الثلاثاء، 6 مايو 2025
الجمعة، 26 أغسطس 2016
رول حمايه من الفيروسات وهجمات الدوز
الرول من موقع أجنبي
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=accept chain=forward connection-state=established disabled=no \
protocol=icmp
add action=accept chain=forward connection-state=related disabled=no \
protocol=icmp
add action=accept chain=forward disabled=no icmp-options=8:0 limit=5,30 \
protocol=icmp
add action=log chain=forward disabled=no log-prefix="Block Ping of Death" \
protocol=icmp
add action=drop chain=forward disabled=no protocol=icmp
add action=jump chain=forward comment=Jump_to_block-ddos disabled=no \
jump-target=block-ddos protocol=udp
add action=jump chain=input comment=Jump_to_block-ddos disabled=no \
jump-target=block-ddos protocol=udp
add action=return chain=block-ddos disabled=no limit=400,32
add action=log chain=block-ddos disabled=no log-prefix=DDOS_ATTACK:
add action=drop chain=block-ddos disabled=no limit=32,32
add action=jump chain=input comment=Jump_to_block-ddos disabled=no \
jump-target=block-ddos protocol=udp
add action=add-src-to-address-list address-list=blocked-addr \
address-list-timeout=1d chain=input connection-limit=100,32 disabled=no \
protocol=tcp
add action=tarpit chain=input connection-limit=3,32 disabled=no protocol=tcp \
src-address-list=blocked-addr
add action=jump chain=forward comment="SYN Flood protect" connection-state=\
new disabled=no jump-target=SYN-Protect protocol=tcp tcp-flags=syn
add action=accept chain=SYN-Protect connection-state=new disabled=no limit=\
400,5 protocol=tcp tcp-flags=syn
add action=drop chain=SYN-Protect connection-state=new disabled=no protocol=\
tcp tcp-flags=syn
add action=drop chain=virus comment="Drop Spammer" disabled=no dst-port=25 \
protocol=tcp src-address-list=spammer
add action=add-src-to-address-list address-list=spammer address-list-timeout=\
1d chain=virus comment="add to spammer list" connection-limit=30,32 \
disabled=no dst-port=25 limit=10,5 protocol=tcp src-address-list=!smtpOK
add action=drop chain=virus comment="SMTP SPAM stopper!" disabled=no \
dst-port=25 protocol=tcp src-address-list=!smtpOK
add action=drop chain=virus comment="Drop 53 DoS attack" disabled=no \
dst-port=53 protocol=tcp src-address-list=spammer
add action=drop chain=virus comment="Drop 53 DoS attack" disabled=no \
dst-port=53 protocol=udp src-address-list=spammer
add action=drop chain=virus comment="Drop 80 DoS attack" disabled=no \
dst-port=80 protocol=tcp src-address-list=spammer
add action=add-src-to-address-list address-list=spammer address-list-timeout=\
2d chain=virus comment="Drop 80 DoS attack" connection-limit=40,32 \
disabled=no dst-port=80 limit=20,5 protocol=tcp src-address-list=!smtpOK
add action=drop chain=forward comment="drop invalid connections" \
connection-state=invalid disabled=no protocol=tcp
add action=accept chain=forward connection-state=established disabled=no
add action=accept chain=forward comment="allow related connections" \
connection-state=related disabled=no
add action=drop chain=forward disabled=no src-address=0.0.0.0/8
add action=drop chain=forward disabled=no dst-address=0.0.0.0/8
add action=drop chain=forward disabled=no src-address=127.0.0.0/8
add action=drop chain=forward disabled=no dst-address=127.0.0.0/8
add action=drop chain=forward disabled=no src-address=224.0.0.0/3
add action=drop chain=forward disabled=no dst-address=224.0.0.0/3
add action=jump chain=forward disabled=no jump-target=tcp protocol=tcp
add action=jump chain=forward disabled=no jump-target=udp protocol=udp
add action=jump chain=forward disabled=no jump-target=icmp protocol=icmp
add action=drop chain=tcp comment="deny TFTP" disabled=no dst-port=69 \
protocol=tcp
add action=drop chain=tcp comment="deny RPC portmapper" disabled=no dst-port=\
111 protocol=tcp
