Scribd Logo
Upload

Welcome to Scribd!

  • 20 views

    Mikrotik Sample Rules

    Uploaded by

    Gerry Gonzaga

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd

    Mikrotik Sample Rules

    Uploaded by

    Gerry Gonzaga
    20 views11 pages

    Original Title

    mikrotik sample rules

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    20 views11 pages

    Mikrotik Sample Rules

    Uploaded by

    Gerry Gonzaga

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    of 11

    mendozad3.bryan@gmail.

    com
    Mendoza@0926

    Code: Select all

    /ip firewall layer7-protocol


    add name=Stream
    regexp="^.+(youtube|dailymotion|metacafe|mccont).*\$"

    add name=streaming
    regexp=videoplayback|video

    add name=SocialMedia
    regexp="^.+(facebook.com|twitter|linkedin|pinterest|tumblr|instagram|VK|
    flickr|vine|meetup|tagged|ask.fm|meetme|classm).*\$"

    add name=layer7-bittorrent-exp
    regexp="^(\\x13bittorrent protocol|azver\\x01\$|get /scrape\\\?
    info_hash=get /announce\\\?info_hash=|get /client/bitcomet/|GET /data\\\?fid=)|
    d1:ad2:id20:|\\x08'7P\\)[RP]"

    add name=block
    regexp="^.+(sex|scandal|xxx|porn).*\$"

    add name=torrent-dns
    regexp="^.+(torrent|thepiratebay|isohunt|demonii|bittorrent|entertane|
    demonoid|btjunkie|mininova|flixflux|torrentz|vertor|h33t|btscene|bitunity|bittoxic|
    thunderbytes|entertane|zoozle|vcdq|bitnova|bitsoup|meganova|fulldls|btbot|flixflux|
    seedpeer|fenopy|gpirate|utorrent|commonbits).*\$"

    add name=torrent-www
    regexp="^.*(get|GET).+(torrent|thepiratebay|isohunt|entertane|demonoid|
    btjunkie|mininova|flixflux|torrentz|vertor|h33t|btscene|bitunity|bittoxic|
    thunderbytes|entertane|zoozle|vcdq|bitnova|bitsoup|meganova|fulldls|btbot|flixflux|
    seedpeer|fenopy|gpirate|commonbits).*\$"

    add name=torrentsites
    regexp="^.*(get|GET).+(torrent|thepiratebay|isohunt|entertane|demonoid|
    btjunkie|mininova|flixflux|torrentz|vertor|h33t|btscene|bitunity|bittoxic|
    thunderbytes|entertane|zoozle|vcdq|bitnova|bitsoup|meganova|fulldls|btbot|flixflux|
    seedpeer|fenopy|gpirate|commonbits).*\$"

    add name=idm-7.1
    regexp="get /.*(user-agent: mozilla/4.0|range: bytes=)"

    /ip pool
    add name=dhcp_pool1
    ranges=192.168.88.2-192.168.88.254

    /ip dhcp-server
    add address-pool=dhcp_pool1
    disabled=no
    interface=lan
    name=dhcp1
    /queue simple
    add max-limit=1M/5M
    name="Parent Pipe (MainISP)"
    target=192.168.88.0/24

    add max-limit=1M/5M name=vip/ip


    parent="Parent Pipe (MainISP)"
    priority=1/1
    target=192.168.88.100/32

    /queue type
    add kind=pfifo
    name=online
    pfifo-limit=10

    add kind=pfifo
    name=browsing
    pfifo-limit=10

    add kind=pcq
    name="online up"
    pcq-classifier=src-address
    pcq-dst-address6-mask=64
    pcq-limit=712000KiB
    pcq-src-address6-mask=64

    add kind=pcq
    name="online down"
    pcq-classifier=dst-address
    pcq-dst-address6-mask=64
    pcq-limit=3000000KiB
    pcq-src-address6-mask=64

    add kind=pcq
    name="browsing up"
    pcq-classifier=src-address
    pcq-dst-address6-mask=64
    pcq-limit=160000KiB
    pcq-src-address6-mask=64

    add kind=pcq
    name="browsing down"
    pcq-classifier=dst-address
    pcq-dst-address6-mask=64
    pcq-limit=3000000KiB
    pcq-src-address6-mask=64

