Blog Crenein

Información de verdad!

QoS v2.6

por · Publicado · Actualizado

Address List

/system script
add dont-require-permissions=no name=DescargaListas owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="/ip firewall \
    address-list remove [find list=akamai] \r\
    \n/ip firewall address-list remove [find list=google]\r\
    \n/ip firewall address-list remove [find list=facebook]\r\
    \n/ip firewall address-list remove [find list=amazon] \r\
    \n/tool fetch mode=http port=80 url=\"http://resources.crenein.com/Address_list_CDN.rsc\"\r\
    \n:delay 5;\r\
    \n/tool fetch mode=http port=80 url=\"http://resources.crenein.com/Address_list_RedesQueNoEntranAReglas.rsc\"\r\
    \n:delay 5;\r\
    \n/import file=Address_list_CDN.rsc\r\
    \n/import file=Address_list_RedesQueNoEntranAReglas.rsc"
/system script run DescargaListas

Mangle

/ip firewall mangle
add action=accept chain=prerouting comment=RedesQueNoEntranAReglas \
    dst-address-list=FNM_RedesQueNoEntranAReglas src-address-list=\
    FNM_RedesQueNoEntranAReglas
add action=mark-connection chain=prerouting comment=ClientesPrioritarios \
    new-connection-mark=ClientesPrioritarios passthrough=yes \
    src-address-list=ClientesPrioritarios
add action=mark-packet chain=prerouting connection-mark=ClientesPrioritarios \
    new-packet-mark=ClientesPrioritarios passthrough=no
add action=mark-connection chain=prerouting comment=youtube content=\
    googlevideo.com dst-port=443 new-connection-mark=youtube passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting content=googlevideo.com dst-port=\
    443 new-connection-mark=youtube passthrough=yes protocol=udp
add action=mark-packet chain=prerouting connection-mark=youtube \
    new-packet-mark=youtube passthrough=no
add action=mark-connection chain=prerouting comment=WhatsApp \
    new-connection-mark=whatsapp passthrough=yes port=3478 protocol=tcp
add action=mark-connection chain=prerouting new-connection-mark=whatsapp \
    passthrough=yes port=3478 protocol=udp
add action=mark-connection chain=prerouting content=whatsapp.net dst-port=443 \
    new-connection-mark=whatsapp passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=whatsapp \
    new-packet-mark=whatsapp passthrough=no
add action=mark-connection chain=prerouting comment=facebook \
    dst-address-list=facebook new-connection-mark=facebook passthrough=yes
add action=mark-connection chain=prerouting content=fbcdn.net dst-port=443 \
    new-connection-mark=facebook passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=whatsapp.net dst-port=443 \
    new-connection-mark=facebook passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=facebook \
    new-packet-mark=facebook passthrough=no
add action=mark-connection chain=prerouting comment=netflix content=\
    netflix.com dst-port=443 new-connection-mark=netflix passthrough=yes \
    protocol=tcp
add action=add-dst-to-address-list address-list=nflxvideo.net \
    address-list-timeout=1d chain=prerouting content=nflxvideo.net protocol=\
    tcp
add action=add-dst-to-address-list address-list=NFANDROID \
    address-list-timeout=1d chain=prerouting content=NFANDROID dst-port=80 \
    protocol=tcp
add action=mark-packet chain=prerouting new-packet-mark=netflix passthrough=\
    no src-address-list=NFANDROID
add action=mark-packet chain=prerouting new-packet-mark=netflix passthrough=\
    no src-address-list=nflxvideo.net
add action=mark-packet chain=prerouting connection-mark=netflix \
    new-packet-mark=netflix passthrough=no
add action=mark-connection chain=prerouting comment=TikTok content=\
    tiktokcdn.com dst-port=443 new-connection-mark=tiktok passthrough=yes \
    protocol=tcp
add action=mark-packet chain=prerouting connection-mark=tiktok \
    new-packet-mark=tiktok passthrough=no
add action=mark-connection chain=prerouting comment=footprint.net content=\
    footprint.net dst-port=443 new-connection-mark=footprint.net passthrough=\
    yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=footprint.net \
    new-packet-mark=footprint.net passthrough=no
add action=mark-connection chain=prerouting comment="cablevision flow" \
    content=cvattv.com.ar dst-port=443 new-connection-mark=cablevisionflow \
    passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=cvattv.com.ar dst-port=80 \
    new-connection-mark=cablevisionflow passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting dscp=34 new-packet-mark=\
    cablevisionflow passthrough=no
add action=mark-packet chain=prerouting connection-mark=cablevisionflow \
    new-packet-mark=cablevisionflow passthrough=no
add action=mark-packet chain=prerouting comment=Telegram new-packet-mark=\
    meetings passthrough=no port=64458 protocol=udp
add action=mark-packet chain=prerouting comment=GoogleMeet new-packet-mark=\
    meetings passthrough=no port=19305 protocol=udp
add action=mark-packet chain=prerouting comment=Zoom new-packet-mark=meetings \
    passthrough=no port=8801 protocol=udp
add action=mark-packet chain=prerouting comment="Skype & MicrosoftTeams" \
    new-packet-mark=meetings passthrough=no port=3480 protocol=udp
add action=mark-connection chain=prerouting comment=gvt content=gvt1.com \
    dst-port=443 new-connection-mark=gvt passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=gvt2.com dst-port=443 \
    new-connection-mark=gvt passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=gvt new-packet-mark=\
    gvt passthrough=no
add action=mark-connection chain=prerouting comment=google dst-address-list=\
    google new-connection-mark=google passthrough=yes
add action=mark-packet chain=prerouting connection-mark=google \
    new-packet-mark=google passthrough=no
add action=mark-connection chain=prerouting comment=windowsupdate \
    dst-address-list=windowsupdate new-connection-mark=windowsupdate \
    passthrough=yes
add action=mark-connection chain=prerouting content=windowsupdate.com \
    dst-port=80 new-connection-mark=windowsupdate passthrough=yes protocol=\
    tcp
add action=mark-connection chain=prerouting content=delivery.mp.microsoft.com \
    dst-port=80 new-connection-mark=windowsupdate passthrough=yes protocol=\
    tcp
add action=mark-connection chain=prerouting content=\
    microsoft.com.edgesuite.net dst-port=80 new-connection-mark=windowsupdate \
    passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=windowsupdate \
    new-packet-mark=windowsupdate passthrough=no
add action=mark-packet chain=prerouting comment=SpeedTest new-packet-mark=\
    speedtest passthrough=no port=8080 protocol=tcp
add action=mark-connection chain=prerouting comment=WoPlay dst-address=\
    190.0.160.0/20 new-connection-mark=woplay passthrough=yes
add action=mark-packet chain=prerouting connection-mark=woplay \
    new-packet-mark=woplay passthrough=no
add action=mark-connection chain=prerouting comment="Windows RDP" dst-port=\
    3389 new-connection-mark=winrdp passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=winrdp \
    new-packet-mark=winrdp passthrough=no
add action=mark-connection chain=prerouting comment=Juegos \
    new-connection-mark=juegos passthrough=yes port="14000,14001,14008,14020,1\
    4021,14022,14023,14024,3658,6115,6015,3478,3479,3480" protocol=tcp
add action=mark-connection chain=prerouting new-connection-mark=juegos \
    passthrough=yes port="14000,14001,14008,14020,14021,14022,14023,14024,3658\
    ,6115,6015,3478,3479,3480" protocol=udp
add action=mark-connection chain=prerouting new-connection-mark=juegos \
    passthrough=yes port=10000-10099 protocol=tcp
add action=mark-connection chain=prerouting new-connection-mark=juegos \
    passthrough=yes port=10000-10099 protocol=udp
add action=mark-connection chain=prerouting new-connection-mark=juegos \
    passthrough=yes port=13000,13005,13200 protocol=tcp
add action=mark-connection chain=prerouting new-connection-mark=juegos \
    passthrough=yes port=13000,13005,13200 protocol=udp
