MK 3.6 - Problemas - Continuação 2/3
IP Firewall Mangle
Código :
add action=mark-packet chain=output comment="" connection-mark=Squid_conn_HIT disabled=no new-packet-mark=Squid_packet_HIT \
passthrough=no
add action=mark-connection chain=forward comment="P2P - Total" disabled=no new-connection-mark=p2p_conn p2p=all-p2p \
passthrough=yes
add action=mark-packet chain=forward comment="" connection-mark=p2p_conn disabled=no new-packet-mark=p2p_packet \
passthrough=yes
add action=mark-packet chain=forward comment="" connection-mark=!p2p_conn disabled=no new-packet-mark=other \
passthrough=yes
add action=mark-connection chain=prerouting comment="Voip - Extreme" disabled=no dst-address-list=Voip_List \
new-connection-mark=voip_conn passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=voip_conn disabled=no new-packet-mark=Voip_packet \
passthrough=yes
add action=change-dscp chain=postrouting comment="" connection-mark=voip_conn disabled=no new-dscp=4
add action=mark-connection chain=prerouting comment="CONTROLE ICMP" disabled=no new-connection-mark=ICMP_conn \
passthrough=yes protocol=icmp
add action=mark-packet chain=prerouting comment="" connection-mark=ICMP_conn disabled=no new-packet-mark=ICMP_packet \
passthrough=no
add action=mark-connection chain=prerouting comment="CONTROLE NAVEGACAO" disabled=no dst-port=443 \
new-connection-mark=Navegacao_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=yes dst-port=80 new-connection-mark=Navegacao_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=53 new-connection-mark=Navegacao_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=53 new-connection-mark=Navegacao_conn \
passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=21 new-connection-mark=Navegacao_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=8080 new-connection-mark=Navegacao_conn \
passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=Navegacao_conn disabled=no \
new-packet-mark=Navegacao_packet passthrough=no
add action=mark-connection chain=prerouting comment="CONTROLE E-MAIL" disabled=no dst-port=110 \
new-connection-mark=E-mail_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=25 new-connection-mark=E-mail_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=25 new-connection-mark=E-mail_conn \
passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="" connection-mark=E-mail_conn disabled=no new-packet-mark=E-mail_packet \
passthrough=no
add action=mark-connection chain=prerouting comment="Radio" disabled=no dst-port=554 new-connection-mark=Radio_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=1755 new-connection-mark=Radio_conn \
passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=Radio_conn disabled=no new-packet-mark=Radio_packet \
passthrough=no
add action=mark-connection chain=prerouting comment="CONTROLE MESSENGER" disabled=no dst-port=1863 \
new-connection-mark=Messenger_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=1863 new-connection-mark=Messenger_conn \
passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=6891-6901 new-connection-mark=Messenger_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=6891-6901 new-connection-mark=Messenger_conn \
passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=5190 new-connection-mark=Messenger_conn \
passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="" connection-mark=Messenger_conn disabled=no \
new-packet-mark=Messenger_packet passthrough=no
add action=mark-connection chain=prerouting comment="CONTROLE ACESSO REMOTO - SSH" disabled=no dst-port=22 \
new-connection-mark=Acesso_remoto_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="Telnet" disabled=no dst-port=23 \
new-connection-mark=Acesso_remoto_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="Terminal Server" disabled=no dst-port=3389 \
new-connection-mark=Acesso_remoto_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="VNC" disabled=no dst-port=5800 new-connection-mark=Acesso_remoto_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=5900 new-connection-mark=Acesso_remoto_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="Winbox" disabled=no dst-port=8291 \
new-connection-mark=Acesso_remoto_conn passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=Acesso_remoto_conn disabled=no \
new-packet-mark=Acesso_remoto_packet passthrough=no
add action=mark-connection chain=prerouting comment="CONTROLE BANCO DE DADOS - SQL" disabled=no dst-port=3306 \
new-connection-mark=Banco_dados_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="Oracle" disabled=no dst-port=1521 \
new-connection-mark=Banco_dados_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="Microsoft SQL Server" disabled=no dst-port=1433-1434 \
new-connection-mark=Banco_dados_conn passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=Banco_dados_conn disabled=no \
new-packet-mark=Banco_dados_packet passthrough=no
add action=mark-connection chain=prerouting comment="CONTROLE JOGOS" disabled=no dst-port=7171 \
new-connection-mark=Jogos_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=27015 new-connection-mark=Jogos_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="Mu Online" disabled=no dst-port=55905 new-connection-mark=Jogos_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=55905 new-connection-mark=Jogos_conn \
passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="Line Age" disabled=no dst-port=4376 new-connection-mark=Jogos_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=4376 new-connection-mark=Jogos_conn \
passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="WarCraft" disabled=no dst-port=6112 new-connection-mark=Jogos_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=6112 new-connection-mark=Jogos_conn \
passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=4500 new-connection-mark=Jogos_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=4500 new-connection-mark=Jogos_conn \
passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=6900 new-connection-mark=Jogos_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=6900 new-connection-mark=Jogos_conn \
passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=5000 new-connection-mark=Jogos_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=5000 new-connection-mark=Jogos_conn \
passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="Counter Strike" disabled=no dst-port=27018 \
new-connection-mark=Jogos_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=27018 new-connection-mark=Jogos_conn \
passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=27015 new-connection-mark=Jogos_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=27015 new-connection-mark=Jogos_conn \
passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=27020 new-connection-mark=Jogos_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=27020 new-connection-mark=Jogos_conn \
passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=27019 new-connection-mark=Jogos_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=27019 new-connection-mark=Jogos_conn \
passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=27013 new-connection-mark=Jogos_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=27013 new-connection-mark=Jogos_conn \
passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="" connection-mark=Jogos_conn disabled=no new-packet-mark=Jogos_packet \
passthrough=no
..... continua na proxima.
