lunes, 29 de abril de 2019

RouterOS.Config (Basic 02-02)

...
# HTB (Leyer7 Rules): ----------------------------------------------------- [ INI ]
# En análisis de HTB, es previo al de Queue.Simple en el Flow de RouterOS.
# Down (¿50M?): ------------------------------------------------------------------------
/ip firewall layer7-protocol add name=File.Down regexp="^.+\\.(exe|rar|zip|7z|cab|asf|mov|vob|wmv|mpg|mpeg|mkv|avi|flv|wav|rm|mp3|mp|ram|rmvb|dat|daa|iso|nrg|bin|vcd|3gp|aac|ace|aif|arj|bz2|gz|gzip|img|lzh|m4a|m4v|mpa|mpe|msi|msu|ogg|ogv|pdf|plj|pps|ppt|qt|ro*|r1*|ra|rm|sea|sit|sitx|tar|tif|tiff|z|001|002|003|004|005).*\$" comment="028C+: L7 (Patron regular de File.Down)";
/ip firewall layer7-protocol add name=Video.Streaming regexp=”^.+(videoplayback|video).*\$” comment="001C+: L7 (Patron regular de VideoStream)";
/ip firewall layer7-protocol add name=P2P.WWW regexp="^.+(get|GET).+(torrent|thepiratebay|isohunt|entertane|demonoid|btjunkie|mininova|flixflux|vertor|h33t|zoozle|bitnova|bitsoup|meganova|fulldls|btbot|fenopy|gpirate|commonbits).*\$" comment="002C+: L7 (Patron regular de P2P.WWW)";
/ip firewall layer7-protocol add name=P2P.DNS regexp="^.+(torrent|thepiratebay|isohunt|entertane|demonoid|btjunkie|mininova|flixflux|vertor|h33t|zoozle|bitnova|bitsoup|meganova|fulldls|btbot|fenopy|gpirate|commonbits).*\$" comment="003C+: L7 (Patron regular de P2P.DNS)";
/ip firewall layer7-protocol add name=P2P.BitT regexp="^.+(\\x13bittorrent protocol|azver\\x01\$|get /scrape\\\?info_hash=get /announce\\\?info_hash=|get /client/bitcomet/|GET /data\\\?fid=)|d1:ad2:id20:|\\x08'7P\\)[RP].*\$" comment="004C+: L7 (Patron regular de P2P.BitTorrent)";
Nota: BitTorrent: (6881-6999)
/ip firewall layer7-protocol add name=P2P.BitTE regexp="^.+(\\x13bittorrent protocol|azver\\x01\$|get /scrape\\\?info_hash=get /announce\\\?info_hash=|get /client/bitcomet/|GET/data\\\?fid=)|d1:ad2:id20:|\\x08'7P\\)[RP].*\$" comment="005C+: L7 (Patron regular de P2P.BitTorrent-Expert)";
# Services.Special: -----------------------------------------------------------------------
/ip firewall layer7-protocol add name=SpeedTest regexp="^.+(speedtest.3bb.co.th|speedtest.adslthailand.com|spe    edtest1.totbb.net|speedtest.net|speedtest.trueinternet.co.th|catspeedtest.net).*\$" comment="006C+: L7 (Patron regular de SpeedTest)";
# Social.Media: ---------------------------------------------------------------------------
# …

