Entrar
Últimos assuntos
» internet lentapor brooklin_sul Qui 11 Abr - 19:17
» Como pingar pelos dois links
por bruno9988 Ter 20 Fev - 19:12
» BFW em paralelo com Mikrotik
por antoniogiga Qui 18 Jan - 1:40
» NAT MIKROTIK
por squall1808 Seg 8 Jan - 18:07
» Aumenta Lucro do provedor com Servidor de FILME - Dica como montar um " Netflix"
por bruno9988 Ter 19 Dez - 17:59
» hotspot conexao lenta
por brooklin_sul Seg 18 Dez - 1:04
» Acessar Radio e roteadores pelo Mikrotik
por antoniogiga Ter 15 Nov - 16:49
» [Resolvido]Balanceamento usando o Net Virtua ( Netcombo)
por antoniogiga Ter 15 Nov - 8:02
» whatsapp lento
por antoniogiga Ter 15 Nov - 8:00
» to de volta qual quer duvida soh chamar
por antoniogiga Ter 15 Nov - 7:58
» Firmware ApRouter em Radio - Chipset rtl8186!
por antoniogiga Dom 17 Jul - 18:02
» QoS por mac-address (ou IP amarrado) quando tenho 01 mikrotik + 05 routers
por rdnetwork Sex 4 Fev - 7:58
» Microtik - OpenVPN não conecta com 2 links 2 internet balanceados
por vagneroliveira Qui 3 Fev - 6:44
» Software gerenciamento ZTE C320
por lancecom Qui 18 Mar - 11:27
» Software Gerenciamento ZTE C320
por lancecom Seg 15 Mar - 17:21
Tópicos semelhantes
Top dos mais postadores
| claudinhohw Network |
| |||
| morais2707 |
| |||
| cristiano.micros |
| |||
| cdanielboy |
| |||
| Sixagencia Networks |
| |||
| ZBTECK |
| |||
| dsdigital |
| |||
| BBD NET |
| |||
| Gerônimo |
| |||
| Marcelo |
|
Estatísticas
Temos 31897 usuários registradosO último membro registrado é fhca78
Os nossos membros postaram um total de 38285 mensagens em 5803 assuntos
Regras Mikrotik
5 participantes
Página 1 de 1
Regras Mikrotik
por Convidado Sáb 23 Jul - 17:49
Ola galera vamos compartilhar regras, para que possamos ter um bom sistema para competir com provedores com mais poder aquisitivo que tem uma cara so pra dar suporte a eles, vamos nos ajudar ta ai.
proteção contra virus
/ ip firewall filter
add chain=input action=drop in-interface=link dst-port=3128 protocol=tcp \
comment="Bloqueio do Proxy" disabled=no
add chain=input action=accept dst-port=3128 protocol=tcp comment="ACEITAR \
CONEXOES PROXY" disabled=no
add chain=virus action=drop dst-port=445 protocol=udp comment="" disabled=no
add chain=virus action=drop dst-port=593 protocol=tcp comment="" disabled=no
add chain=virus action=drop dst-port=135-139 protocol=tcp comment="Drop \
Blaster Worm" disabled=no
add chain=virus action=drop dst-port=135-139 protocol=udp comment="Drop \
Messenger Worm" disabled=no
add chain=virus action=drop dst-port=445 protocol=tcp comment="Drop Blaster \
Worm" disabled=no
add chain=virus action=drop dst-port=65506 protocol=tcp comment="Drop PhatBot, \
Agobot, Gaobot" disabled=no
add chain=virus action=drop dst-port=1024-1030 protocol=tcp comment="________" \
disabled=no
add chain=virus action=drop dst-port=1080 protocol=tcp comment="Drop MyDoom" \
disabled=no
add chain=virus action=drop dst-port=1214 protocol=tcp comment="________" \
disabled=no
add chain=virus action=drop dst-port=1363 protocol=tcp comment="ndm requester" \
disabled=no
add chain=virus action=drop dst-port=1364 protocol=tcp comment="ndm server" \
disabled=no
add chain=virus action=drop dst-port=1368 protocol=tcp comment="screen cast" \
disabled=no
add chain=virus action=drop dst-port=1373 protocol=tcp comment="hromgrafx" \
disabled=no
add chain=virus action=drop dst-port=1377 protocol=tcp comment="cichlid" \
disabled=no
add chain=virus action=drop dst-port=1433-1434 protocol=tcp comment="Worm" \
disabled=no
add chain=virus action=drop dst-port=2535 protocol=tcp comment="Drop Beagle" \
disabled=no
add chain=virus action=drop dst-port=2745 protocol=tcp comment="Drop \
Beagle.C-K" disabled=no
add chain=virus action=drop dst-port=3410 protocol=tcp comment="Drop Backdoor \
OptixPro" disabled=no
add chain=virus action=drop dst-port=4444 protocol=tcp comment="Worm" \
disabled=no
add chain=virus action=drop dst-port=4444 protocol=udp comment="Worm" \
disabled=no
add chain=virus action=drop dst-port=5554 protocol=tcp comment="Drop Sasser" \
disabled=no
add chain=virus action=drop dst-port=8866 protocol=tcp comment="Drop Beagle.B" \
disabled=no
add chain=virus action=drop dst-port=9898 protocol=tcp comment="Drop \
Dabber.A-B" disabled=no
add chain=virus action=drop dst-port=10000 protocol=tcp comment="Drop \
Dumaru.Y" disabled=no
add chain=virus action=drop dst-port=10080 protocol=tcp comment="Drop \
MyDoom.B" disabled=no
add chain=virus action=drop dst-port=12345 protocol=tcp comment="Drop NetBus" \
disabled=no
add chain=virus action=drop dst-port=17300 protocol=tcp comment="Drop Kuang2" \
disabled=no
add chain=virus action=drop dst-port=27374 protocol=tcp comment="Drop \
SubSeven" disabled=no
regras para mangle controle de banda para sites especificos
/ip firewall mangle
add action=mark-connection chain=prerouting comment=SSH_IN disabled=no dst-port=22 new-connection-mark=conn_ssh_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_ssh_in disabled=no new-packet-mark=ssh_in passthrough=no
add action=mark-connection chain=postrouting comment=SSH_OUT disabled=no new-connection-mark=conn_ssh_out passthrough=yes protocol=tcp src-port=22
add action=mark-packet chain=postrouting comment="" connection-mark=conn_ssh_out disabled=no new-packet-mark=ssh_out passthrough=no
add action=mark-connection chain=prerouting comment=FTP_IN disabled=no dst-port=21 new-connection-mark=conn_ftp_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_ftp_in disabled=no new-packet-mark=ftp_in passthrough=no
add action=mark-connection chain=postrouting comment=FTP_IN disabled=no new-connection-mark=conn_ftp_out passthrough=yes protocol=tcp src-port=21
add action=mark-packet chain=postrouting comment="" connection-mark=conn_ftp_out disabled=no new-packet-mark=ftp_out passthrough=no
add action=mark-connection chain=prerouting comment=DNS_IN disabled=no dst-port=53 new-connection-mark=conn_dns_in passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_dns_in disabled=no new-packet-mark=dns_in passthrough=no
add action=mark-connection chain=postrouting comment=DNS_OUT disabled=no new-connection-mark=conn_dns_out passthrough=yes protocol=udp src-port=53
add action=mark-packet chain=postrouting comment="" connection-mark=conn_dns_out disabled=no new-packet-mark=dns_out passthrough=no
add action=mark-packet chain=prerouting comment="EMAIL IN (POP)" disabled=no dst-port=110 new-packet-mark=email_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="EMAIL SSL IN (POP)" disabled=no dst-port=995 new-packet-mark=email_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="IMAP IN" disabled=no dst-port=143 new-packet-mark=email_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="IMAP SSL IN" disabled=no dst-port=993 new-packet-mark=email_in passthrough=yes protocol=tcp
add action=mark-packet chain=postrouting comment="EMAIL OUT (SMTP)" disabled=no new-packet-mark=email_out passthrough=yes protocol=tcp src-port=25
add action=mark-packet chain=postrouting comment="" disabled=no new-packet-mark=email_out passthrough=yes protocol=udp src-port=25
add action=mark-connection chain=prerouting comment="ORKUT IN" content=orkut disabled=no new-connection-mark=conn_orkut_in passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=conn_orkut_in disabled=no new-packet-mark=orkut_in passthrough=no
add action=mark-connection chain=postrouting comment="ORKUT OUT" content=orkut disabled=no new-connection-mark=conn_orkut_out passthrough=yes
add action=mark-packet chain=postrouting comment="" connection-mark=conn_orkut_out disabled=no new-packet-mark=orkut_out passthrough=no
add action=mark-connection chain=prerouting comment="YOUTUBE IN" content=youtube disabled=no new-connection-mark=conn_youtube_in passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=conn_youtube_in disabled=no new-packet-mark=youtube_in passthrough=no
add action=mark-connection chain=postrouting comment="YOUTUBE OUT" content=youtube disabled=no new-connection-mark=conn_youtube_out passthrough=yes
add action=mark-packet chain=postrouting comment="" connection-mark=conn_youtube_out disabled=no new-packet-mark=youtube_out passthrough=no
add action=mark-connection chain=prerouting comment="HOTMAIL IN" content=hotmail disabled=no new-connection-mark=conn_hotmail_in passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=conn_hotmail_in disabled=no new-packet-mark=hotmail_in passthrough=no
add action=mark-connection chain=postrouting comment="HOTMAIL OUT" content=hotmail disabled=no new-connection-mark=conn_hotmail_out passthrough=yes
add action=mark-packet chain=postrouting comment="" connection-mark=conn_hotmail_out disabled=no new-packet-mark=hotmail_out passthrough=no