    /queue simple
    add max-limit=712k/2500k
    name="Online Games"
    packet-marks=gpkt
    parent="Parent Pipe (MainISP)"
    priority=1/1
    queue="online up/online down"
    target=192.168.88.0/24

    add max-limit=180k/2500k
    name=Browsing-Streaming-Download-FB
    parent="Parent Pipe (MainISP)"
    priority=2/2
    queue="browsing up/browsing down"
    target=192.168.88.0/24

    add max-limit=180k/2M
    name=SocialMediaPipe
    packet-marks=smpkt
    parent=Browsing-Streaming-Download-FB
    priority=3/3
    target=192.168.88.0/24

    add max-limit=80k/1500k
    name=BrowsingPipe
    packet-marks=bpkt
    parent=Browsing-Streaming-Download-FB
    priority=4/4
    target=192.168.88.0/24

    add max-limit=120k/2M
    name=StreamsPipe
    packet-marks=spkt
    parent=Browsing-Streaming-Download-FB
    priority=5/5
    target=192.168.88.0/24

    add max-limit=90k/2M
    name=P2PDownloadPipe
    packet-marks=dpkt
    parent=Browsing-Streaming-Download-FB
    priority=6/6
    target=192.168.88.0/24

    add max-limit=100k/2M
    name=others
    packet-marks=opkt
    parent=Browsing-Streaming-Download-FB
    priority=7/7
    target=192.168.88.0/24

    /interface bridge port


    add bridge=lan
    interface=ether2
    add bridge=lan
    interface=ether4
    add bridge=lan
    interface=wlan1
    add bridge=lan
    interface=ether3
    /ip address
    add address=192.168.88.1/24
    interface=lan
    network=192.168.88.0

    /ip dhcp-client
    add default-route-distance=0
    dhcp-options=hostname,clientid
    disabled=no interface=ether1

    /ip dhcp-server network


    add address=192.168.1.0/24
    gateway=192.168.1.1
    add address=192.168.88.0/24
    gateway=192.168.88.1

    /ip dns
    set allow-remote-requests=yes
    servers=8.8.8.8,8.8.4.4

    /ip firewall address-list


    add address=92.51.156.78
    comment=tcp
    list=csgo
    add address=103.28.54.10
    comment=udp
    list=csgo-udp
    add address=103.10.124.102
    list=csgo-udp
    add address=119.81.179.147
    list=csgo
    add address=155.133.253.18
    list=csgo-udp

    /ip firewall mangle


    add action=mark-connection
    chain=prerouting
    comment="ONLINE GAME PORTS"
    new-connection-mark=game-cm
    port=5340-5352,6000-6152,10001-10011,14009-14030,18901-18909
    protocol=tcp

    add action=mark-connection
    chain=prerouting
    new-connection-mark=game-cm
    port=39190,27780,29000,22100,10009,4300,15001,15002,7341,7451
    protocol=tcp

    add action=mark-connection
    chain=prerouting
    comment="ONLINE GAME PORTS"
    new-connection-mark=game-cm
    port=5340-5352,6000-6152,10001-10011,14009-14030,18901-18909
    protocol=tcp

    add action=mark-connection
    chain=prerouting
    new-connection-mark=game-cm
    port=39190,27780,29000,22100,10009,4300,15001,15002,7341,7451
    protocol=tcp

    add action=mark-connection
    chain=prerouting
    comment="ONLINE GAME PORTS"
    new-connection-mark=game-cm
    port=5340-5352,6000-6152,10001-10011,14009-14030,18901-18909
    protocol=tcp

    add action=mark-connection
    chain=prerouting
    new-connection-mark=game-cm
    port=39190,27780,29000,22100,10009,4300,15001,15002,7341,7451
    protocol=tcp

    add action=mark-connection
    chain=prerouting
    new-connection-mark=game-cm
    port=40000,9300,9400,9700,7342,8005-8010,37466,36567,8822
    protocol=tcp

    add action=mark-connection
    chain=prerouting
    new-connection-mark=game-cm
    port=47611,16666,20000,5105,29000,18901-18909,9015
    protocol=tcp

    add action=mark-connection
    chain=prerouting
    comment=sf_playpark_tcp
    new-connection-mark=game-cm
    port=49490,50045,50066,50068,50072,50079,50083,51723
    protocol=tcp
    add action=mark-connection
    chain=prerouting
    comment=sf_playpark
    new-connection-mark=game-cm
    port=50969,49159,58466,49471
    protocol=udp