#  HTB (Mangle Rules): ---------------------------------------------------- [ INI ]
# Mecanismo similar a Firewall, salvo que agrega un condicional (passthrough=no), evita que continue descendiendo.
VoIP (Mangle Rules): -----------------------------------------------------------------
/ip firewall mangle add chain=forward dst-address=X.X.X.X protocol=udp port=10000-20000 connection-state=newcomment="001Cx: Marco (VoIP-RTP.Conn)" action=mark-connection new-connection-mark=VoIP-RTP.Conn passthrough=yesdisable=yes;
/ip firewall mangle add chain=forward connection-mark=VoIP-RTP.Conn comment="002Cx: Marco (VoIP-RTP.1erPacket)" action=mark-packet log=no log-prefix=VoIP-RTP.Pack new-packet-mark=VoIP-RTP.Pack passthrough=no disable=yes;
Nota: (87.2k x Call. Cambiar SIP.Port (C-Telefonica y Telefono.IP). RTP, se usa para el intercambio de voz)
/ip firewall mangle add chain=forward dst-address=X.X.X.X protocol=tcp dst-port=5060-5061 connection-state=newcomment="003Cx: Marco (VoIP-SIPTCP.Conn)" action=mark-connection new-connection-mark=VoIP-SIPTCP.Connpassthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=VoIP-SIPTCP.Conn comment="004Cx: Marco (VoIP-SIPTCP.1erPacket)" action=mark-packet log=no log-prefix=VoIPSIPUDP.Pack new-packet-mark=VoIP-SIPUDP.Packpassthrough=no disable=yes;X
/ip firewall mangle add chain=forward dst-address=X.X.X.X protocol=udp dst-port=5060-5061 connection-state=newcomment="005Cx: Marco (VoIP-SIPUDP.Conn)" action=mark-connection new-connection-mark=VoIP-SIPUDP.Connpassthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=VoIP-SIPUDP.Conn comment="006Cx: Marco (VoIP-SIPUDP.1erPacket)" action=mark-packet log=no log-prefix=VoIP-SIPUDP.Pack new-packet-mark=VoIP-SIPUDP.Packpassthrough=no disable=yes;
Nota: (65k x Call. Cambiar SIP.Port (C-Telefonica y Telefono.IP: VPN(x)), TCP y UDPSIP, se usa para iniciar sesión (RING))
/ip firewall mangle add chain=prerouting in-interface-list=WANs packet-mark=VoIP-RTP.Pack comment="007Cx: Change (WAN-DSCP.Type Of Service)" action=change-dscp log=no log-prefix=”WAN-DSCP.TOS (Change)“ new-dscp=10 passthrough=nodisable=yes;
/ip firewall mangle add chain=postrouting out-interface-list=LANs packet-mark=VoIP-RTP.Pack comment="008Cx: Change(LANs-DSCP.Type Of Service)" action=change-dscp log=no log-prefix=”LANs-DSCP.TOS (Change)“ new-dscp=46passthrough=no disable=yes;
Nota: efectivo, en redes que soportan tratamiento por DSCP (priorización de paquetes: 01-64) – obviamente, debe coincidir con config de C-Telefonica.DSCP –. Se recomienda, crear VLAN(x) x (out-interface) exclusiva para VoIP.

IPTV (Mangle Rules): -------------------------------------------------------- [ HLS ]
/ip firewall mangle add chain=forward dst-address=X.X.X.X protocol=tcp port=80 connection-state=new comment="009Cx: Marco(IPTV.Conn)" action=mark-connection new-connection-mark=IPTV.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=IPTV.Conn comment="010Cx: Marco (IPTV.1erPacket)" action=mark-packet log=no log-prefix=IPTV.Pack new-packet-mark=IPTV.Pack passthrough=no disable=yes;
Nota: (790k x Señal, en H.265). Es un servicio intranet. Fundamental: priorizar paquetes TCP (SYN – inicio de negociación/ACK – acuse de recibo )).

DNS (Mangle Rules): -------------------------------------------- [DNS.Cache=ON]
/ip firewall mangle add chain=prerouting protocol=udp dst-port=53 connection-state=new comment="011C+: Marco (DNS-UDP.Conn)" action=mark-connection new-connection-mark=DNS-UDP.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=prerouting connection-mark=DNS-UDP.Conn comment="012C+: Marco (DNS-UDP.1erPacket)" action=mark-packet log=no log-prefix=DNS-UDP.Pack new-packet-mark=DNS-UDP.Pack passthrough=no disable=yes;
Nota: (UDP), solicitud de resolución de nombre y (respuesta < 512b).
/ip firewall mangle add chain=prerouting protocol=tcp dst-port=53 connection-state=new comment="013C+: Marco (DNS-TCP.Conn)" action=mark-connection new-connection-mark=DNS-TCP.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=prerouting connection-mark=DNS-TCP.Conn comment="014C+: Marco (DNS-TCP.1erPacket)" action=mark-packet log=no log-prefix=DNS-TCP.Pack new-packet-mark=DNS-TCP.Pack passthrough=no disable=yes;
Nota: (TCP), only x (respuesta >= 512b) y x CPU--, no estableci: (in-interface-list=LANs).

