بيانات العضو
hanyfarag .:: مراقب عام قسم الحاسب ::.
معلومات العضو
المساهمات : 340العمر : 53السٌّمعَة : 33النقاط : : 55638تاريخ التسجيل : 28/06/2009
موضوع: برمجة ميكروتك كامل من التيرمنال وسكربتات الأحد 28 يونيو 2009, 17:34
[center]مرحبا اصدقائب الاعزاء اقدم لكم اليوم سكربتات جاهزة لبرمجة ميكروتك بالكامل طبعا الرجااااااء الانتباه الى الاي بيات وفيما يلائمك وتغيرها الى المطلوب لك نفترض ان الوان هو 10.0.0.1 و الاي بي الداخلي هو 192.168.0.1 / interface set ether1 name=lan set ether2 name=wan / ip address add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=lan add address=10.0.0.2/24 network=10.0.0.0 broadcast=10.0.0.255 interface=wan / ip firewall nat add chain=srcnat out-interface=wan action=masquerade comment="NAT to wan" disabled=no / ip upnp interfaces add interface=wan type=external add interface=lan type=internal / ip route add dst-address=8.0.0.0/8 gateway=192.168.0.1 distance=1 scope=255 \\ target-scope=10 comment="INTERNATIONAL SITES" disabled=no add dst-address=16.0.0.0/8 gateway=192.168.0.1 distance=1 scope=255 \\ target-scope=10 comment="INTERNATIONAL SITES" disabled=no add dst-address=32.0.0.0/8 gateway=192.168.0.1 distance=1 scope=255 \\ target-scope=10 comment="INTERNATIONAL SITES" disabled=no add dst-address=64.0.0.0/8 gateway=192.168.0.1 distance=1 scope=255 \\ target-scope=10 comment="INTERNATIONAL SITES" disabled=no add dst-address=96.0.0.0/8 gateway=192.168.0.1 distance=1 scope=255 \\ target-scope=10 comment="INTERNATIONAL SITES" disabled=no add dst-address=128.0.0.0/8 gateway=192.168.0.1 distance=1 scope=255 \\ target-scope=10 comment="INTERNATIONAL SITES" disabled=no add dst-address=207.0.0.0/8 gateway=192.168.0.1 distance=1 scope=255 \\ target-scope=10 comment="MICROSOFT" disabled=no add dst-address=208.65.0.0/16 gateway=192.168.0.1 distance=1 scope=255 \\ target-scope=10 comment="YOUTUBE" disabled=no add dst-address=208.67.0.0/16 gateway=192.168.0.1 distance=1 scope=255 \\ target-scope=10 comment="GOOGLE" disabled=no add dst-address=209.0.0.0/28 gateway=192.168.0.1 distance=1 scope=255 \\ target-scope=10 comment="ORKUT" disabled=no / ip route add dst-address=8.0.0.0/8 gateway=10.0.0.1 distance=1 scope=255 \\ target-scope=10 comment="INTERNATIONAL SITES" disabled=no add dst-address=16.0.0.0/8 gateway=10.0.0.1 distance=1 scope=255 \\ target-scope=10 comment="INTERNATIONAL SITES" disabled=no add dst-address=32.0.0.0/8 gateway=10.0.0.1 distance=1 scope=255 \\ target-scope=10 comment="INTERNATIONAL SITES" disabled=no add dst-address=64.0.0.0/8 gateway=10.0.0.1 distance=1 scope=255 \\ target-scope=10 comment="INTERNATIONAL SITES" disabled=no add dst-address=96.0.0.0/8 gateway=10.0.0.1 distance=1 scope=255 \\ target-scope=10 comment="INTERNATIONAL SITES" disabled=no add dst-address=128.0.0.0/8 gateway=10.0.0.1 distance=1 scope=255 \\ target-scope=10 comment="INTERNATIONAL SITES" disabled=no add dst-address=207.0.0.0/8 gateway=10.0.0.1 distance=1 scope=255 \\ target-scope=10 comment="MICROSOFT" disabled=no add dst-address=208.65.0.0/16 gateway=10.0.0.1 distance=1 scope=255 \\ target-scope=10 comment="YOUTUBE" disabled=no add dst-address=208.67.0.0/16 gateway=10.0.0.1 distance=1 scope=255 \\ target-scope=10 comment="GOOGLE" disabled=no add dst-address=209.0.0.0/28 gateway=10.0.0.1 distance=1 scope=255 \\ target-scope=10 comment="ORKUT" disabled=no اعداد الكاش / ip firewall nat add chain=dstnat dst-port=80 protocol=tcp action=redirect to-ports=3128 comment="PROXY REDIRECTION" disabled=no / ip web-proxy set enabled=yes src-address=0.0.0.0 port=3128 hostname="proxy" transparent-proxy=yes parent-proxy=0.0.0.0:0 cache-administrator="webmaster" max-object-size=4096KiB cache-drive=system max-cache-size=380000KiB max-ram-cache-size=64000KiB / ip web-proxy