\\A9\\r\\ \\n:for i from=1 to=\\$x do={\\r\\
\\n :set status [/interface get [/interface find name=(\\\ \\$i)] running]\\r\\
\\n :if (\\$status=true) do={\\r\\
\\n :set new [/ip address get [/ip address find dynamic=yes interface=(\\ \\\
\\n :set new [:pick \\$new 0 ([:len \\$new] -3)]\\r\\
\\n :set assign [/ip address get [/ip address find dynamic=no interface\\ =(\\\
\\n :set assign [:pick \\$assign 0 ([:len \\$assign] -3)]\\r\\
\\n :if (\\$assign != \\$new) do={ /ip address set [/ip address find c\\ omment=(\\\ \\n /ip route set [/ip route find comment=(\\\ =\\$new\\r\\
\\n }\\r\\ \\n }\\r\\ \\n}\\r\\
\\n\
#以下为一些自动远行的脚本设置
add comment=www.changeip.com disabled=no interval=1m30s name=\ on-event=\ 27.0.0.255\\\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive \\ start-date=jan/01/1970 start-time=00:00:00
add comment=\ on-event=Exp_Auto policy=\\
reboot,read,write,policy,test,password,sniff,sensitive start-date=\\ jan/01/1970 start-time=00:00:00
/system script
add name=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=\ / ip firewall connection tracking\\r\\
\\nset enabled=yes tcp-syn-sent-timeout=5s tcp-syn-received-timeout=5s \\\\\\r\\ \\n tcp-established-timeout=5h tcp-fin-wait-timeout=10s \\\\\\r\\ \\n tcp-close-wait-timeout=10s tcp-last-ack-timeout=10s \\\\\\r\\
\\n tcp-time-wait-timeout=10s tcp-close-timeout=10s udp-timeout=10s \\\\\\r\\ \\n udp-stream-timeout=2m icmp-timeout=10s generic-timeout=5m\add name=Exp_Auto policy=\\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=\ :local tz\\r\\ \\n:local prof\\r\\ \\n:local tj\\r\\ \\n:set tz 0\\r\\
\\n:set prof 4day\\r\\ \\n:set tj 5\\r\\
\\n#tz\\CE\\AA\\CC\\E1\\C7\\B0\\B7\\A2\\CB\\CD\\B5\\BD\\C6\\DA\\CD\\A8\\D6\\AA\\B5\\C4\\CC\\EC\\CA\\ \\FD\\r\\
\\n#prof\\CE\\AA\\CC\\E1\\C7\\B0\\B7\\A2\\CB\\CD\\B5\\BD\\C6\\DA\\CD\\A8\\D6\\AA\\B5\\C4\\C4\\A3\\ \\B0\\E5\\r\\
\\n#tj\\CE\\AA\\B5\\BD\\C6\\DA\\BA\\F3\\BC\\B8\\CC\\EC\\CD\\A3\\D3\\C3\\D3\\C3\\BB\\A7\\D5\\CB\\BA\\ \\C5\\A3\\AC0\\CE\\AA\\B5\\BD\\C6\\DA\\BC\\B4\\CD\\A3\\BB\\FA\\r\\ \\n:local nyr [/system clock get date]\\r\\ \\n#\\D4\\C2\\C8\\D5\\C4\\EA 09/21/2011\\r\\
\\n:local yy ([:find jan,feb,mar,apr,may,jun,jul,aug,sep,oct,nov,dec [:pick\\ \\_\\$nyr 0 3]]+1)\\r\\
\\n#\\B2\\E9\\B5\\BD\\B5\\B1\\C7\\B0\\D4\\C2\\B7\\DD\\r\\ \\n:if (\\$yy<10) do={:set yy (0 . \\$yy)}\\r\\ \\n#\\D4\\C2\\B7\\DD\\B4\\A6\\C0\\ED\\r\\ \\n\\r\\
\\n:set nyr ([:pick \\$nyr 7 11] . \\$yy . [:pick \\$nyr 4 6])\\r\\ \\n#\\BB\\F1\\B5\\C3\\C4\\EA\\B7\\DD20110424\\r\\ \\n\\r\\
\\n:local ii \\\ \\n:local pcom8 \\\ \\n/ppp secret\\r\\
\\n#\\BF\\AA\\CA\\BC\\D1\\AD\\BB\\B7\\r\\
\\n:foreach puse in [find disabled=no] do={\\r\\
\\n#\\B2\\E9\\D5\\D2\\C3\\BB\\BD\\FB\\D3\\C3\\B5\\C4\\D5\\CA\\BA\\C5\\r\\ \\n:local pcom [get \\$puse comment]\\r\\ \\n#\\B1\\B8\\D7\\A2\\r\\
