发个自己用的5线PCC
交流QQ:307237303/ip firewall mangle
add action=accept chain=prerouting comment="" disabled=yes
add action=change-mss chain=postrouting comment="" disabled=no new-mss=1440 \
protocol=tcp tcp-flags=syn
add action=accept chain=prerouting comment="" disabled=no dst-port=443 \
in-interface=LAN protocol=tcp
add action=mark-connection chain=input comment="" disabled=no in-interface=\
pppoe-out1 new-connection-mark=1 passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=\
pppoe-out2 new-connection-mark=2 passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=\
pppoe-out3 new-connection-mark=3 passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=\
pppoe-out4 new-connection-mark=4 passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=\
pppoe-out5 new-connection-mark=5 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=1 disabled=no \
new-routing-mark=to_1 out-interface=!LAN passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=2 disabled=no \
new-routing-mark=to_2 out-interface=!LAN passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=3 disabled=no \
new-routing-mark=to_3 out-interface=!LAN passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=4 disabled=no \
new-routing-mark=to_4 out-interface=!LAN passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=5 disabled=no \
new-routing-mark=to_5 out-interface=!LAN passthrough=yes
add action=mark-connection chain=prerouting comment=\
"\D4\F6\BC\D3\CF\DF\C2\B7\D0\E8\D0\DE\B8\C4\D2\D4\CF\C25\CC\F5" disabled=\
no dst-address-type=!local new-connection-mark=1 passthrough=yes \
per-connection-classifier=both-addresses:5/0 src-address=10.0.0.0/24
add action=mark-connection chain=prerouting comment="" disabled=no \
dst-address-type=!local new-connection-mark=2 passthrough=yes \
per-connection-classifier=both-addresses:5/1 src-address=10.0.0.0/24
add action=mark-connection chain=prerouting comment="" disabled=no \
dst-address-type=!local new-connection-mark=3 passthrough=yes \
per-connection-classifier=both-addresses:5/2 src-address=10.0.0.0/24
add action=mark-connection chain=prerouting comment="" disabled=no \
dst-address-type=!local new-connection-mark=4 passthrough=yes \
per-connection-classifier=both-addresses:5/3 src-address=10.0.0.0/24
add action=mark-connection chain=prerouting comment="" disabled=no \
dst-address-type=!local new-connection-mark=5 passthrough=yes \
per-connection-classifier=both-addresses:5/4 src-address=10.0.0.0/24
add action=mark-routing chain=prerouting comment="" connection-mark=1 \
disabled=no new-routing-mark=to_1 passthrough=yes src-address=10.0.0.0/24
add action=mark-routing chain=prerouting comment="" connection-mark=2 \
disabled=no new-routing-mark=to_2 passthrough=yes src-address=10.0.0.0/24
add action=mark-routing chain=prerouting comment="" connection-mark=3 \
disabled=no new-routing-mark=to_3 passthrough=yes src-address=10.0.0.0/24
add action=mark-routing chain=prerouting comment="" connection-mark=4 \
disabled=no new-routing-mark=to_4 passthrough=yes src-address=10.0.0.0/24
add action=mark-routing chain=prerouting comment="" connection-mark=5 \
disabled=no new-routing-mark=to_5 passthrough=yes src-address=10.0.0.0/24
/ip firewall nat
add action=redirect chain=dstnat comment="\BF\AA\BB\FA\CD\A8\D6\AA" disabled=\
no dst-port=80 protocol=tcp src-address=20.0.0.2-20.0.0.200 \
src-address-list=src1 to-ports=8080
add action=masquerade chain=srcnat comment="" disabled=no out-interface=\
pppoe-out1
add action=masquerade chain=srcnat comment="" disabled=no out-interface=\
pppoe-out2
add action=masquerade chain=srcnat comment="" disabled=no out-interface=\
pppoe-out3
add action=masquerade chain=srcnat comment="" disabled=no out-interface=\
pppoe-out4
add action=masquerade chain=srcnat comment="" disabled=no out-interface=\
pppoe-out5
add action=masquerade chain=srcnat comment="" disabled=no src-address=\
192.168.10.0/24
add action=accept chain=srcnat comment="" disabled=no
/ip route