add action=drop chain=tcp comment="deny RPC portmapper" disabled=no dst-port=\
135 protocol=tcp
add action=drop chain=tcp comment="deny NBT" disabled=no dst-port=137-139 \
protocol=tcp
add action=drop chain=tcp comment="deny cifs" disabled=no dst-port=445 \
protocol=tcp
add action=drop chain=tcp comment="deny NFS" disabled=no dst-port=2049 \
protocol=tcp
add action=drop chain=tcp comment="deny NetBus" disabled=no dst-port=\
12345-12346 protocol=tcp
add action=drop chain=tcp comment="deny NetBus" disabled=no dst-port=20034 \
protocol=tcp
add action=drop chain=tcp comment="deny BackOriffice" disabled=no dst-port=\
3133 protocol=tcp
add action=drop chain=tcp comment="deny DHCP" disabled=no dst-port=67-68 \
protocol=tcp
add action=drop chain=udp comment="deny TFTP" disabled=no dst-port=69 \
protocol=udp
add action=drop chain=udp comment="deny PRC portmapper" disabled=no dst-port=\
111 protocol=udp
add action=drop chain=udp comment="deny PRC portmapper" disabled=no dst-port=\
135 protocol=udp
add action=drop chain=udp comment="deny NBT" disabled=no dst-port=137-139 \
protocol=udp
add action=drop chain=udp comment="deny NFS" disabled=no dst-port=2049 \
protocol=udp
add action=drop chain=udp comment="deny BackOriffice" disabled=no dst-port=\
3133 protocol=udp
add action=accept chain=icmp comment="echo reply" disabled=no icmp-options=\
0:0 protocol=icmp
add action=accept chain=icmp comment="net unreachable" disabled=no \
icmp-options=3:0 protocol=icmp
add action=accept chain=icmp comment="host unreachable" disabled=no \
icmp-options=3:1 protocol=icmp
add action=accept chain=icmp comment=\
"host unreachable fragmentation required" disabled=no icmp-options=3:4 \
protocol=icmp
add action=accept chain=icmp comment="allow source quench" disabled=no \
icmp-options=4:0 protocol=icmp
add action=accept chain=icmp comment="allow echo request" disabled=no \
icmp-options=8:0 protocol=icmp
add action=accept chain=icmp comment="allow time exceed" disabled=no \
icmp-options=11:0 protocol=icmp
add action=accept chain=icmp disabled=no icmp-options=12:0 protocol=icmp
add action=drop chain=icmp comment="deny all other types" disabled=no
add action=drop chain=input comment="drop ftp brute forcers" disabled=no \
dst-port=21 protocol=tcp src-address-list=ftp_blacklist
add action=accept chain=output content="530 Login incorrect" disabled=no \
dst-limit=1/1m,9,dst-address/1m protocol=tcp
add action=add-dst-to-address-list address-list=ftp_blacklist \
address-list-timeout=3h chain=output content="530 Login incorrect" \
disabled=no protocol=tcp
add action=drop chain=input comment="drop ssh brute forcers" disabled=no \
dst-port=22 protocol=tcp src-address-list=ssh_blacklist
add action=add-src-to-address-list address-list=ssh_blacklist \
address-list-timeout=1w3d chain=input connection-state=new disabled=no \
dst-port=22 protocol=tcp src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_stage3 \
address-list-timeout=1m chain=input connection-state=new disabled=no \
dst-port=22 protocol=tcp src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage2 \
address-list-timeout=1m chain=input connection-state=new disabled=no \
dst-port=22 protocol=tcp src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage1 \
address-list-timeout=1m chain=input connection-state=new disabled=no \
dst-port=22 protocol=tcp
add action=drop chain=forward comment="drop ssh brute downstream" disabled=no \
dst-port=22 protocol=tcp src-address-list=ssh_blacklist
add action=drop chain=forward comment=Conficker disabled=no dst-port=135 \
protocol=udp
add action=drop chain=forward comment=Conficker disabled=no dst-port=137 \
protocol=udp
add action=drop chain=forward comment=Conficker disabled=no dst-port=138 \
protocol=udp
add action=drop chain=forward comment=Conficker disabled=no dst-port=445 \
protocol=udp
