Página 1 de 11 123456 ... ÚltimoÚltimo
+ Responder ao Tópico



  1. Bem, eu já tentei várias formas de melhorar a navegação de meus clientes. Recentemente eu sai "catanto" todas as dicas do UnderLinux e na Wiki do Mikrotik e cheguei ao meu Sistema de QoS proprio....

    Dividi tudo em tres partes.

    1º Protocolos Layer7
    Além de identificar o trafego por portas, eu uso layer7 como backup. Caso a pessoa esteja acessando um serviço X em uma porta fora do padrão o mikrotik conseguirá identificar o trafego.
    2º Marcacao de Pacotes usando Mangle.
    Bem, basicamente eu uso a chanin= prerouting e nela eu marco o trafego nas portas dos principais servicos. Adicionalmente, eu uso o Layer7, e marco o que passar despercebido.
    A principal diferenca é que eu do nomes diferentes para arquivos de tamanhos diferentes.
    Ex: http-ate1mb, http-maiorque60MB
    Assim, Caso o arquivo seja menor que 1mb, eu considero o trafego com prioridade maior do que um que tenha mais que 60mb.
    3º As queue Trees
    Como no mangle eu saio marcando tudo, nas queue tree eu do a prioridade para cada tipo de servico. Ex: Para pacotes HTTP menores que 1m, o clientes tem banda liberada. Assim, mesmo que ele esteja fazendo um download na velocidade maxima, ele ainda conseguira navegar normalmente.
    Eu uso a mesma ideia para os pacotes do tipo "servicosderede". Neles vem os pings, dns, etc...
    Pacotes marcados como hotspot, eu faço com que ao acessar a pagina do hotspot, o cliente tenha banda total.
    As regras foram feitas para MEU mikrotik, logo, provavelmente você terá que alterar uma ou outra coisinha para que elas funcionem 100% para você. (Dados Basicos do meu servidor: Link de 1M; Mikrotik 3.23; CacheFull + HotSpot; Rodando em um PC comum)

    Caso alguem encontre algum erro, por favor, poste aqui para que eu saiba do mesmo e corrija em meu servidor.

    Enfim, nos posts abaixo vao minhas regras.

    Caso a dica tenha te ajudado, por favor, agradeça. Assim você me incentiva a escrever mais besteiras por aqui.

    *** Vide minha Address List na página 3. Ela é necessaria para que os pacotes do youtube sejam identificados. ***

    ~-~-~-~-~-~-~-~-~-~
    Precisa de ajuda com sua rede? Precisa replanejar suas estratégias de marketing e aumentar seu lucro? Contate-me: email {[arroba]} renangomes.com
    ~-~-~-~-~-~-~-~-~-~
    Miniaturas de Anexos Miniaturas de Anexos Clique na imagem para uma versão maior

Nome:	         QoS-Mikrotik.jpg
Visualizações:	5772
Tamanho: 	332,2 KB
ID:      	4330  
    Arquivos Anexos Arquivos Anexos
    • Tipo de Arquivo: txt QoS.txt (35,5 KB, 5177 visualizações)
    Última edição por renangomes; 19-05-2009 às 02:19.

