PPPEO另类绝杀P2P下载，Queue基本不用了

wt020

# may/06/2009 09:55:12 by routeros 3.22

/ip firewall address-list
add address=128.0.0.0/1 comment="" disabled=no list=All-WAN
add address=64.0.0.0/2 comment="" disabled=no list=All-WAN
add address=32.0.0.0/3 comment="" disabled=no list=All-WAN
add address=16.0.0.0/4 comment="" disabled=no list=All-WAN


/ip firewall filter
add action=drop chain=forward comment=DROP-ICMP disabled=no dst-address=\
    0.0.0.0/0 packet-size=300-1500 protocol=icmp src-address=192.168.0.0/16
add action=drop chain=forward comment="" disabled=no dst-address-list=All-WAN \
    dst-port=!53 protocol=udp src-address=192.168.0.0/16
add action=drop chain=forward comment="" disabled=no dst-port=15000,15001 \
    protocol=udp time=20h-23h,sun,mon,tue,wed,thu,fri,sat
add action=drop chain=input comment="\CE\DE\D0\A7\C1\B4\BD\D3" \
    connection-state=invalid disabled=no
add action=drop chain=input comment="\B6\CB\BF\DA\C9\A8\C3\E8" disabled=no \
    protocol=tcp psd=21,3s,3,1
add action=drop chain=forward comment=DROP-TCP-P2P disabled=no \
    dst-address-list=All-WAN dst-port=!80,443 packet-size=500-1500 protocol=\
    tcp src-address=192.168.0.0/16 src-address-list=p2p-tcp time=\
    18h-23h59m,sun,mon,tue,wed,thu,fri,sat
add action=drop chain=forward comment="DROP-TCP=30" connection-limit=30,32 \
    disabled=no dst-address-list=All-WAN dst-port=80,433 protocol=tcp \
    src-address=192.168.0.0/16 src-address-list=p2p-tcp time=\
    20h-22h59m59s,sun,mon,tue,wed,thu,fri,sat
add action=drop chain=forward comment="DROP-TCP=20" connection-limit=10,32 \
    disabled=no dst-address-list=All-WAN dst-port=!80-443 protocol=tcp \
    src-address=192.168.0.0/16 src-address-list=p2p-tcp time=\
    20h-22h59m59s,sun,mon,tue,wed,thu,fri,sat
add action=drop chain=forward comment=DROP-UDP-UP disabled=no \
    dst-address-list=All-WAN dst-port=!53,8000 packet-size=600-1500 protocol=\
    udp src-address=192.168.0.0/16 src-address-list=p2p-udp time=\
    19h-22h59m59s,sun,mon,tue,wed,thu,fri,sat
add action=drop chain=forward comment=DROP-UDP-1/2-s1 disabled=no \
    dst-address-list=All-WAN dst-port=!53,8000 protocol=udp random=50 \
    src-address=192.168.0.0/16 src-address-list=p2p-s1 time=\
    9h-23h59m59s,sun,mon,tue,wed,thu,fri,sat

/ip firewall mangle
add action=add-src-to-address-list address-list=p2p-udp address-list-timeout=\
    5m30s chain=prerouting comment=p2p-udp-LANip disabled=no \
    dst-address-list=All-WAN protocol=udp src-address=192.168.0.0/16 \
    src-address-list=p2p
add action=add-src-to-address-list address-list=p2p-tcp address-list-timeout=\
    5m30s chain=prerouting comment=p2p-tcp-LANip disabled=no \
    dst-address-list=All-WAN protocol=tcp src-address=192.168.0.0/16 \
    src-address-list=p2p
add action=add-src-to-address-list address-list=p2p-s1 address-list-timeout=\
    10m10s chain=prerouting comment=p2p-udp-max disabled=no dst-address-list=\
    All-WAN protocol=udp src-address=192.168.0.0/16 src-address-list=p2p-s


/system scheduler
add comment="" disabled=no interval=1m name=p2p-TO on-event="#PPPOE\C8\AB\D7\
    \D4\B6\AF\D6\C7\C4\DC\CF\DE\CB\D9\BD\C5\B1\BE\r\
    \n#:foreach i in=[/interface find mtu=1480] do={:put [/interface get \$i n\
    ame]}\r\
    \n#:delay 3\r\
    \n#\D1\D3\CA\B13\C3\EB\A3\AC\C8\B1\CA\A1\CE\AA1\C3\EB\r\
    \n###################################################################### \
    \r\
    \n/ip firewall address-list remove [find list=p2p]\r\
    \n/ip firewall address-list remove [find list=p2p-s]\r\
    \n:local RxCurPacket 0 \r\
    \n:local RxCurAddress 0 \r\
    \n:local RxCurUser 0 \r\
    \n:local RxCurRate 0 \r\
    \n:local TxCurRate 0 \r\
    \n:foreach i in=[/interface find mtu=1480] do={\r\
    \nint mon \$i once do={\r\
    \n:set RxCurPacket (\$\"received-packets-per-second\")\r\
    \n:set RxCurRate (\$\"received-bits-per-second\")\r\
    \n:set TxCurRate (\$\"sent-bits-per-second\")\r\
    \n:set RxCurAddress [/ppp active get \$i address]\r\
    \n:set RxCurUser [/ppp active get \$i name]\r\
    \n}\r\
    \n#:put \$RxCurPacket\r\
    \n#:put \$RxCurAddress \r\
    \n:if (\$RxCurPacket>300) do={/ip firewall address-list add list=p2p-s add\
    ress=\$RxCurAddress comment=\$RxCurUser}\r\
    \n:if (\$RxCurPacket>150) do={/ip firewall address-list add list=p2p addre\
    ss=\$RxCurAddress comment=\$RxCurUser}\r\
    \n:if ((\$RxCurRate/5)>\$TxCurRate and \$RxCurRate>200000) do={/ip firewal\
    l address-list add list=p2p address=\$RxCurAddress comment=\$RxCurUser}\r\
    \n}\r\
    \n###################################################################### c\
    omment=\$RxCurUser" start-date=jan/01/1970 start-time=00:00:00

wt020

/ip firewall filter下　这句不要：
add action=drop chain=forward comment="" disabled=no dst-address-list=All-WAN \
    dst-port=!53 protocol=udp src-address=192.168.0.0/16

tpy372

呵呵...

WGHBOY

还想做生意的就不能那么绝，技术跟着市场跑。不是这里限那里限，现在的电脑80％是娱乐用

pxyq

没了P2P，上网无意义

xugr

呵呵，看的头都晕了，最好解释下以上代码
我现在只是封了些搜索服务器的IP而已
有谁用过，效果怎样

mz138266

楼主~最好解释下以上代码。

gxhacker

ditey

feilang

到底有效吗？有没有人测试的，怎么没人回复

47771885

楼主真有幸 一堆 高级会员来看

蔡都小周

呵呵，限制P2P吃带宽严重！

tonykong

增加带宽吧？

wsb2008

///////////////