Página 1 de 3 123 ÚltimoÚltimo
+ Responder ao Tópico



  1. Pessoal, estou tendo problemas com minha rede, a net está ficnado lenta quando o pessoal começa baixar em p2p, o problema que fiz as regras d controle, que tem nós tutoriais e não está adiantando. oque devo fazer???

  2. Citação Postado originalmente por georgegomes Ver Post
    Pessoal, estou tendo problemas com minha rede, a net está ficnado lenta quando o pessoal começa baixar em p2p, o problema que fiz as regras d controle, que tem nós tutoriais e não está adiantando. oque devo fazer???

    Posta suas regras para darmos uma olhada.



  3. Citação Postado originalmente por Mr. RG Ver Post
    Posta suas regras para darmos uma olhada.
    aqui estão :

    / ip firewall mangle
    add chain=output protocol=tcp src-port=3128 action=mark-connection \
    new-connection-mark=proxy passthrough=yes comment="PROXY FULL" \
    disabled=yes
    add chain=forward protocol=udp src-port=0 action=mark-connection \
    new-connection-mark=block passthrough=yes comment="" disabled=yes
    add chain=output connection-mark=proxy action=mark-packet \
    new-packet-mark=proxy passthrough=yes comment="" disabled=yes
    add chain=output connection-mark=proxy action=return comment="" disabled=yes
    add chain=prerouting p2p=all-p2p action=mark-connection \
    new-connection-mark=all-p2p passthrough=yes comment="----- P2P" \
    disabled=no
    add chain=prerouting connection-mark=all-p2p action=mark-packet \
    new-packet-mark=ALL-P2P passthrough=no comment="" disabled=no
    add chain=prerouting dst-address=66.36.231.71 protocol=tcp src-port=1024-65535 \
    dst-port=80 action=mark-connection new-connection-mark=manchobanda \
    passthrough=yes comment="MEDIDORES DE LARGURA" disabled=no
    add chain=prerouting dst-address=216.49.88.18 protocol=tcp src-port=1024-65535 \
    dst-port=80 action=mark-connection new-connection-mark=manchobanda \
    passthrough=yes comment="" disabled=no
    add chain=prerouting connection-mark=manchobanda action=mark-packet \
    new-packet-mark=MIDOANCHODEBANDA passthrough=no comment="" disabled=no
    add chain=forward protocol=udp dst-port=4672 action=mark-connection \
    new-connection-mark=all-p2p passthrough=yes comment="Marco todos os P2P" \
    disabled=no
    add chain=forward connection-mark=all-p2p action=mark-packet \
    new-packet-mark=ALL-P2P passthrough=yes comment="" disabled=no
    add chain=output protocol=udp src-port=0-65535 dst-port=514 \
    action=mark-connection new-connection-mark=syslog-mt passthrough=no \
    comment="Syslog soft MT para Windows" disabled=no
    add chain=prerouting protocol=tcp dst-port=113 action=mark-connection \
    new-connection-mark=auth passthrough=no comment="----- Marco outras \
    coisas de menos uso" disabled=no
    add chain=prerouting protocol=tcp dst-port=119 action=mark-connection \
    new-connection-mark=nntp passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=143 action=mark-connection \
    new-connection-mark=imap passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=161-162 action=mark-connection \
    new-connection-mark=snmp passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=554 action=mark-connection \
    new-connection-mark=audio-streaming passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=1755 action=mark-connection \
    new-connection-mark=audio-streaming passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=993 action=mark-connection \
    new-connection-mark=imaps passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=2379 action=mark-connection \
    new-connection-mark=kgs passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=3389 action=mark-connection \
    new-connection-mark=win-rdp passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=5900-5901 action=mark-connection \
    new-connection-mark=vnc passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=6667-6669 action=mark-connection \
    new-connection-mark=irc passthrough=no comment="" disabled=no
    add chain=prerouting protocol=udp src-port=36725 dst-port=1024-65535 \
    action=mark-connection new-connection-mark=skype passthrough=no comment="" \
    disabled=no
    add chain=prerouting protocol=udp src-port=1024-65535 dst-port=5060-5061 \
    action=mark-connection new-connection-mark=sip passthrough=yes comment="" \
    disabled=no
    add chain=prerouting protocol=udp src-port=5060-5061 dst-port=1024-65535 \
    action=mark-connection new-connection-mark=sip passthrough=yes comment="" \
    disabled=no
    add chain=prerouting protocol=icmp icmp-options=8:0-255 action=mark-connection \
    new-connection-mark=ping passthrough=yes comment="----- PING" disabled=no
    add chain=prerouting connection-mark=ping action=mark-packet \
    new-packet-mark=PING passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=20-21 action=mark-connection \
    new-connection-mark=ftp passthrough=yes comment="----- FTP" disabled=no

