最新日记
日记
ROS禁止PING 方法
2009-01-07 23:33
禁止内网PING :点击IP -> Firewall -> Filter Rules -> 右面选中 output -> "+" -> General -> Protocol 中选择 icmp ,在同级界 面上点击Action 中,将Action选择为"drop",按"OK"确认 禁止外网PING :点击IP -> Firewall -> Filter Rules -> 右面选中 input -> "+" -> General -> Protocol 中选择 icmp ,在同级界 面上点击Action 中,将Action选择为"drop",按"OK"确认 ------------------------------------------------------------------------------------------ ROS的密码忘记了,但有台机子里的winbox里保存了密码,可用下面的方法: 如果是win2K/XP/2003,密码就在C:\Documents and Settings\你的用户名\Application Data\Mikrotik\Winbox\winbox.cfg文件里,你用记事本 打开,里面有类似下面的语句: typeaddr host192.168.0.1 loginadmin note keep-pwd pwd12345 pwd后面就是密码. ------------------------------------------------------------------------------------------- 使用高负载ROS的技巧 如果ros的防火墙会话数很高,建议修改相应会话超时参数如下: [admin@cddst] > ip fire conn tra pr enabled: yes tcp-syn-sent-timeout: 30s tcp-syn-received-timeout: 30s tcp-established-timeout: 120h tcp-fin-wait-timeout: 30s tcp-close-wait-timeout: 30s tcp-last-ack-timeout: 30s tcp-time-wait-timeout: 30s tcp-close-timeout: 10s udp-timeout: 30s udp-stream-timeout: 3m icmp-timeout: 30s generic-timeout: 10m |