add action=mark-connection chain=prerouting comment="RANGE IP DO BRASIL" disabled=no dst-address-list=brasil dst-port=80 new-connection-mark=conn_brasil_in \
passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_brasil_in disabled=no new-packet-mark=ip_brasil_in passthrough=no
add action=mark-connection chain=prerouting comment="HTTP IN" disabled=no dst-port=80 new-connection-mark=conn_all_http_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_all_http_in disabled=no new-packet-mark=all_http_in passthrough=no
add action=mark-connection chain=prerouting comment="HTTP OUT" disabled=no new-connection-mark=conn_all_http_out passthrough=yes protocol=tcp src-port=80
add action=mark-packet chain=postrouting comment="" connection-mark=conn_all_http_out disabled=no new-packet-mark=all_http_out passthrough=no
add action=mark-connection chain=prerouting comment=HTTPS_IN disabled=no dst-port=443 new-connection-mark=conn_https_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_https_in disabled=no new-packet-mark=https_in passthrough=no
add action=mark-connection chain=postrouting comment=HTTPS_OUT disabled=no new-connection-mark=conn_https_out passthrough=yes protocol=tcp src-port=443
add action=mark-packet chain=postrouting comment="" connection-mark=conn_https_out disabled=no new-packet-mark=https_out passthrough=no
add action=mark-connection chain=prerouting comment=MSN_IN disabled=no dst-port=1863 new-connection-mark=conn_msn_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_msn_in disabled=no new-packet-mark=msn_in passthrough=yes
add action=mark-connection chain=prerouting comment="STREAM_IN (tcp)" disabled=no dst-port=537,554,1736,1755,1790,2979 new-connection-mark=conn_stream_in \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="STREAM_IN (udp)" disabled=no dst-port=537,554,1736,1755,1790,2979 new-connection-mark=conn_stream_in \
passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_stream_in disabled=no new-packet-mark=stream_in passthrough=no
add action=mark-connection chain=postrouting comment="STREAM_OUT (tcp)" disabled=no new-connection-mark=conn_stream_out passthrough=yes protocol=tcp \
src-port=537,554,1736,1755,1790,2979
add action=mark-connection chain=postrouting comment="STREAM_OUT (udp)" disabled=no new-connection-mark=conn_stream_out passthrough=yes protocol=udp \
src-port=537,554,1736,1755,1790,2979
add action=mark-packet chain=postrouting comment="" connection-mark=conn_stream_out disabled=no new-packet-mark=stream_out passthrough=no
add action=mark-connection chain=prerouting comment=WINBOX_IN disabled=no dst-port=8291 new-connection-mark=conn_winbox_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_winbox_in disabled=no new-packet-mark=winbox_in passthrough=no
add action=mark-connection chain=postrouting comment=WINBOX_OUT disabled=no new-connection-mark=conn_winbox_out passthrough=yes protocol=tcp src-port=8291
add action=mark-packet chain=postrouting comment="" connection-mark=conn_winbox_out disabled=no new-packet-mark=winbox_out passthrough=no
add action=mark-connection chain=prerouting comment=VOIP_IN disabled=no dst-port=5060-5061 new-connection-mark=conn_voip_in passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_voip_in disabled=no new-packet-mark=voip_in passthrough=no
add action=mark-connection chain=postrouting comment=VOIP_OUT disabled=no new-connection-mark=conn_voip_out passthrough=yes protocol=udp src-port=5060-5061
add action=mark-packet chain=postrouting comment="" connection-mark=conn_voip_out disabled=no new-packet-mark=voip_out passthrough=yes
add action=mark-connection chain=prerouting comment=P2P_IN disabled=no new-connection-mark=conn_p2p_in p2p=all-p2p passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_p2p_in disabled=no new-packet-mark=p2p_in passthrough=no
add action=mark-connection chain=postrouting comment=P2P_OUT disabled=no new-connection-mark=conn_p2p_out p2p=all-p2p passthrough=yes protocol=tcp
add action=mark-packet chain=postrouting comment="" connection-mark=conn_p2p_out disabled=no new-packet-mark=p2p_out passthrough=yes
add action=change-mss chain=forward comment="" disabled=no new-mss=1330 out-interface=pppoe-out1 protocol=tcp tcp-flags=syn
regras para que tree
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=downloads packet-mark="" parent=global-in priority=\
8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=1024000 max-limit=1024000 name=primario_in packet-mark="" parent=\
downloads priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=100000 name=p2p_in packet-mark=p2p_in parent=global-in \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=500000 name=https_in packet-mark=https_in parent=\
primario_in priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=uploads packet-mark="" parent=global-out priority=8 \
queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=1024000 max-limit=1024000 name=primario_out packet-mark="" parent=\
uploads priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=200000 name=https_out packet-mark=https_out parent=\
primario_out priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=secundario_in packet-mark="" parent=\
downloads priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=secundario_out packet-mark="" parent=\
uploads priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=msn_in packet-mark=msn_in parent=\
primario_in priority=6 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=msn_out packet-mark=msn_out parent=\
primario_out priority=6 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=dns_in packet-mark=dns_in parent=\
primario_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=dns_out packet-mark=dns_out parent=\
primario_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=300000 max-limit=1024000 name=stream_in packet-mark=stream_in parent=\
primario_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 max-limit=200000 name="todo_resto_in - tcp" packet-mark=\
todo_resto_in parent=secundario_in priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 max-limit=200000 name="todo_resto_out - tcp" packet-mark=\
todo_resto_out parent=secundario_out priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=winbox_in packet-mark=winbox_in parent=\
primario_in priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=256000 name=winbox_out packet-mark=winbox_out parent=\
primario_out priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=1024000 name=voip_in packet-mark=voip_in parent=\
primario_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=1024000 name=voip_out packet-mark=voip_out parent=\
primario_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ssh_in packet-mark=ssh_in parent=\
secundario_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ssh_out packet-mark=ssh_out parent=\
secundario_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ftp_in packet-mark=ftp_in parent=\
secundario_in priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ftp_out packet-mark=ftp_out parent=\
secundario_out priority=5 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=500000 name=email_in packet-mark=email_in parent=\
primario_in priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=500000 name=email_out packet-mark=email_out parent=\
primario_out priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=500000 name="ips brasil" packet-mark=ip_brasil_in \
parent=primario_in priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=50000 name=p2p_out packet-mark=p2p_out parent=global-out \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=500000 name=http_in packet-mark="" parent=downloads \
priority=4 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=300000 name=orkut_in packet-mark=orkut_in parent=\
http_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=500000 name=http_out packet-mark="" parent=uploads \
priority=4 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=150000 max-limit=250000 name=orkut_out packet-mark=orkut_out parent=\
http_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=600000 name=all_http_in packet-mark=all_http_in \
parent=primario_in priority=4 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=600000 name=all_http_out packet-mark=all_http_out \
parent=primario_out priority=4 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=300000 max-limit=1024000 name=stream_out packet-mark=stream_out \
parent=primario_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=300000 name=hotmail_in packet-mark=hotmail_in parent=\
