Forum

QOS COMPLETO

Postado por Gerson filho em 10 de Maio de 2011 às 10:13

E AI GALERA SEGUE AI REGRAS QOS QUE TESTEI SAO BOAS ACELERA BASTANTE A NAVEGAÇAO

 


/ip firewall mangle

add action=mark-connection chain=prerouting comment=SSH_IN disabled=no dst-port=22 new-connection-mark=conn_ssh_in passthrough=yes protocol=tcp

add action=mark-packet chain=prerouting comment="" connection-mark=conn_ssh_in disabled=no new-packet-mark=ssh_in passthrough=no

add action=mark-connection chain=postrouting comment=SSH_OUT disabled=no new-connection-mark=conn_ssh_out passthrough=yes protocol=tcp src-port=22

add action=mark-packet chain=postrouting comment="" connection-mark=conn_ssh_out disabled=no new-packet-mark=ssh_out passthrough=no

add action=mark-connection chain=prerouting comment=FTP_IN disabled=no dst-port=21 new-connection-mark=conn_ftp_in passthrough=yes protocol=tcp

add action=mark-packet chain=prerouting comment="" connection-mark=conn_ftp_in disabled=no new-packet-mark=ftp_in passthrough=no

add action=mark-connection chain=postrouting comment=FTP_IN disabled=no new-connection-mark=conn_ftp_out passthrough=yes protocol=tcp src-port=21

add action=mark-packet chain=postrouting comment="" connection-mark=conn_ftp_out disabled=no new-packet-mark=ftp_out passthrough=no

add action=mark-connection chain=prerouting comment=DNS_IN disabled=no dst-port=53 new-connection-mark=conn_dns_in passthrough=yes protocol=udp

add action=mark-packet chain=prerouting comment="" connection-mark=conn_dns_in disabled=no new-packet-mark=dns_in passthrough=no

add action=mark-connection chain=postrouting comment=DNS_OUT disabled=no new-connection-mark=conn_dns_out passthrough=yes protocol=udp src-port=53

add action=mark-packet chain=postrouting comment="" connection-mark=conn_dns_out disabled=no new-packet-mark=dns_out passthrough=no

add action=mark-packet chain=prerouting comment="EMAIL IN (POP)" disabled=no dst-port=110 new-packet-mark=email_in passthrough=yes protocol=tcp

add action=mark-packet chain=prerouting comment="EMAIL SSL IN (POP)" disabled=no dst-port=995 new-packet-mark=email_in passthrough=yes protocol=tcp

add action=mark-packet chain=prerouting comment="IMAP IN" disabled=no dst-port=143 new-packet-mark=email_in passthrough=yes protocol=tcp

add action=mark-packet chain=prerouting comment="IMAP SSL IN" disabled=no dst-port=993 new-packet-mark=email_in passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="EMAIL OUT (SMTP)" disabled=no new-packet-mark=email_out passthrough=yes protocol=tcp src-port=25

add action=mark-packet chain=postrouting comment="" disabled=no new-packet-mark=email_out passthrough=yes protocol=udp src-port=25

add action=mark-connection chain=prerouting comment="ORKUT IN" content=orkut disabled=no new-connection-mark=conn_orkut_in passthrough=yes

add action=mark-packet chain=prerouting comment="" connection-mark=conn_orkut_in disabled=no new-packet-mark=orkut_in passthrough=no

add action=mark-connection chain=postrouting comment="ORKUT OUT" content=orkut disabled=no new-connection-mark=conn_orkut_out passthrough=yes

add action=mark-packet chain=postrouting comment="" connection-mark=conn_orkut_out disabled=no new-packet-mark=orkut_out passthrough=no

add action=mark-connection chain=prerouting comment="YOUTUBE IN" content=youtube disabled=no new-connection-mark=conn_youtube_in passthrough=yes

add action=mark-packet chain=prerouting comment="" connection-mark=conn_youtube_in disabled=no new-packet-mark=youtube_in passthrough=no

add action=mark-connection chain=postrouting comment="YOUTUBE OUT" content=youtube disabled=no new-connection-mark=conn_youtube_out passthrough=yes

add action=mark-packet chain=postrouting comment="" connection-mark=conn_youtube_out disabled=no new-packet-mark=youtube_out passthrough=no

add action=mark-connection chain=prerouting comment="HOTMAIL IN" content=hotmail disabled=no new-connection-mark=conn_hotmail_in passthrough=yes

add action=mark-packet chain=prerouting comment="" connection-mark=conn_hotmail_in disabled=no new-packet-mark=hotmail_in passthrough=no

add action=mark-connection chain=postrouting comment="HOTMAIL OUT" content=hotmail disabled=no new-connection-mark=conn_hotmail_out passthrough=yes

