Conectar-se

Esqueci minha senha

Estatísticas
Temos 31276 usuários registrados
O último usuário registrado atende pelo nome de cngalves

Os nossos membros postaram um total de 38123 mensagens em 5755 assuntos

Regras Mikrotik

Ir em baixo

Regras Mikrotik

Mensagem por Convidado em Sab 23 Jul - 17:49

Ola galera vamos compartilhar regras, para que possamos ter um bom sistema para competir com provedores com mais poder aquisitivo que tem uma cara so pra dar suporte a eles, vamos nos ajudar ta ai.

proteção contra virus

/ ip firewall filter
add chain=input action=drop in-interface=link dst-port=3128 protocol=tcp \
comment="Bloqueio do Proxy" disabled=no
add chain=input action=accept dst-port=3128 protocol=tcp comment="ACEITAR \
CONEXOES PROXY" disabled=no
add chain=virus action=drop dst-port=445 protocol=udp comment="" disabled=no
add chain=virus action=drop dst-port=593 protocol=tcp comment="" disabled=no
add chain=virus action=drop dst-port=135-139 protocol=tcp comment="Drop \
Blaster Worm" disabled=no
add chain=virus action=drop dst-port=135-139 protocol=udp comment="Drop \
Messenger Worm" disabled=no
add chain=virus action=drop dst-port=445 protocol=tcp comment="Drop Blaster \
Worm" disabled=no
add chain=virus action=drop dst-port=65506 protocol=tcp comment="Drop PhatBot, \
Agobot, Gaobot" disabled=no
add chain=virus action=drop dst-port=1024-1030 protocol=tcp comment="________" \
disabled=no
add chain=virus action=drop dst-port=1080 protocol=tcp comment="Drop MyDoom" \
disabled=no
add chain=virus action=drop dst-port=1214 protocol=tcp comment="________" \
disabled=no
add chain=virus action=drop dst-port=1363 protocol=tcp comment="ndm requester" \
disabled=no
add chain=virus action=drop dst-port=1364 protocol=tcp comment="ndm server" \
disabled=no
add chain=virus action=drop dst-port=1368 protocol=tcp comment="screen cast" \
disabled=no
add chain=virus action=drop dst-port=1373 protocol=tcp comment="hromgrafx" \
disabled=no
add chain=virus action=drop dst-port=1377 protocol=tcp comment="cichlid" \
disabled=no
add chain=virus action=drop dst-port=1433-1434 protocol=tcp comment="Worm" \
disabled=no
add chain=virus action=drop dst-port=2535 protocol=tcp comment="Drop Beagle" \
disabled=no
add chain=virus action=drop dst-port=2745 protocol=tcp comment="Drop \
Beagle.C-K" disabled=no
add chain=virus action=drop dst-port=3410 protocol=tcp comment="Drop Backdoor \
OptixPro" disabled=no
add chain=virus action=drop dst-port=4444 protocol=tcp comment="Worm" \
disabled=no
add chain=virus action=drop dst-port=4444 protocol=udp comment="Worm" \
disabled=no
add chain=virus action=drop dst-port=5554 protocol=tcp comment="Drop Sasser" \
disabled=no
add chain=virus action=drop dst-port=8866 protocol=tcp comment="Drop Beagle.B" \
disabled=no
add chain=virus action=drop dst-port=9898 protocol=tcp comment="Drop \
Dabber.A-B" disabled=no
add chain=virus action=drop dst-port=10000 protocol=tcp comment="Drop \
Dumaru.Y" disabled=no
add chain=virus action=drop dst-port=10080 protocol=tcp comment="Drop \
MyDoom.B" disabled=no
add chain=virus action=drop dst-port=12345 protocol=tcp comment="Drop NetBus" \
disabled=no
add chain=virus action=drop dst-port=17300 protocol=tcp comment="Drop Kuang2" \
disabled=no
add chain=virus action=drop dst-port=27374 protocol=tcp comment="Drop \
SubSeven" disabled=no