http_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=300000 name=hotmail_out packet-mark=hotmail_out \
parent=http_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=1024000 name=youtube packet-mark=youtube_in parent=\
http_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=1024000 name=youtube_out packet-mark=youtube_out \
parent=http_out priority=1 queue=default
regras uteis para firewall
/ ip firewall filter
add chain=input connection-state=established comment="Accept established connections"
add chain=input connection-state=related comment="Accept related connections"
add chain=input connection-state=invalid action=drop comment="Drop invalid connections"
add chain=input protocol=udp action=accept comment="UDP" disabled=no
add chain=input protocol=icmp limit=50/5s,2 comment="Allow limited pings"
add chain=input protocol=icmp action=drop comment="Drop excess pings"
add chain=input protocol=tcp dst-port=22 comment="SSH for secure shell"
add chain=input protocol=tcp dst-port=8291 comment="winbox"
add chain=input action=log log-prefix="DROP INPUT" comment="Log everything else"
add chain=input protocol=tcp dst-port=22 src-address-list=black_list action=drop comment="drop ssh brute
forcers" disabled=no
add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage3 action=add-
src-to-address-list address-list=black_list address-list-timeout=1d comment="" disabled=no
add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage2 action=add-
src-to-address-list address-list=ssh_stage3 address-list-timeout=1m comment="" disabled=no
add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage1 action=add-
src-to-address-list address-list=ssh_stage2 address-list-timeout=1m comment="" disabled=no
add chain=input protocol=tcp dst-port=22 connection-state=new action=add-src-to-address-list address-
list=ssh_stage1 address-list-timeout=1m comment="" disabled=no
user profiles
/ip hotspot user profile
set default idle-timeout=none keepalive-timeout=2m name=default shared-users=\
1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=128k rate-limit=64k/128k \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=200k rate-limit=64k/200k \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=150k rate-limit=128k/150k \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=64k rate-limit=32k/64k \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=80k rate-limit=54k/80k \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add advertise=yes advertise-interval=2m advertise-timeout=15s advertise-url=\
aviso.html idle-timeout=5m keepalive-timeout=2m name=Aviso \
open-status-page=always rate-limit=64k/128k shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=yes advertise-interval=1s advertise-timeout=immediately \
advertise-url=bloqueio.html idle-timeout=5m keepalive-timeout=2m name=\
Bloqueio open-status-page=always shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
valler garden
/ip hotspot walled-garden
add action=allow comment="" disabled=yes dst-host=*pagseguro* dst-port=443
add action=allow comment="" disabled=yes dst-host=*pagseguro* dst-port=80
add action=allow comment="" disabled=no dst-host=*spreadsheets.google.com* \
dst-port=443
add action=allow comment="" disabled=no dst-host=*spreadsheets.google.com* \
dst-port=80
add action=allow comment="" disabled=no dst-host=*f2b* dst-port=443
add action=allow comment="" disabled=no dst-host=*f2b* dst-port=80
web proxy cache
/ip proxy cache
add action=deny comment="" disabled=no dst-host=":cgi-bin [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]?"
add action=deny comment="" disabled=no dst-host=https: path=/
add action=allow comment="" disabled=no dst-host=http: path=\
/www.rjnet.com.br/2velocimetro.php
add action=allow comment="" disabled=no dst-host=http: path=/www.terra.com.br
add action=deny comment="" disabled=no dst-host=":cgi-bin [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]?"
add action=deny comment="" disabled=no dst-host=https: path=/
add action=allow comment="" disabled=no dst-host=http: path=\
/www.rapidus.com.br/velocidade/
add action=allow comment="" disabled=no dst-host=http: path=/www.bol.com.br
add action=allow comment="" disabled=no dst-host=http: path=/www.orkut.com
add action=allow comment="" disabled=no dst-host=http: path=\
/www.autonoma.com.br/medidor/meter.php
add action=allow comment="" disabled=no dst-host=http: path=\
/medidor.brisanet.com.br/
add action=deny comment="" disabled=no dst-host=https: path=\
/portal.directv.com.br
add action=deny comment="" disabled=no dst-host=http: path=\
/chat03.terra.com.br/
add action=allow comment="" disabled=no dst-host=http*youtube*get_video*
add action=allow comment="" disabled=no dst-host=http*youtube*video*
add action=allow comment="" disabled=no dst-host=\
"http*youtube*yva_get_video_inf o*"
add action=allow comment="" disabled=no dst-host="":\\\\\\\\.flv\$""
add action=allow comment="" disabled=no dst-host=http*globo*get_video*
add action=allow comment="" disabled=no dst-host=http*globo*video*
add action=allow comment="" disabled=no dst-host=http*googlevideo*get_video*
add action=allow comment="" disabled=no dst-host=http*googlevideo*video*
add action=allow comment="" disabled=no dst-host=http*video.google*get_video*
add action=allow comment="" disabled=no dst-host=http*video.google*video*
add action=allow comment="" disabled=no dst-host=http*videoplay*
add action=allow comment="" disabled=no dst-host=http*74.125.15.83*get_video*
add action=allow comment="" disabled=no dst-host=: path=:.swf*
add action=deny comment="" disabled=no dst-host=":cgi-bin [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]?"
add action=deny comment="" disabled=no dst-host=https: path=/
add action=deny comment="" disabled=no dst-host=":cgi-bin [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]?"
add action=deny comment="" disabled=no dst-host=start.com.br
add action=deny comment="" disabled=no dst-host=http: path=/speed
add action=deny comment="" disabled=no dst-host=https: path=/
add action=allow comment="" disabled=no dst-host=":\\.exe\$"
add action=allow comment="" disabled=no dst-host=":\\.zip\$"
add action=allow comment="" disabled=no dst-host=":\\.mpeg\$"
add action=allow comment="" disabled=no dst-host=":\\.avi\$"
add action=allow comment="" disabled=no dst-host=":\\.pdf\$"
add action=allow comment="" disabled=no dst-host=":\\.css\$"
add action=allow comment="" disabled=no dst-host=":\\.rar\$"
add action=allow comment="" disabled=no dst-host=":\\.mov\$"
add action=allow comment="" disabled=no dst-host=":\\.mpg\$"
add action=allow comment="" disabled=no dst-host=":\\.iso\$"
add action=allow comment="" disabled=no dst-host=":\\.bin\$"
add action=allow comment="" disabled=no dst-host=":\\.dat\$"
add action=allow comment="" disabled=no dst-host=www.terra.com.br
add action=deny comment="" disabled=no dst-host=":cgi-bin [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]?"
add action=deny comment="" disabled=no dst-host=https:/
add action=allow comment="" disabled=no dst-host=http: path=\
/www.rapidus.com.br/velocidade/
add action=allow comment="" disabled=no dst-host=http: path=/www.bol.com.br
add action=allow comment="" disabled=no dst-host=http: path=/www.orkut.com
add action=allow comment="" disabled=no dst-host=http: path=\
/www.autonoma.com.br/medidor/meter.php
add action=allow comment="" disabled=no dst-host=http: path=\
/medidor.brisanet.com.br/
add action=deny comment="" disabled=no dst-host=https: path=\
/portal.directv.com.br
add action=deny comment="" disabled=no dst-host=http://chat03.terra.com.br/
add action=allow comment="" disabled=no dst-host=http*youtube*get_video*
add action=allow comment="" disabled=no dst-host=http*youtube*video*
add action=allow comment="" disabled=no dst-host=\
"http*youtube*yva_get_video_inf o*"
add action=allow comment="" disabled=no dst-host="":\\\\\\\\.flv\$""
add action=allow comment="" disabled=no dst-host=http*globo*get_video*
add action=allow comment="" disabled=no dst-host=http*globo*video*
add action=allow comment="" disabled=no dst-host=http*googlevideo*get_video*
add action=allow comment="" disabled=no dst-host=http*googlevideo*video*
add action=allow comment="" disabled=no dst-host=http*video.google*get_video*
add action=allow comment="" disabled=no dst-host=http*video.google*video*
add action=allow comment="" disabled=no dst-host=http*videoplay*
add action=allow comment="" disabled=no dst-host=http*74.125.15.83*get_video*
add action=allow comment="" disabled=no dst-host=::.swf* path=""
add action=deny comment="" disabled=no dst-host=":cgi-bin [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]?"