ICMP (Mangle Rules): -----------------------------------------------------------------
/ip firewall mangle add chain=forward protocol=icmp connection-state=new comment="015C+: Marco (ICMP.Conn)" action=mark-connection new-connection-mark=ICMP.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=ICMP.Conn comment="016C+: Marco (ICMP.1erPacket)" action=mark-packet log=no log-prefix=ICMP.Pack new-packet-mark=ICMP.Pack passthrough=no disable=yes;
Nota: x CPU--, no estableci: (in-interface-list=LANs).

Social.Media (Mangle Rules): --------------------------------------------------------
/ip firewall mangle add chain=forward connection-state=new dst-address-list=S-YOUTUBE.List comment="017C+: Marco(Youtube.Conn)" action=mark-connection new-connection-mark=Youtube.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=Youtube.Conn comment="018C+: Marco (Youtube.1erPacket)" action=mark-packet log=no log-prefix=Youtube.Pack new-packet-mark=Youtube.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward connection-state=new dst-address-list=S-FACEBOOK.List comment="019C+: Marco(Facebook.Conn)" action=mark-connection new-connection-mark=Facebook.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=Facebook.Conn comment="020C+: Marco (Facebook.1erPacket)" action=mark-packet log=no log-prefix=Facebook.Pack new-packet-mark=Facebook.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward connection-state=new dst-address-list=S-TWITTER.List comment="021C+: Marco(Twitter.Conn)" action=mark-connection new-connection-mark=Twitter.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=Twitter.Conn comment="022C+: Marco (Twitter.1erPacket)" action=mark-packet log=no log-prefix=Twitter.Pack new-packet-mark=Twitter.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward connection-state=new dst-address-list=S-INSTAGRAM.List comment="023C+: Marco(Instagram.Conn)" action=mark-connection new-connection-mark=Instagram.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=Instagram.Conn comment="024C+: Marco (Instagram.1erPacket)" action=mark-packet log=no log-prefix=Instagram.Pack new-packet-mark=Instagram.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward connection-state=new dst-address-list=S-NETFLIX.List comment="025C+: Marco(Netflix.Conn)" action=mark-connection new-connection-mark=Netflix.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=Netflix.Conn comment="026C+: Marco (Netflix.1erPacket)" action=mark-packet log=no log-prefix=Netflix.Pack new-packet-mark=Netflix.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward connection-state=new dst-address-list=S-WHATSAPP.List comment="027C+: Marco(Whatsapp.Conn)" action=mark-connection new-connection-mark=Whatsapp.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=Whatsapp.Conn comment="028C+: Marco (Whatsapp.1erPacket)" action=mark-packet log=no log-prefix=Whatsapp.Pack new-packet-mark=Whatsapp.Pack passthrough=no disable=yes;
Nota: Whatsapp.Port=TCP: (4244,5222,5223,5228,5242), TCP/UDP: (50318,59234) y UDP: (3478,45395).
/ip firewall mangle add chain=forward connection-state=new dst-address-list=S-SKYPE.List comment="029C+: Marco(Skype.Conn)" action=mark-connection new-connection-mark=Skype.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=Skype.Conn comment="030C+: Marco (Skype.1erPacket)" action=mark-packet log=no log-prefix=Skype.Pack new-packet-mark=Skype.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward connection-state=new dst-address-list=S-SPOTIFY.List comment="031C+: Marco(Spotify.Conn)" action=mark-connection new-connection-mark=Spotify.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=Spotify.Conn comment="032C+: Marco (Spotify.1erPacket)" action=mark-packet log=no log-prefix=Spotify.Pack new-packet-mark=Spotify.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward connection-state=new dst-address-list=S-SNAPCHAT.List comment="033C+: Marco(Snapchat.Conn)" action=mark-connection new-connection-mark=Snapchat.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=Snapchat.Conn comment="034C+: Marco (Snapchat.1erPacket)" action=mark-packet log=no log-prefix=Snapchat.Pack new-packet-mark=Snapchat.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward connection-state=new dst-address-list=S-TELEGRAM.List comment="035C+: Marco(Telegram.Conn)" action=mark-connection new-connection-mark=Telegram.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=Telegram.Conn comment="036C+: Marco (Telegram.1erPacket)" action=mark-packet log=no log-prefix=Telegram.Pack new-packet-mark=Telegram.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward connection-state=new dst-address-list=S-TWITCH.List comment="037C+: Marco(Twitch.Conn)" action=mark-connection new-connection-mark=Twitch.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=Twitch.Conn comment="038C+: Marco (Twitch.1erPacket)" action=mark-packet log=no log-prefix=Twitch.Pack new-packet-mark=Twitch.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward connection-state=new dst-address-list=S-VIMEO.List comment="039C+: Marco(Vimeo.Conn)" action=mark-connection new-connection-mark=Vimeo.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=Vimeo.Conn comment="040C+: Marco (Vimeo.1erPacket)" action=mark-packet log=no log-prefix=Vimeo.Pack new-packet-mark=Vimeo.Pack passthrough=no disable=yes;
Nota: Deje Space x (17) reglas social media mas.

