您的位置:360文档中心› 常用常见的ROS脚本(实用版)

常用常见的ROS脚本(实用版)

用ROS软路由的朋友应该对ROS都比较熟悉吧,也有一些刚接触ROS不久和感兴趣的网管朋友会对ROS脚本有兴趣,今天在这边就特别的为我们常见的ROS脚本做一个专门的汇总,希望能给诸位接触ROS路由的网管朋友一些帮助。

ROS脚本的使用方法很简单,我们打开winbox工具,然后在“系统”中选择“脚本”之后点那个加号“+”,然后在“来源”输入框里把一些常用的 ROS脚本粘贴过去,点“ok”就OK拉。记得在选中脚本后要点"运行"按钮

现在就一起来分享一下一些大家很常见的ROS脚本。

ROS脚本之重启路由脚本:
/sy reboot

ROS脚本之生成备份脚本:
/ system backup save name=BOBO

ROS脚本之生成还原脚本:
/ system backup load name=BOBO

ROS脚本之更改MMS为1452脚本:
/ ip firewall mangle add chain=forward protocol=tcp tcp-flags=syn action=change-mss new-mss=1452

MTU的值是1492


ROS脚本之批量绑定ARP:
:foreach BOBO in=[/ip arp find dynamic=yes ] do=[/ip arp add copy-from=$BOBO]

ROS脚本之批量解除ARP:
:foreach BOBO in [/ip arp find] do={/ip arp remove $BOBO}

ROS脚本之防3波:
/ ip firewall filter
add chain=forward protocol=tcp dst-port=135-139 action=drop comment="No 3B"

ROS脚本之禁止外网PING路由:
/ ip firewall filter add chain=output protocol=icmp action=drop comment="No Ping"

ROS脚本之禁止QQ直播:
/ ip firewall filter
add chain=forward protocol=udp dst-port=13000-14000 action=drop comment="No QQLive"

ROS脚本之禁止P2P:
/ ip firewall filter
add chain=forward protocol=tcp dst-port=4661-4662 action=drop comment="No Emule"
add chain=forward protocol=tcp dst-port=4242 action=drop
add chain=forward dst-address=62.241.53.15 action=drop

ROS脚本之禁止BT下载:
/ ip firewall filter
add chain=forward protocol=tcp dst-port=16881 action=drop comment="No BitSpirit"

ROS脚本之禁止PPlive网络电视:
/ ip firewall filter
add chain=forward protocol=tcp dst-port=8008 action=drop comment="No PPlive TV"
add chain=forward protocol=udp dst-port=4004 action=drop
add chain=forward dst-address=218.108.237.11 action=drop

ROS脚本之禁止哇嘎下载:
/ ip firewall filter
add chain=forward content=https://www.360docs.net/doc/f617610179.html, action=reject comment="No VaGaa"
add chain=forward content=https://www.360docs.net/doc/f617610179.html, action=reject
add chain=forward protocol=tcp dst-port=40750 action=drop
add chain=forward protocol=udp dst-port=40750 action=drop
add chain=forward protocol=tcp dst-port=2004 action=drop
add chain=forward protocol=udp dst-port=2004 action=drop
add chain=forward protocol=tcp dst-port=2005 action=drop
add chain=forward protocol=udp dst-port=2005 action=drop
add chain=forward protocol=tcp dst-port=16521 action=drop
add chain=forward protocol=udp dst-port=16521 action=drop

ROS脚本之限速脚本:
:for szwm from 11 to 250 do={/queue simple add name=(A0 . $szwm) dst-address=(192.168.1.