regras para mangle controle de banda para sites especificos

/ip firewall mangle
add action=mark-connection chain=prerouting comment=SSH_IN disabled=no dst-port=22 new-connection-mark=conn_ssh_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_ssh_in disabled=no new-packet-mark=ssh_in passthrough=no
add action=mark-connection chain=postrouting comment=SSH_OUT disabled=no new-connection-mark=conn_ssh_out passthrough=yes protocol=tcp src-port=22
add action=mark-packet chain=postrouting comment="" connection-mark=conn_ssh_out disabled=no new-packet-mark=ssh_out passthrough=no
add action=mark-connection chain=prerouting comment=FTP_IN disabled=no dst-port=21 new-connection-mark=conn_ftp_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_ftp_in disabled=no new-packet-mark=ftp_in passthrough=no
add action=mark-connection chain=postrouting comment=FTP_IN disabled=no new-connection-mark=conn_ftp_out passthrough=yes protocol=tcp src-port=21
add action=mark-packet chain=postrouting comment="" connection-mark=conn_ftp_out disabled=no new-packet-mark=ftp_out passthrough=no
add action=mark-connection chain=prerouting comment=DNS_IN disabled=no dst-port=53 new-connection-mark=conn_dns_in passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_dns_in disabled=no new-packet-mark=dns_in passthrough=no
add action=mark-connection chain=postrouting comment=DNS_OUT disabled=no new-connection-mark=conn_dns_out passthrough=yes protocol=udp src-port=53
add action=mark-packet chain=postrouting comment="" connection-mark=conn_dns_out disabled=no new-packet-mark=dns_out passthrough=no
add action=mark-packet chain=prerouting comment="EMAIL IN (POP)" disabled=no dst-port=110 new-packet-mark=email_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="EMAIL SSL IN (POP)" disabled=no dst-port=995 new-packet-mark=email_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="IMAP IN" disabled=no dst-port=143 new-packet-mark=email_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="IMAP SSL IN" disabled=no dst-port=993 new-packet-mark=email_in passthrough=yes protocol=tcp
add action=mark-packet chain=postrouting comment="EMAIL OUT (SMTP)" disabled=no new-packet-mark=email_out passthrough=yes protocol=tcp src-port=25
add action=mark-packet chain=postrouting comment="" disabled=no new-packet-mark=email_out passthrough=yes protocol=udp src-port=25
add action=mark-connection chain=prerouting comment="ORKUT IN" content=orkut disabled=no new-connection-mark=conn_orkut_in passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=conn_orkut_in disabled=no new-packet-mark=orkut_in passthrough=no
add action=mark-connection chain=postrouting comment="ORKUT OUT" content=orkut disabled=no new-connection-mark=conn_orkut_out passthrough=yes
add action=mark-packet chain=postrouting comment="" connection-mark=conn_orkut_out disabled=no new-packet-mark=orkut_out passthrough=no
add action=mark-connection chain=prerouting comment="YOUTUBE IN" content=youtube disabled=no new-connection-mark=conn_youtube_in passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=conn_youtube_in disabled=no new-packet-mark=youtube_in passthrough=no
add action=mark-connection chain=postrouting comment="YOUTUBE OUT" content=youtube disabled=no new-connection-mark=conn_youtube_out passthrough=yes
add action=mark-packet chain=postrouting comment="" connection-mark=conn_youtube_out disabled=no new-packet-mark=youtube_out passthrough=no
add action=mark-connection chain=prerouting comment="HOTMAIL IN" content=hotmail disabled=no new-connection-mark=conn_hotmail_in passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=conn_hotmail_in disabled=no new-packet-mark=hotmail_in passthrough=no
add action=mark-connection chain=postrouting comment="HOTMAIL OUT" content=hotmail disabled=no new-connection-mark=conn_hotmail_out passthrough=yes
add action=mark-packet chain=postrouting comment="" connection-mark=conn_hotmail_out disabled=no new-packet-mark=hotmail_out passthrough=no
add action=mark-connection chain=prerouting comment="RANGE IP DO BRASIL" disabled=no dst-address-list=brasil dst-port=80 new-connection-mark=conn_brasil_in \
passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_brasil_in disabled=no new-packet-mark=ip_brasil_in passthrough=no
add action=mark-connection chain=prerouting comment="HTTP IN" disabled=no dst-port=80 new-connection-mark=conn_all_http_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_all_http_in disabled=no new-packet-mark=all_http_in passthrough=no
add action=mark-connection chain=prerouting comment="HTTP OUT" disabled=no new-connection-mark=conn_all_http_out passthrough=yes protocol=tcp src-port=80
add action=mark-packet chain=postrouting comment="" connection-mark=conn_all_http_out disabled=no new-packet-mark=all_http_out passthrough=no
add action=mark-connection chain=prerouting comment=HTTPS_IN disabled=no dst-port=443 new-connection-mark=conn_https_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_https_in disabled=no new-packet-mark=https_in passthrough=no
add action=mark-connection chain=postrouting comment=HTTPS_OUT disabled=no new-connection-mark=conn_https_out passthrough=yes protocol=tcp src-port=443
add action=mark-packet chain=postrouting comment="" connection-mark=conn_https_out disabled=no new-packet-mark=https_out passthrough=no
add action=mark-connection chain=prerouting comment=MSN_IN disabled=no dst-port=1863 new-connection-mark=conn_msn_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_msn_in disabled=no new-packet-mark=msn_in passthrough=yes
add action=mark-connection chain=prerouting comment="STREAM_IN (tcp)" disabled=no dst-port=537,554,1736,1755,1790,2979 new-connection-mark=conn_stream_in \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="STREAM_IN (udp)" disabled=no dst-port=537,554,1736,1755,1790,2979 new-connection-mark=conn_stream_in \
passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_stream_in disabled=no new-packet-mark=stream_in passthrough=no
add action=mark-connection chain=postrouting comment="STREAM_OUT (tcp)" disabled=no new-connection-mark=conn_stream_out passthrough=yes protocol=tcp \
src-port=537,554,1736,1755,1790,2979
add action=mark-connection chain=postrouting comment="STREAM_OUT (udp)" disabled=no new-connection-mark=conn_stream_out passthrough=yes protocol=udp \
src-port=537,554,1736,1755,1790,2979
add action=mark-packet chain=postrouting comment="" connection-mark=conn_stream_out disabled=no new-packet-mark=stream_out passthrough=no
add action=mark-connection chain=prerouting comment=WINBOX_IN disabled=no dst-port=8291 new-connection-mark=conn_winbox_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_winbox_in disabled=no new-packet-mark=winbox_in passthrough=no
add action=mark-connection chain=postrouting comment=WINBOX_OUT disabled=no new-connection-mark=conn_winbox_out passthrough=yes protocol=tcp src-port=8291
add action=mark-packet chain=postrouting comment="" connection-mark=conn_winbox_out disabled=no new-packet-mark=winbox_out passthrough=no
add action=mark-connection chain=prerouting comment=VOIP_IN disabled=no dst-port=5060-5061 new-connection-mark=conn_voip_in passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_voip_in disabled=no new-packet-mark=voip_in passthrough=no
add action=mark-connection chain=postrouting comment=VOIP_OUT disabled=no new-connection-mark=conn_voip_out passthrough=yes protocol=udp src-port=5060-5061
add action=mark-packet chain=postrouting comment="" connection-mark=conn_voip_out disabled=no new-packet-mark=voip_out passthrough=yes
add action=mark-connection chain=prerouting comment=P2P_IN disabled=no new-connection-mark=conn_p2p_in p2p=all-p2p passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_p2p_in disabled=no new-packet-mark=p2p_in passthrough=no
add action=mark-connection chain=postrouting comment=P2P_OUT disabled=no new-connection-mark=conn_p2p_out p2p=all-p2p passthrough=yes protocol=tcp
add action=mark-packet chain=postrouting comment="" connection-mark=conn_p2p_out disabled=no new-packet-mark=p2p_out passthrough=yes
add action=change-mss chain=forward comment="" disabled=no new-mss=1330 out-interface=pppoe-out1 protocol=tcp tcp-flags=syn

