以下是引用片段：

/ip firewall filter add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list="port scanners" address-list-timeout=14d comment="Port scanners to list " disabled=no 

/ip firewall filter add chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=14d comment="NMAP FIN Stealth scan" 

/ip firewall filter add chain=input protocol=tcp tcp-flags=fin,syn action=add-src-to-address-list address-list="port scanners" address-list-timeout=14d comment="SYN/FIN scan" 

/ip firewall filter add chain=input protocol=tcp tcp-flags=syn,rst action=add-src-to-address-list address-list="port scanners" address-list-timeout=14d comment="SYN/RST scan" 

/ip firewall filter add chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack action=add-src-to-address-list address-list="port scanners" address-list-timeout=14d comment="FIN/PSH/URG scan" 

/ip firewall filter add chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=14d comment="ALL/ALL scan" 

/ip firewall filter add chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=14d comment="NMAP NULL scan" 

/ip firewall filter add chain=input src-address-list="port scanners" action=drop comment="dropping port scanners" disabled=no

RouterOS终极提速，彻底解决ROS小包（网络游戏数据包）转发性能差的问题

以下只给有ROS基础的人看,2.9.7以上版本支持，2.9.26上调试通过

ROS终端界面直接输入即可

HTB QOS 流量质量控制

/ ip firewall mangle

add chain=forward p2p=all-p2p action=mark-connection        new-connection-mark=p2p_conn passthrough=yes comment="" disabled=no

add chain=forward connection-mark=p2p_conn action=mark-packet        new-packet-mark=p2p passthrough=yes comment="" disabled=no

add chain=forward connection-mark=!p2p_conn action=mark-packet        new-packet-mark=general passthrough=yes comment="" disabled=no

add chain=forward packet-size=32-512 action=mark-packet new-packet-mark=small        passthrough=yes comment="" disabled=no

add chain=forward packet-size=512-1200 action=mark-packet new-packet-mark=big        passthrough=yes comment="" disabled=no

/ queue tree

add name="p2p1" parent=TEL packet-mark=p2p limit-at=2000000 queue=default        priority=8 max-limit=6000000 burst-limit=0 burst-threshold=0 burst-time=0s        disabled=no

add name="p2p2" parent=LAN packet-mark=p2p limit-at=2000000 queue=default        priority=8 max-limit=6000000 burst-limit=0 burst-threshold=0 burst-time=0s        disabled=no

add name="ClassA" parent=LAN packet-mark="" limit-at=0 queue=default priority=8        max-limit=100000000 burst-limit=0 burst-threshold=0 burst-time=0s        disabled=no

add name="ClassB" parent=ClassA packet-mark="" limit-at=0 queue=default        priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s        disabled=no

add name="Leaf1" parent=ClassA packet-mark=general limit-at=0 queue=default        priority=7 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s        disabled=no

add name="Leaf2" parent=ClassB packet-mark=small limit-at=0 queue=default        priority=5 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s        disabled=no

add name="Leaf3" parent=ClassB packet-mark=big limit-at=0 queue=default        priority=6 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s        disabled=no

1-8级优先级控制，数字越小优先级越高

LAN内网接口

TEL 外网接口

SMALL 小包 32-512字节     5级优先级

BIG 大包     512-1200字节      6级优先级

general 其它包 1200-1500字节     7级优先级

P2P类      8级优先，全局限速 600KB/S下载

Leaf 子类