ROS通用脚步命令经典大全。网吧必备

	ROS通用脚本命令精典大放送-附使用说明 本文章出自，中国酷族总监小东百度官方博客http://hi.baidu.com/%D0%A1%B6%AB%C9%E8%BC%C6%CA%A6/home ROUTEROS常用命令 /sy reset                               恢复路由原始状态 /sy reboot                                 重启路由 /sy showdown                               关机 /sy ide set name=机器名       设置机器名 /export                                   查看配置 /ip export                               查看IP配置 /sy backup 回车 save name=你要设置文件名                   备份路由 LOAD NAME=你要设置文件名                   恢复备份 /interface print                          查看网卡状态 0 X ether1 ether 1500 这个是网卡没有开启 0 R ether1 ether 1500 这个是正常状态 /int   en 0                                激活0网卡 /int   di 0                                禁掉0网卡 /ip fir con print                         查看当前所有网络边接 /ip service set www port=81               改变www服务端口为81 /ip hotspot user add name=user1 password=1   增加用户 一：限速脚本 :for wbsz from 1 to 254 do={/queue simple add name=(wbsz . $wbsz) dst-address=(192.168.0. . $wbsz) limit-at=1024K/1024K max-limit=1024K/1024K} 二：限制每台机最大线程数 :for wbsz from 1 to 254 do={/ip firewall filter add chain=forward src-address=(192.168.0. . $wbsz) protocol=tcp connection-limit=50,32 action=drop} 三：端口映射 ip firewall nat add chain=dstnat dst-address=(202.96.134.134) protocol=tcp dst-port=80 to-addresses=(192.168.0.1) to-ports=80 action=dst-nat 四：封端口号 / ip firewall filter ad ch forward pr tcp dst-po 8000 act drop comment="Blockade QQ" 五：更变telnet服务端口 /ip service set telnet port=23 六：更变SSH管理服务端口 /ip service set ssh port=22 七：更变www服务端口号 /ip service set www port=80 八：更变FTP服务端口号 /ip service set ftp port=21 九：增加本ROS管理用户 /user add name=wbsz password=admin group=full 十：删除限速脚本 :for wbsz from 1 to 254 do={/queue simple remove (wbsz . $wbsz) } 十一：封IP脚步本 / ip firewall filter add chain=forward dst-address=58.60.13.38/32 action=drop comment="Blockade QQ" 十二：禁P2P脚本 / ip firewall filter add chain=forward src-address=192.168.0.0/24 p2p=all-p2p    action=drop comment="No P2P" 十三：限制每台机最大的TCP线程数(线程数=60) / ip firewall filter add chain=forward protocol=tcp connection-limit=60,32 action=drop \       disabled=no 十四：一次性绑定所有在线机器MAC :foreach wbsz in=[/ip arp find dynamic=yes ] do=[/ip arp add copy-from=$wbsz] 十五：解除所以绑定的MAC :foreach wbsz in [/ip arp find] do={/ip arp remove $wbsz} 十六：禁Ping / ip firewall filter add chain=output protocol=icmp action=drop comment="No Ping" 十七：禁电驴 / ip firewall filter add chain=forward protocol=tcp dst-port=4661-4662 action=drop comment="No Emule" add chain=forward protocol=tcp dst-port=4242 action=drop add chain=forward dst-address=62.241.53.15 action=drop 十八：禁PPLIVE / ip firewall filter add chain=forward protocol=tcp dst-port=8008 action=drop comment="No PPlive TV" add chain=forward protocol=udp dst-port=4004 action=drop add chain=forward dst-address=218.108.237.11 action=drop 十九：禁QQ直播 / ip firewall filter add chain=forward protocol=udp dst-port=13000-14000 action=drop comment="No QQLive" 二十：禁比特精灵 / ip firewall filter add chain=forward protocol=tcp dst-port=16881 action=drop comment="No BitSpirit" 二十一：禁QQ聊天(没事不要用) / ip firewall filter add chain=forward src-address=10.5.6.7/32 action=accept comment="No Tencent QQ" ad ch forward pr tcp dst-po 8000 act drop ad ch forward pr udp dst-po 8000 act drop ad ch forward pr udp dst-po 8000 act drop add chain=forward dst-address=61.144.238.0/24 action=drop add chain=forward dst-address=61.152.100.0/24 action=drop add chain=forward dst-address=61.141.194.0/24 action=drop add chain=forward dst-address=202.96.170.163/32 action=drop add chain=forward dst-address=202.104.129.0/24 action=drop add chain=forward dst-address=202.104.193.20/32 action=drop add chain=forward dst-address=202.104.193.11/32 action=drop add chain=forward dst-address=202.104.193.12/32 action=drop add chain=forward dst-address=218.17.209.23/32 action=drop add chain=forward dst-address=218.18.95.153/32 action=drop add chain=forward dst-address=218.18.95.165/32 action=drop add chain=forward dst-address=218.18.95.220/32 action=drop add chain=forward dst-address=218.85.138.70/32 action=drop add chain=forward dst-address=219.133.38.0/24 action=drop add chain=forward dst-address=219.133.49.0/24 action=drop add chain=forward dst-address=220.133.40.0/24 action=drop add chain=forward content=sz.tencent action=reject add chain=forward content=sz2.tencent action=reject add chain=forward content=sz3.tencent action=reject add chain=forward content=sz4.tencent action=reject add chain=forward content=sz5.tencent action=reject add chain=forward content=sz6.tencent action=reject add chain=forward content=sz7.tencent action=reject add chain=forward content=sz8.tencent action=rejec add chain=forward content=sz9.tencent action=rejec add chain=forward content=tcpconn.tencent action=reject add chain=forward content=tcpconn2.tencent action=reject add chain=forward content=tcpconn3.tencent action=reject add chain=forward content=tcpconn4.tencent action=reject add chain=forward content=tcpconn5.tencent action=reject add chain=forward content=tcpconn6.tencent action=reject add chain=forward content=tcpconn7.tencent action=reject add chain=forward content=tcpconn8.tencent action=reject add chain=forward content=qq action=reject add chain=forward content=www.qq action=reject 二十二：防止灰鸽子入浸 / ip firewall filter add chain=forward protocol=tcp dst-port=1999 action=drop comment="Backdoor.GrayBird.ad" add chain=forward dst-address=80.190.240.125 action=drop add chain=forward dst-address=203.209.245.168 action=drop add chain=forward dst-address=210.192.122.106 action=drop add chain=forward dst-address=218.30.88.43 action=drop add chain=forward dst-address=219.238.233.110 action=drop add chain=forward dst-address=222.186.8.88 action=drop add chain=forward dst-address=124.42.125.37 action=drop add chain=forward dst-address=210.192.122.107 action=drop add chain=forward dst-address=61.147.118.198 action=drop add chain=forward dst-address=219.238.233.11 action=drop 二十三：防三波 / ip firewall filter add chain=forward protocol=tcp dst-port=135-139 action=drop comment="No 3B"

东东说：