坐井观天 发表于 2010-11-10 16:05:31

PPPOE另类绝杀P2P下载,Queue基本不用了

本帖最后由 zooyo 于 2011-2-9 20:20 编辑

# may/06/2009 09:55:12 by RouterOS 3.22

/ip firewall address-list
add address=128.0.0.0/1 comment="" disabled=no list=All-WAN
add address=64.0.0.0/2 comment="" disabled=no list=All-WAN
add address=32.0.0.0/3 comment="" disabled=no list=All-WAN
add address=16.0.0.0/4 comment="" disabled=no list=All-WAN


/ip firewall filter
add action=drop chain=forward comment=Drop-ICMP disabled=no dst-address=\
   0.0.0.0/0 packet-size=300-1500 protocol=icmp src-address=192.168.0.0/16
add action=drop chain=forward comment="" disabled=no dst-address-list=All-WAN \
   dst-port=!53 protocol=udp src-address=192.168.0.0/16
add action=drop chain=forward comment="" disabled=no dst-port=15000,15001 \
   protocol=udp time=20h-23h,sun,mon,tue,wed,thu,fri,sat
add action=drop chain=input comment="\CE\DE\D0\A7\C1\B4\BD\D3" \
   connection-state=invalid disabled=no
add action=drop chain=input comment="\B6\CB\BF\DA\C9\A8\C3\E8" disabled=no \
   protocol=tcp psd=21,3s,3,1
add action=drop chain=forward comment=Drop-TCP-P2P disabled=no \
   dst-address-list=All-WAN dst-port=!80,443 packet-size=500-1500 protocol=\
   tcp src-address=192.168.0.0/16 src-address-list=p2p-tcp time=\
   18h-23h59m,sun,mon,tue,wed,thu,fri,sat
add action=drop chain=forward comment="Drop-TCP=30" connection-limit=30,32 \
   disabled=no dst-address-list=All-WAN dst-port=80,433 protocol=tcp \
   src-address=192.168.0.0/16 src-address-list=p2p-tcp time=\
   20h-22h59m59s,sun,mon,tue,wed,thu,fri,sat
add action=drop chain=forward comment="Drop-TCP=20" connection-limit=10,32 \
   disabled=no dst-address-list=All-WAN dst-port=!80-443 protocol=tcp \
   src-address=192.168.0.0/16 src-address-list=p2p-tcp time=\
   20h-22h59m59s,sun,mon,tue,wed,thu,fri,sat
add action=drop chain=forward comment=Drop-UDP-UP disabled=no \
   dst-address-list=All-WAN dst-port=!53,8000 packet-size=600-1500 protocol=\
   udp src-address=192.168.0.0/16 src-address-list=p2p-udp time=\
   19h-22h59m59s,sun,mon,tue,wed,thu,fri,sat
add action=drop chain=forward comment=Drop-UDP-1/2-s1 disabled=no \
   dst-address-list=All-WAN dst-port=!53,8000 protocol=udp random=50 \
   src-address=192.168.0.0/16 src-address-list=p2p-s1 time=\
   9h-23h59m59s,sun,mon,tue,wed,thu,fri,sat

/ip firewall mangle
add action=add-src-to-address-list address-list=p2p-udp address-list-timeout=\
   5m30s chain=prerouting comment=p2p-udp-LANip disabled=no \
   dst-address-list=All-WAN protocol=udp src-address=192.168.0.0/16 \
   src-address-list=p2p
add action=add-src-to-address-list address-list=p2p-tcp address-list-timeout=\
   5m30s chain=prerouting comment=p2p-tcp-LANip disabled=no \
   dst-address-list=All-WAN protocol=tcp src-address=192.168.0.0/16 \
   src-address-list=p2p
add action=add-src-to-address-list address-list=p2p-s1 address-list-timeout=\
   10m10s chain=prerouting comment=p2p-udp-max disabled=no dst-address-list=\
   All-WAN protocol=udp src-address=192.168.0.0/16 src-address-list=p2p-s


/system scheduler
add comment="" disabled=no interval=1m name=p2p-TO on-event="#PPPOE\C8\AB\D7\
   \D4\B6\AF\D6\C7\C4\DC\CF\DE\CB\D9\BD\C5\B1\BE\r\
   \n#:foreach i in= do={:put [/interface get \$i n\
   ame]}\r\
   \n#:delay 3\r\
   \n#\D1\D3\CA\B13\C3\EB\A3\AC\C8\B1\CA\A1\CE\AA1\C3\EB\r\
   \n###################################################################### \
   \r\
   \n/ip firewall address-list remove \r\
   \n/ip firewall address-list remove \r\
   \n:local RxCurPacket 0 \r\
   \n:local RxCurAddress 0 \r\
   \n:local RxCurUser 0 \r\
   \n:local RxCurRate 0 \r\
   \n:local TxCurRate 0 \r\
   \n:foreach i in= do={\r\
   \nint mon \$i once do={\r\
   \n:set RxCurPacket (\$\"received-packets-per-second\")\r\
   \n:set RxCurRate (\$\"received-bits-per-second\")\r\
   \n:set TxCurRate (\$\"sent-bits-per-second\")\r\
   \n:set RxCurAddress \r\
   \n:set RxCurUser \r\
   \n}\r\
   \n#:put \$RxCurPacket\r\
   \n#:put \$RxCurAddress \r\
   \n:if (\$RxCurPacket>300) do={/ip firewall address-list add list=p2p-s add\
   ress=\$RxCurAddress comment=\$RxCurUser}\r\
   \n:if (\$RxCurPacket>150) do={/ip firewall address-list add list=p2p addre\
   ss=\$RxCurAddress comment=\$RxCurUser}\r\
   \n:if ((\$RxCurRate/5)>\$TxCurRate and \$RxCurRate>200000) do={/ip firewal\
   l address-list add list=p2p address=\$RxCurAddress comment=\$RxCurUser}\r\
   \n}\r\
   \n###################################################################### c\
   omment=\$RxCurUser" start-date=jan/01/1970 start-time=00:00:00


hjfgt 发表于 2010-11-10 16:35:03

试一下效果怎么样,感谢分享。。。

火蚂蚁 发表于 2010-11-10 18:16:20

试一下效果怎么样,感谢分享。。。

lsdeng 发表于 2010-11-10 18:20:34

支持一下

qwert1388 发表于 2010-11-10 18:29:52

本帖隐藏的内容需要回复才可以浏览

yaaisinile 发表于 2010-11-11 03:30:44

试一下效果怎么样,感谢分享。。。

tmd 发表于 2010-11-11 09:22:37

感谢分享。。。

gddsam 发表于 2010-11-11 09:50:47

看看········

winepo 发表于 2010-11-11 12:03:43

观察一下。。。

kunll 发表于 2010-11-11 12:54:27

试一下效果怎么样,感谢分享。。。

wwjun 发表于 2010-11-11 13:06:12

kanakann

qdcv123 发表于 2010-11-11 13:47:36

支持一下

panbingjiu 发表于 2010-11-11 15:12:04

学习学习。。。:)

GDSZGYCHACKER 发表于 2010-11-11 17:22:32

看看效果显著如何啊

goodnice399 发表于 2010-11-11 18:17:35

上来学习下
页: [1] 2 3 4 5 6 7 8 9
查看完整版本: PPPOE另类绝杀P2P下载,Queue基本不用了