Tópico: Controle p2p limitando web cam msn.......??

ola amigo,
a principio a regra do controle p2p não interfere no uso da webcam, mas de toda sorte, como vc fez a marcação dos pacotes2p (packet-mark=p2p).
talvez por esse caminho possamos desvendar o misterio.
post ae a regra e veremos o que podemos fazer.
abraços

Amigo Josevaldo, desde muit grato pela atenção.

Vamos lá...

/ ip firewall mangle
add chain=prerouting p2p=all-p2p action=mark-connection \
new-connection-mark=p2p passthrough=yes comment="bloquear p2p" \
disabled=no
add chain=prerouting connection-mark=p2p action=mark-packet \
new-packet-mark=p2p2 passthrough=yes comment="" disabled=no

add chain=forward src-address=192.168.201.0/26 protocol=tcp dst-port=21 \
action=mark-packet new-packet-mark=semlimite passthrough=yes \
comment="Marcando Pacotes Sem Limite Conexao Rede 192.168.201.x" \
disabled=no
add chain=forward src-address=192.168.201.0/26 protocol=tcp dst-port=22 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.201.0/26 protocol=tcp dst-port=23 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.201.0/26 protocol=tcp dst-port=25 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=yes
add chain=forward src-address=192.168.201.0/26 protocol=tcp dst-port=53 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.201.0/26 protocol=tcp dst-port=80 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=yes
add chain=forward src-address=192.168.201.0/26 protocol=tcp dst-port=110 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.201.0/26 protocol=tcp dst-port=443 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.201.0/26 protocol=tcp dst-port=8080 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.201.0/26 protocol=tcp dst-port=6891-6901 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.202.0/26 protocol=tcp dst-port=21 \
action=mark-packet new-packet-mark=semlimite passthrough=yes \
comment="Marcando Pacotes Sem Limite Conexao rede 192.168.202.x" \
disabled=no
add chain=forward src-address=192.168.202.0/26 protocol=tcp dst-port=22 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.202.0/26 protocol=tcp dst-port=23 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.202.0/26 protocol=tcp dst-port=25 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.202.0/26 protocol=tcp dst-port=53 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.202.0/26 protocol=tcp dst-port=80 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=yes
add chain=forward src-address=192.168.202.0/26 protocol=tcp dst-port=110 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.202.0/26 protocol=tcp dst-port=443 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=yes
add chain=forward src-address=192.168.202.0/26 protocol=tcp dst-port=8080 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.202.0/26 protocol=tcp dst-port=6891-6901 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.203.0/26 protocol=tcp dst-port=21 \
action=mark-packet new-packet-mark=semlimite passthrough=yes \
comment="Marcando Pacotes Sem Limite Conexao rede 192.168.203.x" \
disabled=no
add chain=forward src-address=192.168.203.0/26 protocol=tcp dst-port=22 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.203.0/26 protocol=tcp dst-port=23 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.203.0/26 protocol=tcp dst-port=25 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=yes
add chain=forward src-address=192.168.203.0/26 protocol=tcp dst-port=53 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.203.0/26 protocol=tcp dst-port=80 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=yes
add chain=forward src-address=192.168.203.0/26 protocol=tcp dst-port=110 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.203.0/26 protocol=tcp dst-port=443 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=yes
add chain=forward src-address=192.168.203.0/26 protocol=tcp dst-port=8080 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.203.0/26 protocol=tcp dst-port=6891-6901 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.204.0/26 protocol=tcp dst-port=21 \
action=mark-packet new-packet-mark=semlimite passthrough=yes \
comment="Marcando Pacotes Sem Limite Conexao rede 192.168.204.x" \
disabled=no
add chain=forward src-address=192.168.204.0/26 protocol=tcp dst-port=22 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.204.0/26 protocol=tcp dst-port=23 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.204.0/26 protocol=tcp dst-port=25 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=yes
add chain=forward src-address=192.168.204.0/26 protocol=tcp dst-port=53 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.204.0/26 protocol=tcp dst-port=80 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=yes
add chain=forward src-address=192.168.204.0/26 protocol=tcp dst-port=110 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.204.0/26 protocol=tcp dst-port=443 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=yes
add chain=forward src-address=192.168.204.0/26 protocol=tcp dst-port=8080 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no
add chain=forward src-address=192.168.204.0/26 protocol=tcp dst-port=6891-6901 \
action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
disabled=no

Se tiver uma maneira de otimizar todas essas regras sinta-se a vontade.....Abraços!!!

Caro colega tenta essas regras. Desabilite o P2P queues tree e crie em queues simple. A regra do QUEUEs deve sempre estar em primeiro.

/ ip firewall mangle

add chain=foward p2p=all-p2p action=mark-connection \
new-connection-mark=p2p passthrough=yes comment="bloquear p2p" disabled=no
add chain=foward connection-mark=p2p action=mark-packet \
new-packet-mark=p2p passthrough=yes comment="" disabled=no
add chain=foward connection-mark=!p2p action=mark-packet \
new-packet-mark=Outros passthrough=yes comment="" disabled=no

/ ip queue simple

add name="P2P" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=p2p direction=both priority=6 \
queue=default/default limit-at=0/0 max-limit=512000/512000 total-queue=default time=0s-24m,sun,mon,tue,wed,thu,fri,sat \
disabled=no

Amigo Minelli, gato pela atenção, coloquei as regras mas não marcou os pacotes!!!!!! estranho, pois pela logica deveria funcionar...

Postado originalmente por minelli

Caro colega tenta essas regras. Desabilite o P2P queues tree e crie em queues simple. A regra do QUEUEs deve sempre estar em primeiro.

/ ip firewall mangle

add chain=foward p2p=all-p2p action=mark-connection \
new-connection-mark=p2p passthrough=yes comment="bloquear p2p" disabled=no
add chain=foward connection-mark=p2p action=mark-packet \
new-packet-mark=p2p passthrough=yes comment="" disabled=no
add chain=foward connection-mark=!p2p action=mark-packet \
new-packet-mark=Outros passthrough=yes comment="" disabled=no

/ ip queue simple

add name="P2P" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=p2p direction=both priority=6 \
queue=default/default limit-at=0/0 max-limit=512000/512000 total-queue=default time=0s-24m,sun,mon,tue,wed,thu,fri,sat \
disabled=no

Amigo troca o forward por prerouting, e remova o "!" das regras, testa ae e posta os resultados.

Acabei me esquecendo, muda o connection-mark para p2p_conn para diferenciar do mark-packet que de ficar como p2p.

Colega, marcou porem nao efetuou a queue....

o prerouting pode ser mudado o restante nao faca o teste.