Olá pessoal, atualizamos recentimente a versão do nosso mikrotik para a 5.20, porem no backup que fizemos o cache não está funcionando, gostaria de ajuda para fazer o mesmo, abraçs.
Olá pessoal, atualizamos recentimente a versão do nosso mikrotik para a 5.20, porem no backup que fizemos o cache não está funcionando, gostaria de ajuda para fazer o mesmo, abraçs.
Verificou a regra:
/ip firewall nat add chain=dstnat protocol=tcp port=80
action=redirect to-ports=8080
para redirecionar tudo que for porta 80 para a porta do seu webproxy 8080 ou 3128 ou outra porta que vc usa
aproveitei seu problema e testei em uma RB com a versão 5.21 e funcionamento perfeito
funciona com uma máquina.
coloque tipo 50 máquinas pra vc ver.
não funciona 3 horas.
dai começa lentidão ,algumas páginas abre outras não.
alguns computadores funciona, outros não.
cara seria o sonho de todo provedor,
se pelo menos,veja bem, se pelo menos cache de páginas funcionasse direito. ( digo 100%)
desculpe meu descontentamento com cache's não é nada pessoal.
único cache de páginas que vi funcionar +ou- foi do pfsense.
agora de videos não vi nenhum ainda funcionar sem dar umas zica de vez em quando.
funciona bem só da gvt. rsrsrs
Uso aqui em empresas para controle de acesso a internet, mas claro que configuração limitando o tamanho do cache no osso para não dar estes problemas.
Para provedor o objetivo é realmente outro, economia de link, velocidade etc. Mas pra mim funciona muito bem para controle de acesso a web.
Qual será que a GVT usa? Próprio?
Tenho um problema parecido.
Acompanhando o tópico por enquanto...
Tambem sou doido pra saber qual a GVT usa.
Boa Tarde Galera espero ajudar voce vou passar para voces configuração da Cache full + Proxy.
/IP Firewall nat
add action=redirect chain=dstnat comment="Redirecionamento do Proxy" disabled=\
no dst-port=80 protocol=tcp to-ports=8080
/ip proxy
set always-from-cache=yes cache-administrator=webmaster cache-hit-dscp=4 \
cache-on-disk=yes enabled=yes max-cache-size=unlimited \
max-client-connections=600 max-fresh-time=3d max-server-connections=600 \
parent-proxy=0.0.0.0 parent-proxy-port=0 port=8080 serialize-connections=\
no src-address=0.0.0.0
/ip proxy cache
add action=deny disabled=no dst-host=":cgi-bin \\\?" dst-port=""
add action=deny disabled=no dst-host=https: dst-port="" path=/
add action=allow disabled=no dst-host=http: dst-port="" path=\
/www.rjnet.com.br/2velocimetro.php
add action=allow disabled=no dst-host=http: dst-port="" path=/www.terra.com.br
add action=deny disabled=no dst-host=":cgi-bin \\\\\\\?" dst-port=""
add action=deny disabled=no dst-host=https: dst-port="" path=/
add action=allow disabled=no dst-host=http: dst-port="" path=\
/www.rapidus.com.br/velocidade/
add action=allow disabled=no dst-host=http: dst-port="" path=/www.bol.com.br
add action=allow disabled=no dst-host=http: dst-port="" path=/www.orkut.com
add action=allow disabled=no dst-host=http: dst-port="" path=\
/www.autonoma.com.br/medidor/meter.php
add action=allow disabled=no dst-host=http: dst-port="" path=\
/medidor.brisanet.com.br/
add action=deny disabled=no dst-host=https: dst-port="" path=\
/portal.directv.com.br
add action=deny disabled=no dst-host=http: dst-port="" path=\
/chat03.terra.com.br/
add action=allow disabled=no dst-host=http*youtube*get_video* dst-port=""
add action=allow disabled=no dst-host=http*youtube*video* dst-port=""
add action=allow disabled=no dst-host="http*youtube*yva_get_video_inf o*" \
dst-port=""
add action=allow disabled=no dst-host="\":\\\\\\\\.flv\$\"" dst-port=""
add action=allow disabled=no dst-host=http*globo*get_video* dst-port=""
add action=allow disabled=no dst-host=http*globo*video* dst-port=""
add action=allow disabled=no dst-host=http*googlevideo*get_video* dst-port=""
add action=allow disabled=no dst-host=http*googlevideo*video* dst-port=""
