I want to make a script that fulfill these functionalities:if traffic over 4M, then set a flag, then test it after 1 minute, if traffic still over 4M sustainingly, implement the PCQ limit. The key is how to “set a flag”, and in the traffic-monitor,only there is trigger, no sustaining detection. because I don’t want some pulse of traffic to trigger the PCQ limitation.
No one can tell?
Once you define traffic you could use mangle rule action mark-connection.
You could probably use address lists and timers to accomplish this. youd have to get creative, but I bet it could work.
Actually, cant you specify burst times with queues?
0 chain=forward action=change-dscp new-dscp=0 dscp=12
1 chain=forward action=change-dscp new-dscp=12 protocol=tcp
connection-rate=10-4294967295
2 chain=forward action=jump jump-target=heavy_timer_start
dst-address-list=!heavy_2min_list dscp=12
3 ;;; Once identified as heavy keep it that way for the duration of the heavy_time>
uration
chain=heavy_timer_start action=add-dst-to-address-list
dst-address-list=!heavy_timer_duration address-list=heavy_1min_list
address-list-timeout=1m
4 chain=heavy_timer_start action=add-dst-to-address-list
address-list=heavy_2min_list address-list-timeout=2m
5 chain=heavy_timer_start action=add-dst-to-address-list
address-list=heavy_timer_duration address-list-timeout=5m
6 chain=heavy_timer_start action=return
7 ;;; If after 2 min traffic is not heavy clear connection mark
chain=forward action=mark-connection new-connection-mark=no-mark
passthrough=yes dst-address-list=!heavy_2min_list
connection-mark=heavy_traffic_conn
8 ;;; If it is in 2min list and heavy traffic detected mark connection heavy
chain=forward action=mark-connection new-connection-mark=heavy_traffic_conn
passthrough=yes dst-address-list=heavy_2min_list dscp=12
9 ;;; However if it has not been 1 min since first detection - clear the heavy mark
chain=forward action=mark-connection new-connection-mark=no-mark
passthrough=yes dst-address-list=heavy_1min_list dscp=12
10 chain=forward action=mark-packet new-packet-mark=heavy_traffic passthrough=yes
connection-mark=heavy_traffic_conn
1min_list = how long not to act
2min_list = how long to keep it at lower priority (at least)
timer_duration = this timer allows to act on heavy traffic w/o grace period of 1min_list.
If traffic rate increases and is heavy 1 minute later it will be marked heavy.
Past 1min, everytime heavy traffic is detected 2min and timer_duration list timers are reset. If there’s no activity for 2 minutes traffic is cleared of being marked heavy. If traffic rate increases again within timer_duration it’ll get marked heavy right away w/o waiting 1 minute. If traffic rate increases after timer_duration has expired traffic will not be marked heavy unless it is heavy 1 minute later as well…
I’m learning ROS and thought it would be good exercise… 
code is untested.
edit:revised code using TOS field
“connectino rate”,before I read your reply, I first heard of it. It’s excited, maybe this new term would bring a new functionality ,I am consulting the reference of the"connection rate",thank you.