add action=deny comment="" disabled=no dst-host=":cgi-bin [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]?"
add action=deny comment="" disabled=no dst-host=start.com.br
add action=deny comment="" disabled=no dst-host=http://speed path=""
add action=allow comment="" disabled=no dst-host=":\\.exe\$"
add action=allow comment="" disabled=no dst-host=":\\.zip\$"
add action=allow comment="" disabled=no dst-host=":\\.mpeg\$"
add action=allow comment="" disabled=no dst-host=":\\.avi\$"
add action=allow comment="" disabled=no dst-host=":\\.pdf\$"
add action=allow comment="" disabled=no dst-host=":\\.css\$"
add action=allow comment="" disabled=no dst-host=":\\.rar\$"
add action=allow comment="" disabled=no dst-host=":\\.mov\$"
add action=allow comment="" disabled=no dst-host=":\\.mpg\$"
add action=allow comment="" disabled=no dst-host=":\\.iso\$"
add action=allow comment="" disabled=no dst-host=":\\.bin\$"
add action=allow comment="" disabled=no dst-host=":\\.dat\$"
web-proxy cache full
/ip proxy
set always-from-cache=yes cache-administrator=webmaster cache-hit-dscp=4 \
cache-on-disk=yes enabled=yes max-cache-size=unlimited \
max-client-connections=600 max-fresh-time=3d max-server-connections=600 \
parent-proxy=0.0.0.0 parent-proxy-port=0 port=3128 serialize-connections=\
yes src-address=0.0.0.0
/ip firewall filter
add chain=input action=drop in-interface=link dst-port=3128 protocol=tcp \
comment="Bloqueio do Proxy" disabled=no
add chain=input action=accept dst-port=3128 protocol=tcp comment="ACEITAR \
CONEXOES PROXY" disabled=no
/ip firewall nat
add action=redirect chain=dstnat comment="Redirecionamento do Proxy" disabled=no dst-port=80 \
in-interface=clientes protocol=tcp src-address=192.168.1.0/24 to-ports=\
3128
/ip firewall mangle
add action=accept chain=output comment="qcept proxy" disabled=no dscp=4
add action=mark-packet chain=output comment=";;; HIT TRAFFIC FROM PROXY " \
disabled=no dscp=!4 new-packet-mark=proxy-hit out-interface=clientes \
passthrough=no
add action=mark-packet chain=prerouting comment=";;; UP TRAFFIC" disabled=no \
in-interface=clientes new-packet-mark=proxy-up passthrough=no \
src-address=192.168.1.0/24
add action=mark-connection chain=forward comment=";;; CONN-MARK" disabled=no \
new-connection-mark=proxy-conn passthrough=yes src-address=192.168.1.0/24
add action=mark-packet chain=forward comment=";;; DOWN-DIRECT CONNECTION" \
connection-mark=proxy-conn disabled=no in-interface=link new-packet-mark=\
proxy-down passthrough=no
add action=mark-packet chain=output comment=";;; DOWN-VIA PROXY" disabled=no \
new-packet-mark=proxy-down out-interface=clientes passthrough=no \
src-address=192.168.1.0/24
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=100000 name=downstream packet-mark=proxy-down parent=global-in \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=100000 name=upstream packet-mark=proxy-up parent=global-in \
priority=8 queue=default
controle p2p
/ip firewall mangle
add action=mark-connection chain=prerouting comment="CONTROLE P2P" disabled=\
no new-connection-mark=conexao-p2p p2p=all-p2p passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=\
conexao-p2p disabled=no new-packet-mark=Pacotes-P2P p2p=all-p2p \
passthrough=yes
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=64k name=P2P-IN packet-mark=Pacotes-P2P parent=global-in \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=64k name=P2P-OUT packet-mark=Pacotes-P2P parent=global-out \
priority=8 queue=default
scripts
#----------------------------------------------------------
#Script para fazer backup automatico siga o video
#/system script
#nome do script
backup automatico
/system backup save name=Backup
#/system scheduler
#nome do agendamento
backup automatico
/system script run backup automatico
#----------------------------------------------------------
#Script para enviar backup por e-mail siga o video
#/system script
#nome do script
send_backup_to_mail
/tool e-mail send [email=to=suporte@router-os.com]to=suporte@router-os.com[/email] subject=Backup_SuperNet12Rica_Mikrotik file=Backup.backup
#/system scheduler
#nome do agendamento
enviar_backup_para_mail
/system script run send_backup_to_mail
#----------------------------------------------------------
#Script para reeiniciar o servidor siga o video
#Script para reebot
#/system script
#nome do script
reebot
/system reboot
#/system scheduler
#nome do agendamento
reboot
/system script run reebot
#__________________________________________________________
#Script para controle dos Pais siga o video
#/system scheduler
#Para abilitar a conexão
#nome do agendamento
controle pais on
/ip hotspot user enable teste
# para desabilitar o usuario
#nome do agendamento
controle pais off
/ip hotspot user disable teste
/ip hotspot active remove [find user=teste]
#----------------------------------------------------------
#Script para atualizar o dns dinamico siga o video
#/system script
#Script 01
#nome do script
ddns
#int-DDNS.Info
/tool dns-update name=seuhost.ddns.info address=127.0.0.255 key-name=usuario_ddns key="senha_ddns"
######################################
#Script para atualizar o dns dinamico siga o video
#Script 02
#/system script
#nome do script
ddns
# Dynamic DNS Update / Simple Edition
# Written by Sam Norris, ChangeIP.com
# Copyright ChangeIP.com 2009-2010
# For support send mail to [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
#
# 2009-06-22 RouterOS 3.25 Tested
# 2009-10-05 RouterOS 4.01rc1 Tested
#
# OVERVIEW: %
# This script will update a ChangeIP.com dynamic dns hostname
# with an ip address located directly on an interface.
# %
# NOTES: %
# IF THIS SCRIPT DOES NOT PRODUCE ANY OUTPUT PLEASE COPY AND PASTE IT
# AGAIN. THERE PROBABLY IS A LINE BREAK IN THE WRONG PLACE! Once you
# have created this script and tested that it works by running it
# manually you can schedule it to run every few minutes.
# %
# CONFIGURATION FIELD DEFINITIONS:
# ddnsuser: Enter your ChangeIP.com user id.
# ddnspass: Enter your ChangeIP.com password.
# ddnshost: Enter the hostname ([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] to update.
# ddnsinterface: Enter an interface name - case sensative.
# %
# %
# %
# %
# % % %
# % % %
# % % %
# %
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# EDIT YOUR DETAILS / CONFIGURATION HERE
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
:global ddnsuser "nome de usuario ddns"
:global ddnspass "senha de acesso ddns"
:global ddnshost "seu_host.ddns.info"
:global ddnsinterface "pppoe-out1"
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# END OF USER DEFINED CONFIGURATION
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
:global ddnssystem ("mt-" . [/system package get [/system package find name=system] version] )
:global ddnsip [ /ip address get [/ip address find interface=$ddnsinterface] address ]
:global ddnslastip
:if ([:len [/interface find name=$ddnsinterface]] = 0 ) do={ :log info "DDNS: No interface named $ddnsinterface, please check configuration." }
:if ([ :typeof $ddnslastip ] = "nothing" ) do={ :global ddnslastip 0.0.0.0/0 }
:if ([ :typeof $ddnsip ] = "nothing" ) do={
:log info ("DDNS: No ip address present on " . $ddnsinterface . ", please check.")
} else={
:if ($ddnsip != $ddnslastip) do={
:log info "DDNS: Sending UPDATE!"
:log info [ :put [/tool dns-update name=$ddnshost address=[:pick $ddnsip 0 [:find $ddnsip "/"] ] key-name=$ddnsuser key=$ddnspass ] ]
:global ddnslastip $ddnsip
} else={
:log info "DDNS: No changes necessary."
