wt020 发表于 2009-5-6 10:26:56

PPPEO另类绝杀P2P下载,Queue基本不用了

# may/06/2009 09:55:12 by RouterOS 3.22

/ip firewall address-list
add address=128.0.0.0/1 comment="" disabled=no list=All-WAN
add address=64.0.0.0/2 comment="" disabled=no list=All-WAN
add address=32.0.0.0/3 comment="" disabled=no list=All-WAN
add address=16.0.0.0/4 comment="" disabled=no list=All-WAN


/ip firewall filter
add action=drop chain=forward comment=DROP-ICMP disabled=no dst-address=\
    0.0.0.0/0 packet-size=300-1500 protocol=icmp src-address=192.168.0.0/16
add action=drop chain=forward comment="" disabled=no dst-address-list=All-WAN \
    dst-port=!53 protocol=udp src-address=192.168.0.0/16
add action=drop chain=forward comment="" disabled=no dst-port=15000,15001 \
    protocol=udp time=20h-23h,sun,mon,tue,wed,thu,fri,sat
add action=drop chain=input comment="\CE\DE\D0\A7\C1\B4\BD\D3" \
    connection-state=invalid disabled=no
add action=drop chain=input comment="\B6\CB\BF\DA\C9\A8\C3\E8" disabled=no \
    protocol=tcp psd=21,3s,3,1
add action=drop chain=forward comment=DROP-TCP-P2P disabled=no \
    dst-address-list=All-WAN dst-port=!80,443 packet-size=500-1500 protocol=\
    tcp src-address=192.168.0.0/16 src-address-list=p2p-tcp time=\
    18h-23h59m,sun,mon,tue,wed,thu,fri,sat
add action=drop chain=forward comment="DROP-TCP=30" connection-limit=30,32 \
    disabled=no dst-address-list=All-WAN dst-port=80,433 protocol=tcp \
    src-address=192.168.0.0/16 src-address-list=p2p-tcp time=\
    20h-22h59m59s,sun,mon,tue,wed,thu,fri,sat
add action=drop chain=forward comment="DROP-TCP=20" connection-limit=10,32 \
    disabled=no dst-address-list=All-WAN dst-port=!80-443 protocol=tcp \
    src-address=192.168.0.0/16 src-address-list=p2p-tcp time=\
    20h-22h59m59s,sun,mon,tue,wed,thu,fri,sat
add action=drop chain=forward comment=DROP-UDP-UP disabled=no \
    dst-address-list=All-WAN dst-port=!53,8000 packet-size=600-1500 protocol=\
    udp src-address=192.168.0.0/16 src-address-list=p2p-udp time=\
    19h-22h59m59s,sun,mon,tue,wed,thu,fri,sat
add action=drop chain=forward comment=DROP-UDP-1/2-s1 disabled=no \
    dst-address-list=All-WAN dst-port=!53,8000 protocol=udp random=50 \
    src-address=192.168.0.0/16 src-address-list=p2p-s1 time=\
    9h-23h59m59s,sun,mon,tue,wed,thu,fri,sat

/ip firewall mangle
add action=add-src-to-address-list address-list=p2p-udp address-list-timeout=\
    5m30s chain=prerouting comment=p2p-udp-LANip disabled=no \
    dst-address-list=All-WAN protocol=udp src-address=192.168.0.0/16 \
    src-address-list=p2p
add action=add-src-to-address-list address-list=p2p-tcp address-list-timeout=\
    5m30s chain=prerouting comment=p2p-tcp-LANip disabled=no \
    dst-address-list=All-WAN protocol=tcp src-address=192.168.0.0/16 \
    src-address-list=p2p
add action=add-src-to-address-list address-list=p2p-s1 address-list-timeout=\
    10m10s chain=prerouting comment=p2p-udp-max disabled=no dst-address-list=\
    All-WAN protocol=udp src-address=192.168.0.0/16 src-address-list=p2p-s


/system scheduler
add comment="" disabled=no interval=1m name=p2p-TO on-event="#PPPOE\C8\AB\D7\
    \D4\B6\AF\D6\C7\C4\DC\CF\DE\CB\D9\BD\C5\B1\BE\r\
    \n#:foreach i in= do={:put [/interface get \$i n\
    ame]}\r\
    \n#:delay 3\r\
    \n#\D1\D3\CA\B13\C3\EB\A3\AC\C8\B1\CA\A1\CE\AA1\C3\EB\r\
    \n###################################################################### \
    \r\
    \n/ip firewall address-list remove \r\
    \n/ip firewall address-list remove \r\
    \n:local RxCurPacket 0 \r\
    \n:local RxCurAddress 0 \r\
    \n:local RxCurUser 0 \r\
    \n:local RxCurRate 0 \r\
    \n:local TxCurRate 0 \r\
    \n:foreach i in= do={\r\
    \nint mon \$i once do={\r\
    \n:set RxCurPacket (\$\"received-packets-per-second\")\r\
    \n:set RxCurRate (\$\"received-bits-per-second\")\r\
    \n:set TxCurRate (\$\"sent-bits-per-second\")\r\
    \n:set RxCurAddress \r\
    \n:set RxCurUser \r\
    \n}\r\
    \n#:put \$RxCurPacket\r\
    \n#:put \$RxCurAddress \r\
    \n:if (\$RxCurPacket>300) do={/ip firewall address-list add list=p2p-s add\
    ress=\$RxCurAddress comment=\$RxCurUser}\r\
    \n:if (\$RxCurPacket>150) do={/ip firewall address-list add list=p2p addre\
    ss=\$RxCurAddress comment=\$RxCurUser}\r\
    \n:if ((\$RxCurRate/5)>\$TxCurRate and \$RxCurRate>200000) do={/ip firewal\
    l address-list add list=p2p address=\$RxCurAddress comment=\$RxCurUser}\r\
    \n}\r\
    \n###################################################################### c\
    omment=\$RxCurUser" start-date=jan/01/1970 start-time=00:00:00

wt020 发表于 2009-5-6 10:34:56

/ip firewall filter下 这句不要:
add action=drop chain=forward comment="" disabled=no dst-address-list=All-WAN \
    dst-port=!53 protocol=udp src-address=192.168.0.0/16

tpy372 发表于 2009-5-6 12:19:25

呵呵...

WGHBOY 发表于 2009-5-6 13:14:24

还想做生意的就不能那么绝,技术跟着市场跑。不是这里限那里限,现在的电脑80%是娱乐用

pxyq 发表于 2009-5-6 14:01:17

没了P2P,上网无意义:lol

xugr 发表于 2009-5-6 16:01:01

呵呵,看的头都晕了,最好解释下以上代码
我现在只是封了些搜索服务器的IP而已
有谁用过,效果怎样

mz138266 发表于 2009-5-7 00:51:21

楼主~最好解释下以上代码。

gxhacker 发表于 2009-5-7 08:18:14

:)

ditey 发表于 2009-5-7 10:11:08

:victory:

feilang 发表于 2009-5-8 20:29:06

到底有效吗?有没有人测试的,怎么没人回复

47771885 发表于 2009-5-8 22:32:43

楼主真有幸 一堆 高级会员来看

蔡都小周 发表于 2009-5-15 10:18:09

呵呵,限制P2P吃带宽严重!

tonykong 发表于 2009-11-24 15:13:42

增加带宽吧?

wsb2008 发表于 2009-11-24 22:09:09

///////////////
页: [1]
查看完整版本: PPPEO另类绝杀P2P下载,Queue基本不用了