ROS脚本

Ros回流脚本

 :global ddnsinterface pppoe-out1
:global ddnsip ""
:set ddnsip [/ip address get [find interface=$ddnsinterface] address]
:set ddnsip [:pick $ddnsip 0 [:find $ddnsip "/"]]
:if ([/ip firewall nat get [find comment="80"] dst-address] != $ddnsip) do={
:log info [/ip firewall nat set [find comment="80"] dst-address=$ddnsip]
:log info "80 dst-address update ok";
:log info [/ip firewall nat set [find comment="443"] dst-address=$ddnsip]
:log info "443 dst-address update ok";
:log info [/ip firewall nat set [find comment="3389"] dst-address=$ddnsip]
:log info "3389 dst-address update ok";
:log info [/ip firewall nat set [find comment="32400"] dst-address=$ddnsip]
:log info "32400 dst-address update ok";
}

Ros日志清理

 :local memoryline [:put [/sys logg action get "memory" "memory-lines" ] ]
/system logging action set memory memory-lines=1
/system logging action set memory memory-lines=$memoryline
:log info "Clear Log"

Ros断线自动重拨

 #1、定义拨号名称
:local pppoe "pppoe-out1"
#2、定义拨号状态
:local status
#3、获取拨号状态
:set status [/interface get [/interface find  name=$pppoe] running]
#4、判断如果短线自动拨号
:if ($status=true) do={
 #:log warning "拨号上网正常"
} else={
:log warning "拨号异常"
/interface disable $pppoe
/interface enable $pppoe
:log warning "已经重新拨号，上网正常"
}

Ros防火墙

 #防火墙
/ip firewall filter
add chain=input in-interface=pppoe-out1 protocol=udp dst-port=53 action=drop
add chain=input in-interface=pppoe-out1 protocol=tcp dst-port=53 action=drop
add chain=input connection-state=invalid action=drop comment="Drop Invalid connections"
add chain=input connection-state=established action=accept comment="Allow Established connections"
add chain=input protocol=icmp action=accept comment="Allow ICMP"
#这里的10.10.10.0替换成自己的IP段。24表示255.255.255.0。如果没有用桥就把bridge1换成局域网的lan
add chain=input src-address=10.10.10.0/24 action=accept in-interface=LAN
add chain=input action=drop comment="Drop everything else"
add chain=output action=accept comment="accept everything"
add chain=forward connection-state=invalid action=drop comment="Drop Invalid connections"
add chain=forward connection-state=established action=accept comment="Allow Established connections"
add chain=forward connection-state=related action=accept comment="allow related connections"
add chain=forward protocol=tcp action=jump jump-target=tcp
add chain=forward protocol=udp action=jump jump-target=udp
add chain=forward protocol=icmp action=jump jump-target=icmp
#禁止外网Ping   #这里的10.10.10.0替换成自己的IP段。24表示255.255.255.0
/ip firewall filter add chain=input src-address=!10.10.10.0/24 protocol=icmp action=drop comment="\BD\FB\D6\B9\CD\E2\CD\F8Ping"
 
 
# 来自 <https://drive.google.com/drive/folders/1G79dbeDdG2eH3il98SrJGU_qffDPcgLE>

ROS脚本

ROS脚本

Ros回流脚本

Ros日志清理

Ros断线自动重拨

Ros防火墙

宝塔面板安装

Esxi

	:global ddnsinterface pppoe-out1
	:global ddnsip ""
	:set ddnsip [/ip address get [find interface=$ddnsinterface] address]
	:set ddnsip [:pick $ddnsip 0 [:find $ddnsip "/"]]
	:if ([/ip firewall nat get [find comment="80"] dst-address] != $ddnsip) do={
	:log info [/ip firewall nat set [find comment="80"] dst-address=$ddnsip]
	:log info "80 dst-address update ok";
	:log info [/ip firewall nat set [find comment="443"] dst-address=$ddnsip]
	:log info "443 dst-address update ok";
	:log info [/ip firewall nat set [find comment="3389"] dst-address=$ddnsip]
	:log info "3389 dst-address update ok";
	:log info [/ip firewall nat set [find comment="32400"] dst-address=$ddnsip]
	:log info "32400 dst-address update ok";
	}

	:local memoryline [:put [/sys logg action get "memory" "memory-lines" ] ]
	/system logging action set memory memory-lines=1
	/system logging action set memory memory-lines=$memoryline
	:log info "Clear Log"

	#1、定义拨号名称
	:local pppoe "pppoe-out1"
	#2、定义拨号状态
	:local status
	#3、获取拨号状态
	:set status [/interface get [/interface find name=$pppoe] running]
	#4、判断如果短线自动拨号
	:if ($status=true) do={
	#:log warning "拨号上网正常"
	} else={
	:log warning "拨号异常"
	/interface disable $pppoe
	/interface enable $pppoe
	:log warning "已经重新拨号，上网正常"
	}

	#防火墙
	/ip firewall filter
	add chain=input in-interface=pppoe-out1 protocol=udp dst-port=53 action=drop
	add chain=input in-interface=pppoe-out1 protocol=tcp dst-port=53 action=drop
	add chain=input connection-state=invalid action=drop comment="Drop Invalid connections"
	add chain=input connection-state=established action=accept comment="Allow Established connections"
	add chain=input protocol=icmp action=accept comment="Allow ICMP"
	#这里的10.10.10.0替换成自己的IP段。24表示255.255.255.0。如果没有用桥就把bridge1换成局域网的lan
	add chain=input src-address=10.10.10.0/24 action=accept in-interface=LAN
	add chain=input action=drop comment="Drop everything else"
	add chain=output action=accept comment="accept everything"
	add chain=forward connection-state=invalid action=drop comment="Drop Invalid connections"
	add chain=forward connection-state=established action=accept comment="Allow Established connections"
	add chain=forward connection-state=related action=accept comment="allow related connections"
	add chain=forward protocol=tcp action=jump jump-target=tcp
	add chain=forward protocol=udp action=jump jump-target=udp
	add chain=forward protocol=icmp action=jump jump-target=icmp
	#禁止外网Ping #这里的10.10.10.0替换成自己的IP段。24表示255.255.255.0
	/ip firewall filter add chain=input src-address=!10.10.10.0/24 protocol=icmp action=drop comment="\BD\FB\D6\B9\CD\E2\CD\F8Ping"


	# 来自 <https://drive.google.com/drive/folders/1G79dbeDdG2eH3il98SrJGU_qffDPcgLE>