regras para que tree

/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=downloads packet-mark="" parent=global-in priority=\
8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=1024000 max-limit=1024000 name=primario_in packet-mark="" parent=\
downloads priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=100000 name=p2p_in packet-mark=p2p_in parent=global-in \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=500000 name=https_in packet-mark=https_in parent=\
primario_in priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=uploads packet-mark="" parent=global-out priority=8 \
queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=1024000 max-limit=1024000 name=primario_out packet-mark="" parent=\
uploads priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=200000 name=https_out packet-mark=https_out parent=\
primario_out priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=secundario_in packet-mark="" parent=\
downloads priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=secundario_out packet-mark="" parent=\
uploads priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=msn_in packet-mark=msn_in parent=\
primario_in priority=6 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=msn_out packet-mark=msn_out parent=\
primario_out priority=6 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=dns_in packet-mark=dns_in parent=\
primario_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=dns_out packet-mark=dns_out parent=\
primario_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=300000 max-limit=1024000 name=stream_in packet-mark=stream_in parent=\
primario_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 max-limit=200000 name="todo_resto_in - tcp" packet-mark=\
todo_resto_in parent=secundario_in priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 max-limit=200000 name="todo_resto_out - tcp" packet-mark=\
todo_resto_out parent=secundario_out priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=winbox_in packet-mark=winbox_in parent=\
primario_in priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=256000 name=winbox_out packet-mark=winbox_out parent=\
primario_out priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=1024000 name=voip_in packet-mark=voip_in parent=\
primario_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=1024000 name=voip_out packet-mark=voip_out parent=\
primario_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ssh_in packet-mark=ssh_in parent=\
secundario_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ssh_out packet-mark=ssh_out parent=\
secundario_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ftp_in packet-mark=ftp_in parent=\
secundario_in priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ftp_out packet-mark=ftp_out parent=\
secundario_out priority=5 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=500000 name=email_in packet-mark=email_in parent=\
primario_in priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=500000 name=email_out packet-mark=email_out parent=\
primario_out priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=500000 name="ips brasil" packet-mark=ip_brasil_in \
parent=primario_in priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=50000 name=p2p_out packet-mark=p2p_out parent=global-out \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=500000 name=http_in packet-mark="" parent=downloads \
priority=4 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=300000 name=orkut_in packet-mark=orkut_in parent=\
http_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=500000 name=http_out packet-mark="" parent=uploads \
priority=4 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=150000 max-limit=250000 name=orkut_out packet-mark=orkut_out parent=\
http_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=600000 name=all_http_in packet-mark=all_http_in \
parent=primario_in priority=4 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=600000 name=all_http_out packet-mark=all_http_out \
parent=primario_out priority=4 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=300000 max-limit=1024000 name=stream_out packet-mark=stream_out \
parent=primario_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=300000 name=hotmail_in packet-mark=hotmail_in parent=\
http_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=300000 name=hotmail_out packet-mark=hotmail_out \
parent=http_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=1024000 name=youtube packet-mark=youtube_in parent=\
http_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=1024000 name=youtube_out packet-mark=youtube_out \
parent=http_out priority=1 queue=default

regras uteis para firewall

/ ip firewall filter
add chain=input connection-state=established comment="Accept established connections"
add chain=input connection-state=related comment="Accept related connections"
add chain=input connection-state=invalid action=drop comment="Drop invalid connections"
add chain=input protocol=udp action=accept comment="UDP" disabled=no
add chain=input protocol=icmp limit=50/5s,2 comment="Allow limited pings"
add chain=input protocol=icmp action=drop comment="Drop excess pings"
add chain=input protocol=tcp dst-port=22 comment="SSH for secure shell"
add chain=input protocol=tcp dst-port=8291 comment="winbox"
add chain=input action=log log-prefix="DROP INPUT" comment="Log everything else"
add chain=input protocol=tcp dst-port=22 src-address-list=black_list action=drop comment="drop ssh brute
forcers" disabled=no
add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage3 action=add-
src-to-address-list address-list=black_list address-list-timeout=1d comment="" disabled=no
add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage2 action=add-
src-to-address-list address-list=ssh_stage3 address-list-timeout=1m comment="" disabled=no
add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage1 action=add-
src-to-address-list address-list=ssh_stage2 address-list-timeout=1m comment="" disabled=no
add chain=input protocol=tcp dst-port=22 connection-state=new action=add-src-to-address-list address-
list=ssh_stage1 address-list-timeout=1m comment="" disabled=no

user profiles


/ip hotspot user profile
set default idle-timeout=none keepalive-timeout=2m name=default shared-users=\
1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=128k rate-limit=64k/128k \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=200k rate-limit=64k/200k \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=150k rate-limit=128k/150k \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=64k rate-limit=32k/64k \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=80k rate-limit=54k/80k \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add advertise=yes advertise-interval=2m advertise-timeout=15s advertise-url=\
aviso.html idle-timeout=5m keepalive-timeout=2m name=Aviso \
open-status-page=always rate-limit=64k/128k shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=yes advertise-interval=1s advertise-timeout=immediately \
advertise-url=bloqueio.html idle-timeout=5m keepalive-timeout=2m name=\
Bloqueio open-status-page=always shared-users=1 status-autorefresh=1m \
transparent-proxy=yes

