ROS Common commands

I have read a lot of router OS information about how to install the router OS, but I rarely see the command information about the router OS (maybe because of winbox). Although I have explained it in the router OS manual, however, the English version is not easy to understand. Below I will write some common commands, hoping to help you:

1. What are frequently used after login? Is a commonly used HELP command, which can list available commands and simple instructions.

2. Some English commands are very long and can be abbreviated as interface. After you enter in, press enter to automatically enter the interface. Or you can press the tab key to complete the long English command input.

3. Some commands have many parameters. When you do not know, you can enter the command and add a space ?, Such as print?

The command parameters are displayed.

4. Everyone should remember the setup command, because the IP address of the NIC must be allocated to the router OS after it is installed.

5. ip route add gate = 211. 12. *. 14,220. 163. *. 12 this command is used to add multiple gateways for multi-line access.

6. ip firewall add action = nat protocol = tcp dst-address = 212. 12. *. */32: 80 to-dst-address = 192.168.0.198 this command is used to map port 80 to local 192.168.0.198.

7. print this command is used to list all projects.

8. interface monitor-traffice 0, 1, 2 can monitor the activity of the current 0, 1, 2 Nic.

9. ip firewall connection print displays all current connections.

10. ip arp print displays the list of ip addresses and mac addresses that all router OS know.

11. user active print displays all active users of the router OS.

12. system reboot and system shutdown are respectively restarted and shut down.

13. system reset deletes all original configurations and restarts router OS. 14. system resource monitor can monitor the current cpu and memory usage.

15. log print can display the logs of the router OS.

16. tool ping-speed 210.13.14. * shows the ping speed.

17. tool sniffer start and tool sniffer stop can enable and stop the sniffer.

18. tool sniffer packet print can list sniffing packets.

19. system backup name = 2002.167.bak can back up the system configuration to the file 2002.167.bak, which can be seen in file print.

What else can enable, disable, remove, and set.

The above are some of the commands that I often use after using the router OS to access two optical fibers. I found that the router OS is really a good thing, so I can't help writing it out and publicize it for the router OS. There are many immature things, and I hope you will forgive me.

/Sy reset Restore original route status

/Sy reboot restart route

/Sy showdown Shutdown

/Sy ide set name = machine name set machine name

/Export view Configuration

/Ip export view IP configuration

/Sy backup press ENTER

Save name = you want to set the route for file name backup

Load name = you need to set the file NAME to restore the backup

/Interface print to view the NIC status

0 X ether1 ether 1500 this is not enabled for the NIC

0 R ether1 ether 1500 this is normal

/Int en 0 activate 0 Nic

/Int di 0 disable 0 Nic

/Ip fir con print to view all current network edge connections

/Ip service set www port = 81 change www service port to 81

/Ip hotspot user add name = user1 password = 1 add user

View memory and CPU usage:/system resource monitor

View all current network connections:/ip firewall connection print

Restart route:/system reboot

Route shutdown:/system shutdown

Restore Default installation:/system reset

View system Time:/system clock print

View general system information:/system resource print

View PC information:/system resource pci print

View level and license:/system license print

View system components and installation packages:/system package print

View the system administrator list:/user print

View System logs:/log print

View IP configuration:/ip address print

View Nic status:/interface print

View Gateway status:/ip route print

View firewall Information:/ip firewall filter print

Shutdown: system-shutdown
Restart:/sy reboot
/Ip add pri view IP configuration
/Sy backup
Save name = saved file name
/Int pri view Nic status
Import *. rsc firewall import command (provided that *. rsc is already in ros ftp)
/Ip firewall export file = *. rsc backup firewall

/Ip fir con print
User: lish ps: love
/Ip address add address 10.0.0.1/24 interface ether1
/Ip address add address 10.0.0.1 netmask limit 255.0 interface ether1
/Set r to restore the initial route
/Sy reboot restart route
/Sy showdown Shutdown
/Sy ide set name = machine name set machine name
/Export view Configuration
/Ip export view IP configuration
/Sy backup press ENTER
Save name = you want to set the route for file name backup
Load name = you need to set the file NAME to restore the backup
/Interface print to view the NIC status
0 X ether1 ether 1500 this is not enabled for the NIC
0 R ether1 ether 1500 this is normal
/Int en 0 activate 0 Nic
/Int di 0 disable 0 Nic
/Ip fir con print to view all current network edge connections
/Ip service set www port = 81 change www service port to 81
/Ip hotspot user add name = user1 password = 1 add user
There is a weakness in how to bind MAC and IP addresses to prevent IP conflicts like other proxy servers, such
If someone changes the Client IP address in the Intranet to the same IP address as the gateway (for example, 192.168.0.1 ),
After a while, ROS will lose its proxy function and the entire Internet cafe will be suspended. Log On with the super Administrator Account
, IP-----ARP, so that you can see the IP and MAC address of a row, these are Intranet network activity
. Select one, double-click, select COPY ---- click OK, and then bind all
Double-click the INTERFACE option of WINBOX and select "replay-only"
After binding an IP address through ROS, the following client will not be able to communicate with the gateway as long as the IP address is changed.
Communication, and of course the host cannot be suspended.

ROS anti-syn ip-firewall-connections Tracking: TCP Syn Sent Timeout: 50 TCP
Syn converted ed timeout: 30

The blocked ip address of the ROS port-firewall-Filer Rules indicates packet forwarding.
Firewall rule-General Dst. Address: port to be blocked Protocol: tcp
Action: drop (discard)

ROS speed Limit Queues-Simple Queues name: Any Dst. Address: Intranet IP Address/32 Limit allowed
At (tx/rx): minimum transmission Max Limit (tx/rx): Maximum Transmission

If some web pages cannot be opened, your ISP's MTU = 1492, please go to the IP address>
Firewall> Mangle> click the red plus sign> Protocol select TCP> Tcp Options select
Sync & gt; Actions Select accept & gt; tcp mss: 1448. Ip-firewall-filter fules,
Select "+" and "in interface" select the Intranet NIC (local). Other Default routes allow
You can modify the ip address segment of the src address or the content of the content.
Filter ip-> firewall-> filter chains select input and select drop.
Deny all external connections to the above two rules, shield all connections from the Internet some malicious websites and
The advertisement can also be blocked from this. You can record the nic mac address to solve the problem that cannot be Baidu.
Network adapter. The specific settings are as follows. Select forward from the filter rules item in the firewall and then add
A setting is the "+". Add the "src. mac. address" in the advanced item to the network.
The MAC address of the card, and then select DROP in ACTION. The IP address of the NIC does not exist.
In other words, they cannot access the Internet. Unless it changes the NIC. This is what I did, and the results are good.
If the port cannot be opened with winbox, use SSH to enter/ip ser/> set
Www port 80/ip ser/> set ftp port 21