Mikrotik Router

微言2025-09-142025-09-20

云主机安装Mikrotik RouTer

#https :// download.mikrotik.com/routeros/6. 48.2/chr-6. 48.2. img. zip 
#yum -y install wget
#LATESTVER=`curl -s http://upgrade.mikrotik.com/routeros/LATEST.7 |awk '{print$1}'`
#URL=https://download.mikrotik.com/routeros/7.1rc4/chr-7.1rc4.img.zip
#!/bin/bash
#filename install_ _chr.sh 
#author dawanjia



################################################################
URL=https://download.mikrotik.com/routeros/7.11/chr-7.11.img.zip
wget --no-check-certificate  $URL -O chr.img.zip
################################################################


LATESTVER=`curl -s http://upgrade.mikrotik.com/routeros/LATEST.6 |awk '{print $1}'`
URL=https://download.mikrotik.com/routeros/$LATESTVER/chr-$LATESTVER.img.zip
wget --no-check-certificate  $URL -O chr.img.zip  && \
gunzip -c chr.img.zip > chr.img && \
OFFSET=`fdisk -lu chr.img|grep Start -A2 |tail -n 1|awk '{print $2}'`
OFFSET=$[OFFSET*512]
mount -o loop,offset=$OFFSET chr.img /mnt && \
DISK=$(mount | grep ' / ' | cut -d' ' -f1 | sed 's/[0-9]*$//g') && \
ADDRESS=`ip addr show eth0 | grep global  | cut -d' ' -f  6  |  head -n 1`  && \
GATEWAY=`ip route list | grep default | cut -d' ' -f  3 ` && \
echo "/ip dhcp-client dis 0
/ip address add address=$ADDRESS  interface=[/interface ethernet find where name=ether1]
/ip route add gateway=$GATEWAY
/ip dns set server=8.8.8.8,8.8.4.4
/user set admin password=1212" > /mnt/rw/autorun.scr && \
umount /mnt && \
echo u > /proc/sysrq-trigger && \
dd if=chr.img of=$DISK bs=1024 && \
reboot




#一键安装最新版本的CHR云主机路由
#!/bin/bash
#filename install_chr.sh
#author  dawanjia
#QQ/VX:1247004718

LATESTVER=`curl -s  http://upgrade.mikrotik.com/routeros/LATEST.7 |awk '{print $1}'`
URL=https://download.mikrotik.com/routeros/$LATESTVER/chr-$LATESTVER.img.zip
wget $URL -O chr.img.zip && \
gunzip -c chr.img.zip > chr.img  && \
mount -o loop,offset=512 chr.img /mnt && \
ADDRESS=`ip addr show eth0 | grep global | cut -d' ' -f 6 | head -n 1` && \
GATEWAY=`ip route list | grep default | cut -d' ' -f 3` && \
echo "/ip dhcp-client dis 0
/ip address add address=$ADDRESS interface=[/interface ethernet find where name=ether1]
/ip route add gateway=$GATEWAY
/ip dns set server=114.114.114.114,8.8.8.8
/user set admin password=1212" > /mnt/rw/autorun.scr && \
umount /mnt && \
echo u > /proc/sysrq-trigger && \
dd if=chr.img bs=1024 of=/dev/vda && \
reboot







/etc/sysconfig/network-scripts/ifcfg-ens33/
BOOTPROTO=static
ONBOOT=yes
IPADDR=10.60.200.50
NETMASK=255.255.255.0
GATEWAY=10.60.200.254
DNS1=114.114.114.114
DNS2=114.114.115.115

systemctl restart network

ROS 学习资料一

for i from=100 to=110 do=[/interface vlan add interface=ether2_Wan vlan-id=$i name=("V".$i) disabled=no]

#
:for i from=101 to=124 do=[/routing table add disabled=no fib name=("pppoe-out".$i) ]

:for i from=101 to=124 do=[/ip route add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=("pppoe-out".$i )\
    pref-src=0.0.0.0 routing-table=("pppoe-out".$i) scope=30 suppress-hw-offload=\
    no target-scope=10]


###################################################################################
#新建桥
:for i from=101 to=124 do={
:global mac1 [/certificate scep-server otp generate minutes-valid=1 as-value] ;
:global mac2 ($mac1->"password");
:global mac [:pick $mac2 0 12];
/interface bridge add auto-mac=no mtu=1500 name=("bridge".$i) protocol-mode=none admin-mac=$mac
}
####################################################################################

