EOF

У меня давно уже отвалились все vpn интерфейсы. Пароли нормально парсятся и ложутся в роутер, скрипты в планировщике запускаются. Как чинить?

Это вам под билайн не приходилось его заводить. С онлаймом роутер работает сразу из коробки, ничего не надо настраивать. Только wif-пароль поставить.

Чтоб микротиком рулить надо иметь опыт администрирования *nix систем

ruvhell что за тема с телевидением? нужен только роутер и плазма подключенная по витой? никаких больше коробочек и платить не нужно?

У меня все настройки от ruvhell за что ему спасибо! Только слегка измененные в некоторых местах. залить в /home/wwwuser/server.my/htdocs/pptp файл pptp.sh следующего содержания curl -s "https://www.vpnme.me/freevpn.html" | grep -A 3 "Password:" | head -n 2 | cut -f2 -s -d "<" | cut -f2 -d ">" | grep -v -e '^$' > /home/wwwuser/server.my/htdocs/pptp/vpnme.me.txt curl -s "http://freevpnaccess.com" | grep -A 8 "UK - London" | tail -n 1 | cut -f1 -d " " | tr -cd [:digit:] | grep -v -e '^$' > /home/wwwuser/server.my/htdocs/pptp/freevpnaccess.com.txt curl -s "http://freevpn.me/accounts/" | grep -A 3 "Password:" | head -n 1 | cut -f2 -d ":" | cut -f2 -d ">" | cut -b 3- | cut -f1 -d "<" | grep -v -e '^$' > /home/wwwuser/server.my/htdocs/pptp/freevpn.me.txt curl -s "http://www.vpnbook.com/" | grep -A 1 "Username: vpnbook" | tail -n 1 | cut -f2 -d ":" | cut -b 2- | cut -f1 -d '<' | grep -v -e '^$' > /home/wwwuser/server.my/htdocs/pptp/vpnbook.com.txt поставить его в крон на каждые 10 мин 00,10,20,30,40,50 * * * * /home/wwwuser/server.my/htdocs/pptp/pptp.sh зайти через ftp клиент на роутер и создать там папку pptp залить в /home/wwwuser/server.my/htdocs/pptp файл upload.sh #!/bin/sh LOCALDIR=/home/wwwuser/server.my/htdocs/pptp REMOTESERVER=192.168.1.1 REMOTEPATH=/pptp LOGIN=admin PASSWORD=youpassword cd $LOCALDIR ftp -n $REMOTESERVER <<INPUT_END quote user $LOGIN quote pass $PASSWORD cd $REMOTEPATH put vpnme.me.txt put freevpnaccess.com.txt put freevpn.me.txt put vpnbook.com.txt exit INPUT_END поставить его в крон на каждые 10 мин 1,11,21,31,41,51 * * * * /home/wwwuser/server.my/htdocs/pptp/upload.sh создать pptp интерфейс /interface pptp-client add connect-to=de1.vpnme.me disabled=no mrru=1600 name=vpnme.me password=YQ1eMi user=vpnme add connect-to=83.170.84.216 disabled=no mrru=1600 name=freevpnaccess.com password=3046 user=freevpnaccess.com add connect-to=176.126.237.207 disabled=no mrru=1600 name=freevpn.me password=L1d3Hf1Pl user=pptp add connect-to=euro217.vpnbook.com disabled=no mrru=1600 name=vpnbook.com password=fra4agaV user=vpnbook разрешающее правило в firewall /ip firewall filter add chain=forward comment=PPTP out-interface=all-ppp add chain=output comment=PPTP out-interface=all-ppp add chain=forward comment=PPTP in-interface=all-ppp add chain=input comment=PPTP in-interface=all-ppp nat /ip firewall nat add action=masquerade chain=srcnat out-interface=vpnme.me src-address=192.168.1.0/24 add action=masquerade chain=srcnat out-interface=freevpnaccess.com src-address=192.168.1.0/24 add action=masquerade chain=srcnat out-interface=freevpn.me src-address=192.168.1.0/24 add action=masquerade chain=srcnat out-interface=vpnbook.com src-address=192.168.1.0/24 парсинг заблокированных ресурсов залить в /home/wwwuser/server.my/htdocs/iplist-to-mikrotik файл iplist-to-mikrotik.sh следующего содержания #!