Firewall
Code: Select all
/ip firewall mangle
add action=mark-connection chain=prerouting comment=Whatsapp_Conn \
dst-address-list=Whatsapp new-connection-mark=Whatsapp_conn passthrough=\
yes per-connection-classifier=both-addresses:2/1 src-address=\
192.168.1.0/24
add action=mark-packet chain=prerouting comment=Whatsapp_Packets \
connection-mark=Whatsapp_conn new-packet-mark=Whatsapp_packets \
passthrough=yes
add action=mark-routing chain=prerouting comment=Whatsapp_Route \
new-routing-mark=Whatsapp_route packet-mark=Whatsapp_packets passthrough=\
yes
add action=mark-connection chain=prerouting comment=GMail_Conn \
dst-address-list=GMail new-connection-mark=GMail_conn passthrough=yes \
per-connection-classifier=both-addresses:2/1 src-address=192.168.1.0/24
add action=mark-packet chain=prerouting comment=GMail_Packets \
connection-mark=GMail_conn new-packet-mark=GMail_packets passthrough=yes
add action=mark-routing chain=prerouting comment=GMail_Route \
new-routing-mark=GMail_route packet-mark=GMail_packets passthrough=yes
add action=mark-connection chain=prerouting comment=YMail_Conn \
dst-address-list=YMail new-connection-mark=YMail_conn passthrough=yes \
per-connection-classifier=both-addresses:2/1 src-address=192.168.1.0/24
add action=mark-packet chain=prerouting comment=YMail_Packets \
connection-mark=YMail_conn new-packet-mark=YMail_packets passthrough=yes
add action=mark-routing chain=prerouting comment=YMail_Route \
new-routing-mark=YMail_route packet-mark=YMail_packets passthrough=yes
add action=mark-connection chain=prerouting comment=Skype_Conn \
dst-address-list=Skype new-connection-mark=Skype_conn passthrough=yes \
per-connection-classifier=both-addresses:2/1 src-address=192.168.1.0/24
add action=mark-packet chain=prerouting comment=Skype_Packets \
connection-mark=Skype_conn new-packet-mark=Skype_packets passthrough=yes
add action=mark-routing chain=prerouting comment=Skype_Route \
new-routing-mark=Skype_route packet-mark=Skype_packets passthrough=yes
add action=mark-connection chain=prerouting comment=Server_Conn dst-address=\
202.152.58.0/24 new-connection-mark=Server_Conn passthrough=yes \
per-connection-classifier=both-addresses:2/1 src-address=192.168.1.0/24
add action=mark-packet chain=prerouting comment=Server_Packets \
connection-mark=Server_Conn new-packet-mark=Server_Packet passthrough=\
yes
add action=mark-routing chain=prerouting comment=Server_Route \
new-routing-mark=Server_route packet-mark=Server_Packet passthrough=yes
add action=mark-connection chain=prerouting comment=IIX_Conn connection-mark=\
no-mark dst-address-list=nice new-connection-mark=IIX_conn passthrough=\
yes per-connection-classifier=both-addresses:2/0 src-address=\
192.168.1.0/24
add action=mark-packet chain=prerouting comment=IIX_Packets connection-mark=\
IIX_conn new-packet-mark=IIX_packets passthrough=yes
add action=mark-routing chain=prerouting comment=IIX_Route new-routing-mark=\
IIX_route packet-mark=IIX_packets passthrough=yes
add action=mark-connection chain=prerouting comment=International_Connection \
connection-mark=no-mark dst-address-list=!nice new-connection-mark=\
Int_conn packet-mark=no-mark passthrough=yes per-connection-classifier=\
both-addresses:2/0 src-address=192.168.1.0/24
add action=mark-packet chain=prerouting comment=Int_Packets connection-mark=\
Int_conn dst-address-list=!nice new-packet-mark=Int_packets passthrough=\
yes
add action=mark-routing chain=prerouting comment=International_route \
new-routing-mark=Int_route packet-mark=Int_packets passthrough=yes
Route
Code: Select all
/ip route
add check-gateway=ping distance=1 gateway=192.168.20.1 routing-mark=\
Whatsapp_route
add check-gateway=ping distance=2 gateway=192.168.10.1 routing-mark=\
Whatsapp_route
add check-gateway=ping distance=1 gateway=192.168.20.1 routing-mark=\
GMail_route
add check-gateway=ping distance=2 gateway=192.168.10.1 routing-mark=\
GMail_route
add check-gateway=ping distance=1 gateway=192.168.20.1 routing-mark=\
YMail_route
add check-gateway=ping distance=2 gateway=192.168.10.1 routing-mark=\
YMail_route
add check-gateway=ping distance=1 gateway=192.168.20.1 routing-mark=\
Skype_route
add check-gateway=ping distance=2 gateway=192.168.10.1 routing-mark=\
Skype_route
add check-gateway=ping distance=1 dst-address=202.152.58.0/24 gateway=\
192.168.20.1 routing-mark=Server_route
add check-gateway=ping distance=2 dst-address=202.152.58.0/24 gateway=\
192.168.10.1 routing-mark=Server_route
add check-gateway=ping distance=1 gateway=192.168.10.1 routing-mark=IIX_route
add check-gateway=ping distance=2 gateway=192.168.20.1 routing-mark=IIX_route
add check-gateway=ping distance=1 gateway=192.168.10.1 routing-mark=Int_route
add check-gateway=ping distance=2 gateway=192.168.20.1 routing-mark=Int_route
add check-gateway=ping distance=1 gateway=192.168.10.1
add check-gateway=ping distance=2 gateway=192.168.20.1
/ip route rule
add routing-mark=Server_route src-address=192.168.1.0/24 table=Server_route
add routing-mark=Whatsapp_route src-address=192.168.1.0/24 table=\
Whatsapp_route
add routing-mark=GMail_route src-address=192.168.1.0/24 table=GMail_route
add routing-mark=YMail_route src-address=192.168.1.0/24 table=YMail_route
add routing-mark=Skype_route src-address=192.168.1.0/24 table=Skype_route
add routing-mark=Skype_route src-address=192.168.1.0/24 table=IIX_route
add routing-mark=Skype_route src-address=192.168.1.0/24 table=Int_route
I want create something like this
- whatsapp, skype, gmail, ymail, server = using gateway 192.168.20.1
- IIX & Int Packet = using gateway 192.168.10.1
the problem i have is:
- when the IIX_conn & Int_conn that using nice list activated, all prev mark-routing got replaced/not working
- whatsapp, gmail, ymail, skype, server are !nice list so it also marked as Int_conn, but i want them separated with Int_conn
*i need this nice list activated for bandwidth management.
**nice list are my nation websites provided by our ISP
thanks in advance!