QOS L7-Protocol

17/1/2013 12:30

QOS, L7-Protocol filter

สามารถเข้าได้ดู Update Layer7-filter Pattern ได้จากที่นี่ http://l7-filter.sourceforge.net/protocols

บ้างส่วนที่เอามาใช้งาน เช่น Bittorrent , MSN , Yahoo Messenger , eDonkey ฯลฯ

#Command

/ip firewall layer7-protocol

add comment="" name=facebook regexp=facebook

add comment="" name="Extension \" .exe \"" regexp="\\.(exe)"

add comment="" name="Extension \" .rar \"" regexp="\\.(rar)"

add comment="" name="Extension \" .zip \"" regexp="\\.(zip)"

add comment="" name="Extension \" .7z \"" regexp="\\.(7z)"

add comment="" name="Extension \" .cab \"" regexp="\\.(cab)"

add comment="" name="Extension \" .asf \"" regexp="\\.(asf)"

add comment="" name="Extension \" .mov \"" regexp="\\.(mov)"

add comment="" name="Extension \" .wmv \"" regexp="\\.(wmv)"

add comment="" name="Extension \" .mpg \"" regexp="\\.(mpg)"

add comment="" name="Extension \" .mpeg \"" regexp="\\.(mpeg)"

add comment="" name="Extension \" .mkv \"" regexp="\\.(mkv)"

add comment="" name="Extension \" .avi \"" regexp="\\.(avi)"

add comment="" name="Extension \" .flv \"" regexp="\\.(flv)"

add comment="" name="Extension \" .pdf \"" regexp="\\.(pdf)"

add comment="" name="Extension \" .wav \"" regexp="\\.(wav)"

add comment="" name="Extension \" .rm \"" regexp="\\.(rm)"

add comment="" name="Extension \" .mp3 \"" regexp="\\.(mp3)"

add comment="" name="Extension \" .mp4 \"" regexp="\\.(mp4)"

add comment="" name="Extension \" .ram \"" regexp="\\.(ram)"

add comment="" name="Extension \" .rmvb \"" regexp="\\.(rmvb)"

add comment="" name="Extension \" .dat \"" regexp="\\.(dat)"

add comment="" name="Extension \" .daa \"" regexp="\\.(daa)"

add comment="" name="Extension \" .iso \"" regexp="\\.(iso)"

add comment="" name="Extension \" .nrg \"" regexp="\\.(nrg)"

add comment="" name="Extension \" .bin \"" regexp="\\.(bin)"

add comment="" name="Extension \" .vcd \"" regexp="\\.(vcd)"

add comment="" name=YouTube regexp="http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5][0-9][0-9][\\x09-\\x0d -~]*(content-type: video)"