/bin/sh #Simple script to convert list of ip addresses to #Mikrotik import file (address list feature) #Can also parse IPs from any text file (ie csv) #SETTINGS #url of input file url="https://raw.githubusercontent.com/zapret-info/z-i/master/dump.csv" #address list in mikrotik list="russianbl" #Where to download source file downfile="/home/wwwuser/server.my/htdocs/iplist-to-mikrotik/templist.txt" #File with cleaned & formatted ip addresses infile="/home/wwwuser/server.my/htdocs/iplist-to-mikrotik/craplist.txt" #Where to put rsc script outfile="/home/wwwuser/server.my/htdocs/iplist-to-mikrotik/crapregistry.rsc" wget $url -O $downfile #This will extract all IPs from file (ie works with .csv russian blocklist) sed -n 's/\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}/\nIPINDEX&\n/gp' $downfile | grep IPINDEX | sed 's/IPINDEX//'| sort | uniq >> $infile #We need to drop all IPs in address list because mikrotik does not check for duplicates (and they may be removed from file) echo /ip firewall address-list remove [find list=$list] > $outfile #Build rsc file... for line in $(cat $infile) do echo /ip firewall address-list add address="$line" list="$list" >> $outfile done rm $downfile $infile поставить его в крон на каждые 3 часа в 0 мин 0 */3 * * * /home/wwwuser/server.my/htdocs/iplist-to-mikrotik/iplist-to-mikrotik.sh зайти через ftp клиент на роутер и создать там папку blacklist залить в /home/wwwuser/server.my/htdocs/iplist-to-mikrotik файл upload.sh #!/bin/sh LOCALDIR=/home/wwwuser/server.my/htdocs/iplist-to-mikrotik REMOTESERVER=192.168.1.1 REMOTEPATH=/blacklist LOGIN=admin PASSWORD=youpassword cd $LOCALDIR ftp -n $REMOTESERVER <<INPUT_END quote user $LOGIN quote pass $PASSWORD cd $REMOTEPATH put crapregistry.rsc exit INPUT_END поставить его в крон на каждые 3 часа в 5 мин 5 */3 * * * /home/wwwuser/server.my/htdocs/iplist-to-mikrotik/upload.sh добавить system-scripts скрипт import_blacklist /import file=/blacklist/crapregistry.rsc добавить в планировщик на каждые 3 часа /system scheduler add name=import_blacklist interval=3h on-event=import_blacklist делаем новые правила для 4-х соединений в mangl для разбиения трафика по адрес-порту(я в туннель завернул еще и DNS) /ip firewall mangle add action=mark-connection chain=prerouting dst-address-list=russianbl dst-address-type=!local new-connection-mark=Pcc_Conn_1 per-connection-classifier=both-addresses-and-ports:4/0 add action=mark-connection chain=prerouting dst-address-list=russianbl dst-address-type=!local new-connection-mark=Pcc_Conn_2 per-connection-classifier=both-addresses-and-ports:4/1 add action=mark-connection chain=prerouting dst-address-list=russianbl dst-address-type=!local new-connection-mark=Pcc_Conn_3 per-connection-classifier=both-addresses-and-ports:4/2 add action=mark-connection chain=prerouting dst-address-list=russianbl dst-address-type=!local new-connection-mark=Pcc_Conn_4 per-connection-classifier=both-addresses-and-ports:4/3 add action=mark-connection chain=prerouting dst-port=53 new-connection-mark=pptp protocol=tcp add action=mark-connection chain=prerouting dst-port=53 new-connection-mark=pptp protocol=udp add action=mark-routing chain=prerouting connection-mark=pptp dst-port=53 new-routing-mark=Route_1 protocol=udp add action=mark-routing chain=prerouting connection-mark=pptp dst-port=53 new-routing-mark=Route_1 protocol=tcp add action=mark-routing chain=prerouting connection-mark=Pcc_Conn_1 dst-address-list=russianbl dst-address-type=!local new-routing-mark=Route_1 add action=mark-routing chain=prerouting connection-mark=Pcc_Conn_2 dst-address-list=russianbl dst-address-type=!local new-routing-mark=Route_2 add action=mark-routing chain=prerouting connection-mark=Pcc_Conn_3 dst-address-list=russianbl dst-address-type=!local new-routing-mark=Route_3 add action=mark-routing chain=prerouting connection-mark=Pcc_Conn_4 dst-address-list=russianbl dst-address-type=!local new-routing-mark=Route_4 строим дерево в route ip для 4-х сервисов /ip route add check-gateway=arp distance=1 gateway=vpnme.me routing-mark=Route_1 add check-gateway=arp distance=2 gateway=freevpnaccess.com routing-mark=Route_1 add