pcq

pcq

关注
发信
关注(28)粉丝(399)

ros的一些设置

端口映射规则,dst-address填写你的公网地址,乱写也可以,到后面会通过定时脚本自动更新

/ip firewall nat

add action=dst-nat chain=dstnat comment=nat- dst-address=11.22.33.44 \

    dst-port= protocol=tcp to-addresses=192.168.88.235 to-ports=

add action=masquerade chain=srcnat src-address=192.168.88.0/

ip统计脚本

/ip firewall mangle

add action=add-src-to-address-list address-list=online address-list-timeout=\

    none-static chain=prerouting comment="ip calc" dst-address-type="" \

    dst-limit=,,dst-address/1m40s limit=,:packet src-address=\

    192.168.88.0/ src-address-type="" time=\

    0s-1d,sun,mon,tue,wed,thu,fri,sat

需要的脚本

/system script

add dont-require-permissions=no name=set-nat-global-ip owner=mmc policy=\

    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\

    global ipaddr [/ip address get [/ip address find interface=pppoe-out1] add\

    ress]\r\

    \n\r\

    \n:set ipaddr [:pick \$ipaddr  ([len \$ipaddr] -)]\r\

    \n:global oldip [/ip firewall nat get [/ip firewall nat find comment=\"nat\

    -\"] dst-address]\r\

    \n\r\

    \n:if (\$ipaddr != \$oldip) do={\r\

    \n  log info message=[/ip firewall nat set [/ip firewall nat find comment=\

    \"nat-235\"] dst-address=\$ipaddr]\r\

    \n}"

add dont-require-permissions=no name=ip-number owner=mmc policy=\

    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\

    local ipNumber \r\

    \n:local onlineIPList online\r\

    \n\r\

    \n:foreach i in=[/ip firewall address-list find list=\$onlineIPList] do={\

    \r\

    \n  :set ipNumber (\$ipNumber+)\r\

    \n  }\r\

    \nlog warning message=(\"current \" . \$ipNumber . \" ips online\")"

定时器

/system scheduler

add interval=1m name=global-ip-sync on-event=":execute \"set-nat-global-ip\"" \

    policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \

    start-date=oct// start-time=::

add interval=1m name=ip-statistic on-event=":execute \"ip-number\"" policy=\

    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \

    start-time=startup

pcq限速

/queue simple
add max-limit=50M/100M name=pcq1 queue=pcq-upload-default/pcq-download-default target=192.168.88.0/2

限制mac上网脚本

ip firewall filter add chain=forward src-mac-address=::::: action=drop
05-11 04:03
Powered by LMLPHP ©2024 pcq 0.077049