I'm developing some qos rules (using HTB) to install on PPPoE server to give our clients the best experience about internet surfing.
First one is this:
Code: Select all
/ip firewall mangle
add action=mark-connection chain=prerouting comment=HTTP-DOWNLOAD \
connection-bytes=500000-0 dst-port=80 new-connection-mark=Priority-4 \
protocol=tcp
add action=mark-packet chain=prerouting comment=ServicePriority-4 \
connection-mark=Priority-4 new-packet-mark=ServicePriority-4 passthrough=\
no
add action=mark-connection chain=prerouting comment=HTTP-Request \
connection-bytes=0-500000 dst-port=80 new-connection-mark=Priority-1 \
protocol=tcp
add action=mark-connection chain=prerouting comment=HTTPS dst-port=443 \
new-connection-mark=Priority-1 protocol=tcp
add action=mark-connection chain=prerouting comment=DNS dst-port=53 \
new-connection-mark=Priority-1 protocol=tcp
add action=mark-connection chain=prerouting dst-port=53 new-connection-mark=\
Priority-1 protocol=udp
add action=mark-connection chain=prerouting comment=ICMP new-connection-mark=\
Priority-1 protocol=icmp
add action=mark-connection chain=prerouting comment=GAMING-PSN dst-port=465 \
new-connection-mark=Priority-1 protocol=tcp
add action=mark-connection chain=prerouting dst-port=883 new-connection-mark=\
Priority-1 protocol=tcp
add action=mark-connection chain=prerouting dst-port=5223 \
new-connection-mark=Priority-1 protocol=tcp
add action=mark-connection chain=prerouting dst-port=10070-10080 \
new-connection-mark=Priority-1 protocol=tcp
add action=mark-connection chain=prerouting dst-port=3478-3479 \
new-connection-mark=Priority-1 protocol=udp
add action=mark-connection chain=prerouting dst-port=3658 \
new-connection-mark=Priority-1 protocol=udp
add action=mark-connection chain=prerouting dst-port=10070 \
new-connection-mark=Priority-1 protocol=udp
add action=mark-connection chain=prerouting comment=GAMING-XBOX dst-port=1863 \
new-connection-mark=Priority-1 protocol=tcp
add action=mark-connection chain=prerouting dst-port=1863 \
new-connection-mark=Priority-1 protocol=udp
add action=mark-connection chain=prerouting dst-port=3074 \
new-connection-mark=Priority-1 protocol=tcp
add action=mark-connection chain=prerouting dst-port=3074 \
new-connection-mark=Priority-1 protocol=udp
add action=mark-packet chain=prerouting comment=ServicePriority-1 \
connection-mark=Priority-1 new-packet-mark=ServicePriority-1 passthrough=\
no
add action=mark-connection chain=prerouting comment=VOIP dst-port=5060-5080 \
new-connection-mark=Priority-2 protocol=udp
add action=mark-connection chain=prerouting comment=RTP dst-port=16384-16482 \
new-connection-mark=Priority-2 protocol=udp
add action=mark-connection chain=prerouting comment=VPN new-connection-mark=\
Priority-2 protocol=ipencap
add action=mark-connection chain=prerouting new-connection-mark=Priority-2 \
protocol=ipsec-esp
add action=mark-connection chain=prerouting new-connection-mark=Priority-2 \
protocol=ipsec-ah
add action=mark-connection chain=prerouting new-connection-mark=Priority-2 \
protocol=gre
add action=mark-connection chain=prerouting new-connection-mark=Priority-2 \