check-gateway=arp distance=3 gateway=freevpn.me routing-mark=Route_1 add check-gateway=arp distance=4 gateway=vpnbook.com routing-mark=Route_1 add check-gateway=arp distance=1 gateway=vpnbook.com routing-mark=Route_2 add check-gateway=arp distance=2 gateway=vpnme.me routing-mark=Route_2 add check-gateway=arp distance=3 gateway=freevpnaccess.com routing-mark=Route_2 add check-gateway=arp distance=4 gateway=freevpn.me routing-mark=Route_2 add check-gateway=arp distance=2 gateway=freevpn.me routing-mark=Route_3 add check-gateway=arp distance=3 gateway=vpnbook.com routing-mark=Route_3 add check-gateway=arp distance=4 gateway=vpnme.me routing-mark=Route_3 add check-gateway=arp distance=5 gateway=freevpnaccess.com routing-mark=Route_3 add check-gateway=arp distance=1 gateway=freevpnaccess.com routing-mark=Route_4 add check-gateway=arp distance=2 gateway=freevpn.me routing-mark=Route_4 add check-gateway=arp distance=3 gateway=vpnbook.com routing-mark=Route_4 add check-gateway=arp distance=4 gateway=vpnme.me routing-mark=Route_4 скрипты замены паролей vpnme.me :local newp [/file get [/file find name=pptp/vpnme.me.txt] contents]; :local oldp [/interface vpnme.me get pptp password]; :if ($oldp != $newp) do {/interface vpnme.me set numbers=0 password=$newp}; /interface vpnme.me set numbers=0 disabled=yes; :delay 5; interface vpnme.me set numbers=0 disabled=no; freevpnaccess.com :local newp [/file get [/file find name=pptp/freevpnaccess.com.txt] contents]; :local oldp [/interface freevpnaccess.com get pptp password]; :if ($oldp != $newp) do {/interface freevpnaccess.com set numbers=0 password=$newp}; /interface freevpnaccess.com set numbers=0 disabled=yes; :delay 5; interface freevpnaccess.com set numbers=0 disabled=no; freevpn.me :local newp [/file get [/file find name=pptp/freevpn.me.txt] contents]; :local oldp [/interface freevpn.me get pptp password]; :if ($oldp != $newp) do {/interface freevpn.me set numbers=0 password=$newp}; /interface freevpn.me set numbers=0 disabled=yes; :delay 5; interface freevpn.me set numbers=0 disabled=no; vpnbook.com :local newp [/file get [/file find name=pptp/vpnbook.com.txt] contents]; :local oldp [/interface vpnbook.com get pptp password]; :if ($oldp != $newp) do {/interface vpnbook.com set numbers=0 password=$newp}; /interface vpnbook.com set numbers=0 disabled=yes; :delay 5; interface vpnbook.com set numbers=0 disabled=no; добавляем в крон /system scheduler add name=vpnme.me interval=10m on-event=vpnme.me /system scheduler add name=freevpnaccess.com interval=10m on-event=freevpnaccess.com /system scheduler add name=freevpn.me interval=10m on-event=freevpn.me /system scheduler add name=vpnbook.com interval=10m on-event=vpnbook.com /system scheduler print в файрволе должно получиться так (без address-list списков) /ip firewall export # dec/07/2015 12:13:13 by RouterOS 6.33.1 # software id = 1ALL-EBDX # /ip firewall layer7-protocol add name=NoZond regexp="^.+(vortex.data.microsoft.com|vortex-win.data.microsoft.com|telecommand.telemetry.microsoft.com|telecommand.telemetry .microsoft.com.\ nsatc.net|oca.telemetry.microsoft.com|oca.telemetry.microsoft.com.nsatc.net |sqm.telemetry.microsoft.com|sqm.telemetry.microsoft.com.nsatc.net|watson.tel\ emetry.microsoft.com|watson.telemetry.microsoft.com.nsatc.net|redir.metaser vices.microsoft.com|choice.microsoft.com|choice.microsoft.com.nsatc.net|df.te\ lemetry.microsoft.com|reports.wes.df.telemetry.microsoft.com|wes.df.telemet ry.microsoft.com|services.wes.df.telemetry.microsoft.com|sqm.df.telemetry.mic\ rosoft.com|telemetry.microsoft.com|watson.ppe.telemetry.microsoft.com|telem etry.appex.bing.net|telemetry.urs.microsoft.com|telemetry.appex.bing.net|sett\ ings-sandbox.data.microsoft.com|vortex-sandbox.data.microsoft.com|survey.watson.microsoft.com|watson.live.com|watson.mi crosoft.com|statsfe2.ws.microsoft\ .com|corpext.msitadfs.glbdns2.microsoft.com|compatexchange.cloudapp.net|cs1 .wpc.v0cdn.net|a-0001.a-msedge.net|statsfe2.update.microsoft.com.akadns.net|d\ iagnostics.support.microsoft.com|corp.sts.microsoft.com|statsfe1.ws.microso ft.com|pre.footprintpredict.com|i1.services.social.microsoft.com|i1.services.