  2. # Adicionando mais formas de identificar os pacotes.
    /ip firewall layer7-protocol
    add comment="" name=edonkey regexp="^[\C5\D4\E3-\E5].\?.\?.\?.\?([\01\02\05\14\15\16\
    \18\19\1A\1B\1C !234568@ABCFGHIJKLMNOPQRSTUVWX[`\81\82\90\91\93\96\97\98\99\9A\9B\
    \9C\9E\A0\A1\A2\A3\A4]|Y................\?[ -~]|\96....\$)"
    add comment="" name=goboogy regexp="<peerplat>|^get /getfilebyhash\\.cgi\\\?|^get /que\
    ue_register\\.cgi\\\?|^get /getupdowninfo\\.cgi\\\?"
    add comment="" name=soribada regexp="^GETMP3\r\
    \nFilename|^\01.\?.\?.\?(Q:\\+|Q2:)|^\10[\14-\16]\10[\15-\17].\?.\?.\?.\?\$"
    add comment="" name=rdp regexp=rdpdr.*cliprdr.*rdpsnd
    add comment="" name=gnutella regexp="^(gnd[\01\02]\?.\?.\?\01|gnutella connect/[012]\\\
    .[0-9]\r\
    \n|get /uri-res/n2r\\\?urn:sha1:|get /.*user-agent: (gtk-gnutella|bearshare|mactel\
    la|gnucleus|gnotella|limewire|imesh)|get /.*content-type: application/x-gnutella-p\
    ackets|giv [0-9]*:[0-9a-f]*/|queue [0-9a-f]* [1-9][0-9]\?[0-9]\?\\.[1-9][0-9]\?[0-\
    9]\?\\.[1-9][0-9]\?[0-9]\?\\.[1-9][0-9]\?[0-9]\?:[1-9][0-9]\?[0-9]\?[0-9]\?|gnutel\
    la.*content-type: application/x-gnutella|...................\?lime)"
    add comment="" name=cvs regexp="^BEGIN (AUTH|VERIFICATION|GSSAPI) REQUEST\
    \n"
    add comment="" name=nbns regexp="\01\10\01|\\)\10\01\01|0\10\01"
    add comment="" name=shoutcast regexp=\
    "icy [1-5][0-9][0-9] [\t-\r -~]*(content-type:audio|icy-)"
    add comment="" name=dns regexp="^.\?.\?.\?.\?[\01\02].\?.\?.\?.\?.\?.\?[\01-\?][a-z0-9\
    ][\01-\?a-z]*[\02-\06][a-z][a-z][fglmoprstuvz]\?[aeop]\?(um)\?[\01-\10\1C][\01\03\
    \04\FF]"
    add comment="" name=quake-halflife regexp="^\FF\FF\FF\FFget(info|challenge)"
    add comment="" name=poco regexp="^\80\94\
    \n\01....\1F\9E"
    add comment="" name=ciscovpn regexp="^\01\F4\01\F4"
    add comment="" name=x11 regexp="^[lb].\?\0B"
    add comment="" name=xboxlive regexp="^X\80........\F3|^\06XN"
    add comment="" name=applejuice regexp="^ajprot\r\
    \n"
    add comment="" name=zmaap regexp="^\1B\D7;H[\01\02]\01\?\01"
    add comment="" name=live365 regexp=membername.*session.*player
    add comment="" name=rlogin regexp=\
    "^[a-z][a-z0-9][a-z0-9]+/[1-9][0-9]\?[0-9]\?[0-9]\?00"
    add comment="" name=http regexp="http/(0\\.9|1\\.0|1\\.1) [1-5][0-9][0-9] [\t-\r -~]*(\
    connection:|content-type:|content-length:|date:)|post [\t-\r -~]* http/[01]\\.[019\
    ]"
    add comment="" name=sip regexp=\
    "^(invite|register|cancel) sip[\t-\r -~]*sip/[0-2]\\.[0-9]"
    add comment="" name=pop3 regexp="^(\\+ok |-err )"
    add comment="" name=smb regexp="\FFsmb[r%]"
    add comment="" name=quake1 regexp="^\80\0C\01quake\03"
    add comment="" name=lpd regexp="^(\01[!-~]+|\02[!-~]+\
    \n.[\01\02\03][\01-\
    \n -~]*|[\03\04][!-~]+[\t-\r]+[a-z][\t-\r -~]*|\05[!-~]+[\t-\r]+([a-z][!-~]*[\t-\r\
    ]+[1-9][0-9]\?[0-9]\?|root[\t-\r]+[!-~]+).*)\
    \n\$"
    add comment="" name=mute regexp="^(Public|AES)Key: [0-9a-f]*\
    \nEnd(Public|AES)Key\
    \n\$"
    add comment="" name=ssh regexp="^ssh-[12]\\.[0-9]"
    add comment="" name=jabber regexp=\
    "<stream:stream[\t-\r ][ -~]*[\t-\r ]xmlns=['\"]jabber"
    add comment="" name=bittorrent regexp="^(\13bittorrent protocol|azver\01\$|get/scrape\
    \\\?info_hash=)|d1:ad2:id20:|\08'7P\\)[RP]"
    add comment="" name=ncp regexp="^(dmdt.*\01.*(\"\"|\11\11|uu)|tncp.*33)"
    add comment="" name=tls regexp="^(.\?.\?\16\03.*\16\03|.\?.\?\01\03\01\?.*\0B)"
    add comment="" name=directconnect regexp="^(\\\$mynick |\\\$lock |\\\$key )"
    add comment="" name=netbios regexp="\81.\?.\?.[A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P]\
    [A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A\
    -P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P]"
    add comment="" name=tftp regexp="^(\01|\02)[ -~]*(netascii|octet|mail)"
    add comment="" name=subspace regexp="^\01....\11\10........\01\$"
    add comment="" name=hotline regexp="^....................TRTPHOTL\01\02"
    add comment="" name=doom3 regexp="^\FF\FFchallenge"