add action=drop chain=forward comment=Conficker disabled=no dst-port=135 \
protocol=tcp
add action=drop chain=forward comment=Conficker disabled=no dst-port=139 \
protocol=tcp
add action=drop chain=forward comment=Conficker disabled=no dst-port=5933 \
protocol=tcp
add action=drop chain=forward comment=Conficker disabled=no dst-port=445 \
protocol=tcp
add action=drop chain=forward comment=Conficker disabled=no dst-port=4691 \
protocol=tcp
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=accept chain=forward connection-state=established disabled=no \
protocol=icmp
add action=accept chain=forward connection-state=related disabled=no \
protocol=icmp
add action=accept chain=forward disabled=no icmp-options=8:0 limit=5,30 \
protocol=icmp
add action=log chain=forward disabled=no log-prefix="Block Ping of Death" \
protocol=icmp
add action=drop chain=forward disabled=no protocol=icmp
add action=jump chain=forward comment=Jump_to_block-ddos disabled=no \
jump-target=block-ddos protocol=udp
add action=jump chain=input comment=Jump_to_block-ddos disabled=no \
jump-target=block-ddos protocol=udp
add action=return chain=block-ddos disabled=no limit=400,32
add action=log chain=block-ddos disabled=no log-prefix=DDOS_ATTACK:
add action=drop chain=block-ddos disabled=no limit=32,32
add action=jump chain=input comment=Jump_to_block-ddos disabled=no \
jump-target=block-ddos protocol=udp
add action=add-src-to-address-list address-list=blocked-addr \
address-list-timeout=1d chain=input connection-limit=100,32 disabled=no \
protocol=tcp
add action=tarpit chain=input connection-limit=3,32 disabled=no protocol=tcp \
src-address-list=blocked-addr
add action=jump chain=forward comment="SYN Flood protect" connection-state=\
new disabled=no jump-target=SYN-Protect protocol=tcp tcp-flags=syn
add action=accept chain=SYN-Protect connection-state=new disabled=no limit=\
400,5 protocol=tcp tcp-flags=syn
add action=drop chain=SYN-Protect connection-state=new disabled=no protocol=\
tcp tcp-flags=syn
add action=drop chain=virus comment="Drop Spammer" disabled=no dst-port=25 \
protocol=tcp src-address-list=spammer
add action=add-src-to-address-list address-list=spammer address-list-timeout=\
1d chain=virus comment="add to spammer list" connection-limit=30,32 \
disabled=no dst-port=25 limit=10,5 protocol=tcp src-address-list=!smtpOK
add action=drop chain=virus comment="SMTP SPAM stopper!" disabled=no \
dst-port=25 protocol=tcp src-address-list=!smtpOK
add action=drop chain=virus comment="Drop 53 DoS attack" disabled=no \
dst-port=53 protocol=tcp src-address-list=spammer
add action=drop chain=virus comment="Drop 53 DoS attack" disabled=no \
dst-port=53 protocol=udp src-address-list=spammer
add action=drop chain=virus comment="Drop 80 DoS attack" disabled=no \
dst-port=80 protocol=tcp src-address-list=spammer
add action=add-src-to-address-list address-list=spammer address-list-timeout=\
2d chain=virus comment="Drop 80 DoS attack" connection-limit=40,32 \
disabled=no dst-port=80 limit=20,5 protocol=tcp src-address-list=!smtpOK
add action=drop chain=forward comment="drop invalid connections" \
connection-state=invalid disabled=no protocol=tcp
add action=accept chain=forward connection-state=established disabled=no
add action=accept chain=forward comment="allow related connections" \
connection-state=related disabled=no
add action=drop chain=forward disabled=no src-address=0.0.0.0/8
add action=drop chain=forward disabled=no dst-address=0.0.0.0/8
add action=drop chain=forward disabled=no src-address=127.0.0.0/8
add action=drop chain=forward disabled=no dst-address=127.0.0.0/8
add action=drop chain=forward disabled=no src-address=224.0.0.0/3
add action=drop chain=forward disabled=no dst-address=224.0.0.0/3
add action=jump chain=forward disabled=no jump-target=tcp protocol=tcp