\\n:set pcom8 [:pick \\$pcom ([:find \\$pcom \\\ \\r\\
\\n#\\B4\\A6\\C0\\ED\\B1\\B8\\D7\\A2\\r\\ \\n:local pnam [get \\$puse name]\\r\\ \\n#\\D5\\CA\\BA\\C5\\r\\
\\n:local tzprof [get \\$puse profile]\\r\\ \\n#\\C5\\E4\\D6\\C3\\CE\\C4\\BC\\FE\\r\\ \\n\\r\\
\\n:set ii (\\$ii + 1)\\r\\ \\n# ii\\D7\\D4\\BC\\D31\\r\\ \\n\\r\\
\\n:if (\\$pcom8!=\\\
\\n#\\BF\\AA\\CA\\BC\\B1\\C8\\BD\\CF\\C5\\D0\\B6\\CF\\A3\\AC\\B1\\B8\\D7\\A2\\B2\\BB\\C4\\DC\\CE\\ \\AA\\BF\\D5 \\D2\\B2\\B2\\BB\\CE\\AAadmin\\r\\ \\n\\r\\
\\n:if ([:len \\$pcom8]<8) do={\\r\\ \\n#\\B3\\A4\\B6\\C8\\C5\\D0\\B6\\CF\\r\\ \\n\\r\\
\\n:log error (\\\
\\D7\\A2\\B2\\BB\\D7\\E38\\CE\\BB\\A3\\AC\\CF\\D6\\B1\\B8\\D7\\A2\\C8\\D5\\C6\\DA\\A3\\BA\\A1\\BE\\ \\\ \\n} else={\\r\\ \\n\\r\\
\\n#\\D7\\AA\\B3\\C9\\CA\\FD\\D7\\D6\\r\\ \\n:if (\\$pcom8>1) do={\\r\\
\\n#\\C8\\E7\\B9\\FB\\B4\\F3\\D3\\DA1\\r\\
\\n:if (\\$pcom8>=\\$nyr && (\\$pcom8 - \\$nyr)<=\\$tz && \\$tzprof!=\\$prof) do={\\ \\r\\
\\n#\\C8\\E7\\B9\\FB\\B4\\F3\\D3\\DA\\B5\\C8\\D3\\DA\\B5\\B1\\C7\\B0\\C8\\D5\\C6\\DA\\B2\\A2\\C7\\ \\D2\\B9\\FD\\C6\\DA\\CC\\EC\\CA\\FD\\D0\\A1\\D3\\DA\\B5\\C8\\D3\\DA(\\$pcom8 - \\$nyr)\\D0\\A1\\ \\D3\\DA\\B5\\C8\\D3\\DA\\CD\\A8\\D6\\AA\\CA\\B1\\BC\\E4\\A3\\AC\\CD\\AC\\CA\\B1\\C5\\E4\\D6\\C3\\ \\CE\\C4\\BC\\FE\\B2\\BB\\B5\\C8\\D3\\DA\\$prof)\\r\\ \\n\\r\\
\\n/ppp secret set [/ppp secret find name=\\$pnam] profile=\\$prof;:set ii (\\ \\$ii - 1)\\r\\
\\n#\\C9\\E8\\D6\\C3pppoe\\D5\\CB\\BA\\C5\\B5\\C4\\C5\\E4\\D6\\C3\\CE\\C4\\BC\\FE\\CE\\AA\\$prof\\ ,\\C8\\BB\\BA\\F3ii\\BC\\F5\\D2\\BB\\r\\ \\n\\r\\ \\n\\r\\
\\n:log warning (\\\ \\BD\\C6\\DA\\A3\\AC\\CD\\A8\\D6\\AA\\D2\\D1\\CF\\C2\\B7\\A2\\A3\\A1\\\ \\n}} \\r\\
\\n:if (\\$nyr>=\\$pcom8 && (\\$nyr - \\$pcom8)>=\\$tj) do={\\r\\
\\n#\\C8\\E7\\B9\\FB\\D2\\D1\\BE\\AD\\B9\\FD\\C6\\DA\\C1\\CB\\A3\\AC\\D4\\F2\\C7\\BF\\D6\\C6\\CF\\ \\C2\\CF\\DF\\B2\\A2\\CF\\C2\\B7\\A2\\CD\\A8\\D6\\AA\\r\\ \\n\\r\\
\\n/ppp active remove [/ppp active find name=\\$pnam];\\r\\
\\n#/ppp secret set [/ppp secret find name=\\$pnam] profile=tongzhi;:set ii \\ (\\$ii - 1)\\r\\
\\n/ppp secret disable [/ppp secret find name=\\$pnam];:set ii (\\$ii - 1)\\r\\
\\n:log error (\\\ \\CD\\A3\\D3\\C3\\B2\\A2\\C7\\BF\\D6\\C6\\CF\\C2\\CF\\DF\\A3\\A1\\\
\\n}}} else={:log error (\\\
\\B1\\B8\\D7\\A2\\A1\\BE\\\ \\EB\\D6\\D8\\D0\\C2\\B1\\B8\\D7\\A2\\A3\\A1\\\ \\n}\\r\\
\\n#:log warning (\\\ \\BF\\\
add name=new_pro policy=\\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=\ #\\BD\\A8\\C1\\A2PRO\\r\\ \\n/ppp profile\\r\\
\\nadd change-tcp-mss=default comment=\\\ .88 \\\\\\r\\
\\n local-address=4day name=4day only-one=yes rate-limit=72k/700k \\\\\\r\\ \\n remote-address=4day use-compression=default use-encryption=default \\ \\\\\\r\\
\\n use-vj-compression=default \\r\\