    add comment="" name=ftp regexp="^220[\t-\r -~]*ftp"
    add comment="" name=kugoo regexp="^1..\8E"
    add comment="" name=tsp regexp=\
    "^[\01-\13\16-\$]\01.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?[ -~]+"
    add comment="" name=battlefield1942 regexp="^\01\11\10\\|\F8\02\10@\06"
    add comment="" name=ssdp regexp="^notify[\t-\r ]\\*[\t-\r ]http/1\\.1[\t-\r -~]*ssdp:(\
    alive|byebye)|^m-search[\t-\r ]\\*[\t-\r ]http/1\\.1[\t-\r -~]*ssdp:discover"
    add comment="" name=imap regexp="^(\\* ok|a[0-9]+ noop)"
    add comment="" name=ares regexp="^\03[]Z].\?.\?\05\$"
    add comment="" name=fasttrack regexp="^get (/.download/[ -~]*|/.supernode[ -~]|/.statu\
    s[ -~]|/.network[ -~]*|/.files|/.hash=[0-9a-f]*/[ -~]*) http/1.1|user-agent: kazaa\
    |x-kazaa(-username|-network|-ip|-supernodeip|-xferid|-xferuid|tag)|^give [0-9][0-9\
    ][0-9][0-9][0-9][0-9][0-9][0-9]\?[0-9]\?[0-9]\?"
    add comment="" name=qq regexp="^.\?\02.+\03\$"
    add comment="" name=100bao regexp="^\01\01\05\
    \n"
    add comment="" name=aim regexp=\
    "^(\\*[\01\02].*\03\0B|\\*\01.\?.\?.\?.\?\01)|flapon|toc_signon.*0x"
    add comment="" name=unknown regexp=.
    add comment="" name=msn-filetransfer regexp=\
    "^(ver [ -~]*msnftp\r\
    \nver msnftp\r\
    \nusr|method msnmsgr:)"
    add comment="" name=yahoo regexp=\
    "^(ymsg|ypns|yhoo).\?.\?.\?.\?.\?.\?.\?[lwt].*\C0\80"
    add comment="" name=validcertssl regexp="^(.\?.\?\16\03.*\16\03|.\?.\?\01\03\01\?.*\0B\
    ).*(thawte|equifax secure|rsa data security, inc|verisign, inc|gte cybertrust root\
    |entrust\\.net limited)"
    add comment="" name=ntp regexp=\
    "^([\13\1B#\D3\DB\E3]|[\14\1C\$].......\?.\?.\?.\?.\?.\?.\?.\?.\?[\C6-\FF])"
    add comment="" name=gnucleuslan regexp=\
    "gnuclear connect/[\t-\r -~]*user-agent: gnucleus [\t-\r -~]*lan:"
    add comment="" name=vnc regexp="^rfb 00[1-9]\\.00[0-9]\
    \n\$"
    add comment="" name=bgp regexp=\
    "^\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF..\?\01[\03\04]"
    add comment="" name=tesla regexp="\03\9A\89\"111\\.00 Beta |\E2<i\1E\1C\E9"
    add comment="" name=openft regexp="x-openftalias: [-)(0-9a-z ~.]"
    add comment="" name=h323 regexp=\
    "^\03..\?\08...\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?\05"
    add comment="" name=finger regexp=\
    "^[a-z][a-z0-9\\-_]+|login: [\t-\r -~]* name: [\t-\r -~]* Directory:"
    add comment="" name=ident regexp="^[1-9][0-9]\?[0-9]\?[0-9]\?[0-9]\?[\t-\r]*,[\t-\r]*[\
    1-9][0-9]\?[0-9]\?[0-9]\?[0-9]\?(\r\
    \n|[\r\
    \n])\?\$"
    add comment="" name=gkrellm regexp="^gkrellm [23].[0-9].[0-9]\
    \n\$"
    add comment="" name=hddtemp regexp=\
    "^\\|/dev/[a-z][a-z][a-z]\\|[0-9a-z]*\\|[0-9][0-9]\\|[cfk]\\|"
    add comment="" name=socks regexp=\
    "\05[\01-\08]*\05[\01-\08]\?.*\05[\01-\03][\01\03].*\05[\01-\08]\?[\01\03]"
    add comment="" name=biff regexp="^[a-z][a-z0-9]+@[1-9][0-9]+\$"
    add comment="" name=dhcp regexp="^[\01\02][\01- ]\06.*c\82sc"
    add comment="" name=smtp regexp="^220[\t-\r -~]* (e\?smtp|simple mail)"
    add comment="" name=ipp regexp=ipp://
    add comment="" name=msnmessenger regexp="ver [0-9]+ msnp[1-9][0-9]\? [\t-\r -~]*cvr0\r\
    \n\$|usr 1 [!-~]+ [0-9. ]+\r\
    \n\$|ans 1 [!-~]+ [0-9. ]+\r\
    \n\$"
    add comment="" name=irc regexp="^(nick[\t-\r -~]*user[\t-\r -~]*:|user[\t-\r -~]*:[\02\
    -\r -~]*nick[\t-\r -~]*\r\
    \n)"
    add comment="" name=gopher regexp="^[\t-\r]*[1-9,+tgi][\t-\r -~]*\t[\t-\r -~]*\t[a-z0-\
    9.]*\\.[a-z][a-z].\?.\?\t[1-9]"
    add comment="" name=telnet regexp="^\FF[\FB-\FE].\FF[\FB-\FE].\FF[\FB-\FE]"
    add comment="" name=snmp regexp="^\02\01\04.+([\A0-\A3]\02[\01-\04].\?.\?.\?.\?\02\01.\
    \?\02\01.\?0|\A4\06.+@\04.\?.\?.\?.\?\02\01.\?\02\01.\?C)"
    add comment="" name=nntp regexp=\
    "^(20[01][\t-\r -~]*AUTHINFO USER|20[01][\t-\r -~]*news)"
    add comment="" name=aimwebcontent regexp=user-agent:aim/
    add comment="" name=rtsp regexp="rtsp/1.0 200 ok"
    Última edição por renangomes; 17-05-2009 às 23:04.