add action=jump chain=forward disabled=no jump-target=udp protocol=udp
add action=jump chain=forward disabled=no jump-target=icmp protocol=icmp
add action=drop chain=tcp comment="deny TFTP" disabled=no dst-port=69 \
protocol=tcp
add action=drop chain=tcp comment="deny RPC portmapper" disabled=no dst-port=\
111 protocol=tcp
add action=drop chain=tcp comment="deny RPC portmapper" disabled=no dst-port=\
135 protocol=tcp
add action=drop chain=tcp comment="deny NBT" disabled=no dst-port=137-139 \
protocol=tcp
add action=drop chain=tcp comment="deny cifs" disabled=no dst-port=445 \
protocol=tcp
add action=drop chain=tcp comment="deny NFS" disabled=no dst-port=2049 \
protocol=tcp
add action=drop chain=tcp comment="deny NetBus" disabled=no dst-port=\
12345-12346 protocol=tcp
add action=drop chain=tcp comment="deny NetBus" disabled=no dst-port=20034 \
protocol=tcp
add action=drop chain=tcp comment="deny BackOriffice" disabled=no dst-port=\
3133 protocol=tcp
add action=drop chain=tcp comment="deny DHCP" disabled=no dst-port=67-68 \
protocol=tcp
add action=drop chain=udp comment="deny TFTP" disabled=no dst-port=69 \
protocol=udp
add action=drop chain=udp comment="deny PRC portmapper" disabled=no dst-port=\
111 protocol=udp
add action=drop chain=udp comment="deny PRC portmapper" disabled=no dst-port=\
135 protocol=udp
add action=drop chain=udp comment="deny NBT" disabled=no dst-port=137-139 \
protocol=udp
add action=drop chain=udp comment="deny NFS" disabled=no dst-port=2049 \
protocol=udp
add action=drop chain=udp comment="deny BackOriffice" disabled=no dst-port=\
3133 protocol=udp
add action=accept chain=icmp comment="echo reply" disabled=no icmp-options=\
0:0 protocol=icmp
add action=accept chain=icmp comment="net unreachable" disabled=no \
icmp-options=3:0 protocol=icmp
add action=accept chain=icmp comment="host unreachable" disabled=no \
icmp-options=3:1 protocol=icmp
add action=accept chain=icmp comment=\
"host unreachable fragmentation required" disabled=no icmp-options=3:4 \
protocol=icmp
add action=accept chain=icmp comment="allow source quench" disabled=no \
icmp-options=4:0 protocol=icmp
add action=accept chain=icmp comment="allow echo request" disabled=no \
icmp-options=8:0 protocol=icmp
add action=accept chain=icmp comment="allow time exceed" disabled=no \
icmp-options=11:0 protocol=icmp
add action=accept chain=icmp disabled=no icmp-options=12:0 protocol=icmp
add action=drop chain=icmp comment="deny all other types" disabled=no
add action=drop chain=input comment="drop ftp brute forcers" disabled=no \
dst-port=21 protocol=tcp src-address-list=ftp_blacklist
add action=accept chain=output content="530 Login incorrect" disabled=no \
dst-limit=1/1m,9,dst-address/1m protocol=tcp
add action=add-dst-to-address-list address-list=ftp_blacklist \
address-list-timeout=3h chain=output content="530 Login incorrect" \
disabled=no protocol=tcp
add action=drop chain=input comment="drop ssh brute forcers" disabled=no \
dst-port=22 protocol=tcp src-address-list=ssh_blacklist
add action=add-src-to-address-list address-list=ssh_blacklist \
address-list-timeout=1w3d chain=input connection-state=new disabled=no \
dst-port=22 protocol=tcp src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_stage3 \
address-list-timeout=1m chain=input connection-state=new disabled=no \
dst-port=22 protocol=tcp src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage2 \
address-list-timeout=1m chain=input connection-state=new disabled=no \
dst-port=22 protocol=tcp src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage1 \
address-list-timeout=1m chain=input connection-state=new disabled=no \
dst-port=22 protocol=tcp
add action=drop chain=forward comment="drop ssh brute downstream" disabled=no \
dst-port=22 protocol=tcp src-address-list=ssh_blacklist
add action=drop chain=forward comment=Conficker disabled=no dst-port=135 \