valler garden

/ip hotspot walled-garden
add action=allow comment="" disabled=yes dst-host=*pagseguro* dst-port=443
add action=allow comment="" disabled=yes dst-host=*pagseguro* dst-port=80
add action=allow comment="" disabled=no dst-host=*spreadsheets.google.com* \
dst-port=443
add action=allow comment="" disabled=no dst-host=*spreadsheets.google.com* \
dst-port=80
add action=allow comment="" disabled=no dst-host=*f2b* dst-port=443
add action=allow comment="" disabled=no dst-host=*f2b* dst-port=80

web proxy cache


/ip proxy cache
add action=deny comment="" disabled=no dst-host=":cgi-bin \\\?"
add action=deny comment="" disabled=no dst-host=https: path=/
add action=allow comment="" disabled=no dst-host=http: path=\
/www.rjnet.com.br/2velocimetro.php
add action=allow comment="" disabled=no dst-host=http: path=/www.terra.com.br
add action=deny comment="" disabled=no dst-host=":cgi-bin \\\\\\\?"
add action=deny comment="" disabled=no dst-host=https: path=/
add action=allow comment="" disabled=no dst-host=http: path=\
/www.rapidus.com.br/velocidade/
add action=allow comment="" disabled=no dst-host=http: path=/www.bol.com.br
add action=allow comment="" disabled=no dst-host=http: path=/www.orkut.com
add action=allow comment="" disabled=no dst-host=http: path=\
/www.autonoma.com.br/medidor/meter.php
add action=allow comment="" disabled=no dst-host=http: path=\
/medidor.brisanet.com.br/
add action=deny comment="" disabled=no dst-host=https: path=\
/portal.directv.com.br
add action=deny comment="" disabled=no dst-host=http: path=\
/chat03.terra.com.br/
add action=allow comment="" disabled=no dst-host=http*youtube*get_video*
add action=allow comment="" disabled=no dst-host=http*youtube*video*
add action=allow comment="" disabled=no dst-host=\
"http*youtube*yva_get_video_inf o*"
add action=allow comment="" disabled=no dst-host="":\\\\\\\\.flv\$""
add action=allow comment="" disabled=no dst-host=http*globo*get_video*
add action=allow comment="" disabled=no dst-host=http*globo*video*
add action=allow comment="" disabled=no dst-host=http*googlevideo*get_video*
add action=allow comment="" disabled=no dst-host=http*googlevideo*video*
add action=allow comment="" disabled=no dst-host=http*video.google*get_video*
add action=allow comment="" disabled=no dst-host=http*video.google*video*
add action=allow comment="" disabled=no dst-host=http*videoplay*
add action=allow comment="" disabled=no dst-host=http*74.125.15.83*get_video*
add action=allow comment="" disabled=no dst-host=: path=:.swf*
add action=deny comment="" disabled=no dst-host=":cgi-bin \\\?"
add action=deny comment="" disabled=no dst-host=https: path=/
add action=deny comment="" disabled=no dst-host=":cgi-bin \\\?"
add action=deny comment="" disabled=no dst-host=start.com.br
add action=deny comment="" disabled=no dst-host=http: path=/speed
add action=deny comment="" disabled=no dst-host=https: path=/
add action=allow comment="" disabled=no dst-host=":\\.exe\$"
add action=allow comment="" disabled=no dst-host=":\\.zip\$"
add action=allow comment="" disabled=no dst-host=":\\.mpeg\$"
add action=allow comment="" disabled=no dst-host=":\\.avi\$"
add action=allow comment="" disabled=no dst-host=":\\.pdf\$"
add action=allow comment="" disabled=no dst-host=":\\.css\$"
add action=allow comment="" disabled=no dst-host=":\\.rar\$"
add action=allow comment="" disabled=no dst-host=":\\.mov\$"
add action=allow comment="" disabled=no dst-host=":\\.mpg\$"
add action=allow comment="" disabled=no dst-host=":\\.iso\$"
add action=allow comment="" disabled=no dst-host=":\\.bin\$"
add action=allow comment="" disabled=no dst-host=":\\.dat\$"
add action=allow comment="" disabled=no dst-host=www.terra.com.br
add action=deny comment="" disabled=no dst-host=":cgi-bin \\\\\\\?"
add action=deny comment="" disabled=no dst-host=https:/
add action=allow comment="" disabled=no dst-host=http: path=\
/www.rapidus.com.br/velocidade/
add action=allow comment="" disabled=no dst-host=http: path=/www.bol.com.br
add action=allow comment="" disabled=no dst-host=http: path=/www.orkut.com
add action=allow comment="" disabled=no dst-host=http: path=\
/www.autonoma.com.br/medidor/meter.php
add action=allow comment="" disabled=no dst-host=http: path=\
/medidor.brisanet.com.br/
add action=deny comment="" disabled=no dst-host=https: path=\
/portal.directv.com.br
add action=deny comment="" disabled=no dst-host=http://chat03.terra.com.br/
add action=allow comment="" disabled=no dst-host=http*youtube*get_video*
add action=allow comment="" disabled=no dst-host=http*youtube*video*
add action=allow comment="" disabled=no dst-host=\
"http*youtube*yva_get_video_inf o*"
add action=allow comment="" disabled=no dst-host="":\\\\\\\\.flv\$""
add action=allow comment="" disabled=no dst-host=http*globo*get_video*
add action=allow comment="" disabled=no dst-host=http*globo*video*
add action=allow comment="" disabled=no dst-host=http*googlevideo*get_video*
add action=allow comment="" disabled=no dst-host=http*googlevideo*video*
add action=allow comment="" disabled=no dst-host=http*video.google*get_video*
add action=allow comment="" disabled=no dst-host=http*video.google*video*
add action=allow comment="" disabled=no dst-host=http*videoplay*
add action=allow comment="" disabled=no dst-host=http*74.125.15.83*get_video*
add action=allow comment="" disabled=no dst-host=::.swf* path=""
add action=deny comment="" disabled=no dst-host=":cgi-bin \\\?"
add action=deny comment="" disabled=no dst-host=":cgi-bin \\\?"
add action=deny comment="" disabled=no dst-host=start.com.br
add action=deny comment="" disabled=no dst-host=http://speed path=""
add action=allow comment="" disabled=no dst-host=":\\.exe\$"
add action=allow comment="" disabled=no dst-host=":\\.zip\$"
add action=allow comment="" disabled=no dst-host=":\\.mpeg\$"
add action=allow comment="" disabled=no dst-host=":\\.avi\$"
add action=allow comment="" disabled=no dst-host=":\\.pdf\$"
add action=allow comment="" disabled=no dst-host=":\\.css\$"
add action=allow comment="" disabled=no dst-host=":\\.rar\$"
add action=allow comment="" disabled=no dst-host=":\\.mov\$"
add action=allow comment="" disabled=no dst-host=":\\.mpg\$"
add action=allow comment="" disabled=no dst-host=":\\.iso\$"
add action=allow comment="" disabled=no dst-host=":\\.bin\$"
add action=allow comment="" disabled=no dst-host=":\\.dat\$"