  3. add comment="" name=skypeout regexp="^(\01.\?.\?.\?.\?.\?.\?.\?.\?\01|\02.\?.\?.\?.\?.\
    \?.\?.\?.\?\02|\03.\?.\?.\?.\?.\?.\?.\?.\?\03|\04.\?.\?.\?.\?.\?.\?.\?.\?\04|\05.\
    \?.\?.\?.\?.\?.\?.\?.\?\05|\06.\?.\?.\?.\?.\?.\?.\?.\?\06|\07.\?.\?.\?.\?.\?.\?.\?\
    .\?\07|\08.\?.\?.\?.\?.\?.\?.\?.\?\08|\t.\?.\?.\?.\?.\?.\?.\?.\?\t|\
    \n.\?.\?.\?.\?.\?.\?.\?.\?\
    \n|\0B.\?.\?.\?.\?.\?.\?.\?.\?\0B|\0C.\?.\?.\?.\?.\?.\?.\?.\?\0C|\r.\?.\?.\?.\?.\?\
    .\?.\?.\?\r|\0E.\?.\?.\?.\?.\?.\?.\?.\?\0E|\0F.\?.\?.\?.\?.\?.\?.\?.\?\0F|\10.\?.\
    \?.\?.\?.\?.\?.\?.\?\10|\11.\?.\?.\?.\?.\?.\?.\?.\?\11|\12.\?.\?.\?.\?.\?.\?.\?.\?\
    \12|\13.\?.\?.\?.\?.\?.\?.\?.\?\13|\14.\?.\?.\?.\?.\?.\?.\?.\?\14|\15.\?.\?.\?.\?.\
    \?.\?.\?.\?\15|\16.\?.\?.\?.\?.\?.\?.\?.\?\16|\17.\?.\?.\?.\?.\?.\?.\?.\?\17|\18.\
    \?.\?.\?.\?.\?.\?.\?.\?\18|\19.\?.\?.\?.\?.\?.\?.\?.\?\19|\1A.\?.\?.\?.\?.\?.\?.\?\
    .\?\1A|\1B.\?.\?.\?.\?.\?.\?.\?.\?\1B|\1C.\?.\?.\?.\?.\?.\?.\?.\?\1C|\1D.\?.\?.\?.\
    \?.\?.\?.\?.\?\1D|\1E.\?.\?.\?.\?.\?.\?.\?.\?\1E|\1F.\?.\?.\?.\?.\?.\?.\?.\?\1F| .\
    \?.\?.\?.\?.\?.\?.\?.\? |!.\?.\?.\?.\?.\?.\?.\?.\?!|\".\?.\?.\?.\?.\?.\?.\?.\?\"|#\
    .\?.\?.\?.\?.\?.\?.\?.\?#|\\\$.\?.\?.\?.\?.\?.\?.\?.\?\\\$|%.\?.\?.\?.\?.\?.\?.\?.\
    \?%|&.\?.\?.\?.\?.\?.\?.\?.\?&|'.\?.\?.\?.\?.\?.\?.\?.\?'|\\(.\?.\?.\?.\?.\?.\?.\?\
    .\?\\(|\\).\?.\?.\?.\?.\?.\?.\?.\?\\)|\\*.\?.\?.\?.\?.\?.\?.\?.\?\\*|\\+.\?.\?.\?.\
    \?.\?.\?.\?.\?\\+|,.\?.\?.\?.\?.\?.\?.\?.\?,|-.\?.\?.\?.\?.\?.\?.\?.\?-|\\..\?.\?.\
    \?.\?.\?.\?.\?.\?\\.|/.\?.\?.\?.\?.\?.\?.\?.\?/|0.\?.\?.\?.\?.\?.\?.\?.\?0|1.\?.\?\
    .\?.\?.\?.\?.\?.\?1|2.\?.\?.\?.\?.\?.\?.\?.\?2|3.\?.\?.\?.\?.\?.\?.\?.\?3|4.\?.\?.\
    \?.\?.\?.\?.\?.\?4|5.\?.\?.\?.\?.\?.\?.\?.\?5|6.\?.\?.\?.\?.\?.\?.\?.\?6|7.\?.\?.\
    \?.\?.\?.\?.\?.\?7|8.\?.\?.\?.\?.\?.\?.\?.\?8|9.\?.\?.\?.\?.\?.\?.\?.\?9|:.\?.\?.\
    \?.\?.\?.\?.\?.\?:|;.\?.\?.\?.\?.\?.\?.\?.\?;|<.\?.\?.\?.\?.\?.\?.\?.\?<|=.\?.\?.\
    \?.\?.\?.\?.\?.\?=|>.\?.\?.\?.\?.\?.\?.\?.\?>|\\\?.\?.\?.\?.\?.\?.\?.\?.\?\\\?|@.\
    \?.\?.\?.\?.\?.\?.\?.\?@|A.\?.\?.\?.\?.\?.\?.\?.\?A|B.\?.\?.\?.\?.\?.\?.\?.\?B|C.\
    \?.\?.\?.\?.\?.\?.\?.\?C|D.\?.\?.\?.\?.\?.\?.\?.\?D|E.\?.\?.\?.\?.\?.\?.\?.\?E|F.\
    \?.\?.\?.\?.\?.\?.\?.\?F|G.\?.\?.\?.\?.\?.\?.\?.\?G|H.\?.\?.\?.\?.\?.\?.\?.\?H|I.\
    \?.\?.\?.\?.\?.\?.\?.\?I|J.\?.\?.\?.\?.\?.\?.\?.\?J|K.\?.\?.\?.\?.\?.\?.\?.\?K|L.\
    \?.\?.\?.\?.\?.\?.\?.\?L|M.\?.\?.\?.\?.\?.\?.\?.\?M|N.\?.\?.\?.\?.\?.\?.\?.\?N|O.\
    \?.\?.\?.\?.\?.\?.\?.\?O|P.\?.\?.\?.\?.\?.\?.\?.\?P|Q.\?.\?.\?.\?.\?.\?.\?.\?Q|R.\
    \?.\?.\?.\?.\?.\?.\?.\?R|S.\?.\?.\?.\?.\?.\?.\?.\?S|T.\?.\?.\?.\?.\?.\?.\?.\?T|U.\
    \?.\?.\?.\?.\?.\?.\?.\?U|V.\?.\?.\?.\?.\?.\?.\?.\?V|W.\?.\?.\?.\?.\?.\?.\?.\?W|X.\
    \?.\?.\?.\?.\?.\?.\?.\?X|Y.\?.\?.\?.\?.\?.\?.\?.\?Y|Z.\?.\?.\?.\?.\?.\?.\?.\?Z|\\[\
    .\?.\?.\?.\?.\?.\?.\?.\?\\[|\\].\?.\?.\?.\?.\?.\?.\?.\?\\]|\\].\?.\?.\?.\?.\?.\?.\
    \?.\?\\]|\\^.\?.\?.\?.\?.\?.\?.\?.\?\\^|_.\?.\?.\?.\?.\?.\?.\?.\?_|`.\?.\?.\?.\?.\
    \?.\?.\?.\?`|a.\?.\?.\?.\?.\?.\?.\?.\?a|b.\?.\?.\?.\?.\?.\?.\?.\?b|c.\?.\?.\?.\?.\