protocol=ipip
add action=mark-packet chain=prerouting comment=ServicePriority-2 \
connection-mark=Priority-2 new-packet-mark=ServicePriority-2 passthrough=\
no
add action=mark-connection chain=prerouting comment=SMTP dst-port=25 \
new-connection-mark=Priority-3 protocol=tcp
add action=mark-connection chain=prerouting comment=POP3 dst-port=110 \
new-connection-mark=Priority-3 protocol=tcp
add action=mark-connection chain=prerouting dst-port=113 new-connection-mark=\
Priority-3 protocol=tcp
add action=mark-connection chain=prerouting comment=IMAP dst-port=143 \
new-connection-mark=Priority-3 protocol=tcp
add action=mark-connection chain=prerouting comment=SMTP-SSL dst-port=465 \
new-connection-mark=Priority-3 protocol=tcp
add action=mark-connection chain=prerouting comment=GMAIL dst-port=587 \
new-connection-mark=Priority-3 protocol=tcp
add action=mark-connection chain=prerouting dst-port=993 new-connection-mark=\
Priority-3 protocol=tcp
add action=mark-connection chain=prerouting dst-port=995 new-connection-mark=\
Priority-3 protocol=tcp
add action=mark-packet chain=prerouting comment=ServicePriority-3 \
connection-mark=Priority-3 new-packet-mark=ServicePriority-3 passthrough=\
no
add action=mark-connection chain=prerouting comment=FTP dst-port=21 \
new-connection-mark=Priority-5 protocol=tcp
add action=mark-connection chain=prerouting comment=SSH dst-port=22 \
new-connection-mark=Priority-5 protocol=tcp
add action=mark-connection chain=prerouting comment=TELNET dst-port=23 \
new-connection-mark=Priority-5 protocol=tcp
add action=mark-connection chain=prerouting comment=MICROSOFT-RDP dst-port=\
3389 new-connection-mark=Priority-5 protocol=tcp
add action=mark-connection chain=prerouting comment=WINBOX dst-port=8291 \
new-connection-mark=Priority-5 protocol=tcp
add action=mark-packet chain=prerouting comment=ServicePriority-5 \
connection-mark=Priority-5 new-packet-mark=ServicePriority-5 passthrough=\
no
add action=mark-connection chain=prerouting comment=ALL-P2P \
new-connection-mark=Priority-8 p2p=all-p2p
add action=mark-connection chain=prerouting comment=L7-BIT-TORRENT \
layer7-protocol=Bit-torrent new-connection-mark=Priority-8
add action=mark-connection chain=prerouting comment=L7-TORRENT-ANNOUNCE \
layer7-protocol=torrent_announce new-connection-mark=Priority-8
add action=mark-connection chain=prerouting comment=L7-TORRENT-HTTP_REQUEST \
layer7-protocol=Torrent-www new-connection-mark=Priority-8
add action=mark-packet chain=prerouting comment=ServicePriority-8 \
connection-mark=Priority-8 new-packet-mark=ServicePriority-8 passthrough=\
no
add action=mark-connection chain=prerouting comment=OTHER-TRAFFIC-TCP \
new-connection-mark=Priority-7 protocol=tcp
add action=mark-connection chain=prerouting comment=OTHER-TRAFFIC-UDP \
new-connection-mark=Priority-7 protocol=udp
add action=mark-packet chain=prerouting comment=ServicePriority-7 \
connection-mark=Priority-7 new-packet-mark=ServicePriority-7 passthrough=\
no
Code: Select all
/queue tree
add name=QOS-RULE parent=global priority=1 queue=Queue-Tree
