+ Responder ao Tópico



  1. #1

    Padrão Uma ajuda nas Regras para MKT 3.30 para cache full...

    Pessoal sou novo no assunto, mas se alguem mais experiente puder ajudar, e dar uma olhada nas regras que estou testando.Ainda não consegui ver esse cache-full funcionando pra valer...
    O problema é que o cache não funciona...Testei baixando um programa do baixaki e vejo que ele não foi para o cache...
    Alguém pode me informar aonde estou errando?

    Uso a versão 3.30 com autenticação Hotspot

    Desde já agradeço a ajuda de todos....

    Segue as regras :

    /ip firewall mangle

    add action=mark-connection chain=prerouting comment=SSH_IN disabled=no dst-port=22 new-connection-mark=conn_ssh_in passthrough=yes protocol=tcp

    add action=mark-packet chain=prerouting comment="" connection-mark=conn_ssh_in disabled=no new-packet-mark=ssh_in passthrough=no

    add action=mark-connection chain=postrouting comment=SSH_OUT disabled=no new-connection-mark=conn_ssh_out passthrough=yes protocol=tcp src-port=22

    add action=mark-packet chain=postrouting comment="" connection-mark=conn_ssh_out disabled=no new-packet-mark=ssh_out passthrough=no

    add action=mark-connection chain=prerouting comment=FTP_IN disabled=no dst-port=21 new-connection-mark=conn_ftp_in passthrough=yes protocol=tcp

    add action=mark-packet chain=prerouting comment="" connection-mark=conn_ftp_in disabled=no new-packet-mark=ftp_in passthrough=no

    add action=mark-connection chain=postrouting comment=FTP_IN disabled=no new-connection-mark=conn_ftp_out passthrough=yes protocol=tcp src-port=21

    add action=mark-packet chain=postrouting comment="" connection-mark=conn_ftp_out disabled=no new-packet-mark=ftp_out passthrough=no

    add action=mark-connection chain=prerouting comment=DNS_IN disabled=no dst-port=53 new-connection-mark=conn_dns_in passthrough=yes protocol=udp

    add action=mark-packet chain=prerouting comment="" connection-mark=conn_dns_in disabled=no new-packet-mark=dns_in passthrough=no

    add action=mark-connection chain=postrouting comment=DNS_OUT disabled=no new-connection-mark=conn_dns_out passthrough=yes protocol=udp src-port=53

    add action=mark-packet chain=postrouting comment="" connection-mark=conn_dns_out disabled=no new-packet-mark=dns_out passthrough=no

    add action=mark-packet chain=prerouting comment="EMAIL IN (POP)" disabled=no dst-port=110 new-packet-mark=email_in passthrough=yes protocol=tcp

    add action=mark-packet chain=prerouting comment="EMAIL SSL IN (POP)" disabled=no dst-port=995 new-packet-mark=email_in passthrough=yes protocol=tcp

    add action=mark-packet chain=prerouting comment="IMAP IN" disabled=no dst-port=143 new-packet-mark=email_in passthrough=yes protocol=tcp

    add action=mark-packet chain=prerouting comment="IMAP SSL IN" disabled=no dst-port=993 new-packet-mark=email_in passthrough=yes protocol=tcp

    add action=mark-packet chain=postrouting comment="EMAIL OUT (SMTP)" disabled=no new-packet-mark=email_out passthrough=yes protocol=tcp src-port=25

    add action=mark-packet chain=postrouting comment="" disabled=no new-packet-mark=email_out passthrough=yes protocol=udp src-port=25

    add action=mark-connection chain=prerouting comment="ORKUT IN" content=orkut disabled=no new-connection-mark=conn_orkut_in passthrough=yes

    add action=mark-packet chain=prerouting comment="" connection-mark=conn_orkut_in disabled=no new-packet-mark=orkut_in passthrough=no

    add action=mark-connection chain=postrouting comment="ORKUT OUT" content=orkut disabled=no new-connection-mark=conn_orkut_out passthrough=yes

