if i create 2 dst address list
on with all-p2p option on mikrotik
and one with clients-use-p2p
so i have 1 list that reads all p2p connection and a list with clients
how can i block all address of the all-p2p exept clients?
and will this work can please comment on this as i dont think this can work very well
Hi
I have done something similar to that , just used add to src-address-list… I add all my clients that use p2p to the list and shape high udp/tcp ports with queue tree and pcq queues .
Also have marked all know traffic that uses high ports and passthrough off
action=add-src-to-address-list address-list=p2p->user address-list-timeout=10m chain=prerouting comment="p2p user" disabled=no p2p=all-p2p src-address= src-address-list=clients
(There a couple of mangle rules before this one -- msn ,ftp , gtalk etc )
action=mark-packet chain=postrouting comment="p2p user" disabled=no dst-address-list=p2p->user new-packet-mark=p2p-user passthrough=no protocol=tcp src-port=2000-65535
action=mark-packet chain=postrouting comment="" disabled=no dst-port=2000-65535 new-packet-mark=p2p-user passthrough=no protocol=tcp src-address-list=p2p->user
action=mark-packet chain=postrouting comment="" disabled=no dst-address-list=p2p->user new-packet-mark=p2p-user passthrough=no protocol=udp src-port=2000-65535
action=mark-packet chain=postrouting comment="" disabled=no dst-port=2000-65535 new-packet-mark=p2p-user passthrough=no protocol=udp src-address-list=p2p->user
I find dropping traffic creates issues . I would rather shape
can you post a script to add this into a mikrotik or a rsc