\ social.microsoft.com.nsatc.net|feedback.windows.com|feedback.microsoft-hohm.com|feedback.search.microsoft.com|rad.msn.com|preview.msn.com|ad.doubleclic k\ .net|ads.msn.com|ads1.msads.net|ads1.msn.com|a.ads1.msn.com|a.ads2.msn.com| adnexus.net|adnxs.com|az361816.vo.msecnd.net|az512334.vo.msecnd.net).*\$" /ip firewall filter add action=fasttrack-connection chain=forward comment="default configuration" connection-state=established,related add action=reject chain=forward comment=NoZond layer7-protocol=NoZond protocol=tcp reject-with=tcp-reset add action=drop chain=forward comment=NoZond layer7-protocol=NoZond protocol=udp add chain=input comment="accept established connections" connection-state=established add chain=forward comment="accept established connections" connection-state=established add chain=input comment="accept related connections" connection-state=related add chain=forward comment="accept related connections" connection-state=related add chain=forward comment="accept from local to internet" in-interface=!ether1-gateway out-interface=ether1-gateway add chain=input comment="access to mikrotik only from our local network" in-interface=!ether1-gateway src-address=192.168.1.0/24 add chain=forward comment=PPTP out-interface=all-ppp add chain=output comment=PPTP out-interface=all-ppp add chain=forward comment=PPTP in-interface=all-ppp add chain=input comment=PPTP in-interface=all-ppp add action=drop chain=input comment="drop invalid connections" connection-state=invalid add action=drop chain=forward comment="drop invalid connections" connection-state=invalid add action=drop chain=input comment=goverment in-interface=ether1-gateway src-address-list=goverment add action=drop chain=output comment=goverment dst-address-list=goverment add action=drop chain=input comment=BOGON in-interface=ether1-gateway src-address-list=BOGON add chain=input comment="allow ping" disabled=yes protocol=icmp add chain=forward comment="allow ping" protocol=icmp add action=drop chain=input comment="drop ssh brute forcers" dst-port=22 protocol=tcp src-address-list=ssh_blacklist add action=add-src-to-address-list address-list=ssh_blacklist address-list-timeout=1w3d chain=input comment="drop ssh brute forcers" connection-state=new \ dst-port=22 protocol=tcp src-address-list=ssh_stage3 add action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m chain=input comment="drop ssh brute forcers" connection-state=new \ dst-port=22 protocol=tcp src-address-list=ssh_stage2 add action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m chain=input comment="drop ssh brute forcers" connection-state=new \ dst-port=22 protocol=tcp src-address-list=ssh_stage1 add action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout=1m chain=input comment="drop ssh brute forcers" connection-state=new \ dst-port=22 protocol=tcp add action=drop chain=input comment="drop ftp brute forcers" dst-port=21 protocol=tcp src-address-list=black_list add action=add-src-to-address-list address-list=black_list address-list-timeout=1d chain=input comment="drop ftp brute forcers" connection-state=new \ dst-port=21 protocol=tcp src-address-list=ftp_stage3 add action=add-src-to-address-list address-list=ftp_stage3 address-list-timeout=1m chain=input comment="drop ftp brute forcers" connection-state=new \ dst-port=21 protocol=tcp src-address-list=ftp_stage2 