ip firewall mangle add chain=game action=mark-connection new-connection-mark=Game passthrough=yes protocol=tcp dst-address=203.89.146.0/23 dst-port=39190 comment=”Point Blank”
ip firewall mangle add chain=game action=mark-connection new-connection-mark=Game passthrough=yes protocol=udp dst-address=203.89.146.0/23 dst-port=40000-40010
ip firewall mangle add chain=game action=mark-packet new-packet-mark=Game_pkt passthrough=no connection-mark=Game
ip firewall mangle add chain=prerouting action=jump jump-target=game
queue type add name=”Game” kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address,dst-address,src-port,dst-port pcq-total-limit=2000
queue tree add name=”Game” parent=global-total packet-mark=Game_pkt limit-at=0 queue=Game priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
ip firewall mangle add chain=prerouting protocol=tcp dst-port=9339 connection-state=new action=mark-connection new-connection-mark=poker passthrough=yes comment="poker" disabled=no
ip firewall mangle add chain=prerouting connection-mark=poker action=mark-packet new-packet-mark=poker1 passthrough=no comment="" disabled=no
queue tree add name="poker mania" parent=global-out packet-mark=poker1 limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
ip firewall mangle add chain=forward action=mark-connection new-connection-mark=http passthrough=yes protocol=tcp in-interface=speedy out-interface=lokal packet-mark=!Game_pkt connection-mark=!Game connection-bytes=0-262146 comment=”BROWSE”
ip firewall mangle add chain=forward action=mark-packet new-packet-mark=http_pkt passthrough=no protocol=tcp connection-mark=http
queue type add name=”Http” kind=pcq pcq-rate=768k pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
queue tree add name=”Main_Browse” parent=lokal limit-at=0 priority=8 max-limit=768k burst-limit=0 burst-threshold=0 burst-time=0s
queue tree add name=”Browse” parent=Main_Browse packet-mark=http_pkt limit-at=0 queue=Http priority=8 max-limit=768k burst-limit=0 burst-threshold=0 burst-time=0s
firewall layer7 protocol
http-video
http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(content-type: video)
ip firewall mangle add action=mark-packet chain=prerouting comment="http-video mark-packet" disabled=no layer7-protocol=http-video new-packet-mark=http-video passthrough=no
queue simple add name="youtube" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=http-video direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
ip firewall layer7-protocol add comment="" name="Extension \" .exe \"" regexp="\\.(exe)"
ip firewall layer7-protocol add comment="" name="Extension \" .rar \"" regexp="\\.(rar)"
ip firewall layer7-protocol add comment="" name="Extension \" .zip \"" regexp="\\.(zip)"
ip firewall layer7-protocol add comment="" name="Extension \" .7z \"" regexp="\\.(7z)"
ip firewall layer7-protocol add comment="" name="Extension \" .cab \"" regexp="\\.(cab)"
ip firewall layer7-protocol add comment="" name="Extension \" .asf \"" regexp="\\.(asf)"
ip firewall layer7-protocol add comment="" name="Extension \" .mov \"" regexp="\\.(mov)"
ip firewall layer7-protocol add comment="" name="Extension \" .wmv \"" regexp="\\.(wmv)"
ip firewall layer7-protocol add comment="" name="Extension \" .mpg \"" regexp="\\.(mpg)"
ip firewall layer7-protocol add comment="" name="Extension \" .mpeg \"" regexp="\\.(mpeg)"
ip firewall layer7-protocol add comment="" name="Extension \" .mkv \"" regexp="\\.(mkv)"
ip firewall layer7-protocol add comment="" name="Extension \" .avi \"" regexp="\\.(avi)"
ip firewall layer7-protocol add comment="" name="Extension \" .flv \"" regexp="\\.(flv)"
ip firewall layer7-protocol add comment="" name="Extension \" .wav \"" regexp="\\.(wav)"
ip firewall layer7-protocol add comment="" name="Extension \" .rm \"" regexp="\\.(rm)"
ip firewall layer7-protocol add comment="" name="Extension \" .mp3 \"" regexp="\\.(mp3)"
ip firewall layer7-protocol add comment="" name="Extension \" .mp4 \"" regexp="\\.(mp4)"
ip firewall layer7-protocol add comment="" name="Extension \" .ram \"" regexp="\\.(ram)"
ip firewall layer7-protocol add comment="" name="Extension \" .rmvb \"" regexp="\\.(rmvb)"
ip firewall layer7-protocol add comment="" name="Extension \" .dat \"" regexp="\\.(dat)"
ip firewall layer7-protocol add comment="" name="Extension \" .daa \"" regexp="\\.(daa)"
ip firewall layer7-protocol add comment="" name="Extension \" .iso \"" regexp="\\.(iso)"
ip firewall layer7-protocol add comment="" name="Extension \" .nrg \"" regexp="\\.(nrg)"
ip firewall layer7-protocol add comment="" name="Extension \" .bin \"" regexp="\\.(bin)"
ip firewall layer7-protocol add comment="" name="Extension \" .vcd \"" regexp="\\.(vcd)"
ip firewall mangle add action=mark-connection chain=prerouting comment="7z DOWNS" disabled=no layer7-protocol="Extension \" .7z \"" new-connection-mark="7z DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="7z DOWNS" disabled=no new-packet-mark=7z passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="asf DOWNS" disabled=no layer7-protocol="Extension \" .asf \"" new-connection-mark="asf DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="asf DOWNS" disabled=no new-packet-mark=asf passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="avi DOWNS" disabled=no layer7-protocol="Extension \" .avi \"" new-connection-mark="avi DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="avi DOWNS" disabled=no new-packet-mark=avi passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="bin DOWNS" disabled=no layer7-protocol="Extension \" .bin \"" new-connection-mark="bin DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="bin DOWNS" disabled=no