登录发现更多内容
 找回密码
 注册

QQ登录

只需一步,快速开始

搜索
返回列表 发新帖

使用教程 最新ROS动态PCQ脚本,2.X 3.X 4.X 全系列 [复制链接]

发新帖
network
三国LV2
技术中心 7386 1 2010-11-4 12:53:59

PCQ2.X
  1. / ip firewall filter
  2. add chain=output src-address=!192.168.0.0/24 protocol=icmp action=drop \
  3. comment="no net Ping" disabled=no

  5. /ip firewall mangle
  6. add action=mark-packet chain=prerouting comment="\B7\C0UDP\B9\A5\BB\F7" \
  7. disabled=no dst-port=0-65535 new-packet-mark=udp passthrough=yes \
  8. protocol=udp
  9. add action=accept chain=prerouting comment="\CD\E2\BD\D3\CF\DE\CB\D9" \
  10. connection-mark=nolimit disabled=no
  11. add action=mark-connection chain=prerouting comment=\
  12. "\C5\C5\B3\FD\B7\FE\CE\F1\C6\F7\CF\DE\CB\D9" disabled=no \
  13. new-connection-mark=nolimit passthrough=yes src-address=\
  14. 192.168.0.240-192.168.0.253
  15. add action=mark-connection chain=forward comment="P2P\CF\DE\D6\C6" disabled=\
  16. no new-connection-mark=p2pCOM p2p=all-p2p passthrough=yes
  17. add action=mark-packet chain=forward comment="P2P\CF\DE\D6\C6" \
  18. connection-mark=p2pCOM disabled=no new-packet-mark=p2p passthrough=yes
  19. add action=mark-packet chain=prerouting comment=\
  20. "\B1\EA\BC\C7\CB\F9\D3\D0\CA\FD\BE\DD\B0\FC" disabled=no new-packet-mark=\
  21. all-mark passthrough=yes

  23. /queue type
  24. set default kind=pfifo name=default pfifo-limit=50
  25. set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
  26. set wireless-default kind=sfq name=wireless-default sfq-allot=1514 \
  27. sfq-perturb=5
  28. set synchronous-default kind=red name=synchronous-default red-avg-packet=1000 \
  29. red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
  30. set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=\
  31. 5
  32. add kind=pcq name=PCQUP pcq-classifier=src-address pcq-limit=50 pcq-rate=\
  33. 2000000 pcq-total-limit=2000
  34. add kind=pcq name=PCQPUP pcq-classifier=src-address pcq-limit=50 pcq-rate=\
  35. 120000 pcq-total-limit=2000
  36. add kind=pcq name=PCQ8M pcq-classifier=dst-address pcq-limit=50 pcq-rate=\
  37. 8000000 pcq-total-limit=2000
  38. add kind=pcq name=PCQ6M pcq-classifier=dst-address pcq-limit=50 pcq-rate=\
  39. 6000000 pcq-total-limit=2000
  40. add kind=pcq name=PCQ10M pcq-classifier=dst-address pcq-limit=50 pcq-rate=\
  41. 10000000 pcq-total-limit=2000
  42. add kind=pcq name=PCQpppoe pcq-classifier=dst-address pcq-limit=50 pcq-rate=\
  43. 192000 pcq-total-limit=2000
  44. set default-small kind=pfifo name=default-small pfifo-limit=10