add action=mark-packet chain=postrouting comment="" connection-mark=conn_hotmail_out disabled=no new-packet-mark=hotmail_out passthrough=no

add action=mark-connection chain=prerouting comment="RANGE IP DO BRASIL" disabled=no dst-address-list=brasil dst-port=80 new-connection-mark=conn_brasil_in passthrough=\
yes protocol=tcp

add action=mark-packet chain=prerouting comment="" connection-mark=conn_brasil_in disabled=no new-packet-mark=ip_brasil_in passthrough=no

add action=mark-connection chain=prerouting comment="HTTP IN" disabled=no dst-port=80 new-connection-mark=conn_all_http_in passthrough=yes protocol=tcp

add action=mark-packet chain=prerouting comment="" connection-mark=conn_all_http_in disabled=no new-packet-mark=all_http_in passthrough=no

add action=mark-connection chain=prerouting comment="HTTP OUT" disabled=no new-connection-mark=conn_all_http_out passthrough=yes protocol=tcp src-port=80

add action=mark-packet chain=postrouting comment="" connection-mark=conn_all_http_out disabled=no new-packet-mark=all_http_out passthrough=no

add action=mark-connection chain=prerouting comment=HTTPS_IN disabled=no dst-port=443 new-connection-mark=conn_https_in passthrough=yes protocol=tcp

add action=mark-packet chain=prerouting comment="" connection-mark=conn_https_in disabled=no new-packet-mark=https_in passthrough=no

add action=mark-connection chain=postrouting comment=HTTPS_OUT disabled=no new-connection-mark=conn_https_out passthrough=yes protocol=tcp src-port=443

add action=mark-packet chain=postrouting comment="" connection-mark=conn_https_out disabled=no new-packet-mark=https_out passthrough=no

add action=mark-connection chain=prerouting comment=MSN_IN disabled=no dst-port=1863 new-connection-mark=conn_msn_in passthrough=yes protocol=tcp

add action=mark-packet chain=prerouting comment="" connection-mark=conn_msn_in disabled=no new-packet-mark=msn_in passthrough=yes

add action=mark-connection chain=postrouting comment=MSN_OUT disabled=no layer7-protocol="(unknown)" new-connection-mark=conn_msn_out passthrough=yes protocol=tcp \
src-port=1863

add action=mark-packet chain=postrouting comment="" connection-mark=conn_msn_out disabled=no layer7-protocol="(unknown)" new-packet-mark=msn_out passthrough=no

add action=mark-connection chain=prerouting comment="STREAM_IN (tcp)" disabled=no dst-port=537,554,1736,1755,1790,2979 new-connection-mark=conn_stream_in passthrough=yes \
protocol=tcp

add action=mark-connection chain=prerouting comment="STREAM_IN (udp)" disabled=no dst-port=537,554,1736,1755,1790,2979 new-connection-mark=conn_stream_in passthrough=yes \
protocol=udp

add action=mark-packet chain=prerouting comment="" connection-mark=conn_stream_in disabled=no new-packet-mark=stream_in passthrough=no

add action=mark-connection chain=postrouting comment="STREAM_OUT (tcp)" disabled=no new-connection-mark=conn_stream_out passthrough=yes protocol=tcp src-port=\
537,554,1736,1755,1790,2979

add action=mark-connection chain=postrouting comment="STREAM_OUT (udp)" disabled=no new-connection-mark=conn_stream_out passthrough=yes protocol=udp src-port=\
537,554,1736,1755,1790,2979

add action=mark-packet chain=postrouting comment="" connection-mark=conn_stream_out disabled=no new-packet-mark=stream_out passthrough=no

add action=mark-connection chain=prerouting comment=WINBOX_IN disabled=no dst-port=8291 new-connection-mark=conn_winbox_in passthrough=yes protocol=tcp

add action=mark-packet chain=prerouting comment="" connection-mark=conn_winbox_in disabled=no new-packet-mark=winbox_in passthrough=no

add action=mark-connection chain=postrouting comment=WINBOX_OUT disabled=no new-connection-mark=conn_winbox_out passthrough=yes protocol=tcp src-port=8291

add action=mark-packet chain=postrouting comment="" connection-mark=conn_winbox_out disabled=no new-packet-mark=winbox_out passthrough=no

add action=mark-connection chain=prerouting comment=VOIP_IN disabled=no dst-port=5060-5061 new-connection-mark=conn_voip_in passthrough=yes protocol=udp

add action=mark-packet chain=prerouting comment="" connection-mark=conn_voip_in disabled=no new-packet-mark=voip_in passthrough=no