HTTPS (Mangle Rules): ---------------------------------------------------------------
/ip firewall mangle add chain=forward protocol=udp dst-port=443 connection-state=new comment="075C+: Marco (HTTPS-UDP.Conn)" action=mark-connection new-connection-mark=HTTPS-UDP.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=HTTPS-UDP.Conn comment="076C+: Marco (HTTPS-UDP.1erPacket)" action=mark-packet log=no log-prefix=HTTPS-UDP.Pack new-packet-mark=HTTPS-UDP.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward protocol=tcp dst-port=443 connection-state=new comment="077C+: Marco (HTTPS-TCP.Conn)" action=mark-connection new-connection-mark=HTTPS-TCP.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=HTTPS-TCP.Conn comment="078C+: Marco (HTTPS-TCP.1erPacket)" action=mark-packet log=no log-prefix=HTTPS-TCP.Pack new-packet-mark=HTTPS-TCP.Pack passthrough=no disable=yes;

HTTP (Mangle Rules): -----------------------------------------------------------------
/ip firewall mangle add chain=forward protocol=tcp dst-port=80,8080 connection-state=new comment="079C+: Marco(HTTP.Conn)" action=mark-connection new-connection-mark=HTTP.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=HTTP.Conn comment="080C+: Marco (HTTP.1erPacket)" action=mark-packet log=no log-prefix=HTTP.Pack new-packet-mark=HTTP.Pack passthrough=no disable=yes;

Down (¿50M?) (Mangle Rules): ------------------------------------------------------
/ip firewall mangle add chain=forward connection-state=new layer7-protocol=File.Down comment="081C+: Marco(FileDown.Conn)" action=mark-connection new-connection-mark=FileDown.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=FileDown.Conn comment="082C+: Marco (FileDown.1erPacket)" action=mark-packet log=no log-prefix=FileDown.Pack new-packet-mark=FileDown.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward connection-state=new layer7-protocol=Video.Streaming comment="083C+: Marco(VideoStreaming.Conn)" action=mark-connection new-connection-mark=VideoStreaming.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=VideoStreaming.Conn comment="084C+: Marco(VideoStreaming.1erPacket)" action=mark-packet log=no log-prefix=VideoStreaming.Pack new-packet-mark=VideoStreaming.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward connection-state=new layer7-protocol=P2P.WWW comment="085C+: Marco(P2PWWW.Conn)" action=mark-connection new-connection-mark=P2PWWW.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=P2PWWW.Conn comment="086C+: Marco (P2PWWW.1erPacket)" action=mark-packet log=no log-prefix=P2P-WWW.Pack new-packet-mark=P2P-WWW.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward connection-state=new layer7-protocol=P2P.DNS comment="087C+: Marco(P2PDNS.Conn)" action=mark-connection new-connection-mark=P2PDNS.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=P2PDNS.Conn comment="088C+: Marco (P2PDNS.1erPacket)" action=mark-packet log=no log-prefix=P2P-DNS.Pack new-packet-mark=P2P-DNS.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward connection-state=new layer7-protocol=P2P.BitT comment="089C+: Marco(P2PBitTorrent.Conn)" action=mark-connection new-connection-mark=P2PBitT.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=P2PBitT.Conn comment="090C+: Marco (P2PBitTorrent.1erPacket)" action=mark-packet log=no log-prefix=P2P-BitT.Pack new-packet-mark=P2P-BitT.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward connection-state=new layer7-protocol=P2P.BitTE comment="091C+: Marco(P2PBitTorrentE.Conn)" action=mark-connection new-connection-mark=P2PBitTE.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=P2PBitTE.Conn comment="092C+: Marco (P2PBitTorrentE.1erPacket)" action=mark-packet log=no log-prefix=P2P-BitTE.Pack new-packet-mark=P2P-BitTE.Pack passthrough=no disable=yes;
Nota: decidir si conviene o no usar (connection-bytes=50M).