}
}
# END OF SCRIPT
#########################################################
#/system scheduler
#agendamento no scheduler
/system script run ddns
#----------------------------------------------------------
proteção contra virus
/ ip firewall filter
add chain=input action=drop in-interface=link dst-port=3128 protocol=tcp \
comment="Bloqueio do Proxy" disabled=no
add chain=input action=accept dst-port=3128 protocol=tcp comment="ACEITAR \
CONEXOES PROXY" disabled=no
add chain=virus action=drop dst-port=445 protocol=udp comment="" disabled=no
add chain=virus action=drop dst-port=593 protocol=tcp comment="" disabled=no
add chain=virus action=drop dst-port=135-139 protocol=tcp comment="Drop \
Blaster Worm" disabled=no
add chain=virus action=drop dst-port=135-139 protocol=udp comment="Drop \
Messenger Worm" disabled=no
add chain=virus action=drop dst-port=445 protocol=tcp comment="Drop Blaster \
Worm" disabled=no
add chain=virus action=drop dst-port=65506 protocol=tcp comment="Drop PhatBot, \
Agobot, Gaobot" disabled=no
add chain=virus action=drop dst-port=1024-1030 protocol=tcp comment="________" \
disabled=no
add chain=virus action=drop dst-port=1080 protocol=tcp comment="Drop MyDoom" \
disabled=no
add chain=virus action=drop dst-port=1214 protocol=tcp comment="________" \
disabled=no
add chain=virus action=drop dst-port=1363 protocol=tcp comment="ndm requester" \
disabled=no
add chain=virus action=drop dst-port=1364 protocol=tcp comment="ndm server" \
disabled=no
add chain=virus action=drop dst-port=1368 protocol=tcp comment="screen cast" \
disabled=no
add chain=virus action=drop dst-port=1373 protocol=tcp comment="hromgrafx" \
disabled=no
add chain=virus action=drop dst-port=1377 protocol=tcp comment="cichlid" \
disabled=no
add chain=virus action=drop dst-port=1433-1434 protocol=tcp comment="Worm" \
disabled=no
add chain=virus action=drop dst-port=2535 protocol=tcp comment="Drop Beagle" \
disabled=no
add chain=virus action=drop dst-port=2745 protocol=tcp comment="Drop \
Beagle.C-K" disabled=no
add chain=virus action=drop dst-port=3410 protocol=tcp comment="Drop Backdoor \
OptixPro" disabled=no
add chain=virus action=drop dst-port=4444 protocol=tcp comment="Worm" \
disabled=no
add chain=virus action=drop dst-port=4444 protocol=udp comment="Worm" \
disabled=no
add chain=virus action=drop dst-port=5554 protocol=tcp comment="Drop Sasser" \
disabled=no
add chain=virus action=drop dst-port=8866 protocol=tcp comment="Drop Beagle.B" \
disabled=no
add chain=virus action=drop dst-port=9898 protocol=tcp comment="Drop \
Dabber.A-B" disabled=no
add chain=virus action=drop dst-port=10000 protocol=tcp comment="Drop \
Dumaru.Y" disabled=no
add chain=virus action=drop dst-port=10080 protocol=tcp comment="Drop \
MyDoom.B" disabled=no
add chain=virus action=drop dst-port=12345 protocol=tcp comment="Drop NetBus" \
disabled=no
add chain=virus action=drop dst-port=17300 protocol=tcp comment="Drop Kuang2" \
disabled=no
add chain=virus action=drop dst-port=27374 protocol=tcp comment="Drop \
SubSeven" disabled=no
regras para mangle controle de banda para sites especificos
/ip firewall mangle
add action=mark-connection chain=prerouting comment=SSH_IN disabled=no dst-port=22 new-connection-mark=conn_ssh_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_ssh_in disabled=no new-packet-mark=ssh_in passthrough=no
add action=mark-connection chain=postrouting comment=SSH_OUT disabled=no new-connection-mark=conn_ssh_out passthrough=yes protocol=tcp src-port=22
add action=mark-packet chain=postrouting comment="" connection-mark=conn_ssh_out disabled=no new-packet-mark=ssh_out passthrough=no
add action=mark-connection chain=prerouting comment=FTP_IN disabled=no dst-port=21 new-connection-mark=conn_ftp_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_ftp_in disabled=no new-packet-mark=ftp_in passthrough=no
add action=mark-connection chain=postrouting comment=FTP_IN disabled=no new-connection-mark=conn_ftp_out passthrough=yes protocol=tcp src-port=21
add action=mark-packet chain=postrouting comment="" connection-mark=conn_ftp_out disabled=no new-packet-mark=ftp_out passthrough=no
add action=mark-connection chain=prerouting comment=DNS_IN disabled=no dst-port=53 new-connection-mark=conn_dns_in passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_dns_in disabled=no new-packet-mark=dns_in passthrough=no
add action=mark-connection chain=postrouting comment=DNS_OUT disabled=no new-connection-mark=conn_dns_out passthrough=yes protocol=udp src-port=53
add action=mark-packet chain=postrouting comment="" connection-mark=conn_dns_out disabled=no new-packet-mark=dns_out passthrough=no
add action=mark-packet chain=prerouting comment="EMAIL IN (POP)" disabled=no dst-port=110 new-packet-mark=email_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="EMAIL SSL IN (POP)" disabled=no dst-port=995 new-packet-mark=email_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="IMAP IN" disabled=no dst-port=143 new-packet-mark=email_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="IMAP SSL IN" disabled=no dst-port=993 new-packet-mark=email_in passthrough=yes protocol=tcp
add action=mark-packet chain=postrouting comment="EMAIL OUT (SMTP)" disabled=no new-packet-mark=email_out passthrough=yes protocol=tcp src-port=25
add action=mark-packet chain=postrouting comment="" disabled=no new-packet-mark=email_out passthrough=yes protocol=udp src-port=25
add action=mark-connection chain=prerouting comment="ORKUT IN" content=orkut disabled=no new-connection-mark=conn_orkut_in passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=conn_orkut_in disabled=no new-packet-mark=orkut_in passthrough=no
add action=mark-connection chain=postrouting comment="ORKUT OUT" content=orkut disabled=no new-connection-mark=conn_orkut_out passthrough=yes
add action=mark-packet chain=postrouting comment="" connection-mark=conn_orkut_out disabled=no new-packet-mark=orkut_out passthrough=no
add action=mark-connection chain=prerouting comment="YOUTUBE IN" content=youtube disabled=no new-connection-mark=conn_youtube_in passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=conn_youtube_in disabled=no new-packet-mark=youtube_in passthrough=no
add action=mark-connection chain=postrouting comment="YOUTUBE OUT" content=youtube disabled=no new-connection-mark=conn_youtube_out passthrough=yes
add action=mark-packet chain=postrouting comment="" connection-mark=conn_youtube_out disabled=no new-packet-mark=youtube_out passthrough=no
add action=mark-connection chain=prerouting comment="HOTMAIL IN" content=hotmail disabled=no new-connection-mark=conn_hotmail_in passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=conn_hotmail_in disabled=no new-packet-mark=hotmail_in passthrough=no
add action=mark-connection chain=postrouting comment="HOTMAIL OUT" content=hotmail disabled=no new-connection-mark=conn_hotmail_out passthrough=yes
add action=mark-packet chain=postrouting comment="" connection-mark=conn_hotmail_out disabled=no new-packet-mark=hotmail_out passthrough=no
add action=mark-connection chain=prerouting comment="RANGE IP DO BRASIL" disabled=no dst-address-list=brasil dst-port=80 new-connection-mark=conn_brasil_in \
passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_brasil_in disabled=no new-packet-mark=ip_brasil_in passthrough=no
add action=mark-connection chain=prerouting comment="HTTP IN" disabled=no dst-port=80 new-connection-mark=conn_all_http_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_all_http_in disabled=no new-packet-mark=all_http_in passthrough=no
add action=mark-connection chain=prerouting comment="HTTP OUT" disabled=no new-connection-mark=conn_all_http_out passthrough=yes protocol=tcp src-port=80
add action=mark-packet chain=postrouting comment="" connection-mark=conn_all_http_out disabled=no new-packet-mark=all_http_out passthrough=no
add action=mark-connection chain=prerouting comment=HTTPS_IN disabled=no dst-port=443 new-connection-mark=conn_https_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_https_in disabled=no new-packet-mark=https_in passthrough=no
add action=mark-connection chain=postrouting comment=HTTPS_OUT disabled=no new-connection-mark=conn_https_out passthrough=yes protocol=tcp src-port=443
add action=mark-packet chain=postrouting comment="" connection-mark=conn_https_out disabled=no new-packet-mark=https_out passthrough=no
add action=mark-connection chain=prerouting comment=MSN_IN disabled=no dst-port=1863 new-connection-mark=conn_msn_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_msn_in disabled=no new-packet-mark=msn_in passthrough=yes
add action=mark-connection chain=prerouting comment="STREAM_IN (tcp)" disabled=no dst-port=537,554,1736,1755,1790,2979 new-connection-mark=conn_stream_in \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="STREAM_IN (udp)" disabled=no dst-port=537,554,1736,1755,1790,2979 new-connection-mark=conn_stream_in \
passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_stream_in disabled=no new-packet-mark=stream_in passthrough=no
add action=mark-connection chain=postrouting comment="STREAM_OUT (tcp)" disabled=no new-connection-mark=conn_stream_out passthrough=yes protocol=tcp \
src-port=537,554,1736,1755,1790,2979
add action=mark-connection chain=postrouting comment="STREAM_OUT (udp)" disabled=no new-connection-mark=conn_stream_out passthrough=yes protocol=udp \
src-port=537,554,1736,1755,1790,2979
add action=mark-packet chain=postrouting comment="" connection-mark=conn_stream_out disabled=no new-packet-mark=stream_out passthrough=no