add action=mark-connection chain=prerouting comment=freefiremobile.com \
    content=freefiremobile.com dst-port=443 new-connection-mark=juegos passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=garena.com dst-port=443 \
    new-connection-mark=juegos passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=juegos \
    new-packet-mark=juegos passthrough=no
add action=mark-packet chain=prerouting new-packet-mark=juegos passthrough=no \
    port="14000,14001,14008,14020,14021,14022,14023,14024,3658,6115,6015,3478,\
    3479,3480" protocol=udp
add action=mark-packet chain=prerouting new-packet-mark=juegos passthrough=no \
    port=10000-10099 protocol=udp
add action=mark-packet chain=prerouting new-packet-mark=juegos passthrough=no \
    port=13000,13005,13200 protocol=udp
add action=mark-packet chain=prerouting comment=VPN new-packet-mark=vpn \
    passthrough=no port=1723 protocol=tcp
add action=mark-packet chain=prerouting new-packet-mark=vpn passthrough=no \
    port=1701 protocol=udp
add action=mark-packet chain=prerouting new-packet-mark=vpn passthrough=no \
    port=500 protocol=udp
add action=mark-packet chain=prerouting new-packet-mark=vpn passthrough=no \
    protocol=ipsec-esp
add action=mark-packet chain=prerouting new-packet-mark=vpn passthrough=no \
    protocol=ipsec-ah
add action=mark-packet chain=prerouting new-packet-mark=vpn passthrough=no \
    protocol=gre
add action=mark-packet chain=prerouting comment=Mikrotik new-packet-mark=\
    mikroitk passthrough=no port=8291,8728,8729 protocol=tcp
add action=mark-connection chain=prerouting comment=Porno content=\
    folieporno.fr dst-port=443 new-connection-mark=porno passthrough=yes \
    protocol=tcp
add action=mark-connection chain=prerouting content=pampaporno.com dst-port=\
    443 new-connection-mark=porno passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=phncdn.com dst-port=443 \
    new-connection-mark=porno passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=xvideos-cdn.com dst-port=\
    443 new-connection-mark=porno passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=xnxx-cdn.com dst-port=443 \
    new-connection-mark=porno passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=porno \
    new-packet-mark=porno passthrough=no
add action=mark-connection chain=prerouting comment=Akamai dst-address-list=\
    akamai new-connection-mark=akamai passthrough=yes
add action=mark-packet chain=prerouting connection-mark=akamai \
    new-packet-mark=akamai passthrough=no
add action=mark-connection chain=prerouting comment=Amazon dst-address-list=\
    amazon new-connection-mark=amazon passthrough=yes
add action=mark-packet chain=prerouting connection-mark=amazon \
    new-packet-mark=amazon passthrough=no
add action=mark-connection chain=prerouting comment=Downloads \
    connection-bytes=500000000-0 new-connection-mark=downloads passthrough=\
    yes
add action=mark-packet chain=prerouting connection-mark=downloads \
    new-packet-mark=downloads passthrough=no
add action=mark-connection chain=prerouting comment=HTTPS dst-port=443 \
    new-connection-mark=https passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=https \
    new-packet-mark=https passthrough=no
add action=mark-connection chain=prerouting comment=QUIC dst-port=443 \
    new-connection-mark=quic passthrough=yes protocol=udp
add action=mark-packet chain=prerouting connection-mark=quic new-packet-mark=\
    quic passthrough=no
add action=mark-connection chain=prerouting comment=HTTP dst-port=80 \
    new-connection-mark=http passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=http new-packet-mark=\
    http passthrough=no
add action=mark-connection chain=prerouting comment=Other dst-port=!1-1024 \
    new-connection-mark=other passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=other \
    new-packet-mark=other passthrough=yes
add action=passthrough chain=prerouting comment=Crenein-QoS-v2.6