add name=Gaming-DNS-HTTP packet-mark=ServicePriority-1 parent=QOS-RULE \
priority=1 queue=Queue-Tree
add name=VoIP-RTP+VPN packet-mark=ServicePriority-2 parent=QOS-RULE priority=\
2 queue=Queue-Tree
add name=E-MAIL packet-mark=ServicePriority-3 parent=QOS-RULE priority=3 \
queue=Queue-Tree
add name=HTTP-Download packet-mark=ServicePriority-4 parent=QOS-RULE \
priority=4 queue=Queue-Tree
add name=Management packet-mark=ServicePriority-5 parent=QOS-RULE priority=5 \
queue=Queue-Tree
add name=OtherTraffic packet-mark=ServicePriority-7 parent=QOS-RULE priority=\
7 queue=Queue-other_conn
add name=P2P packet-mark=ServicePriority-8 parent=QOS-RULE queue=Queue-p2p
Second QoS rule:
Code: Select all
/ip firewall mangle
add action=mark-packet chain=prerouting comment=HTTP-IN in-interface=ether1 \
new-packet-mark=HTTP-IN passthrough=no protocol=tcp src-port=80
add action=mark-packet chain=postrouting comment=HTTP-OUT dst-port=80 \
new-packet-mark=HTTP-OUT out-interface=ether1 passthrough=no protocol=tcp
add action=mark-packet chain=prerouting comment=DNS-IN in-interface=ether1 \
new-packet-mark=DNS-IN passthrough=no protocol=tcp src-port=53
add action=mark-packet chain=postrouting comment=DNS-OUT dst-port=53 \
new-packet-mark=DNS-OUT out-interface=ether1 passthrough=no protocol=tcp
add action=mark-packet chain=prerouting comment=HTTPS-IN in-interface=ether1 \
new-packet-mark=HTTPS-IN passthrough=no protocol=tcp src-port=443
add action=mark-packet chain=postrouting comment=HTTPS-OUT dst-port=443 \
new-packet-mark=HTTPS-OUT out-interface=ether1 passthrough=no protocol=\
tcp
add action=mark-packet chain=prerouting comment=ICMP-IN in-interface=ether1 \
new-packet-mark=ICMP-IN passthrough=no protocol=icmp
add action=mark-packet chain=postrouting comment=ICMP-OUT new-packet-mark=\
ICMP-OUT out-interface=ether1 passthrough=no protocol=icmp
add action=mark-packet chain=prerouting comment=WINBOX-IN in-interface=ether1 \
new-packet-mark=WINBOX-IN passthrough=no protocol=tcp src-port=8291
add action=mark-packet chain=postrouting comment=WINBOX-OUT dst-port=8291 \
new-packet-mark=WINBOX-OUT out-interface=ether1 passthrough=no protocol=\
tcp
add action=mark-packet chain=prerouting comment=GAMING-PSN-IN in-interface=\
ether1 new-packet-mark=GAMING-PSN-IN passthrough=no protocol=tcp \
src-port=465
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
GAMING-PSN-IN passthrough=no protocol=tcp src-port=883
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
GAMING-PSN-IN passthrough=no protocol=tcp src-port=5223
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
GAMING-PSN-IN passthrough=no protocol=tcp src-port=10070-10080
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
GAMING-PSN-IN passthrough=no protocol=udp src-port=3478-3479
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
GAMING-PSN-IN passthrough=no protocol=udp src-port=3658
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
GAMING-PSN-IN passthrough=no protocol=udp src-port=10070
add action=mark-packet chain=postrouting comment=GAMING-PSN-OUT dst-port=465 \
new-packet-mark=GAMING-PSN-OUT out-interface=ether1 passthrough=no \