Services.Special (Mangle Rules): ---------------------------------------------------
VPN (Mangle Rules): -----------------------------------------------------------------
/ip firewall mangle add chain=forward protocol=tcp dst-port=1701,1723 connection-state=new comment="093C+: Marco (VPN-TCP.Conn)" action=mark-connection new-connection-mark=VPN-TCP.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=VPN-TCP.Conn comment="094C+: Marco (VPN-TCP.1erPacket)" action=mark-packet log=no log-prefix=VPN-TCP.Pack new-packet-mark=VPN-TCP.Pack passthrough=no disable=yes;
/ip firewall mangle add chain=forward protocol=udp dst-port=500,1194,1723,4500 connection-state=new comment="095C+:Marco (VPN-UDP.Conn)" action=mark-connection new-connection-mark=VPN-UDP.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=VPN-UDP.Conn comment="096C+: Marco (VPN-UDP.1erPacket)" action=mark-packet log=no log-prefix=VPN-UDP.Pack new-packet-mark=VPN-UDP.Pack passthrough=no disable=yes;

FTP/SFTP (Mangle Rules): ------------------------------------------------------------
/ip firewall mangle add chain=forward protocol=tcp dst-port=20-23 packet-size=1400-1500 connection-state=newcomment="097C+: Marco (FTP/SFTP.Conn)" action=mark-connection new-connection-mark=FTP.Conn passthrough=yesdisable=yes;
/ip firewall mangle add chain=forward connection-mark=FTP.Conn comment="098C+: Marco (FTP.1erPacket)" action=mark-packet log=no log-prefix=FTP.Pack new-packet-mark=FTP.Pack passthrough=no disable=yes;

SpeedTest (Mangle Rules): -----------------------------------------------------------
/ip firewall mangle add chain=forward connection-state=new layer7-protocol=SpeedTest comment="099Cx: Marco(SpeedTest.Conn)" action=mark-connection new-connection-mark=SpeedTest.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=SpeedTest.Conn comment="100Cx: Marco (SpeedTest.1erPacket)" action=mark-packet log=no log-prefix=SpeedTest.Pack new-packet-mark=SpeedTest.Pack passthrough=no disable=yes;

Resto de conexiones (Mangle Rules): ----------------------------------------------
/ip firewall mangle add chain=forward connection-state=new comment="150C+: Marco (Rest.Conn)" action=mark-connectionnew-connection-mark=Rest.Conn passthrough=yes disable=yes;
/ip firewall mangle add chain=forward connection-mark=Rest.Conn comment="151C+: Marco (Resto.1erPacket)" action=mark-packet log=no log-prefix=Rest.Pack new-packet-mark=Rest.Pack passthrough=no disable=yes;
Nota: (asignar AB restante hasta Parent.max-limit).