  4. add chain=prerouting connection-mark=ftp action=mark-packet \
    new-packet-mark=FTP passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=53 action=mark-connection \
    new-connection-mark=dns passthrough=yes comment="----- DNS" disabled=no
    add chain=prerouting protocol=tcp src-port=53 action=mark-connection \
    new-connection-mark=dns passthrough=yes comment="" disabled=no
    add chain=prerouting protocol=udp dst-port=53 action=mark-connection \
    new-connection-mark=dns passthrough=yes comment="" disabled=no
    add chain=prerouting protocol=udp src-port=53 action=mark-connection \
    new-connection-mark=dns passthrough=yes comment="" disabled=no
    add chain=prerouting connection-mark=dns action=mark-packet \
    new-packet-mark=DNS passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=80 src-address-list=nat-addr \
    action=mark-connection new-connection-mark=http passthrough=yes \
    comment="----- HTTP" disabled=no
    add chain=prerouting connection-mark=http action=mark-packet \
    new-packet-mark=HTTP passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=443 action=mark-connection \
    new-connection-mark=https passthrough=yes comment="----- HTTPS" \
    disabled=no
    add chain=prerouting protocol=tcp src-port=443 action=mark-connection \
    new-connection-mark=https passthrough=yes comment="" disabled=no
    add chain=prerouting connection-mark=https action=mark-packet \
    new-packet-mark=HTTPS passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=110 action=mark-connection \
    new-connection-mark=pop3 passthrough=yes comment="----- POP3" disabled=no
    add chain=prerouting protocol=tcp dst-port=995 action=mark-connection \
    new-connection-mark=pop3 passthrough=yes comment="" disabled=no
    add chain=prerouting connection-mark=pop3 action=mark-packet \
    new-packet-mark=POP3-POP3s passthrough=no comment="" disabled=no
    add chain=prerouting protocol=udp dst-port=123 action=mark-connection \
    new-connection-mark=ntp passthrough=yes comment="----- NTP" disabled=no
    add chain=prerouting connection-mark=ntp action=mark-packet \
    new-packet-mark=NTP passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=1863 action=mark-connection \
    new-connection-mark=msn passthrough=yes comment="----- MSN" disabled=no
    add chain=prerouting protocol=tcp dst-port=6891-6900 action=mark-connection \
    new-connection-mark=msn passthrough=yes comment="" disabled=no
    add chain=prerouting protocol=udp dst-port=1863 action=mark-connection \
    new-connection-mark=msn passthrough=yes comment="" disabled=no
    add chain=prerouting protocol=udp dst-port=7001 action=mark-connection \
    new-connection-mark=msn passthrough=yes comment="" disabled=no
    add chain=prerouting connection-mark=msn action=mark-packet \
    new-packet-mark=MSN passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=3128 src-address-list=local-addr \
    action=mark-connection new-connection-mark=proxy passthrough=yes \
    comment="----- PROXY" disabled=no
    add chain=prerouting protocol=tcp src-port=3128 action=mark-connection \
    new-connection-mark=proxy passthrough=yes comment="" disabled=no
    add chain=prerouting connection-mark=proxy action=mark-packet \
    new-packet-mark=PROXY passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=8291 action=mark-connection \
    new-connection-mark=winbox passthrough=yes comment="----- WINBOX" \
    disabled=no
    add chain=prerouting connection-mark=winbox action=mark-packet \
    new-packet-mark=WINBOX passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=1723 action=mark-connection \
    new-connection-mark=pptp passthrough=yes comment="Protocolos: GRE - L2TP - \
    PPTP - VPN Megatone" disabled=no
    add chain=prerouting connection-mark=pptp action=mark-packet \
    new-packet-mark=VPN passthrough=no comment="" disabled=no
