MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port:...
Transcript of MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port:...
![Page 1: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/1.jpg)
MUM SAUDI ARABIAOCTOBER 2017
![Page 2: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/2.jpg)
Jonathan “JAY” Soriano
-Networking Enthusiast
-MikroTik user since 2011
-Unofficial Trainer
![Page 3: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/3.jpg)
![Page 4: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/4.jpg)
Identifying and
Managing Traffic
in RouterOS
![Page 5: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/5.jpg)
Challenge
“My applications are sometimes slow”
![Page 6: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/6.jpg)
Challenge
“My voice calls drop at times.”
![Page 7: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/7.jpg)
Challenge
“My video stream is always buffering.”
![Page 8: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/8.jpg)
✓ Slow link to the service provider network
✓ Poor physical & logical network planning &
implementation
✓Underpowered hardware
✓Malicious software, online and offline
threats.
✓ Excessive downloaders, uploaders.
Why
![Page 9: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/9.jpg)
RB962UiGS-5HacT2HnT
hAP ac
Identify
Filter
Mangle
DNS
Address List
Queues
Manage
![Page 10: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/10.jpg)
to recognize something
![Page 11: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/11.jpg)
Filter
Block MAC Block IP
Out. Interface:
Chain: forward
ether1Out. Interface:
General
Src. MAC Address: C0:D3:C0:31:E8:D1
Advanced
Action
dropAction:
General
Chain: forward
Src. Address: 192.168.88.4
ether1Out. Interface:
Action
dropAction:
![Page 12: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/12.jpg)
Chain: prerouting
web-connectionConnection Mark:
General
Mangle
Identify Port & Protocol
Mark Connection
Mark Packet
Action
mark packetAction:
web-packetNew Packet Mark:
Passthrough
Action
mark connectionAction:
web-connectionNew Connection Mark:
✓ Passthrough
Chain: prerouting
6 (tcp)Protocol:
General
80,8080,20,21,443Dst. Port:
Chain: prerouting
17 (udp)Protocol:
General
80,8080,20,21,443Dst. Port:
![Page 13: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/13.jpg)
Mangle
![Page 14: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/14.jpg)
Connection Bytes
Chain: prerouting
6 (tcp)Protocol:
General
80,8080,20,21,443Dst. Port:
Chain: prerouting
17 (udp)Protocol:
General
80,8080,20,21,443Dst. Port:
Connection Bytes: 3000001-0
Advanced
Action
mark connectionAction:
3M-connectionNew Connection Mark:
✓ Passthrough
Chain: prerouting
3M-connectionConnection Mark:
General
Action
mark packetAction:
3M-packetNew Packet Mark:
Passthrough
Mark Connection
Mark Packet
![Page 15: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/15.jpg)
Mangle
![Page 16: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/16.jpg)
Layer-7
Layer-7
Firewall L7 Protocol <Video Streaming>
Name: Video Streaming
videoplayback|video|watch
OK
Cancel
Apply
Regexp:
X
![Page 17: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/17.jpg)
Layer-7
Action
mark connectionAction:
Video-connectionNew Connection Mark:
✓ Passthrough
Chain: prerouting
Video-connectionConnection Mark:
General
Action
mark packetAction:
Video-packetNew Packet Mark:
Passthrough
Chain: prerouting
General
Advanced
Video StreamingLayer7 Protocol:
Mark Connection Mark Packet
![Page 18: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/18.jpg)
Mangle
![Page 19: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/19.jpg)
DNS
DNS Cache
![Page 20: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/20.jpg)
DNS
Script Scheduler
![Page 21: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/21.jpg)
Address List
![Page 22: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/22.jpg)
Address List
Action
mark connectionAction:
Video-connectionNew Connection Mark:
✓ Passthrough
Chain: prerouting
Video-connectionConnection Mark:
General
Action
mark packetAction:
Video-packetNew Packet Mark:
Passthrough
Chain: prerouting
General
Advanced
YoutubeDst. Address List:
Mark Connection Mark Packet
![Page 23: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/23.jpg)
Mangle
![Page 24: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/24.jpg)
MangleOther Traffic
![Page 25: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/25.jpg)
maintain control over something
![Page 26: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/26.jpg)
![Page 27: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/27.jpg)
Class 1
Class 2
Class 3
![Page 28: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/28.jpg)
![Page 29: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/29.jpg)
Queues
Simple Queue
Queue Tree
![Page 30: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/30.jpg)
Queues
Simple Queue
![Page 31: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/31.jpg)
Simple Queue
Parent Queue
![Page 32: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/32.jpg)
Simple Queue
Parent Queue
![Page 33: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/33.jpg)
Simple Queue
Child Queue
![Page 34: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/34.jpg)
Simple Queue
Child Queue
![Page 35: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/35.jpg)
Simple Queue
Queues
![Page 36: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/36.jpg)
Queues
Queue Tree
![Page 37: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/37.jpg)
Internet SourceGateway modem
IP address: 192.168.1.1/24
MikroTik Routerether1: DHCP client
ether2: Master port: none
ether3,4,5: Master port: ether2
local-bridge: ether2 & wlan1 ports
local-bridge IP: 192.168.88.1/24
Your ComputerEthernet: 192.168.88.111
Network Diagram
![Page 38: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/38.jpg)
Queue Tree
Parent Queue
![Page 39: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/39.jpg)
Queue Tree
Parent Queue
![Page 40: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/40.jpg)
Queue Tree
Child Queue
![Page 41: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/41.jpg)
Queues
Queue Tree
![Page 42: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/42.jpg)
“I am still learning.”-Michelangelo, age 87
![Page 43: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/43.jpg)
Disable Fasttrack for Queues to Work
![Page 44: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/44.jpg)
To Reset All Markings, select all then Remove
No need to reboot or shutdown the device
![Page 45: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/45.jpg)
/ip firewall layer7-protocoladd name="Video Streaming" regexp=videoplayback|video|watch
/ip firewall mangleadd action=mark-connection chain=prerouting comment="Video Address List" dst-address-list=Youtube new-connection-mark=Video-connection passthrough=yesadd action=mark-connection chain=prerouting comment="Video Layer7" layer7-protocol="Video Streaming" new-connection-mark=Video-connection passthrough=yesadd action=mark-packet chain=prerouting comment="Video Packet" connection-mark=Video-connection new-packet-mark=Video-packet passthrough=noadd action=mark-connection chain=prerouting comment=Web dst-port=80,8080,443,20,21 new-connection-mark=web-connection passthrough=yes protocol=tcpadd action=mark-connection chain=prerouting dst-port=80,8080,443,20,21 new-connection-mark=web-connection passthrough=yes protocol=udpadd action=mark-connection chain=prerouting comment="Large file more than 3Mb" connection-bytes=3000001-0 dst-port=80,8080,20,21,443 new-connection-mark=3M-connection passthrough=yes protocol=tcpadd action=mark-connection chain=prerouting connection-bytes=3000001-0 dst-port=80,8080,20,21,443 new-connection-mark=3M-connection passthrough=yes protocol=udpadd action=mark-packet chain=prerouting comment="3M Packet" connection-mark=3M-connection new-packet-mark=3M-packet passthrough=noadd action=mark-packet chain=prerouting comment="Web Packet" connection-mark=web-connection new-packet-mark=web-packet passthrough=noadd action=mark-connection chain=prerouting comment=Other dst-port=1000-65535 new-connection-mark=other-connection passthrough=yes protocol=tcpadd action=mark-connection chain=prerouting dst-port=1000-65535 new-connection-mark=other-connection passthrough=yes protocol=udpadd action=mark-packet chain=prerouting comment="Other Packet" connection-mark=other-connection new-packet-mark=other-packet passthrough=no
