過期膠水 wrote:
大家早上好。...(恕刪)
過期膠水大 早
連續地下雨,下週是開車上班週.
--
這幾天搞定L7後,最後決定禁用CAKE.原因是DSCP仍存在風險,用FQ就夠了.
--
/ip firewall mangle
add action=change-mss chain=forward comment="Change MSS" new-mss=\
clamp-to-pmtu protocol=tcp tcp-flags=syn
add action=change-mss chain=output new-mss=clamp-to-pmtu protocol=tcp \
tcp-flags=syn
add action=jump chain=prerouting connection-state=new jump-target=\
tcp-services protocol=tcp
add action=jump chain=prerouting connection-state=new jump-target=\
udp-services protocol=udp
add action=jump chain=prerouting connection-state=new jump-target=\
other-services
add action=mark-connection chain=tcp-services dst-port=20-21 \
new-connection-mark=ftp passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=22 \
new-connection-mark=ssh passthrough=no protocol=tcp src-port=513-65535
add action=mark-connection chain=tcp-services dst-port=23 \
new-connection-mark=telnet passthrough=no protocol=tcp src-port=\
1024-65535
add action=mark-connection chain=tcp-services dst-port=25 \
new-connection-mark=smtp passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=53 \
new-connection-mark=dns passthrough=no protocol=tcp src-port=53
add action=mark-connection chain=tcp-services dst-port=53 \
new-connection-mark=dns passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=80 \
new-connection-mark=http passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=110 \
new-connection-mark=pop3 passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=113 \
new-connection-mark=auth passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=119 \
new-connection-mark=nntp passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=143 \
new-connection-mark=imap passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=161-162 \
new-connection-mark=snmp passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=443 \
new-connection-mark=https passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=465 \
new-connection-mark=smtps passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=993 \
new-connection-mark=imaps passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=995 \
new-connection-mark=pop3s passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=1723 \
new-connection-mark=pptp passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=2379 \
new-connection-mark=kgs passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=3128 \
new-connection-mark=proxy passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=3389 \
new-connection-mark=win-ts passthrough=no protocol=tcp src-port=\
1024-65535
add action=mark-connection chain=tcp-services dst-port=4242-4243 \
new-connection-mark=emule passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=1024-65535 \
new-connection-mark=overnet passthrough=no protocol=tcp src-port=\
4661-4662
add action=mark-connection chain=tcp-services dst-port=1024-65535 \
new-connection-mark=emule passthrough=no protocol=tcp src-port=4711
add action=mark-connection chain=tcp-services dst-port=5900-5901 \
new-connection-mark=vnc passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=6667-6669 \
new-connection-mark=irc passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=6881-6889 \
new-connection-mark=bittorrent passthrough=no protocol=tcp src-port=\
1024-65535
add action=mark-connection chain=tcp-services dst-port=8080 \
new-connection-mark=http passthrough=no protocol=tcp src-port=1024-65535
add action=mark-connection chain=tcp-services dst-port=8291 \
new-connection-mark=winbox passthrough=no protocol=tcp src-port=\
1024-65535
add action=mark-connection chain=tcp-services new-connection-mark=other-tcp \
passthrough=no protocol=tcp
add action=mark-connection chain=udp-services dst-port=53 \
new-connection-mark=dns passthrough=no protocol=udp src-port=1024-65535
add action=mark-connection chain=udp-services dst-port=123 \
new-connection-mark=ntp passthrough=no protocol=udp src-port=1024-65535
add action=mark-connection chain=udp-services dst-port=1701 \
new-connection-mark=l2tp passthrough=no protocol=udp src-port=1024-65535
add action=mark-connection chain=udp-services dst-port=4665 \
new-connection-mark=emule passthrough=no protocol=udp src-port=1024-65535
add action=mark-connection chain=udp-services dst-port=4672 \
new-connection-mark=emule passthrough=no protocol=udp src-port=1024-65535
add action=mark-connection chain=udp-services dst-port=1024-65535 \
new-connection-mark=emule passthrough=no protocol=udp src-port=4672
add action=mark-connection chain=udp-services dst-port=12053 \
new-connection-mark=overnet passthrough=no protocol=udp src-port=\
1024-65535
add action=mark-connection chain=udp-services dst-port=1024-65535 \
new-connection-mark=overnet passthrough=no protocol=udp src-port=12053
add action=mark-connection chain=udp-services dst-port=1024-65535 \
new-connection-mark=skype passthrough=no protocol=udp src-port=36725
add action=mark-connection chain=udp-services connection-state=new \
new-connection-mark=other-udp passthrough=no protocol=udp
add action=mark-connection chain=other-services icmp-options=8:0-255 \
new-connection-mark=ping passthrough=no protocol=icmp
add action=mark-connection chain=other-services new-connection-mark=gre \
passthrough=no protocol=gre
add action=mark-connection chain=other-services new-connection-mark=other \
passthrough=no
/queue type
add fq-codel-limit=1000 fq-codel-quantum=300 fq-codel-target=12ms kind=\
fq-codel name=fq-codel
/queue simple
add max-limit=100M/40M name=fq-codel queue=fq-codel/fq-codel target=pppoe-out1
--
晚安.
人品是做人最好的底牌.
內文搜尋
從 APP 打開
X