jueves, 7 de abril de 2016

Mikrotik Address list Limitar ancho de banda por archivos

Mikrotik dispone de la facilidad de crear listas de direcciones para manejar pool de direcciones IP.

Vamos a mejorar el script creado en esta entrada: http://jaskolowski.com.ar/2012/09/mikrotik-limitar-ancho-de-banda-por.html
generamos una nueva lista para evitar que los servidores de email caigan en la clase de bajo ancho de banda.
Para ello creamos la lista download y la lista Emails

# apr/06/2016 12:58:21 by RouterOS 5.20
# software id = W5EY-LHT9
#
/ip firewall filter
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.mpeg disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.mpg disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.dat disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.exe disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.msi disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.gz disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.bin disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.mp3 disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.zip disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.swf disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.deb disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24 \
    src-address-list=download
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.iso disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.avi disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.rm disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.bz2 disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.z disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.dropbox disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.psf disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=.vpx disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-dst-to-address-list address-list=download \
    address-list-timeout=15m chain=forward content=sphoto disabled=no \
    dst-address-list=!Emails protocol=tcp src-address=10.10.10.0/24
add action=add-src-to-address-list address-list=Emails address-list-timeout=\
    0s chain=forward comment="Email :: mail.google.com" disabled=no \
    src-address=172.217.28.37
add action=add-src-to-address-list address-list=Emails address-list-timeout=\
    0s chain=forward comment="Email :: hotmail.com" disabled=no src-address=\
    156.56.172.28
add action=add-src-to-address-list address-list=Emails address-list-timeout=\
    0s chain=forward comment="Email :: hotmail.com" disabled=no src-address=\
    65.55.77.28
add action=add-src-to-address-list address-list=Emails address-list-timeout=\
    0s chain=forward comment="Email :: hotmail.com" disabled=no src-address=\
    65.55.85.12
add action=add-src-to-address-list address-list=Emails address-list-timeout=\
    0s chain=forward comment="Email :: hotmail.com" disabled=no src-address=\
    157.55.152.112
add action=add-src-to-address-list address-list=Emails address-list-timeout=\
    0s chain=forward comment="Email :: live.com" disabled=no src-address=\
    65.55.206.154
add action=add-src-to-address-list address-list=Emails address-list-timeout=\
    0s chain=forward comment="Email :: mail.google.com" disabled=no \
    src-address=172.217.28.5
add action=add-src-to-address-list address-list=Emails address-list-timeout=\
    0s chain=forward comment="Email :: crub.uncoma.edu.ar" disabled=no \
    src-address=170.210.81.23
add action=add-src-to-address-list address-list=Emails address-list-timeout=\
    0s chain=forward comment="Email :: uncoma.edu.ar" disabled=no \
    src-address=170.210.81.106

 Creamos una entrada en nuestro queue tree

# apr/07/2016 11:01:42 by RouterOS 5.20
# software id = W5EY-LHT9
#
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
    max-limit=0 name=download-files packet-mark=download-packet parent=\
    3QoS_down_Web priority=8 queue=default



Publicado por en No hay comentarios:
Etiquetas: , , , , , , ,
Suscribirse a: Entradas (Atom)