    add chain=prerouting protocol=gre action=mark-connection \
    new-connection-mark=gre passthrough=yes comment="" disabled=no
    add chain=prerouting connection-mark=gre action=mark-packet \
    new-packet-mark=VPN passthrough=no comment="" disabled=no
    add chain=prerouting protocol=udp dst-port=1701 action=mark-connection \
    new-connection-mark=l2tp passthrough=yes comment="" disabled=no
    add chain=prerouting connection-mark=l2tp action=mark-packet \
    new-packet-mark=VPN passthrough=no comment="" disabled=no
    add chain=prerouting protocol=udp dst-port=1194 action=mark-connection \
    new-connection-mark=vpn-megatone passthrough=yes comment="" disabled=no
    add chain=prerouting connection-mark=vpn-megatone action=mark-packet \
    new-packet-mark=VPN passthrough=no comment="" disabled=no
    add chain=output protocol=udp dst-port=53 action=mark-connection \
    new-connection-mark=dns passthrough=yes comment="----- DNS vindo do \
    Router" disabled=no
    add chain=output connection-mark=dns action=mark-packet new-packet-mark=DNS \
    passthrough=no comment="" disabled=no
    add chain=output protocol=tcp dst-port=80 action=mark-connection \
    new-connection-mark=http passthrough=yes comment="" disabled=no
    add chain=output connection-mark=http action=mark-packet new-packet-mark=HTTP \
    passthrough=no comment="" disabled=no
    add chain=output protocol=tcp dst-port=5002 action=mark-connection \
    new-connection-mark=proxy passthrough=yes comment="" disabled=no
    add chain=output protocol=tcp src-port=5002 action=mark-connection \
    new-connection-mark=proxy passthrough=yes comment="" disabled=no
    add chain=output connection-mark=proxy action=mark-packet \
    new-packet-mark=PROXY passthrough=no comment="" disabled=no
    add chain=input protocol=udp src-port=53 action=mark-connection \
    new-connection-mark=dns passthrough=yes comment="" disabled=no
    add chain=input connection-mark=dns action=mark-packet new-packet-mark=DNS \
    passthrough=yes comment="" disabled=no
    add chain=input protocol=tcp src-port=5002 dst-port=1024-65535 \
    action=mark-connection new-connection-mark=proxy passthrough=yes \
    comment="" disabled=no
    add chain=input connection-mark=proxy action=mark-packet new-packet-mark=PROXY \
    passthrough=yes comment="" disabled=no
    add chain=prerouting protocol=udp action=mark-connection \
    new-connection-mark=other-udp passthrough=yes comment="----- UDP NAO \
    RECONHECIDOS " disabled=no
    add chain=prerouting connection-mark=other-udp action=mark-packet \
    new-packet-mark=OTHER-UDP passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=1024-3126 action=mark-connection \
    new-connection-mark=other-tcp-bajo passthrough=yes comment="----- TCP NAO \
    RECONHECIDOS PUERTOS BAJOS" disabled=no
    add chain=prerouting protocol=tcp dst-port=3129-10000 action=mark-connection \
    new-connection-mark=other-tcp-bajo passthrough=yes comment="" disabled=no
    add chain=prerouting connection-mark=other-tcp-bajo action=mark-packet \
    new-packet-mark=TCP-BAJO passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=10001-10999 action=mark-connection \
    new-connection-mark=other-tcp-medio passthrough=yes comment="----- TCP \
    NAO RECONHECIDOS PUERTOS MEDIOS" disabled=no
    add chain=prerouting connection-mark=other-tcp-medio action=mark-packet \
    new-packet-mark=TCP-MEDIO passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=11000-11999 action=mark-connection \
    new-connection-mark=yahoo-juegos passthrough=yes comment="YAHOO Jogos" \
    disabled=no
    add chain=prerouting connection-mark=yahoo-juegos action=mark-packet \
    new-packet-mark=YAHOO passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=12000-30000 action=mark-connection \
    new-connection-mark=other-tcp-medio passthrough=yes comment="----- TCP \
    NAO RECONHECIDOS PORTAS MEDIAS" disabled=no