add action=add-src-to-address-list address-list=ftp_stage2 address-list-timeout=1m chain=input comment="drop ftp brute forcers" connection-state=new \ dst-port=21 protocol=tcp src-address-list=ftp_stage1 add action=add-src-to-address-list address-list=ftp_stage1 address-list-timeout=1m chain=input comment="drop ftp brute forcers" connection-state=new \ dst-port=21 protocol=tcp add action=drop chain=input comment="drop telnet brute forcers" dst-port=23 protocol=tcp src-address-list=black_list add action=add-src-to-address-list address-list=black_list address-list-timeout=1d chain=input comment="drop telnet brute forcers" connection-state=new \ dst-port=23 protocol=tcp src-address-list=telnet_stage3 add action=add-src-to-address-list address-list=telnet_stage3 address-list-timeout=1m chain=input comment="drop telnet brute forcers" connection-state=new \ dst-port=23 protocol=tcp src-address-list=telnet_stage2 add action=add-src-to-address-list address-list=telnet_stage2 address-list-timeout=1m chain=input comment="drop telnet brute forcers" connection-state=new \ dst-port=23 protocol=tcp src-address-list=telnet_stage1 add action=add-src-to-address-list address-list=telnet_stage1 address-list-timeout=1m chain=input comment="drop telnet brute forcers" connection-state=new \ dst-port=23 protocol=tcp add action=drop chain=input comment="drop winbox brute forcers" dst-port=8291 protocol=tcp src-address-list=black_list add action=add-src-to-address-list address-list=black_list address-list-timeout=1d chain=input comment="drop winbox brute forcers" connection-state=new \ dst-port=8291 protocol=tcp src-address-list=Winbox_stage3 add action=add-src-to-address-list address-list=wWinbox_stage3 address-list-timeout=1m chain=input comment="drop winbox brute forcers" connection-state=new \ dst-port=8291 protocol=tcp src-address-list=Winbox_stage2 add action=add-src-to-address-list address-list=wWinbox_stage2 address-list-timeout=1m chain=input comment="drop winbox brute forcers" connection-state=new \ dst-port=8291 protocol=tcp src-address-list=Winbox_stage1 add action=add-src-to-address-list address-list=Winbox_stage1 address-list-timeout=1m chain=input comment="drop winbox brute forcers" connection-state=new \ dst-port=8291 protocol=tcp add action=drop chain=input comment="port scanners" src-address-list="port scanners" add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w chain=input comment="port scanners" protocol=tcp psd=21,3s,3,1 add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w chain=input comment="port scanners" protocol=tcp tcp-flags=\ fin,!syn,!rst,!psh,!ack,!urg add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w chain=input comment="port scanners" protocol=tcp tcp-flags=fin,syn add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w chain=input comment="port scanners" protocol=tcp tcp-flags=syn,rst add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w chain=input comment="port scanners" protocol=tcp tcp-flags=\ fin,psh,urg,!syn,!rst,!ack add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w chain=input comment="port scanners" protocol=tcp tcp-flags=\ fin,syn,rst,psh,ack,urg add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w chain=input comment="port scanners" protocol=tcp tcp-flags=\ !fin,!syn,!rst,!psh,!ack,!urg add action=drop chain=input comment="drop 80 dos attack" dst-port=80 protocol=tcp src-address-list=web_blacklist add action=add-src-to-address-list address-list=web_blacklist address-list-timeout=2d chain=input comment="drop 80 dos attack" connection-limit=40,32 \ dst-port=80 limit=20,5 protocol=tcp add chain=input comment="drop 80 dos attack" dst-port=80 in-interface=ether1-gateway protocol=tcp src-address-list=!web_blacklist add