  46. / system script
  47. add name="server" source=":for sheng from 240 to 253 do={/queue simple add \
  48. name=\(A . \$sheng\) dst-address=\(192.168.0. . \$sheng\) \
  49. max-limit=3200000/1600000 interface=all disabled=no}" \
  50. policy=ftp,reboot,read,write,policy,test,winbox,password
  51. add name="AUTOarp" source=":foreach i in \[/ip arp find dynamic=yes \] do={/ip arp \
  52. add copy-from=\$i}" \
  53. policy=ftp,reboot,read,write,policy,test,winbox,password
  54. add name="Down40M" source="/interface disable adsl
  55. \n
  56. \n:if \(\[/queue tree \
  57. get \[/queue tree find name="PCQPUP"\] disable \]=false \) do={/queue \
  58. tree disable PCQPUP}
  59. \n
  60. \n\n\n\n\n:if \(\[/queue tree get \[/queue tree \
  61. find name="PCQpppoe"\] disable \]=false \) do={/queue tree disable \
  62. PCQpppoe}
  63. \n
  64. \n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
  65. name="PCQDown45M"\] disable \]=false \) do={/queue tree disable \
  66. PCQDown45M}
  67. \n
  68. \n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
  69. name="PCQDown49M"\] disable \]=false \) do={/queue tree disable \
  70. PCQDown49M}
  71. \n
  72. \n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
  73. name="PCQDown40M"\] disable \]=true \) do={/queue tree enable \
  74. PCQDown40M}
  75. \n
  76. \n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
  77. name="PCQUP"\] disable \]=true \) do={/queue tree enable \
  78. PCQUP}\n\n\n\n
  79. \n
  80. \n:if \(\[/queue tree get \[/queue tree find \
  81. name="p2pL"\] disable \]=true \) do={/queue tree enable \
  82. p2pL}
  83. \n
  84. \n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
  85. name="p2pW"\] disable \]=true \) do={/queue tree enable \
  86. p2pW}
  87. \n
  88. \n\n\n\n\n:log info {"dwon 10M"}" \
  89. policy=ftp,reboot,read,write,policy,test,winbox,password
  90. add name="Down45M" source=":if \(\[/queue tree get \[/queue tree find \
  91. name="PCQDown40M"\] disable \]=false \) do={/queue tree disable \
  92. PCQDown40M}
  93. \n
  94. \n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
  95. name="PCQDown49M"\] disable \]=false \) do={/queue tree disable \
  96. PCQDown49M}
  97. \n
  98. \n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
  99. name="PCQDown45M"\] disable \]=true \) do={/queue tree enable \
  100. PCQDown45M}
  101. \n
  102. \n\n\n\n\n:log info {"dwon 8M"}" \
  103. policy=ftp,reboot,read,write,policy,test,winbox,password
  104. add name="Down49M" source=":if \(\[/queue tree get \[/queue tree find \
  105. name="PCQDown40M"\] disable \]=false \) do={/queue tree disable \
  106. PCQDown40M}
  107. \n
  108. \n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
  109. name="PCQDown45M"\] disable \]=false \) do={/queue tree disable \
  110. PCQDown45M}
  111. \n
  112. \n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
  113. name="PCQDown49M"\] disable \]=true \) do={/queue tree enable \
  114. PCQDown49M}
  115. \n
  116. \n\n\n\n\n:log info {"dwon 6M"}" \
  117. policy=ftp,reboot,read,write,policy,test,winbox,password
  118. add name="PPPOE" source="/interface enable adsl
  119. \n
  120. \n:if \(\[/queue tree get \
  121. \[/queue tree find name="PCQDown40M"\] disable \]=false \) do={/queue \
  122. tree disable PCQDown40M}
  123. \n
  124. \n\n\n\n\n:if \(\[/queue tree get \[/queue \
  125. tree find name="PCQDown45M"\] disable \]=false \) do={/queue tree \
  126. disable PCQDown45M}
  127. \n
  128. \n\n\n\n\n:if \(\[/queue tree get \[/queue tree \
  129. find name="PCQDown49M"\] disable \]=false \) do={/queue tree disable \
  130. PCQDown49M}
  131. \n
  132. \n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
  133. name="PCQUP"\] disable \]=false \) do={/queue tree disable \
  134. PCQUP}\n\n\n\n
  135. \n
  136. \n:if \(\[/queue tree get \[/queue tree find \
  137. name="p2pL"\] disable \]=false \) do={/queue tree disable \
  138. p2pL}
  139. \n
  140. \n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
  141. name="p2pW"\] disable \]=false \) do={/queue tree disable \
  142. p2pW}\n\n\n\n
  143. \n
  144. \n:if \(\[/queue tree get \[/queue tree find \
  145. name="PCQpppoe"\] disable \]=true \) do={/queue tree enable \
  146. PCQpppoe}
  147. \n
  148. \n\n\n\n\n:if \(\[/queue tree get \[/queue tree find \
  149. name="PCQPUP"\] disable \]=true \) do={/queue tree enable \
  150. PCQPUP}
  151. \n
  152. \n\n\n\n\n:log info {"down ADSL"}" \
  153. policy=ftp,reboot,read,write,policy,test,winbox,password


  156. / tool traffic-monitor
  157. add name="WanDown40M" interface=wan traffic=received trigger=below \
  158. threshold=40000000 on-event=Down40M comment="" disabled=no
  159. add name="WanDown45M" interface=wan traffic=received trigger=above \
  160. threshold=45000000 on-event=Down45M comment="" disabled=no
  161. add name="WanDown49M" interface=wan traffic=received trigger=above \
  162. threshold=49000000 on-event=Down49M comment="" disabled=no