    \?.\?.\?.\?c|d.\?.\?.\?.\?.\?.\?.\?.\?d|e.\?.\?.\?.\?.\?.\?.\?.\?e|f.\?.\?.\?.\?.\
    \?.\?.\?.\?f|g.\?.\?.\?.\?.\?.\?.\?.\?g|h.\?.\?.\?.\?.\?.\?.\?.\?h|i.\?.\?.\?.\?.\
    \?.\?.\?.\?i|j.\?.\?.\?.\?.\?.\?.\?.\?j|k.\?.\?.\?.\?.\?.\?.\?.\?k|l.\?.\?.\?.\?.\
    \?.\?.\?.\?l|m.\?.\?.\?.\?.\?.\?.\?.\?m|n.\?.\?.\?.\?.\?.\?.\?.\?n|o.\?.\?.\?.\?.\
    \?.\?.\?.\?o|p.\?.\?.\?.\?.\?.\?.\?.\?p|q.\?.\?.\?.\?.\?.\?.\?.\?q|r.\?.\?.\?.\?.\
    \?.\?.\?.\?r|s.\?.\?.\?.\?.\?.\?.\?.\?s|t.\?.\?.\?.\?.\?.\?.\?.\?t|u.\?.\?.\?.\?.\
    \?.\?.\?.\?u|v.\?.\?.\?.\?.\?.\?.\?.\?v|w.\?.\?.\?.\?.\?.\?.\?.\?w|x.\?.\?.\?.\?.\
    \?.\?.\?.\?x|y.\?.\?.\?.\?.\?.\?.\?.\?y|z.\?.\?.\?.\?.\?.\?.\?.\?z|\\{.\?.\?.\?.\?\
    .\?.\?.\?.\?\\{|\\|.\?.\?.\?.\?.\?.\?.\?.\?\\||\\}.\?.\?.\?.\?.\?.\?.\?.\?\\}|~.\?\
    .\?.\?.\?.\?.\?.\?.\?~|\7F.\?.\?.\?.\?.\?.\?.\?.\?\7F|\80.\?.\?.\?.\?.\?.\?.\?.\?\
    \80|\81.\?.\?.\?.\?.\?.\?.\?.\?\81|\82.\?.\?.\?.\?.\?.\?.\?.\?\82|\83.\?.\?.\?.\?.\
    \?.\?.\?.\?\83|\84.\?.\?.\?.\?.\?.\?.\?.\?\84|\85.\?.\?.\?.\?.\?.\?.\?.\?\85|\86.\
    \?.\?.\?.\?.\?.\?.\?.\?\86|\87.\?.\?.\?.\?.\?.\?.\?.\?\87|\88.\?.\?.\?.\?.\?.\?.\?\
    .\?\88|\89.\?.\?.\?.\?.\?.\?.\?.\?\89|\8A.\?.\?.\?.\?.\?.\?.\?.\?\8A|\8B.\?.\?.\?.\
    \?.\?.\?.\?.\?\8B|\8C.\?.\?.\?.\?.\?.\?.\?.\?\8C|\8D.\?.\?.\?.\?.\?.\?.\?.\?\8D|\
    \8E.\?.\?.\?.\?.\?.\?.\?.\?\8E|\8F.\?.\?.\?.\?.\?.\?.\?.\?\8F|\90.\?.\?.\?.\?.\?.\
    \?.\?.\?\90|\91.\?.\?.\?.\?.\?.\?.\?.\?\91|\92.\?.\?.\?.\?.\?.\?.\?.\?\92|\93.\?.\
    \?.\?.\?.\?.\?.\?.\?\93|\94.\?.\?.\?.\?.\?.\?.\?.\?\94|\95.\?.\?.\?.\?.\?.\?.\?.\?\
    \95|\96.\?.\?.\?.\?.\?.\?.\?.\?\96|\97.\?.\?.\?.\?.\?.\?.\?.\?\97|\98.\?.\?.\?.\?.\
    \?.\?.\?.\?\98|\99.\?.\?.\?.\?.\?.\?.\?.\?\99|\9A.\?.\?.\?.\?.\?.\?.\?.\?\9A|\9B.\
    \?.\?.\?.\?.\?.\?.\?.\?\9B|\9C.\?.\?.\?.\?.\?.\?.\?.\?\9C|\9D.\?.\?.\?.\?.\?.\?.\?\
    .\?\9D|\9E.\?.\?.\?.\?.\?.\?.\?.\?\9E|\9F.\?.\?.\?.\?.\?.\?.\?.\?\9F|\A0.\?.\?.\?.\
    \?.\?.\?.\?.\?\A0|\A1.\?.\?.\?.\?.\?.\?.\?.\?\A1|\A2.\?.\?.\?.\?.\?.\?.\?.\?\A2|\
    \A3.\?.\?.\?.\?.\?.\?.\?.\?\A3|\A4.\?.\?.\?.\?.\?.\?.\?.\?\A4|\A5.\?.\?.\?.\?.\?.\
    \?.\?.\?\A5|\A6.\?.\?.\?.\?.\?.\?.\?.\?\A6|\A7.\?.\?.\?.\?.\?.\?.\?.\?\A7|\A8.\?.\
    \?.\?.\?.\?.\?.\?.\?\A8|\A9.\?.\?.\?.\?.\?.\?.\?.\?\A9|\AA.\?.\?.\?.\?.\?.\?.\?.\?\
    \AA|\AB.\?.\?.\?.\?.\?.\?.\?.\?\AB|\AC.\?.\?.\?.\?.\?.\?.\?.\?\AC|\AD.\?.\?.\?.\?.\
    \?.\?.\?.\?\AD|\AE.\?.\?.\?.\?.\?.\?.\?.\?\AE|\AF.\?.\?.\?.\?.\?.\?.\?.\?\AF|\B0.\
    \?.\?.\?.\?.\?.\?.\?.\?\B0|\B1.\?.\?.\?.\?.\?.\?.\?.\?\B1|\B2.\?.\?.\?.\?.\?.\?.\?\
    .\?\B2|\B3.\?.\?.\?.\?.\?.\?.\?.\?\B3|\B4.\?.\?.\?.\?.\?.\?.\?.\?\B4|\B5.\?.\?.\?.\
    \?.\?.\?.\?.\?\B5|\B6.\?.\?.\?.\?.\?.\?.\?.\?\B6|\B7.\?.\?.\?.\?.\?.\?.\?.\?\B7|\
    \B8.\?.\?.\?.\?.\?.\?.\?.\?\B8|\B9.\?.\?.\?.\?.\?.\?.\?.\?\B9|\BA.\?.\?.\?.\?.\?.\
    \?.\?.\?\BA|\BB.\?.\?.\?.\?.\?.\?.\?.\?\BB|\BC.\?.\?.\?.\?.\?.\?.\?.\?\BC|\BD.\?.\
    \?.\?.\?.\?.\?.\?.\?\BD|\BE.\?.\?.\?.\?.\?.\?.\?.\?\BE|\BF.\?.\?.\?.\?.\?.\?.\?.\?\
    \BF|\C0.\?.\?.\?.\?.\?.\?.\?.\?\C0|\C1.\?.\?.\?.\?.\?.\?.\?.\?\C1|\C2.\?.\?.\?.\?.\