protocol=tcp
add action=mark-packet chain=postrouting dst-port=883 new-packet-mark=\
GAMING-PSN-OUT out-interface=ether1 passthrough=no protocol=tcp
add action=mark-packet chain=postrouting dst-port=5223 new-packet-mark=\
GAMING-PSN-OUT out-interface=ether1 passthrough=no protocol=tcp
add action=mark-packet chain=postrouting dst-port=10070-10080 \
new-packet-mark=GAMING-PSN-OUT out-interface=ether1 passthrough=no \
protocol=tcp
add action=mark-packet chain=postrouting dst-port=3478-3479 new-packet-mark=\
GAMING-PSN-OUT out-interface=ether1 passthrough=no protocol=udp
add action=mark-packet chain=postrouting dst-port=3658 new-packet-mark=\
GAMING-PSN-OUT out-interface=ether1 passthrough=no protocol=udp
add action=mark-packet chain=postrouting dst-port=10070 new-packet-mark=\
GAMING-PSN-OUT out-interface=ether1 passthrough=no protocol=udp
add action=mark-packet chain=prerouting comment=GAMING-XBOX-IN in-interface=\
ether1 new-packet-mark=GAMING-XBOX-IN passthrough=no protocol=tcp \
src-port=1863
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
GAMING-XBOX-IN passthrough=no protocol=udp src-port=1863
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
GAMING-XBOX-IN passthrough=no protocol=tcp src-port=3074
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
GAMING-XBOX-IN passthrough=no protocol=udp src-port=3074
add action=mark-packet chain=postrouting comment=GAMING-XBOX-OUT dst-port=\
1863 new-packet-mark=GAMING-XBOX-OUT out-interface=ether1 passthrough=no \
protocol=tcp
add action=mark-packet chain=postrouting dst-port=1863 new-packet-mark=\
GAMING-XBOX-OUT out-interface=ether1 passthrough=no protocol=udp
add action=mark-packet chain=postrouting dst-port=3074 new-packet-mark=\
GAMING-XBOX-OUT out-interface=ether1 passthrough=no protocol=tcp
add action=mark-packet chain=postrouting dst-port=3074 new-packet-mark=\
GAMING-XBOX-OUT out-interface=ether1 passthrough=no protocol=udp
add action=mark-packet chain=prerouting comment=SKYPE-IN in-interface=ether1 \
layer7-protocol=skypetoskype new-packet-mark=SKYPE-TO-SKYPE-IN \
passthrough=no
add action=mark-packet chain=postrouting comment=SKYPE-OUT layer7-protocol=\
skypetoskype new-packet-mark=SKYPE-TO-SKYPE-OUT out-interface=ether1 \
passthrough=no
add action=mark-packet chain=prerouting comment=SIP-IN in-interface=ether1 \
new-packet-mark=SIP-IN passthrough=no protocol=udp src-port=5060-5080
add action=mark-packet chain=postrouting comment=SIP-OUT dst-port=5060-5080 \
new-packet-mark=SIP-OUT out-interface=ether1 passthrough=no protocol=udp
add action=mark-packet chain=prerouting comment=RTP-IN in-interface=ether1 \
new-packet-mark=SIP-IN passthrough=no protocol=udp src-port=16384-16482
add action=mark-packet chain=postrouting comment=RTP-OUT dst-port=16384-16482 \
new-packet-mark=SIP-OUT out-interface=ether1 passthrough=no protocol=udp
add action=mark-packet chain=prerouting comment=VPN-IN in-interface=ether1 \
new-packet-mark=VPN-IN passthrough=no protocol=ipencap
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
VPN-IN passthrough=no protocol=ipsec-esp
