搜尋
搜尋
  • 837

[研究所] MikroTik RouterOS 學習 (持續更新)

前往頁尾
wishstar2004125464
wishstar2004125464
wishstar2004125464
2308分
8291樓
2023-05-05 7:29
wishstar2004125464 wrote:
原則上是只要備份 AdGuardHome...(恕刪)


有人回說是 Docker manifest missing #5495 這個 issue 相關問題

確實點進去有看到有人回報 RouterOS 的 container 無法安裝 AdGuard Home 最新版的 images

其中 AdGuard 裡面的開發者大老 ainar-g 有提到
You are correct in that it's a Docker bug, see moby/moby#43126. It seems like they've released a fix for that in v23.0.0, but it'll still be a while until these get into stable OS repos.

docker manifest inspect does not support OCI images? #43126 這個 issue 提到的就是支援 OCI images 問題

所以我們在 RouterOS 7.9 的 Changelog 看到

*) container - improved "container pull" to support OCI manifest format;

看起來就是有修 BUG 但還沒完全修好,前面也有提到 RouterOS 團隊打算在 7.10 時解決這個 BUG ,所以就只能等了。
ouchwe
ouchwe

經測試7.10beta5 container已經可以安裝最新版本的AdGuard HOME

2023-05-11 17:37
RickyHsu77
RickyHsu77
RickyHsu77
1106分
8292樓
2023-05-09 14:53
想請教Syslog的問題.
目前設定是我的Mikrotik x86 Router會將Syslog分critical,error,info,warning四個等級將Syslog丟到Synology DS414去儲存,原先很少有紅色的"緊急"的等級,大約這幾天開始一堆了,像account login,rule changed,Updated filter....一堆都變成緊急等級了,以前都是黑色的,也因為緊急等級我的設定是NAS會主動發Mail通知,所以現在都一堆紅色的緊急事件的log.
請教有可能是那邊的問題呢?還是Mikrotik將這些都算緊急等級了呢?
RickyHsu77
RickyHsu77
RickyHsu77
1106分
8293樓
2023-05-09 15:39
RickyHsu77 wrote:
想請教Syslog的...(恕刪)


自問自答,不想試太多,直接將上次備份檔還原就正常了.
怪怪~~我也沒改設定啊~
就是Adguard重裝重新設定,因為不想再試mount disk,對我來說有點難,所以沒得備份設定檔,反正也很少機會要重新,除非昇級OS.
a22548546
a22548546
a22548546
  • a22548546
  • 個人積分:0分
    文章編號:87457594
0分
8294樓
2023-05-15 0:00
最近遇到一個ipv6的狀況
原本想將svr07 這個名稱自動導向至192.168.1.1
但使用nslookup 會一直出現
伺服器: dns.hinet.net
Address: 2001:b000:168::2

*** dns.hinet.net 找不到 svr01: Non-existent domain

結果才發現是因為ipv6 那邊沒有設定DNS導向,導致是跟外部的DNS請求
目前只能先將ipv6暫時停用.... 還是有更好的設定方式呢?
例如只使用ipv4的DNS
wishstar2004125464
wishstar2004125464

如果直接在 C:WINDOWSsystem32driversetc 中做 DNS rewrite?

2023-05-15 13:27
wishstar2004125464
wishstar2004125464

或者參考這篇 https://forum.mikrotik.com/viewtopic.php?t=188225

2023-05-15 13:41
AK41103
AK41103
AK41103
  • AK41103
  • 個人積分:0分
    文章編號:87506117
0分
8295樓
2023-05-22 0:11
各位大神好,小弟目前在研究PCQ queue tree,找了很久終於找到一個自己滿意的範例

但套入後發現如steam,xbox 等有獨立下載器的程式在下載的時候會不列queue tree控管
導致占用全部的頻寬

想請問一下這類型就算是p2p嗎? 如果要把p2p也列入我的queue tree要怎麼做比較好?

