|
本帖最后由 Masterchen666 于 2023-11-12 17:22 编辑
遇到一个非常非常奇怪的问题,就是自从ros7.8后,每次升级,都会导致某些网站打不开,真的非常抽风,这些打不开的网站多数为论坛类网站,而打不开的情况,又有更加奇怪的问题,比如两个打不开的网站,我重启ros或者断开电脑网卡,原本打不开的变成能打开,原本能打开的,变成打不开
导致我是每次都ros升级都测试一番,然后又再次退回到ros7.8,导致不能升级,对于折腾党来说,不能升级实在是不能忍,都想退到到爱快算了
高手帮忙看一下问题出来哪里,配置文件如下:
# nov/12/2023 09:10:34 by RouterOS 7.8
# software id = TI09-7WK3
#
/interface bridge
add igmp-snooping=yes name=Ros_bridge1
/interface ethernet
set [ find default-name=ether4 ] disable-running-check=no name=\
ether1_esxi_lan1
set [ find default-name=ether5 ] name=ether2_lan2
set [ find default-name=ether1 ] name=ether3_lan3
set [ find default-name=ether2 ] name=ether4_lan4
set [ find default-name=ether3 ] name=ether5_wan
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether5_wan name=pppoe-out1 \
user=xxxxxxxxxx3@163.gd
/interface vlan
add interface=ether2_lan2 mtu=1492 name=vlan45 vlan-id=45
/interface list
add name=WAN
add name=LAN
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/ip pool
add name=pool ranges=10.0.0.101-10.0.0.255
/ip dhcp-server
add address-pool=pool interface=Ros_bridge1 name=dhcp1
/ipv6 dhcp-server
add address-pool="" interface=Ros_bridge1 name=ipc6_server1
/lora servers
add address=eu.mikrotik.thethings.industries down-port=1700 name=TTN-EU \
up-port=1700
add address=us.mikrotik.thethings.industries down-port=1700 name=TTN-US \
up-port=1700
add address=eu1.cloud.thethings.industries down-port=1700 name=\
"TTS Cloud (eu1)" up-port=1700
add address=nam1.cloud.thethings.industries down-port=1700 name=\
"TTS Cloud (nam1)" up-port=1700
add address=au1.cloud.thethings.industries down-port=1700 name=\
"TTS Cloud (au1)" up-port=1700
add address=eu1.cloud.thethings.network down-port=1700 name="TTN V3 (eu1)" \
up-port=1700
add address=nam1.cloud.thethings.network down-port=1700 name="TTN V3 (nam1)" \
up-port=1700
add address=au1.cloud.thethings.network down-port=1700 name="TTN V3 (au1)" \
up-port=1700
/port
set 0 name=serial0
set 1 name=serial1
/ppp profile
add name=L2TP-profile use-encryption=yes
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=no name=default-v2
add disabled=no name=default-v3 version=3
/interface bridge port
add bridge=Ros_bridge1 interface=ether4_lan4
add bridge=Ros_bridge1 interface=ether3_lan3
add bridge=Ros_bridge1 interface=ether2_lan2
add bridge=Ros_bridge1 interface=ether1_esxi_lan1
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set max-neighbor-entries=1024
/interface detect-internet
set detect-interface-list=all
/interface l2tp-server server
set default-profile=L2TP-profile enabled=yes use-ipsec=yes
/interface list member
add interface=ether5_wan list=WAN
add interface=ether4_lan4 list=LAN
add interface=ether3_lan3 list=LAN
add interface=ether2_lan2 list=LAN
add interface=ether1_esxi_lan1 list=LAN
/interface ovirtual**-server server
set auth=sha1,md5
/ip address
add address=10.0.0.1/24 interface=ether2_lan2 network=10.0.0.0
add address=10.213.124.250 interface=vlan45 network=10.213.124.1
/ip arp
add address=10.0.0.10 interface=Ros_bridge1 mac-address=00:11:32:BA:55:C1
/ip dhcp-server lease
add address=10.0.0.31 mac-address=10:B7:13:8F:3D:B7 server=dhcp1
add address=10.0.0.32 mac-address=10:B7:13:90:05:70 server=dhcp1
add address=10.0.0.33 mac-address=10:B7:13:8E:2A:38 server=dhcp1
add address=10.0.0.5 client-id=1:0:c:29:4d:70:91 mac-address=\
00:0C:29:4D:70:91 server=dhcp1
add address=10.0.0.34 mac-address=04:CF:8C:9B:E2:F9 server=dhcp1
/ip dhcp-server network
add address=10.0.0.0/24 dns-server=10.0.0.3 gateway=10.0.0.3
/ip dns
set allow-remote-requests=yes servers=\
10.0.0.3,2409:8028:2000::1111,2409:8028:2000::2222
/ip dns static
add address=10.0.0.100 name=a
/ip firewall address-list
add address=xxxxxxoooo.x3322.net list=wan_ip
/ip firewall filter
add action=accept chain=input protocol=icmp
add action=accept chain=input connection-state=established
add action=accept chain=input connection-state=related
/ip firewall nat
add action=masquerade chain=srcnat comment=mqtt
add action=dst-nat chain=dstnat comment=Ros dst-address-list=wan_ip dst-port=\
1000 protocol=tcp to-addresses=10.0.0.1 to-ports=80
add action=dst-nat chain=dstnat comment=esxi dst-address-list=wan_ip \
dst-port=2000 protocol=tcp to-addresses=10.0.0.2 to-ports=443
add action=dst-nat chain=dstnat comment=openwrt dst-address-list=wan_ip \
