最新ROS动态PCQ脚本,2.X 3.X 4.X 全系列
PCQ2.X
/ ip firewall filter
add chain=output src-address=!192.168.0.0/24 protocol=icmp action=drop \
comment="no net Ping" disabled=no
/ip firewall mangle
add action=mark-packet chain=prerouting comment="\B7\C0UDP\B9\A5\BB\F7" \
disabled=no dst-port=0-65535 new-packet-mark=udp passthrough=yes \
protocol=udp
add action=accept chain=prerouting comment="\CD\E2\BD\D3\CF\DE\CB\D9" \
connection-mark=nolimit disabled=no
add action=mark-connection chain=prerouting comment=\
"\C5\C5\B3\FD\B7\FE\CE\F1\C6\F7\CF\DE\CB\D9" disabled=no \
new-connection-mark=nolimit passthrough=yes src-address=\
192.168.0.240-192.168.0.253
add action=mark-connection chain=forward comment="P2P\CF\DE\D6\C6" disabled=\
no new-connection-mark=p2pCOM p2p=all-p2p passthrough=yes
add action=mark-packet chain=forward comment="P2P\CF\DE\D6\C6" \
connection-mark=p2pCOM disabled=no new-packet-mark=p2p passthrough=yes
add action=mark-packet chain=prerouting comment=\
"\B1\EA\BC\C7\CB\F9\D3\D0\CA\FD\BE\DD\B0\FC" disabled=no new-packet-mark=\
all-mark passthrough=yes
/queue type
set default kind=pfifo name=default pfifo-limit=50
set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
set wireless-default kind=sfq name=wireless-default sfq-allot=1514 \
sfq-perturb=5
set synchronous-default kind=red name=synchronous-default red-avg-packet=1000 \
red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=\
5
add kind=pcq name=PCQUP pcq-classifier=src-address pcq-limit=50 pcq-rate=\
2000000 pcq-total-limit=2000
add kind=pcq name=PCQPUP pcq-classifier=src-address pcq-limit=50 pcq-rate=\
120000 pcq-total-limit=2000
add kind=pcq name=PCQ8M pcq-classifier=dst-address pcq-limit=50 pcq-rate=\
8000000 pcq-total-limit=2000
add kind=pcq name=PCQ6M pcq-classifier=dst-address pcq-limit=50 pcq-rate=\
6000000 pcq-total-limit=2000
add kind=pcq name=PCQ10M pcq-classifier=dst-address pcq-limit=50 pcq-rate=\
10000000 pcq-total-limit=2000
add kind=pcq name=PCQpppoe pcq-classifier=dst-address pcq-limit=50 pcq-rate=\
192000 pcq-total-limit=2000
set default-small kind=pfifo name=default-small pfifo-limit=10
/ system script
add name="server" source=":for sheng from 240 to 253 do={/queue simple add \
name=\(A . \$sheng\) dst-address=\(192.168.0. . \$sheng\) \
max-limit=3200000/1600000 interface=all disabled=no}" \
policy=ftp,reboot,read,write,policy,test,winbox,password
add name="AUTOarp" source=":foreach i in \ do={/ip arp \
add copy-from=\$i}" \
policy=ftp,reboot,read,write,policy,test,winbox,password
add name="Down40M" source="/interface disable adsl
\n
\n:if \(\[/queue tree \
get \ disable \]=false \) do={/queue \
tree disable PCQPUP}
\n
\n\n\n\n\n:if \(\[/queue tree get \[/queue tree \
find name=\"PCQpppoe\"\] disable \]=false \) do={/queue tree disable \
PCQpppoe}
\n
\n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
name=\"PCQDown45M\"\] disable \]=false \) do={/queue tree disable \
PCQDown45M}
\n
\n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
name=\"PCQDown49M\"\] disable \]=false \) do={/queue tree disable \
PCQDown49M}
\n
\n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
name=\"PCQDown40M\"\] disable \]=true \) do={/queue tree enable \
PCQDown40M}
\n
\n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
name=\"PCQUP\"\] disable \]=true \) do={/queue tree enable \
PCQUP}\n\n\n\n
\n
\n:if \(\[/queue tree get \[/queue tree find \
name=\"p2pL\"\] disable \]=true \) do={/queue tree enable \
p2pL}
\n
\n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
name=\"p2pW\"\] disable \]=true \) do={/queue tree enable \
p2pW}
\n