    add action=mark-packet chain=postrouting comment="" connection-mark=conn_orkut_out disabled=no new-packet-mark=orkut_out passthrough=no

    add action=mark-connection chain=prerouting comment="YOUTUBE IN" content=youtube disabled=no new-connection-mark=conn_youtube_in passthrough=yes

    add action=mark-packet chain=prerouting comment="" connection-mark=conn_youtube_in disabled=no new-packet-mark=youtube_in passthrough=no

    add action=mark-connection chain=postrouting comment="YOUTUBE OUT" content=youtube disabled=no new-connection-mark=conn_youtube_out passthrough=yes

    add action=mark-packet chain=postrouting comment="" connection-mark=conn_youtube_out disabled=no new-packet-mark=youtube_out passthrough=no

    add action=mark-connection chain=prerouting comment="HOTMAIL IN" content=hotmail disabled=no new-connection-mark=conn_hotmail_in passthrough=yes

    add action=mark-packet chain=prerouting comment="" connection-mark=conn_hotmail_in disabled=no new-packet-mark=hotmail_in passthrough=no

    add action=mark-connection chain=postrouting comment="HOTMAIL OUT" content=hotmail disabled=no new-connection-mark=conn_hotmail_out passthrough=yes

    add action=mark-packet chain=postrouting comment="" connection-mark=conn_hotmail_out disabled=no new-packet-mark=hotmail_out passthrough=no

    add action=mark-connection chain=prerouting comment="RANGE IP DO BRASIL" disabled=no dst-address-list=brasil dst-port=80 new-connection-mark=conn_brasil_in passthrough=\
    yes protocol=tcp

    add action=mark-packet chain=prerouting comment="" connection-mark=conn_brasil_in disabled=no new-packet-mark=ip_brasil_in passthrough=no

    add action=mark-connection chain=prerouting comment="HTTP IN" disabled=no dst-port=80 new-connection-mark=conn_all_http_in passthrough=yes protocol=tcp

    add action=mark-packet chain=prerouting comment="" connection-mark=conn_all_http_in disabled=no new-packet-mark=all_http_in passthrough=no

    add action=mark-connection chain=prerouting comment="HTTP OUT" disabled=no new-connection-mark=conn_all_http_out passthrough=yes protocol=tcp src-port=80

    add action=mark-packet chain=postrouting comment="" connection-mark=conn_all_http_out disabled=no new-packet-mark=all_http_out passthrough=no

    add action=mark-connection chain=prerouting comment=HTTPS_IN disabled=no dst-port=443 new-connection-mark=conn_https_in passthrough=yes protocol=tcp

    add action=mark-packet chain=prerouting comment="" connection-mark=conn_https_in disabled=no new-packet-mark=https_in passthrough=no

    add action=mark-connection chain=postrouting comment=HTTPS_OUT disabled=no new-connection-mark=conn_https_out passthrough=yes protocol=tcp src-port=443

    add action=mark-packet chain=postrouting comment="" connection-mark=conn_https_out disabled=no new-packet-mark=https_out passthrough=no

    add action=mark-connection chain=prerouting comment=MSN_IN disabled=no dst-port=1863 new-connection-mark=conn_msn_in passthrough=yes protocol=tcp

    add action=mark-packet chain=prerouting comment="" connection-mark=conn_msn_in disabled=no new-packet-mark=msn_in passthrough=yes

    add action=mark-connection chain=postrouting comment=MSN_OUT disabled=no layer7-protocol="(unknown)" new-connection-mark=conn_msn_out passthrough=yes protocol=tcp \
    src-port=1863

    add action=mark-packet chain=postrouting comment="" connection-mark=conn_msn_out disabled=no layer7-protocol="(unknown)" new-packet-mark=msn_out passthrough=no

    add action=mark-connection chain=prerouting comment="STREAM_IN (tcp)" disabled=no dst-port=537,554,1736,1755,1790,2979 new-connection-mark=conn_stream_in passthrough=yes \
    protocol=tcp