new-packet-mark=bin passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="flv DOWNS" disabled=no layer7-protocol="Extension \" .flv \"" new-connection-mark="flv DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="flv DOWNS" disabled=no new-packet-mark=flv passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="flv DOWNS" disabled=no layer7-protocol="Extension \" .flv \"" new-connection-mark="flv DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="flv DOWNS" disabled=no new-packet-mark=flv passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="iso DOWNS" disabled=no layer7-protocol="Extension \" .iso \"" new-connection-mark="iso DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark= "iso DOWNS" disabled=no new-packet-mark=iso passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="mkv DOWNS" disabled=no layer7-protocol="Extension \" .mkv \"" new-connection-mark="mkv DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="mkv DOWNS" disabled=no new-packet-mark=mkv passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="exe DOWNS" disabled=no layer7-protocol="Extension \" .exe \"" new-connection-mark="exe DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="exe DOWNS" disabled=no new-packet-mark=exe passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="mov DOWNS" disabled=no layer7-protocol="Extension \" .mov \"" new-connection-mark="mov DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="mov DOWNS" disabled=no new-packet-mark=mov passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="mp3 DOWNS" disabled=no layer7-protocol="Extension \" .mp3 \"" new-connection-mark="mp3 DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="mp3 DOWNS" disabled=no new-packet-mark=mp3 passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="mp4 DOWNS" disabled=no layer7-protocol="Extension \" .mp4 \"" new-connection-mark="mp4 DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="mp4 DOWNS" disabled=no new-packet-mark=mp4 passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="mpeg DOWNS" disabled=no layer7-protocol="Extension \" .mpeg \"" new-connection-mark="mpeg DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="mpeg DOWNS" disabled=no new-packet-mark=mpeg passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="mpg DOWNS" disabled=no layer7-protocol="Extension \" .mpg \"" new-connection-mark="mpg DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="mpg DOWNS" disabled=no new-packet-mark=mpg passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="nrg DOWNS" disabled=no layer7-protocol="Extension \" .nrg \"" new-connection-mark="nrg DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="nrg DOWNS" disabled=no new-packet-mark=nrg passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="ram DOWNS" disabled=no layer7-protocol="Extension \" .ram \"" new-connection-mark="ram DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="ram DOWNS" disabled=no new-packet-mark=ram passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="rar DOWNS" disabled=no layer7-protocol="Extension \" .rar \"" new-connection-mark="rar DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="rar DOWNS" disabled=no new-packet-mark=rar passthrough=no protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="rm DOWNS" disabled=no layer7-protocol="Extension \" .rm \"" new-connection-mark="rm DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="rm DOWNS" disabled=no new-packet-mark=rm passthrough=no protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="rmvb DOWNS" disabled=no layer7-protocol="Extension \" .rmvb \"" new-connection-mark="rmvb DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="rmvb DOWNS" disabled=no new-packet-mark=rmvb passthrough=no protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="wav DOWNS" disabled=no layer7-protocol="Extension \" .wav \"" new-connection-mark="wav DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="wav DOWNS" disabled=no new-packet-mark=wav passthrough=no protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="wma DOWNS" disabled=no layer7-protocol="Extension \" .wma \"" new-connection-mark="wma DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="wma DOWNS" disabled=no new-packet-mark=wma passthrough=no protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="wmv DOWNS" disabled=no layer7-protocol="Extension \" .wmv \"" new-connection-mark="wmv DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="wmv DOWNS" disabled=no new-packet-mark=wmv passthrough=no protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="zip DOWNS" disabled=no layer7-protocol="Extension \" .zip \"" new-connection-mark="zip DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="zip DOWNS" disabled=no new-packet-mark=zip passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="youtube DOWNS" disabled=no layer7-protocol="YouTube " new-connection-mark="youtube DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="youtube DOWNS" disabled=no new-packet-mark=youtube passthrough=no protocol=t
/ip firewall mangle add action=mark-connection chain=prerouting comment="daa DOWNS" disabled=no layer7-protocol="Extension \" .daa \"" new-connection-mark="daa DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="daa DOWNS" disabled=no new-packet-mark=daa passthrough=no protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="youtube DOWNS" disabled=no layer7-protocol="YouTube " new-connection-mark="youtube DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="youtube DOWNS" disabled=no new-packet-mark=youtube passthrough=no protocol=tcp
