Администратор 111111 Публикувано 5 Декември, 2008 Администратор Доклад Сподели Публикувано 5 Декември, 2008 What's new in 4.0beta1: *) added support for MetaROUTERs; *) all test packages are regular ones; *) console - can mix named and unnamed arguments, can use names for unnamed argument values. For example all of the following commands are accepted now: /ping 10.11.12.13 count=4 /ping address=10.11.12.13 count=4 /ping count=4 10.11.12.13 да го изтестваме тестово Traffic and system resource graphing неработи Харесай поста ^^^ Форумът е за взаимопомощ а не за свършване на чужда работа ɹɐǝɥ uɐɔ noʎ ǝɹoɯ ǝɥʇ 'ǝɯoɔǝq noʎ ɹǝʇǝınb ǝɥʇ Адрес на коментара Сподели в други сайтове More sharing options...
0 NetworkPro Отговорено 7 Декември, 2008 Доклад Сподели Отговорено 7 Декември, 2008 При мен работят, ето конфига ми: / interface ethernet set ether1 name="Local" set ether2 mac-address=нужен за ISP / ip firewall address-list add list=lokalni-adresi address=10.10.10.0/29 comment="LAN" add list=illegal-addr address=0.0.0.0/8 comment="illegal addresses" add list=illegal-addr address=127.0.0.0/8 add list=illegal-addr address=224.0.0.0/3 add list=illegal-addr address=10.0.0.0/8 add list=illegal-addr address=172.16.0.0/12 add list=illegal-addr address=192.168.0.0/16 / interface pppoe-client add name="Public" interface=ether2 user="потребител" password="парола" service-name="име на ппп" \ ac-name="име на ac" add-default-route=yes dial-on-demand=yes use-peer-dns=yes / ip pool add name="dhcp_pool1" ranges=10.10.10.2-10.10.10.254 / ip service set telnet disabled=yes set ftp disabled=yes set www disabled=yes set ssh disabled=yes set www-ssl disabled=yes / ip upnp set enabled=no / ip dns set allow-remote-requests=yes / ip address add address=10.10.10.1/24 interface=Local / ip neighbor discovery set Local discover=no set ether2 discover=no set Public discover=no / ip firewall nat add chain=srcnat action=masquerade src-address-list=lokalni-adresi comment="NAT" add chain=dstnat action=dst-nat to-addresses=10.10.10.2 dst-port=5959 protocol=tcp comment="2 TightVNC" add chain=dstnat action=dst-nat to-addresses=10.10.10.2 dst-port=43210 protocol=tcp comment="2 torrent" add chain=dstnat action=dst-nat to-addresses=10.10.10.2 dst-port=46215 protocol=tcp comment="2 eMule" add chain=dstnat action=dst-nat to-addresses=10.10.10.2 dst-port=41048 protocol=udp add chain=dstnat action=dst-nat to-addresses=10.10.10.2 dst-port=54711 protocol=tcp disabled=yes add chain=dstnat action=dst-nat to-addresses=10.10.10.2 dst-port=59947 protocol=tcp comment="2 Hamachi" disabled=yes add chain=dstnat action=dst-nat to-addresses=10.10.10.2 dst-port=59947 protocol=udp disabled=yes add chain=dstnat action=dst-nat to-addresses=10.10.10.2 dst-port=6969 protocol=tcp comment="2 HTTP" disabled=yes add chain=dstnat action=dst-nat to-addresses=10.10.10.3 dst-port=45082 protocol=tcp comment="3 torrent" add chain=dstnat action=dst-nat to-addresses=10.10.10.3 dst-port=45082 protocol=udp add chain=dstnat action=dst-nat to-addresses=10.10.10.4 dst-port=41000 protocol=tcp comment="4 torrent" add chain=dstnat action=dst-nat to-addresses=10.10.10.4 dst-port=42000 protocol=tcp comment="4 Hamachi" add chain=dstnat action=dst-nat to-addresses=10.10.10.6 dst-port=43000 protocol=tcp comment="6 torrent" add chain=dstnat action=dst-nat to-addresses=10.10.10.5 dst-port=49999 protocol=tcp comment="5 torrent" add chain=dstnat action=dst-nat to-addresses=10.10.10.5 dst-port=33096 protocol=tcp comment="5 SLSK" / ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=nat-traversal passthrough=no in-interface=Public dst-address-list=lokalni-adresi add chain=prerouting action=mark-connection new-connection-mark=RegnumOnline passthrough=yes in-interface=Local src-address=10.10.10.5 \ src-port=9960 protocol=udp disabled=yes add chain=prerouting