QOS – 2016

Segue conforme prometido:


/ip firewall mangle
add action=mark-connection chain=postrouting comment=UPLOAD new-connection-mark=uploadconn out-interface=WAN 1
add action=mark-packet chain=postrouting connection-mark=uploadconn new-packet-mark=uploadp
add action=mark-connection chain=prerouting comment=DOWNLOAD in-interface=WAN 1    new-connection-mark=downloadconn
add action=mark-packet chain=prerouting connection-mark=downloadconn new-packet-mark=downloadp
add action=mark-connection chain=postrouting comment="HTTPS UP" connection-bytes=0-1000000 dst-port=443   new-connection-mark=httpsupconn out-interface=WAN 1 protocol=tcp
add action=mark-connection chain=postrouting connection-bytes=100000-0 dst-port=443 new-connection-mark= heavyhttpsupconn out-interface=WAN 1 protocol=tcp
add action=mark-packet chain=postrouting connection-mark=httpsupconn new-packet-mark=httpsup passthrough=no
add action=mark-packet chain=postrouting connection-mark=heavyhttpsupconn new-packet-mark=heavyhttpsup   passthrough=no
add action=mark-connection chain=prerouting comment="HTTPS DOWN" connection-bytes=0-40000000 in-interface= WAN 1 new-connection-mark=httpsdownconn protocol=tcp src-port=443
add action=mark-connection chain=prerouting connection-bytes=40000000-0 in-interface=WAN 1  new-connection-mark=heavyhttpsdownconn protocol=tcp src-port=443
add action=mark-packet chain=prerouting connection-mark=httpsdownconn new-packet-mark=httpsdown passthrough=no
add action=mark-packet chain=prerouting connection-mark=heavyhttpsdownconn new-packet-mark=heavyhttpsdown  passthrough=no
add action=mark-connection chain=postrouting comment="HTTP UP" dst-port=80 new-connection-mark=httpupconn  out-interface=WAN 1 protocol=tcp
add action=mark-connection chain=postrouting connection-bytes=100000-0 dst-port=80 new-connection-mark= heavyhttpupconn out-interface=WAN 1 protocol=tcp
add action=mark-packet chain=postrouting connection-mark=httpupconn new-packet-mark=httpup passthrough=no
add action=mark-packet chain=postrouting connection-mark=heavyhttpupconn new-packet-mark=heavyhttpup  passthrough=no
add action=mark-connection chain=prerouting comment="HTTP DOWN" connection-bytes=0-1100000 in-interface= WAN 1 new-connection-mark=httpdownconn protocol=tcp src-port=80
add action=mark-connection chain=prerouting connection-bytes=1100000-0 in-interface=WAN 1  new-connection-mark=heavyhttpdownconn protocol=tcp src-port=80
add action=mark-packet chain=prerouting connection-mark=httpdownconn new-packet-mark=httpdown passthrough=no
add action=mark-packet chain=prerouting connection-mark=heavyhttpdownconn new-packet-mark=heavyhttpdown passthrough=no
add action=mark-connection chain=postrouting comment="DNS UP" dst-port=53 new-connection-mark=dnsupconn  out-interface=WAN 1 protocol=tcp
add action=mark-connection chain=postrouting dst-port=53 new-connection-mark=dnsupconn out-interface=  WAN 1 protocol=udp
add action=mark-packet chain=postrouting connection-mark=dnsupconn new-packet-mark=dnsup passthrough=no
add action=mark-connection chain=prerouting comment="DNS DOWN" in-interface=WAN 1 new-connection-mark=dnsdownconn protocol=tcp src-port=53
add action=mark-connection chain=prerouting in-interface=WAN 1 new-connection-mark=dnsdownconn  protocol=udp src-port=53
add action=mark-packet chain=prerouting connection-mark=dnsdownconn new-packet-mark=dnsdown passthrough=no
add action=mark-connection chain=postrouting comment="FTP & SFTP UP" dst-port=20,21,115 new-connection-mark=ftpupconn out-interface=WAN 1 protocol=tcp
add action=mark-packet chain=postrouting connection-mark=ftpupconn new-packet-mark=ftpup passthrough=no
add action=mark-connection chain=prerouting comment="FTP & SFTP DOWN" in-interface=WAN 1  new-connection-mark=ftpdownconn protocol=tcp src-port=20,21,115
add action=mark-packet chain=prerouting connection-mark=ftpdownconn new-packet-mark=ftpdown passthrough=no
add action=mark-connection chain=postrouting comment="ICMP UP" new-connection-mark=icmpupconn out-interface=WAN 1 protocol=icmp
add action=mark-packet chain=postrouting connection-mark=icmpupconn new-packet-mark=icmpup passthrough=no
add action=mark-connection chain=prerouting comment="ICMP DOWN" in-interface=WAN 1  new-connection-mark=icmpdownconn protocol=icmp
add action=mark-packet chain=prerouting connection-mark=icmpdownconn new-packet-mark=icmpdown passthrough=no
add action=mark-connection chain=postrouting comment="SSH  UP" dst-port=22 new-connection-mark=sshupconn  out-interface=WAN 1 protocol=udp
add action=mark-connection chain=postrouting dst-port=22 new-connection-mark=sshupconn out-interface= WAN 1 protocol=tcp
add action=mark-packet chain=postrouting connection-mark=sshupconn new-packet-mark=sshup passthrough=no
add action=mark-connection chain=prerouting comment="SSH  DOWN" in-interface=WAN 1  new-connection-mark=sshdownconn protocol=tcp src-port=22