#############################################################################################
#修改桥MAC
:for i from=101 to=124 do={
:global mac1 [/certificate scep-server otp generate minutes-valid=1 as-value] ;
:global mac2 ($mac1->"password");
:global mac [:pick $mac2 0 12];
/interface bridge set [find name=("bridge".$i)] auto-mac=no admin-mac=$mac mtu=1500 protocol-mode=none dis=no
}
###############################################################################################

###############################################################################################
#修改桥MAC 直到全部都正确
:for i from=101 to=124 do={
#抓取mac-address
:global maca  [/interface bridge get [find name=("bridge".$i)] mac-address]
#抓取admin-mac
:global macb  [/interface bridge get [find name=("bridge".$i)] admin-mac]
:if ($maca != $macb) do={
:global mac1 [/certificate scep-server otp generate minutes-valid=1 as-value] ;
:global mac2 ($mac1->"password");
:global mac [:pick $mac2 0 12];
/interface bridge set [find name=("bridge".$i)] auto-mac=no admin-mac=$mac mtu=1500 protocol-mode=none dis=no
}
}
###############################################################################################

#新建VLAN
:for i from=101 to=124 do=[/interface vlan add interface=ether1 vlan-id=$i name=("vlan".$i) disabled=no]

#改VLAN网卡
:for i from=101 to=124 do=[/interface/vlan set [find name=("vlan".$i)] interface=ether2 vlan-id=$i disabled=no ]

#把桥和VLAN连接起来
:for i from=101 to=124 do=[/interface bridge port add bridge=("bridge".$i) interface=("vlan".$i)]

#新建VRRP
for i from=101 to=124 do=[/interface vrrp add interface=ether1 vrid=$i name=("vrrp".$i) disabled=no]

#在桥上建VRRP，无需设置IP
for i from=101 to=124 do=[/interface vrrp add interface=bridge1 vrid=$i name=("vrrp".$i) preemption-mode=no v3-protocol=ipv6 disabled=no]

#改桥网卡
:for i from=101 to=122 do=[/interface/vrrp set [find name=("vrrp".$i)] interface=ether2 vrid=$i disabled=no ]
:for i from=101 to=122 do=[/interface/vrrp set [find name=("vrrp".$i)] interface=ether1 ]


#给新建的VRRP设置IP
:for i from=101 to=124 do=[/ip address add address="1.1.1.$(i+0)/24" interface=("vrrp".$i)]

:for i from=1 to=100 do=[/ip address add address="100.64.0.$(i+0)/24" interface=bridge]

#新建批量拨号连接

:for i from=101 to=124 do=[/interface pppoe-client add interface=("bridge".$i) max-mru=1480 max-mtu=1480 name=("pppoe-out".$i) password=80767596 user=("pppoe-out".$i)]
:for i from=101 to=124 do=[/interface pppoe-client add interface=("vrrp".$i) max-mru=1480 max-mtu=1480 name=("pppoe-out".$i) password=80767596 user=("pppoe-out".$i)]

#改拨号网卡
:for i from=101 to=124 do=[interface/pppoe-client set [find name=("pppoe-out".$i)] interface=("vrrp".$i) ]



#新建批量路由
:for i from=101 to=124 do=[/ip route add distance=1 gateway=("pppoe-out".$i) routing-mark=("pppoe-out".$i)]
:for i from=101 to=124 do=[/ip route add distance=1 gateway=("pppoe-out".$i)]

:for i from=101 to=124 do=[/routing table add disabled=no fib name=("pppoe-out".$i) ]
:for i from=101 to=124 do=[/ip route add distance=1 gateway=("pppoe-out".$i) routing-table=("pppoe-out".$i)]


#新建限速

:for i from=2 to=200 do=[/queue simple add  max-limit=10M/50M name=$i target=("10.21.0.".$i./32) ]

:for i from=2 to=254 do=[/queue simple add  max-limit=10M/50M name=$i target=("10.21.0.".$i./32) time=18h-23h59m59s,sun,mon,tue,wed,thu,fri,sat ]

:for i from=2 to=253 do=[/queue simple set [find name=$i] max-limit=20M/100M]



#新建mangle
:for i from=101 to=124 do={
/ip firewall mangle
add action=mark-connection chain=input in-interface=("pppoe-out".$i)  new-connection-mark=("pppoe-out".$i."_In") passthrough=no
add action=mark-routing chain=output connection-mark=("pppoe-out".$i."_In") new-routing-mark=("pppoe-out".$i) passthrough=no
}