    add action=mark-connection chain=prerouting comment="STREAM_IN (udp)" disabled=no dst-port=537,554,1736,1755,1790,2979 new-connection-mark=conn_stream_in passthrough=yes \
    protocol=udp

    add action=mark-packet chain=prerouting comment="" connection-mark=conn_stream_in disabled=no new-packet-mark=stream_in passthrough=no

    add action=mark-connection chain=postrouting comment="STREAM_OUT (tcp)" disabled=no new-connection-mark=conn_stream_out passthrough=yes protocol=tcp src-port=\
    537,554,1736,1755,1790,2979

    add action=mark-connection chain=postrouting comment="STREAM_OUT (udp)" disabled=no new-connection-mark=conn_stream_out passthrough=yes protocol=udp src-port=\
    537,554,1736,1755,1790,2979

    add action=mark-packet chain=postrouting comment="" connection-mark=conn_stream_out disabled=no new-packet-mark=stream_out passthrough=no

    add action=mark-connection chain=prerouting comment=WINBOX_IN disabled=no dst-port=8291 new-connection-mark=conn_winbox_in passthrough=yes protocol=tcp

    add action=mark-packet chain=prerouting comment="" connection-mark=conn_winbox_in disabled=no new-packet-mark=winbox_in passthrough=no

    add action=mark-connection chain=postrouting comment=WINBOX_OUT disabled=no new-connection-mark=conn_winbox_out passthrough=yes protocol=tcp src-port=8291

    add action=mark-packet chain=postrouting comment="" connection-mark=conn_winbox_out disabled=no new-packet-mark=winbox_out passthrough=no

    add action=mark-connection chain=prerouting comment=VOIP_IN disabled=no dst-port=5060-5061 new-connection-mark=conn_voip_in passthrough=yes protocol=udp

    add action=mark-packet chain=prerouting comment="" connection-mark=conn_voip_in disabled=no new-packet-mark=voip_in passthrough=no

    add action=mark-connection chain=postrouting comment=VOIP_OUT disabled=no new-connection-mark=conn_voip_out passthrough=yes protocol=udp src-port=5060-5061

    add action=mark-packet chain=postrouting comment="" connection-mark=conn_voip_out disabled=no new-packet-mark=voip_out passthrough=yes

    add action=mark-connection chain=prerouting comment=P2P_IN disabled=no new-connection-mark=conn_p2p_in p2p=all-p2p passthrough=yes protocol=tcp

    add action=mark-packet chain=prerouting comment="" connection-mark=conn_p2p_in disabled=no new-packet-mark=p2p_in passthrough=no

    add action=mark-connection chain=postrouting comment=P2P_OUT disabled=no new-connection-mark=conn_p2p_out p2p=all-p2p passthrough=yes protocol=tcp

    add action=mark-packet chain=postrouting comment="" connection-mark=conn_p2p_out disabled=no new-packet-mark=p2p_out passthrough=yes

    Vou mandar o do tree no outro post aqui não deu...

