как переделать правила

Базовая функциональность RouterOS
Ответить
usag
Сообщения: 1
Зарегистрирован: 11 апр 2018, 07:17

как переделать правила

Сообщение usag » 11 апр 2018, 07:21

как переделать правила блокировки торрентов на прошивке 6.37 все работало блокировал почти все торренты на 6.41
пишет ожибку у типо старый протокол
/ip firewall mangle
add action=mark-packet chain=prerouting comment=all-p2p disabled=no new-packet-mark=p2p p2p=all-p2p passthrough=no
add action=mark-packet chain=prerouting comment="\B5TP-1" disabled=no layer7-protocol="\B5TP-1" new-packet-mark=p2p passthrough=no
add action=mark-packet chain=prerouting comment="\B5TP-2" disabled=yes layer7-protocol="\B5TP-2" new-packet-mark=p2p passthrough=no
add action=mark-packet chain=prerouting comment=DHT disabled=no layer7-protocol=DHT new-packet-mark=p2p passthrough=no
add action=mark-packet chain=prerouting comment=BitTorrent disabled=yes layer7-protocol=bittorrent new-packet-mark=p2p passthrough=no
/ip firewall layer7-protocol
add comment="" name="\B5TP-1" regexp="\\x7F\\xFF\\xFF\\xFF\\xAB"
add comment="" name=DHT regexp="^d1:[a|r]d2:id20:.*:y1:[q|r]e"
add comment="" name="\B5TP-2" regexp="\\\\x7F\\\\xFF\\\\xFF\\\\xFF\\\\xAB"
add comment="" name=bittorrent regexp="^(\\x13bittorrent protocol|azver\\x01\$|get /scrape\\\?info_hash=|get /announce\\\?info_hash=|ge\t\r\\n/ann\?uk=|get\r\\n/client/bitcomet/|get /data\\\?fid=)|d1:ad2:id20:|\\x08'7P\\)[RP]"
/ip firewall filter
add action=accept chain=forward comment=full disabled=no src-address-list=full
add action=accept chain=forward comment=full disabled=no dst-address-list=full
add action=add-src-to-address-list address-list=torrent address-list-timeout=3d chain=forward comment=p2p-packet disabled=no packet-mark=p2p src-address=192.168.4.1-192.168.4.254
add action=add-dst-to-address-list address-list=torrent address-list-timeout=3d chain=forward comment=p2p-packet disabled=no dst-address=192.168.4.1-192.168.4.254 packet-mark=p2p
add action=log chain=forward comment=p2p-packet disabled=yes log-prefix="" packet-mark=p2p
add action=drop chain=input comment=all-p2p disabled=no p2p=all-p2p
add action=drop chain=input comment=p2p-mark disabled=no packet-mark=p2p
add action=drop chain=forward comment=all-p2p disabled=no p2p=all-p2p
add action=drop chain=forward comment=p2p-mark disabled=no packet-mark=p2p
add action=drop chain=forward comment="!!!_BAN_!!! -> torr" disabled=no dst-address-list=torrent protocol=tcp src-port=1000-65535
add action=drop chain=forward comment="!!!_BAN_!!! -> torr" disabled=no dst-address-list=torrent protocol=udp src-port=1000-65535
add action=drop chain=forward comment="!!!_BAN_!!! torr ->" disabled=no dst-port=1000-65535 protocol=tcp src-address-list=torrent
add action=drop chain=forward comment="!!!_BAN_!!! torr ->" disabled=no dst-port=1000-65535 protocol=udp src-address-list=torrent

на форум.jpg
вот ошибка
на форум.jpg (69.14 КБ) 1220 просмотров

Ответить