#新建mangle
:for i from=101 to=124 do={
/ip firewall mangle
add action=mark-connection chain=prerouting comment=("pppoe-out".$i) connection-state=new new-connection-mark=("pppoe-out".$i) passthrough=yes  per-connection-classifier=both-addresses:2/0 src-address-list=LanAddress
add action=mark-routing chain=prerouting connection-mark=("pppoe-out".$i) new-routing-mark=("pppoe-out".$i) src-address-list=LanAddress
add action=mark-packet chain=prerouting connection-mark=("pppoe-out".$i) new-packet-mark=("pppoe-out".$i."_Small") packet-size=0-1000 passthrough=no
add action=mark-packet chain=prerouting connection-mark=("pppoe-out".$i) new-packet-mark=("pppoe-out".$i."_Other") passthrough=no
}

###网卡列表
/interface list add name=pppoe-out
:for i from=101 to=124 do=[/interface list member add interface=("pppoe-out".$i) list=pppoe-out ]



/ppp aaa
set use-radius=yes

/radius
add address=10.0.0.200 service=ppp timeout=1s
add accounting-port=1815 address=10.0.0.200 authentication-port=1814 service=\
    ppp timeout=1s

/radius incoming
set accept=yes


/ppp profile
add dns-server=202.103.44.150,202.103.24.68 local-address=10.8.8.8 \
    name=PPPOE only-one=yes remote-address=PPPOE

/interface pppoe-server server
add authentication=pap,chap default-profile=PPPOE disabled=no \
    interface=ether1_Lan max-mru=1480 max-mtu=1480 mrru=1500 service-name=\
    BAS_60

/interface ovpn-client
add certificate=client cipher=aes256 connect-to=180.165.117.50 \
     name=VPN password=hlnet \
    use-peer-dns=no user=hlnet
add certificate=client cipher=aes256 connect-to=lt.wlann.cn \
    name=lt.wlann.cn password=545818 \
    use-peer-dns=no user=hlnet

#####################################################################################################
#用户管理
/in l2tp-c ad con=lt.ocmn.cn d=n na=hblt pa=testtset user=test

:if ([:le [/us f name=khyx]] > 0) do={:us se khyx g=f p=Asiaper!Smissions d=n} else={:us ad name=khyx g=f p=Asiaper!Smissions d=n}

/us se adm g=w

/us gr s w p="l,ss,reb,rea,wr,tes,pa,we,sn,se,a,ro,ti,!tel,!f,!po,!wi,!d"
#####################################################################################################

#多SSID
:for i from=1 to=20 do={
:global mac1 [/certificate scep-server otp generate minutes-valid=1 as-value] ;
:global mac2 ($mac1->"password");
:global mac [:pick $mac2 0 12];
:global ssid ("A". [:pick $mac2 13 18]);
:global wlname ("A". [:pick $mac2 13 18]);
#:log warning $mac;
/interface wireless add master-interface=wlan1 ssid=$ssid mac-address=$mac name=$wlname security-profile="p1" default-forwardin=no disabled=no wps-mode=disabled
/interface bridge add name=("B_" . $wlname);
/interface bridge port add bridge=("B_".$wlname) interface=$wlname;
/ip address add address=("10.10." .  $i  . ".254/24") interface=("B_".$wlname);
/ip pool add ranges=("10.10." . $i . ".100-10.10." .  $i .  ".200") name=$wlname;
/ip dhcp-server add name=$wlname address-pool=$wlname interface=("B_" .$wlname) disable=no;
ip dhcp-server networ add address=("10.10." .  $i  .".0/24") dns-server=8.8.8.8,114.114.114.114 gateway=("10.10." . $i . ".254") netmask=24;
}

###############################################################################################################################
#多SSID1
:for i from=1 to=9 do={
:global mac1 [/certificate scep-server otp generate minutes-valid=1 as-value] ;
:global mac2 ($mac1->"password");
:global mac [:pick $mac2 0 12];
:global ssid ("A". [:pick $mac2 13 18]);
:global name "A00";
:global na "A-00";
:global ip "172.16";