access add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" disabled=no /ip firewall filter add chain=input dst-port=3128 protocol=tcp in-interface=wan action=drop comment="EXTERNAL PROXY BLOCK" disabled=no تحديد سرعة برامج p2p والضارة جدا خليتها لكم 1 كيلو تحميل 1 كيلو رفع / ip firewall mangle add chain=prerouting p2p=all-p2p action=mark-connection new-connection-mark=p2p_conn passthrough=yes comment="MARK P2P" disabled=no add chain=prerouting connection-mark=p2p_conn action=mark-packet new-packet-mark=p2p passthrough=yes comment="" disabled=no / queue tree add name="P2P-Down" parent=global-in packet-mark=p2p limit-at=0 queue=default priority=8 max-limit=1000 burst-limit=0 burst-threshold=0 burst-time=0s disabled=no add name="P2P-Up" parent=global-out packet-mark=p2p limit-at=0 queue=default priority=8 max-limit=1000 burst-limit=0 burst-threshold=0 burst-time=0s disabled=no اعداد dns وركزو تغيرو الاي بي الى الدي ان اس الخاص ب isp الخاص بك او الي ماخذ منه خط باك بون / ip dns set primary-dns=111.111.111.111 / ip dns set secondary-dns=222.222.222.222 اعداد الفايرول فلتر / ip firewall filter add chain=forward protocol=tcp connection-limit=25,32 limit=1,5 action=drop comment="LIMIT USER CONECTION TO 25" disabled=no add chain=input connection-state=invalid action=drop comment="DROP INVALID CONNECTIONS" disabled=no add chain=customer connection-state=invalid action=drop comment="DROP INVALID CONNEECTION PACKETS" disabled=no add chain=customer connection-state=established action=accept comment="ALLOW ESTABLISHED CONNECTIONS" disabled=no add chain=customer connection-state=related action=accept comment="ALLOW RELATED CONNECTIONS" disabled=no add chain=customer action=log log-prefix="customer_drop" comment="LOG DROPPED CONNECTIONS" disabled=no add chain=forward protocol=tcp src-port=135-139 action=drop comment="NETBEUI" disabled=no add chain=customer action=drop comment="DROP AND LOG EVERYTHING ELSE" disabled=no add chain=forward protocol=tcp dst-port=3306 action=drop comment="VIRUS" disabled=no add chain=forward protocol=tcp dst-port=1025 action=drop comment="" disabled=no add chain=forward protocol=tcp p2p=winmx connection-limit=10,32 limit=1,3 action=drop comment="P2P" disabled=no add chain=forward protocol=tcp p2p=warez connection-limit=10,32 limit=1,3 action=drop comment="" disabled=no add chain=forward protocol=tcp p2p=bit-torrent connection-limit=10,32 limit=1,3 connection-state=new action=drop comment="" disabled=no add chain=forward protocol=tcp p2p=edonkey connection-limit=10,32 limit=1,3 connection-state=new action=drop comment="" disabled=no add chain=forward protocol=tcp p2p=gnutella connection-limit=10,32 limit=1,3 action=drop comment="" disabled=no add chain=forward protocol=tcp p2p=fasttrack connection-limit=10,32 limit=1,3 action=drop comment="" disabled=no add chain=forward protocol=tcp p2p=fasttrack connection-limit=10,32 limit=1,3 action=drop comment="" disabled=no add chain=forward protocol=tcp p2p=direct-connect connection-limit=10,32 limit=1,3 action=drop comment="" disabled=no add chain=forward protocol=tcp p2p=blubster connection-limit=10,32 limit=1,3 action=drop comment="" disabled=no add chain=forward protocol=tcp tcp-flags=fin,syn,rst,ack limit=1,5 action=accept comment="" disabled=no add chain=input protocol=tcp tcp-flags=fin,syn,rst,ack limit=1,5 action=accept comment="SYN-FLOOD" disabled=no add chain=input protocol=icmp icmp-options=8:0 limit=1,5 action=accept comment="DOS ATTACK" disabled=no add chain=forward protocol=icmp icmp-options=8:0 limit=1,5 action=accept comment="" disabled=no add chain=output protocol=icmp connection-state=invalid action=drop comment="TRANSLATION NAT BUG" disabled=no