Administrator 111111 Posted December 5, 2008 Administrator Report Share Posted December 5, 2008 What's new in 4.0beta1: *) added support for MetaROUTERs; *) all test packages are regular ones; *) console - can mix named and unnamed arguments, can use names for unnamed argument values. For example all of the following commands are accepted now: /ping 10.11.12.13 count=4 /ping address=10.11.12.13 count=4 /ping count=4 10.11.12.13 да го изтестваме тестово Traffic and system resource graphing неработи Харесай поста ^^^ Форумът е за взаимопомощ а не за свършване на чужда работа ɹɐǝɥ uɐɔ noʎ ǝɹoɯ ǝɥʇ 'ǝɯoɔǝq noʎ ɹǝʇǝınb ǝɥʇ Link to comment Share on other sites More sharing options...
0 NetworkPro Posted December 7, 2008 Report Share Posted December 7, 2008 При мен работят, ето конфига ми: / interface ethernet set ether1 name="Local" set ether2 mac-address=нужен за ISP / ip firewall address-list add list=lokalni-adresi address=10.10.10.0/29 comment="LAN" add list=illegal-addr address=0.0.0.0/8 comment="illegal addresses" add list=illegal-addr address=127.0.0.0/8 add list=illegal-addr address=224.0.0.0/3 add list=illegal-addr address=10.0.0.0/8 add list=illegal-addr address=172.16.0.0/12 add list=illegal-addr address=192.168.0.0/16 / interface pppoe-client add name="Public" interface=ether2 user="потребител" password="парола" service-name="име на ппп" \ ac-name="име на ac" add-default-route=yes dial-on-demand=yes use-peer-dns=yes / ip pool add name="dhcp_pool1" ranges=10.10.10.2-10.10.10.254 / ip service set telnet disabled=yes set ftp disabled=yes set www disabled=yes set ssh disabled=yes set www-ssl disabled=yes / ip upnp set enabled=no / ip dns set allow-remote-requests=yes / ip address add address=10.10.10.1/24 interface=Local / ip neighbor discovery set Local discover=no set ether2 discover=no set Public discover=no / ip firewall nat add chain=srcnat action=masquerade src-address-list=lokalni-adresi comment="NAT" add chain=dstnat action=dst-nat to-addresses=10.10.10.2 dst-port=5959 protocol=tcp comment="2 TightVNC" add chain=dstnat action=dst-nat to-addresses=10.10.10.2 dst-port=43210 protocol=tcp comment="2 torrent" add chain=dstnat action=dst-nat to-addresses=10.10.10.2 dst-port=46215 protocol=tcp comment="2 eMule" add chain=dstnat action=dst-nat to-addresses=10.10.10.2 dst-port=41048 protocol=udp add chain=dstnat action=dst-nat to-addresses=10.10.10.2 dst-port=54711 protocol=tcp disabled=yes add chain=dstnat action=dst-nat to-addresses=10.10.10.2 dst-port=59947 protocol=tcp comment="2 Hamachi" disabled=yes add chain=dstnat action=dst-nat to-addresses=10.10.10.2 dst-port=59947 protocol=udp disabled=yes add chain=dstnat action=dst-nat to-addresses=10.10.10.2 dst-port=6969 protocol=tcp comment="2 HTTP" disabled=yes add chain=dstnat action=dst-nat to-addresses=10.10.10.3 dst-port=45082 protocol=tcp comment="3 torrent" add chain=dstnat action=dst-nat to-addresses=10.10.10.3 dst-port=45082 protocol=udp add chain=dstnat action=dst-nat to-addresses=10.10.10.4 dst-port=41000 protocol=tcp comment="4 torrent" add chain=dstnat action=dst-nat to-addresses=10.10.10.4 dst-port=42000 protocol=tcp comment="4 Hamachi" add chain=dstnat action=dst-nat to-addresses=10.10.10.6 dst-port=43000 protocol=tcp comment="6 torrent" add chain=dstnat action=dst-nat to-addresses=10.10.10.5 dst-port=49999 protocol=tcp comment="5 torrent" add chain=dstnat action=dst-nat to-addresses=10.10.10.5 dst-port=33096 protocol=tcp comment="5 SLSK" / ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=nat-traversal passthrough=no in-interface=Public dst-address-list=lokalni-adresi add chain=prerouting action=mark-connection new-connection-mark=RegnumOnline passthrough=yes in-interface=Local src-address=10.10.10.5 \ src-port=9960 protocol=udp disabled=yes add chain=prerouting action=mark-connection new-connection-mark=RegnumOnline passthrough=yes src-address=10.10.10.5 \ dst-address=212.214.41.165 disabled=yes add chain=prerouting action=mark-connection new-connection-mark=RegnumOnline passthrough=yes src-address=212.214.41.165 \ disabled=yes add chain=prerouting action=change-dscp new-dscp=46 connection-mark=RegnumOnline disabled=yes add chain=prerouting action=mark-packet new-packet-mark=RegnumOnline passthrough=no connection-mark=RegnumOnline disabled=yes add chain=postrouting action=change-dscp new-dscp=46 out-interface=Public add chain=output action=change-dscp new-dscp=46 out-interface=Public add chain=prerouting action=mark-packet new-packet-mark=local2local passthrough=no src-address-list=lokalni-adresi \ dst-address-list=lokalni-adresi add chain=forward action=mark-connection new-connection-mark=clients-conn passthrough=yes src-address-list=lokalni-adresi add chain=forward action=mark-packet new-packet-mark=clients-packets passthrough=no connection-mark=clients-conn add chain=forward action=mark-packet new-packet-mark=clients-packets passthrough=no dst-address-list=lokalni-adresi add chain=forward action=log / ip firewall filter add chain=forward action=jump jump-target=sanity-check comment="Sanity Check Jump" add chain=sanity-check action=jump jump-target=drop packet-mark=nat-traversal comment="Deny illegal NAT traversal" add chain=sanity-check action=add-src-to-address-list protocol=tcp psd=20,3s,3,1 address-list=blocked-addr address-list-timeout=1d \ comment="Block port scans" disabled=yes add chain=sanity-check action=add-src-to-address-list tcp-flags=fin,psh,urg,!syn,!rst,!ack protocol=tcp address-list=blocked-addr \ address-list-timeout=1d comment="Block TCP Null scan" add chain=sanity-check action=add-src-to-address-list tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg protocol=tcp address-list=blocked-addr \ address-list-timeout=1d comment="Block TCP Xmas scan" add chain=sanity-check action=jump jump-target=drop protocol=tcp src-address-list=blocked-addr add chain=sanity-check action=jump jump-target=drop tcp-flags=rst protocol=tcp comment="Drop TCP RST" disabled=yes add chain=sanity-check action=jump jump-target=drop tcp-flags=fin,syn protocol=tcp comment="Drop TCP SYN+FIN" add chain=sanity-check action=jump jump-target=drop connection-state=invalid comment="Dropping invalid connections at once" add chain=sanity-check action=accept connection-state=established comment="Accepting already established connections" add chain=sanity-check action=accept connection-state=related comment="Also accepting related connections" add chain=sanity-check action=jump jump-target=drop src-address-type=broadcast,multicast comment="Drop all traffic that goes from \ multicast or broadcast addresses" add chain=sanity-check action=jump jump-target=drop in-interface=Local dst-address-type=!local dst-address-list=illegal-addr \ comment="Drop illegal destination addresses" add chain=sanity-check action=jump jump-target=drop in-interface=Local src-address-list=!lokalni-adresi comment="Drop everything that goes \ from local interface but not from local address" add chain=sanity-check action=jump jump-target=drop in-interface=Public src-address-list=illegal-addr comment="Drop illegal source \ addresses" add chain=sanity-check action=jump jump-target=drop in-interface=Public dst-address-list=!lokalni-adresi comment="Drop everything that goes \ from public interface but not to local address" add chain=sanity-check action=jump jump-target=drop dst-address-type=broadcast,multicast comment="Drop all traffic that goes to multicast \ or broadcast addresses" add chain=sanity-check action=jump