add action=mark-connection chain=prerouting comment=WINBOX_IN disabled=no dst-port=8291 new-connection-mark=conn_winbox_in passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_winbox_in disabled=no new-packet-mark=winbox_in passthrough=no
add action=mark-connection chain=postrouting comment=WINBOX_OUT disabled=no new-connection-mark=conn_winbox_out passthrough=yes protocol=tcp src-port=8291
add action=mark-packet chain=postrouting comment="" connection-mark=conn_winbox_out disabled=no new-packet-mark=winbox_out passthrough=no
add action=mark-connection chain=prerouting comment=VOIP_IN disabled=no dst-port=5060-5061 new-connection-mark=conn_voip_in passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_voip_in disabled=no new-packet-mark=voip_in passthrough=no
add action=mark-connection chain=postrouting comment=VOIP_OUT disabled=no new-connection-mark=conn_voip_out passthrough=yes protocol=udp src-port=5060-5061
add action=mark-packet chain=postrouting comment="" connection-mark=conn_voip_out disabled=no new-packet-mark=voip_out passthrough=yes
add action=mark-connection chain=prerouting comment=P2P_IN disabled=no new-connection-mark=conn_p2p_in p2p=all-p2p passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=conn_p2p_in disabled=no new-packet-mark=p2p_in passthrough=no
add action=mark-connection chain=postrouting comment=P2P_OUT disabled=no new-connection-mark=conn_p2p_out p2p=all-p2p passthrough=yes protocol=tcp
add action=mark-packet chain=postrouting comment="" connection-mark=conn_p2p_out disabled=no new-packet-mark=p2p_out passthrough=yes
add action=change-mss chain=forward comment="" disabled=no new-mss=1330 out-interface=pppoe-out1 protocol=tcp tcp-flags=syn
regras para que tree
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=downloads packet-mark="" parent=global-in priority=\
8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=1024000 max-limit=1024000 name=primario_in packet-mark="" parent=\
downloads priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=100000 name=p2p_in packet-mark=p2p_in parent=global-in \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=500000 name=https_in packet-mark=https_in parent=\
primario_in priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=uploads packet-mark="" parent=global-out priority=8 \
queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=1024000 max-limit=1024000 name=primario_out packet-mark="" parent=\
uploads priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=200000 name=https_out packet-mark=https_out parent=\
primario_out priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=secundario_in packet-mark="" parent=\
downloads priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=secundario_out packet-mark="" parent=\
uploads priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=msn_in packet-mark=msn_in parent=\
primario_in priority=6 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=msn_out packet-mark=msn_out parent=\
primario_out priority=6 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=dns_in packet-mark=dns_in parent=\
primario_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=dns_out packet-mark=dns_out parent=\
primario_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=300000 max-limit=1024000 name=stream_in packet-mark=stream_in parent=\
primario_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 max-limit=200000 name="todo_resto_in - tcp" packet-mark=\
todo_resto_in parent=secundario_in priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 max-limit=200000 name="todo_resto_out - tcp" packet-mark=\
todo_resto_out parent=secundario_out priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=winbox_in packet-mark=winbox_in parent=\
primario_in priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=256000 name=winbox_out packet-mark=winbox_out parent=\
primario_out priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=1024000 name=voip_in packet-mark=voip_in parent=\
primario_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=1024000 name=voip_out packet-mark=voip_out parent=\
primario_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ssh_in packet-mark=ssh_in parent=\
secundario_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ssh_out packet-mark=ssh_out parent=\
secundario_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ftp_in packet-mark=ftp_in parent=\
secundario_in priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ftp_out packet-mark=ftp_out parent=\
secundario_out priority=5 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=500000 name=email_in packet-mark=email_in parent=\
primario_in priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=500000 name=email_out packet-mark=email_out parent=\
primario_out priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=500000 name="ips brasil" packet-mark=ip_brasil_in \
parent=primario_in priority=3 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=50000 name=p2p_out packet-mark=p2p_out parent=global-out \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=500000 name=http_in packet-mark="" parent=downloads \
priority=4 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=300000 name=orkut_in packet-mark=orkut_in parent=\
http_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=500000 name=http_out packet-mark="" parent=uploads \
priority=4 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=150000 max-limit=250000 name=orkut_out packet-mark=orkut_out parent=\
http_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=600000 name=all_http_in packet-mark=all_http_in \
parent=primario_in priority=4 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=600000 name=all_http_out packet-mark=all_http_out \
parent=primario_out priority=4 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=300000 max-limit=1024000 name=stream_out packet-mark=stream_out \
parent=primario_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=300000 name=hotmail_in packet-mark=hotmail_in parent=\
http_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=300000 name=hotmail_out packet-mark=hotmail_out \
parent=http_out priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=1024000 name=youtube packet-mark=youtube_in parent=\
http_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=1024000 name=youtube_out packet-mark=youtube_out \
parent=http_out priority=1 queue=default
regras uteis para firewall
/ ip firewall filter
add chain=input connection-state=established comment="Accept established connections"
add chain=input connection-state=related comment="Accept related connections"
add chain=input connection-state=invalid action=drop comment="Drop invalid connections"
add chain=input protocol=udp action=accept comment="UDP" disabled=no
add chain=input protocol=icmp limit=50/5s,2 comment="Allow limited pings"
add chain=input protocol=icmp action=drop comment="Drop excess pings"
add chain=input protocol=tcp dst-port=22 comment="SSH for secure shell"
add chain=input protocol=tcp dst-port=8291 comment="winbox"
add chain=input action=log log-prefix="DROP INPUT" comment="Log everything else"
add chain=input protocol=tcp dst-port=22 src-address-list=black_list action=drop comment="drop ssh brute
forcers" disabled=no
add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage3 action=add-
src-to-address-list address-list=black_list address-list-timeout=1d comment="" disabled=no
add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage2 action=add-
src-to-address-list address-list=ssh_stage3 address-list-timeout=1m comment="" disabled=no
add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage1 action=add-
src-to-address-list address-list=ssh_stage2 address-list-timeout=1m comment="" disabled=no
add chain=input protocol=tcp dst-port=22 connection-state=new action=add-src-to-address-list address-
list=ssh_stage1 address-list-timeout=1m comment="" disabled=no
user profiles
/ip hotspot user profile
set default idle-timeout=none keepalive-timeout=2m name=default shared-users=\
1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=128k rate-limit=64k/128k \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=200k rate-limit=64k/200k \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=150k rate-limit=128k/150k \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=64k rate-limit=32k/64k \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=80k rate-limit=54k/80k \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add advertise=yes advertise-interval=2m advertise-timeout=15s advertise-url=\
aviso.html idle-timeout=5m keepalive-timeout=2m name=Aviso \
open-status-page=always rate-limit=64k/128k shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=yes advertise-interval=1s advertise-timeout=immediately \
advertise-url=bloqueio.html idle-timeout=5m keepalive-timeout=2m name=\
Bloqueio open-status-page=always shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
valler garden
/ip hotspot walled-garden
add action=allow comment="" disabled=yes dst-host=*pagseguro* dst-port=443
add action=allow comment="" disabled=yes dst-host=*pagseguro* dst-port=80
add action=allow comment="" disabled=no dst-host=*spreadsheets.google.com* \
dst-port=443
add action=allow comment="" disabled=no dst-host=*spreadsheets.google.com* \
dst-port=80
add action=allow comment="" disabled=no dst-host=*f2b* dst-port=443
add action=allow comment="" disabled=no dst-host=*f2b* dst-port=80
web proxy cache
/ip proxy cache
add action=deny comment="" disabled=no dst-host=":cgi-bin [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]?"