    add action=mark-connection
    chain=prerouting
    comment="League Of Legends"
    new-connection-mark=game-cm
    port=8393-8400,2099,5222-5223
    protocol=tcp
    add action=mark-connection
    chain=prerouting
    comment="League Of Legends"
    new-connection-mark=game-cm
    port=20466,9100,21033
    protocol=tcp
    add action=mark-connection
    chain=prerouting
    comment="League Of Legends"
    new-connection-mark=game-cm
    port=20466,9100,21033
    protocol=udp
    add action=mark-connection
    chain=prerouting
    comment="League Of Legends"
    new-connection-mark=game-cm
    port=5000-5500
    protocol=udp

    add action=mark-connection
    chain=prerouting
    comment="Ragnarok Online"
    new-connection-mark=game-cm
    port=5000-5500
    protocol=tcp

    add action=mark-connection
    chain=prerouting
    comment=DOTA2
    new-connection-mark=game-cm
    passthrough=no
    port=27015-28999
    protocol=udp

    add action=mark-connection
    chain=prerouting
    new-connection-mark=game-cm
    port=27005-27020,13055,7800-7900,12060-12070
    protocol=udp

    add action=mark-connection
    chain=prerouting
    new-connection-mark=game-cm
    port=8005-8010,9068,1293,1479,9401,9600,30000
    protocol=udp

    add action=mark-connection
    chain=prerouting
    new-connection-mark=game-cm
    port=14009-14030,42051-42052,40000-40050,13000-13080
    protocol=udp

    add action=mark-connection
    chain=prerouting
    comment="RAN Online"
    new-connection-mark=game-cm
    port=5001,5502,5105
    protocol=tcp
    add action=mark-connection
    chain=prerouting
    comment="RAN Online"
    new-connection-mark=game-cm
    port=5001,5502,5105
    protocol=udp

    add action=mark-connection
    chain=prerouting
    comment=I-Date
    new-connection-mark=game-cm
    port=8132
    protocol=tcp
    add action=mark-connection
    chain=prerouting
    comment=I-Date
    new-connection-mark=game-cm
    port=8132
    protocol=udp

    add action=mark-connection
    chain=prerouting
    comment=CrossFire
    new-connection-mark=game-cm
    port=16666,9110,13006,10008
    protocol=tcp
    add action=mark-connection
    chain=prerouting
    comment=CrossFire
    new-connection-mark=game-cm
    port=16666,9110,13006,10008
    protocol=udp

    add action=mark-connection
    chain=prerouting
    comment="Dragon Nest"
    new-connection-mark=game-cm
    port=14300,14301,7000,14500
    protocol=tcp

    add action=mark-connection
    chain=prerouting
    comment="Cabal Online"
    new-connection-mark=game-cm
    port=38111-38125
    protocol=tcp
    add action=mark-connection
    chain=prerouting
    comment="Cabal Online"
    new-connection-mark=game-cm
    port=6800-6899
    protocol=udp

    add action=mark-connection
    chain=prerouting
    comment=GARENA
    new-connection-mark=game-cm
    port=7456-7459,7456-7459,6112-6119,999
    protocol=tcp
    add action=mark-connection
    chain=prerouting
    comment=GARENA
    new-connection-mark=game-cm
    port=1512-1515,6112-6119,4000-4200
    protocol=udp

    add action=mark-connection
    chain=prerouting
    comment="Soldier Front"
    new-connection-mark=game-cm
    port=22001-22999
    protocol=udp
    add action=mark-connection
    chain=prerouting
    comment="Soldier Front"
    new-connection-mark=game-cm
    port=27230-27235
    protocol=tcp

    add action=mark-connection
    chain=prerouting
    comment="Audition TCP"
    new-connection-mark=game-cm
    port=18805-18811,62050,65041
    protocol=tcp

    add action=mark-connection
    chain=prerouting
    comment="HON UDP"
    new-connection-mark=game-cm
    port=11235-11335,11031
    protocol=udp
    add action=mark-connection
    chain=prerouting
    comment="HON TCP"
    new-connection-mark=game-cm
    port=11235-11335,11031
    protocol=tcp

