Página 7 de 7 PrimeiroPrimeiro ... 234567
+ Responder ao Tópico



  1. Citação Postado originalmente por rrinfor Ver Post
    As regras eu não as tenho mais, pois á 2 meses atraz tirei o pczinho que tinha como roteador e coloquei uma RB1000, entao nao me preocupei com backup da regras, estou sem QoS no momento, mas ja determinei que vou aplicar esse recurso na minha rede a partir da segunda-feira.
    Mas basicamente o que tinha era algo assim:

    exemplo somente da porta 80 e 443 (trafego http e https)

    HTTP:
    /ip firewall mangle
    add action=mark-connection chain=prerouting comment="HTTP Connection" disabled=yes dst-port=80 new-connection-mark=http_conn passthrough=yes protocol=tcp
    add action=mark-packet chain=prerouting comment="HTTP Packet" connection-mark=http_conn disabled=yes new-packet-mark=http_packet passthrough=no

    /queue tree
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 max-limit=3000000 name=http-in packet-mark=http_packet parent=global-in priority=2 \
    queue=default-small

    /queue tree
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 max-limit=3000000 name=http-in packet-mark=http_packet parent=global-out priority=2 \
    queue=default-small


    HTTPs:
    /ip firewall mangle
    add action=mark-connection chain=prerouting comment="HTTPs Connection" disabled=yes dst-port=443 new-connection-mark=https_conn passthrough=yes protocol=tcp
    add action=mark-packet chain=prerouting comment="HTTPs Packet" connection-mark=https_conn disabled=yes new-packet-mark=https_packket passthrough=no

    /queue tree
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 max-limit=1024000 name=https-in packet-mark=https_packket parent=global-in \
    priority=2 queue=default-small

    /queue tree
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 max-limit=1024000 name=https-in packet-mark=https_packket parent=global-out \
    priority=2 queue=default-small

    O tráfego não chegava estorando o max-limit, porem o desemprenho da rede ficava terrivel.

    Abraços
    Onde você colocou "global-in" e "global-out", experimenta trocar pelas ether dos clientes e a ether pública.

  2. FIZ O PROCEDIMENTO MAS DA ERRO AO COPIAR O ARQUIVO QUANDO ENTRO EM FILE E TENTO COPIAR O ARQUIVO PARA ABRIR COM O BLOCO DE NOTAS



  3. DEPOIS DE MUITAS TENTATIVAS CONSEGUI EXPORTAR DA UMA ANALIZADA NESSAS REGRAS POR FAVOR... CONTO COM SUA EXPERIENCIA AMIGO PARA PODER ME DAR UMA MAOZINHA

    / ip firewall mangle
    add chain=forward p2p=all-p2p action=mark-connection \
    new-connection-mark=p2p_conn passthrough=yes comment="Marcar Todo Trafego \
    p2p" disabled=no
    add chain=forward connection-mark=p2p_conn action=mark-packet \
    new-packet-mark=p2p passthrough=yes comment="" disabled=no
    add chain=prerouting connection-mark=msn action=mark-packet \
    new-packet-mark=msn passthrough=yes comment="MSN" disabled=no
    add chain=prerouting protocol=tcp src-port=1024-65535 dst-port=1863 \
    action=mark-packet new-packet-mark=msn passthrough=yes comment="" \
    disabled=no
    add chain=prerouting packet-mark=pop3 action=mark-packet new-packet-mark=pop3 \
    passthrough=yes comment="Controle POP3" disabled=no
    add chain=prerouting protocol=tcp src-port=1024-65535 dst-port=110 \
    action=mark-connection new-connection-mark=pop3 passthrough=yes comment="" \
    disabled=no
    add chain=output protocol=tcp src-port=3122 content="X-Cache: HIT" \
    action=mark-connection new-connection-mark=Squid-Connection \
    passthrough=yes comment="Cache full" disabled=no
    add chain=output connection-mark=Squid-Connection action=mark-packet \
    new-packet-mark=squid-paket passthrough=yes comment="" disabled=no
    add chain=output protocol=tcp src-port=3122 content="X-Cache: HIT" \
    action=mark-connection new-connection-mark=Squid-Connection \
    passthrough=yes comment="Cache full" disabled=yes
    add chain=output connection-mark=Squid-Connection action=mark-packet \
    new-packet-mark=squid-paket passthrough=yes comment="" disabled=yes
    add chain=forward p2p=all-p2p action=mark-connection \
    new-connection-mark=p2p_conn passthrough=yes comment="Marcar Todo Trafego \
    p2p" disabled=yes
    add chain=forward connection-mark=p2p_conn action=mark-packet \
    new-packet-mark=p2p passthrough=yes comment="" disabled=yes
    add chain=prerouting connection-mark=msn action=mark-packet \
    new-packet-mark=msn passthrough=yes comment="MSN" disabled=yes
    add chain=prerouting protocol=tcp src-port=1024-65535 dst-port=1863 \
    action=mark-packet new-packet-mark=msn passthrough=yes comment="" \
    disabled=yes
    add chain=prerouting packet-mark=pop3 action=mark-packet new-packet-mark=pop3 \
    passthrough=yes comment="Controle POP3" disabled=yes
    add chain=prerouting protocol=tcp src-port=1024-65535 dst-port=110 \
    action=mark-connection new-connection-mark=pop3 passthrough=yes comment="" \
    disabled=yes
    add chain=output protocol=tcp src-port=3122 content="X-Cache: HIT" \
    action=mark-connection new-connection-mark=Squid-Connection \
    passthrough=yes comment="Cache full" disabled=yes
    add chain=output connection-mark=Squid-Connection action=mark-packet \
    new-packet-mark=squid-paket passthrough=yes comment="" disabled=yes
    add chain=output protocol=tcp src-port=8291 action=mark-connection \
    new-connection-mark=WINBOX_FULL passthrough=yes comment="WINBOX" \
    disabled=no
    add chain=output connection-mark=WINBOX_FULL action=mark-packet \
    new-packet-mark=Winbox_Full passthrough=yes comment="" disabled=no
    add chain=output connection-mark=WINBOX_FULL action=return comment="" \
    disabled=no






Tópicos Similares

  1. Internet Lenta, servidor ou link?
    Por tuxson no fórum Servidores de Rede
    Respostas: 1
    Último Post: 05-03-2006, 08:39
  2. Internet lenta no linux
    Por PolacoCWB no fórum Servidores de Rede
    Respostas: 7
    Último Post: 21-07-2005, 20:33
  3. internet lenta
    Por ldeftones no fórum Servidores de Rede
    Respostas: 1
    Último Post: 28-03-2005, 16:51
  4. Internet lenta com IPtables
    Por RL no fórum Servidores de Rede
    Respostas: 2
    Último Post: 15-07-2004, 21:34
  5. internet lenta
    Por no fórum Servidores de Rede
    Respostas: 1
    Último Post: 24-03-2003, 19:14

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L