add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list="pscanners" address-list-timeout=2w comment="PORT SCANNERS TO LIST" disabled=no add chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list="pscanners" address-list-timeout=2w comment="NMAP FIN STEALTH" disabled=no add chain=input protocol=tcp tcp-flags=fin,syn action=add-src-to-address-list address-list="pscanners" address-list-timeout=2w comment="SYN/FINn" disabled=no add chain=input protocol=tcp tcp-flags=syn,rst action=add-src-to-address-list address-list="pscanners" address-list-timeout=2w comment="SYN/RST" disabled=no add chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!ack action=add-src-to-address-list address-list="pscanners" address-list-timeout=2w comment="FIN/PSH/URG" disabled=no add chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=add-src-to-address-list address-list="pscanners" address-list-timeout=2w comment="ALL/ALL" disabled=no add chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list="pscanners" address-list-timeout=2w comment="NMAP NULL" disabled=no add chain=input src-address-list="pscanners" action=drop comment="DROPPING PORT SCANNERS" disabled=no add chain=forward protocol=tcp dst-port=0 action=drop comment="REX VIRUS" disabled=no add chain=forward protocol=tcp dst-port=12345 action=drop comment="NETBUS" disabled=no اعداد dhcp server / ip pool add name="pool_clients" ranges=192.168.0.10-192.168.0.240 / ip dhcp-server add name="dhcp_clients" interface=lan lease-time=1d address-pool=pool_clients bootp-support=static authoritative=after-2sec-delay add-arp=yes disabled=no / ip dhcp-server network add address=192.168.0.0/24 gateway=192.168.0.1 netmask=24 dns-server=111.111.111.111,222.222.222.222 comment="DHCP Server Range" / ip dhcp-server config set store-leases-disk=5m حجب اجهزة الزبون من الاتصال باجهزة الزبون الاخرى على كل البورتات / ip firewall filter add chain=forward src-address=192.168.0.0/24 dst-address=192.168.0.0/24 action=drop comment="Block client to client traffic in all ports" disabled=no تحويل كامل ترفك الزبون الى الوان / ip route add dst-address=0.0.0.0/0 gateway=10.0.0.1 scope=255 target-scope=10 routing-mark=Route_wan comment="Market packets redirect to port Route_wan" disabled=no / ip firewall mangle add chain=prerouting protocol=tcp action=mark-routing new-routing-mark=Route_wan passthrough=yes in-interface=lan comment="Redirect port to Route_wan" disabled=no add chain=prerouting routing-mark=Route_wan action=mark-packet new-packet-mark=Route_wan passthrough=yes comment="Market packets to Route_wan" disabled=no / interface ethernet set wan name="wan" arp=proxy-arp comment="" disabled=no / ip firewall nat add chain=dstnat action=redirect to-ports=3128 src-address=!210.220.230.0 dst-port=80 protocol=tcp comment="PROXY-WEB/JUMP VALID IP" disabled=no add chain=dstnat action=passthrough src-address=210.220.230.0/24 comment="VALID IP TO CLIENTS" disabled=no / ppp profile add name="pppoe_palmcse_128K_256K" use-compression=no use-vj-compression=no use-encryption=no only-one=yes change-tcp-mss=yes rate-limit=128k/256k dns-server=111.111.111.111,222.222.222.222 comment="" / interface pppoe-server server add service-name="pppoe_server" interface=wan max-mtu=1480 max-mru=1480 authentication=pap,chap,mschap1,mschap2 keepalive-timeout=10 one-session-per-host=yes max-sessions=0 default-profile= pppoe_palmcse_128K_256K disabled=no / ppp secret add name="palmcse" service=pppoe password="test" profile= pppoe_palmcse_128K_256K remote-address=210.220.230.240 routes="" limit-bytes-in=0 limit-bytes-out=0 comment="" disabled=no
[/center]
الموضوع الأصلي : برمجة ميكروتك كامل من التيرمنال وسكربتات المصدر : مُنتَدَيَاتْ صُـوتــْ بَــلَــدْنََــا
______________________________________________________
hanyfarag