\n\n\n\n\n:log info {\"dwon 10M\"}" \
policy=ftp,reboot,read,write,policy,test,winbox,password
add name="Down45M" source=":if \(\[/queue tree get \[/queue tree find \
name=\"PCQDown40M\"\] disable \]=false \) do={/queue tree disable \
PCQDown40M}
\n
\n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
name=\"PCQDown49M\"\] disable \]=false \) do={/queue tree disable \
PCQDown49M}
\n
\n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
name=\"PCQDown45M\"\] disable \]=true \) do={/queue tree enable \
PCQDown45M}
\n
\n\n\n\n\n:log info {\"dwon 8M\"}" \
policy=ftp,reboot,read,write,policy,test,winbox,password
add name="Down49M" source=":if \(\[/queue tree get \[/queue tree find \
name=\"PCQDown40M\"\] disable \]=false \) do={/queue tree disable \
PCQDown40M}
\n
\n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
name=\"PCQDown45M\"\] disable \]=false \) do={/queue tree disable \
PCQDown45M}
\n
\n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
name=\"PCQDown49M\"\] disable \]=true \) do={/queue tree enable \
PCQDown49M}
\n
\n\n\n\n\n:log info {\"dwon 6M\"}" \
policy=ftp,reboot,read,write,policy,test,winbox,password
add name="PPPOE" source="/interface enable adsl
\n
\n:if \(\[/queue tree get \
\ disable \]=false \) do={/queue \
tree disable PCQDown40M}
\n
\n\n\n\n\n:if \(\[/queue tree get \[/queue \
tree find name=\"PCQDown45M\"\] disable \]=false \) do={/queue tree \
disable PCQDown45M}
\n
\n\n\n\n\n:if \(\[/queue tree get \[/queue tree \
find name=\"PCQDown49M\"\] disable \]=false \) do={/queue tree disable \
PCQDown49M}
\n
\n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
name=\"PCQUP\"\] disable \]=false \) do={/queue tree disable \
PCQUP}\n\n\n\n
\n
\n:if \(\[/queue tree get \[/queue tree find \
name=\"p2pL\"\] disable \]=false \) do={/queue tree disable \
p2pL}
\n
\n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
name=\"p2pW\"\] disable \]=false \) do={/queue tree disable \
p2pW}\n\n\n\n
\n
\n:if \(\[/queue tree get \[/queue tree find \
name=\"PCQpppoe\"\] disable \]=true \) do={/queue tree enable \
PCQpppoe}
\n
\n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
name=\"PCQPUP\"\] disable \]=true \) do={/queue tree enable \
PCQPUP}
\n
\n\n\n\n\n:log info {\"down ADSL\"}" \
policy=ftp,reboot,read,write,policy,test,winbox,password
/ tool traffic-monitor
add name="WanDown40M" interface=wan traffic=received trigger=below \
threshold=40000000 on-event=Down40M comment="" disabled=no
add name="WanDown45M" interface=wan traffic=received trigger=above \
threshold=45000000 on-event=Down45M comment="" disabled=no
add name="WanDown49M" interface=wan traffic=received trigger=above \
threshold=49000000 on-event=Down49M comment="" disabled=no
/ queue tree
add name="p2pW" parent=wan packet-mark=p2p limit-at=4000000 queue=default \
priority=8 max-limit=4000000 burst-limit=0 burst-threshold=0 burst-time=0s \
disabled=yes
add name="p2pL" parent=lan packet-mark=p2p limit-at=4000000 queue=default \
priority=8 max-limit=4000000 burst-limit=0 burst-threshold=0 burst-time=0s \
disabled=yes
add name="PCQUP" parent=global-out packet-mark=all-mark limit-at=0 queue=PCQUP \
priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
disabled=yes
add name="PCQPUP" parent=global-in packet-mark=all-mark limit-at=0 \
queue=PCQPUP priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=no
add name="PCQDown40M" parent=global-in packet-mark=all-mark limit-at=0 \
queue=PCQ10M priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="PCQDown45M" parent=global-in packet-mark=all-mark limit-at=0 \