web-proxy cache full

/ip proxy
set always-from-cache=yes cache-administrator=webmaster cache-hit-dscp=4 \
cache-on-disk=yes enabled=yes max-cache-size=unlimited \
max-client-connections=600 max-fresh-time=3d max-server-connections=600 \
parent-proxy=0.0.0.0 parent-proxy-port=0 port=3128 serialize-connections=\
yes src-address=0.0.0.0
/ip firewall filter
add chain=input action=drop in-interface=link dst-port=3128 protocol=tcp \
comment="Bloqueio do Proxy" disabled=no
add chain=input action=accept dst-port=3128 protocol=tcp comment="ACEITAR \
CONEXOES PROXY" disabled=no

/ip firewall nat
add action=redirect chain=dstnat comment="Redirecionamento do Proxy" disabled=no dst-port=80 \
in-interface=clientes protocol=tcp src-address=192.168.1.0/24 to-ports=\
3128

/ip firewall mangle
add action=accept chain=output comment="qcept proxy" disabled=no dscp=4
add action=mark-packet chain=output comment=";;; HIT TRAFFIC FROM PROXY " \
disabled=no dscp=!4 new-packet-mark=proxy-hit out-interface=clientes \
passthrough=no
add action=mark-packet chain=prerouting comment=";;; UP TRAFFIC" disabled=no \
in-interface=clientes new-packet-mark=proxy-up passthrough=no \
src-address=192.168.1.0/24
add action=mark-connection chain=forward comment=";;; CONN-MARK" disabled=no \
new-connection-mark=proxy-conn passthrough=yes src-address=192.168.1.0/24
add action=mark-packet chain=forward comment=";;; DOWN-DIRECT CONNECTION" \
connection-mark=proxy-conn disabled=no in-interface=link new-packet-mark=\
proxy-down passthrough=no
add action=mark-packet chain=output comment=";;; DOWN-VIA PROXY" disabled=no \
new-packet-mark=proxy-down out-interface=clientes passthrough=no \
src-address=192.168.1.0/24
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=100000 name=downstream packet-mark=proxy-down parent=global-in \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=100000 name=upstream packet-mark=proxy-up parent=global-in \
priority=8 queue=default