. $szwm) limit-at=200000/30000 max-limit=200000/30000 interface=all parent=none priority=1 queue=default/default burst-limit=500000/30000 burst-threshold=400000/30000 burst-time=10s/10s total-queue=default target-address=0.0.0.0/0 disabled=no}

ROS脚本之RouterOS监控脚本,断线报警,线路恢复自动解除报警:
在/system script里添加脚本
name=你要监控的ip
内容如下
:set i 0
:while ($i=0) do={:beep length=2s frequency=2755;:delay 5;:set a abc;\
:foreach i in=[/tool netwatch find host=你要监控的ip] \
do={:set a [/tool netwatch get $i status]};:put $a;:if($a=up) do={:set i 1}}

然后再在/tool netwatch里添加监控
host=你要监控的ip
在down里填写
/system script run 你要监控的ip
:set shendown1 [/system clock get date]
:set shendown2 [/system clock get time]
:set shendown ("你要监控的ip down " . $shendown1 . " " . $shendown2)
:log warning $shendown
ROS小包策略:
/ ip firewall mangle
add chain=forward protocol=tcp tcp-flags=syn action=change-mss new-mss=1440 comment="" disabled=no
add chain=forwar* *2*=all-p2p action=mark-connection new-connection-mark=p2p_conn passthrough=yes comment="" disabled=no
add chain=forward connection-mark=p2p_conn action=mark-packet new-packet-mark=p2p passthrough=yes comment="" disabled=no
add chain=forward connection-mark=!p2p_conn action=mark-packet new-packet-mark=general passthrough=yes comment="" disabled=no
add chain=forward packet-size=32-512 action=mark-packet new-packet-mark=small passthrough=yes comment="" disabled=no
add chain=forward packet-size=512-1200 action=mark-packet new-packet-mark=big passthrough=yes comment="" disabled=no
/ queue tree
add name="p2p1" parent=wan packet-mark=p2p limit-at=600000 queue=default priority=8 max-limit=800000 burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
add name="p2p2" parent=lan packet-mark=p2p limit-at=800000 queue=default priority=8 max-limit=600000 burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
add name="ClassA" parent=lan packet-mark="" limit-at=0 queue=default priority=8 max-limit=100000000 burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
add name="ClassB" parent=ClassA packet-mark="" limit-at=0 queue=default priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
add name="Leaf1" parent=ClassA packet-mark=general limit-at=0 queue=default priority=7 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
add name="Leaf2" parent=ClassB packet-mark=small limit-at=0 queue=default priority=5 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
add name="Leaf3" parent=ClassB packet-mark=big limit-at=0 queue=default priority=6 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s disabled=no


ROS脚本之ROS封杀常用P2P策略脚本:
/ ip firewall filter
add chain=input protocol=udp dst-port=137-138 action=drop comment="drop udp137-138"
# 讯雷
add chain=forward pro

tocol=tcp dst-port=3076-3079 action=drop comment="downTools Xunlei" disabled=yes
add chain=forward dst-address=202.96.155.91/32 action=drop
add chain=forward dst-address=210.22.12.53/32 action=drop
add chain=forward dst-address=61.128.198.97/32 action=drop
# 电骡
add chain=forward protocol=tcp dst-port=4661 action=drop comment="downP2P VeryCD"
add chain=forward protocol=tcp dst-port=4662 action=drop
add chain=forward protocol=tcp dst-port=4242 action=drop
add chain=forward dst-address=62.241.53.15/32 action=drop
# 屁屁狗(PPGOU)
add chain=forward protocol=tcp dst-port=8505 action=drop comment="downTools PPGOU"
add chain=forward dst-address=219.153.0.152/32 action=drop
add chain=forward dst-address=61.145.116.186/32 action=drop
# KUGO酷狗
add chain=forward protocol=tcp dst-port=3318 action=drop comment="downMP3 KUGO" disabled=yes
add chain=forward protocol=tcp dst-port=1043 action=drop disabled=yes
add chain=forward protocol=tcp dst-port=4224 action=drop disabled=yes
add chain=forward protocol=tcp dst-port=2371 action=drop disabled=yes
add chain=forward protocol=udp dst-port=7000 action=drop disabled=yes
add chain=forward dst-address=218.16.125.227/32 action=drop disabled=yes
add chain=forward dst-address=61.143.210.56/32 action=drop disabled=yes
add chain=forward dst-address=218.16.125.226/32 action=drop disabled=yes
add chain=forward dst-address=61.129.115.206/32 action=drop disabled=yes
add chain=forward dst-address=61.145.114.33/32 action=drop disabled=yes
# RF online
add chain=forward dst-address=218.30.85.16/32 dst-port=8888 action=accept comment="RF online"
add chain=forward dst-address=59.34.215.133/32 dst-port=8888 action=accept
add chain=forward dst-address=60.28.26.66/32 dst-port=8888 action=accept
# 比特精灵
add chain=forward protocol=tcp dst-port=16881 action=drop comment="downP2P BitSpirit"
add chain=forward protocol=tcp dst-port=6881-6890 action=drop
add chain=forward protocol=tcp dst-port=8881-8890 action=drop
add chain=forward protocol=udp dst-port=16881 action=drop
add chain=forward protocol=udp dst-port=6881-6890 action=drop
add chain=forward protocol=udp dst-port=8881-8890 action=drop
# 宝酷
add chain=forward protocol=tcp dst-port=6346 action=drop comment="downP2P BaoCue"
add chain=forward protocol=tcp dst-port=11300 action=drop
add chain=forward dst-address=61.172.197.196/32 action=drop
add chain=forward dst-address=218.1.14.3/32 action=drop
add chain=forward dst-address=218.1.14.4/32 action=drop
add chain=forward dst-address=218.1.14.9/32 action=drop
add chain=forward dst-address=61.172.197.209/32 action=drop
add chain=forward dst-address=61.172.197.197/32 action=drop
add chain=forward dst-address=218.1.14.5/32 action=drop
add chain=forward dst-address=218.5.72.118/32 action=drop
add chain=forward dst-address=61.172.197.196/32 action=drop
# 百事通下载工具
add chain=forward dst-address=61.145.126.150/32 action=drop comment="downP2P Bai****ong"
# 百度MP3下