action=drop chain=output comment="r00t backdor" dst-address=218.93.250.18 add action=drop chain=input comment="r00t backdor" dst-address=218.93.250.18 add action=drop chain=forward comment="r00t backdor" dst-address=218.93.250.18 add action=drop chain=input comment="r00t backdor" src-address=218.93.250.18 add action=drop chain=output comment="r00t backdor" src-address=218.93.250.18 add action=drop chain=forward comment="r00t backdor" src-address=218.93.250.18 add action=drop chain=input comment="dns flood" disabled=yes in-interface=ether1-gateway port=53 protocol=udp add action=drop chain=input comment="dns flood" in-interface=ether1-gateway port=53 protocol=udp src-address-list=dns_black_list add action=add-src-to-address-list address-list=dns_black_list address-list-timeout=1d chain=input comment="dns flood" connection-state=new port=53 \ protocol=udp add action=drop chain=forward comment="all other drop" src-address=0.0.0.0/8 add action=drop chain=forward comment="all other drop" dst-address=0.0.0.0/8 add action=drop chain=forward comment="all other drop" src-address=127.0.0.0/8 add action=drop chain=forward comment="all other drop" dst-address=127.0.0.0/8 add action=drop chain=forward comment="all other drop" src-address=224.0.0.0/3 add action=drop chain=forward comment="all other drop" dst-address=224.0.0.0/3 add action=drop chain=input comment="all other drop" log=yes log-prefix=input-drop add action=drop chain=forward comment="all other drop" log=yes log-prefix=forward-drop /ip firewall mangle add action=mark-connection chain=prerouting dst-address-list=russianbl dst-address-type=!local new-connection-mark=Pcc_Conn_1 per-connection-classifier=\ both-addresses-and-ports:4/0 add action=mark-connection chain=prerouting dst-address-list=russianbl dst-address-type=!local new-connection-mark=Pcc_Conn_2 per-connection-classifier=\ both-addresses-and-ports:4/1 add action=mark-connection chain=prerouting dst-address-list=russianbl dst-address-type=!local new-connection-mark=Pcc_Conn_3 per-connection-classifier=\ both-addresses-and-ports:4/2 add action=mark-connection chain=prerouting dst-address-list=russianbl dst-address-type=!local new-connection-mark=Pcc_Conn_4 per-connection-classifier=\ both-addresses-and-ports:4/3 add action=mark-connection chain=prerouting dst-port=53 new-connection-mark=pptp protocol=tcp add action=mark-connection chain=prerouting dst-port=53 new-connection-mark=pptp protocol=udp add action=mark-routing chain=prerouting connection-mark=pptp dst-port=53 new-routing-mark=Route_1 protocol=udp add action=mark-routing chain=prerouting connection-mark=pptp dst-port=53 new-routing-mark=Route_1 protocol=tcp add action=mark-routing chain=prerouting connection-mark=Pcc_Conn_1 dst-address-list=russianbl dst-address-type=!local new-routing-mark=Route_1 add action=mark-routing chain=prerouting connection-mark=Pcc_Conn_2 dst-address-list=russianbl dst-address-type=!local new-routing-mark=Route_2 add action=mark-routing chain=prerouting connection-mark=Pcc_Conn_3 dst-address-list=russianbl dst-address-type=!local new-routing-mark=Route_3 add action=mark-routing chain=prerouting connection-mark=Pcc_Conn_4 dst-address-list=russianbl dst-address-type=!local new-routing-mark=Route_4 /ip firewall nat add action=masquerade chain=srcnat comment="default configuration" out-interface=ether1-gateway add action=masquerade chain=srcnat out-interface=vpnme.me src-address=192.168.1.0/24 add action=masquerade chain=srcnat out-interface=freevpnaccess.com src-address=192.168.1.0/24 add action=masquerade chain=srcnat out-interface=freevpn.me src-address=192.168.1.0/24 add action=masquerade chain=srcnat out-interface=vpnbook.com src-address=192.168.1.0/24 Если что не понятно спрашивайте!