queue simple add name="exe" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=exe direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="rar" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=rar direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="zip" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=zip direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="7z" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=7z direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="cab" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=cab direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="asf" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=asf direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="mov" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mov direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="wmv" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=wmv direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="mpg" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mpg direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="mpeg" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mpeg direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="mkv" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mkv direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="avi" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=avi direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="flv" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=flv direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="wav" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=wav direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="rm" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=rm direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="mp3" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mp3 direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="mp4" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mp4 direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="ram" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=ram direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="rmvb" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=rmvb direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="dat" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=dat direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="daa" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=daa direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="iso" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=iso direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="nrg" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=nrg direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="bin" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=bin direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
ip firewall mangle add chain=game action=mark-connection new-connection-mark=Game passthrough=yes protocol=udp dst-address=203.89.146.0/23 dst-port=40000-40010
ip firewall mangle add chain=game action=mark-packet new-packet-mark=Game_pkt passthrough=no connection-mark=Game
ip firewall mangle add chain=prerouting action=jump jump-target=game
queue type add name=”Game” kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address,dst-address,src-port,dst-port pcq-total-limit=2000
queue tree add name=”Game” parent=global-total packet-mark=Game_pkt limit-at=0 queue=Game priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
ip firewall mangle add chain=prerouting protocol=tcp dst-port=9339 connection-state=new action=mark-connection new-connection-mark=poker passthrough=yes comment="poker" disabled=no
ip firewall mangle add chain=prerouting connection-mark=poker action=mark-packet new-packet-mark=poker1 passthrough=no comment="" disabled=no
queue tree add name="poker mania" parent=global-out packet-mark=poker1 limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
ip firewall mangle add chain=forward action=mark-connection new-connection-mark=http passthrough=yes protocol=tcp in-interface=speedy out-interface=lokal packet-mark=!Game_pkt connection-mark=!Game connection-bytes=0-262146 comment=”BROWSE”
ip firewall mangle add chain=forward action=mark-packet new-packet-mark=http_pkt passthrough=no protocol=tcp connection-mark=http
queue type add name=”Http” kind=pcq pcq-rate=768k pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
queue tree add name=”Main_Browse” parent=lokal limit-at=0 priority=8 max-limit=768k burst-limit=0 burst-threshold=0 burst-time=0s
queue tree add name=”Browse” parent=Main_Browse packet-mark=http_pkt limit-at=0 queue=Http priority=8 max-limit=768k burst-limit=0 burst-threshold=0 burst-time=0s
firewall layer7 protocol
http-video
http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(content-type: video)
ip firewall mangle add action=mark-packet chain=prerouting comment="http-video mark-packet" disabled=no layer7-protocol=http-video new-packet-mark=http-video passthrough=no
queue simple add name="youtube" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=http-video direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
ip firewall layer7-protocol add comment="" name="Extension \" .exe \"" regexp="\\.(exe)"
ip firewall layer7-protocol add comment="" name="Extension \" .rar \"" regexp="\\.(rar)"
ip firewall layer7-protocol add comment="" name="Extension \" .zip \"" regexp="\\.(zip)"
ip firewall layer7-protocol add comment="" name="Extension \" .7z \"" regexp="\\.(7z)"
ip firewall layer7-protocol add comment="" name="Extension \" .cab \"" regexp="\\.(cab)"
ip firewall layer7-protocol add comment="" name="Extension \" .asf \"" regexp="\\.(asf)"
ip firewall layer7-protocol add comment="" name="Extension \" .mov \"" regexp="\\.(mov)"
ip firewall layer7-protocol add comment="" name="Extension \" .wmv \"" regexp="\\.(wmv)"
ip firewall layer7-protocol add comment="" name="Extension \" .mpg \"" regexp="\\.(mpg)"
ip firewall layer7-protocol add comment="" name="Extension \" .mpeg \"" regexp="\\.(mpeg)"
ip firewall layer7-protocol add comment="" name="Extension \" .mkv \"" regexp="\\.(mkv)"
ip firewall layer7-protocol add comment="" name="Extension \" .avi \"" regexp="\\.(avi)"
ip firewall layer7-protocol add comment="" name="Extension \" .flv \"" regexp="\\.(flv)"
ip firewall layer7-protocol add comment="" name="Extension \" .wav \"" regexp="\\.(wav)"
ip firewall layer7-protocol add comment="" name="Extension \" .rm \"" regexp="\\.(rm)"
ip firewall layer7-protocol add comment="" name="Extension \" .mp3 \"" regexp="\\.(mp3)"
ip firewall layer7-protocol add comment="" name="Extension \" .mp4 \"" regexp="\\.(mp4)"
ip firewall layer7-protocol add comment="" name="Extension \" .ram \"" regexp="\\.(ram)"
ip firewall layer7-protocol add comment="" name="Extension \" .rmvb \"" regexp="\\.(rmvb)"
ip firewall layer7-protocol add comment="" name="Extension \" .dat \"" regexp="\\.(dat)"
ip firewall layer7-protocol add comment="" name="Extension \" .daa \"" regexp="\\.(daa)"
ip firewall layer7-protocol add comment="" name="Extension \" .iso \"" regexp="\\.(iso)"
ip firewall layer7-protocol add comment="" name="Extension \" .nrg \"" regexp="\\.(nrg)"
ip firewall layer7-protocol add comment="" name="Extension \" .bin \"" regexp="\\.(bin)"
ip firewall layer7-protocol add comment="" name="Extension \" .vcd \"" regexp="\\.(vcd)"
ip firewall mangle add action=mark-connection chain=prerouting comment="7z DOWNS" disabled=no layer7-protocol="Extension \" .7z \"" new-connection-mark="7z DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="7z DOWNS" disabled=no new-packet-mark=7z passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="asf DOWNS" disabled=no layer7-protocol="Extension \" .asf \"" new-connection-mark="asf DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="asf DOWNS" disabled=no new-packet-mark=asf passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="avi DOWNS" disabled=no layer7-protocol="Extension \" .avi \"" new-connection-mark="avi DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="avi DOWNS" disabled=no new-packet-mark=avi passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="bin DOWNS" disabled=no layer7-protocol="Extension \" .bin \"" new-connection-mark="bin DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="bin DOWNS" disabled=no new-packet-mark=bin passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="flv DOWNS" disabled=no layer7-protocol="Extension \" .flv \"" new-connection-mark="flv DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="flv DOWNS" disabled=no new-packet-mark=flv passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="flv DOWNS" disabled=no layer7-protocol="Extension \" .flv \"" new-connection-mark="flv DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="flv DOWNS" disabled=no new-packet-mark=flv passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="iso DOWNS" disabled=no layer7-protocol="Extension \" .iso \"" new-connection-mark="iso DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark= "iso DOWNS" disabled=no new-packet-mark=iso passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="mkv DOWNS" disabled=no layer7-protocol="Extension \" .mkv \"" new-connection-mark="mkv DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="mkv DOWNS" disabled=no new-packet-mark=mkv passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="exe DOWNS" disabled=no layer7-protocol="Extension \" .exe \"" new-connection-mark="exe DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="exe DOWNS" disabled=no new-packet-mark=exe passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="mov DOWNS" disabled=no layer7-protocol="Extension \" .mov \"" new-connection-mark="mov DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="mov DOWNS" disabled=no new-packet-mark=mov passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="mp3 DOWNS" disabled=no layer7-protocol="Extension \" .mp3 \"" new-connection-mark="mp3 DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="mp3 DOWNS" disabled=no new-packet-mark=mp3 passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="mp4 DOWNS" disabled=no layer7-protocol="Extension \" .mp4 \"" new-connection-mark="mp4 DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="mp4 DOWNS" disabled=no new-packet-mark=mp4 passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="mpeg DOWNS" disabled=no layer7-protocol="Extension \" .mpeg \"" new-connection-mark="mpeg DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="mpeg DOWNS" disabled=no new-packet-mark=mpeg passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="mpg DOWNS" disabled=no layer7-protocol="Extension \" .mpg \"" new-connection-mark="mpg DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="mpg DOWNS" disabled=no new-packet-mark=mpg passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="nrg DOWNS" disabled=no layer7-protocol="Extension \" .nrg \"" new-connection-mark="nrg DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="nrg DOWNS" disabled=no new-packet-mark=nrg passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="ram DOWNS" disabled=no layer7-protocol="Extension \" .ram \"" new-connection-mark="ram DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="ram DOWNS" disabled=no