add chain=forward dst-address=202.108.156.206/32 action=drop comment="downMP3 BaiDuMP3" disabled=yes
# PTC下载工具
add chain=forward protocol=tcp dst-port=50007 action=drop comment="downP2P PTCdown"
# eDonkey2000下载工具
add chain=forward protocol=tcp dst-port=4371 action=drop comment="downP2P eDonkey2000"
add chain=forward protocol=tcp dst-port=4662 action=drop
add chain=forward dst-address=62.241.53.15/32 action=drop
add chain=forward dst-address=62.241.53.17/32 action=drop
# Poco2005
add chain=forward protocol=udp src-port=8094 action=drop comment="downP2P Poco2005"
add chain=forward protocol=tcp dst-port=2881 action=drop
add chain=forward protocol=tcp dst-port=5354 action=drop
add chain=forward dst-address=61.145.118.224/32 action=drop
add chain=forward dst-address=210.192.122.147/32 action=drop
add chain=forward dst-address=207.46.196.108/32 action=drop
# 卡盟
add chain=forward protocol=tcp dst-port=3751 action=drop comment="downP2P KAMUN"
add chain=forward protocol=tcp dst-port=3753 action=drop
add chain=forward protocol=tcp dst-port=4772 action=drop
add chain=forward protocol=tcp dst-port=4774 action=drop
add chain=forward dst-address=211.155.224.67/32 action=drop
# 维宇RealLink
add chain=forward dst-address=211.91.135.114/32 action=drop comment="downP2P RealLink"
add chain=forward dst-address=221.233.18.180/32 action=drop
add chain=forward dst-address=61.145.119.55/32 action=drop
add chain=forward dst-address=221.3.132.99/32 action=drop
# 百宝
add chain=forward protocol=tcp dst-port=3468 action=drop comment="downP2P 100bao"
add chain=forward dst-address=219.136.251.56/32 action=drop
add chain=forward dst-address=61.149.124.173/32 action=drop
# 百花PP
add chain=forward protocol=tcp dst-port=5093 action=drop comment="downP2P BaiHua"
add chain=forward dst-address=221.229.241.243/32 action=drop
# 快递通
add chain=forward dst-address=202.96.137.56/32 action=drop comment="downP2P KDT"
# 酷乐
add chain=forward protocol=tcp dst-port=6800-6801 action=drop comment="downMP3 Kuro"
add chain=forward protocol=tcp dst-port=7003 action=drop
add chain=forward dst-address=218.244.45.67/32 action=drop
add chain=forward dst-address=220.169.192.145/32 action=drop
# 百度下吧
add chain=forward protocol=tcp dst-port=11000 action=drop comment="downP2P BaiDuXiaBa" disabled=yes
add chain=forward dst-address=202.108.249.171/32 action=drop
# 百兆P2P
add chain=forward protocol=tcp dst-port=9000 action=drop comment="downP2P baizhaoP2P"
add chain=forward dst-address=221.233.19.30/32 action=drop
# 石头(OPENEXT)
add chain=forward protocol=tcp dst-port=5467 action=drop comment="downP2P OPENEXT"
add chain=forward protocol=tcp dst-port=2500 action=drop
add chain=forward protocol=tcp dst-port=4173 action=drop
add chain=forward protocol=tcp dst-port=10002 action=drop
add chain=forward protocol=tcp dst-port=10003 action=drop
add chain=forward dst-address=66.197.13.166/32 action=drop
add chain=f