Выключаю роутер на 10 минут все равно IP не меняется. Как его поменять?

Вот более актуальный скрипт для парсинга паролей. Пути поменять на свои. freecloudvpn.com у меня не открывается, по этому только 4-ре сервиса. Хотел спросить по какой методе искать новые бесплатные vpn сервисы? curl -s "https://www.vpnme.me/freevpn.html" | grep -A 3 "Password:" | head -n 2 | cut -f2 -s -d "<" | cut -f2 -d ">" | grep -v -e '^$' > /home/wwwuser/server.my/htdocs/pptp/vpnme.me.txt curl -s "http://freevpnaccess.com" | grep -A 8 "UK - London" | tail -n 1 | cut -f1 -d " " | tr -cd [:digit:] | grep -v -e '^$' > /home/wwwuser/server.my/htdocs/pptp/freevpnaccess.com.txt curl -s "http://freevpn.me/accounts/" | grep -A 3 "Password:" | head -n 1 | cut -f2 -d ":" | cut -f2 -d ">" | cut -b 3- | cut -f1 -d "<" | grep -v -e '^$' > /home/wwwuser/server.my/htdocs/pptp/freevpn.me.txt curl -s "http://www.vpnbook.com/" | grep -A 1 "Username: vpnbook" | tail -n 1 | cut -f2 -d ":" | cut -b 2- | cut -f1 -d '<' | grep -v -e '^$' > /home/wwwuser/server.my/htdocs/pptp/vpnbook.com.txt Скрипт заливки полученных паролей на роутер. Пути и пароли поменять на свои. #!/bin/sh LOCALDIR=/home/wwwuser/server.my/htdocs/pptp REMOTESERVER=192.168.1.1 REMOTEPATH=/pptp LOGIN=admin PASSWORD=yourpassword cd $LOCALDIR ftp -n $REMOTESERVER <<INPUT_END quote user $LOGIN quote pass $PASSWORD cd $REMOTEPATH put vpnme.me.txt put freevpnaccess.com.txt put freevpn.me.txt put vpnbook.com.txt exit INPUT_END Если кому надо, могу выложить все скрипты и настройки...

У меня завелось все! Ресурс из блеклиста открывается через freevpnacces автоматически! Правда есть еще вопросы и надо кое что допилить, думаю сам справлюсь если нет спрошу! Спасибо ruvhell!!!

Благодарю! С sh скриптами проблем нету, все парсится, на mikrotik заливаются vpn пароли и crapregistry.rsc На этом сегодня закончил, надо проверять и теститровать дальше..

Скажие пожалуйтса, что дают правила "помойка из layer7 - почти не использую в дереве" Я добавил, и чего с ними делать то? Я так понимаю нужны какие-то правила для файрвола, а правила есть только для NoZond. Или все кроме NoZond для маркинга траффика и можно удалить? Самый главный вопрос, как получается база заблокированных сайтов? Ротутер же должен знать что речь идет о заблокированном ресурсе Я так понимаю это russianbl Как его сделать?

Пока что добавил правило блокирующие dns-флуд. А то много входящих соединений на 53-й порт. # drop dns flood add action=drop chain=input in-interface=ether1-gateway protocol=udp port=53 comment="dns flood" или вариант с блеклистом # drop dns flood with blacklist add action=drop chain=input in-interface=ether1-gateway comment="dns flood" port=53 protocol=udp src-address-list=dns_black_list add action=add-src-to-address-list comment="dns flood" address-list=dns_black_list address-list-timeout=1d chain=input connection-state=new port=53 protocol=udp

Подскажите а как поднять и настроить pptp клиент? Я чето не понял. Как ему пароли скормить разберусь. add chain=forward comment=PPTP out-interface=pptp add chain=output out-interface=pptp add chain=forward in-interface=pptp add chain=input in-interface=pptp Еще у меня в правилах "заблокировать все остальное", вот в этих, в счетчиках попадает какой-то трафик. Как быть? add action=drop chain=input comment="all other drop" add action=drop chain=forward comment="all other drop" А что делать с приблудами для layer-7? Ну, добавил я как написано, а дальше что? Спасибо.