Scribd Logo
Importer

Bienvenue sur Scribd !

  • Queue Tree + Mangle

    Transféré par

    Krisno Pratama
    77 vues2 pages
    kkk

    Copyright

    © © All Rights Reserved

    Formats disponibles

    TXT, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    kkk

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme TXT, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    77 vues2 pages

    Queue Tree + Mangle

    Transféré par

    Krisno Pratama
    kkk

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme TXT, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 2

    /ip firewall mangle

    add action=mark-connection chain=prerouting disabled=no in-interface=ether1-ISP


    new-connection-mark=all-inconn passthrough=yes comment="CONNECTION-IN"
    add action=mark-packet chain=prerouting connection-mark=all-inconn disabled=no n
    ew-packet-mark=all-inpkt passthrough=yes comment="UPLOAD"
    add action=mark-connection chain=forward disabled=no in-interface=ether2-LAN new
    -connection-mark=all-outconn passthrough=yes comment="CONNECTION-OUT"
    add action=mark-packet chain=forward connection-mark=all-outconn disabled=no new
    -packet-mark=all-outpkt passthrough=yes comment="DOWNLOAD"
    /ip firewall mangle
    add action=mark-packet chain=prerouting src-address=192.168.170.11 packet-mark=a
    ll-inpkt new-packet-mark=client1-pktd passthrough=no comment="CLIENT1-UPSTREAM"
    add action....... "CLIENT40-UPSTREAM"
    /ip firewall mangle
    add action=mark-packet chain=forward dst-address=192.168.170.11 packet-mark=alloutpkt new-packet-mark=client1-pktd passthrough=yes comment="CLIENT1-DOWNSTREAM"
    add action...... "CLIENT40-DOWNSTREAM"
    /ip firewall layer7-protocol
    add comment="download" name=high regexp="^.*get.+\\.(exe|rar|iso|zip|7zip|0[0-9]
    [1-9]|flv|mkv|avi|mp4|3gp|rmvb|mp3|img|dat|mov).*\$"
    add comment="download" name=document regexp="^.*get.+\\.(pdf|doc|docx|xlsx|xls|r
    tf|ppt|ppt).*\$"
    add comment="video" name=youtube regexp="^.*get.+\\.(c.youtube.com|cdn.dailymoti
    on.com|metacafe.com|mccont.com).*\$"
    add comment="video" name=streaming regexp="videoplayback|video"
    /ip firewall mangle
    add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=cli
    ent1-dpkt packet-mark=client1-pktd passthrough=no comment="CLIENT1 DOWNLOAD"
    add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=c
    lient1-dpkt packet-mark=client1-pktd passthrough=no comment=""
    add action=mark-packet chain=forward connection-bytes=1000000-0 src-port=80,443
    passthrough=yes new-packet-mark=client1-dpkt packet-mark=client1-pktd protocol=t
    cp comment=""
    add action ..... "CLIENT40 DOWNLOAD"
    /ip firewall mangle
    add action=mark-packet chain=forward layer7-protocol=youtube new-packet-mark=cli
    ent1-spkt packet-mark=client1-pktd passthrough=no comment="CLIENT1-VIDEO"
    add action=mark-packet chain=forward layer7-protocol=streaming new-packet-mark=c
    lient1-spkt packet-mark=client1-pktd passthrough=no comment=""
    add action ..... "CLIENT40-VIDEO"
    /ip firewall mangle
    add action=mark-packet chain=forward src-address=192.168.170.11 packet-mark=allgpkt new-packet-mark=client1-gpkt passthrough=no comment="CLIENT1-GAMES"
    add action ..... "CLIENT40-GAMES"
    /ip firewall mangle
    add action=mark-packet chain=forward connection-bytes=0-1000000 src-port=80,443
    passthrough=no new-packet-mark=client1-bpkt packet-mark=client1-pktd protocol=tc
    p comment="CLIENT1-BROWSING"
    add action ..... "CLIENT40-BROWSING"
    /queue tree
    add name=All-Bandwidth parent=global-out packet-mark=all-inpkt,all-outpkt queue=
    default priority=8 max-limit=10M

    /queue tree
    add name=Client1 parent=All-Bandwidth packet-mark=no-mark queue=default priority
    =8 max-limit=1000k
    add name=Client40 ......
    /queue tree
    add name=aClient1-Games parent=Client1 packet-mark=client1-gpkt queue=default pr
    iority=1 max-limit=1000k
    add name=aClient40-Games .....
    /queue tree
    add name=bClient1-Browsing parent=Client1 packet-mark=client1-bpkt queue=default
    priority=2 max-limit=1000k
    add name=bClient40 .....
    /queue tree
    add name=cClient1-Upload parent=Client1 packet-mark=client1-pktp queue=default p
    riority=3 max-limit=1000k
    add name=cClient40-Upload .....
    /queue tree
    add name=dClient1-Download parent=Client1 packet-mark=no-mark queue=default prio
    rity=6 max-limit=512k
    add name=dClient40-Download .....
    /queue tree
    add name=eClient1-DownUdf parent=dClient1-Download packet-mark=client1-pktd queu
    e=default priority=6
    add name=eClient40-DownUdf .....
    /queue tree
    add name=fClient1-DownExt parent=dClient1-Download packet-mark=client1-dpkt queu
    e=default priority=7
    add name=fClient40-DownExt .....
    /queue tree
    add name=gClient1-DownVid parent=dClient1-Download packet-mark=client1-spkt queu
    e=default priority=8
    add name=gClient40-DownVid .....
    /ip firewall filter
    add action=drop chain=forward comment="DOWNLOAD HIGH" connection-limit=6,32 disa
    bled=no layer7-protocol=high protocol=tcp
    add action=drop chain=forward comment="YOUTUBE" connection-limit=6,32 disabled=n
    o layer7-protocol=youtube protocol=tcp
    add action=drop chain=forward comment="STREAMING" connection-limit=6,32 disabled
    =no layer7-protocol=streaming protocol=tcp

    Vous aimerez peut-être aussi