jueves, 26 de enero de 2017

QOS para Reducir LAG en juego con Mikrotik

QOS para Reducir LAG en juego con Mikrotik
Fuente: https://r1ch.net/blog/routerboard

 /queue tree
add limit-at=9700k max-limit=9700k name=queue1 parent=ether1-gateway queue=default
add limit-at=9300k max-limit=9300k name=prio5-streaming packet-mark=streaming parent=queue1 priority=5 queue=default
add limit-at=100k max-limit=9500k name=prio8-untagged packet-mark=no-mark parent=queue1 queue=default
add limit-at=1G max-limit=1G name=prio3-gaming packet-mark=gaming parent=queue1 priority=3 queue=default
add limit-at=1G max-limit=1G name=prio2-misc-fast packet-mark=misc-fast parent=queue1 priority=2 queue=default
add limit-at=100k max-limit=9500k name=prio6-http packet-mark=http parent=queue1 priority=6 queue=default

 /ip firewall mangle
add action=mark-packet chain=postrouting connection-mark=streaming new-packet-mark=streaming passthrough=no
add action=mark-packet chain=postrouting connection-mark=gaming new-packet-mark=gaming passthrough=no
add action=mark-packet chain=postrouting new-packet-mark=misc-fast packet-size=40 passthrough=no protocol=tcp tcp-flags=ack
add action=mark-packet chain=postrouting dst-port=53 new-packet-mark=misc-fast out-interface=ether1-gateway passthrough=no protocol=udp
add action=mark-packet chain=postrouting connection-mark=http new-packet-mark=http passthrough=no
add action=mark-connection chain=postrouting comment=Streaming connection-state=new dst-port=1935 new-connection-mark=streaming out-interface=ether1-gateway protocol=tcp
add action=mark-connection chain=postrouting comment=League dst-port=5000-5500 new-connection-mark=gaming out-interface=ether1-gateway protocol=udp
add action=mark-connection chain=postrouting comment=SC2 dst-port=1119 new-connection-mark=gaming out-interface=ether1-gateway protocol=udp
add action=mark-connection chain=postrouting comment=HotS dst-port=1120,3724 new-connection-mark=gaming out-interface=ether1-gateway protocol=udp
add action=mark-connection chain=postrouting comment="BW + HotS" dst-port=6112-6113 new-connection-mark=gaming out-interface=ether1-gateway protocol=udp
add action=mark-connection chain=postrouting comment="Valve Games" dst-port=27000-27060 new-connection-mark=gaming out-interface=ether1-gateway protocol=udp

 add action=mark-connection chain=postrouting comment="Web Browsing" connection-state=new dst-port=80,443 new-connection-mark=http out-interface=ether1-gateway protocol=tcp
Publicadas por a la/s 4 comentarios:

sábado, 21 de enero de 2017

Cómo bloquear páginas con Layer 7 Protocol

Cómo bloquear páginas con Mikrotik Layer 7 Protocol

 Esto es una idea para bloquear páginas porn se puede agregar mas dominios

 Agregamos el siguiente regex en Layer7

 /ip firewall layer7-protocol
add comment="" name=Porn regexp="^.+(\bporno\b|videosxxxputas|xmujeres|{0,25}porno{0,25}|[a-z]{0,25}porno|porno[a-z]{0,25}|bingoporno|putas[a-z]+|)\.(com|org|co|net|xxx|mobi|tv|name|[a-z]{2,3,4}).*$"



y en filtro la siguiente regla:

 /ip firewall filter
add action=drop chain=forward comment=block-xxx in-interface=\

all-ethernet layer7-protocol=Porn log-prefix=""

Publicadas por a la/s No hay comentarios.:

sábado, 14 de enero de 2017

Como bloquear Mega.co.nz en mikrotik usando L7

Ejemplo práctico como bloquear Mega.co.nz  en mikrotik usando Layer7 
Indicamos el siguiente regex en Layer7

/ip firewall layer7-protocol

add comment="" name=mega regexp=".(api|userstorage).mega.co"
y en filtro agregamos la siguiente regla:

 /ip firewall filter
add action=drop chain=forward comment=block-host-descargas-mega in-interface=\
all-ethernet layer7-protocol=mega log-prefix=""

















Publicadas por



a la/s 





3 comentarios:
  


































        

      









Suscribirse a:
Entradas (Atom)