protocol=udp
add action=drop chain=forward comment=Conficker disabled=no dst-port=137 \
protocol=udp
add action=drop chain=forward comment=Conficker disabled=no dst-port=138 \
protocol=udp
add action=drop chain=forward comment=Conficker disabled=no dst-port=445 \
protocol=udp
add action=drop chain=forward comment=Conficker disabled=no dst-port=135 \
protocol=tcp
add action=drop chain=forward comment=Conficker disabled=no dst-port=139 \
protocol=tcp
add action=drop chain=forward comment=Conficker disabled=no dst-port=5933 \
protocol=tcp
add action=drop chain=forward comment=Conficker disabled=no dst-port=445 \
protocol=tcp
add action=drop chain=forward comment=Conficker disabled=no dst-port=4691 \
protocol=tcp
اسكربت تحديد والتحكم بالمواقع الاباحية
نظرا لكثرة المواقع الاباحية وصعوبة حظرها خصوصا عند استخدام برامج vpn جئنا اليوم بفكره أخري
هي تحديد سرعه لهذه المواقع بحيث تكون بطيئة جدا ولا تفيد بشئ
اسكربت تحديد والتحكم بالمواقع الاباحية
لاتنسوووو تبدلو كرت الدخول بكرت دخولكم هنا بالرول كرت الدخول باسم
in
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
اولا مستخدمي الاصدار 5 من الميكروتك
/ip firewall layer7-protocol
add name=mate regexp="^.*(log.apk.v-mate.mobi|api.vidmate|vidmate)\\.com.*"
add name=xvideos regexp="^.*(xvideos|xnxx|pornhup|porn|xxx|sex)\\.com.*"
/ip firewall mangle
add action=add-dst-to-address-list address-list=mate.mobi \
address-list-timeout=0s chain=postrouting comment=maet disabled=no \
layer7-protocol=mate out-interface=in
add action=add-dst-to-address-list address-list=xvideos address-list-timeout=\
0s chain=postrouting comment=uc9.ucweb.com disabled=no layer7-protocol=\
xvideos out-interface=in
add action=mark-packet chain=prerouting comment=sex disabled=no \
new-packet-mark=xv passthrough=yes src-address-list=xvideos
add action=mark-packet chain=prerouting comment=mate.mobi disabled=no \
new-packet-mark=tubemate passthrough=yes src-address-list=mate.mobi
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s comment=\
"\CA\CD\CC\ED\E3 \C7\E1\E3\E6\C7\DE\DA \C7\E1\C7\C8\C7\CD\ED " disabled=\
no limit-at=0 max-limit=0 name=XV packet-mark=xv parent=global-out \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=tubemate packet-mark=tubemate parent=global-out \
priority=8 queue=default
////////////////////////////////////////////////////////////////////////////////////////////////////////
ثانيا مستخدمي الاصدار 6 من الميكروتك
/ip firewall layer7-protocol
add name=mate regexp="^.*(log.apk.v-mate.mobi|api.vidmate|vidmate)\\.com.*"
add name=xvideos regexp="^.*(xvideos|xnxx|pornhup|porn|xxx|sex)\\.com.*"
/ip firewall mangle
add action=add-dst-to-address-list address-list=mate.mobi \
address-list-timeout=0s chain=postrouting comment=maet disabled=no \
layer7-protocol=mate out-interface=in
add action=add-dst-to-address-list address-list=xvideos address-list-timeout=\
0s chain=postrouting comment=uc9.ucweb.com disabled=no layer7-protocol=\
xvideos out-interface=in
add action=mark-packet chain=prerouting comment=sex disabled=no \
new-packet-mark=xv passthrough=yes src-address-list=xvideos
add action=mark-packet chain=prerouting comment=mate.mobi disabled=no \
new-packet-mark=tubemate passthrough=yes src-address-list=mate.mobi
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s comment=\
"\CA\CD\CC\ED\E3 \C7\E1\E3\E6\C7\DE\DA \C7\E1\C7\C8\C7\CD\ED " disabled=\
no limit-at=0 max-limit=0 name=XV packet-mark=xv parent=global-out \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=tubemate packet-mark=tubemate parent=global-out \
priority=8 queue=default
هي تحديد سرعه لهذه المواقع بحيث تكون بطيئة جدا ولا تفيد بشئ
اسكربت تحديد والتحكم بالمواقع الاباحية
لاتنسوووو تبدلو كرت الدخول بكرت دخولكم هنا بالرول كرت الدخول باسم
in
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
اولا مستخدمي الاصدار 5 من الميكروتك
