by ·5条评论

该脚本实现了MikroTik RouterOS 分时段封禁 封闭 禁止特定网站访问,提供一个思路,如法炮制即可。

 

# jun/11/2013 17:27:05 by RouterOS 5.20
#  www.iamle.com wwek
#  qq 121901634
# time kill web

/ip firewall filter
add action=drop chain=forward comment="kill web" disabled=no packet-mark=\
    "Kill Web mark packet"

/ip firewall mangle
add action=mark-connection chain=forward comment="web taobao.com" content=\
    taobao.com disabled=no new-connection-mark="Kill Web Conn" passthrough=\
    yes
add action=mark-connection chain=forward comment="web a.tbcdn.cn" content=\
    tbcdn.cn disabled=no new-connection-mark="Kill Web Conn" passthrough=yes
add action=mark-connection chain=forward comment="web jd.com" content=jd.com \
    disabled=no new-connection-mark="Kill Web Conn" passthrough=yes
add action=mark-packet chain=forward comment="Kill Web mark packet" \
    connection-mark="Kill Web Conn" disabled=no new-packet-mark=\
    "Kill Web mark packet" passthrough=no

/system scheduler
add disabled=no interval=3m30s name="kill web" on-event=":global nowtime  [:pi\
    ck [/system clock get time] 0 2]\r\
    \n:if (\$nowtime >= 08 && \$nowtime <= 12) do={\r\
    \n:log info [/ip firewall filter enable [/ip firewall filter find comment=\
    \"kill web\"]]\r\
    \n:log info (\"\A1\BC\BD\FB\D6\B9\CD\F8\D5\BE\D6\D0 8:00 -- 12:00\A1\BD\A3\
    \AC\CF\D6\D4\DA\CA\B1\BC\E4\A3\BA\".\$nowtime.\"\B5\E3\")}\r\
    \n:if (\$nowtime >= 12 && \$nowtime < 13) do={\r\
    \n:log info [/ip firewall filter disable [/ip firewall filter find comment\
    =\"kill web\"]]\r\
    \n:log info (\"\A1\BC\CD\F8\D5\BE\B7\C5\D0\D0\D6\D0 12:00 -- 13:00\A1\BD\
    \A3\AC\CF\D6\D4\DA\CA\B1\BC\E4\A3\BA\".\$nowtime.\"\B5\E3\")}\r\
    \n:if (\$nowtime >= 13 && \$nowtime < 17) do={\r\
    \n:log info [/ip firewall filter enable [/ip firewall filter find comment=\
    \"kill web\"]]\r\
    \n:log info (\"\A1\BC\BD\FB\D6\B9\CD\F8\D5\BE\D6\D0 13:00 -- 17:00\A1\BD\
    \A3\AC\CF\D6\D4\DA\CA\B1\BC\E4\A3\BA\".\$nowtime.\"\B5\E3\")}\r\
    \n:if (\$nowtime >=17  || \$nowtime < 08) do={\r\
    \n:log info [/ip firewall filter disable [/ip firewall filter find comment\
    =\"kill web\"]]\r\
    \n:log info (\"\A1\BC\CD\F8\D5\BE\B7\C5\D0\D0\D6\D0 17:00 -- 08:00\A1\BD\
    \A3\AC\CF\D6\D4\DA\CA\B1\BC\E4\A3\BA\".\$nowtime.\"\B5\E3\")}\r\
    \n\r\
    \n:log info (\"\A1\BC\CD\F8\D5\BE\B7\C3\CE\CA\BF\D8\D6\C6\BD\C5\B1\BE\D6\
    \B4\D0\D0\CD\EA\B1\CF\A1\BD\A3\AC\CF\D6\D4\DA\CA\B1\BC\E4\A3\BA\".\$nowtim\
    e.\"\B5\E3\")\r\
    \n" policy=\
    ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
    start-date=jun/11/2013 start-time=08:46:55