Can anybody find how to priorityse the uTorrent traffic ?!??? I'm using example by Janis Megis (http://wiki.mikrotik.com/images/8/8d/Qo ... v.2%29.pdf), BUT 'Other' type of packets is MORE than known in mangle:

/ip firewall mangle
add action=mark-packet chain=prerouting comment=Ensign disabled=no \
new-packet-mark=Ensign_services passthrough=no protocol=icmp
add action=mark-packet chain=prerouting disabled=no dst-port=23 \
new-packet-mark=Ensign_services passthrough=no protocol=tcp src-port=\
1024-65535
add action=mark-packet chain=prerouting disabled=no dst-port=22 \
new-packet-mark=Ensign_services packet-size=0-1440 passthrough=no \
protocol=tcp src-port=1024-65535
add action=mark-packet chain=prerouting disabled=no new-packet-mark=\
Ensign_services passthrough=no protocol=gre
add action=mark-packet chain=prerouting disabled=no dst-port=53 \
new-packet-mark=Ensign_services passthrough=no protocol=tcp src-port=\
1024-65535
add action=mark-packet chain=prerouting disabled=no dst-port=53 \
new-packet-mark=Ensign_services passthrough=no protocol=udp src-port=\
1024-65535
add action=mark-packet chain=prerouting disabled=no dst-port=67 \
new-packet-mark=Ensign_services passthrough=no protocol=udp src-port=68
add action=mark-packet chain=prerouting connection-bytes=0-500000 disabled=no \
dst-port=80 new-packet-mark=Ensign_services passthrough=no protocol=tcp \
src-port=1024-65535
add action=mark-packet chain=prerouting disabled=no new-packet-mark=\
Ensign_services passthrough=no port=179 protocol=tcp
add action=mark-packet chain=prerouting disabled=no dst-port=443 \
new-packet-mark=Ensign_services passthrough=no protocol=tcp src-port=\
1024-65535
add action=mark-packet chain=prerouting disabled=no dst-port=8291 \
new-packet-mark=Ensign_services passthrough=no protocol=tcp src-port=\
1024-65535
add action=mark-packet chain=prerouting comment=User disabled=no \
dst-address-list=user_requests new-packet-mark=User_requests passthrough=\
no
add action=mark-packet chain=prerouting disabled=no new-packet-mark=\
User_requests passthrough=no port=3724 protocol=tcp
add action=mark-packet chain=prerouting comment=Comm disabled=no dscp=26 \
new-packet-mark=Communication_services passthrough=no
add action=mark-packet chain=prerouting disabled=no dscp=46 new-packet-mark=\
Communication_services passthrough=no
add action=mark-packet chain=prerouting disabled=no new-packet-mark=\
Communication_services passthrough=no port=1863 protocol=tcp
add action=mark-packet chain=prerouting disabled=no new-packet-mark=\
Communication_services passthrough=no port=3389 protocol=tcp
add action=mark-packet chain=prerouting disabled=no new-packet-mark=\
Communication_services passthrough=no port=1723 protocol=tcp
add action=mark-packet chain=prerouting disabled=no new-packet-mark=\
Communication_services passthrough=no port=5050 protocol=tcp
add action=mark-packet chain=prerouting comment=Download disabled=no \
dst-port=110 new-packet-mark=Download_services passthrough=no protocol=\
tcp src-port=1024-65535
add action=mark-packet chain=prerouting disabled=no dst-port=995 \
new-packet-mark=Download_services passthrough=no protocol=tcp src-port=\
1024-65535
add action=mark-packet chain=prerouting disabled=no dst-port=143 \
new-packet-mark=Download_services passthrough=no protocol=tcp src-port=\
1024-65535
add action=mark-packet chain=prerouting disabled=no dst-port=993 \
new-packet-mark=Download_services passthrough=no protocol=tcp src-port=\
1024-65535
add action=mark-packet chain=prerouting disabled=no dst-port=25 \
new-packet-mark=Download_services passthrough=no protocol=tcp src-port=\
1024-65535
add action=mark-packet chain=prerouting connection-bytes=500000-0 disabled=no \
dst-port=80 new-packet-mark=Download_services passthrough=no protocol=tcp \
src-port=1024-65535
add action=mark-packet chain=prerouting disabled=no dst-port=20 \
new-packet-mark=Download_services passthrough=no protocol=tcp src-port=\
1024-65535
add action=mark-packet chain=prerouting disabled=no dst-port=21 \
new-packet-mark=Download_services passthrough=no protocol=tcp src-port=\
1024-65535
add action=mark-packet chain=prerouting disabled=no dst-port=22 \
new-packet-mark=Download_services packet-size=1400-1500 passthrough=no \
protocol=tcp src-port=1024-65535
add action=mark-packet chain=prerouting comment=P2P disabled=no \
new-packet-mark=P2P_services p2p=all-p2p passthrough=no
add action=mark-packet chain=prerouting comment=Else disabled=no \
new-packet-mark=other passthrough=no
add action=log chain=prerouting disabled=no log-prefix="not marked prero" \
packet-mark=no-mark

Can someone please advice where to try to find the answer???

I usually identify bittorrent traffic by the vast amounts of open ports and new connections to a certain PC. But because of their encrypted nature, it's very hard to identify bittorrent traffic. Rather than try and block or identify bittorrent, try and identify everything else, then allow a certain bandwidth for the unidentified traffic, which includes your bittorrent and some other unknown protocols or stuff you haven't specifically identified.

You could block access to packets containing "tracker" or "bittorrent" but you'd likely block some legitimate packets too. There's no perfect L7 detection yet for utorrent.

Is there a difference where to catch MARK traffic ??? (prerouting, postrouting, forward) ??? As I saw not all traffic goes on a prerouting chain.. where to effective catch it ??

http://wiki.mikrotik.com/wiki/File:IP_final.png

So to mark INCOMMING traffic I need to use PREROUTING mangle and the GLOBAL-IN queues
to mark OUTGOING traffic I need to use POSTROUTING mangle and the GLOBAL-OUT queues ? I'am right ??

But if I had 1 BGP and 2 BGP peer, where to catch INC and OUT traffic for BGP2 ????

Oh I'm stupid monkey ... Offcourse!! I found it

A little cup of knowledge, comes with a huge part of time.

Thank you Normis, My eyes are watching better !