RouterOS的常用命令
/ sy reset
/ sy reboot重启
/ sy showdown
/ sy ide set name =机器名
/导出
/ ip export
/ sy备份回车
保存名称=你要设置文件名
LOAD NAME =你要设置文件名
/界面打印
0 X ether1 ether 1500这个是网卡没有开启
0 R ether1 ether 1500这个是正常状态
/ int
/ int
/ ip fir con打印
/ ip service set www port = 81
/ ip hotspot user add name = user1 password = 1
一:限速脚本
:对于从1到254的wbsz do = {/ queue simple add name =(wbsz。$ wbsz)dst-address =(192.168.0。$ wbsz)limit-at = 1024K / 1024K max-limit = 1024K / 1024K}
二:限制每台机最大线程数
:对于从1到254的wbsz do = {/ ip防火墙过滤器add chain = forward src-address =(192.168.0。$ wbsz)protocol = tcp connection-limit = 50,32 action = drop}
三:端口映射
ip firewall nat add chain = dstnat dst-address =(202.96.134.134)protocol = tcp dst-port = 80 to-addresses =(192.168.0.1)to-ports = 80 action = dst-nat
四:封端口号
/ ip防火墙过滤器
ad ch forward pr tcp dst-po 8000 act drop comment =“封锁QQ”
五:更变的telnet服务端口
/ ip服务设置telnet端口= 23
六:更变SSH管理服务端口
/ ip服务设置ssh端口= 22
七:更变WWW服务端口号
/ ip服务设置www端口= 80
八:更变FTP服务端口号
/ ip服务设置ftp端口= 21
九:增加本ROS管理用户
/ user add name = wbsz password = admin group = full
十:删除限速脚本
:对于从1到254的wbsz do = {/ queue simple remove(wbsz。$ wbsz)}
十一:封IP脚步本
/ ip防火墙过滤器
add chain = forward dst-address = 58.60.13.38 / 32 action = drop comment =“封锁QQ”
十二:禁P2P脚本
/ ip防火墙过滤器
add chain = forward src-address = 192.168.0.0 / 24 p2p = all-p2p
十三:限制每台机最大的TCP线程数(线程数= 60)
/ ip防火墙过滤器
add chain = forward protocol = tcp connection-limit = 60,32 action = drop
十四:一次性绑定所有在线机器MAC
:foreach wbsz in = [/ ip arp find dynamic = yes] do = [/ ip arp add copy-from = $ wbsz]
十五:解除所以绑定的MAC
:foreach wbsz in [/ ip arp find] do = {/ ip arp remove $ wbsz}
十六:禁平
/ ip防火墙过滤器
add chain = output protocol = icmp action = drop comment =“No Ping”
十七:禁电驴
/ ip防火墙过滤器
add chain = forward protocol = tcp dst-port = 4661-4662 action = drop comment =“No Emule”
add chain = forward protocol = tcp dst-port = 4242 action = drop
add chain = forward dst-address = 62.241.53.15 action = drop
十八:禁PPLIVE
/ ip防火墙过滤器
add chain = forward protocol = tcp dst-port = 8008 action = drop comment =“No PPlive TV”
add chain = forward protocol = udp dst-port = 4004 action = drop
add chain = forward dst-address = 218.108.237.11 action = drop
十九:禁QQ直播
/ ip防火墙过滤器
add chain = forward protocol = udp dst-port = 13000-14000 action = drop comment =“No QQLive”
二十:禁比特精灵
/ ip防火墙过滤器
add chain = forward protocol = tcp dst-port = 16881 action = drop comment =“No BitSpirit”
二十一:禁QQ聊天(没事不要用)
/ ip防火墙过滤器
添加chain =转发src-address = 10.5.6.7 / 32 action =接受评论=“没有腾讯QQ”
ad ch forward pr tcp dst-po 8000 act drop
广告前瞻prddp dst-po 8000行为下降
广告前瞻prddp dst-po 8000行为下降
add chain = forward dst-address = 61.144.238.0 / 24 action = drop
add chain = forward dst-address = 61.152.100.0 / 24 action = drop
add chain = forward dst-address = 61.141.194.0 / 24 action = drop
add chain = forward dst-address = 202.96.170.163 / 32 action = drop
add chain = forward dst-address = 202.104.129.0 / 24 action = drop
add chain = forward dst-address = 202.104.193.20 / 32 action = drop
add chain = forward dst-address = 202.104.193.11 / 32 action = drop
add chain = forward dst-address = 202.104.193.12 / 32 action = drop
add chain = forward dst-address = 218.17.209.23 / 32 action = drop
add chain = forward dst-address = 218.18.95.153 / 32 action = drop
add chain = forward dst-address = 218.18.95.165 / 32 action = drop
add chain = forward dst-address = 218.18.95.220 / 32 action = drop
add chain = forward dst-address = 218.85.138.70 / 32 action = drop
add chain = forward dst-address = 219.133.38.0 / 24 action = drop
add chain = forward dst-address = 219.133.49.0 / 24 action = drop
add chain = forward dst-address = 220.133.40.0 / 24 action = drop
添加chain =转发内容= sz.tencent action =拒绝
添加chain =转发内容= sz2.tencent action =拒绝
添加chain =转发内容= sz3.tencent action =拒绝
添加chain =转发内容= sz4.tencent action =拒绝
添加chain =转发内容= sz5.tencent action =拒绝
添加chain =转发内容= sz6.tencent action =拒绝
添加链=前进内容= sz7.tencent行动=拒绝
添加chain =转发内容= sz8.tencent action = rejec
添加chain =转发内容= sz9.tencent action = rejec
添加chain =转发内容= tcpconn.tencent action =拒绝
添加chain =转发内容= tcpconn2.tencent action =拒绝
添加chain =转发内容= tcpconn3.tencent action =拒绝
添加chain =转发内容= tcpconn4.tencent action =拒绝
添加chain =转发内容= tcpconn5.tencent action =拒绝
添加chain =转发内容= tcpconn6.tencent action =拒绝
添加chain =转发内容= tcpconn7.tencent action =拒绝
添加chain =转发内容= tcpconn8.tencent action =拒绝
添加chain =转发内容= qq action =拒绝
添加chain =转发内容= www.qq action =拒绝
二十二:防止灰鸽子入浸
/ ip防火墙过滤器
add chain = forward protocol = tcp dst-port = 1999 action = drop comment =“Backdoor.GrayBird.ad”
add chain = forward dst-address = 80.190.240.125 action = drop
add chain = forward dst-address = 203.209.245.168 action = drop
add chain = forward dst-address = 210.192.122.106 action = drop
add chain = forward dst-address = 218.30.88.43 action = drop
add chain = forward dst-address = 219.238.233.110 action = drop
add chain = forward dst-address = 222.186.8.88 action = drop
add chain = forward dst-address = 124.42.125.37 action = drop
add chain = forward dst-address = 210.192.122.107 action = drop
add chain = forward dst-address = 61.147.118.198 action = drop
add chain = forward dst-address = 219.238.233.11 action = drop
二十三:防三波
/ ip防火墙过滤器
add chain = forward protocol = tcp dst-port = 135-139 action = drop comment =“No 3B”
内容纲要