\\nadd change-tcp-mss=default comment=\\\ .88 \\\\\\r\\
\\n local-address=tongzhi name=tongzhi only-one=default remote-address=\\ \\\\\\r\\
\\n tongzhi use-compression=default use-encryption=default \\\\\\r\\ \\n use-vj-compression=default\add name=tz_web policy=\\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=\
#\\D2\\D4\\CF\\C2\\BD\\C5\\B1\\BE\\D4\\DAsystem/scripts\\D6\\D0\\D4\\CB\\D0\\D0\\D2\\BB\\B4\\ \\CE\\BE\\CD\\D0\\D0\\C1\\CB\\r\\ \\n\\r\\
\\n#\\CA\\D7\\D2\\B3\\CB\\F9\\D4\\DA\\B7\\FE\\CE\\F1\\C6\\F7IP\\r\\ \\n:local StrToAddress\\r\\
\\n:set StrToAddress 192.168.192.168.10.1\\r\\
\\n#\\CA\\D7\\D2\\B3\\CB\\F9\\D4\\DA\\B7\\FE\\CE\\F1\\C6\\F7\\B6\\CB\\BF\\DA\\r\\ \\n:local StrToPort\\r\\ \\n:set StrToPort 8080\\r\\
\\n#\\CA\\B1\\CF\\DE1,\\D6\\B8\\B6\\A8\\CA\\B1\\CF\\DE\\C4\\DA\\CC\\F8\\B5\\BD\\D6\\B8\\B6\\A8\\CA\\ \\D7\\D2\\B3,\\C9\\E8\\D6\\C31-5\\C3\\EB\\r\\ \\n:local StrTimeOut1\\r\\ \\n:set StrTimeOut1 5s\\r\\
\\n#\\CA\\B1\\CF\\DE2,\\D6\\B8\\B6\\A8\\CA\\B1\\CF\\DE\\C4\\DA\\B2\\BB\\CC\\F8\\B5\\BD\\D6\\B8\\B6\\ \\A8\\CA\\D7\\D2\\B3,3\\D0\\A1\\CA\\B1\\CE\\AA3h,(\\B2\\E2\\CA\\D4\\CA\\C7\\B7\\F1\\D3\\D0\\D0\\ \\A7\\BF\\C9\\B5\\F7\\CE\\AA1\\B7\\D6\\D6\\D31m)\\r\\ \\n:local StrTimeOut2\\r\\ \\n:set StrTimeOut2 1h\\r\\
\\nip firewall mangle add chain=prerouting src-address=20.20.20.0/24 protoc\\ ol=tcp dst-port=80 src-\\r\\r\\ \\naddress-list=!src2 \\\\\\r\\
\\n action=add-src-to-address-list address-list=src1 address-list-ti\\ meout=\\$StrTimeOut1 \\r\\r\\ \\ncomment=TimeOut1\\r\\
\\nip firewall mangle add chain=prerouting src-address=20.20.20.0/24 proto\\ col=tcp dst-port=80 \\\\\\r\\
\\n action=add-src-to-address-list address-list=src2 address-list-ti\\ meout=\\$StrTimeOut2 \\r\\r\\ \\ncomment=TimeOut2\\r\\
\\nip firewall nat add chain=dstnat src-address=20.20.20.0/24 protocol=tcp\\ \\_dst-port=80 src-address-\\r\\r\\ \\nlist=src1 \\\\\\r\\
\\n action=dst-nat to-addresses=\\$StrToAddress to-ports=\\$StrToPort \\ comment=ToAddress\add name=pool_poe policy=\\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=\ #\\BD\\A8\\C1\\A2\\B5\\D8\\D6\\B7\\B3\\D8\\r\\ \\n\\r\\
\\n/ip pool\\r\\
\\nadd name=4day ranges=20.20.20.0/24\\r\\ \\nadd name=tongzhi ranges=30.30.30.0/24\add name=auto policy=\\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=\ /system scheduler\\r\\
\\nremove [find name=ExpAuto]\\r\\
\\nadd comment=\\\ policy=\\\\\\r\\
\\n reboot,read,write,policy,test,password,sniff,sensitive start-date=\\\\\\ \\r\\
\\n jan/01/1970 start-time=00:00:00\/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=\\ 0.0.0.0 user=\/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=\\ none watchdog-timer=yes /tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=\\ 100 /tool e-mail
set from=<> password=\/tool graphing