  164. / queue tree
  165. add name="p2pW" parent=wan packet-mark=p2p limit-at=4000000 queue=default \
  166. priority=8 max-limit=4000000 burst-limit=0 burst-threshold=0 burst-time=0s \
  167. disabled=yes
  168. add name="p2pL" parent=lan packet-mark=p2p limit-at=4000000 queue=default \
  169. priority=8 max-limit=4000000 burst-limit=0 burst-threshold=0 burst-time=0s \
  170. disabled=yes
  171. add name="PCQUP" parent=global-out packet-mark=all-mark limit-at=0 queue=PCQUP \
  172. priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
  173. disabled=yes
  174. add name="PCQPUP" parent=global-in packet-mark=all-mark limit-at=0 \
  175. queue=PCQPUP priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
  176. burst-time=0s disabled=no
  177. add name="PCQDown40M" parent=global-in packet-mark=all-mark limit-at=0 \
  178. queue=PCQ10M priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
  179. burst-time=0s disabled=yes
  180. add name="PCQDown45M" parent=global-in packet-mark=all-mark limit-at=0 \
  181. queue=PCQ8M priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
  182. burst-time=0s disabled=yes
  183. add name="PCQDown49M" parent=global-in packet-mark=all-mark limit-at=0 \
  184. queue=PCQ6M priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
  185. burst-time=0s disabled=yes
  186. add name="PCQpppoe" parent=global-in packet-mark=all-mark limit-at=0 \
  187. queue=PCQpppoe priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
  188. burst-time=0s disabled=no

  190. / tool netwatch
  191. add host=60.170.90.149 timeout=1s interval=5s up-script=Down40M \
  192. down-script=PPPOE comment="" disabled=no

  194. :for i from=1 to=253 do={/ip firewall filter add chain=forward src-address=("192.168.0." . $i) protocol=tcp connection-limit=200,32 action=drop}
复制代码



使用道具 举报

network 楼主

举报

2010-11-4 12:56:45

ROS3.X-4.X PCQ


  1. /ip firewall filter
  2. add action=drop chain=output comment="no net Ping" disabled=no protocol=icmp \
  3. src-address=!192.168.0.0/24

  5. /ip firewall mangle
  6. add action=mark-packet chain=prerouting comment="\B7\C0UDP\B9\A5\BB\F7" \
  7. disabled=no dst-port=0-65535 new-packet-mark=udp passthrough=yes \
  8. protocol=udp
  9. add action=accept chain=prerouting comment="\CD\E2\BD\D3\CF\DE\CB\D9" \
  10. connection-mark=nolimit disabled=no
  11. add action=mark-connection chain=prerouting comment=\
  12. "\C5\C5\B3\FD\B7\FE\CE\F1\C6\F7\CF\DE\CB\D9" disabled=no \
  13. new-connection-mark=nolimit passthrough=yes src-address=\
  14. 192.168.0.240-192.168.0.253
  15. add action=mark-connection chain=forward comment="P2P\CF\DE\D6\C6" disabled=\
  16. no new-connection-mark=p2pCOM p2p=all-p2p passthrough=yes
  17. add action=mark-packet chain=forward comment="P2P\CF\DE\D6\C6" \
  18. connection-mark=p2pCOM disabled=no new-packet-mark=p2p passthrough=yes
  19. add action=mark-packet chain=prerouting comment=\
  20. "\B1\EA\BC\C7\CB\F9\D3\D0\CA\FD\BE\DD\B0\FC" disabled=no new-packet-mark=\
  21. all-mark passthrough=yes

  23. /queue type
  24. set default kind=pfifo name=default pfifo-limit=50
  25. set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
  26. set wireless-default kind=sfq name=wireless-default sfq-allot=1514 \
  27. sfq-perturb=5
  28. set synchronous-default kind=red name=synchronous-default red-avg-packet=1000 \
  29. red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
  30. set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=\
  31. 5
  32. add kind=pcq name=PCQUP pcq-classifier=src-address pcq-limit=50 pcq-rate=\
  33. 2000000 pcq-total-limit=2000
  34. add kind=pcq name=PCQ6M pcq-classifier=dst-address pcq-limit=50 pcq-rate=\
  35. 8000000 pcq-total-limit=2000
  36. add kind=pcq name=PCQ10M pcq-classifier=dst-address pcq-limit=50 pcq-rate=\
  37. 10000000 pcq-total-limit=2000
  38. add kind=pcq name=PCQ20M pcq-classifier=dst-address pcq-limit=50 pcq-rate=\
  39. 20000000 pcq-total-limit=2000
  40. add kind=pcq name=PCQPUP pcq-classifier=src-address pcq-limit=50 pcq-rate=\
  41. 120000 pcq-total-limit=2000
  42. add kind=pcq name=PCQpppoe pcq-classifier=dst-address pcq-limit=50 pcq-rate=\
  43. 192000 pcq-total-limit=2000
  44. set default-small kind=pfifo name=default-small pfifo-limit=10