------------------------------------------------
以下是目前使用的queue tree


/ip firewall mangle
add action=mark-connection chain=prerouting new-connection-mark=Conn passthrough=yes src-address=192.168.88.10-192.168.88.254
add action=mark-packet chain=forward connection-mark=Conn new-packet-mark=pack-tcp-smaller packet-size=0-256 passthrough=yes protocol=tcp
add action=mark-packet chain=forward connection-mark=Conn new-packet-mark=pack-tcp-small packet-size=257-512 passthrough=yes protocol=tcp
add action=mark-packet chain=forward connection-mark=Conn new-packet-mark=pack-tcp-normal packet-size=513-1024 passthrough=yes protocol=tcp
add action=mark-packet chain=forward connection-mark=Conn new-packet-mark=pack-tcp-big packet-size=1025-65535 passthrough=yes protocol=tcp
add action=mark-packet chain=forward connection-mark=Conn new-packet-mark=pack-udp-smaller packet-size=0-256 passthrough=yes protocol=udp
add action=mark-packet chain=forward connection-mark=Conn new-packet-mark=pack-udp-small packet-size=257-512 passthrough=yes protocol=udp
add action=mark-packet chain=forward connection-mark=Conn new-packet-mark=pack-udp-normal packet-size=513-1024 passthrough=yes protocol=udp
add action=mark-packet chain=forward connection-mark=Conn new-packet-mark=pack-udp-big packet-size=1025-65535 passthrough=yes protocol=udp
add action=mark-packet chain=forward connection-mark=Conn new-packet-mark=pack-icmp passthrough=yes protocol=icmp
add action=mark-packet chain=forward connection-mark=Conn disabled=yes dst-port=80 new-packet-mark=pack-upload-web passthrough=yes protocol=tcp
add action=mark-packet chain=forward connection-mark=Conn disabled=yes new-packet-mark=pack-download-web passthrough=yes protocol=tcp src-port=80
add action=mark-packet chain=forward connection-mark=Conn disabled=yes dst-port=443 new-packet-mark=pack-upload-web passthrough=yes protocol=tcp
add action=mark-packet chain=forward connection-mark=Conn disabled=yes new-packet-mark=pack-download-web passthrough=yes protocol=tcp src-port=443
add action=mark-packet chain=forward connection-mark=Conn dst-port=53 new-packet-mark=pack-upload-dns passthrough=yes protocol=udp
add action=mark-packet chain=forward connection-mark=Conn new-packet-mark=pack-download-dns passthrough=yes protocol=udp src-port=53
add action=mark-packet chain=forward connection-mark=Conn content=weixin.qq.com new-packet-mark=pack-important passthrough=yes

/queue tree
add max-limit=100M name=queue-download parent=bridge queue=pcq-download-default
add max-limit=40M name=queue-upload parent=pppoe-out1 queue=pcq-upload-default
add name=queue-download-icmp packet-mark=pack-icmp parent=queue-download priority=2 queue=pcq-download-default
add name=queue-download-tcp parent=queue-download queue=pcq-download-default
add name=queue-download-udp parent=queue-download priority=7 queue=pcq-download-default
add name=queue-download-tcp-small packet-mark=pack-tcp-small parent=queue-download-tcp priority=4 queue=pcq-download-default
add name=queue-download-tcp-normal packet-mark=pack-tcp-normal parent=queue-download-tcp priority=6 queue=pcq-download-default
add name=queue-download-tcp-big packet-mark=pack-tcp-big parent=queue-download-tcp queue=pcq-download-default
add name=queue-download-udp-small packet-mark=pack-udp-small parent=queue-download-udp priority=3 queue=pcq-download-default
add name=queue-download-udp-normal packet-mark=pack-udp-normal parent=queue-download-udp priority=5 queue=pcq-upload-default
add name=queue-download-udp-big packet-mark=pack-udp-big parent=queue-download-udp priority=7 queue=pcq-download-default
add name=queue-upload-icmp packet-mark=pack-icmp parent=queue-upload priority=2 queue=pcq-upload-default
add name=queue-upload-tcp parent=queue-upload queue=pcq-upload-default
add name=queue-upload-udp parent=queue-upload priority=7 queue=pcq-upload-default
add name=queue-upload-tcp-small packet-mark=pack-tcp-small parent=queue-upload-tcp priority=4 queue=pcq-upload-default
add name=queue-upload-tcp-normal packet-mark=pack-tcp-normal parent=queue-upload-tcp priority=6 queue=pcq-upload-default
add name=queue-upload-tcp-big packet-mark=pack-tcp-big parent=queue-upload-tcp queue=pcq-upload-default
add name=queue-upload-udp-small packet-mark=pack-udp-small parent=queue-upload-udp priority=3 queue=pcq-upload-default
add name=queue-upload-udp-normal packet-mark=pack-udp-normal parent=queue-upload-udp priority=5 queue=pcq-upload-default
add name=queue-upload-udp-big packet-mark=pack-udp-big parent=queue-upload-udp priority=7 queue=pcq-upload-default
add name=queue-download-important packet-mark=pack-important parent=queue-download priority=1 queue=pcq-download-default
add name=queue-upload-important packet-mark=pack-important parent=queue-upload priority=1 queue=pcq-upload-default
add name=queue-download-dns packet-mark=pack-download-dns parent=queue-download priority=1 queue=pcq-download-default
add name=queue-upload-dns packet-mark=pack-upload-dns parent=queue-upload priority=1 queue=pcq-upload-default
add name=queue-download-tcp-smaller packet-mark=pack-tcp-smaller parent=queue-download-tcp priority=2 queue=pcq-download-default
add name=queue-download-udp-smaller packet-mark=pack-udp-smaller parent=queue-download-udp priority=1 queue=pcq-download-default
add name=queue-upload-tcp-smaller packet-mark=pack-tcp-smaller parent=queue-upload-tcp priority=2 queue=pcq-upload-default
add name=queue-upload-udp-smaller packet-mark=pack-udp-smaller parent=queue-upload-udp priority=1 queue=pcq-upload-default