orward dst-address=210.22.12.245/32 action=drop
add chain=forward dst-address=69.93.222.56/32 action=drop
# iLink 1.1
add chain=forward protocol=tcp dst-port=5000 action=drop comment="downP2P iLink"
# DDS
add chain=forward protocol=tcp dst-port=11608 action=drop comment="downP2P DDS"
add chain=forward dst-address=210.51.168.13/32 action=drop
add chain=forward dst-address=211.157.105.252/32 action=drop
add chain=forward dst-address=212.179.66.17/32 action=drop
# iMesh 5
add chain=forward protocol=tcp dst-port=4662 action=drop comment="downP2P iMesh 5"
add chain=forward dst-address=212.179.66.17/32 action=drop
add chain=forward dst-address=212.179.66.24/32 action=drop
add chain=forward dst-address=38.117.175.23/32 action=drop
# winmx
add chain=forward protocol=tcp dst-port=5690 action=drop comment="downP2P winmx"
add chain=forward dst-address=64.246.15.43/32 action=drop
# 网酷
add chain=forward protocol=tcp dst-port=2122 action=drop comment="downP2P netcool"
add chain=forward dst-address=211.152.22.9/32 action=drop
add chain=forward dst-address=211.152.22.101/32 action=drop
add chain=forward dst-address=221.192.132.29/32 action=drop
# PPlive网络电视
add chain=forward protocol=tcp dst-port=8008 action=drop comment="P2PTV PPlive"
add chain=forward protocol=udp dst-port=4004 action=drop
# QQ直播
add chain=forward protocol=udp dst-port=13002-13999 action=drop comment="P2PTV QQ" disabled=yes


还有ROS脚本里一些常用的:
/ ip firewall connection {:foreach r in=[find] do={remove $r}} 删除所有连接

:foreach i in=[/ip firewall filter find action=drop ] do=[/ip firewall filter disable $i] disable防火墙规则

firewall connection tracking syn sendtime 设置成50 rectime 设置成30 减轻syn攻击

/system scheduler add name=reboot interval=24h start-time=06:59:00 on-event={/system reboot} disabled=no 定时重起

/ip route set [/ip route find dst-address=0.0.0.0/0] gateway=xxx.xxx.xxx.xxx 改变默认网关

/queue simple remove [find] 删除所有Simple Queues

:foreach i in=[/ip arp find dynamic=yes ] do={/ip arp add copy-from=$i} ARP绑定(静态ARP)


ROS脚本之每个IP加一个simple queue的脚本

:foreach i in [/queue simple find] \
do {:put (deleting . ... . [/queue simple get $i name]);
queue simple remove $i;}

for i from 1 to 254 \
do { \
:if ($i!=100) \
do {/queue simple add \
name=(queue . $i) \
limit-at=128000/128000 \
burst-threshold=384000/192000 \
max-limit=512000/256000 \
burst-limit=2000000/512000 \
burst-time=16s/8s \
dst-address=(192.168.0. . $i); \
:put (192.168.0. . $i . ... . added)} \
}

参与讨论分享一些大家常用常见的ROS脚本

相关主题
相关文档
最新文档