add action=allow disabled=no dst-host=http*video.google*get_video* dst-port=""
add action=allow disabled=no dst-host=http*video.google*video* dst-port=""
add action=allow disabled=no dst-host=http*videoplay* dst-port=""
add action=allow disabled=no dst-host=http*74.125.15.83*get_video* dst-port=""
add action=allow disabled=no dst-host=: dst-port="" path=:.swf*
add action=deny disabled=no dst-host=":cgi-bin \\\?" dst-port=""
add action=deny disabled=no dst-host=https: dst-port="" path=/
add action=deny disabled=no dst-host=":cgi-bin \\\?" dst-port=""
add action=deny disabled=no dst-host=start.com.br dst-port=""
add action=deny disabled=no dst-host=http: dst-port="" path=/speed
add action=deny disabled=no dst-host=https: dst-port="" path=/
add action=allow disabled=no dst-host=":\\.exe\$" dst-port=""
add action=allow disabled=no dst-host=":\\.zip\$" dst-port=""
add action=allow disabled=no dst-host=":\\.mpeg\$" dst-port=""
add action=allow disabled=no dst-host=":\\.avi\$" dst-port=""
add action=allow disabled=no dst-host=":\\.pdf\$" dst-port=""
add action=allow disabled=no dst-host=":\\.css\$" dst-port=""
add action=allow disabled=no dst-host=":\\.rar\$" dst-port=""
add action=allow disabled=no dst-host=":\\.mov\$" dst-port=""
add action=allow disabled=no dst-host=":\\.mpg\$" dst-port=""
add action=allow disabled=no dst-host=":\\.iso\$" dst-port=""
add action=allow disabled=no dst-host=":\\.bin\$" dst-port=""
add action=allow disabled=no dst-host=":\\.dat\$" dst-port=""
add action=allow disabled=no dst-host=www.terra.com.br dst-port=""
add action=deny disabled=no dst-host=":cgi-bin \\\\\\\?" dst-port=""
add action=deny disabled=no dst-host=https:/ dst-port=""
add action=allow disabled=no dst-host=http: dst-port="" path=\
/www.rapidus.com.br/velocidade/
add action=allow disabled=no dst-host=http: dst-port="" path=/www.bol.com.br
add action=allow disabled=no dst-host=http: dst-port="" path=/www.orkut.com
add action=allow disabled=no dst-host=http: dst-port="" path=\
/www.autonoma.com.br/medidor/meter.php
add action=allow disabled=no dst-host=http: dst-port="" path=\
/medidor.brisanet.com.br/
add action=deny disabled=no dst-host=https: dst-port="" path=\
/portal.directv.com.br
add action=deny disabled=no dst-host=http://chat03.terra.com.br/ dst-port=""
add action=allow disabled=no dst-host=http*youtube*get_video* dst-port=""
add action=allow disabled=no dst-host=http*youtube*video* dst-port=""
add action=allow disabled=no dst-host="http*youtube*yva_get_video_inf o*" \
dst-port=""
add action=allow disabled=no dst-host="\":\\\\\\\\.flv\$\"" dst-port=""
add action=allow disabled=no dst-host=http*globo*get_video* dst-port=""
add action=allow disabled=no dst-host=http*globo*video* dst-port=""
add action=allow disabled=no dst-host=http*googlevideo*get_video* dst-po
add action=allow disabled=no dst-host=http*googlevideo*video* dst-port="
add action=allow disabled=no dst-host=http*video.google*get_video* dst-p
add action=allow disabled=no dst-host=http*video.google*video* dst-port=
add action=allow disabled=no dst-host=http*videoplay* dst-port=""
add action=allow disabled=no dst-host=http*74.125.15.83*get_video* dst-p
add action=allow disabled=no dst-host=::.swf* dst-port="" path=""
add action=deny disabled=no dst-host=":cgi-bin \\\?" dst-port=""
add action=deny disabled=no dst-host=":cgi-bin \\\?" dst-port=""
add action=deny disabled=no dst-host=start.com.br dst-port=""
add action=deny disabled=no dst-host=http://speed dst-port="" path=""
add action=allow disabled=no dst-host=":\\.exe\$" dst-port=""
add action=allow disabled=no dst-host=":\\.zip\$" dst-port=""
add action=allow disabled=no dst-host=":\\.mpeg\$" dst-port=""
add action=allow disabled=no dst-host=":\\.avi\$" dst-port=""
add action=allow disabled=no dst-host=":\\.pdf\$" dst-port=""
add action=allow disabled=no dst-host=":\\.css\$" dst-port=""
add action=allow disabled=no dst-host=":\\.rar\$" dst-port=""