    add action=mark-connection
    chain=prerouting
    comment="Audition UDP"
    new-connection-mark=game-cm
    port=18805-18811,62050,65041
    protocol=udp

    add action=mark-connection
    chain=prerouting
    comment="Assault Fire"
    new-connection-mark=game-cm
    port=28526,9030,8000,65000,28540,7552,7515,7631,7586
    protocol=udp

    add action=mark-connection
    chain=prerouting
    comment="CLASH OF ROYALE"
    new-connection-mark=game-cm
    port=51660
    protocol=tcp

    add action=mark-connection
    chain=prerouting
    comment="MU TITAN"
    new-connection-mark=game-cm
    port=49556
    protocol=tcp
    add action=mark-connection
    chain=prerouting
    comment=MU-TITAN-1
    new-connection-mark=game-cm
    port=49161,49275,49283,49579,49584,49589,49592,49594,49595
    protocol=tcp

    add action=mark-connection
    chain=prerouting
    comment="CLASH OF CLAN"
    new-connection-mark=game-cm
    port=9339
    protocol=tcp
    add action=mark-connection
    chain=prerouting
    comment="CLASH OF CLAN"
    new-connection-mark=game-cm
    port=9339
    protocol=udp

    add action=mark-connection
    chain=prerouting
    comment="mobile legends tcp"
    new-connection-mark=game-cm
    port=34242,41741,49354
    protocol=tcp
    add action=mark-connection
    chain=prerouting
    comment="mobile legends udp"
    dst-port=57538
    new-connection-mark=game-cm
    protocol=udp
    add action=mark-packet
    chain=prerouting
    connection-mark=game-cm
    new-packet-mark=gpkt
    passthrough=no

    add action=mark-connection
    chain=prerouting
    comment=STREAM
    layer7-protocol=Stream
    new-connection-mark=Stream-cm

    add action=mark-connection
    chain=prerouting
    comment=STREAMING
    layer7-protocol=streaming
    new-connection-mark=Stream-cm
    add action=mark-packet
    chain=prerouting
    comment=STREAMING
    connection-mark=Stream-cm
    new-packet-mark=spkt
    passthrough=no
    add action=mark-connection
    chain=prerouting
    comment=SocialMedia
    layer7-protocol=SocialMedia
    new-connection-mark=sm-cm
    add action=mark-packet
    chain=prerouting
    comment=SocialMedia
    connection-mark=sm-cm
    new-packet-mark=smpkt
    passthrough=no

    add action=mark-connection
    chain=prerouting
    comment="torent dns"
    layer7-protocol=torrent-dns
    new-connection-mark=download-cm

    add action=mark-connection
    chain=prerouting
    comment="torrent www"
    layer7-protocol=torrent-www
    new-connection-mark=download-cm

    add action=mark-connection
    chain=prerouting
    comment="torrent sites"
    layer7-protocol=torrentsites
    new-connection-mark=download-cm

    add action=mark-connection
    chain=prerouting
    comment=DOWNLOAD-P2P
    new-connection-mark=download-cm
    p2p=all-p2p

    add action=mark-connection
    chain=prerouting
    comment=DownloadTorrent
    dst-port=!0-1024,8291,5900,5800,3389,14147,5222,59905
    layer7-protocol=layer7-bittorrent-exp
    new-connection-mark=download-cm
    protocol=tcp
    add action=mark-connection
    chain=prerouting
    dst-port=!0-1024,8291,5900,5800,3389,14147,5222,59905
    layer7-protocol=layer7-bittorrent-exp
    new-connection-mark=download-cm
    protocol=udp
    add action=mark-packet
    chain=prerouting
    connection-mark=download-cm
    new-packet-mark=dpkt
    passthrough=no

    add action=mark-connection
    chain=prerouting
    comment=BROWSING
    connection-bytes=0-1000000
    new-connection-mark=browsing-cm
    port=443,80
    protocol=tcp
    add action=mark-packet
    chain=prerouting
    connection-mark=browsing-cm
    new-packet-mark=bpkt
    passthrough=no

    add action=mark-connection
    chain=prerouting
    comment=OTHERS
    connection-mark=no-mark
    new-connection-mark=others-cm
    add action=mark-packet
    chain=prerouting
    connection-mark=others-cm
    new-packet-mark=opkt
    passthrough=no

    You might also like