{"id":392,"date":"2014-09-06T23:00:45","date_gmt":"2014-09-06T15:00:45","guid":{"rendered":"http:\/\/www.luwl.net\/?p=392"},"modified":"2014-09-06T23:00:55","modified_gmt":"2014-09-06T15:00:55","slug":"ros%e9%85%8d%e7%bd%ae","status":"publish","type":"post","link":"http:\/\/www.luwl.net\/?p=392","title":{"rendered":"\u51fa\u53e3ROS\u914d\u7f6e"},"content":{"rendered":"<p>192.168.100.2 \u603b\u51fa\u53e3\u8def\u7531\u5668\u914d\u7f6e\u5907\u4efd\uff1a<br \/>\n2014-9-6<br \/>\n<code><\/p>\n<p>  MMM      MMM       KKK                          TTTTTTTTTTT      KKK<br \/>\n  MMMM    MMMM       KKK                          TTTTTTTTTTT      KKK<br \/>\n  MMM MMMM MMM  III  KKK  KKK  RRRRRR     OOOOOO      TTT     III  KKK  KKK<br \/>\n  MMM  MM  MMM  III  KKKKK     RRR  RRR  OOO  OOO     TTT     III  KKKKK<br \/>\n  MMM      MMM  III  KKK KKK   RRRRRR    OOO  OOO     TTT     III  KKK KKK<br \/>\n  MMM      MMM  III  KKK  KKK  RRR  RRR   OOOOOO      TTT     III  KKK  KKK<\/p>\n<p>  MikroTik RouterOS 6.19 (c) 1999-2014       http:\/\/www.mikrotik.com\/<\/p>\n<p>[?]             Gives the list of available commands<br \/>\ncommand [?]     Gives help on the command and list of arguments<\/p>\n<p>[Tab]           Completes the command\/word. If the input is ambiguous,<br \/>\n                a second [Tab] gives possible options<\/p>\n<p>\/               Move up to base level<br \/>\n..              Move up one level<br \/>\n\/command        Use command at the base level<br \/>\nsep\/06\/2014 08:01:37 system,error,critical login failure for user admin from 192.<br \/>\n168.1.181 via web<br \/>\nsep\/06\/2014 22:07:05 system,error,critical login failure for user ubnt via bandwi<br \/>\ndth-test<br \/>\n[admin@ros] > exp com<br \/>\n# sep\/06\/2014 22:59:20 by RouterOS 6.19<br \/>\n# software id = SV91-73PD<br \/>\n#<br \/>\n\/interface ethernet<br \/>\nset [ find default-name=ether1 ] name=ether1-cnc<br \/>\nset [ find default-name=ether2 ] name=ether2-cmcc<br \/>\nset [ find default-name=ether5 ] name=ether5-inside<br \/>\nset [ find default-name=ether6 ] name=ether6-master-local<br \/>\nset [ find default-name=ether7 ] master-port=ether6-master-local name=\\<br \/>\n    ether7-slave-local<br \/>\nset [ find default-name=ether8 ] master-port=ether6-master-local name=\\<br \/>\n    ether8-slave-local<br \/>\nset [ find default-name=ether9 ] master-port=ether6-master-local name=\\<br \/>\n    ether9-slave-local<br \/>\nset [ find default-name=ether10 ] master-port=ether6-master-local name=\\<br \/>\n    ether10-slave-local<br \/>\nset [ find default-name=sfp1 ] name=sfp1-gateway<br \/>\n\/interface pptp-server<br \/>\nadd name=pptp-in1 user=\"\"<br \/>\n\/ip neighbor discovery<br \/>\nset ether1-cnc discover=no<br \/>\nset ether2-cmcc discover=no<br \/>\nset ether5-inside discover=no<br \/>\nset sfp1-gateway discover=no<br \/>\n\/ip pool<br \/>\nadd name=pptp_vpn ranges=10.10.1.2-10.10.1.254<br \/>\n\/port<br \/>\nset 0 name=serial0<br \/>\n\/ppp profile<br \/>\nadd local-address=10.10.1.1 name=pptp remote-address=pptp_vpn<br \/>\n\/interface pptp-server server<br \/>\nset enabled=yes<br \/>\n\/ip address<br \/>\nadd address=192.168.100.2\/24 comment=inside interface=ether5-inside network=\\<br \/>\n    192.168.100.0<br \/>\nadd address=60.6.228.103\/24 comment=outside-cnc interface=ether1-cnc network=\\<br \/>\n    60.6.228.0<br \/>\nadd address=183.196.162.67\/24 comment=outside-cmcc interface=ether2-cmcc \\<br \/>\n    network=183.196.162.0<br \/>\n\/ip dhcp-server network<br \/>\nadd address=192.168.100.0\/24 comment=\"default configuration\" dns-server=\\<br \/>\n    192.168.88.1 gateway=192.168.100.2 netmask=24<br \/>\n\/ip dns<br \/>\nset allow-remote-requests=yes cache-size=88048KiB servers=114.114.114.114<br \/>\n\/ip dns static<br \/>\nadd address=192.168.100.3 name=blog.luwl.net<br \/>\nadd