/ipv6 firewall mangle
add action=add-src-to-address-list address-list=lan address-list-timeout=1h chain=prerouting
add action=mark-packet chain=forward new-packet-mark=pack-smaller packet-size=0-256 passthrough=yes
add action=mark-packet chain=forward new-packet-mark=pack-small packet-size=257-512 passthrough=yes
add action=mark-packet chain=forward new-packet-mark=pack-normal packet-size=513-1024 passthrough=yes
add action=mark-packet chain=forward new-packet-mark=pack-big packet-size=1025-65535 passthrough=yes
add action=mark-packet chain=forward new-packet-mark=pack-icmpv6 passthrough=yes protocol=icmpv6


/queue tree
add name=ipv6-upload parent=pppoe-out1 queue=pcq-upload-default
add name=ipv6-download parent=bridge queue=pcq-download-default
add name=ipv6-upload-big packet-mark=pack-big parent=ipv6-upload queue=pcq-upload-default
add name=ipv6-upload-normal packet-mark=pack-normal parent=ipv6-upload priority=6 queue=pcq-upload-default
add name=ipv6-upload-small packet-mark=pack-small parent=ipv6-upload priority=4 queue=pcq-upload-default
add name=ipv6-upload-smaller packet-mark=pack-smaller parent=ipv6-upload priority=2 queue=pcq-upload-default
add name=ipv6-download-big packet-mark=pack-big parent=ipv6-download queue=pcq-download-default
add name=ipv6-download-normal packet-mark=pack-normal parent=ipv6-download priority=6 queue=pcq-download-default
add name=ipv6-download-small packet-mark=pack-small parent=ipv6-download priority=4 queue=pcq-download-default
add name=ipv6-download-smaller packet-mark=pack-smaller parent=ipv6-download priority=2 queue=pcq-download-default
add name=ipv6-download-icmp packet-mark=pack-icmpv6 parent=ipv6-download priority=1 queue=pcq-download-default
add name=ipv6-upload-icmp packet-mark=pack-icmpv6 parent=ipv6-upload priority=1 queue=pcq-upload-default
NeverGiveUp!!
NeverGiveUp!!
NeverGiveUp!!
25752分
8296樓
2023-05-23 22:11
新版(v7.9.1)有修正.
a22548546 wrote:
最近遇到一個ipv6...(恕刪)
寶貝:)開心最重要!
a22548546
a22548546

挖靠原來這是個漏洞

2023-05-31 0:34
lming888
lming888
lming888
  • lming888
  • 個人積分:128分
    文章編號:87534485
128分
8297樓
2023-05-25 20:27
請問有人碰到RB4011更新到7.9後 WINBOX都要我enable legacy mode

就算打開了也進不去但用WIFI都不需要打開legacy mode

然後整個網路都怪怪的port forwarding都不正常

降回去7.8都OK

謝謝
jy
jy
jy
  • jy
  • 個人積分:335分
    文章編號:87554877
335分
8298樓
2023-05-29 15:06
RouterOS WireGuard當用戶端連接設置

我現在有個需求
想使用RouterOS 聯接 WireGuard Server並且透過 WireGuard Server 上網
(所有流量)

我想讓偛在 RouterOS router的電腦可以透過 WireGuard 連接到另一端的WireGuard Server 上網

那請問 RouterOS router 作為用戶端要如何設置? 需要設置防火牆?

我找了一下 大部分文章都是將Routeros 當作WireGuard伺服器作設置
gfx
gfx

https://www.mobile01.com/topicdetail.php?f=110&t=6702142

2023-05-29 15:41
騎磨姿勢佳
騎磨姿勢佳
騎磨姿勢佳
40分
8299樓
2023-05-30 16:10
jy wrote:
RouterOS WireGuard...(恕刪)


順便想問一個問題
網路上查半天查不到
不知道是不是我的搜尋關鍵字有問題

在家架設一個wireguard
在外面連到家裡的wireguard之後,是否能用winbox連進去管理
我一直查詢不到相關關鍵字
lei16888
lei16888
lei16888
  • lei16888
  • 個人積分:3分
    文章編號:87621589
3分
8300樓
2023-06-08 8:57
請教一下各位大大
如下架構圖,想在RouterOS設定Reverse Proxy把Internet來存取的FQDN URL TCP443
重導向Internet的2台主機
TCP12345(https://web-1.abc.com:12345)、
TCP23456(https://web-2.abc.com:23456),
RouterOS的Firewall Policy Rule該怎麼設定呢

使用者從Internet連線輸入的URL HTTPS TCP443方式如下,感謝
https://web-1.abc.com
https://web-2.abc.com

gfx
gfx

先在router安裝container(docker)元件,在container內再安裝nginx-proxy套件使用反向代理即可

2023-06-08 11:07
lei16888
lei16888

gfx 謝謝大大回覆,要做到reverse proxy的功能,只能靠安裝這個nginx嗎?版本是6.36

2023-06-08 12:44
  • 837
內文搜尋
搜尋
從 APP 打開從 APP 打開
X
加入好友名單
取消 確定
評分
取消 確定
評分
取消 確定
複製連結
複製
請輸入您要前往的頁數(1 ~ 837)
確定
留言回報
取消 確定
Mobile01提醒您
您目前瀏覽的是行動版網頁
是否切換到電腦版網頁呢?