Community discussions

 
BluebeardLV
just joined
Topic Author
Posts: 6
Joined: Fri Sep 13, 2019 11:14 pm

Add Adress List Users to Queue

Fri Sep 13, 2019 11:29 pm

Hi,

Since I have slow internet connection @ my home, I would like to limit internet speed to users who are & when they are downloading torrents.
Currently I have set up Layer 7 Protocol which detects torrent usage and firewall which adds those to Address List (for 10min) but I can't find option to add Address List to Queue.

How can I do that?
Or maybe there is easier way to achieve this solution?
 
martinclaro
newbie
Posts: 27
Joined: Sat Sep 28, 2013 6:08 am
Location: Buenos Aires, Argentina
Contact:

Re: Add Adress List Users to Queue

Sat Sep 14, 2019 2:34 pm

You can add the mangle Rules to match src/dst-address-list and mark those packets.

Then, use the same mark at the simple queues or queue tree.
Martín C. @ TopHost Soluciones
MTCNA | MTCTCE
 
BluebeardLV
just joined
Topic Author
Posts: 6
Joined: Fri Sep 13, 2019 11:14 pm

Re: Add Adress List Users to Queue

Sat Sep 14, 2019 3:41 pm

You can add the mangle Rules to match src/dst-address-list and mark those packets.

Then, use the same mark at the simple queues or queue tree.
Sounds complicated, but will see what I can do.
 
martinclaro
newbie
Posts: 27
Joined: Sat Sep 28, 2013 6:08 am
Location: Buenos Aires, Argentina
Contact:

Re: Add Adress List Users to Queue

Sat Sep 14, 2019 4:05 pm

Not at all... let's say you have an address-list named "acl-limited" with specific addresses (or set dynamically via dhcp-server leases), and your LAN address is 1.2.3.0/24:
/ip firewall address-list
add list=acl-limited address=1.2.3.4
add list=acl-limited address=1.2.3.5
add list=acl-limited address=1.2.3.6

/ip firewall mangle
add action=mark-connection chain=forward comment="From Specific Devices" connection-mark=no-mark new-connection-mark=cm-limited passthrough=yes src-address-list=acl-limited
add action=mark-connection chain=forward comment="To Specific Devices" connection-mark=no-mark dst-address-list=acl-limited new-connection-mark=cm-limited passthrough=yes
add action=mark-packet chain=forward comment="Mark Packets" connection-mark=cm-limited new-packet-mark=pm-limited packet-mark=no-mark passthrough=no

/queue simple
add dst=ether1 max-limit=3M/20M name=queue0 target=1.2.3.0/24
add max-limit=1M/5M name=queue1 packet-marks=pm-limited parent=queue0 queue=pcq-upload-default/pcq-download-default target=1.2.3.0/24
I don't know about your full setup/config so, could be other ways to do that for sure.
Martín C. @ TopHost Soluciones
MTCNA | MTCTCE
 
BluebeardLV
just joined
Topic Author
Posts: 6
Joined: Fri Sep 13, 2019 11:14 pm

Re: Add Adress List Users to Queue

Sat Sep 14, 2019 5:05 pm

Not at all... let's say you have an address-list named "acl-limited" with specific addresses (or set dynamically via dhcp-server leases), and your LAN address is 1.2.3.0/24:
/ip firewall address-list
add list=acl-limited address=1.2.3.4
add list=acl-limited address=1.2.3.5
add list=acl-limited address=1.2.3.6

/ip firewall mangle
add action=mark-connection chain=forward comment="From Specific Devices" connection-mark=no-mark new-connection-mark=cm-limited passthrough=yes src-address-list=acl-limited
add action=mark-connection chain=forward comment="To Specific Devices" connection-mark=no-mark dst-address-list=acl-limited new-connection-mark=cm-limited passthrough=yes
add action=mark-packet chain=forward comment="Mark Packets" connection-mark=cm-limited new-packet-mark=pm-limited packet-mark=no-mark passthrough=no

/queue simple
add dst=ether1 max-limit=3M/20M name=queue0 target=1.2.3.0/24
add max-limit=1M/5M name=queue1 packet-marks=pm-limited parent=queue0 queue=pcq-upload-default/pcq-download-default target=1.2.3.0/24
I don't know about your full setup/config so, could be other ways to do that for sure.
OK, this might work, thanks.
I also have currently set up firewall rules which block torrent traffic and I would like to turn off those rules if less than 3 devices are connected to mikrotik, do you know how to do that?
 
martinclaro
newbie
Posts: 27
Joined: Sat Sep 28, 2013 6:08 am
Location: Buenos Aires, Argentina
Contact:

Re: Add Adress List Users to Queue  [SOLVED]

Sat Sep 14, 2019 5:23 pm

Maybe a better approach is to mark those BitTorrent packets and put them in a queue with less priority (bigger number) so you can prioritize other traffic before BitTorrent. It’s easier and does not rely on a script to be run every minute.
Martín C. @ TopHost Soluciones
MTCNA | MTCTCE

Who is online

Users browsing this forum: No registered users and 19 guests