action=mark-connection new-connection-mark=RegnumOnline passthrough=yes src-address=10.10.10.5 \ dst-address=212.214.41.165 disabled=yes add chain=prerouting action=mark-connection new-connection-mark=RegnumOnline passthrough=yes src-address=212.214.41.165 \ disabled=yes add chain=prerouting action=change-dscp new-dscp=46 connection-mark=RegnumOnline disabled=yes add chain=prerouting action=mark-packet new-packet-mark=RegnumOnline passthrough=no connection-mark=RegnumOnline disabled=yes add chain=postrouting action=change-dscp new-dscp=46 out-interface=Public add chain=output action=change-dscp new-dscp=46 out-interface=Public add chain=prerouting action=mark-packet new-packet-mark=local2local passthrough=no src-address-list=lokalni-adresi \ dst-address-list=lokalni-adresi add chain=forward action=mark-connection new-connection-mark=clients-conn passthrough=yes src-address-list=lokalni-adresi add chain=forward action=mark-packet new-packet-mark=clients-packets passthrough=no connection-mark=clients-conn add chain=forward action=mark-packet new-packet-mark=clients-packets passthrough=no dst-address-list=lokalni-adresi add chain=forward action=log / ip firewall filter add chain=forward action=jump jump-target=sanity-check comment="Sanity Check Jump" add chain=sanity-check action=jump jump-target=drop packet-mark=nat-traversal comment="Deny illegal NAT traversal" add chain=sanity-check action=add-src-to-address-list protocol=tcp psd=20,3s,3,1 address-list=blocked-addr address-list-timeout=1d \ comment="Block port scans" disabled=yes add chain=sanity-check action=add-src-to-address-list tcp-flags=fin,psh,urg,!syn,!rst,!ack protocol=tcp address-list=blocked-addr \ address-list-timeout=1d comment="Block TCP Null scan" add chain=sanity-check action=add-src-to-address-list tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg protocol=tcp address-list=blocked-addr \ address-list-timeout=1d comment="Block TCP Xmas scan" add chain=sanity-check action=jump jump-target=drop protocol=tcp src-address-list=blocked-addr add chain=sanity-check action=jump jump-target=drop tcp-flags=rst protocol=tcp comment="Drop TCP RST" disabled=yes add chain=sanity-check action=jump jump-target=drop tcp-flags=fin,syn protocol=tcp comment="Drop TCP SYN+FIN" add chain=sanity-check action=jump jump-target=drop connection-state=invalid comment="Dropping invalid connections at once" add chain=sanity-check action=accept connection-state=established comment="Accepting already established connections" add chain=sanity-check action=accept connection-state=related comment="Also accepting related connections" add chain=sanity-check action=jump jump-target=drop src-address-type=broadcast,multicast comment="Drop all traffic that goes from \ multicast or broadcast addresses" add chain=sanity-check action=jump jump-target=drop in-interface=Local dst-address-type=!local dst-address-list=illegal-addr \ comment="Drop illegal destination addresses" add chain=sanity-check action=jump jump-target=drop in-interface=Local src-address-list=!lokalni-adresi comment="Drop everything that goes \ from local interface but not from local address" add chain=sanity-check action=jump jump-target=drop in-interface=Public src-address-list=illegal-addr comment="Drop illegal source \ addresses" add chain=sanity-check action=jump jump-target=drop in-interface=Public dst-address-list=!lokalni-adresi comment="Drop everything that goes \ from public interface but not to local address" add chain=sanity-check action=jump jump-target=drop dst-address-type=broadcast,multicast comment="Drop all traffic that goes to multicast \ or broadcast addresses" add chain=sanity-check action=jump jump-target=drop src-port=137 dst-port=137 protocol=udp comment="Drop port 137 UDP" add chain=sanity-check action=return add chain=input action=accept in-interface=Public