add action=mark-connection chain=prerouting in-interface=WAN 1 new-connection-mark=sshdownconn  protocol=udp src-port=22
add action=mark-packet chain=prerouting connection-mark=sshdownconn new-packet-mark=sshdown passthrough=no
add action=mark-connection chain=postrouting comment="TELNET UP" dst-port=23 new-connection-mark=telnetupconn  out-interface=WAN 1 protocol=tcp
add action=mark-connection chain=postrouting dst-port=23 new-connection-mark=telnetupconn out-interface=    WAN 1 protocol=udp
add action=mark-packet chain=postrouting connection-mark=telnetupconn new-packet-mark=telnetup passthrough=no
add action=mark-connection chain=prerouting comment="TELNET TCP DOWN" in-interface=WAN 1  new-connection-mark=telnetdownconn protocol=tcp src-port=23
add action=mark-connection chain=prerouting in-interface=WAN 1 new-connection-mark=telnetdownconn  protocol=udp src-port=23
add action=mark-packet chain=prerouting connection-mark=telnetdownconn new-packet-mark=telnetdown passthrough= no
add action=mark-connection chain=postrouting comment="EMAIL UP" dst-port=110,995,143,993,25,465,587 new-connection-mark=emailupconn out-interface=WAN 1 protocol=tcp
add action=mark-packet chain=postrouting connection-mark=emailupconn new-packet-mark=emailup passthrough=no
add action=mark-connection chain=prerouting comment="EMAIL DOWN" in-interface=WAN 1 new-connection-mark=emaildownconn protocol=tcp src-port=110,995,143,993,25,465,587
add action=mark-packet chain=prerouting connection-mark=emaildownconn new-packet-mark=emaildown passthrough=no
add action=mark-connection chain=postrouting comment="P2P UP" new-connection-mark=p2pupconn out-interface= WAN 1 p2p=all-p2p
add action=mark-packet chain=postrouting connection-mark=p2pupconn new-packet-mark=p2pup passthrough=no
add action=mark-connection chain=prerouting comment="P2P DOWN" in-interface=WAN 1  new-connection-mark=p2pdownconn p2p=all-p2p
add action=mark-packet chain=prerouting connection-mark=p2pdownconn new-packet-mark=p2pdown passthrough=no
add action=mark-connection chain=postrouting comment="ACK UP" new-connection-mark=ackupconn out-interface=WAN 1 packet-size=0-123 protocol=tcp tcp-flags=ack
add action=mark-packet chain=postrouting connection-mark=ackupconn new-packet-mark=ackup passthrough=no
add action=mark-connection chain=prerouting comment="ACK DOWN" in-interface=WAN 1 new-connection-mark=ackdownconn packet-size=0-123 protocol=tcp tcp-flags=ack
add action=mark-packet chain=prerouting connection-mark=ackdownconn new-packet-mark=ackdown passthrough=no
add action=mark-connection chain=postrouting comment="SYN UP " new-connection-mark=synupconn out-interface=WAN 1 packet-size=0-666 protocol=tcp tcp-flags=syn
add action=mark-packet chain=postrouting connection-mark=synupconn new-packet-mark=synup passthrough=no
add action=mark-connection chain=prerouting comment="SYN DOWN" in-interface=WAN 1 new-connection-mark=syndownconn packet-size=0-666 protocol=tcp tcp-flags=syn
add action=mark-packet chain=prerouting connection-mark=syndownconn new-packet-mark=syndown passthrough=no
add action=mark-connection chain=postrouting comment="VOIP UP" dst-port= 5060,5061,5004,5005,5010,5521,11000,10000,1719,16384,13392 new-connection-mark=voipupconn out-interface=WAN 1 protocol=udp
add action=mark-connection chain=postrouting dst-port=5082,3478,2427,19295,19302,5243,7985 new-connection-mark=voipupconn out-interface=WAN 1 protocol=udp
add action=mark-packet chain=postrouting connection-mark=voipupconn new-packet-mark=voipup passthrough=no
add action=mark-connection chain=prerouting comment="VOIP DOWN" in-interface=WAN 1 new-connection-mark=voipdownconn protocol=udp src-port=5060,5061,5004,5005,5010,5521,11000,10000,1719,16384,13392
add action=mark-connection chain=prerouting in-interface=WAN 1 new-connection-mark=voipdownconn protocol=udp src-port=5082,3478,2427,19295,19302,5243,7985
add action=mark-packet chain=prerouting connection-mark=voipdownconn new-packet-mark=voipdown passthrough=no
add action=mark-connection chain=postrouting comment="GOOGLE UP" dst-port=5222,5228 new-connection-mark=googleupconn out-interface=WAN 1 protocol=tcp
add action=mark-packet chain=postrouting connection-mark=googleupconn new-packet-mark=googleup passthrough=no
add action=mark-connection chain=prerouting comment="GOOGLE DOWN" in-interface=WAN 1 new-connection-mark=googledownconn protocol=tcp src-port=5222,5228
add action=mark-packet chain=prerouting connection-mark=googledownconn new-packet-mark=googledown passthrough= no
add action=mark-connection chain=postrouting comment="OTHER UP" new-connection-mark=otherupconn out-interface= WAN 1
add action=mark-packet chain=postrouting connection-mark=otherupconn new-packet-mark=otherup passthrough=no
add action=mark-connection chain=prerouting comment="OTHER DOWN" in-interface=WAN 1  new-connection-mark=otherdownconn
add action=mark-packet chain=prerouting connection-mark=otherdownconn new-packet-mark=otherdown passthrough=no