  2. #2

    Padrão

    /queue tree
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=downloads packet-mark="" parent=global-in priority=8 queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=1024000 max-limit=1024000 name=primario_in packet-mark="" parent=downloads priority=1 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=50000 name=p2p_in packet-mark=p2p_in parent=global-in priority=8 queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=500000 name=https_in packet-mark=https_in parent=primario_in priority=3 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=uploads packet-mark="" parent=global-out priority=8 queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=1024000 max-limit=1024000 name=primario_out packet-mark="" parent=uploads priority=1 queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=200000 name=https_out packet-mark=https_out parent=primario_out priority=3 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=secundario_in packet-mark="" parent=downloads priority=8 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=secundario_out packet-mark="" parent=uploads priority=8 queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=msn_in packet-mark=msn_in parent=primario_in priority=6 queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=msn_out packet-mark=msn_out parent=primario_out priority=6 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=dns_in packet-mark=dns_in parent=primario_in priority=1 queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=300000 name=dns_out packet-mark=dns_out parent=primario_out priority=1 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=300000 max-limit=1024000 name=stream_in packet-mark=stream_in parent=primario_in priority=1 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 max-limit=200000 name="todo_resto_in - tcp" packet-mark=todo_resto_in parent=secundario_in \
    priority=8 queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 max-limit=200000 name="todo_resto_out - tcp" packet-mark=todo_resto_out parent=secundario_out \
    priority=8 queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=winbox_in packet-mark=winbox_in parent=primario_in priority=8 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=256000 name=winbox_out packet-mark=winbox_out parent=primario_out priority=8 \
    queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=1024000 name=voip_in packet-mark=voip_in parent=primario_in priority=1 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=1024000 name=voip_out packet-mark=voip_out parent=primario_out priority=1 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ssh_in packet-mark=ssh_in parent=secundario_in priority=1 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ssh_out packet-mark=ssh_out parent=secundario_out priority=1 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ftp_in packet-mark=ftp_in parent=secundario_in priority=3 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=250000 name=ftp_out packet-mark=ftp_out parent=secundario_out priority=5 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=500000 name=email_in packet-mark=email_in parent=primario_in priority=3 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100000 max-limit=500000 name=email_out packet-mark=email_out parent=primario_out priority=3 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=500000 name="ips brasil" packet-mark=ip_brasil_in parent=primario_in priority=3 \
    queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=25000 name=p2p_out packet-mark=p2p_out parent=global-out priority=8 queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=500000 name=http_in packet-mark="" parent=downloads priority=4 queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=300000 name=orkut_in packet-mark=orkut_in parent=http_in priority=1 queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=250000 max-limit=500000 name=http_out packet-mark="" parent=uploads priority=4 queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=150000 max-limit=250000 name=orkut_out packet-mark=orkut_out parent=http_out priority=1 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=600000 name=all_http_in packet-mark=all_http_in parent=primario_in priority=4 \
    queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=600000 name=all_http_out packet-mark=all_http_out parent=primario_out priority=4 \
    queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=300000 max-limit=1024000 name=stream_out packet-mark=stream_out parent=primario_out priority=1 \
    queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=300000 name=hotmail_in packet-mark=hotmail_in parent=http_in priority=1 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=300000 name=hotmail_out packet-mark=hotmail_out parent=http_out priority=1 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=1024000 name=youtube packet-mark=youtube_in parent=http_in priority=1 queue=\
    default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=200000 max-limit=1024000 name=youtube_out packet-mark=youtube_out parent=http_out priority=1 \
    queue=default


    pronto ta ai o restante



  3. #3

    Padrão

    AMIGO.. TU TEM MAIS REGRA MANGLE DO Q REALMENTE PRESCISA! DE UMA LIDA EM MEU TOPICO... https://under-linux.org/f211/tutoria...3-30-a-133830/

  4. #4

    Padrão

    Testei suas regras aqui, exatamente conforme no tuto e não funcionou, eu realizo um download de um arquivo e vou lá no status do web-proxy e vejo que nenhum byte foi acrescentado ao cache, isto é, não está realizando o cache-full.
    Teria mas algo a fazer?
    Agradeço ao help !



  5. #5

    Padrão

    teria...... me passa teu ip, senha, e usuario para o winbox via mensagem pessoal q eu vejo pra vc o q se passa!

  6. #6

    Padrão

    ThunderMCM,

    Não vai funcionar porque você não tá marcando os pacotes que dão "Hints" no proxy. Você tem uma boa marcação por serviços porém em momento algum você marcou os pacotes que serão baixados do proxy. Verifica o DSCP que você escolheu no proxy adiciona ele nas regras, ok?

    Abs.



  7. #7

    Padrão Re: Uma ajuda nas Regras para MKT 3.30 para cache full...

    Desculpe a ignorancia, mas poderia me dizer aonde faço isso, ou melhor colocar um exemplo para que eu aprenda?