add action=allow disabled=no dst-host=":\\.mov\$" dst-port=""
add action=allow disabled=no dst-host=":\\.mpg\$" dst-port=""
add action=allow disabled=no dst-host=":\\.iso\$" dst-port=""
add action=allow disabled=no dst-host=":\\.bin\$" dst-port=""
add action=allow disabled=no dst-host=":\\.dat\$" dst-port=""
/ip firewall mangle
add action=mark-connection chain=output comment="2-PROXY FULL" disabled=no \
dscp=4 new-connection-mark=proxyfull passthrough=yes protocol=tcp \
src-port=8080
add action=mark-packet chain=output connection-mark=proxyfull disabled=no \
new-packet-mark=proxyfull passthrough=yes
add action=return chain=output connection-mark=proxyfull disabled=no
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=5M \
max-limit=5M name="2 - CACHE-FULL" packet-mark=proxyfull parent=\
global-out priority=1 queue=default
Preciso muito da ajuda de vocês, amigos, tenho um mk 5.18 x86. Os downloads dos clientes são interrompidos depois de 20mb baixados. Os menores baixam numa boa. Tenho um link de 10 mb e clientes em ppoe e hotspot no mesmo servidor no mesmo pool de ip. Aparentemente tudo numa boa. Já ouvi conselhos de alterar os time-out dos clientes os idle-time também. Tudo sem resultado. Alguém pode me dar uma dica?..... Detalhe. Se eu reiniciar o servidor agora ele baixa os arquivos de 100mb 200mb normalmente. Só que depois de um tempo ele dá a zica... interrompe os downloads depois de 20mb. Não tenho regras mirabolantes. vou postar minhas regras do firewall
/ip firewall layer7-protocol
add comment="Marca Radios" name=Radios regexp="asx|radio|asx|app.radio|applicati\
on/mplayer2|application|mplayer2|video/x-ms-asf-plugin|asx|swf|x-ms-asf-plug\
in|http://aovivo.ne10.uol.com.br/radioj...radio=cbn|wmx\
|shoutcast"
add name="Marca Videos" regexp=player
add name=Tv-online regexp=flv|.f4v|.f4p|.f4a|.f4b||video|x-flv|video|mp4
add name=JCCBN regexp=jc
add name=Medidor regexp=speed
add name=Youtube regexp="^.+(c.youtube.com).*\$"
add name=100bao regexp="^\01\01\05\
\n"
/ip firewall address-list
add address=69.147.95.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
list=nobalance
add address=209.191.106.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
list=nobalance
add address=74.6.228.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
list=nobalance
add address=98.136.131.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
list=nobalance
add address=200.143.37.0/24 comment="\"\"\"\"WEBMOTORS\"\"\"\"" disabled=no \
list=nobalance
add address=65.54.0.0/16 comment=MSN1 disabled=no list=nobalance
add address=207.46.0.0/16 comment=MSN2 disabled=no list=nobalance
add address=64.4.0.0/16 comment=MSN3 disabled=no list=nobalance
add address=200.143.0.0/16 comment=Pagdigital disabled=no list=nobalance
add address=201.88.0.0/16 comment=f2b disabled=no list=nobalance
add address=200.201.0.0/16 comment="caixa economica" disabled=no list=nobalance
add address=170.66.0.0/16 comment="bb do brasil" disabled=no list=nobalance
add address=200.155.0.0/16 comment=bradesco disabled=no list=nobalance
add address=200.196.0.0/16 comment=itau disabled=no list=nobalance
add address=200.208.0.0/16 comment=sudameris disabled=no list=nobalance
add address=200.220.0.0/16 comment=santander disabled=no list=nobalance
add address=201.63.0.0/16 comment="wwws bradesco" disabled=no list=nobalance
add address=65.55.0.0/16 comment=MSN4 disabled=no list=nobalance
add address=74.52.0.0/16 comment="caixa economica" disabled=no list=nobalance
add address=174.133.0.0/16 comment="caixa economica" disabled=no list=nobalance
add address=200.219.137.0/24 disabled=no list=nobalance
add address=200.252.8.0/24 disabled=no list=nobalance
add address=201.2.207.0/24 disabled=no list=nobalance
add address=200.196.226.0/24 disabled=no list=nobalance
add address=201.24.72.0/24 disabled=no list=nobalance