address=192.168.100.3 name=fonts.googleapis.com<br \/>\nadd address=192.168.100.3 name=new.yxbljt.com<br \/>\n\/ip firewall mangle<br \/>\nadd action=mark-routing chain=prerouting comment=\"web\\B7\\D6\\C1\\F7\" dst-port=80 \\<br \/>\n    new-routing-mark=web protocol=tcp src-address=!10.10.1.0\/24<br \/>\nadd action=mark-routing chain=prerouting dst-port=443 new-routing-mark=web \\<br \/>\n    protocol=tcp src-address=!10.10.1.0\/24<br \/>\n\/ip firewall nat<br \/>\nadd action=masquerade chain=srcnat comment=\"\\B4\\FA\\C0\\ED\\C9\\CF\\CD\\F8\"<br \/>\nadd action=redirect chain=dstnat comment=\"\\C7\\BF\\D6\\C6\\B4\\FA\\C0\\EDDNS\" \\<br \/>\n    dst-port=53 protocol=udp to-ports=53<br \/>\nadd action=dst-nat chain=dstnat dst-port=53 protocol=udp to-addresses=\\<br \/>\n    192.168.100.2 to-ports=53<br \/>\nadd action=dst-nat chain=dstnat comment=\"\\B6\\CB\\BF\\DA\\D7\\AA\\B7\\A2\" \\<br \/>\n    dst-address=60.6.228.103 dst-address-type=\"\" dst-port=21 protocol=tcp \\<br \/>\n    to-addresses=192.168.1.10 to-ports=21<br \/>\nadd action=dst-nat chain=dstnat dst-address=183.196.162.67 dst-port=21 \\<br \/>\n    protocol=tcp to-addresses=192.168.1.10 to-ports=21<br \/>\nadd action=dst-nat chain=dstnat dst-address=60.6.228.103 dst-port=81 protocol=\\<br \/>\n    tcp to-addresses=192.168.1.10 to-ports=80<br \/>\nadd action=dst-nat chain=dstnat dst-address=183.196.162.67 dst-port=81 \\<br \/>\n    protocol=tcp to-addresses=192.168.1.10 to-ports=80<br \/>\n\/ip route<br \/>\nadd distance=1 gateway=183.196.162.65 routing-mark=web<br \/>\nadd distance=1 gateway=60.6.228.126<br \/>\nadd distance=1 gateway=183.196.162.65<br \/>\nadd distance=1 dst-address=192.168.0.0\/16 gateway=192.168.100.1<br \/>\n\/ip service<br \/>\nset telnet disabled=yes<br \/>\nset ftp disabled=yes<br \/>\nset ssh disabled=yes<br \/>\n\/ip upnp<br \/>\nset allow-disable-external-interface=no<br \/>\n\/lcd<br \/>\nset default-screen=stats time-interval=hour<br \/>\n\/lcd interface<br \/>\nset sfp1-gateway disabled=yes<br \/>\nset ether3 disabled=yes<br \/>\nset ether4 disabled=yes<br \/>\nset ether6-master-local disabled=yes<br \/>\nset ether7-slave-local disabled=yes<br \/>\nset ether8-slave-local disabled=yes<br \/>\nset ether9-slave-local disabled=yes<br \/>\nset ether10-slave-local disabled=yes<br \/>\n\/ppp secret<br \/>\nadd comment=\"\\D2\\C7\\B1\\ED\\B0\\E0\" name=vpn1 password=vpn1 profile=pptp service=\\<br \/>\n    pptp<br \/>\nadd comment=\"\\CE\\C0\\C5\\F3\" name=vpn2 password=vpn2 profile=pptp service=pptp<br \/>\nadd comment=lwl name=vpn3 password=vpn3 profile=pptp service=pptp<br \/>\nadd name=vpn4 password=vpn4 profile=pptp service=pptp<br \/>\nadd name=vpn5 password=vpn5 profile=pptp service=pptp<br \/>\n\/system clock<br \/>\nset time-zone-name=Asia\/Shanghai<br \/>\n\/system identity<br \/>\nset name=ros<br \/>\n\/system ntp client<br \/>\nset enabled=yes primary-ntp=64.4.10.33 secondary-ntp=64.4.10.33<br \/>\n\/system ntp server<br \/>\nset enabled=yes<br \/>\n\/tool e-mail<br \/>\nset address=123.125.50.156 from=yxbljt@yeah.net password=yingxin user=yxbljt<br \/>\n\/tool mac-server<br \/>\nset [ find default=yes ] disabled=yes<br \/>\nadd interface=ether2-cmcc<br \/>\nadd interface=ether3<br \/>\nadd interface=ether4<br \/>\nadd interface=ether5-inside<br \/>\nadd interface=ether6-master-local<br \/>\nadd interface=ether7-slave-local<br \/>\nadd interface=ether8-slave-local<br \/>\nadd interface=ether9-slave-local<br \/>\nadd interface=ether10-slave-local<br \/>\nadd<br \/>\n\/tool mac-server mac-winbox<br \/>\nset [ find default=yes ] disabled=yes<br \/>\nadd interface=ether2-cmcc<br \/>\nadd interface=ether3<br \/>\nadd interface=ether4<br \/>\nadd interface=ether5-inside<br \/>\nadd interface=ether6-master-local<br \/>\nadd interface=ether7-slave-local<br \/>\nadd interface=ether8-slave-local<br \/>\nadd