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
VPN-IN passthrough=no protocol=ipsec-ah
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
VPN-IN passthrough=no protocol=gre
add action=mark-packet chain=postrouting comment=VPN-OUT new-packet-mark=\
VPN-OUT out-interface=ether1 passthrough=no protocol=ipencap
add action=mark-packet chain=postrouting new-packet-mark=VPN-OUT \
out-interface=ether1 passthrough=no protocol=ipsec-esp
add action=mark-packet chain=postrouting new-packet-mark=VPN-OUT \
out-interface=ether1 passthrough=no protocol=ipsec-ah
add action=mark-packet chain=postrouting new-packet-mark=VPN-OUT \
out-interface=ether1 passthrough=no protocol=gre
add action=mark-packet chain=prerouting comment=SMTP-IN in-interface=ether1 \
new-packet-mark=E-MAIL-IN passthrough=no protocol=tcp src-port=25
add action=mark-packet chain=postrouting comment=SMTP-OUT dst-port=25 \
new-packet-mark=E-MAIL-OUT out-interface=ether1 passthrough=no protocol=\
tcp
add action=mark-packet chain=prerouting comment=E-MAIL-IN in-interface=ether1 \
new-packet-mark=E-MAIL-IN passthrough=no protocol=tcp src-port=\
110,113,143,465,587,993,995
add action=mark-packet chain=postrouting comment=E-MAIL-OUT dst-port=\
110,113,143,465,587,993,995 new-packet-mark=E-MAIL-OUT out-interface=\
ether1 passthrough=no protocol=tcp
add action=mark-packet chain=prerouting comment=FTP-IN in-interface=ether1 \
new-packet-mark=MANAGEMENT-OUT passthrough=no protocol=tcp src-port=21
add action=mark-packet chain=postrouting comment=FTP-OUT dst-port=21 \
new-packet-mark=MANAGEMENT-IN out-interface=ether1 passthrough=no \
protocol=tcp
add action=mark-packet chain=prerouting comment=SSH-IN in-interface=ether1 \
new-packet-mark=MANAGEMENT-IN passthrough=no protocol=tcp src-port=22
add action=mark-packet chain=postrouting comment=SSH-OUT dst-port=22 \
new-packet-mark=MANAGEMENT-IN out-interface=ether1 passthrough=no \
protocol=tcp
add action=mark-packet chain=prerouting comment=TELNET-IN in-interface=ether1 \
new-packet-mark=MANAGEMENT-IN passthrough=no protocol=tcp src-port=23
add action=mark-packet chain=postrouting comment=TELNET-OUT dst-port=23 \
new-packet-mark=MANAGEMENT-IN out-interface=ether1 passthrough=no \
protocol=tcp
add action=mark-packet chain=prerouting comment=RDP-IN in-interface=ether1 \
new-packet-mark=MANAGEMENT-IN passthrough=no protocol=tcp src-port=3389
add action=mark-packet chain=postrouting comment=RDP-OUT dst-port=3389 \
new-packet-mark=MANAGEMENT-IN out-interface=ether1 passthrough=no \
protocol=tcp
add action=jump chain=prerouting comment=P2P-TORRENT-IN in-interface=ether1 \
jump-target=MatchTorrent layer7-protocol=Bit-torrent
add action=jump chain=prerouting in-interface=ether1 jump-target=MatchTorrent \
layer7-protocol=torrent_announce
add action=mark-connection chain=MatchTorrent new-connection-mark=\
Torrent-Match
add action=mark-packet chain=MatchTorrent connection-mark=Torrent-Match \
new-packet-mark=P2P-TORRENT-IN passthrough=no
add action=jump chain=postrouting comment=P2P-TORRENT-OUT jump-target=\
MatchTorrent-pstr layer7-protocol=Bit-torrent out-interface=ether1