add address=78.46.46.139 disabled=no list=nobalance
add address=69.147.95.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
list=nobalance
add address=209.191.106.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
list=nobalance
add address=74.6.228.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
list=nobalance
add address=98.136.131.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
list=nobalance
add address=200.143.37.0/24 comment="\"\"\"\"WEBMOTORS\"\"\"\"" disabled=no \
list=nobalance
add address=65.54.0.0/16 comment=MSN1 disabled=no list=nobalance
add address=207.46.0.0/16 comment=MSN2 disabled=no list=nobalance
add address=64.4.0.0/16 comment=MSN3 disabled=no list=nobalance
add address=200.143.0.0/16 comment=Pagdigital disabled=no list=nobalance
add address=201.88.0.0/16 comment=f2b disabled=no list=nobalance
add address=200.201.0.0/16 comment="caixa economica" disabled=no list=nobalance
add address=170.66.0.0/16 comment="bb do brasil" disabled=no list=nobalance
add address=200.155.0.0/16 comment=bradesco disabled=no list=nobalance
add address=200.196.0.0/16 comment=itau disabled=no list=nobalance
add address=200.208.0.0/16 comment=sudameris disabled=no list=nobalance
add address=200.220.0.0/16 comment=santander disabled=no list=nobalance
add address=201.63.0.0/16 comment="wwws bradesco" disabled=no list=nobalance
add address=65.55.0.0/16 comment=MSN4 disabled=no list=nobalance
add address=74.52.0.0/16 comment="caixa economica" disabled=no list=nobalance
add address=74.125.0.0/16 comment="caixa economica" disabled=no list=nobalance
add address=174.133.0.0/16 comment="caixa economica" disabled=no list=nobalance
add address=200.219.137.0/24 disabled=no list=nobalance
add address=200.252.8.0/24 disabled=no list=nobalance
add address=201.2.207.0/24 disabled=no list=nobalance
add address=200.196.226.0/24 disabled=no list=nobalance
add address=201.24.72.0/24 disabled=no list=nobalance
add address=78.46.46.139 disabled=no list=nobalance
add address=200.147.22.115 disabled=no list=nobalance
add address=200.147.36.16 disabled=no list=nobalance
add address=200.147.100.28 disabled=no list=nobalance
add address=208.117.224.0/24 disabled=no list=Youtube
add address=208.117.225.0/24 disabled=no list=Youtube
add address=208.117.228.0/24 disabled=no list=Youtube
add address=208.117.229.0/24 disabled=no list=Youtube
add address=208.117.232.0/24 disabled=no list=Youtube
add address=208.117.233.0/24 disabled=no list=Youtube
add address=208.117.234.0/24 disabled=no list=Youtube
add address=208.117.238.0/24 disabled=no list=Youtube
add address=208.65.152.0/24 disabled=no list=Youtube
add address=208.65.153.0/24 disabled=no list=Youtube
add address=208.65.154.0/24 disabled=no list=Youtube
add address=64.15.112.0/20 disabled=no list=Youtube
add address=208.117.236.0/24 disabled=no list=Youtube
add address=74.125.96.0/19 disabled=no list=Youtube
add address=72.14.221.0/24 disabled=no list=Youtube
add address=84.53.128.0/18 comment=Redtube disabled=no list=Youtube
add address=87.248.192.0/19 comment=Youporn disabled=no list=Youtube
add address=216.155.128.0/19 comment=Redtube disabled=no list=Youtube
add address=208.73.208.0/21 comment=Redtube disabled=no list=Youtube
add address=66.55.140.0/23 comment=Redtube disabled=no list=Youtube
add address=74.125.208.0/24 disabled=no list=Youtube
add address=189.28.144.12 disabled=no list=medidor
add address=198.173.106.104 disabled=no list=medidor
add address=200.233.43.14 disabled=no list=medidor
add address=67.15.120.26 disabled=no list=medidor
add address=200.233.47.4 disabled=no list=medidor
add address=200.216.69.232 disabled=no list=medidor
add address=72.232.17.106 disabled=no list=medidor
add address=208.48.246.14 disabled=no list=medidor
add address=201.7.176.59 disabled=no list=medidor
add address=200.203.134.5 disabled=no list=medidor