interface=ether9-slave-local<br \/>\nadd interface=ether10-slave-local<br \/>\nadd<br \/>\n\/tool netwatch<br \/>\nadd comment=\"\\B7\\FE\\CE\\F1\\C6\\F7\" host=192.168.1.10<br \/>\nadd comment=\"\\C8\\FD\\B2\\E3\\BD\\BB\\BB\\BB\\BB\\FA\" host=192.168.1.254<br \/>\nadd comment=\"\\D0\\A1\\C7\\F81\" host=192.168.168.100<br \/>\nadd comment=\"\\D0\\A1\\C7\\F82\" host=192.168.168.101<br \/>\nadd host=192.168.168.102<br \/>\nadd host=192.168.168.103<br \/>\nadd host=192.168.168.104<br \/>\nadd host=192.168.168.105<br \/>\nadd host=192.168.168.106<br \/>\nadd host=192.168.168.107<br \/>\nadd host=192.168.168.108<br \/>\nadd host=192.168.168.109<br \/>\nadd host=192.168.168.110<br \/>\nadd host=192.168.168.111<br \/>\nadd host=192.168.168.112<br \/>\nadd host=192.168.168.113<br \/>\nadd host=192.168.168.114<br \/>\nadd host=192.168.168.115<br \/>\nadd host=192.168.168.116<br \/>\nadd disabled=yes host=192.168.168.117<br \/>\nadd host=192.168.168.118<br \/>\nadd host=192.168.168.119<br \/>\nadd host=192.168.168.120<br \/>\nadd host=192.168.168.121<br \/>\nadd host=192.168.168.122<br \/>\nadd host=192.168.168.123<br \/>\nadd host=192.168.168.124<br \/>\nadd host=192.168.168.125<br \/>\nadd host=192.168.168.126<br \/>\nadd host=192.168.168.127<br \/>\nadd host=192.168.168.128<br \/>\nadd host=192.168.168.129<br \/>\nadd host=192.168.168.130<br \/>\nadd host=192.168.168.131<br \/>\nadd host=192.168.168.132<br \/>\nadd host=192.168.168.133<br \/>\nadd host=192.168.168.134<br \/>\nadd host=192.168.168.135<br \/>\nadd host=192.168.168.136<br \/>\nadd host=192.168.168.137<br \/>\nadd host=192.168.168.138<br \/>\nadd host=192.168.168.139<br \/>\nadd disabled=yes host=192.168.168.165<br \/>\nadd host=192.168.168.141<br \/>\nadd host=192.168.168.142<br \/>\nadd host=192.168.168.143<br \/>\nadd host=192.168.168.144<br \/>\nadd host=192.168.168.145<br \/>\nadd host=192.168.168.146<br \/>\nadd host=192.168.168.147<br \/>\nadd host=192.168.168.148<br \/>\nadd host=192.168.168.149<br \/>\nadd host=192.168.168.150<br \/>\nadd host=192.168.168.151<br \/>\nadd host=192.168.168.152<br \/>\nadd host=192.168.168.153<br \/>\nadd host=192.168.168.154<br \/>\nadd host=192.168.168.155<br \/>\nadd host=192.168.168.164<br \/>\nadd host=192.168.168.163<br \/>\nadd host=192.168.168.162<br \/>\nadd host=192.168.168.161<br \/>\nadd comment=\"\\C1\\AA\\CD\\A8\\CD\\F8\\B9\\D8\" host=60.6.228.126 interval=10s<br \/>\nadd comment=\"\\D2\\C6\\B6\\AF\\CD\\F8\\B9\\D8\" host=183.196.162.65 interval=10s<br \/>\n[admin@ros] ><br \/>\n<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"<p>192.168.100.2 \u603b\u51fa\u53e3\u8def\u7531\u5668\u914d\u7f6e\u5907\u4efd\uff1a 2014-9-6 MMM M &hellip; <a href=\"http:\/\/www.luwl.net\/?p=392\">\u7ee7\u7eed\u9605\u8bfb <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-392","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"http:\/\/www.luwl.net\/index.php?rest_route=\/wp\/v2\/posts\/392","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.luwl.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.luwl.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.luwl.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.luwl.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=392"}],"version-history":[{"count":2,"href":"http:\/\/www.luwl.net\/index.php?rest_route=\/wp\/v2\/posts\/392\/revisions"}],"predecessor-version":[{"id":394,"href":"http:\/\/www.luwl.net\/index.php?rest_route=\/wp\/v2\/posts\/392\/revisions\/394"}],"wp:attachment":[{"href":"http:\/\/www.luwl.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=392"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.luwl.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=392"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.luwl.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=392"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}