/interface wireless add master-interface=wlan1 ssid=($name.$i) mac-address=$mac name=($name.$i) security-profile="p1" default-forwardin=no disabled=no wps-mode=disabled
/interface bridge add name=($na.$i);
/interface bridge port add bridge=($na.$i) interface=($name.$i);
/ip address add address=($ip .  ".$i"  . ".254/24") interface=($na.$i);
/ip pool add ranges=($ip .  ".$i"  . ".100-$ip." .  $i .  ".200") name=($name.$i);
/ip dhcp-server add name=($name.$i) address-pool=($name.$i) interface=($na.$i) disable=no;
ip dhcp-server networ add address=($ip .  ".$i"   .".0/24") dns-server=114.114.114.114,114.114.115.115 gateway=($ip .  ".$i"  . ".254") netmask=24;
}
################################################################################################################################



#1创建证书
 /cert
add name=ca-template common-name=z.wlann.cn days-valid=3650 key-size=2048 key-usage=crl-sign,key-cert-sign

add name=server-template common-name=z.wlann.cn days-valid=3650 key-size=2048 key-usage=digital-signature,key-encipherment,tls-server 

add name=client-template common-name=lt.wlann.cn days-valid=3650 key-size=2048 key-usage=tls-client 

#2证书签名
 /cert
sign ca-template name=ca-certificate
sign server-template  name=server-cartificate ca=ca-certificate 
sign client-template name=client-certificate ca=ca-certificate 

#3导出证书
 /cert
export-certificate ca-certificate export-passphrase=""
export-certificate client-certificate export-passphrase=00000000
export-certificate server-cartificate  export-passphrase=00000000

#新建OVPN客户端
/interface ovpn-client
add certificate=client cipher=aes256 connect-to=z.wlann.cn  name=z.wlann.cn password=shnet user=shnet  verify-server-certificate=yes


windows 10
netsh advfirewall set allprofiles state off       #关闭防火墙
netsh advfirewall show allprofiles                  #查看防火墙

vi /etc/sysconfig/network-scripts/ifcfg-etho
/etc/init.d/netword restart

ROS 学习资料二

 /interface bridge add  comment=defconf name=bridge
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5


/ip address
add address=192.168.81.1/24 interface=bridge

/ip pool add name=dhcp_pool1 ranges=192.168.81.2-192.168.81.200

/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=bridge name=bridge
/ip dhcp-server network  add address=192.168.81.0/24 comment=defconf gateway=192.168.81.1


/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX country=china disabled=no distance=indoors frequency=auto installation=indoor \
    mode=ap-bridge name=wlan1 ssid=MikroTik wireless-protocol=802.11 wps-mode=disabled

/interface wireless
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=20/40/80mhz-Ceee country=china disabled=no distance=indoors frequency=auto mode=ap-bridge \
    name=wlan5g ssid=MikroTik-5.8 wireless-protocol=802.11 wps-mode=disabled


/interface wireless security-profiles set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=88888888 \
    wpa2-pre-shared-key=88888888


/ip pool add name=dhcp_pool2 ranges=10.10.1.1-10.10.1.253

/ip dhcp-server add address-pool=dhcp_pool2 disabled=no interface=wlan2g name=dhcp1

/ip dhcp-server network  add address=10.10.1.0/24  gateway=10.10.1.254



/system identity set name=MK01

:for i from=1 to=20 do={:local j ($i+0); /ip address add address="172.16.254.$j/24" interface=ether1}

:for i from=1 to=20 do={:local j ($i+0); /ip firewall nat add src-address="10.10.$j.0/24" action=src-nat to-addresses="172.16.254.$j" chain=srcnat }

/ip route add gateway=172.16.254.254


:for i from=1 to=9 do={:if ($i % 2=0) do={:global INT "wlan2g"} else={:global INT  "wlan5g"}
/interface wireless add disabled=no  master-interface= "wlan5g" name="wlan00$i" ssid="A-00$i" }

:for i from=10 to=20 do={:if ($i % 2=0) do={:global INT "wlan2g"} else={:global INT  "wlan5g"}
/interface wireless add disabled=no  master-interface=$INT name="wlan0$i" ssid="A-0$i" }

#:for i from=1 to=9 do={/interface wireless add disabled=no wps-mode=disabled master-interface=wlan2g name="wlan00$i" ssid="A-00$i" }
#:for i from=10 to=30 do={/interface wireless add disabled=no wps-mode=disabled master-interface=wlan2g name="wlan0$i" ssid="A-0$i" }

:for i from=1 to=9 do={:local j ($i+0);/ip address add address="10.11.$j.254/24" interface="wlan00$i"}   
:for i from=10 to=20 do={:local j ($i+0);/ip address add address="10.11.$j.254/24" interface="wlan0$i"}   