add address=208.109.101.166 disabled=no list=medidor
add address=200.181.108.29 disabled=no list=medidor
add address=75.126.168.3 disabled=no list=medidor
add address=200.229.0.164 disabled=no list=medidor
add address=200.185.109.83 disabled=no list=medidor
add address=204.16.1.252 disabled=no list=medidor
add address=189.44.84.20 disabled=no list=medidor
add address=200.159.128.189 disabled=no list=medidor
add address=200.195.0.0/24 disabled=no list=speed
add address=200.98.131.15 comment="MINHA CONEXAO" disabled=no list=medidor
add address=186.202.179.180 disabled=no list=nobalance
add address=200.221.0.0/16 disabled=no list=nobalance
add address=200.221.0.0/24 disabled=no list=nobalance
add address=200.147.0.0/24 comment=JCCBN disabled=no list=nobalance
add address=74.209.160.12 comment=http://www.speedtest.net/ disabled=no list=\
medidor
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d tcp-fin-wait-timeout=\
10s tcp-last-ack-timeout=10s tcp-syn-received-timeout=5s \
tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s \
udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=drop chain=forward comment="bloquear p2p" disabled=no p2p=all-p2p
add action=accept chain=input comment="ACEITAR CONEXOES PROXY" disabled=yes \
dst-port=8080 protocol=tcp
add action=accept chain=input comment="ACEITAR RADIOS" disabled=no \
layer7-protocol=Radios
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" \
disabled=yes
add action=accept chain=input comment="Melhorias No MSN" disabled=no dst-port=\
1863 protocol=tcp
add action=accept chain=input disabled=no protocol=tcp src-port=1863
add action=accept chain=input disabled=no dst-port=443 protocol=tcp
add action=accept chain=forward disabled=no dst-port=443 protocol=tcp
Espero uma ajuda.
Desde já obrigado
aqui estão o restante das Regras
/ip firewall mangle
add action=mark-connection chain=output comment="2-PROXY FULL" disabled=no \
dscp=4 new-connection-mark=proxyfull passthrough=yes protocol=tcp src-port=\
8080
add action=mark-packet chain=output connection-mark=proxyfull disabled=no \
new-packet-mark=proxyfull passthrough=yes
add action=return chain=output connection-mark=proxyfull disabled=no
add action=mark-connection chain=output comment="2-PROXY FULL" disabled=yes \
dscp=4 new-connection-mark=cache-hits passthrough=yes
add action=mark-packet chain=output connection-mark=cache-hits disabled=yes \
new-packet-mark=cache-hits passthrough=no
add action=return chain=output connection-mark=cache-hits disabled=yes
add action=mark-connection chain=prerouting comment="YOUTUBE - MARCAR PACOTES" \
disabled=no layer7-protocol=Youtube new-connection-mark=YTB passthrough=yes
add action=mark-packet chain=prerouting connection-mark=YTB disabled=no \
new-packet-mark=youtube passthrough=no
add action=mark-connection chain=postrouting disabled=no layer7-protocol=\
Youtube new-connection-mark=YTB passthrough=yes
add action=mark-packet chain=postrouting connection-mark=YTB disabled=no \
new-packet-mark=youtube passthrough=no
add action=mark-connection chain=prerouting comment=SPC content=spc disabled=no \
new-connection-mark=JCCBN passthrough=yes
add action=mark-connection chain=postrouting content=spc disabled=no \
new-connection-mark=JCCBN passthrough=yes
add action=mark-packet chain=prerouting connection-mark=JCCBN content=spc \
disabled=no new-packet-mark=JCPACK passthrough=no
add action=mark-packet chain=postrouting connection-mark=JCCBN disabled=no \
layer7-protocol=JCCBN new-packet-mark=JCPACK passthrough=no
add action=mark-connection chain=prerouting comment=BLOGSPOT content=blog \
disabled=no new-connection-mark=BLG passthrough=yes
add action=mark-connection chain=postrouting content=blog disabled=no \
new-connection-mark=BLG passthrough=yes
add action=mark-packet chain=prerouting connection-mark=BLG disabled=no \
new-packet-mark=BLGPACK passthrough=no