/queue treeadd limit-at=128k max-limit=5M name=Download parent=bridge queue=pcq-download-defaultadd limit-at=128k max-limit=1M name=Upload parent=ether1 queue=pcq-upload-defaultadd limit-at=3M max-limit=5M name="a. web d" packet-mark=web-packet parent=Download priority=2 queue=pcq-download-defaultadd limit-at=500k max-limit=3M name="d. large file d" packet-mark=3M-packet parent=Download queue=pcq-download-defaultadd limit-at=500k max-limit=3M name="c. video d" packet-mark=Video-packet parent=Download priority=6 queue=pcq-download-defaultadd limit-at=1M max-limit=4M name="b. other d" packet-mark=other-packet parent=Download priority=4 queue=pcq-download-defaultadd limit-at=512k max-limit=1M name="a. web u" packet-mark=web-packet parent=Upload priority=2 queue=pcq-upload-defaultadd limit-at=104k max-limit=256k name="d. large file u" packet-mark=3M-packet parent=Upload queue=pcq-upload-defaultadd limit-at=128k max-limit=500k name="c. video u" packet-mark=Video-packet parent=Upload priority=6 queue=pcq-upload-defaultadd limit-at=256k max-limit=768k name="b. other u" packet-mark=other-packet parent=Upload priority=4 queue=pcq-upload-default
/system scheduleradd interval=30s name="run every 30 seconds" on-event="/system script run video" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=oct/10/2017 start-time=20:00:00
URL Links:https://wiki.mikrotik.com/wiki/Manual:Packet_Flowhttps://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Filterhttps://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Manglehttps://wiki.mikrotik.com/wiki/Manual:IP/Firewall/L7https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Address_listhttps://wiki.mikrotik.com/wiki/Manual:IP/DNShttps://wiki.mikrotik.com/wiki/Sync_Address_List_from_DNS_Lookup_Results_-_CNAME_and_A_Recordshttps://wiki.mikrotik.com/wiki/Manual:Scripting-exampleshttps://wiki.mikrotik.com/wiki/Manual:Queuehttp://www.istockphoto.com
References
![Page 46: MUM SAUDI ARABIA · Connection Bytes Chain: prerouting Protocol: 6 (tcp) General Dst. Port: 80,8080,20,21,443 Chain: prerouting Protocol: 17 (udp) General Dst. Port: 80,8080,20,21,443](https://reader034.fdocuments.in/reader034/viewer/2022042803/5f471d23a498b400637efede/html5/thumbnails/46.jpg)
/system scriptadd name=video owner=jay policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":lo\cal myServers { \"video\" }\r\\n:local myListName \"Youtube\"\r\\n:local myTimeout \"00:30:00\"\r\\n\r\\n/ip dns cache all {\r\\n :foreach i in=\$myServers do={\r\\n :foreach j in=[find where (name~\$i)] do={\r\\n :do {\r\\n :local myName [get \$j name]\r\\n :local myType [get \$j type]\r\\n :local myData [get \$j data]\r\\n\r\\n :if (\$myType = \"A\") do={\r\\n :do {\r\\n /ip firewall address-list add address=\$myData lis\t=\$myListName comment=\"\$i-\$myName\" timeout=\$myTimeout\r\\n } on-error={\r\\n :put \"DNSCACHE: Error on \$myName \$myData \$myTy\pe\"\r\\n }\r\\n }\r\\n\r\\n :if (\$myType = \"CNAME\") do={\r\\n :local currentName \$j\r\\n :local nextName [find where (name=\$myData && type=\"C\NAME\")]\r\\n\r\\n :while (\$nextName != \"\") do={\r\\n :set currentName \$nextName\r\\n :resolve \$currentName\r\\n :set nextName [find where (name=[get \$nextName da\ta] && type=\"CNAME\")]\r\\n }\r\\n\r\\n :resolve [get \$currentName data]\r\\n\r\\n :foreach k in=[find where (name=[get \$currentName dat\a] && type=\"A\")] do={\r\\n :set myData [get \$k data]\r\\n :do {\r\\n /ip firewall address-list add address=\$myData\\_list=\$myListName comment=\"\$i-\$myName\" timeout=\$myTimeout\r\\n } on-error={\r\\n :put \"DNSCACHE: Error on \$myName \$myData \$\myType\"\r\\n }\r\\n }\r\\n }\r\\n } on-error={\r\\n :put \"DNSCACHE: Missing Entry\"\r\\n }\r\\n }\r\\n }\r\\n}"
References
Script