MK 3.6 - Problemas - Continuação 3/3
IP Firewall ADDRESS-LIST
Código :
add address=65.54.0.0/16 comment="" disabled=no list=msn_server
add address=64.4.0.0/16 comment="" disabled=no list=msn_server
add address=207.46.0.0/16 comment="" disabled=no list=msn_server
add address=192.168.0.244 comment="" disabled=yes list=Clientes_Blok
add address=204.9.202.0/24 comment="" disabled=no list=Voip_List
add address=192.168.30.1 comment="" disabled=no list=Free_Conn
add address=192.168.10.1 comment="" disabled=no list=Free_Conn
add address=200.201.174.0/24 comment="" disabled=no list=msn_server
add address=207.46.110.0/24 comment="" disabled=no list=msn_server
add address=10.0.0.0/24 comment="" disabled=no list=Free_Conn
add address=192.168.20.0/24 comment="" disabled=no list=Free_Conn
IP Address
Código :
add address=10.0.0.2/24 broadcast=10.0.0.255 comment="Router - Link" disabled=no interface=Router network=10.0.0.0
add address=192.168.20.1/24 broadcast=192.168.20.255 comment="" disabled=no interface=Rede_Int network=192.168.20.0
IP Route
Código :
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.0.0.1 scope=255 target-scope=10
IP DNS
Código :
add address=200.168.234.109 disabled=no name="GFirstnet" ttl=1d
add address=208.67.222.222 disabled=no name="OpenDNS" ttl=1d
add address=208.67.220.220 disabled=no name="OpenDNS1" ttl=1d
add address=200.204.0.10 disabled=no name="Telefonica" ttl=1d
add address=200.204.0.138 disabled=no name="Telefonica1" ttl=1d
IP DNS Cache
Código :
Flags: S - static
# NAME ADDRESS TTL
0 S gfirstnet 200.168.234.109 1d
1 S opendns 208.67.222.222 1d
2 S opendns1 208.67.220.220 1d
3 S telefonica 200.204.0.10 1d
4 S telefonica1 200.204.0.138 1d
5 a.l.google.com 209.85.139.9 20h4m9s
6 b.l.google.com 64.233.179.9 20h6m31s
7 c.l.google.com 64.233.161.9 20h7m54s
8 d.l.google.com 66.249.93.9 20h3m18s
9 e.l.google.com 209.85.137.9 19h41m50s
10 f.l.google.com 72.14.235.9 21h49m10s
11 g.l.google.com 64.233.167.9 20h4m45s
12 c.ns.nsatc.net 64.152.2.44 1d22h2m5s
13 d.ns.nsatc.net 205.128.93.51 1d21h49m57s
14 l.ns.nsatc.net 65.57.86.48 1d21h49m55s
15 us-ga-1.ns.nsatc.net 208.172.65.40 1d2h34m1s
16 za.akadns.org 195.219.3.169 1d20h25m51s
17 zb.akadns.org 206.132.100.105 1d20h39m39s
18 zc.akadns.org 124.211.40.4 1d11h5m16s
19 zd.akadns.org 63.209.3.132 1d20h30m12s
20 eur1.akadns.net 213.254.204.197 1d18h4m58s
21 use3.akadns.net 204.2.178.133 1d16h4m48s
22 use4.akadns.net 208.44.108.137 1d16h4m51s
23 usw2.akadns.net 63.209.3.132 1d16h4m48s
24 asia9.akadns.net 220.73.220.4 1d16h4m55s
25 ns1.msft.net 207.68.160.190 19h27m20s
26 ns4.msft.net 207.46.66.126 13h2m17s
27 b.ns.c.footprint.net 209.84.2.47 1d7h23m24s
28 e.ns.c.footprint.net 8.12.213.51 1d19h59m2s
29 us-ga-1.ns.c.footprint.net 4.78.212.40 19h34m50s
30 us-nj-1.ns.c.footprint.net 63.208.106.76 19h34m50s
31 glb04.aqnt.com 65.203.229.15 1d23h8m8s
32 glb05.aqnt.com 12.130.62.15 1d4h11m16s
33 glb06.aqnt.com 206.16.21.22 1d4h11m16s
34 dns1.name-services.com 69.25.142.42 23h29m17s
IP Web-Proxy Settings
Código :
/ip proxy
set always-from-cache=yes cache-administrator="[EMAIL="[email protected]"][email protected][/EMAIL]" cache-drive=secondary-master cache-hit-dscp=4 \
cache-on-disk=yes enabled=yes max-cache-size=unlimited max-client-connections=1000 max-fresh-time=3d \