add action=mark-connection chain=postrouting comment=VOIP_OUT disabled=no new-connection-mark=conn_voip_out passthrough=yes protocol=udp src-port=5060-5061

add action=mark-packet chain=postrouting comment="" connection-mark=conn_voip_out disabled=no new-packet-mark=voip_out passthrough=yes

add action=mark-connection chain=prerouting comment=P2P_IN disabled=no new-connection-mark=conn_p2p_in p2p=all-p2p passthrough=yes protocol=tcp

add action=mark-packet chain=prerouting comment="" connection-mark=conn_p2p_in disabled=no new-packet-mark=p2p_in passthrough=no

add action=mark-connection chain=postrouting comment=P2P_OUT disabled=no new-connection-mark=conn_p2p_out p2p=all-p2p passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark=conn_p2p_out disabled=no new-packet-mark=p2p_out passthrough=yes


/queue tree

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=downloads packet-mark="" parent=global-in priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=1024000 max-limit=1024000 name=primario_in packet-mark="" parent=downloads priority=1 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=50000 name=p2p_in packet-mark=p2p_in parent=global-in priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=500000 name=https_in packet-mark=https_in parent=primario_in priority=3 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=uploads packet-mark="" parent=global-out priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=1024000 max-limit=1024000 name=primario_out packet-mark="" parent=uploads priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=200000 name=https_out packet-mark=https_out parent=primario_out priority=3 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=secundario_in packet-mark="" parent=downloads priority=8 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=secundario_out packet-mark="" parent=uploads priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=msn_in packet-mark=msn_in parent=primario_in priority=6 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=msn_out packet-mark=msn_out parent=primario_out priority=6 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=dns_in packet-mark=dns_in parent=primario_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=dns_out packet-mark=dns_out parent=primario_out priority=1 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=300000 max-limit=1024000 name=stream_in packet-mark=stream_in parent=primario_in priority=1 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 max-limit=200000 name="todo_resto_in - tcp" packet-mark=todo_resto_in parent=secundario_in \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 max-limit=200000 name="todo_resto_out - tcp" packet-mark=todo_resto_out parent=secundario_out \
priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=winbox_in packet-mark=winbox_in parent=primario_in priority=8 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=256000 name=winbox_out packet-mark=winbox_out parent=primario_out priority=8 \
queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=1024000 name=voip_in packet-mark=voip_in parent=primario_in priority=1 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=1024000 name=voip_out packet-mark=voip_out parent=primario_out priority=1 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ssh_in packet-mark=ssh_in parent=secundario_in priority=1 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ssh_out packet-mark=ssh_out parent=secundario_out priority=1 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ftp_in packet-mark=ftp_in parent=secundario_in priority=3 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ftp_out packet-mark=ftp_out parent=secundario_out priority=5 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=500000 name=email_in packet-mark=email_in parent=primario_in priority=3 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=500000 name=email_out packet-mark=email_out parent=primario_out priority=3 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=500000 name="ips brasil" packet-mark=ip_brasil_in parent=primario_in priority=3 \
queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=25000 name=p2p_out packet-mark=p2p_out parent=global-out priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=500000 name=http_in packet-mark="" parent=downloads priority=4 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=300000 name=orkut_in packet-mark=orkut_in parent=http_in priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=500000 name=http_out packet-mark="" parent=uploads priority=4 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=150000 max-limit=250000 name=orkut_out packet-mark=orkut_out parent=http_out priority=1 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=600000 name=all_http_in packet-mark=all_http_in parent=primario_in priority=4 \
queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=600000 name=all_http_out packet-mark=all_http_out parent=primario_out priority=4 \
queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=300000 max-limit=1024000 name=stream_out packet-mark=stream_out parent=primario_out priority=1 \
queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=300000 name=hotmail_in packet-mark=hotmail_in parent=http_in priority=1 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=300000 name=hotmail_out packet-mark=hotmail_out parent=http_out priority=1 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=1024000 name=youtube packet-mark=youtube_in parent=http_in priority=1 queue=\
default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=1024000 name=youtube_out packet-mark=youtube_out parent=http_out priority=1 \
queue=default


Visualizações: 45

Para adicionar comentários, você deve ser membro de MK-AUTH.

Join MK-AUTH

Marcações: dica, provedor, qos, regras, sistema, uso
Votos 0
Enviar-me um email quando as pessoas responderem –
Seguir

Respostas

  • Maurico Ferreira Santos Maio 22, 2011 10:51

    Parabéns otima contribuição, porem não é tudo que se usa, quem entende um pouco mais personaliza a gosto.

     

    Abraços!