queue=PCQ8M priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="PCQDown49M" parent=global-in packet-mark=all-mark limit-at=0 \
queue=PCQ6M priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="PCQpppoe" parent=global-in packet-mark=all-mark limit-at=0 \
queue=PCQpppoe priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=no
/ tool netwatch
add host=60.170.90.149 timeout=1s interval=5s up-script=Down40M \
down-script=PPPOE comment="" disabled=no
:for i from=1 to=253 do={/ip firewall filter add chain=forward src-address=("192.168.0." . $i) protocol=tcp connection-limit=200,32 action=drop}
ROS3.X-4.X PCQ
/ip firewall filter
add action=drop chain=output comment="no net Ping" disabled=no protocol=icmp \
src-address=!192.168.0.0/24
/ip firewall mangle
add action=mark-packet chain=prerouting comment="\B7\C0UDP\B9\A5\BB\F7" \
disabled=no dst-port=0-65535 new-packet-mark=udp passthrough=yes \
protocol=udp
add action=accept chain=prerouting comment="\CD\E2\BD\D3\CF\DE\CB\D9" \
connection-mark=nolimit disabled=no
add action=mark-connection chain=prerouting comment=\
"\C5\C5\B3\FD\B7\FE\CE\F1\C6\F7\CF\DE\CB\D9" disabled=no \
new-connection-mark=nolimit passthrough=yes src-address=\
192.168.0.240-192.168.0.253
add action=mark-connection chain=forward comment="P2P\CF\DE\D6\C6" disabled=\
no new-connection-mark=p2pCOM p2p=all-p2p passthrough=yes
add action=mark-packet chain=forward comment="P2P\CF\DE\D6\C6" \
connection-mark=p2pCOM disabled=no new-packet-mark=p2p passthrough=yes
add action=mark-packet chain=prerouting comment=\
"\B1\EA\BC\C7\CB\F9\D3\D0\CA\FD\BE\DD\B0\FC" disabled=no new-packet-mark=\
all-mark passthrough=yes
/queue type
set default kind=pfifo name=default pfifo-limit=50
set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
set wireless-default kind=sfq name=wireless-default sfq-allot=1514 \
sfq-perturb=5
set synchronous-default kind=red name=synchronous-default red-avg-packet=1000 \
red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=\
5
add kind=pcq name=PCQUP pcq-classifier=src-address pcq-limit=50 pcq-rate=\
2000000 pcq-total-limit=2000
add kind=pcq name=PCQ6M pcq-classifier=dst-address pcq-limit=50 pcq-rate=\
8000000 pcq-total-limit=2000
add kind=pcq name=PCQ10M pcq-classifier=dst-address pcq-limit=50 pcq-rate=\
10000000 pcq-total-limit=2000
add kind=pcq name=PCQ20M pcq-classifier=dst-address pcq-limit=50 pcq-rate=\
20000000 pcq-total-limit=2000
add kind=pcq name=PCQPUP pcq-classifier=src-address pcq-limit=50 pcq-rate=\
120000 pcq-total-limit=2000
add kind=pcq name=PCQpppoe pcq-classifier=dst-address pcq-limit=50 pcq-rate=\
192000 pcq-total-limit=2000
set default-small kind=pfifo name=default-small pfifo-limit=10
/system script
add name=auto-arp policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff source=":foreach i\
\_in do={/ip arp add copy-from=\$i}"
add name=Down40M policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff source="/interface\
\_disable adsl\r\
\n\r\
\n:if ( disable ]=fal\
se ) do={/queue tree disable PCQpppoe}\r\
\n\r\
\n:if ( disable ]=false\
\_) do={/queue tree disable PCQPUP}\r\
\n\r\
\n:if ( disable ]=f\
alse ) do={/queue tree disable PCQDown45M}\r\
\n\r\
\n:if ( disable ]=f\
alse ) do={/queue tree disable PCQDown49M}\r\
\n\r\
\n:if ( disable ]=t\
rue ) do={/queue tree enable PCQDown40M}\r\
\n\r\
\n:if ( disable ]=true ) \
do={/queue tree enable p2pL}\r\
\n\r\
\n:if ( disable ]=true ) \
do={/queue tree enable p2pW}\r\
\n\r\
\n:log info \"\A1\BC\D2\D1\C7\D0\BB\BB\B3\C9 \B6\AF\CC\AC\CF\C2\D4\D8 \B8\
\DF\CB\D9\A1\BD\"}"
add name=Down45M policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff source=":if ([/que\