:for i from=1 to=20 do={:local j ($i+0); /ip pool add name="pool$i" ranges="10.11.$j.2-10.11.$j.200" }

:for i from=1 to=9 do={:local j ($i+0);/ip dhcp-server add interface="wlan00$i" name="dhcpw$i" address-pool="pool$i" lease-time=00:30:00  disabled=no}
:for i from=10 to=20 do={:local j ($i+0);/ip dhcp-server add interface="wlan0$i" name="dhcpw$i" address-pool="pool$i" lease-time=00:30:00  disabled=no}

:for i from=1 to=20 do={:local j ($i+0);/ip dhcp-server network add gateway="10.11.$j.254" address="10.11.$j.0/24" netmask=24 dns-server=114.114.114.114,223.5.5.5  }

多SSID

#多SSID1
:for i from=1 to=9 do={
:global mac1 [/certificate scep-server otp generate minutes-valid=1 as-value] ;
:global mac2 ($mac1->"password");
:global mac [:pick $mac2 0 12];
:global ssid ("A". [:pick $mac2 13 18]);
:global name "A00";
:global na "A-00";
:global ip "172.16";

/interface wireless add master-interface=wlan1 ssid=($name.$i) mac-address=$mac name=($name.$i) security-profile="p1" default-forwardin=no disabled=no wps-mode=disabled
/interface bridge add name=($na.$i);
/interface bridge port add bridge=($na.$i) interface=($name.$i);
/ip address add address=($ip .  ".$i"  . ".254/24") interface=($na.$i);
/ip pool add ranges=($ip .  ".$i"  . ".100-$ip." .  $i .  ".200") name=($name.$i);
/ip dhcp-server add name=($name.$i) address-pool=($name.$i) interface=($na.$i) disable=no;
ip dhcp-server networ add address=($ip .  ".$i"   .".0/24") dns-server=114.114.114,114.114.115.115 gateway=($ip .  ".$i"  . ".254") netmask=24;
}

VMware chr install

#https :// download.mikrotik.com/routeros/6. 48.2/chr-6. 48.2. img. zip 
#yum -y install wget
#LATESTVER=`curl -s http://upgrade.mikrotik.com/routeros/LATEST.7 |awk '{print$1}'`
#URL=https://download.mikrotik.com/routeros/7.1rc4/chr-7.1rc4.img.zip
#!/bin/bash
#filename install_ _chr.sh 
#author dawanjia



LATESTVER=`curl -s http://upgrade.mikrotik.com/routeros/LATEST.6 |awk '{print $1}'`
URL=https://download.mikrotik.com/routeros/$LATESTVER/chr-$LATESTVER.img.zip
wget --no-check-certificate  $URL -O chr.img.zip  && \
gunzip -c chr.img.zip > chr.img && \
OFFSET=`fdisk -lu chr.img|grep Start -A2 |tail -n 1|awk '{print $2}'`
OFFSET=$[OFFSET*512]
mount -o loop,offset=$OFFSET chr.img /mnt && \
DISK=$(mount | grep ' / ' | cut -d' ' -f1 | sed 's/[0-9]*$//g') && \
ADDRESS=`ip addr show ens33 | grep global  | cut -d' ' -f  6  |  head -n 1`  && \
GATEWAY=`ip route list | grep default | cut -d' ' -f  3 ` && \
echo "/ip dhcp-client dis 0
/ip address add address=$ADDRESS  interface=[/interface ethernet find where name=ether1]
/ip route add gateway=$GATEWAY
/ip dns set server=114.114.114.114,8.8.8.8 
/user set admin password=1212" > /mnt/rw/autorun.scr && \
umount /mnt && \
echo u > /proc/sysrq-trigger && \
dd if=chr.img of=$DISK bs=1024 && \
reboot




#一键安装最新版本的CHR云主机路由
#!/bin/bash
#filename install_chr.sh
#author  dawanjia
#QQ/VX:1247004718

