该脚本实现了MikroTik RouterOS 分时段封禁 封闭 禁止特定网站访问,提供一个思路,如法炮制即可。
# jun/11/2013 17:27:05 by RouterOS 5.20 # www.iamle.com wwek # qq 121901634 # time kill web /ip firewall filter add action=drop chain=forward comment="kill web" disabled=no packet-mark=\ "Kill Web mark packet" /ip firewall mangle add action=mark-connection chain=forward comment="web taobao.com" content=\ taobao.com disabled=no new-connection-mark="Kill Web Conn" passthrough=\ yes add action=mark-connection chain=forward comment="web a.tbcdn.cn" content=\ tbcdn.cn disabled=no new-connection-mark="Kill Web Conn" passthrough=yes add action=mark-connection chain=forward comment="web jd.com" content=jd.com \ disabled=no new-connection-mark="Kill Web Conn" passthrough=yes add action=mark-packet chain=forward comment="Kill Web mark packet" \ connection-mark="Kill Web Conn" disabled=no new-packet-mark=\ "Kill Web mark packet" passthrough=no /system scheduler add disabled=no interval=3m30s name="kill web" on-event=":global nowtime [:pi\ ck [/system clock get time] 0 2]\r\ \n:if (\$nowtime >= 08 && \$nowtime <= 12) do={\r\ \n:log info [/ip firewall filter enable [/ip firewall filter find comment=\ \"kill web\"]]\r\ \n:log info (\"\A1\BC\BD\FB\D6\B9\CD\F8\D5\BE\D6\D0 8:00 -- 12:00\A1\BD\A3\ \AC\CF\D6\D4\DA\CA\B1\BC\E4\A3\BA\".\$nowtime.\"\B5\E3\")}\r\ \n:if (\$nowtime >= 12 && \$nowtime < 13) do={\r\ \n:log info [/ip firewall filter disable [/ip firewall filter find comment\ =\"kill web\"]]\r\ \n:log info (\"\A1\BC\CD\F8\D5\BE\B7\C5\D0\D0\D6\D0 12:00 -- 13:00\A1\BD\ \A3\AC\CF\D6\D4\DA\CA\B1\BC\E4\A3\BA\".\$nowtime.\"\B5\E3\")}\r\ \n:if (\$nowtime >= 13 && \$nowtime < 17) do={\r\ \n:log info [/ip firewall filter enable [/ip firewall filter find comment=\ \"kill web\"]]\r\ \n:log info (\"\A1\BC\BD\FB\D6\B9\CD\F8\D5\BE\D6\D0 13:00 -- 17:00\A1\BD\ \A3\AC\CF\D6\D4\DA\CA\B1\BC\E4\A3\BA\".\$nowtime.\"\B5\E3\")}\r\ \n:if (\$nowtime >=17 || \$nowtime < 08) do={\r\ \n:log info [/ip firewall filter disable [/ip firewall filter find comment\ =\"kill web\"]]\r\ \n:log info (\"\A1\BC\CD\F8\D5\BE\B7\C5\D0\D0\D6\D0 17:00 -- 08:00\A1\BD\ \A3\AC\CF\D6\D4\DA\CA\B1\BC\E4\A3\BA\".\$nowtime.\"\B5\E3\")}\r\ \n\r\ \n:log info (\"\A1\BC\CD\F8\D5\BE\B7\C3\CE\CA\BF\D8\D6\C6\BD\C5\B1\BE\D6\ \B4\D0\D0\CD\EA\B1\CF\A1\BD\A3\AC\CF\D6\D4\DA\CA\B1\BC\E4\A3\BA\".\$nowtim\ e.\"\B5\E3\")\r\ \n" policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \ start-date=jun/11/2013 start-time=08:46:55