dynamicke SQ pre klientov + staticke QT pre QoS

[Radoko77]

no venoval som tomu 2 dni prace a docielil som korektne fungovanie SQ pre obmedzovanie jednotlivych klientov (dynamicky tvorene z DHCP) a trvale pravidla v QT pre urcenie QoS

zadal som zatial skusobne 4 skupiny, ktore neskor rozsirim o dalsie porty podla vlastnej chuti

1. skupina = voip, games, icmp, telnet, ssh
2. skupina = 80, 443
3. skupina = vsetko ostatne
4. skupina = p2p

ak ma niekto chut, tak to mozte doladit, a pokracovat v tom

QT ...

Kód: Vybrat vše

/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
    max-limit=0 name=hlavny packet-mark="" parent=global-total priority=8 \
    queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
    max-limit=4000000 name=e2_down packet-mark="" parent=hlavny priority=8 \
    queue=pcq-down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
    max-limit=2000000 name=e2_up packet-mark="" parent=hlavny priority=8 \
    queue=pcq-up
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
    max-limit=4000000 name=e2_down3_all packet-mark=e2_down3_all parent=\
    e2_down priority=6 queue=pcq-down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
    max-limit=32000 name=e2_down2_web packet-mark=e2_down2_web parent=e2_down \
    priority=6 queue=pcq-down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
    max-limit=4000000 name=e2_down1_voip packet-mark=e2_down1_voip parent=\
    e2_down priority=6 queue=pcq-down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
    max-limit=2000000 name=e2_up1_voip packet-mark=e2_up1_voip parent=e2_up \
    priority=6 queue=pcq-up
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
    max-limit=2000000 name=e2_up2_web packet-mark=e2_up2_web parent=e2_up \
    priority=6 queue=pcq-up
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
    max-limit=2000000 name=e2_up3_all packet-mark=e2_up3_all parent=e2_up \
    priority=6 queue=pcq-up
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
    max-limit=512000 name=e2_down4_p2p packet-mark=e2_down4_p2p parent=\
    e2_down priority=6 queue=pcq-down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
    max-limit=256000 name=e2_up4_p2p packet-mark=e2_up4_p2p parent=e2_up \
    priority=6 queue=pcq-up

mangle ...

Kód: Vybrat vše

/ip firewall mangle
add action=mark-packet chain=prerouting comment="" disabled=no \
    new-packet-mark=e2_down1_voip passthrough=no protocol=tcp src-port=20-22
add action=mark-packet chain=postrouting comment="" disabled=no dst-port=\
    20-22 new-packet-mark=e2_up1_voip passthrough=no protocol=tcp
add action=mark-packet chain=prerouting comment="" disabled=no \
    new-packet-mark=e2_down2_web passthrough=no protocol=tcp src-port=80
add action=mark-packet chain=postrouting comment="" disabled=no dst-port=80 \
    new-packet-mark=e2_up2_web passthrough=no protocol=tcp
add action=mark-packet chain=prerouting comment="" disabled=no in-interface=\
    ether2 new-packet-mark=e2_down4_p2p p2p=all-p2p passthrough=no
add action=mark-packet chain=postrouting comment="" disabled=no \
    new-packet-mark=e2_up4_p2p out-interface=ether2 p2p=all-p2p passthrough=\
    no
add action=mark-packet chain=prerouting comment="" disabled=no in-interface=\
    ether2 new-packet-mark=e2_down3_all passthrough=no
add action=mark-packet chain=postrouting comment="" disabled=no \
    new-packet-mark=e2_up3_all out-interface=ether2 passthrough=yes