    \?.\?.\?.\?\C2|\C3.\?.\?.\?.\?.\?.\?.\?.\?\C3|\C4.\?.\?.\?.\?.\?.\?.\?.\?\C4|\C5.\
    \?.\?.\?.\?.\?.\?.\?.\?\C5|\C6.\?.\?.\?.\?.\?.\?.\?.\?\C6|\C7.\?.\?.\?.\?.\?.\?.\?\
    .\?\C7|\C8.\?.\?.\?.\?.\?.\?.\?.\?\C8|\C9.\?.\?.\?.\?.\?.\?.\?.\?\C9|\CA.\?.\?.\?.\
    \?.\?.\?.\?.\?\CA|\CB.\?.\?.\?.\?.\?.\?.\?.\?\CB|\CC.\?.\?.\?.\?.\?.\?.\?.\?\CC|\
    \CD.\?.\?.\?.\?.\?.\?.\?.\?\CD|\CE.\?.\?.\?.\?.\?.\?.\?.\?\CE|\CF.\?.\?.\?.\?.\?.\
    \?.\?.\?\CF|\D0.\?.\?.\?.\?.\?.\?.\?.\?\D0|\D1.\?.\?.\?.\?.\?.\?.\?.\?\D1|\D2.\?.\
    \?.\?.\?.\?.\?.\?.\?\D2|\D3.\?.\?.\?.\?.\?.\?.\?.\?\D3|\D4.\?.\?.\?.\?.\?.\?.\?.\?\
    \D4|\D5.\?.\?.\?.\?.\?.\?.\?.\?\D5|\D6.\?.\?.\?.\?.\?.\?.\?.\?\D6|\D7.\?.\?.\?.\?.\
    \?.\?.\?.\?\D7|\D8.\?.\?.\?.\?.\?.\?.\?.\?\D8|\D9.\?.\?.\?.\?.\?.\?.\?.\?\D9|\DA.\
    \?.\?.\?.\?.\?.\?.\?.\?\DA|\DB.\?.\?.\?.\?.\?.\?.\?.\?\DB|\DC.\?.\?.\?.\?.\?.\?.\?\
    .\?\DC|\DD.\?.\?.\?.\?.\?.\?.\?.\?\DD|\DE.\?.\?.\?.\?.\?.\?.\?.\?\DE|\DF.\?.\?.\?.\
    \?.\?.\?.\?.\?\DF|\E0.\?.\?.\?.\?.\?.\?.\?.\?\E0|\E1.\?.\?.\?.\?.\?.\?.\?.\?\E1|\
    \E2.\?.\?.\?.\?.\?.\?.\?.\?\E2|\E3.\?.\?.\?.\?.\?.\?.\?.\?\E3|\E4.\?.\?.\?.\?.\?.\
    \?.\?.\?\E4|\E5.\?.\?.\?.\?.\?.\?.\?.\?\E5|\E6.\?.\?.\?.\?.\?.\?.\?.\?\E6|\E7.\?.\
    \?.\?.\?.\?.\?.\?.\?\E7|\E8.\?.\?.\?.\?.\?.\?.\?.\?\E8|\E9.\?.\?.\?.\?.\?.\?.\?.\?\
    \E9|\EA.\?.\?.\?.\?.\?.\?.\?.\?\EA|\EB.\?.\?.\?.\?.\?.\?.\?.\?\EB|\EC.\?.\?.\?.\?.\
    \?.\?.\?.\?\EC|\ED.\?.\?.\?.\?.\?.\?.\?.\?\ED|\EE.\?.\?.\?.\?.\?.\?.\?.\?\EE|\EF.\
    \?.\?.\?.\?.\?.\?.\?.\?\EF|\F0.\?.\?.\?.\?.\?.\?.\?.\?\F0|\F1.\?.\?.\?.\?.\?.\?.\?\
    .\?\F1|\F2.\?.\?.\?.\?.\?.\?.\?.\?\F2|\F3.\?.\?.\?.\?.\?.\?.\?.\?\F3|\F4.\?.\?.\?.\
    \?.\?.\?.\?.\?\F4|\F5.\?.\?.\?.\?.\?.\?.\?.\?\F5|\F6.\?.\?.\?.\?.\?.\?.\?.\?\F6|\
    \F7.\?.\?.\?.\?.\?.\?.\?.\?\F7|\F8.\?.\?.\?.\?.\?.\?.\?.\?\F8|\F9.\?.\?.\?.\?.\?.\
    \?.\?.\?\F9|\FA.\?.\?.\?.\?.\?.\?.\?.\?\FA|\FB.\?.\?.\?.\?.\?.\?.\?.\?\FB|\FC.\?.\
    \?.\?.\?.\?.\?.\?.\?\FC|\FD.\?.\?.\?.\?.\?.\?.\?.\?\FD|\FE.\?.\?.\?.\?.\?.\?.\?.\?\
    \FE|\FF.\?.\?.\?.\?.\?.\?.\?.\?\FF)"
    add comment="" name=skypetoskype regexp="^..\02............."
    add comment="" name=counterstrike-source regexp=\
    "^\FF\FF\FF\FF.*cstrikeCounter-Strike"
    add comment="" name=halflife2-deathmatch regexp="^\FF\FF\FF\FF.*hl2mpDeathmatch"
    add comment="" name=freenet regexp="^\01[\08\t][\03\04]"
    add comment="" name=battlefield2 regexp="^(\11 \01...\?\11|\FE\FD.\?.\?.\?.\?.\?.\?(\
    \14\01\06|\FF\FF\FF))|[]\01].\?battlefield2"
    add comment="" name=napster regexp="^(.[\02\06][!-~]+ [!-~]+ [0-9][0-9]\?[0-9]\?[0-9]\
    \?[0-9]\? \"[\t-\r -~]+\" ([0-9]|10)|1(send|get)[!-~]+ \"[\t-\r -~]+\")"
    add comment="" name=soulseek regexp=\
    "^(\05..\?|.\01.[ -~]+\01F..\?.\?.\?.\?.\?.\?.\?)\$"
    add comment="" name=xunlei regexp="^[()]...\?.\?.\?(reg|get|query)"
    add comment="" name=ssl regexp="^(.\?.\?\16\03.*\16\03|.\?.\?\01\03\01\?.*\0B)"
    add comment="" name=citrix regexp="2&\85\92X"
    add comment="" name=whois regexp="^[ !-~]+\r\
    \n\$"