add action=deny comment="" disabled=no dst-host=https: path=/
add action=allow comment="" disabled=no dst-host=http: path=\
/www.rjnet.com.br/2velocimetro.php
add action=allow comment="" disabled=no dst-host=http: path=/www.terra.com.br
add action=deny comment="" disabled=no dst-host=":cgi-bin [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]?"
add action=deny comment="" disabled=no dst-host=https: path=/
add action=allow comment="" disabled=no dst-host=http: path=\
/www.rapidus.com.br/velocidade/
add action=allow comment="" disabled=no dst-host=http: path=/www.bol.com.br
add action=allow comment="" disabled=no dst-host=http: path=/www.orkut.com
add action=allow comment="" disabled=no dst-host=http: path=\
/www.autonoma.com.br/medidor/meter.php
add action=allow comment="" disabled=no dst-host=http: path=\
/medidor.brisanet.com.br/
add action=deny comment="" disabled=no dst-host=https: path=\
/portal.directv.com.br
add action=deny comment="" disabled=no dst-host=http: path=\
/chat03.terra.com.br/
add action=allow comment="" disabled=no dst-host=http*youtube*get_video*
add action=allow comment="" disabled=no dst-host=http*youtube*video*
add action=allow comment="" disabled=no dst-host=\
"http*youtube*yva_get_video_inf o*"
add action=allow comment="" disabled=no dst-host="":\\\\\\\\.flv\$""
add action=allow comment="" disabled=no dst-host=http*globo*get_video*
add action=allow comment="" disabled=no dst-host=http*globo*video*
add action=allow comment="" disabled=no dst-host=http*googlevideo*get_video*
add action=allow comment="" disabled=no dst-host=http*googlevideo*video*
add action=allow comment="" disabled=no dst-host=http*video.google*get_video*
add action=allow comment="" disabled=no dst-host=http*video.google*video*
add action=allow comment="" disabled=no dst-host=http*videoplay*
add action=allow comment="" disabled=no dst-host=http*74.125.15.83*get_video*
add action=allow comment="" disabled=no dst-host=: path=:.swf*
add action=deny comment="" disabled=no dst-host=":cgi-bin [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]?"
add action=deny comment="" disabled=no dst-host=https: path=/
add action=deny comment="" disabled=no dst-host=":cgi-bin [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]?"
add action=deny comment="" disabled=no dst-host=start.com.br
add action=deny comment="" disabled=no dst-host=http: path=/speed
add action=deny comment="" disabled=no dst-host=https: path=/
add action=allow comment="" disabled=no dst-host=":\\.exe\$"
add action=allow comment="" disabled=no dst-host=":\\.zip\$"
add action=allow comment="" disabled=no dst-host=":\\.mpeg\$"
add action=allow comment="" disabled=no dst-host=":\\.avi\$"
add action=allow comment="" disabled=no dst-host=":\\.pdf\$"
add action=allow comment="" disabled=no dst-host=":\\.css\$"
add action=allow comment="" disabled=no dst-host=":\\.rar\$"
add action=allow comment="" disabled=no dst-host=":\\.mov\$"
add action=allow comment="" disabled=no dst-host=":\\.mpg\$"
add action=allow comment="" disabled=no dst-host=":\\.iso\$"
add action=allow comment="" disabled=no dst-host=":\\.bin\$"
add action=allow comment="" disabled=no dst-host=":\\.dat\$"
add action=allow comment="" disabled=no dst-host=www.terra.com.br
add action=deny comment="" disabled=no dst-host=":cgi-bin [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]?"
add action=deny comment="" disabled=no dst-host=https:/
add action=allow comment="" disabled=no dst-host=http: path=\
/www.rapidus.com.br/velocidade/
add action=allow comment="" disabled=no dst-host=http: path=/www.bol.com.br
add action=allow comment="" disabled=no dst-host=http: path=/www.orkut.com
add action=allow comment="" disabled=no dst-host=http: path=\
/www.autonoma.com.br/medidor/meter.php
add action=allow comment="" disabled=no dst-host=http: path=\
/medidor.brisanet.com.br/
add action=deny comment="" disabled=no dst-host=https: path=\
/portal.directv.com.br
add action=deny comment="" disabled=no dst-host=http://chat03.terra.com.br/
add action=allow comment="" disabled=no dst-host=http*youtube*get_video*
add action=allow comment="" disabled=no dst-host=http*youtube*video*
add action=allow comment="" disabled=no dst-host=\
"http*youtube*yva_get_video_inf o*"
add action=allow comment="" disabled=no dst-host="":\\\\\\\\.flv\$""
add action=allow comment="" disabled=no dst-host=http*globo*get_video*
add action=allow comment="" disabled=no dst-host=http*globo*video*
add action=allow comment="" disabled=no dst-host=http*googlevideo*get_video*
add action=allow comment="" disabled=no dst-host=http*googlevideo*video*
add action=allow comment="" disabled=no dst-host=http*video.google*get_video*
add action=allow comment="" disabled=no dst-host=http*video.google*video*
add action=allow comment="" disabled=no dst-host=http*videoplay*
add action=allow comment="" disabled=no dst-host=http*74.125.15.83*get_video*
add action=allow comment="" disabled=no dst-host=::.swf* path=""
add action=deny comment="" disabled=no dst-host=":cgi-bin [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]?"
add action=deny comment="" disabled=no dst-host=":cgi-bin [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]?"
add action=deny comment="" disabled=no dst-host=start.com.br
add action=deny comment="" disabled=no dst-host=http://speed path=""
add action=allow comment="" disabled=no dst-host=":\\.exe\$"
add action=allow comment="" disabled=no dst-host=":\\.zip\$"
add action=allow comment="" disabled=no dst-host=":\\.mpeg\$"
add action=allow comment="" disabled=no dst-host=":\\.avi\$"
add action=allow comment="" disabled=no dst-host=":\\.pdf\$"
add action=allow comment="" disabled=no dst-host=":\\.css\$"
add action=allow comment="" disabled=no dst-host=":\\.rar\$"
add action=allow comment="" disabled=no dst-host=":\\.mov\$"
add action=allow comment="" disabled=no dst-host=":\\.mpg\$"
add action=allow comment="" disabled=no dst-host=":\\.iso\$"
add action=allow comment="" disabled=no dst-host=":\\.bin\$"
add action=allow comment="" disabled=no dst-host=":\\.dat\$"
web-proxy cache full
/ip proxy
set always-from-cache=yes cache-administrator=webmaster cache-hit-dscp=4 \
cache-on-disk=yes enabled=yes max-cache-size=unlimited \
max-client-connections=600 max-fresh-time=3d max-server-connections=600 \
parent-proxy=0.0.0.0 parent-proxy-port=0 port=3128 serialize-connections=\
yes src-address=0.0.0.0
/ip firewall filter
add chain=input action=drop in-interface=link dst-port=3128 protocol=tcp \
comment="Bloqueio do Proxy" disabled=no
add chain=input action=accept dst-port=3128 protocol=tcp comment="ACEITAR \
CONEXOES PROXY" disabled=no
/ip firewall nat
add action=redirect chain=dstnat comment="Redirecionamento do Proxy" disabled=no dst-port=80 \
in-interface=clientes protocol=tcp src-address=192.168.1.0/24 to-ports=\
3128
/ip firewall mangle
add action=accept chain=output comment="qcept proxy" disabled=no dscp=4
add action=mark-packet chain=output comment=";;; HIT TRAFFIC FROM PROXY " \
disabled=no dscp=!4 new-packet-mark=proxy-hit out-interface=clientes \
passthrough=no
add action=mark-packet chain=prerouting comment=";;; UP TRAFFIC" disabled=no \
in-interface=clientes new-packet-mark=proxy-up passthrough=no \
src-address=192.168.1.0/24
add action=mark-connection chain=forward comment=";;; CONN-MARK" disabled=no \
new-connection-mark=proxy-conn passthrough=yes src-address=192.168.1.0/24
add action=mark-packet chain=forward comment=";;; DOWN-DIRECT CONNECTION" \
connection-mark=proxy-conn disabled=no in-interface=link new-packet-mark=\
proxy-down passthrough=no