dst-port=3000 protocol=tcp to-addresses=10.0.0.3 to-ports=80
add action=dst-nat chain=dstnat comment=hass dst-address-list=wan_ip \
dst-port=8100 protocol=tcp to-addresses=10.0.0.4 to-ports=8123
add action=dst-nat chain=dstnat comment=mqtt dst-address-list=wan_ip \
dst-port=1800 protocol=tcp to-addresses=10.0.0.4 to-ports=1883
add action=dst-nat chain=dstnat comment=Homebridge dst-address-list=wan_ip \
dst-port=8500 protocol=tcp to-addresses=10.0.0.5 to-ports=8581
add action=dst-nat chain=dstnat comment=dsm918 dst-address-list=wan_ip \
dst-port=50000 protocol=tcp to-addresses=10.0.0.10 to-ports=5000
add action=dst-nat chain=dstnat comment=jellyfin dst-address-list=wan_ip \
dst-port=8000 protocol=tcp to-addresses=10.0.0.10 to-ports=8096
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip smb shares
add comment="default share" directory=/pub name=pub
/ip smb users
add name=guest
/ip upnp
set allow-disable-external-interface=yes enabled=yes
/ip upnp interfaces
add interface=Ros_bridge1 type=internal
add interface=pppoe-out1 type=external
/ipv6 address
add address=::a236:9fff:fe85:1fad eui-64=yes from-pool=ipv6_pool interface=\
Ros_bridge1
/ipv6 dhcp-client
add interface=pppoe-out1 pool-name=ipv6_pool pool-prefix-length=60 request=\
prefix
/ipv6 firewall filter
add action=accept chain=forward protocol=icmpv6
/ipv6 nd
set [ find default=yes ] interface=Ros_bridge1 mtu=1492 other-configuration=\
yes
/ppp secret
add local-address=192.168.55.1 name=user1 profile=L2TP-profile \
remote-address=192.168.55.2 service=l2tp
/routing igmp-proxy interface
add
add alternative-subnets=0.0.0.0/0 interface=vlan45 upstream=yes
/system hardware
set allow-x86-64=yes
/system ntp client
set enabled=yes
/system ntp client servers
add address=time.cloud.tencent.com
add address=ntp.aliyun.com
add address=ntp.ntsc.com
/system scheduler
add interval=1m name=pubyun_ddns_2 on-event="/tool fetch url=\"http://members.\
3322.net/dyndns/update\?system=dyndns&hostname=00000000oooo.x3322.net\" \
mode=http user=\"00000000666\" password=\"2002124101jGAI\" http-method=g\
et" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-time=startup
add interval=1m name=hass on-event=hass policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=jul/05/2022 start-time=08:04:37
add interval=1m name=openwrt on-event=openwrt policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=jul/05/2022 start-time=08:07:57
add interval=1m name=dsm918 on-event=dsm918 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=jul/05/2022 start-time=08:08:21
add interval=1m name=jellyfin on-event=jellyfin policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=jul/05/2022 start-time=08:08:46
add interval=1m name=esxi on-event=esxi policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=jul/05/2022 start-time=08:09:05
add interval=1m name=pubyun_ddns on-event=pubyun_ddns policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=jul/05/2022 start-time=08:44:46
add disabled=yes interval=1m name=noip on-event=noip policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=sep/03/2023 start-time=18:44:21
/system script
add dont-require-permissions=no name=pubyun_ddns owner=admin policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
local ednsuser \A1\B000000000666\A1\B1\r\
\n:local ednspass \A1\B02002124101jGAI\A1\B1\r\
\n:local ednshost \A1\B000000000oooo.x3322.net\A1\B1\r\
\n:local ednsinterface \A1\B0pppoe-out1\A1\B1\r\
\n:local members \A1\B0http://00000000666:2002124101jGAI@members.3322.ne\
t/dyndns/update\?hostname=00000000oooo.x3322.net\A1\B1\r\
\n:local status\r\
\n:local status [/interface get [/interface find name=\$ednsinterface] run\
ning]\r\
\n:if (\$status!=false) do={\r\
\n:local ednslastip [:resolve \$ednshost]\r\
\n:if ([ :typeof \$ednslastip ] = nil ) do={ :local ednslastip \A1\B00\A1\
\B1 }\r\
\n:local ednsiph [ /ip address get [/ip address find interface=\$ednsinter\
face ] address ]\r\
\n:local ednsip [:pick \$ednsiph 0 [:find \$ednsiph \A1\B0/\A1\B1]]\r\
\n:local ednsstr \A1\B0&hostname=\$ednshost&myip=\$ednsip\A1\B1\r\
\n:if (\$ednslastip != \$ednsip) do={/tool fetch url=(\$members . \$ednsst\
r) mode=http user=\$ednsuser password=\$ednspass\r\
\n:delay 2\r\
\n:local result [/file get \$ednshost contents]\r\
\n:log info (\$ednshost . \A1\B1 \A1\B1 .\$result)\r\
\n/file remove \$ednshost;\r\
\n}\r\
\n}\r\
\n"
|
|