new-packet-mark=ram passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="rar DOWNS" disabled=no layer7-protocol="Extension \" .rar \"" new-connection-mark="rar DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="rar DOWNS" disabled=no new-packet-mark=rar passthrough=no protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="rm DOWNS" disabled=no layer7-protocol="Extension \" .rm \"" new-connection-mark="rm DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="rm DOWNS" disabled=no new-packet-mark=rm passthrough=no protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="rmvb DOWNS" disabled=no layer7-protocol="Extension \" .rmvb \"" new-connection-mark="rmvb DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="rmvb DOWNS" disabled=no new-packet-mark=rmvb passthrough=no protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="wav DOWNS" disabled=no layer7-protocol="Extension \" .wav \"" new-connection-mark="wav DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="wav DOWNS" disabled=no new-packet-mark=wav passthrough=no protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="wma DOWNS" disabled=no layer7-protocol="Extension \" .wma \"" new-connection-mark="wma DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="wma DOWNS" disabled=no new-packet-mark=wma passthrough=no protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="wmv DOWNS" disabled=no layer7-protocol="Extension \" .wmv \"" new-connection-mark="wmv DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="wmv DOWNS" disabled=no new-packet-mark=wmv passthrough=no protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="zip DOWNS" disabled=no layer7-protocol="Extension \" .zip \"" new-connection-mark="zip DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="zip DOWNS" disabled=no new-packet-mark=zip passthrough=no protocol=tcp
ip firewall mangle add action=mark-connection chain=prerouting comment="youtube DOWNS" disabled=no layer7-protocol="YouTube " new-connection-mark="youtube DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="youtube DOWNS" disabled=no new-packet-mark=youtube passthrough=no protocol=t
/ip firewall mangle add action=mark-connection chain=prerouting comment="daa DOWNS" disabled=no layer7-protocol="Extension \" .daa \"" new-connection-mark="daa DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="daa DOWNS" disabled=no new-packet-mark=daa passthrough=no protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="youtube DOWNS" disabled=no layer7-protocol="YouTube " new-connection-mark="youtube DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment="" connection-mark="youtube DOWNS" disabled=no new-packet-mark=youtube passthrough=no protocol=tcp
queue simple add name="exe" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=exe direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="rar" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=rar direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="zip" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=zip direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="7z" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=7z direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="cab" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=cab direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="asf" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=asf direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="mov" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mov direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="wmv" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=wmv direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="mpg" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mpg direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="mpeg" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mpeg direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="mkv" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mkv direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="avi" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=avi direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="flv" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=flv direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="wav" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=wav direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="rm" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=rm direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="mp3" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mp3 direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="mp4" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mp4 direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="ram" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=ram direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="rmvb" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=rmvb direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="dat" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=dat direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="daa" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=daa direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="iso" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=iso direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="nrg" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=nrg direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name="bin" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=bin direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
No comments:
Post a Comment