jump-target=drop src-port=137 dst-port=137 protocol=udp comment="Drop port 137 UDP" add chain=sanity-check action=return add chain=input action=accept in-interface=Public dst-port=8291 protocol=tcp comment="Allow Remote Router Administration via WinBox" add chain=input action=accept in-interface=Local src-address-list=lokalni-adresi comment="Accept lokalni-adresi" add chain=input action=jump jump-target=drop in-interface=Local comment="Drop everything else on local input" add chain=input action=jump jump-target=sanity-check comment="Sanity Check all input" add chain=input action=jump jump-target=drop dst-address-type=!local comment="Dropping packets not destined to the router itself, \ including all broadcast traffic" add chain=input action=jump jump-target=drop comment="Drop all other input" add chain=drop action=log disabled=yes add chain=drop action=drop / ip dhcp-server add name="dhcp1" interface=Local address-pool=dhcp_pool1 disabled=no / ip dhcp-server lease add address=10.10.10.3 mac-address=мак-адрес server=dhcp1 add address=10.10.10.2 mac-address=мак-адрес server=dhcp1 add address=10.10.10.5 mac-address=мак-адрес server=dhcp1 add address=10.10.10.6 mac-address=мак-адрес server=dhcp1 add address=10.10.10.7 mac-address=мак-адрес server=dhcp1 / ip dhcp-server network add address=10.10.10.0/24 gateway=10.10.10.1 netmask=24 dns-server=10.10.10.1 / system clock manual set time-zone="+02:00" / system identity set name="име на рутер" / system scheduler add name="changeip3m" on-event=changeip interval=3m / queue type add name="pcq-download" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=200 add name="pcq-upload" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address pcq-total-limit=200 / queue tree add name="Download" parent=Local packet-mark=clients-packets queue=pcq-download priority=1 max-limit=19000000 disabled=no add name="Upload" parent=Public packet-mark=clients-packets queue=pcq-upload priority=1 max-limit=9000000 disabled=no / tool mac-server ping set enabled=no / tool graphing resource add allow-address=0.0.0.0/0 store-on-disk=yes / tool graphing interface add interface=all allow-address=0.0.0.0/0 store-on-disk=yes Инсталиран на VMWare 6.5.0, конфига е пейстнат както се вижда. Потреблението не CPU е по-добре отколкото v3.15 и 3.16 Смятам да използвам v4. понеже не виждам къде ще ми се бъгне след като конкретно тук, ми трябват само ppp, advanced-tools, dhcp и основните пакети за пейстнатия config който виждате. Ако имам проблеми ще пиша на support: http://www.mikrotik.com/support.html p.s. и графиките работят. https://wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service Link to comment Share on other sites More sharing options...
0 NetworkPro Posted December 7, 2008 Report Share Posted December 7, 2008 [...] /system hardware> print multi-cpu: yes [...] /system hardware> Няма забелязани проблеми въпреки неправилната настройка по подразбиране. Процесора е с едно ядро. Public interface CPU Usage https://wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service Link to comment Share on other sites More sharing options...
Question
111111
What's new in 4.0beta1:
*) added support for MetaROUTERs;
*) all test packages are regular ones;
*) console - can mix named and unnamed arguments, can use names for unnamed
argument values. For example all of the following commands are
accepted now:
/ping 10.11.12.13 count=4
/ping address=10.11.12.13 count=4
/ping count=4 10.11.12.13
да го изтестваме тестово
Traffic and system resource graphing
неработи
Форумът е за взаимопомощ а не за свършване на чужда работа
ɹɐǝɥ uɐɔ noʎ ǝɹoɯ ǝɥʇ 'ǝɯoɔǝq noʎ ɹǝʇǝınb ǝɥʇ
Link to comment
Share on other sites
2 answers to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now