add action=mark-packet chain=output comment=";;; DOWN-VIA PROXY" disabled=no \
new-packet-mark=proxy-down out-interface=clientes passthrough=no \
src-address=192.168.1.0/24
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=100000 name=downstream packet-mark=proxy-down parent=global-in \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=100000 name=upstream packet-mark=proxy-up parent=global-in \
priority=8 queue=default
controle p2p
/ip firewall mangle
add action=mark-connection chain=prerouting comment="CONTROLE P2P" disabled=\
no new-connection-mark=conexao-p2p p2p=all-p2p passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=\
conexao-p2p disabled=no new-packet-mark=Pacotes-P2P p2p=all-p2p \
passthrough=yes
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=64k name=P2P-IN packet-mark=Pacotes-P2P parent=global-in \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=64k name=P2P-OUT packet-mark=Pacotes-P2P parent=global-out \
priority=8 queue=default
scripts
#----------------------------------------------------------
#Script para fazer backup automatico siga o video
#/system script
#nome do script
backup automatico
/system backup save name=Backup
#/system scheduler
#nome do agendamento
backup automatico
/system script run backup automatico
#----------------------------------------------------------
#Script para enviar backup por e-mail siga o video
#/system script
#nome do script
send_backup_to_mail
/tool e-mail send [email=to=suporte@router-os.com]to=suporte@router-os.com[/email] subject=Backup_SuperNet12Rica_Mikrotik file=Backup.backup
#/system scheduler
#nome do agendamento
enviar_backup_para_mail
/system script run send_backup_to_mail
#----------------------------------------------------------
#Script para reeiniciar o servidor siga o video
#Script para reebot
#/system script
#nome do script
reebot
/system reboot
#/system scheduler
#nome do agendamento
reboot
/system script run reebot
#__________________________________________________________
#Script para controle dos Pais siga o video
#/system scheduler
#Para abilitar a conexão
#nome do agendamento
controle pais on
/ip hotspot user enable teste
# para desabilitar o usuario
#nome do agendamento
controle pais off
/ip hotspot user disable teste
/ip hotspot active remove [find user=teste]
#----------------------------------------------------------
#Script para atualizar o dns dinamico siga o video
#/system script
#Script 01
#nome do script
ddns
#int-DDNS.Info
/tool dns-update name=seuhost.ddns.info address=127.0.0.255 key-name=usuario_ddns key="senha_ddns"
######################################
#Script para atualizar o dns dinamico siga o video
#Script 02
#/system script
#nome do script
ddns
# Dynamic DNS Update / Simple Edition
# Written by Sam Norris, ChangeIP.com
# Copyright ChangeIP.com 2009-2010
# For support send mail to [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
#
# 2009-06-22 RouterOS 3.25 Tested
# 2009-10-05 RouterOS 4.01rc1 Tested
#
# OVERVIEW: %
# This script will update a ChangeIP.com dynamic dns hostname
# with an ip address located directly on an interface.
# %
# NOTES: %
# IF THIS SCRIPT DOES NOT PRODUCE ANY OUTPUT PLEASE COPY AND PASTE IT
# AGAIN. THERE PROBABLY IS A LINE BREAK IN THE WRONG PLACE! Once you
# have created this script and tested that it works by running it
# manually you can schedule it to run every few minutes.
# %
# CONFIGURATION FIELD DEFINITIONS:
# ddnsuser: Enter your ChangeIP.com user id.
# ddnspass: Enter your ChangeIP.com password.
# ddnshost: Enter the hostname ([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] to update.
# ddnsinterface: Enter an interface name - case sensative.
# %
# %
# %
# %
# % % %
# % % %
# % % %
# %
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# EDIT YOUR DETAILS / CONFIGURATION HERE
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
:global ddnsuser "nome de usuario ddns"
:global ddnspass "senha de acesso ddns"
:global ddnshost "seu_host.ddns.info"
:global ddnsinterface "pppoe-out1"
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# END OF USER DEFINED CONFIGURATION
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
:global ddnssystem ("mt-" . [/system package get [/system package find name=system] version] )
:global ddnsip [ /ip address get [/ip address find interface=$ddnsinterface] address ]
:global ddnslastip
:if ([:len [/interface find name=$ddnsinterface]] = 0 ) do={ :log info "DDNS: No interface named $ddnsinterface, please check configuration." }
:if ([ :typeof $ddnslastip ] = "nothing" ) do={ :global ddnslastip 0.0.0.0/0 }
:if ([ :typeof $ddnsip ] = "nothing" ) do={
:log info ("DDNS: No ip address present on " . $ddnsinterface . ", please check.")
} else={
:if ($ddnsip != $ddnslastip) do={
:log info "DDNS: Sending UPDATE!"
:log info [ :put [/tool dns-update name=$ddnshost address=[:pick $ddnsip 0 [:find $ddnsip "/"] ] key-name=$ddnsuser key=$ddnspass ] ]
:global ddnslastip $ddnsip
} else={
:log info "DDNS: No changes necessary."
}
}
# END OF SCRIPT
#########################################################
#/system scheduler
#agendamento no scheduler
/system script run ddns
#----------------------------------------------------------
Convidado- Convidado
Re: Regras Mikrotik
por luisokobra Sáb 30 Jul - 20:14
Vlw velhino pelas regras..
obrigadão mesmo
show de bola pelo post
so uma duvida o que e valler garden ??
abraço
obrigadão mesmo
show de bola pelo post
so uma duvida o que e valler garden ??
abraço
luisokobra- Iniciante
- Mensagens : 75
Pontos : 103
Reputação : 2
Data de inscrição : 07/06/2011
Idade : 39
Localização : 98807130
Re: Regras Mikrotik
por jkvianna Sáb 20 Ago - 22:59
Olá boa noite,sou novo em MK mas gostaria muito de saber onde coloco essas regras...Por onde começar
jkvianna- Baby
- Mensagens : 2
Pontos : 2
Reputação : 0
Data de inscrição : 20/08/2011
Idade : 51 Localização : SP
Re: Regras Mikrotik
por colibrinetwork Dom 21 Ago - 0:05
COPIAR E COLAR EM NEW TERMINAL...
OBS,NÃO ESQUEÇA DE ADAPTAR A RANGER DE IPS,PODE ESTAR FORA DE SUA RANGE....
OBS,NÃO ESQUEÇA DE ADAPTAR A RANGER DE IPS,PODE ESTAR FORA DE SUA RANGE....
Última edição por colibrinetwork em Dom 21 Ago - 10:32, editado 1 vez(es)
colibrinetwork- User
- Mensagens : 108
Pontos : 143
Reputação : 20
Data de inscrição : 25/01/2011
Idade : 43 Localização : Mar de Espanha
colibrinetwork- User
- Mensagens : 108
Pontos : 143
Reputação : 20
Data de inscrição : 25/01/2011
Idade : 43 Localização : Mar de Espanha
Re: Regras Mikrotik
por jkvianna Dom 21 Ago - 1:03
Esqueci de dizer que eu uso uma RB750G Versão 4.17....
jkvianna- Baby
- Mensagens : 2
Pontos : 2
Reputação : 0
Data de inscrição : 20/08/2011
Idade : 51 Localização : SP
silvioabc- Baby
- Mensagens : 1
Pontos : 1
Reputação : 0
Data de inscrição : 13/08/2011
Idade : 56 Localização : aqui em casa
Re: Regras Mikrotik
por BBD NET Sex 4 Nov - 7:03
Amigo muito boa sua iniciativa mas seria bom vc organizar isso aii..
tipo serar as regras comentar cada um e dizer pra q intuito são cada ...
espero ter dado contribuição para o post
tipo serar as regras comentar cada um e dizer pra q intuito são cada ...
espero ter dado contribuição para o post
BBD NET- Power User
- Mensagens : 690
Pontos : 863
Reputação : 159
Data de inscrição : 02/06/2011
Idade : 32 Localização : Cipó, Bahia -
Tópicos semelhantes» Regras Para Mikrotik 5.18 - (Resolvido)
» Regras mikrotik 3.xxmikrotik
» Regras Iniciais - Firewall Mikrotik
» Regras mikrotik 3.xxmikrotik
» Regras Iniciais - Firewall Mikrotik
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos|
|
|