controle p2p

/ip firewall mangle
add action=mark-connection chain=prerouting comment="CONTROLE P2P" disabled=\
no new-connection-mark=conexao-p2p p2p=all-p2p passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=\
conexao-p2p disabled=no new-packet-mark=Pacotes-P2P p2p=all-p2p \
passthrough=yes

/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=64k name=P2P-IN packet-mark=Pacotes-P2P parent=global-in \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=64k name=P2P-OUT packet-mark=Pacotes-P2P parent=global-out \
priority=8 queue=default

scripts

#----------------------------------------------------------
#Script para fazer backup automatico siga o video
#/system script
#nome do script
backup automatico
/system backup save name=Backup
#/system scheduler
#nome do agendamento
backup automatico
/system script run backup automatico
#----------------------------------------------------------
#Script para enviar backup por e-mail siga o video
#/system script
#nome do script
send_backup_to_mail
/tool e-mail send [email=to=suporte@router-os.com]to=suporte@router-os.com[/email] subject=Backup_SuperNet12Rica_Mikrotik file=Backup.backup
#/system scheduler
#nome do agendamento
enviar_backup_para_mail
/system script run send_backup_to_mail
#----------------------------------------------------------
#Script para reeiniciar o servidor siga o video
#Script para reebot
#/system script
#nome do script
reebot
/system reboot

#/system scheduler
#nome do agendamento
reboot
/system script run reebot
#__________________________________________________________
#Script para controle dos Pais siga o video
#/system scheduler
#Para abilitar a conexão
#nome do agendamento
controle pais on
/ip hotspot user enable teste
# para desabilitar o usuario
#nome do agendamento
controle pais off
/ip hotspot user disable teste
/ip hotspot active remove [find user=teste]
#----------------------------------------------------------
#Script para atualizar o dns dinamico siga o video

#/system script
#Script 01
#nome do script
ddns
#int-DDNS.Info
/tool dns-update name=seuhost.ddns.info address=127.0.0.255 key-name=usuario_ddns key="senha_ddns"
######################################
#Script para atualizar o dns dinamico siga o video
#Script 02
#/system script
#nome do script
ddns
# Dynamic DNS Update / Simple Edition
# Written by Sam Norris, ChangeIP.com
# Copyright ChangeIP.com 2009-2010
# For support send mail to Support@ChangeIP.com
#
# 2009-06-22 RouterOS 3.25 Tested
# 2009-10-05 RouterOS 4.01rc1 Tested
#
# OVERVIEW: %
# This script will update a ChangeIP.com dynamic dns hostname
# with an ip address located directly on an interface.
# %
# NOTES: %
# IF THIS SCRIPT DOES NOT PRODUCE ANY OUTPUT PLEASE COPY AND PASTE IT
# AGAIN. THERE PROBABLY IS A LINE BREAK IN THE WRONG PLACE! Once you
# have created this script and tested that it works by running it
# manually you can schedule it to run every few minutes.
# %
# CONFIGURATION FIELD DEFINITIONS:
# ddnsuser: Enter your ChangeIP.com user id.
# ddnspass: Enter your ChangeIP.com password.
# ddnshost: Enter the hostname (www.example.com) to update.
# ddnsinterface: Enter an interface name - case sensative.
# %
# %
# %
# %
# % % %
# % % %
# % % %
# %
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# EDIT YOUR DETAILS / CONFIGURATION HERE
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
:global ddnsuser "nome de usuario ddns"
:global ddnspass "senha de acesso ddns"
:global ddnshost "seu_host.ddns.info"
:global ddnsinterface "pppoe-out1"
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# END OF USER DEFINED CONFIGURATION
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
:global ddnssystem ("mt-" . [/system package get [/system package find name=system] version] )
:global ddnsip [ /ip address get [/ip address find interface=$ddnsinterface] address ]
:global ddnslastip
:if ([:len [/interface find name=$ddnsinterface]] = 0 ) do={ :log info "DDNS: No interface named $ddnsinterface, please check configuration." }
:if ([ :typeof $ddnslastip ] = "nothing" ) do={ :global ddnslastip 0.0.0.0/0 }
:if ([ :typeof $ddnsip ] = "nothing" ) do={
:log info ("DDNS: No ip address present on " . $ddnsinterface . ", please check.")
} else={
:if ($ddnsip != $ddnslastip) do={
:log info "DDNS: Sending UPDATE!"
:log info [ :put [/tool dns-update name=$ddnshost address=[:pick $ddnsip 0 [:find $ddnsip "/"] ] key-name=$ddnsuser key=$ddnspass ] ]
:global ddnslastip $ddnsip
} else={
:log info "DDNS: No changes necessary."
}
}
# END OF SCRIPT
#########################################################
#/system scheduler
#agendamento no scheduler
/system script run ddns
#----------------------------------------------------------