  4. add comment="" name=dayofdefeat-source regexp="^\FF\FF\FF\FF.*dodDay of Defeat"
    add comment="" name=teamspeak regexp="^\F4\BE\03.*teamspeak"
    add comment="" name=worldofwarcraft regexp="^\06\EC\01"
    add comment="" name=ventrilo regexp="^..\?v\\\$\CF"
    add comment="" name=http-rtsp regexp="^(get[\t-\r -~]* Accept: application/x-rtsp-tunn\
    elled|http/(0\\.9|1\\.0|1\\.1) [1-5][0-9][0-9] [\t-\r -~]*a=control:rtsp://)"
    add comment="" name=thecircle regexp=\
    "^t\03ni.\?[\01-\06]\?t[\01-\05]s[\
    \n\0B](glob|who are you\$|query data)"
    add comment="" name=uucp regexp="^\10here="
    add comment="" name=pcanywhere regexp="^(nq|st)\$"
    add comment="" name=subversion regexp="^\\( success \\( 1 2 \\("
    add comment="" name=imesh regexp="^(post[\t-\r -~]*<PasswordHash>.....................\
    ...........</PasswordHash><ClientVer>|4\80\?\r\?\FC\FF\04|get[\t-\r -~]*Host: imsh\
    \\.download-prod\\.musicnet\\.com|\02(\01|\02)\83.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?\
    .\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?\02(\01|\02)\83)"
    add comment="" name=cimd regexp="\02[0-4][0-9]:[0-9]+.*\03\$"
    add comment="" name=mohaa regexp="^\FF\FF\FF\FFgetstatus\
    \n"
    add comment="" name=stun regexp="^[\01\02]................\?\$"
    add comment="" name=tor regexp=TOR1.*<identity>
    add comment="" name=radmin regexp="^\01\01(\08\08|\1B\1B)\$"
    add comment="" name=unset regexp=.
    add comment="" name=chikka regexp="^CTPv1.[123] Kamusta.*\r\
    \n\$"
    add comment="" name=replaytv-ivs regexp="^(get /ivs-IVSGetFileChunk|http/(0\\.9|1\\.0|\
    1\\.1) [1-5][0-9][0-9] [\t-\r -~]*#####REPLAY_CHUNK_START#####)"
    add comment="" name=armagetron regexp=YCLC_E|CYEL