  • Vip Net do Brasil - Fábio Maio 18, 2011 18:39
    Layer 7 ainda é um desafio pra maioria, mas com certeza é a melhor maneira de se controlar uma grande rede, se outra pessoa tiver algo sobre l7 e quiser postar para avaliação sera bem vindo, ate agora tudo que encontrei não deu certo, uma hora ta incompleto outra o mk não aceita subir...
  • romerio ricardo de souza Maio 16, 2011 19:01

    Desculpem entrar de gaiato nessa discurção até mesmo pq sou novo aqui e não tenho muitos conhecimentos, mas preciso dizer a todos que esse forum serve para ajudar um ao outro e não pra atingir ou chingar ninguém.

    Já disse o grande autor da criação " é melhor dá do que receber". Com certeza nos sentimos melhor quando ajudamos o próximo sem esperar recompensa, não desmerecendo o amigo speedynet, DAI A CESAR O QUE É DE CESAR e DAI HONRA A QUEM TEM HONRA.

    Sendo assim, devemos honrar sem dúvidas o PEDRO que sem olhar a quem e sem esperar retorno desenvolveu esse maravilhoso sistema para todos e coloca aqui não a receita, mas o bolo completo para que todos peguem uma fatia. E com certeza agradecer, mesmo estando em segundo plano, ao nosso amigo speedynet que, mesmo sem concordar com a divulgação, criou as regars necessárias para melhorar nosso trabalho.

    Sendo assim, não devemos discultir e sim COMEMORAR.

     

    Se alguém discorda, sou todo ouvidos.

     

    Att.  RapidãoNet

  • Vip Net do Brasil - Fábio Maio 16, 2011 18:29
    Grande Ceara, estou aguardando aquele post prometido, principalmente o l7 que ajuda a controlar muito bem ...

    SpeedyNet CEARÁ disse:

    é exatamente o que flei e alguns mi criticram...

     

    Att, SpeedyNet

  • Turbo Net Telecom Maio 16, 2011 14:22

    ai pro pessoal qui ta falando de copia qui eu copiei e tal nao copiei de ninguem aqui peguei do proprio site da mikrotik olha o link ai http://wiki.mikrotik.com/wiki/Basic_traffic_shaping_based_on_layer-...

     

    o pessoal qui falow qui eu copiei copiei sim mais do site do mikrotik ou seja to compiando do desenvolvedor do sistema certo!

  • Marcilio Soares Maio 16, 2011 10:45
    olha só essas regras só servem para alguns, pois testei ake  são até boas e funcionais, porém recomendo para quem usa links pequenos, não vi muita utilidade na minha rede, pessoal reclamou, dae desativei, mas pode ser do penca e do lenka, cada rede tem sua caracteristica, q adianta colocar se muitas vezes faz é piorar, acho que tem que entender para saber o que está fazendo pois firewall é o coração da rede!
  • Eduarlei Avelar Maio 16, 2011 10:23

    KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK.....

     

    So para rir...

     

    Estão igual urubú na carniça.

     

    E meu não e meu sai e meu ja falei ki e meu...

     

    kkkkkkkkkkkk...

     

    Calma Galera não presisa disto o mundo e de todos.

     

    Concordo tem ki cobrar msm, mas aki quem paga pelo serviço e depois quer colocar o que pagou de graça na Net problema e dele, e muito bom de quem presisa do msm serviço e nao presisa pagar pq um ja pagou por ele e contribuiu a todos. kkkkkkkkkkk...

  • Marco Aurélio Maio 16, 2011 9:48

    Galera parem com essa parada ai de regra minha regra sua pow gente estamos no mundo para ajudar uns aos outros eu aprendo e ensino cobro quando e preciso mais pow regras gene nao e nada demais passar pow temos que cobras sim temos que cobrar porque todos temos contas para pagar mais nao se comprar um servidor para erguer ele do zero e um server so para colocar regras nao podemos esquecer que uma pessoa que deixamos de ajudar hoje amanha podemos precisar dela

    Lembrem-se

    Quem não vive para servir nâo serve para viver

    entao deixem de discutirde quem sao essas regras

  • Felipe José Salata Maio 16, 2011 9:11

    virgem santa maria...

     

    mais um conflito?!

  • Eduarlei Avelar Maio 16, 2011 9:01
    E ai o jogo do timão ja acabou ?

    SpeedyNet CEARÁ disse:

    pegou na net ????????????????????????????????????????????????????????????????????????

     

    MINHAS RAPOSAS DE PLANTAO LOGO APOS O JOGO DO TIMÃO VOU COLOCAR UMA CONFIG COM LAYER7 PRA VCS TUDO EXPLICADINHO, AGUARDEM ESPALHEM AVISE OS GATOS NETES DE PLANTAO, NAO ESQUECA LOGO APÓS O JOGO DO TIMÃO.

This reply was deleted.