/ip firewall layer7-protocol
add name=mate regexp="^.*(log.apk.v-mate.mobi|api.vidmate|vidmate)\\.com.*"
add name=xvideos regexp="^.*(xvideos|xnxx|pornhup|porn|xxx|sex)\\.com.*"
/ip firewall mangle
add action=add-dst-to-address-list address-list=mate.mobi \
address-list-timeout=0s chain=postrouting comment=maet disabled=no \
layer7-protocol=mate out-interface=in
add action=add-dst-to-address-list address-list=xvideos address-list-timeout=\
0s chain=postrouting comment=uc9.ucweb.com disabled=no layer7-protocol=\
xvideos out-interface=in
add action=mark-packet chain=prerouting comment=sex disabled=no \
new-packet-mark=xv passthrough=yes src-address-list=xvideos
add action=mark-packet chain=prerouting comment=mate.mobi disabled=no \
new-packet-mark=tubemate passthrough=yes src-address-list=mate.mobi
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s comment=\
"\CA\CD\CC\ED\E3 \C7\E1\E3\E6\C7\DE\DA \C7\E1\C7\C8\C7\CD\ED " disabled=\
no limit-at=0 max-limit=0 name=XV packet-mark=xv parent=global-out \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=tubemate packet-mark=tubemate parent=global-out \
priority=8 queue=default
////////////////////////////////////////////////////////////////////////////////////////////////////////
ثانيا مستخدمي الاصدار 6 من الميكروتك
/ip firewall layer7-protocol
add name=mate regexp="^.*(log.apk.v-mate.mobi|api.vidmate|vidmate)\\.com.*"
add name=xvideos regexp="^.*(xvideos|xnxx|pornhup|porn|xxx|sex)\\.com.*"
/ip firewall mangle
add action=add-dst-to-address-list address-list=mate.mobi \
address-list-timeout=0s chain=postrouting comment=maet disabled=no \
layer7-protocol=mate out-interface=in
add action=add-dst-to-address-list address-list=xvideos address-list-timeout=\
0s chain=postrouting comment=uc9.ucweb.com disabled=no layer7-protocol=\
xvideos out-interface=in
add action=mark-packet chain=prerouting comment=sex disabled=no \
new-packet-mark=xv passthrough=yes src-address-list=xvideos
add action=mark-packet chain=prerouting comment=mate.mobi disabled=no \
new-packet-mark=tubemate passthrough=yes src-address-list=mate.mobi
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s comment=\
"\CA\CD\CC\ED\E3 \C7\E1\E3\E6\C7\DE\DA \C7\E1\C7\C8\C7\CD\ED " disabled=\
no limit-at=0 max-limit=0 name=XV packet-mark=xv parent=global-out \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=tubemate packet-mark=tubemate parent=global-out \
priority=8 queue=default
الأربعاء، 24 أغسطس 2016
الاسكربت الحصري لعمل تحديد لبرامج التحميل عبر الاندرويد ..حيث انها لاتتتوقف عبر التقسيم
رول مجرب مع شبكات وممتاز تم السيطرة ع برنامجين تيوب ميت وسناب تيوب
///////////////////////////////
/ip fir address-list
add address=8.37.224.0/20 comment=u.ucfly.com disabled=no list=u.ucfly.com
add address=107.20.0.0/14 comment=SnapTube disabled=no list=SnapTube
رول مجرب مع شبكات وممتاز تم السيطرة ع برنامجين تيوب ميت وسناب تيوب
///////////////////////////////
/ip fir address-list
add address=8.37.224.0/20 comment=u.ucfly.com disabled=no list=u.ucfly.com
add address=107.20.0.0/14 comment=SnapTube disabled=no list=SnapTube
/ip firewall mangle
add action=mark-packet chain=prerouting comment=fB.com/alzobdy|7744039606 disabled=no \
new-packet-mark=u.ucfly.com passthrough=yes src-address-list=u.ucfly.com
add action=mark-packet chain=prerouting comment=fB.com/alzobdy|7744039606 disabled=no \
new-packet-mark=SnapTube passthrough=yes src-address-list=SnapTube
new-packet-mark=SnapTube passthrough=yes src-address-list=SnapTube
للنسخ 5
/queue tree
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s comment=\
"u.ucfly.com " disabled=\
no limit-at=0 max-limit=750k name=u.ucfly.com packet-mark=u.ucfly.com parent=global-out \
priority=8 queue=default
"u.ucfly.com " disabled=\
no limit-at=0 max-limit=750k name=u.ucfly.com packet-mark=u.ucfly.com parent=global-out \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s comment=\