Convidado
Convidado


Voltar ao Topo Ir em baixo

Re: Regras Mikrotik

Mensagem por luisokobra em Sab 30 Jul - 20:14

Vlw velhino pelas regras..

obrigadão mesmo

show de bola pelo post





so uma duvida o que e valler garden ??

abraço

luisokobra
Iniciante
Iniciante

Mensagens : 75
Pontos : 103
Reputação : 2
Data de inscrição : 07/06/2011
Idade : 33
Localização Localização : 98807130

Voltar ao Topo Ir em baixo

Re: Regras Mikrotik

Mensagem por jkvianna em Sab 20 Ago - 22:59

Olá boa noite,sou novo em MK mas gostaria muito de saber onde coloco essas regras...Por onde começar

jkvianna
Baby
Baby

Mensagens : 2
Pontos : 2
Reputação : 0
Data de inscrição : 20/08/2011
Idade : 45
Localização Localização : SP

Voltar ao Topo Ir em baixo

Re: Regras Mikrotik

Mensagem por colibrinetwork em Dom 21 Ago - 0:05

COPIAR E COLAR EM NEW TERMINAL...
OBS,NÃO ESQUEÇA DE ADAPTAR A RANGER DE IPS,PODE ESTAR FORA DE SUA RANGE....


Última edição por colibrinetwork em Dom 21 Ago - 10:32, editado 1 vez(es)
avatar
colibrinetwork
User
User

Mensagens : 108
Pontos : 143
Reputação : 20
Data de inscrição : 25/01/2011
Idade : 37
Localização Localização : Mar de Espanha

Voltar ao Topo Ir em baixo

Re: Regras Mikrotik

Mensagem por colibrinetwork em Dom 21 Ago - 0:11

ISSO AÍ MANO CCS...
avatar
colibrinetwork
User
User

Mensagens : 108
Pontos : 143
Reputação : 20
Data de inscrição : 25/01/2011
Idade : 37
Localização Localização : Mar de Espanha

Voltar ao Topo Ir em baixo

Re: Regras Mikrotik

Mensagem por jkvianna em Dom 21 Ago - 1:03

Esqueci de dizer que eu uso uma RB750G Versão 4.17....

jkvianna
Baby
Baby

Mensagens : 2
Pontos : 2
Reputação : 0
Data de inscrição : 20/08/2011
Idade : 45
Localização Localização : SP

Voltar ao Topo Ir em baixo

Re: Regras Mikrotik

Mensagem por silvioabc em Seg 31 Out - 20:25

obrigado...
avatar
silvioabc
Baby
Baby

Mensagens : 1
Pontos : 1
Reputação : 0
Data de inscrição : 13/08/2011
Idade : 50
Localização Localização : aqui em casa

Voltar ao Topo Ir em baixo

Re: Regras Mikrotik

Mensagem por BBD NET em Sex 4 Nov - 7:03

Amigo muito boa sua iniciativa mas seria bom vc organizar isso aii..
tipo serar as regras comentar cada um e dizer pra q intuito são cada ...
espero ter dado contribuição para o post
avatar
BBD NET
Power User
Power User

Mensagens : 690
Pontos : 860
Reputação : 156
Data de inscrição : 02/06/2011
Idade : 26
Localização Localização : Cipó, Bahia

http://www.bbdnet.com.br

Voltar ao Topo Ir em baixo

Re: Regras Mikrotik

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum