Burst for each TCP connection

Diambil dari http://forum.mikrotik.com/viewtopic.php?t=12870

This is little how-to create manual burst using queue tree.

As it is bandwidth control using queue tree first we need to mangle traffic

first i mangle all connections, then i mark first 2Mbytes then i mark the rest of packets

/ip firewall mangle add chain=forward protocol=tcp \
action=mark-connection \
new-connection-mark=new_conn passthrough=yes \
comment="mark all new connections" disabled=no

/ip firewall mangle add chain=forward protocol=tcp  \
connection-mark=new_conn \
connection-bytes=0-2000000 action=mark-packet \
new-packet-mark=new_packet passthrough=no \
comment="mark packets" disabled=no

/ip firewall mangle add chain=forward protocol=tcp \
connection-mark=new_conn action=mark-packet \
new-packet-mark=old_packets passthrough=no \
comment="marking old packets" disabled=no

Read more »

How to stop (smtp) viruses !!

Diambil dari http://forum.mikrotik.com/viewtopic.php?t=11474

Hi, i created these 2 simple rules for firewall forward and this work very fine…… do not say it to anybody ;) :D

2 ;;; BLOCK SPAMMERS OR INFECTED USERS
chain=forward protocol=tcp dst-port=25 \
src-address-list=spammer action=drop

3 ;;; Detect and add-list SMTP virus or spammers
chain=forward protocol=tcp dst-port=25 connection-limit=30,32 \
limit=50,5 src-address-list=!spammer action=add-src-to-address-list \
address-list=spammer address-list-timeout=1d

When detect an infected user with a worm or doing spamming this rule add this user to a spammer list and block the SMTP outgoing for 1 day ;)

Regards!
Alessio

Disconnecting the users with bad signal [2.9.X]

Diambil dari http://forum.mikrotik.com/viewtopic.php?f=9&t=20370

YOU WANT IT – YOU GOT IT 8)

Small manual:
Install – click system->scripts, click “+”, enter in the name whatevery you want (like signallimiter), click ok, done!

6z42kbr.jpg
Read more »

How to limit a user to a given amount of traffic?

Diambil dari http://forum.mikrotik.com/viewtopic.php?f=9&t=20420

:local sum; :local traf;
:set sum 0
/ip firewall rule forward {
:foreach i in [find] do={:incr sum}
:for i from=1 to=$sum  do={
:set traf [get [find comment=("user" . $i)]
bytes]
:set traf ($traf/1073741824)
:if ($traf>1) do={:log facility=System-Info \
message=("user" . $i ." exceeded 1Gb limit!")}
}
}

Squid Delaypools

(migrasi dari geocities.com/adilinux)

Another useful squid feature is delay pools. Conceptually, delay pools are bandwidth limitations – “pools” of bandwidth that drain out as people browse the Web, and fill up at a rate you specify – this can be thought of as a leaky bucket that is continually being filled.
This is useful when bandwidth charges are expensive like in indonesia.
Delay pools provide a way to limit the bandwidth of certain requests based on any list of criteria. The idea came from a Western Australian university who wanted to restrict student traffic costs (without affecting staff traffic, and still getting cache and local peering hits at full speed).

To enable this, configure squid with the –enable-delay-pools option. There are 3 classes of delay pools – class 1 is a single aggregate bucket, class 2 is an aggregate bucket with an individual bucket for each host in the class C, and class 3 is an aggregate bucket, with a network bucket (for each class B) and an individual bucket for each host. Read more »