    disabled=no



  5. add chain=prerouting connection-mark=other-tcp-medio action=mark-packet \
    new-packet-mark=TCP-MEDIO passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=30001-65535 \
    src-address-list=nat-addr action=mark-connection \
    new-connection-mark=other-tcp-alto passthrough=yes comment="----- TCP NAO \
    RECONHCIDOS PORTAS ALTAS" disabled=no
    add chain=prerouting connection-mark=other-tcp-alto action=mark-packet \
    new-packet-mark=TCP-ALTO passthrough=no comment="" disabled=no
    add chain=prerouting action=mark-connection new-connection-mark=other \
    passthrough=yes comment="----- POR PRECAUSAO MARCO TUDO" disabled=no
    add chain=prerouting connection-mark=other action=mark-packet \
    new-packet-mark=OTHER passthrough=no comment="" disabled=no
    add chain=postrouting protocol=tcp dst-port=5002 action=mark-connection \
    new-connection-mark=proxy passthrough=yes comment="" disabled=no
    add chain=postrouting protocol=tcp src-port=5002 action=mark-connection \
    new-connection-mark=proxy passthrough=yes comment="" disabled=no
    add chain=postrouting connection-mark=proxy action=mark-packet \
    new-packet-mark=PROXY passthrough=yes comment="" disabled=no
    add chain=output src-address=172.19.100.100 protocol=tcp src-port=5002 \
    dst-address-list=nat-addr action=mark-connection new-connection-mark=proxy \
    passthrough=yes comment="" disabled=no
    add chain=output src-address=172.242.100.100 protocol=tcp src-port=5002 \
    dst-address-list=nat-addr action=mark-connection new-connection-mark=proxy \
    passthrough=yes comment="" disabled=no
    add chain=output src-address=172.246.100.100 protocol=tcp src-port=5002 \
    dst-address-list=nat-addr action=mark-connection new-connection-mark=proxy \
    passthrough=yes comment="" disabled=no
    add chain=output connection-mark=proxy action=mark-packet \
    new-packet-mark=PROXY passthrough=no comment="" disabled=no
    / ip firewall nat
    add chain=srcnat out-interface=WAN action=masquerade comment="" disabled=no
    add chain=dstnat connection-mark=dns action=redirect to-ports=0-65535 \
    comment="proxy for DNS requests" disabled=no
    add chain=dstnat in-interface=WAN src-address=172.19.100.0/24 protocol=tcp \
    dst-port=80 action=redirect to-ports=3128 comment="proxy for HTTP \
    requests" disabled=no
    add chain=dstnat in-interface=WLAN-EW src-address=172.246.100.0/24 \
    protocol=tcp dst-port=80 action=redirect to-ports=3128 comment="proxy for \
    HTTP requests" disabled=no
    / ip firewall connection tracking
    set enabled=yes tcp-syn-sent-timeout=5s tcp-syn-received-timeout=5s \
    tcp-established-timeout=1d tcp-fin-wait-timeout=10s \
    tcp-close-wait-timeout=10s tcp-last-ack-timeout=10s \
    tcp-time-wait-timeout=10s tcp-close-timeout=10s udp-timeout=10s \
    udp-stream-timeout=3m icmp-timeout=10s generic-timeout=10m \
    tcp-syncookie=no


    aqui as do queue:


    / queue tree
    add name="Int-OUT" parent=global-in packet-mark="" limit-at=256000 \
    queue=default priority=1 max-limit=512000 burst-limit=0 \
    burst-threshold=128000 burst-time=12s disabled=no
    add name="POP3-Out" parent=Int-OUT packet-mark=POP3-POP3s limit-at=64000 \
    queue=default priority=4 max-limit=128000 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
    add name="RESTO-OUT" parent=Int-OUT packet-mark=OTHER limit-at=0 queue=default \
    priority=4 max-limit=64000 burst-limit=0 burst-threshold=0 burst-time=0s \
    disabled=no
    add name="FTP-Out" parent=Int-OUT packet-mark=FTP limit-at=0 queue=default \
    priority=8 max-limit=128000 burst-limit=0 burst-threshold=0 burst-time=0s \
    disabled=no
    add name="HTTP-OUT" parent=Int-OUT packet-mark=HTTP limit-at=0 queue=default \
    priority=2 max-limit=280000 burst-limit=0 burst-threshold=0 burst-time=0s \
    disabled=no
    add name="DNS-OUT" parent=Int-OUT packet-mark=DNS limit-at=0 queue=default \
    priority=8 max-limit=64000 burst-limit=0 burst-threshold=0 burst-time=0s \
    disabled=no
    add name="SMTP-OUT" parent=Int-OUT packet-mark=SMTP-SMTPs limit-at=0 \
    queue=default priority=7 max-limit=128000 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
    add name="SSH-OUT" parent=Int-OUT packet-mark=SSH limit-at=0 queue=default \
    priority=8 max-limit=64000 burst-limit=0 burst-threshold=0 burst-time=0s \
    disabled=no
    add name="TCP-OUT" parent=Int-OUT packet-mark=TCP-BAJO limit-at=0 \
    queue=default priority=8 max-limit=190000 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
    add name="UDP-OUT" parent=Int-OUT packet-mark=OTHER-UDP limit-at=0 \
    queue=default priority=8 max-limit=100000 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
    add name="TELNET-OUT" parent=Int-OUT packet-mark=TELNET limit-at=0 \
    queue=default priority=8 max-limit=32000 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
    add name="WEBPROXY-OUT" parent=Int-OUT packet-mark=PROXY limit-at=512000 \
    queue=default priority=8 max-limit=768000 burst-limit=1024000 \
    burst-threshold=0 burst-time=20s disabled=no
    add name="TCP-MEDIOS" parent=Int-OUT packet-mark=TCP-MEDIO limit-at=0 \
    queue=default priority=8 max-limit=128000 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
    add name="TCP-ALTOS" parent=Int-OUT packet-mark=TCP-ALTO limit-at=0 \
    queue=default priority=8 max-limit=128000 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
    add name="HTTP/S-OUT" parent=Int-OUT packet-mark=HTTPS limit-at=0 \
    queue=default priority=8 max-limit=128000 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
    add name="TEST-ANCHO-Int-OUT" parent=Int-OUT packet-mark=MIDOANCHODEBANDA \
    limit-at=0 queue=default priority=2 max-limit=32000 burst-limit=0 \
    burst-threshold=0 burst-time=0s disabled=no
    add name="Control.P2P" parent=WAN packet-mark=ALL-P2P limit-at=0 queue=default \
    priority=8 max-limit=100000 burst-limit=0 burst-threshold=0 burst-time=0s \
    disabled=no
    add name="Control-P2P" parent=WAN packet-mark=ALL-P2P limit-at=0 queue=default \
    priority=8 max-limit=100000 burst-limit=0 burst-threshold=0 burst-time=0s \






Tópicos Similares

  1. Controle de rede Wireless para celuar
    Por tiagocaus no fórum Redes
    Respostas: 6
    Último Post: 12-06-2010, 15:53
  2. Controle de Banda P2P Marcação de pacote ! Mais
    Por DeividMoika no fórum Redes
    Respostas: 21
    Último Post: 04-09-2009, 22:49
  3. Cabeamento de redes, como crimpar etc
    Por Magal no fórum Servidores de Rede
    Respostas: 0
    Último Post: 14-08-2008, 14:06
  4. Respostas: 11
    Último Post: 22-02-2007, 08:43
  5. Respostas: 2
    Último Post: 12-01-2005, 22:14

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L