/queue type
set 0 pfifo-limit=500
set 1 pfifo-limit=500000000
add kind=pcq name=PCQ_HITS pcq-burst-time=30s pcq-classifier=src-address,dst-address,src-port,dst-port pcq-dst-address6-mask=64 pcq-src-address6-mask=64 pcq-total-limit=4000
add kind=pcq name=PCQ_UP pcq-classifier=src-address pcq-dst-address6-mask=64 pcq-src-address6-mask=64 pcq-total-limit=20000
add kind=pcq name=PCQ_DOWN pcq-classifier=dst-address pcq-dst-address6-mask= 64 pcq-src-address6-mask=64 pcq-total-limit=20000
add kind=pcq name=Cache-Limit pcq-classifier=dst-address  pcq-dst-address6-mask=64 pcq-src-address6-mask=64 pcq-total-limit= 40000000
add kind=pcq name="NORMAL DOWN" pcq-classifier=dst-address  pcq-dst-address6-mask=64 pcq-limit=100 pcq-src-address6-mask=64 pcq-total-limit=40000
add kind=pcq name="HEAVY DOWN" pcq-classifier=dst-address pcq-dst-address6-mask=64 pcq-limit=500 pcq-src-address6-mask=64 pcq-total-limit=200000
add kind=pfifo name="NORMAL HTTP" pfifo-limit=500
set 16 pfifo-limit=500000000