add action=jump chain=postrouting jump-target=MatchTorrent-pstr \
layer7-protocol=torrent_announce out-interface=ether1
add action=mark-connection chain=MatchTorrent-pstr new-connection-mark=\
Torrent-Match-out
add action=mark-packet chain=MatchTorrent-pstr connection-mark=\
Torrent-Match-out new-packet-mark=P2P-TORRENT-OUT passthrough=no
add action=mark-packet chain=prerouting comment="REGEXP CODE-P2P" \
in-interface=ether1 layer7-protocol=Torrent-www new-packet-mark=\
P2P-PACKET-REG-IN passthrough=no
add action=mark-packet chain=postrouting layer7-protocol=Torrent-www \
new-packet-mark=P2P-PACKET-REG-OUT out-interface=ether1 passthrough=no
add action=mark-packet chain=prerouting comment="REGEXP CODE-P2P-DNS" \
in-interface=ether1 layer7-protocol=Torrent-DNS new-packet-mark=\
P2P-PACKET-REG-DNS-IN passthrough=no protocol=udp src-port=53
add action=mark-packet chain=postrouting dst-port=53 layer7-protocol=\
Torrent-DNS new-packet-mark=P2P-PACKET-REG-DNS-OUT out-interface=ether1 \
passthrough=no protocol=udp
add action=mark-packet chain=prerouting comment=P2P in-interface=ether1 \
new-packet-mark=P2P-PACKET-IN p2p=all-p2p passthrough=no
add action=mark-packet chain=postrouting new-packet-mark=P2P-PACKET-OUT \
out-interface=ether1 p2p=all-p2p passthrough=no
add action=mark-packet chain=prerouting comment=OTHER-PACKET in-interface=\
ether1 new-packet-mark=OTHER-IN passthrough=no protocol=tcp
add action=mark-packet chain=postrouting new-packet-mark=OTHER-OUT \
out-interface=ether1 passthrough=no protocol=tcp
add action=mark-packet chain=prerouting in-interface=ether1 new-packet-mark=\
OTHER-IN passthrough=no protocol=udp
add action=mark-packet chain=postrouting new-packet-mark=OTHER-OUT \
out-interface=ether1 passthrough=no protocol=udp
Code: Select all
/queue type
add kind=pfifo name=QUEUE-P1 pfifo-limit=460
add kind=pfifo name=QUEUE-P2 pfifo-limit=260
add kind=pfifo name=QUEUE-P3 pfifo-limit=260
add kind=pfifo name=QUEUE-P4 pfifo-limit=360
add kind=pfifo name=QUEUE-P5 pfifo-limit=160
add kind=pfifo name=QUEUE-P7 pfifo-limit=800
add kind=pfifo name=QUEUE-P8 pfifo-limit=960
/queue tree
add name=QOS-Rule-IN-P1 parent=global priority=1 queue=QUEUE-P1
add name=HTTP packet-mark=HTTP-IN parent=QOS-Rule-IN-P1 priority=1 queue=\
QUEUE-P1
add name=DNS packet-mark=DNS-IN parent=QOS-Rule-IN-P1 priority=1 queue=\
QUEUE-P1
add name=HTTPS packet-mark=HTTPS-IN parent=QOS-Rule-IN-P1 priority=1 queue=\
QUEUE-P1
add name=ICMP packet-mark=ICMP-IN parent=QOS-Rule-IN-P1 priority=1 queue=\
QUEUE-P1
add name=GAME-PSN packet-mark=GAMING-PSN-IN parent=QOS-Rule-IN-P1 priority=1 \
queue=QUEUE-P1
add name=GAME-XBOX packet-mark=GAMING-XBOX-IN parent=QOS-Rule-IN-P1 priority=\
1 queue=QUEUE-P1
add name=QOS-Rule-IN-P2 parent=global priority=2 queue=QUEUE-P2
add name=VOIP packet-mark=SIP-IN parent=QOS-Rule-IN-P2 priority=2 queue=\
QUEUE-P2
add name=SKYPE packet-mark=SKYPE-TO-SKYPE-IN parent=QOS-Rule-IN-P2 priority=2 \
queue=QUEUE-P2
add name=QOS-Rule-IN-P3 parent=global priority=3 queue=QUEUE-P3
add name=VPN packet-mark=VPN-IN parent=QOS-Rule-IN-P3 priority=3 queue=\
QUEUE-P3