  46. /system script
  47. add name=auto-arp policy=\
  48. ftp,reboot,read,write,policy,test,winbox,password,sniff source=":foreach i\
  49. \_in [/ip arp find dynamic=yes ] do={/ip arp add copy-from=\$i}"
  50. add name=Down40M policy=\
  51. ftp,reboot,read,write,policy,test,winbox,password,sniff source="/interface\
  52. \_disable adsl\r\
  53. \n\r\
  54. \n:if ([/queue tree get [/queue tree find name="PCQpppoe"] disable ]=fal\
  55. se ) do={/queue tree disable PCQpppoe}\r\
  56. \n\r\
  57. \n:if ([/queue tree get [/queue tree find name="PCQPUP"] disable ]=false\
  58. \_) do={/queue tree disable PCQPUP}\r\
  59. \n\r\
  60. \n:if ([/queue tree get [/queue tree find name="PCQDown45M"] disable ]=f\
  61. alse ) do={/queue tree disable PCQDown45M}\r\
  62. \n\r\
  63. \n:if ([/queue tree get [/queue tree find name="PCQDown49M"] disable ]=f\
  64. alse ) do={/queue tree disable PCQDown49M}\r\
  65. \n\r\
  66. \n:if ([/queue tree get [/queue tree find name="PCQDown40M"] disable ]=t\
  67. rue ) do={/queue tree enable PCQDown40M}\r\
  68. \n\r\
  69. \n:if ([/queue tree get [/queue tree find name="p2pL"] disable ]=true ) \
  70. do={/queue tree enable p2pL}\r\
  71. \n\r\
  72. \n:if ([/queue tree get [/queue tree find name="p2pW"] disable ]=true ) \
  73. do={/queue tree enable p2pW}\r\
  74. \n\r\
  75. \n:log info "\A1\BC\D2\D1\C7\D0\BB\BB\B3\C9 \B6\AF\CC\AC\CF\C2\D4\D8 \B8\
  76. \DF\CB\D9\A1\BD"}"
  77. add name=Down45M policy=\
  78. ftp,reboot,read,write,policy,test,winbox,password,sniff source=":if ([/que\
  79. ue tree get [/queue tree find name="PCQDown35M"] disable ]=false ) do={/\
  80. queue tree disable PCQDown35M}\r\
  81. \n\r\
  82. \n:if ([/queue tree get [/queue tree find name="PCQDown49M"] disable ]=f\
  83. alse ) do={/queue tree disable PCQDown49M}\r\
  84. \n\r\
  85. \n:if ([/queue tree get [/queue tree find name="PCQDown45M"] disable ]=t\
  86. rue ) do={/queue tree enable PCQDown45M}\r\
  87. \n\r\
  88. \n:log info "\A1\BC\D2\D1\C7\D0\BB\BB\B3\C9 \B6\AF\CC\AC\CF\C2\D4\D8 \D6\
  89. \D0\CB\D9\A1\BD"}"
  90. add name=Down49M policy=\
  91. ftp,reboot,read,write,policy,test,winbox,password,sniff source=":if ([/que\
  92. ue tree get [/queue tree find name="PCQDown35M"] disable ]=false ) do={/\
  93. queue tree disable PCQDown35M}\r\
  94. \n\r\
  95. \n:if ([/queue tree get [/queue tree find name="PCQDown45M"] disable ]=f\
  96. alse ) do={/queue tree disable PCQDown45M}\r\
  97. \n\r\
  98. \n:if ([/queue tree get [/queue tree find name="PCQDown49M"] disable ]=t\
  99. rue ) do={/queue tree enable PCQDown49M}\r\
  100. \n\r\
  101. \n:log info "\A1\BC\D2\D1\C7\D0\BB\BB\B3\C9 \B6\AF\CC\AC\CF\C2\D4\D8 \B5\
  102. \CD\CB\D9\A1\BD"}"
  103. add name=PPPOE policy=\
  104. ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\
  105. /interface enable adsl\r\
  106. \n\r\
  107. \n:if ([/queue tree get [/queue tree find name="p2pL"] disable ]=false )\
  108. \_do={/queue tree disable p2pL}\r\
  109. \n\r\
  110. \n:if ([/queue tree get [/queue tree find name="p2pW"] disable ]=false )\
  111. \_do={/queue tree disable p2pW}\r\
  112. \n\r\
  113. \n:if ([/queue tree get [/queue tree find name="PCQDown40M"] disable ]=f\
  114. alse ) do={/queue tree disable PCQDown40M}\r\
  115. \n\r\
  116. \n:if ([/queue tree get [/queue tree find name="PCQUP"] disable ]=false \
  117. ) do={/queue tree disable PCQUP}\r\
  118. \n\r\
  119. \n:if ([/queue tree get [/queue tree find name="PCQDown45M"] disable ]=f\
  120. alse ) do={/queue tree disable PCQDown45M}\r\
  121. \n\r\
  122. \n:if ([/queue tree get [/queue tree find name="PCQDown49M"] disable ]=f\
  123. alse ) do={/queue tree disable PCQDown49M}\r\
  124. \n\r\
  125. \n:if ([/queue tree get [/queue tree find name="PCQPUP"] disable ]=true \
  126. ) do={/queue tree enable PCQPUP}\r\
  127. \n\r\
  128. \n:if ([/queue tree get [/queue tree find name="PCQpppoe"] disable ]=tru\
  129. e ) do={/queue tree enable PCQpppoe}\r\
  130. \n\r\
  131. \n:log info "\A1\BC\D2\D1\C7\D0\BB\BB\B3\C9 \B6\AF\CC\AC\CF\C2\D4\D8 ADSL\
  132. \A1\BD"}"
  133. add name=TCP/IP policy=\
  134. ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\
  135. :for i from=1 to=253 do={/ip firewall filter add chain=forward src-address\
  136. =("192.168.0." . \$i) protocol=tcp connection-limit=200,32 action=drop}"
  137. add name=server policy=\
  138. ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\
  139. :for i from=240 to=253 do={/queue simple add name=("A" . \$i) dst-addres\
  140. s=("192.168.0.". \$i) max-limit=400000/200000 interface=all disabled=no}\
  141. \r\
  142. \n"

