ros的一些设置

于 2018-10-18 09:58:00 发布
阅读量266 收藏
点赞数
文章标签: 网络

端口映射规则,dst-address填写你的公网地址,乱写也可以,到后面会通过定时脚本自动更新

/ip firewall nat
add action=dst-nat chain=dstnat comment=nat-235 dst-address=11.22.33.44 \
    dst-port=21 protocol=tcp to-addresses=192.168.88.235 to-ports=21
add action=masquerade chain=srcnat src-address=192.168.88.0/22

 

ip统计脚本

/ip firewall mangle
add action=add-src-to-address-list address-list=online address-list-timeout=\
    none-static chain=prerouting comment="ip calc" dst-address-type="" \
    dst-limit=1,5,dst-address/1m40s limit=1,5:packet src-address=\
    192.168.88.0/22 src-address-type="" time=\
    0s-1d,sun,mon,tue,wed,thu,fri,sat

 

需要的脚本

/system script
add dont-require-permissions=no name=set-nat-global-ip owner=mmc policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
    global ipaddr [/ip address get [/ip address find interface=pppoe-out1] add\
    ress]\r\
    \n\r\
    \n:set ipaddr [:pick \$ipaddr 0 ([len \$ipaddr] -3)]\r\
    \n:global oldip [/ip firewall nat get [/ip firewall nat find comment=\"nat\
    -235\"] dst-address]\r\
    \n\r\
    \n:if (\$ipaddr != \$oldip) do={\r\
    \n  log info message=[/ip firewall nat set [/ip firewall nat find comment=\
    \"nat-235\"] dst-address=\$ipaddr]\r\
    \n}"
add dont-require-permissions=no name=ip-number owner=mmc policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
    local ipNumber 0\r\
    \n:local onlineIPList online\r\
    \n\r\
    \n:foreach i in=[/ip firewall address-list find list=\$onlineIPList] do={\
    \r\
    \n  :set ipNumber (\$ipNumber+1)\r\
    \n  }\r\
    \nlog warning message=(\"current \" . \$ipNumber . \" ips online\")"

 

定时器

/system scheduler
add interval=1m name=global-ip-sync on-event=":execute \"set-nat-global-ip\"" \
    policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
    start-date=oct/16/2018 start-time=11:07:59
add interval=1m name=ip-statistic on-event=":execute \"ip-number\"" policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
    start-time=startup

 

pcq限速

/queue type
add kind=pcq name=down_pcq pcq-classifier=dst-address pcq-dst-address6-mask=\
    64 pcq-src-address6-mask=64 pcq-total-limit=10000KiB
add kind=pcq name=upload_pcq pcq-classifier=src-address \
    pcq-dst-address6-mask=64 pcq-src-address6-mask=64 pcq-total-limit=\
    10000KiB
/queue simple
add max-limit=200M/200M name=pcq1 queue=upload_pcq/down_pcq target=\
    192.168.88.0/22

 

weixin_33824363
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值