dst-port=8291 protocol=tcp comment="Allow Remote Router Administration via WinBox" add chain=input action=accept in-interface=Local src-address-list=lokalni-adresi comment="Accept lokalni-adresi" add chain=input action=jump jump-target=drop in-interface=Local comment="Drop everything else on local input" add chain=input action=jump jump-target=sanity-check comment="Sanity Check all input" add chain=input action=jump jump-target=drop dst-address-type=!local comment="Dropping packets not destined to the router itself, \ including all broadcast traffic" add chain=input action=jump jump-target=drop comment="Drop all other input" add chain=drop action=log disabled=yes add chain=drop action=drop / ip dhcp-server add name="dhcp1" interface=Local address-pool=dhcp_pool1 disabled=no / ip dhcp-server lease add address=10.10.10.3 mac-address=мак-адрес server=dhcp1 add address=10.10.10.2 mac-address=мак-адрес server=dhcp1 add address=10.10.10.5 mac-address=мак-адрес server=dhcp1 add address=10.10.10.6 mac-address=мак-адрес server=dhcp1 add address=10.10.10.7 mac-address=мак-адрес server=dhcp1 / ip dhcp-server network add address=10.10.10.0/24 gateway=10.10.10.1 netmask=24 dns-server=10.10.10.1 / system clock manual set time-zone="+02:00" / system identity set name="име на рутер" / system scheduler add name="changeip3m" on-event=changeip interval=3m / queue type add name="pcq-download" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=200 add name="pcq-upload" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address pcq-total-limit=200 / queue tree add name="Download" parent=Local packet-mark=clients-packets queue=pcq-download priority=1 max-limit=19000000 disabled=no add name="Upload" parent=Public packet-mark=clients-packets queue=pcq-upload priority=1 max-limit=9000000 disabled=no / tool mac-server ping set enabled=no / tool graphing resource add allow-address=0.0.0.0/0 store-on-disk=yes / tool graphing interface add interface=all allow-address=0.0.0.0/0 store-on-disk=yes Инсталиран на VMWare 6.5.0, конфига е пейстнат както се вижда. Потреблението не CPU е по-добре отколкото v3.15 и 3.16 Смятам да използвам v4. понеже не виждам къде ще ми се бъгне след като конкретно тук, ми трябват само ppp, advanced-tools, dhcp и основните пакети за пейстнатия config който виждате. Ако имам проблеми ще пиша на support: http://www.mikrotik.com/support.html p.s. и графиките работят. https://wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service (archive) Адрес на коментара Сподели в други сайтове More sharing options...
0 NetworkPro Отговорено 7 Декември, 2008 Доклад Сподели Отговорено 7 Декември, 2008 [...] /system hardware> print multi-cpu: yes [...] /system hardware> Няма забелязани проблеми въпреки неправилната настройка по подразбиране. Процесора е с едно ядро. Public interface CPU Usage https://wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service (archive) Адрес на коментара Сподели в други сайтове More sharing options...
Въпрос
111111
What's new in 4.0beta1:
*) added support for MetaROUTERs;
*) all test packages are regular ones;
*) console - can mix named and unnamed arguments, can use names for unnamed
argument values. For example all of the following commands are
accepted now:
/ping 10.11.12.13 count=4
/ping address=10.11.12.13 count=4
/ping count=4 10.11.12.13
да го изтестваме тестово
Traffic and system resource graphing
неработи
Форумът е за взаимопомощ а не за свършване на чужда работа
ɹɐǝɥ uɐɔ noʎ ǝɹoɯ ǝɥʇ 'ǝɯoɔǝq noʎ ɹǝʇǝınb ǝɥʇ
Адрес на коментара
Сподели в други сайтове
2 отговори на този въпрос
Recommended Posts
Създайте нов акаунт или се впишете, за да коментирате
За да коментирате, трябва да имате регистрация
Създайте акаунт
Присъединете се към нашата общност. Регистрацията става бързо!
Регистрация на нов акаунтВход
Имате акаунт? Впишете се оттук.
Вписване