  144. /tool traffic-monitor
  145. add comment="" disabled=no interface=wan name=WanDown40M on-event=Down40M \
  146. threshold=40000000 traffic=received trigger=below
  147. add comment="" disabled=no interface=wan name=WanDown45M on-event=Down45M \
  148. threshold=40000000 traffic=received trigger=above
  149. add comment="" disabled=no interface=wan name=WanDown49M on-event=Down49M \
  150. threshold=48000000 traffic=received trigger=above

  152. /queue tree
  153. add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=4M \
  154. max-limit=4M name=p2pW packet-mark=p2p parent=wan priority=8 queue=\
  155. default
  156. add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 \
  157. max-limit=0 name=PCQUP packet-mark=all-mark parent=global-out priority=8 \
  158. queue=PCQUP
  159. add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 \
  160. max-limit=0 name=PCQDown40M packet-mark=all-mark parent=global-in \
  161. priority=8 queue=PCQ20M
  162. add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 \
  163. max-limit=0 name=PCQDown45M packet-mark=all-mark parent=global-in \
  164. priority=8 queue=PCQ10M
  165. add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 \
  166. max-limit=0 name=PCQDown49M packet-mark=all-mark parent=global-in \
  167. priority=8 queue=PCQ6M
  168. add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
  169. max-limit=0 name=PCQPUP packet-mark=all-mark parent=global-out priority=8 \
  170. queue=PCQPUP
  171. add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
  172. max-limit=0 name=PCQpppoe packet-mark=all-mark parent=global-in priority=\
  173. 8 queue=PCQpppoe
  174. add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=4M \
  175. max-limit=4M name=p2pL packet-mark=p2p parent=lan priority=8 queue=\
  176. default

  178. /tool netwatch
  179. add comment="" disabled=no down-script=PPPOE host=60.170.89.74 interval=5s \
  180. timeout=1s up-script=Down40M

复制代码

回复 支持 反对
您需要登录后才可以回帖 立即登录
高级模式
返回
统计信息
  • 会员数: 29041 个
  • 话题数: 9627 篇
  • 巅峰数: 5500 人
联系QQ925477310 客服邮箱 ad@583go.com
Copyright © 网吧三国 Powered by 583go