add comment=WAN3 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
pppoe-out3 routing-mark=to_3
add comment="WAN1_\BD\D3VLAN10" disabled=no distance=1 dst-address=0.0.0.0/0 \
gateway=pppoe-out1 routing-mark=to_1
add comment=WAN2 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
pppoe-out2 routing-mark=to_2
add comment=WAN4 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
pppoe-out4 routing-mark=to_4
add check-gateway=ping comment=WAN1 disabled=no distance=2 dst-address=\
0.0.0.0/0 gateway=pppoe-out1
add check-gateway=ping comment=WAN5 disabled=no distance=2 dst-address=\
0.0.0.0/0 gateway=pppoe-out5
add check-gateway=ping comment=WAN4 disabled=no distance=2 dst-address=\
0.0.0.0/0 gateway=pppoe-out4
add comment=WAN5 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
pppoe-out5 routing-mark=to_5
add check-gateway=ping comment=WAN3 disabled=no distance=2 dst-address=\
0.0.0.0/0 gateway=pppoe-out3
add check-gateway=ping comment=WAN1 disabled=no distance=1 dst-address=\
0.0.0.0/0 gateway=pppoe-out1
add check-gateway=ping comment=WAN2 disabled=no distance=2 dst-address=\
0.0.0.0/0 gateway=pppoe-out2 顶你一下子 抢个沙发。。。 呵呵,顶个贴,赚点分,学点知道。 跟我的一样,我是13wan的 学习了 谢谢 路过,学习了 好。。给你加个人气。。。 免费的一定要顶 免费的一定要顶 ROS+VLAN交换机扩WAN口后,ping外网老掉包,不解,高手麻烦指点一下啊。 lz 好人啊 楼主认真学你你的脚本后 ,发现 我这里用了后直接断网 全部上不去 当然我把你的内网ip地址改为我的hotspot认证后网段,但还是不行,不知道哪里有问题 # dec/20/2011 02:30:43 by RouterOS 3.30
/ip firewall mangle
add action=mark-packet chain=prerouting comment="" disabled=no \
new-packet-mark=all-mark passthrough=yes
add action=mark-connection chain=prerouting comment=pcc2 disabled=no \
in-interface=lan1 new-connection-mark=conn2 passthrough=yes \
per-connection-classifier=both-addresses:4/1 src-address=123.179.142.0/24
add action=mark-routing chain=prerouting comment=mk-rt2 connection-mark=conn2 \
disabled=no in-interface=lan1 new-routing-mark=rout2 passthrough=yes
add action=mark-connection chain=prerouting comment=pcc3 disabled=no \
in-interface=lan1 new-connection-mark=conn3 passthrough=yes \
per-connection-classifier=both-addresses:4/2 src-address=123.179.142.0/24
add action=mark-routing chain=prerouting comment=mk-rt3 connection-mark=conn3 \
disabled=no in-interface=lan1 new-routing-mark=rout3 passthrough=yes
add action=mark-connection chain=prerouting comment=pcc1 disabled=no \
in-interface=lan1 new-connection-mark=conn1 passthrough=yes \
per-connection-classifier=both-addresses:4/0 src-address=123.179.142.0/24
add action=mark-routing chain=prerouting comment=mk-rt1 connection-mark=conn1 \
disabled=no in-interface=lan1 new-routing-mark=rout1 passthrough=yes
add action=mark-connection chain=prerouting comment=pcc4 disabled=no \
in-interface=lan1 new-connection-mark=conn4 passthrough=yes \
per-connection-classifier=both-addresses:4/3 src-address=123.179.142.0/24
add action=mark-routing chain=prerouting comment=mk-rt4 connection-mark=conn4 \
disabled=no in-interface=lan1 new-routing-mark=rout4 passthrough=no
启用下面这些就无法上网 不知道是为什么
add action=mark-connection chain=input comment="" disabled=yes in-interface=\
pppoe-out1 new-connection-mark=conn1 passthrough=yes
add action=mark-connection chain=input comment="" disabled=yes in-interface=\
pppoe-out2 new-connection-mark=conn2 passthrough=yes
add action=mark-connection chain=input comment="" disabled=yes in-interface=\
pppoe-out3 new-connection-mark=conn3 passthrough=yes
add action=mark-connection chain=input comment="" disabled=yes in-interface=\
pppoe-out4 new-connection-mark=conn4 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=conn1 \
disabled=yes new-routing-mark=rout1 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=conn2 \
disabled=yes new-routing-mark=rout2 out-interface=!lan1 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=conn3 \
disabled=yes new-routing-mark=rout3 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=conn4 \
disabled=yes new-routing-mark=rout4 passthrough=yes
请你检查以下这几点,是不对的:
comment=pcc1 comment=mk-rt1 new-routing-mark=rout1 new-connection-mark=conn1 new-routing-mark=rout3
请修改一下。
页:
[1]
2