add name=QOS-Rule-IN-P4 parent=global priority=4 queue=QUEUE-P4
add name=E-MAIL parent=QOS-Rule-IN-P4 priority=4 queue=QUEUE-P4
add name=WINBOX packet-mark=WINBOX-IN parent=QOS-Rule-IN-P1 priority=1 queue=\
QUEUE-P1
add name=QOS-Rule-IN-P5 parent=global priority=5 queue=QUEUE-P5
add name=MANAGEMENT packet-mark=MANAGEMENT-IN parent=QOS-Rule-IN-P5 priority=\
5 queue=QUEUE-P5
add name=QOS-Rule-IN-P7 parent=global priority=7 queue=QUEUE-P7
add name=OTHER-CONNECTION packet-mark=OTHER-IN parent=QOS-Rule-IN-P7 \
priority=7 queue=QUEUE-P7
add name=QOS-Rule-IN-P8 parent=global queue=QUEUE-P8
add name=TORRENT packet-mark=P2P-TORRENT-IN parent=QOS-Rule-IN-P8 queue=\
QUEUE-P8
add name=TORRENT-REG packet-mark=P2P-PACKET-REG-IN parent=QOS-Rule-IN-P8 \
queue=QUEUE-P8
add name=TORRENT-REG-DNS packet-mark=P2P-PACKET-REG-DNS-IN parent=\
QOS-Rule-IN-P8 queue=QUEUE-P8
add name=ALL-P2P packet-mark=P2P-PACKET-IN parent=QOS-Rule-IN-P8 queue=\
QUEUE-P8
add name=QOS-Rule-OUT-P1 parent=global priority=1 queue=QUEUE-P1
add name=DNS-OUT packet-mark=DNS-OUT parent=QOS-Rule-OUT-P1 priority=1 queue=\
QUEUE-P1
add name=GAME-PSN-OUT packet-mark=GAMING-PSN-OUT parent=QOS-Rule-OUT-P1 \
priority=1 queue=QUEUE-P1
add name=GAME-XBOX-OUT packet-mark=GAMING-XBOX-OUT parent=QOS-Rule-OUT-P1 \
priority=1 queue=QUEUE-P1
add name=HTTP-OUT packet-mark=HTTP-OUT parent=QOS-Rule-OUT-P1 priority=1 \
queue=QUEUE-P1
add name=HTTPS-OUT packet-mark=HTTPS-OUT parent=QOS-Rule-OUT-P1 priority=1 \
queue=QUEUE-P1
add name=ICMP-OUT packet-mark=ICMP-OUT parent=QOS-Rule-OUT-P1 priority=1 \
queue=QUEUE-P1
add name=WINBOX-OUT packet-mark=WINBOX-OUT parent=QOS-Rule-OUT-P1 priority=1 \
queue=QUEUE-P1
add name=QOS-Rule-OUT-P2 parent=global priority=2 queue=QUEUE-P2
add name=VOIP-OUT packet-mark=SIP-OUT parent=QOS-Rule-OUT-P2 priority=2 \
queue=QUEUE-P2
add name=SKYPE-OUT packet-mark=SKYPE-TO-SKYPE-OUT parent=QOS-Rule-OUT-P2 \
priority=2 queue=QUEUE-P2
add name=QOS-Rule-OUT-P3 parent=global priority=3 queue=QUEUE-P3
add name=VPN-OUT packet-mark=VPN-OUT parent=QOS-Rule-OUT-P3 priority=3 queue=\
QUEUE-P3
add name=QOS-Rule-OUT-P4 parent=global priority=4 queue=QUEUE-P4
add name=E-MAIL-OUT packet-mark=E-MAIL-OUT parent=QOS-Rule-OUT-P4 priority=4 \
queue=QUEUE-P4
add name=QOS-Rule-OUT-P5 parent=global priority=5 queue=QUEUE-P5
add name=MANAGEMENT-OUT packet-mark=MANAGEMENT-OUT parent=QOS-Rule-OUT-P5 \
priority=5 queue=QUEUE-P5
add name=QOS-Rule-OUT-P7 parent=global priority=7 queue=QUEUE-P7
add name=OTHER-CONNECTION-OUT packet-mark=OTHER-OUT parent=QOS-Rule-OUT-P7 \
priority=7 queue=QUEUE-P7
add name=QOS-Rule-OUT-P8 parent=global queue=QUEUE-P8
add name=ALL-P2P-OUT packet-mark=P2P-PACKET-OUT parent=QOS-Rule-OUT-P8 queue=\
QUEUE-P8
add name=TORRENT-OUT packet-mark=P2P-TORRENT-OUT parent=QOS-Rule-OUT-P8 \
queue=QUEUE-P8
add name=TORRENT-REG-OUT packet-mark=P2P-PACKET-REG-OUT parent=\
QOS-Rule-OUT-P8 queue=QUEUE-P8
add name=TORRENT-REG-DNS-OUT packet-mark=P2P-PACKET-REG-DNS-OUT parent=\
QOS-Rule-OUT-P8 queue=QUEUE-P8
In your experiences what is the best practice about it, and which of these is the best solution?
Thanks to all