add action=mark-packet chain=postrouting connection-mark=BLG disabled=no \
new-packet-mark=BLGPACK passthrough=no
add action=mark-packet chain=prerouting disabled=no new-packet-mark=gradpack \
passthrough=yes protocol=tcp src-port=9000-10000
add action=mark-packet chain=postrouting disabled=no dst-port=9000-10000 \
new-packet-mark=gradpack passthrough=yes protocol=tcp src-port=9000-10000
add action=mark-connection chain=prerouting connection-mark=grad disabled=no \
new-connection-mark=gradpack passthrough=yes protocol=tcp src-port=\
9000-10000
add action=mark-connection chain=postrouting disabled=no dst-port=9000-10000 \
new-connection-mark=grad passthrough=yes protocol=tcp src-port=9000-10000
/ip firewall nat
add action=redirect chain=dstnat comment="Redirecionamento do Proxy" disabled=\
no dst-port=80 protocol=tcp to-ports=8080
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" \
disabled=yes
add action=redirect chain=dstnat comment="Redirecionamento do Proxy" disabled=\
yes dscp=4 dst-port=80 protocol=tcp src-address=192.168.30.0/24 to-ports=\
8080
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no src-address=192.168.30.0/24 to-addresses=0.0.0.0
add action=accept chain=dstnat comment=\
"\"\"\"\"\"\"SERVI\C7OS NOBRES FORA DO PROXY\"\"\"\"\"\"" disabled=no \
dst-address-list=nobalance
add action=accept chain=dstnat comment=Radios disabled=yes layer7-protocol=\
Radios
add action=accept chain=dstnat comment=JC disabled=yes dst-address=\
200.147.36.16 protocol=tcp
add action=accept chain=dstnat comment=\
"Com essas regras estabiliza o MSN,Hotmail,Gmail e outros" disabled=no \
dst-address=207.46.0.0/16
add action=accept chain=dstnat disabled=no dst-address=64.4.0.0/24
add action=accept chain=dstnat disabled=no dst-address=65.54.0.0/24
add action=accept chain=dstnat disabled=no dst-address=207.68.128.0/24
add action=accept chain=dstnat disabled=no dst-address=64.4.0.0/24
add action=accept chain=dstnat disabled=no dst-address=213.199.144.0/24
add action=accept chain=dstnat disabled=no dst-address=65.52.0.0/24
add action=accept chain=dstnat disabled=no dst-address=200.208.0.0/24
add action=accept chain=dstnat disabled=no dst-address=200.249.150.0/24
add action=accept chain=dstnat disabled=no dst-address=200.167.67.0/24
add action=accept chain=dstnat disabled=no dst-address=200.179.42.0/24
add action=accept chain=dstnat disabled=no dst-address=200.249.84.24
add action=accept chain=dstnat disabled=no dst-address=200.201.173.24
add action=accept chain=dstnat disabled=no dst-address=200.201.174.24
add action=accept chain=dstnat disabled=no dst-address=200.220.254.24
add action=accept chain=dstnat disabled=no dst-address=200.217.233.0/24
add action=accept chain=dstnat disabled=no dst-address=200.172.181.0/24
add action=accept chain=dstnat disabled=no dst-address=200.141.204.0/24
add action=accept chain=dstnat comment=WinBox connection-limit=100,32 disabled=\
no dst-port=8291 protocol=tcp time=0s-0s,sun,mon,tue,wed,thu,fri,sat
add action=dst-nat chain=dstnat comment="acesso puty mk-auth" disabled=yes \
dst-port=75 protocol=tcp to-addresses=172.31.255.2 to-ports=22
add action=accept chain=dstnat comment="Radio Uol" disabled=no dst-address=\
200.221.8.24 protocol=tcp
add action=accept chain=dstnat comment=CEF disabled=no dst-address=200.201.0.16
add action=accept chain=dstnat disabled=no src-address=200.155.0.16
add action=accept chain=dstnat disabled=no dst-address=200.141.204.24
add action=dst-nat chain=dstnat disabled=no dst-port=82 protocol=tcp \
to-addresses=172.31.255.2 to-ports=10000
add action=dst-nat chain=dstnat disabled=no dst-port=86 protocol=tcp \
to-addresses=172.31.255.2 to-ports=80
add action=accept chain=dstnat disabled=no dst-address=200.221.0.16 protocol=\
tcp
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061 sip-direct-media=yes
set pptp disabled=no
essa regras evitam o cache do youtube? e de outros videos?