  5. # RouterOS 3.23
    # Marcacao de Pacotes.
    # Lembre-se de mudar a interface CLIENTES para o nome da interface onde seus clientes
    # do hotspot estao conectados.
    /ip firewall mangle
    add action=mark-connection chain=output comment="PROXY FULL - Prioridade 2" disabled=\
    no dscp=4 new-connection-mark=proxyfull passthrough=yes protocol=tcp src-port=\
    3128
    add action=mark-packet chain=output comment="" connection-mark=proxyfull disabled=no \
    new-packet-mark=proxyfull passthrough=yes
    add action=return chain=output comment="" connection-mark=proxyfull disabled=no
    add action=mark-connection chain=prerouting comment=QoS disabled=no \
    new-connection-mark=servicosdarede-conn passthrough=yes protocol=icmp
    add action=mark-connection chain=prerouting comment="" disabled=no layer7-protocol=\
    dhcp new-connection-mark=servicosdarede-conn passthrough=yes
    add action=mark-connection chain=prerouting comment="" disabled=no layer7-protocol=\
    dns new-connection-mark=servicosdarede-conn passthrough=yes
    add action=mark-connection chain=prerouting comment="" disabled=no layer7-protocol=\
    ntp new-connection-mark=servicosdarede-conn passthrough=yes
    add action=mark-packet chain=prerouting comment="" connection-mark=\
    servicosdarede-conn disabled=no new-packet-mark=servicosdarede passthrough=no
    add action=mark-connection chain=output comment="" disabled=no new-connection-mark=\
    hotspot-out out-interface=CLIENTES passthrough=yes protocol=udp src-port=64872
    add action=mark-connection chain=output comment="" disabled=no new-connection-mark=\
    hotspot-out out-interface=CLIENTES passthrough=yes protocol=tcp src-port=64872
    add action=mark-connection chain=output comment="" disabled=no new-connection-mark=\
    hotspot-out out-interface=CLIENTES passthrough=yes protocol=tcp src-port=64873
    add action=mark-connection chain=output comment="" disabled=no new-connection-mark=\
    hotspot-out out-interface=CLIENTES passthrough=yes protocol=tcp src-port=64874
    add action=mark-connection chain=output comment="" disabled=no new-connection-mark=\
    hotspot-out out-interface=CLIENTES passthrough=yes protocol=tcp src-port=64875
    add action=mark-packet chain=output comment="" connection-mark=hotspot-out disabled=\
    no new-packet-mark=hotspot passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no dst-port=443 \
    new-packet-mark=ssl passthrough=no protocol=tcp
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=ssl \
    new-packet-mark=ssl passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=100bao \
    new-packet-mark=p2p passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=ares \
    new-packet-mark=p2p passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    fasttrack new-packet-mark=p2p passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    directconnect new-packet-mark=p2p passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    gnutella new-packet-mark=p2p passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    goboogy new-packet-mark=p2p passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    bittorrent new-packet-mark=p2p passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    gnucleuslan new-packet-mark=p2p passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    edonkey new-packet-mark=p2p passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=imesh \
    new-packet-mark=p2p passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=mute \
    new-packet-mark=p2p passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=kugoo \
    new-packet-mark=p2p passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    soulseek new-packet-mark=p2p passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    applejuice new-packet-mark=p2p passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    napster new-packet-mark=p2p passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no new-packet-mark=p2p \
    p2p=all-p2p passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no dst-port=8291 \
    new-packet-mark=acessoremoto passthrough=no protocol=tcp
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=ftp \
    new-packet-mark=acessoremoto passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=ident \
    new-packet-mark=acessoremoto passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=rdp \
    new-packet-mark=acessoremoto passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=radmin \
    new-packet-mark=acessoremoto passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=ssh \
    new-packet-mark=acessoremoto passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no dst-port=1863 \
    new-packet-mark=batepapo passthrough=no protocol=tcp
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=aim \
    new-packet-mark=batepapo passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    aimwebcontent new-packet-mark=batepapo passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=irc \
    new-packet-mark=batepapo passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    msn-filetransfer new-packet-mark=batepapo passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    msnmessenger new-packet-mark=batepapo passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    skypeout new-packet-mark=batepapo passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    teamspeak new-packet-mark=batepapo passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    skypetoskype new-packet-mark=batepapo passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no dst-port=110 \
    new-packet-mark=pop3 passthrough=no protocol=tcp
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=pop3 \
    new-packet-mark=pop3 passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no dst-port=25 \
    new-packet-mark=smtp passthrough=no protocol=tcp
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=smtp \
    new-packet-mark=smtp passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no dst-port=143 \
    new-packet-mark=imap passthrough=no protocol=tcp
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=imap \
    new-packet-mark=imap passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=nntp \
    new-packet-mark=imap passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no new-packet-mark=\
    Youtube passthrough=no protocol=tcp src-address-list=Youtube
    add action=mark-connection chain=prerouting comment="" connection-bytes=1-512000 \
    disabled=no dst-port=80 new-connection-mark=http-navegacao-conn passthrough=yes \
    protocol=tcp
    add action=mark-packet chain=prerouting comment="" connection-mark=\
    http-navegacao-conn disabled=no new-packet-mark=http-navegacao passthrough=no
    add action=mark-packet chain=prerouting comment="" connection-bytes=512000-1000000 \
    disabled=no dst-port=80 new-packet-mark=http-1Mbyte passthrough=no protocol=tcp
    add action=mark-packet chain=prerouting comment="" connection-bytes=1000000-3000000 \
    disabled=no dst-port=80 new-packet-mark=http-3Mbyte passthrough=no protocol=tcp
    add action=mark-packet chain=prerouting comment="" connection-bytes=3000000-6000000 \
    disabled=no dst-port=80 new-packet-mark=http-6Mbyte passthrough=no protocol=tcp
    add action=mark-packet chain=prerouting comment="" connection-bytes=6000000-30000000 \
    disabled=no dst-port=80 new-packet-mark=http-30Mbyte passthrough=no protocol=tcp
    add action=mark-packet chain=prerouting comment="" connection-bytes=30000000-60000000 \
    disabled=no dst-port=80 new-packet-mark=http-60Mbytes passthrough=no protocol=tcp
    add action=mark-packet chain=prerouting comment="" connection-bytes=60000000-0 \
    disabled=no dst-port=80 new-packet-mark=http-Infinite passthrough=no protocol=tcp
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=http \
    new-packet-mark=http-Infinite passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=\
    http-rtsp new-packet-mark=http-3Mbyte passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=h323 \
    new-packet-mark=voip passthrough=no
    add action=mark-packet chain=prerouting comment="" disabled=no layer7-protocol=rtsp \
    new-packet-mark=voip passthrough=no






Tópicos Similares

  1. Alguem já implantou esta solução de QOS no Mikrotik
    Por Maurobranquinho no fórum Redes
    Respostas: 1
    Último Post: 18-08-2015, 14:47
  2. QoS e HTB no Mikrotik
    Por Marco0 no fórum Redes
    Respostas: 9
    Último Post: 18-07-2014, 14:11
  3. QOS e priorização de tráfego no Mikrotik
    Por cleciorodrigo no fórum Redes
    Respostas: 25
    Último Post: 26-03-2008, 22:22
  4. Respostas: 1
    Último Post: 23-10-2005, 21:57
  5. 2 link no Mikrotik
    Por fleubert no fórum Redes
    Respostas: 8
    Último Post: 13-10-2005, 19:14

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L