  8. #8

    Padrão Re: Uma ajuda nas Regras para MKT 3.30 para cache full...

    Citação Postado originalmente por guilhermeramires Ver Post
    ThunderMCM,

    Não vai funcionar porque você não tá marcando os pacotes que dão "Hints" no proxy. Você tem uma boa marcação por serviços porém em momento algum você marcou os pacotes que serão baixados do proxy. Verifica o DSCP que você escolheu no proxy adiciona ele nas regras, ok?

    Abs.
    Desculpe a ignorancia, mas poderia me dizer aonde faço isso, ou melhor colocar um exemplo para que eu aprenda?



  9. #9

    Padrão Re: Uma ajuda nas Regras para MKT 3.30 para cache full...

    IP -> Webproxy -> Webproxy settings. Lá em baixo tem "Cache hit DSCP(TOS)". Verifica o número que tem lá, ok?

    Abs.

  10. #10

    Padrão Re: Uma ajuda nas Regras para MKT 3.30 para cache full...

    Citação Postado originalmente por ThunderMCM Ver Post
    Testei suas regras aqui, exatamente conforme no tuto e não funcionou, eu realizo um download de um arquivo e vou lá no status do web-proxy e vejo que nenhum byte foi acrescentado ao cache, isto é, não está realizando o cache-full.
    Teria mas algo a fazer?
    Agradeço ao help !
    Ola amigo primeiro pelo que observei suas regras vc saiu copiando e colando regras ao leu sem saber para que servia primeiro recomendo que leia o wiki no site original do mikrotik; eu passei por isto para conseguir montar meu cache-full no mk 3.30 inclusive deixei um post com duvidas eu segui as regras do wiki para a versão em questão e deu certo em partes; o cache funcionava beleza os arquivos ficavam no cache mas se os clientes tentasse baixar ele novamente o arquivo era entrege pelo proxy mas na velocidade contratada pelo cliente ou seja se o cliente tivesse uma velocidade de 128k era nesta velocidade que ele iria baixar resolvir o problema da seguinte forma desabilitei a regra automatica que é criada pelo hotspot para controle de velocidade no simple Queues; criando a regra manualmente para cada cliente com as respectivas velocidades e na baba advançe em packet marks; marquei a regra que dão hits ao proxy deixando os arquivos que estão no cache com uma velocidade superior determinada em queue tree e sem alterar a velocidade de navegação dos clientes; caso não tenha resolvido seu problema poste aqui que vou tentar tte ajudar ok.



  11. #11

    Padrão Re: Uma ajuda nas Regras para MKT 3.30 para cache full...

    amigo, acredito q a forma mais fácil é: não comece entupindo seu proxy de regras, faça o simples, as duas marcações de pacotes em ip>firewall>mangles, e faça as regras de queue tree, simples, depois vc vai add aos poucos as marcações dos pacotes de serviços se nescessário para vc.

  12. #12

    Padrão Re: Uma ajuda nas Regras para MKT 3.30 para cache full...

    Como vc disse que não está alterando os valores no cache..
    Vc fez um nat da porta 80 pra porta do proxy?? Essa seria a primeira coisa a ser feita..
    Última edição por xtremejack; 08-06-2010 às 15:24.



  13. #13

    Padrão Re: Uma ajuda nas Regras para MKT 3.30 para cache full...

    Amigos, sou novo no forum! e na area de mikrotik, andei lendo uns artigos daqui, otimos. Tô com uns problemas, comprei um backup pronto, com cache-full, wep-proxy e outras regras de melhoramento, mas quando restore o backup e ajusto as regras para meu mk-pc, ele faz o cache legal, só q não navega no ORKUT, HOTMAIL, MSN e YOUTUBE. Fica como bloqueado, mais nao tem regras de bloqueio.
    Se alguem achar o erro posta ai...
    Segue o backup, se alguem puder ajudar, agradeço... tt+++
    MEGAUPLOAD - The leading online storage and file delivery service