set page-refresh=300 store-every=5min /tool mac-server
add disabled=no interface=all /tool mac-server ping set enabled=yes /tool sms
set allowed-number=\/tool sniffer
set file-limit=10 file-name=\
filter-address2=0.0.0.0/0:0-65535 filter-protocol=ip-only filter-stream=\\ yes interface=all memory-limit=10 only-headers=no streaming-enabled=no \\ streaming-server=0.0.0.0 /tool user-manager customer
add comment=\
paypal-accept-pending=no paypal-allowed=no paypal-secure-response=no \\ permissions=owner signup-allowed=no subscriber=admin time-zone=+00:00 /user aaa
set accounting=yes default-group=read interim-update=0s use-radius=no
\\nadd comment=\\\ policy=\\\\\\r\\
\\n reboot,read,write,policy,test,password,sniff,sensitive start-date=\\\\\\ \\r\\
\\n jan/01/1970 start-time=00:00:00\/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=\\ 0.0.0.0 user=\/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=\\ none watchdog-timer=yes /tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=\\ 100 /tool e-mail
set from=<> password=\/tool graphing
set page-refresh=300 store-every=5min /tool mac-server
add disabled=no interface=all /tool mac-server ping set enabled=yes /tool sms
set allowed-number=\/tool sniffer
set file-limit=10 file-name=\
filter-address2=0.0.0.0/0:0-65535 filter-protocol=ip-only filter-stream=\\ yes interface=all memory-limit=10 only-headers=no streaming-enabled=no \\ streaming-server=0.0.0.0 /tool user-manager customer
add comment=\
paypal-accept-pending=no paypal-allowed=no paypal-secure-response=no \\ permissions=owner signup-allowed=no subscriber=admin time-zone=+00:00 /user aaa
set accounting=yes default-group=read interim-update=0s use-radius=no
正在阅读:
ROS对接VLAN交换机多线设置,可用于多线拔号,里面超多脚本05-17
8 施工组织设计(中型水库可研)03-12
建筑初步期末考卷答案C卷01-28
土木工程材料复习题及参考答案04-06
初中英语语法专项练习大全-带答案(包括介词动词等所有词类、句04-18
州市级配送供货承诺函(范本)08-21
未来的交通工具作文400字07-05
黑龙江公务员考试面试题型题量分析04-03
穿鞋的小熊作文400字06-18
- 多层物业服务方案
- (审判实务)习惯法与少数民族地区民间纠纷解决问题(孙 潋)
- 人教版新课标六年级下册语文全册教案
- 词语打卡
- photoshop实习报告
- 钢结构设计原理综合测试2
- 2014年期末练习题
- 高中数学中的逆向思维解题方法探讨
- 名师原创 全国通用2014-2015学年高二寒假作业 政治(一)Word版
- 北航《建筑结构检测鉴定与加固》在线作业三
- XX县卫生监督所工程建设项目可行性研究报告
- 小学四年级观察作文经典评语
- 浅谈110KV变电站电气一次设计-程泉焱(1)
- 安全员考试题库
- 国家电网公司变电运维管理规定(试行)
- 义务教育课程标准稿征求意见提纲
- 教学秘书面试技巧
- 钢结构工程施工组织设计
- 水利工程概论论文
- 09届九年级数学第四次模拟试卷
- 多线
- 拔号
- 对接
- 交换机
- 脚本
- 用于
- 里面
- 设置
- VLAN
- ROS
- 中外新闻史笔记整理
- 毕业论文—浅谈企业偿债能力分析研究
- 汽车电控与电气习题答案
- 常见无失真信源编码算法及Matlab实现比较
- 基于华为技术有限公司的企业盈利模式分析
- 习题集与答案
- 乡镇XX年开展百日安全生产大检查自检自查报告(汇报材料)
- 农村中职校“创意农业”课程开发与教学实践研究开题报告
- 招标书
- 大学毕业设计---京东自营物流模式研究
- 融资租赁合作框架协议
- 财政分权下的经济结构与地方政府行为
- 江苏省连云港市2018年中考历史试题(解析版)
- 2018年电大《幼儿园课程论》形成性考核册(1-4)及答案
- 揭开货币的神秘面纱教学设计(市优质课)
- 用JDT开发Eclipse插件
- 外研版高中英语必修1 Module 4《A Social Survey-My Neighbourho
- 2017年11月物业公司工作总结
- XX项目===安全生产“百日行动”自查报告
- (目录)2018-2023年中国微生物农药行业发展趋势预测与投资咨询