/ip firewall mangle

add action=mark-connection chain=prerouting comment="7z DOWNS" disabled=yes layer7-protocol="Extension \" .7z \"" new-connection-mark="7z DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="7z DOWNS" disabled=yes new-packet-mark=7z passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="asf DOWNS" disabled=yes layer7-protocol="Extension \" .asf \"" new-connection-mark="asf DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="asf DOWNS" disabled=yes new-packet-mark=asf passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="avi DOWNS" disabled=yes layer7-protocol="Extension \" .avi \"" new-connection-mark="avi DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="avi DOWNS" disabled=yes new-packet-mark=avi passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="bin DOWNS" disabled=yes layer7-protocol="Extension \" .bin \"" new-connection-mark="bin DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="bin DOWNS" disabled=yes new-packet-mark=bin passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="cab DOWNS" disabled=yes layer7-protocol="Extension \" .cab \"" new-connection-mark="cab DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="cab DOWNS" disabled=yes new-packet-mark=cab passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="flv DOWNS" disabled=yes layer7-protocol="Extension \" .flv \"" new-connection-mark="flv DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="flv DOWNS" disabled=yes new-packet-mark=flv passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="iso DOWNS" disabled=yes layer7-protocol="Extension \" .iso \"" new-connection-mark="iso DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="iso DOWNS" disabled=yes new-packet-mark=iso passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="mkv DOWNS" disabled=yes layer7-protocol="Extension \" .mkv \"" new-connection-mark="mkv DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="mkv DOWNS" disabled=yes new-packet-mark=mkv passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="exe DOWNS" disabled=yes layer7-protocol="Extension \" .exe \"" new-connection-mark="exe DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="exe DOWNS" disabled=yes new-packet-mark=exe passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="mov DOWNS" disabled=yes layer7-protocol="Extension \" .mov \"" new-connection-mark="mov DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="mov DOWNS" disabled=yes new-packet-mark=mov passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="mp3 DOWNS" disabled=yes layer7-protocol="Extension \" .mp3 \"" new-connection-mark="mp3 DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="mp3 DOWNS" disabled=yes new-packet-mark=mp3 passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="mp4 DOWNS" disabled=yes layer7-protocol="Extension \" .mp4 \"" new-connection-mark="mp4 DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="mp4 DOWNS" disabled=yes new-packet-mark=mp4 passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="mpeg DOWNS" disabled=yes layer7-protocol="Extension \" .mpeg \"" new-connection-mark="mpeg DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="mpeg DOWNS" disabled=yes new-packet-mark=mpeg passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="mpg DOWNS" disabled=yes layer7-protocol="Extension \" .mpg \"" new-connection-mark="mpg DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="mpg DOWNS" disabled=yes new-packet-mark=mpg passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="nrg DOWNS" disabled=yes layer7-protocol="Extension \" .nrg \"" new-connection-mark="nrg DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="nrg DOWNS" disabled=yes new-packet-mark=nrg passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="pdf DOWNS" disabled=yes layer7-protocol="Extension \" .pdf \"" new-connection-mark="pdf DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="pdf DOWNS" disabled=yes new-packet-mark=pdf passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="ram DOWNS" disabled=yes layer7-protocol="Extension \" .ram \"" new-connection-mark="ram DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="ram DOWNS" disabled=yes new-packet-mark=ram passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="rar DOWNS" disabled=yes layer7-protocol="Extension \" .rar \"" new-connection-mark="rar DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="rar DOWNS" disabled=yes new-packet-mark=rar passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="rm DOWNS" disabled=yes layer7-protocol="Extension \" .rm \"" new-connection-mark="rm DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="rm DOWNS" disabled=yes new-packet-mark=rm passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="rmvb DOWNS" disabled=yes layer7-protocol="Extension \" .rmvb \"" new-connection-mark="rmvb DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="rmvb DOWNS" disabled=yes new-packet-mark=rmvb passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="wav DOWNS" disabled=yes layer7-protocol="Extension \" .wav \"" new-connection-mark="wav DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="wav DOWNS" disabled=yes new-packet-mark=wav passthrough=no protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="wma DOWNS" disabled=yes new-packet-mark=wma passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="wmv DOWNS" disabled=yes layer7-protocol="Extension \" .wmv \"" new-connection-mark="wmv DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="wmv DOWNS" disabled=yes new-packet-mark=wmv passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="daa DOWNS" disabled=yes layer7-protocol="Extension \" .daa \"" new-connection-mark="daa DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="daa DOWNS" disabled=yes new-packet-mark=daa passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="dat DOWNS" disabled=yes layer7-protocol="Extension \" .dat \"" new-connection-mark="dat DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="dat DOWNS" disabled=yes new-packet-mark=dat passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="vcd DOWNS" disabled=yes layer7-protocol="Extension \" .vcd \"" new-connection-mark="vcd DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="vcd DOWNS" disabled=yes new-packet-mark=vcd passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="youtube DOWNS" disabled=yes layer7-protocol=YouTube new-connection-mark="youtube DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="youtube DOWNS" disabled=yes layer7-protocol=YouTube new-packet-mark=youtube passthrough=no protocol=tcp

add action=mark-connection chain=prerouting comment="zip DOWNS" disabled=yes layer7-protocol="Extension \" .zip \"" new-connection-mark="zip DOWNS" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting comment="" connection-mark="zip DOWNS" disabled=yes new-packet-mark=zip passthrough=no protocol=tcp

/queue tree

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=1M max-limit=1M name="youtube DOWNS" packet-mark=youtube parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="7z DOWNS" packet-mark=7z parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="asf DOWNS" packet-mark=asf parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="avi DOWNS" packet-mark=avi parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="bin DOWNS" packet-mark=bin parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="flv DOWNS" packet-mark=flv parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="iso DOWNS" packet-mark=iso parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="mkv DOWNS" packet-mark=mkv parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="exe DOWNS" packet-mark=exe parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="mov DOWNS" packet-mark=mov parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="mp3 DOWNS" packet-mark=mp3 parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name=mp4DOWNS packet-mark=mp4 parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="mpeg DOWNS" packet-mark=mpeg parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="mpg DOWNS" packet-mark=mpg parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="nrg DOWNS" packet-mark=nrg parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="pdf DOWNS" packet-mark=pdf parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="ram DOWNS" packet-mark=ram parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="rar DOWNS" packet-mark=rar parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="rm DOWNS" packet-mark=rm parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name=rmvbDOWNS packet-mark=rmvb parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="wav DOWNS" packet-mark=wav parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="zip DOWNS" packet-mark=zip parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="daa DOWNS" packet-mark=daa parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="dat DOWNS" packet-mark=dat parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="vcd DOWNS" packet-mark=vcd parent=global-out priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=512k max-limit=512k name="cab DOWNS" packet-mark=cab parent=global-out priority=8 queue=default

#END

โพส โดย

QOS L7-Protocol

17/1/2013 12:30

QOS, L7-Protocol filter

Store Owner

โพสล่าสุด

หมวดหมู่

หมวดหมู่สินค้า

บริการลูกค้า

ข้อมูลร้าน

ติดตามเรา

สมัครสมาชิกจดหมายข่าว