Diambil dari http://forum.mikrotik.com/viewtopic.php?t=12870
This is little how-to create manual burst using queue tree.
As it is bandwidth control using queue tree first we need to mangle traffic
first i mangle all connections, then i mark first 2Mbytes then i mark the rest of packets
/ip firewall mangle add chain=forward protocol=tcp \
action=mark-connection \
new-connection-mark=new_conn passthrough=yes \
comment="mark all new connections" disabled=no
/ip firewall mangle add chain=forward protocol=tcp \
connection-mark=new_conn \
connection-bytes=0-2000000 action=mark-packet \
new-packet-mark=new_packet passthrough=no \
comment="mark packets" disabled=no
/ip firewall mangle add chain=forward protocol=tcp \
connection-mark=new_conn action=mark-packet \
new-packet-mark=old_packets passthrough=no \
comment="marking old packets" disabled=no
Read more »
Tags: default, firewall, forward, ip mangle, limit, mangle, marking, mbits, mikrotik, pcq, php, queue, queue tree, tcp, time, TTL, user, vi
Filed in Mikrotik | admin | January 11, 2008 11:36 pm | 
Comments (0)
Diambil dari http://forum.mikrotik.com/viewtopic.php?t=11474
Hi, i created these 2 simple rules for firewall forward and this work very fine…… do not say it to anybody ;) :D
2 ;;; BLOCK SPAMMERS OR INFECTED USERS
chain=forward protocol=tcp dst-port=25 \
src-address-list=spammer action=drop
3 ;;; Detect and add-list SMTP virus or spammers
chain=forward protocol=tcp dst-port=25 connection-limit=30,32 \
limit=50,5 src-address-list=!spammer action=add-src-to-address-list \
address-list=spammer address-list-timeout=1d
When detect an infected user with a worm or doing spamming this rule add this user to a spammer list and block the SMTP outgoing for 1 day ;)
Regards!
Alessio
Tags: drop, firewall, forward, infected, limit, mikrotik, port, simple, smtp, spam, tcp, time, user, virus
Filed in Mikrotik | admin | 11:23 pm | Comments (1)
Sesuai dengan judul diatas,
inti dari kasus ini adalah penyedia jasa tidak ingin BW yang diberikan kepada user di sharing lagi mempergunakan nat-router.
Ilmu baru buat saya, dengan memberikan TTL=1 ?, mmmm aneh sekali.
Read more »
Tags: firewall, forward, host, icmp, linux, live, mail, mangle, mikrotik, php, router, time, TTL, user, vi, Zero
Filed in Mikrotik | admin | January 8, 2008 11:22 am | Comments Off
Diambil dari http://forum.mikrotik.com/viewtopic.php?f=9&t=20420
:local sum; :local traf;
:set sum 0
/ip firewall rule forward {
:foreach i in [find] do={:incr sum}
:for i from=1 to=$sum do={
:set traf [get [find comment=("user" . $i)]
bytes]
:set traf ($traf/1073741824)
:if ($traf>1) do={:log facility=System-Info \
message=("user" . $i ." exceeded 1Gb limit!")}
}
}
