+ Responder ao Tópico



  1. 22-02-2009, 21:51 #1
    francistomba
    francistomba está desconectado
    Avatar de francistomba
    Ingresso
    Feb 2009
    Posts
    86

    Question marcação de pacotes, será que melhora??

    Ola Pessoal,

    Estou com uma duvida aqui, tenho feito alguns testes de marcações de pacotes,
    na tentativa de uma melhor navegação, meu raciocinio foi o seguinte, liberar as paginas de navegaçao do controle de banda e limitar apenas os downloads, não sei se seria certo, ou essa navegação poderia consumir todo o link.. em fim não tive bons resultados, vejo o pessoal falando de marcação de pacotes e fazer controle, mas no meu caso não tem dado muito certo.
    Dei um export do meu mangle e do queue tree.
    esse link é de 4 megas adsl.
    Se os amigos comentarem ficarei grato,

    desde ja agradeço a todos.


    / ip firewall mangle
    add chain=output protocol=tcp src-port=3128 content="X-Cache: HIT" \
    action=mark-connection new-connection-mark=proxy passthrough=yes \
    comment="PROXY FULL" disabled=no
    add chain=output connection-mark=proxy action=mark-packet \
    new-packet-mark=proxy-full passthrough=yes comment="" disabled=no
    add chain=input protocol=tcp dst-port=8291 action=mark-connection \
    new-connection-mark=acesso-winbox passthrough=yes comment="WINBOX" \
    disabled=no
    add chain=prerouting connection-mark=acesso-winbox action=mark-packet \
    new-packet-mark=winbox passthrough=no comment="" disabled=no
    add chain=prerouting protocol=tcp src-port=80 action=mark-packet \
    new-packet-mark=www_in passthrough=no comment="WWW" disabled=no
    add chain=postrouting protocol=tcp dst-port=80 action=mark-packet \
    new-packet-mark=www_out passthrough=no comment="" disabled=no
    add chain=prerouting protocol=udp src-port=53 action=mark-packet \
    new-packet-mark=dns_in passthrough=no comment="DNS" disabled=no
    add chain=postrouting protocol=udp dst-port=53 action=mark-packet \
    new-packet-mark=dns_out passthrough=no comment="" disabled=no
    add chain=prerouting protocol=icmp action=mark-packet new-packet-mark=icmp_in \
    passthrough=no comment="ICMP" disabled=no
    add chain=postrouting protocol=icmp action=mark-packet \
    new-packet-mark=icmp_out passthrough=no comment="" disabled=no
    add chain=prerouting p2p=all-p2p action=mark-connection \
    new-connection-mark=p2p-regra passthrough=yes comment="REGRAS P2P" \
    disabled=no
    add chain=prerouting connection-mark=p2p-regra action=mark-packet \
    new-packet-mark=p2p passthrough=yes comment="" disabled=no
    add chain=prerouting protocol=tcp src-port=64872-64875 action=mark-connection \
    new-connection-mark=conn_hotspot passthrough=yes comment="DEIXAR PAGINA DE \
    LOGIN SEM CONTROLE DE BANDA" disabled=no
    add chain=output protocol=tcp src-port=64872-64875 action=mark-connection \
    new-connection-mark=conn_hotspot passthrough=yes comment="" disabled=no
    add chain=prerouting connection-mark=conn_hotspot action=mark-packet \
    new-packet-mark=pacotes_hotspot passthrough=yes comment="" disabled=no
    add chain=output connection-mark=conn_hotspot action=mark-packet \
    new-packet-mark=pacotes_hotspot passthrough=yes comment="" disabled=no
    add chain=prerouting src-mac-address=00:05:00:20:8F:67 action=mark-connection \
    new-connection-mark="marcar por mac" passthrough=yes comment="MARCAÇÃO POR \
    MAC " disabled=yes
    add chain=prerouting connection-mark="marcar por mac" action=mark-packet \
    new-packet-mark="marcando mac" passthrough=yes comment="" disabled=yes
    add chain=forward src-address=192.168.0.0/24 protocol=tcp dst-port=21 \
    action=mark-packet new-packet-mark=semlimite passthrough=yes \
    comment="Marcando Pacotes Sem Limite Conexao - 192.168.0.1/24" disabled=no
    add chain=forward src-address=192.168.0.0/24 protocol=tcp dst-port=22 \
    action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
    disabled=no
    add chain=forward src-address=192.168.0.0/24 protocol=tcp dst-port=23 \
    action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
    disabled=no
    add chain=forward src-address=192.168.0.0/24 protocol=tcp dst-port=25 \
    action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
    disabled=no
    add chain=forward src-address=192.168.0.0/24 protocol=tcp dst-port=53 \
    action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
    disabled=no
    add chain=forward src-address=192.168.0.0/24 protocol=tcp dst-port=80 \
    action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
    disabled=no
    add chain=forward src-address=192.168.0.0/24 protocol=tcp dst-port=110 \
    action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
    disabled=no
    add chain=forward src-address=192.168.0.0/24 protocol=tcp dst-port=443 \
    action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
    disabled=no
    add chain=forward src-address=192.168.0.0/24 protocol=tcp dst-port=8080 \
    action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
    disabled=no
    add chain=forward src-address=192.168.0.0/24 protocol=tcp dst-port=6891-6901 \
    action=mark-packet new-packet-mark=semlimite passthrough=yes comment="" \
    disabled=no


    / queue tree
    add name="p2p down-block" parent=global-in packet-mark=p2p limit-at=0 \
    queue=default priority=8 max-limit=100000 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
    add name="p2p up-block" parent=global-out packet-mark=p2p limit-at=0 \
    queue=default priority=8 max-limit=50000 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
    add name="proxy-full" parent=global-out packet-mark=proxy-full limit-at=0 \
    queue=default priority=1 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
    add name="winbox" parent=global-total packet-mark=winbox limit-at=0 \
    queue=default priority=2 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
    add name="www in" parent=global-in packet-mark=www_in limit-at=0 queue=default \
    priority=2 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
    disabled=no
    add name="www out" parent=global-out packet-mark=www_out limit-at=0 \
    queue=default priority=2 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
    add name="dns in" parent=global-in packet-mark=dns_in limit-at=0 queue=default \
    priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s \
    disabled=no
    add name="dns out" parent=global-out packet-mark=dns_out limit-at=0 \
    queue=default priority=1 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
    add name="icmp in" parent=global-in packet-mark=icmp_in limit-at=0 \
    queue=default priority=1 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
    add name="icmp out" parent=global-out packet-mark=icmp_out limit-at=0 \
    queue=default priority=1 max-limit=0 burst-limit=0 burst-threshold=0 \
    burst-time=0s disabled=no
    add name="pag hotspot" parent=global-total packet-mark=pacotes_hotspot \
    limit-at=0 queue=default priority=8 max-limit=0 burst-limit=0 \
    burst-threshold=0 burst-time=0s disabled=no
    Citação Citação
  2. 14-03-2009, 19:57 #2
    francistomba
    francistomba está desconectado
    Avatar de francistomba
    Ingresso
    Feb 2009
    Posts
    86

    Padrão

    Nem uma ideia??
    alguem já fez essas marcações e realmente teve melhoras??
    Citação Citação



« Tópico Anterior | Próximo Tópico »