ue tree get disable ]=false ) do={/\
queue tree disable PCQDown35M}\r\
\n\r\
\n:if ( disable ]=f\
alse ) do={/queue tree disable PCQDown49M}\r\
\n\r\
\n:if ( disable ]=t\
rue ) do={/queue tree enable PCQDown45M}\r\
\n\r\
\n:log info \"\A1\BC\D2\D1\C7\D0\BB\BB\B3\C9 \B6\AF\CC\AC\CF\C2\D4\D8 \D6\
\D0\CB\D9\A1\BD\"}"
add name=Down49M policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff source=":if ([/que\
ue tree get disable ]=false ) do={/\
queue tree disable PCQDown35M}\r\
\n\r\
\n:if ( disable ]=f\
alse ) do={/queue tree disable PCQDown45M}\r\
\n\r\
\n:if ( disable ]=t\
rue ) do={/queue tree enable PCQDown49M}\r\
\n\r\
\n:log info \"\A1\BC\D2\D1\C7\D0\BB\BB\B3\C9 \B6\AF\CC\AC\CF\C2\D4\D8 \B5\
\CD\CB\D9\A1\BD\"}"
add name=PPPOE policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\
/interface enable adsl\r\
\n\r\
\n:if ( disable ]=false )\
\_do={/queue tree disable p2pL}\r\
\n\r\
\n:if ( disable ]=false )\
\_do={/queue tree disable p2pW}\r\
\n\r\
\n:if ( disable ]=f\
alse ) do={/queue tree disable PCQDown40M}\r\
\n\r\
\n:if ( disable ]=false \
) do={/queue tree disable PCQUP}\r\
\n\r\
\n:if ( disable ]=f\
alse ) do={/queue tree disable PCQDown45M}\r\
\n\r\
\n:if ( disable ]=f\
alse ) do={/queue tree disable PCQDown49M}\r\
\n\r\
\n:if ( disable ]=true \
) do={/queue tree enable PCQPUP}\r\
\n\r\
\n:if ( disable ]=tru\
e ) do={/queue tree enable PCQpppoe}\r\
\n\r\
\n:log info \"\A1\BC\D2\D1\C7\D0\BB\BB\B3\C9 \B6\AF\CC\AC\CF\C2\D4\D8 ADSL\
\A1\BD\"}"
add name=TCP/IP policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\
:for i from=1 to=253 do={/ip firewall filter add chain=forward src-address\
=(\"192.168.0.\" . \$i) protocol=tcp connection-limit=200,32 action=drop}"
add name=server policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\
:for i from=240 to=253 do={/queue simple add name=(\"A\" . \$i) dst-addres\
s=(\"192.168.0.\". \$i) max-limit=400000/200000 interface=all disabled=no}\
\r\
\n"
/tool traffic-monitor
add comment="" disabled=no interface=wan name=WanDown40M on-event=Down40M \
threshold=40000000 traffic=received trigger=below
add comment="" disabled=no interface=wan name=WanDown45M on-event=Down45M \
threshold=40000000 traffic=received trigger=above
add comment="" disabled=no interface=wan name=WanDown49M on-event=Down49M \
threshold=48000000 traffic=received trigger=above
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=4M \
max-limit=4M name=p2pW packet-mark=p2p parent=wan priority=8 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 \
max-limit=0 name=PCQUP packet-mark=all-mark parent=global-out priority=8 \
queue=PCQUP
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 \
max-limit=0 name=PCQDown40M packet-mark=all-mark parent=global-in \
priority=8 queue=PCQ20M
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 \
max-limit=0 name=PCQDown45M packet-mark=all-mark parent=global-in \
priority=8 queue=PCQ10M
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 \
max-limit=0 name=PCQDown49M packet-mark=all-mark parent=global-in \
priority=8 queue=PCQ6M
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=PCQPUP packet-mark=all-mark parent=global-out priority=8 \
queue=PCQPUP
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=PCQpppoe packet-mark=all-mark parent=global-in priority=\
8 queue=PCQpppoe
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=4M \
max-limit=4M name=p2pL packet-mark=p2p parent=lan priority=8 queue=\
default
/tool netwatch
add comment="" disabled=no down-script=PPPOE host=60.170.89.74 interval=5s \
timeout=1s up-script=Down40M
页:
[1]