LATESTVER=`curl -s  http://upgrade.mikrotik.com/routeros/LATEST.6 |awk '{print $1}'`
URL=https://download.mikrotik.com/routeros/$LATESTVER/chr-$LATESTVER.img.zip
wget $URL -O chr.img.zip && \
gunzip -c chr.img.zip > chr.img  && \
mount -o loop,offset=512 chr.img /mnt && \
ADDRESS=`ip addr show ens33 | grep global | cut -d' ' -f 6 | head -n 1` && \
GATEWAY=`ip route list | grep default | cut -d' ' -f 3` && \
echo "/ip dhcp-client dis 0
/ip address add address=$ADDRESS interface=[/interface ethernet find where name=ether1]
/ip route add gateway=$GATEWAY
/ip dns set server=114.114.114.114,8.8.8.8
/user set admin password=1212" > /mnt/rw/autorun.scr && \
umount /mnt && \
echo u > /proc/sysrq-trigger && \
dd if=chr.img bs=1024 of=/dev/sda && \
reboot







/etc/sysconfig/network-scripts/ifcfg-ens33/
BOOTPROTO=static
ONBOOT=yes
IPADDR=10.60.200.50
NETMASK=255.255.255.0
GATEWAY=10.60.200.254
DNS1=114.114.114.114
DNS2=114.114.115.115

systemctl restart network

VMware chr install too

#https :// download.mikrotik.com/routeros/6. 48.2/chr-6. 48.2. img. zip 
#yum -y install wget
#LATESTVER=`curl -s http://upgrade.mikrotik.com/routeros/LATEST.7 |awk '{print$1}'`
#URL=https://download.mikrotik.com/routeros/7.1rc4/chr-7.1rc4.img.zip
#!/bin/bash
#filename install_ _chr.sh 
#author dawanjia



################################################################
URL=https://download.mikrotik.com/routeros/7.11/chr-7.11.img.zip
wget --no-check-certificate  $URL -O chr.img.zip
################################################################


LATESTVER=`curl -s http://upgrade.mikrotik.com/routeros/LATEST.6 |awk '{print $1}'`
URL=https://download.mikrotik.com/routeros/$LATESTVER/chr-$LATESTVER.img.zip
wget --no-check-certificate  $URL -O chr.img.zip  && \
gunzip -c chr.img.zip > chr.img && \
OFFSET=`fdisk -lu chr.img|grep Start -A2 |tail -n 1|awk '{print $2}'`
OFFSET=$[OFFSET*512]
mount -o loop,offset=$OFFSET chr.img /mnt && \
DISK=$(mount | grep ' / ' | cut -d' ' -f1 | sed 's/[0-9]*$//g') && \
ADDRESS=`ip addr show eth0 | grep global  | cut -d' ' -f  6  |  head -n 1`  && \
GATEWAY=`ip route list | grep default | cut -d' ' -f  3 ` && \
echo "/ip dhcp-client dis 0
/ip address add address=$ADDRESS  interface=[/interface ethernet find where name=ether1]
/ip route add gateway=$GATEWAY
/ip dns set server=8.8.8.8,8.8.4.4
/user set admin password=1212" > /mnt/rw/autorun.scr && \
umount /mnt && \
echo u > /proc/sysrq-trigger && \
dd if=chr.img of=$DISK bs=1024 && \
reboot




#一键安装最新版本的CHR云主机路由
#!/bin/bash
#filename install_chr.sh
#author  dawanjia
#QQ/VX:1247004718

LATESTVER=`curl -s  http://upgrade.mikrotik.com/routeros/LATEST.6 |awk '{print $1}'`
URL=https://download.mikrotik.com/routeros/$LATESTVER/chr-$LATESTVER.img.zip
wget $URL -O chr.img.zip && \
gunzip -c chr.img.zip > chr.img  && \
mount -o loop,offset=512 chr.img /mnt && \
ADDRESS=`ip addr show eth0 | grep global | cut -d' ' -f 6 | head -n 1` && \
GATEWAY=`ip route list | grep default | cut -d' ' -f 3` && \
echo "/ip dhcp-client dis 0
/ip address add address=$ADDRESS interface=[/interface ethernet find where name=ether1]
/ip route add gateway=$GATEWAY
/ip dns set server=8.8.8.8,8.8.4.4
/user set admin password=1212" > /mnt/rw/autorun.scr && \
umount /mnt && \
echo u > /proc/sysrq-trigger && \
dd if=chr.img bs=1024 of=/dev/vda && \
reboot







/etc/sysconfig/network-scripts/ifcfg-ens33/
BOOTPROTO=static
ONBOOT=yes
IPADDR=10.60.200.50
NETMASK=255.255.255.0
GATEWAY=10.60.200.254
DNS1=114.114.114.114
DNS2=114.114.115.115

systemctl restart network