"SnapTube " disabled=\
no limit-at=0 max-limit=750k name=SnapTube packet-mark=SnapTube parent=global-out \
priority=8 queue=default
"SnapTube " disabled=\
no limit-at=0 max-limit=750k name=SnapTube packet-mark=SnapTube parent=global-out \
priority=8 queue=default
للنسخ 6
/queue tree
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s comment=\
"u.ucfly.com " disabled=\
no limit-at=0 max-limit=750k name=u.ucfly.com packet-mark=u.ucfly.com parent=global \
priority=8 queue=default
"u.ucfly.com " disabled=\
no limit-at=0 max-limit=750k name=u.ucfly.com packet-mark=u.ucfly.com parent=global \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s comment=\
"SnapTube " disabled=\
no limit-at=0 max-limit=750k name=SnapTube packet-mark=SnapTube parent=global \
priority=8 queue=default
"SnapTube " disabled=\
no limit-at=0 max-limit=750k name=SnapTube packet-mark=SnapTube parent=global \
priority=8 queue=default
الرول الاروع في قفل ومنع تحديثات الوندوز للنسخ 5 و 6
مقدم من الاخ محمد الزبيدي
ومجرب مني شخصياً
مقدم من الاخ محمد الزبيدي
ومجرب مني شخصياً
/ip firewall filter
add action=reject chain=forward comment="block_WinUp" content=update.microsoft.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment="block_WinUp" content=download.microsoft.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment="block_WinUp" content=download.windowsupdate.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment="block_WinUp" content=wustat.windows.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment="block_WinUp" content=ntservicepack.microsoft.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment="block_WinUp" content=stats.microsoft.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment="block_WinUp" content=windowsupdate.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment="block_WinUp" content=update.microsoft.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment="block_WinUp" content=download.microsoft.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment="block_WinUp" content=download.windowsupdate.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment="block_WinUp" content=wustat.windows.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment="block_WinUp" content=ntservicepack.microsoft.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment="block_WinUp" content=stats.microsoft.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment="block_WinUp" content=windowsupdate.com disabled=no reject-with=icmp-network-unreachable
رول تحديد سرعه جوجل بلاي للنسخ 5
/ip firewall layer7-protocol
add comment="PLAY STORE" name="Google Play Store" regexp=\
^.+.play.google.com.*
^.+.play.google.com.*
/ip firewall mangle
add action=add-src-to-address-list address-list=APK address-list-timeout=1d \
chain=prerouting comment=APK disabled=no layer7-protocol=\
"Google Play Store"
add action=mark-packet chain=prerouting comment="Google Play Store" disabled=\
no new-packet-mark="Google Play Store" passthrough=yes src-address-list=\
APK
chain=prerouting comment=APK disabled=no layer7-protocol=\
"Google Play Store"
add action=mark-packet chain=prerouting comment="Google Play Store" disabled=\
no new-packet-mark="Google Play Store" passthrough=yes src-address-list=\
APK
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s comment="Google Play Store" \
disabled=no limit-at=0 max-limit=0 name="Google Play Store" packet-mark=\
"Google Play Store" parent=global-out priority=8 queue=default
يتم تحديد السرعة من queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s comment="Google Play Store" \
disabled=no limit-at=0 max-limit=0 name="Google Play Store" packet-mark=\
"Google Play Store" parent=global-out priority=8 queue=default
يتم تحديد السرعة من queue tree
الاشتراك في:
التعليقات (Atom)