Queue Tree

Debe remplazar los valores de qosat, qosmax y parent deacuerdo a su caso.
Donde:
* qosat es el limit-at de la queue parent.
* qosmax es el max-limit de la queue parent.
* parent es la interfaz en la que va a funcionar el download del QoS. Puede definir como interface la palabra “global” para utilizar el target global en su router. Tenga en cuenta que esto eleva considerablemente el uso de cpu y el QoS puede presentar fallas.

 :global qosat 100M ; :global qosmax 500M ; :global parent ether1 
/queue type
add kind=pcq name=Netflix pcq-classifier=dst-address pcq-dst-address6-mask=64 pcq-rate=4906k pcq-src-address6-mask=64
add kind=pcq name=Youtube pcq-classifier=dst-address pcq-dst-address6-mask=64 pcq-rate=4096k pcq-src-address6-mask=64
add kind=pcq name=TikTok pcq-classifier=dst-address pcq-dst-address6-mask=64 pcq-rate=3072k pcq-src-address6-mask=64

/queue tree
add limit-at=$qosat max-limit=$qosmax name="QoS_$parent" parent=$parent
add limit-at=$qosat max-limit=$qosmax name="Netflix_$parent" packet-mark=netflix parent="QoS_$parent" priority=3 queue=Netflix
add limit-at=$qosat max-limit=$qosmax name="WoPlay_$parent" packet-mark=woplay parent="QoS_$parent" priority=2
add limit-at=$qosat max-limit=$qosmax name="Juegos_$parent" packet-mark=juegos parent="QoS_$parent" priority=1
add limit-at=$qosat max-limit=$qosmax name="Footprint.net_$parent" packet-mark=footprint.net parent="QoS_$parent" priority=3
add limit-at=$qosat max-limit=$qosmax name="WindowsUpdate_$parent" packet-mark=windowsupdate parent="QoS_$parent" queue=synchronous-default
add limit-at=$qosat max-limit=$qosmax name="Youtube_$parent" packet-mark=youtube parent="QoS_$parent" priority=5 queue=Youtube
add limit-at=$qosat max-limit=$qosmax name="Facebook_$parent" packet-mark=facebook parent="QoS_$parent" priority=4 queue=synchronous-default
add limit-at=$qosat max-limit=$qosmax name="Google_$parent" packet-mark=google parent="QoS_$parent" priority=6 queue=synchronous-default
add limit-at=$qosat max-limit=$qosmax name="Gvt_$parent" packet-mark=gvt parent="QoS_$parent" priority=7 queue=synchronous-default
add limit-at=$qosat max-limit=$qosmax name="Downloads_$parent" packet-mark=downloads parent="QoS_$parent" queue=synchronous-default
add limit-at=$qosat max-limit=$qosmax name="Other_$parent" packet-mark=other parent="QoS_$parent" priority=7 queue=synchronous-default
add limit-at=$qosat max-limit=$qosmax name="ClientesPrioritarios_$parent" packet-mark=ClientesPrioritarios parent="QoS_$parent" priority=1
add limit-at=$qosat max-limit=$qosmax name="SpeedTest_$parent" packet-mark=speedtest parent="QoS_$parent" priority=1
add limit-at=$qosat max-limit=$qosmax name="Mikrotik_$parent" packet-mark=mikroitk parent="QoS_$parent" priority=1
add limit-at=$qosat max-limit=$qosmax name="VPN_$parent" packet-mark=vpn parent="QoS_$parent" priority=1
add limit-at=$qosat max-limit=$qosmax name="HTTPS_$parent" packet-mark=https parent="QoS_$parent" priority=6 queue=synchronous-default
add limit-at=$qosat max-limit=$qosmax name="QUIC_$parent" packet-mark=quic parent="QoS_$parent" priority=6 queue=synchronous-default
add limit-at=$qosat max-limit=$qosmax name="HTTP_$parent" packet-mark=http parent="QoS_$parent" priority=7 queue=synchronous-default
add limit-at=$qosat max-limit=$qosmax name="WhatsApp_$parent" packet-mark=whatsapp parent="QoS_$parent" priority=2
add limit-at=$qosat max-limit=$qosmax name="CablevisionFlow_$parent" packet-mark=cablevisionflow parent="QoS_$parent" priority=3
add limit-at=$qosat max-limit=$qosmax name="WindowsRDP_$parent" packet-mark=winrdp parent="QoS_$parent" priority=1
add limit-at=$qosat max-limit=$qosmax name="Meetings_$parent" packet-mark=meetings parent="QoS_$parent" priority=1
add limit-at=$qosat max-limit=$qosmax name="Porno_$parent" packet-mark=porno parent="QoS_$parent" priority=7 queue=synchronous-default
add limit-at=$qosat max-limit=$qosmax name="Akamai_$parent" packet-mark=akamai parent="QoS_$parent" priority=6 queue=synchronous-default
add limit-at=$qosat max-limit=$qosmax name="Amazon_$parent" packet-mark=amazon parent="QoS_$parent" priority=6 queue=synchronous-default
add limit-at=$qosat max-limit=$qosmax name="TikTok_$parent" packet-mark=tiktok parent="QoS_$parent" priority=4 queue="TikTok"

También puede gustarle...

5 Respuestas

  1. Analía dice:
    9 junio, 2021 a las 2:01 pm

    Buenísimo el articulo. Saludos.

    Responder
  2. yonny dice:
    25 febrero, 2022 a las 3:01 pm

    Buenas pudiera pasar un numero para contactarlo por whatsapp. Gracias

    Responder
  3. Anibal dice:
    16 febrero, 2023 a las 11:23 am

    Muy bueno, esto se puede aplicar a un Haplite? para un hogar/empresa chica? Aun funciona todas las reglas hoy dia?

    Responder

Responder a Analía Cancelar respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Este sitio usa Akismet para reducir el spam. Aprende cómo se procesan los datos de tus comentarios.