max-server-connections=1000 parent-proxy=0.0.0.0 parent-proxy-port=0 port=8080 serialize-connections=yes \
src-address=0.0.0.0
IP Web-Proxy Access
Código :
/ip proxy access
add action=allow comment="Libera Tudo - Por Classe." disabled=no src-address=192.168.0.0/16
add action=deny comment="Block Telnet & Spam E-mail Relaying" disabled=no dst-port=23-25
add action=deny comment="allow CONNECT only to SSL ports 443 [https] and 563 [snews]" disabled=no dst-port=!443,563
add action=deny comment="Bloqueia Tudo" disabled=no
IP Web-Proxy Cache
Código :
add action=allow comment="Dont cache Dynamic HTTPS Pages" disabled=no dst-host=https://
add action=allow comment="Dont cache Dynamic HTTP Pages" disabled=no dst-host=":cgi-bin \\\?"
IP Web-Proxy Direct
Código :
add action=allow comment="Conectividade Social" disabled=no dst-address=200.201.0.0/16
Queue Simple
Código :
/queue simple
add comment="" direction=both disabled=no dst-address=0.0.0.0/0 interface=all limit-at=64000/64000 max-limit=64000/64000 \
name="P2P" packet-marks=p2p_packet parent=none priority=1 queue=ethernet-default/ethernet-default \
time=0s-24m,sun,mon,tue,wed,thu,fri,sat total-queue=ethernet-default
add comment="" direction=both disabled=no dst-address=0.0.0.0/0 interface=Rede_Int limit-at=0/0 max-limit=0/0 \
name="Rede_Interna" parent=none priority=8 queue=ethernet-default/ethernet-default target-addresses=192.168.20.0/24 \
total-queue=ethernet-default
add comment="" direction=both disabled=no dst-address=0.0.0.0/0 interface=WLan_1 limit-at=0/0 max-limit=0/0 name="WLan - \
Wireless" parent=none priority=8 queue=wireless-default/wireless-default target-addresses=192.168.30.0/24 \
total-queue=wireless-default
add comment="" direction=both disabled=no dst-address=0.0.0.0/0 interface=Rede_Int limit-at=0/0 max-limit=0/0 \
name="Cabo_Net" parent=none priority=8 queue=ethernet-default/ethernet-default target-addresses=192.168.10.0/24 \
total-queue=ethernet-default
Queue Tree
Código :
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="squid" \
packet-mark=Squid_packet_HIT parent=global-out priority=2 queue=ethernet-default
Interface Ethernet
Código :
set 0 arp=enabled auto-negotiation=yes cable-settings=default comment="" disable-running-check=yes disabled=no \
full-duplex=yes mac-address=00:00:00:00:00:00 mtu=1500 name="Rede_Int" speed=100Mbps
set 1 arp=enabled auto-negotiation=yes cable-settings=default comment="" disable-running-check=yes disabled=no \
full-duplex=yes mac-address=00:00:00:00:00:00 mtu=1500 name="Cabo_Net" speed=100Mbps
set 2 arp=enabled auto-negotiation=yes cable-settings=default comment="" disable-running-check=yes disabled=no \
full-duplex=yes mac-address=00:00:00:00:00:00 mtu=1500 name="Router" speed=100Mbps
Interface Wireless
Código :
0 name="WLan_1" mtu=1500 mac-address=00:00:00:00:00:00 arp=enabled interface-type=Atheros AR5213 mode=ap-bridge
ssid="MEUSSID" frequency=2437 band=2.4ghz-b/g scan-list=default antenna-mode=ant-a wds-mode=disabled
wds-default-bridge=none wds-ignore-ssid=no default-authentication=yes default-forwarding=yes default-ap-tx-limit=0
default-client-tx-limit=0 hide-ssid=no security-profile=default compression=no
Pessoal se faltou alguma configuração necessaria para analize, me desculpem, pois foram tantas que posso ter me embaralhado.
Caso tenha faltado é só pedir que eu adiciono sem problemas.