/queue tree
add name=DOWN parent=global queue=PCQ_DOWN
add name=UP parent=WAN 1 queue=PCQ_UP
add name="GOOGLE UP" packet-mark=googleup parent=UP priority=3 queue=default
add name="DNS UP" packet-mark=dnsup parent=UP priority=1 queue=default
add name="DNS DOWN" packet-mark=dnsdown parent=DOWN priority=1 queue=default
add name="ICMP UP" packet-mark=icmpup parent=UP priority=1 queue=default
add name="ICMP DOWN" packet-mark=icmpdown parent=DOWN priority=1 queue= default
add name="TELENET UP" packet-mark=telnetup parent=UP priority=3 queue=default
add name="TELNET DOWN" packet-mark=telnetdown parent=DOWN priority=3 queue=default
add name="SSH UP" packet-mark=sshup parent=UP priority=4 queue=default
add name="SSH DOWN" packet-mark=sshdown parent=DOWN priority=4 queue=default
add name="FTP UP" packet-mark=ftpup parent=UP priority=7 queue=default
add name="VOIP DOWN" packet-mark=voipdown parent=DOWN priority=2 queue=default
add name="EMAIL UP" packet-mark=emailup parent=UP priority=4 queue=default
add name="EMAIL DOWN" packet-mark=emaildown parent=DOWN priority=4 queue=default
add name="SYN UP" packet-mark=synup parent=UP priority=1 queue=default
add name="ACK UP" packet-mark=ackup parent=UP priority=3 queue=default
add name="P2P UP" packet-mark=p2pup parent=UP queue=default
add name="OTHER UP" packet-mark=otherup parent=UP priority=5 queue=default
add name="VOIP UP" packet-mark=voipup parent=UP priority=2 queue=default
add name="P2P DOWN" packet-mark=p2pdown parent=DOWN queue=default
add name="GOOGLE DOWN" packet-mark=googledown parent=DOWN priority=3 queue= default
add name="ACK DOWN" packet-mark=ackdown parent=DOWN priority=3 queue=default
add name="SYN DOWN" packet-mark=syndown parent=DOWN priority=1 queue=default
add name="OTHER DOWN" packet-mark=otherdown parent=DOWN priority=5 queue= default
add name="FTP DOWN" packet-mark=ftpdown parent=DOWN priority=7 queue=default
add name="HEAVY UPLOAD DATA" parent=UP queue=default
add name="NORMAL DOWNLOAD DATA" parent=DOWN priority=6 queue="NORMAL DOWN"
add name="NORMAL UPLOAD DATA" parent=UP priority=6 queue=default
add disabled=yes name="YouTube Download" packet-mark="YouTube Download" parent=DOWN priority=4 queue="HEAVY DOWN"
add name="HEAVY DOWNLOAD DATA" parent=DOWN queue="HEAVY DOWN"
add disabled=yes name="YFaceBook Download" packet-mark="FaceBook Download" parent=DOWN priority=3 queue="NORMAL DOWN"
add name="HTTPS UP" packet-mark=httpsup parent="NORMAL UPLOAD DATA" priority=1 queue=default
add name="HTTPS DOWN" packet-mark=httpsdown parent="NORMAL DOWNLOAD DATA"  priority=1 queue="NORMAL DOWN"
add name="HTTP DOWN" packet-mark=httpdown parent="NORMAL DOWNLOAD DATA"   priority=2 queue="NORMAL DOWN"
add name="HEAVY HTTPS UP" packet-mark=heavyhttpsup parent="HEAVY UPLOAD DATA" priority=3 queue=default
add name="HEAVY HTTP UP" packet-mark=heavyhttpup parent="HEAVY UPLOAD DATA"  priority=4 queue=default
add name="HTTP UP" packet-mark=httpup parent="NORMAL UPLOAD DATA" priority=2 queue=default
add name="HEAVY HTTPS DOWN" packet-mark=heavyhttpsdown parent= "HEAVY DOWNLOAD DATA" priority=3 queue="HEAVY DOWN"
add name="HEAVY HTTP DOWN" packet-mark=heavyhttpdown parent="HEAVY DOWNLOAD DATA" priority=4 queue="HEAVY DOWN"

2 comentários em “QOS – 2016

Deixe seu comentário ;)

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair /  Alterar )

Foto do Google

Você está comentando utilizando sua conta Google. Sair /  Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair /  Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair /  Alterar )

Conectando a %s