# -------------------------- HTB (QueueTree Rules): ----------------- [ INI: 01 ]
# En QueueTree, no es posible usar interface-list (LANs), solo interface (etherX).
QoS.QueueTree (Crea Variables): ---------------------------------------------------
RB1.Interfaces
:global InterfWAN1 “ether1”;  RB1.WAN1 (interface)  [ ISP.01     ]
:global InterfWAN2 “ether2”;  RB1.WAN2 (interface)  [ ISP.02     ]
:global InterfLAN1 “ether3”;   RB1.LAN1 (interface)    [  ]
:global InterfLAN2 “ether4”;   RB1.LAN2 (interface)    [  ]
:global InterfLAN3 “ether5”;   RB1.LAN2 (interface)    [  ]
# ---------------------------------------------
RB2.Interfaces
:global InterfWAN1 “ether1”;  RB1.WAN1 (interface)  [ ISP.01     ]
:global InterfWAN2 “ether2”;  RB1.WAN2 (interface)  [ ISP.02     ]
:global InterfLAN1 “ether4”;   RB2.LAN1 (interface)    [  ]
:global InterfLAN2 “ether5”;   RB2.LAN2 (interface)    [  ]
# ---------------------------------------------
RB3.Interfaces
:global InterfWAN1 “ether4”;      RB1.WAN1 (interface)  [ ISP.01 ]
:global InterfLAN1 “ether-HFC”;  RB3.LAN1 (interface)   [ CMTS   ]

# QoS conections (QueueTree Rules): -------------------------------------------
# ----------------------------------------------------------------------------- [ INI ]

# QoS.UpLoad conections (QueueTree Rules): ----------------------------------
# ----------------------------------------------------------------------------- [ INI ]

[ Nivel 01 ] ------------------------------------------------------------------- [ INI ]
/queue tree add name=010000.WAN1 parent=$InterfWAN1 limit-at=0 max-limit=0 priority=8 queue=ethernet-defaultcomment="001C+: QoS (WAN1.Ups::" disable=yes;

[ Nivel 02 ] ---------------------------------------------------------- [ INI ]
/queue tree add name=010100.VoIP parent=010000.WAN1 limit-at=0 max-limit=0 priority=1 queue=ethernet-defaultcomment="002Cx: QoS (WAN1.VoIPs) ::" disable=yes;

[ Nivel 03 ] ------------------------------------------------- [ INI ]
/queue tree add name=010101.RTP parent=010100.VoIP packet-mark=VoIP-RTP.Pack limit-at=0 max-limit=0 priority=1queue=ethernet-default comment="003Cx: QoS (WAN1.VoIP-RTP) ::" disable=yes;
/queue tree add name=010102.SIPTCP parent=010100.VoIP packet-mark=VoIP-SIPTCP.Pack limit-at=0 max-limit=0 priority=1queue=ethernet-default comment="004Cx: QoS (WAN1.VoIP-SIPTCP) ::" disable=yes;
/queue tree add name=010103.SIPUDP parent=010100.VoIP packet-mark=VoIP-SIPUDP.Pack limit-at=0 max-limit=0 priority=1queue=ethernet-default comment="005Cx: QoS (WAN1.VoIP-SIPUDP) ::" disable=yes;
[ Nivel 03 ] ------------------------------------------------- [ FIN ]

/queue tree add name=010200.IPTV parent=010000.WAN1 packet-mark=IPTV.Pack limit-at=0 max-limit=0 priority=2queue=ethernet-default comment="006Cx: QoS (WAN1.IPTVs) ::" disable=yes;
/queue tree add name=010300.DNS parent=010000.WAN1 limit-at=256k max-limit=512k priority=2 queue=ethernet-defaultcomment="007C+: QoS (WAN1.DNS::" disable=yes;

[ Nivel 03 ] ------------------------------------------------- [ INI ]
/queue tree add name=010301.DNS-UDP parent=010300.DNS packet-mark=DNS-UDP.Pack limit-at=128k max-limit=256kpriority=2 queue=ethernet-default comment="008C+: QoS (WAN1.DNS-UDP) ::" disable=yes;
/queue tree add name=010302.DNS-TCP parent=010300.DNS packet-mark=DNS-TCP.Pack limit-at=128k max-limit=256kpriority=2 queue=ethernet-default comment="009C+: QoS (WAN1.DNS-TCP) ::" disable=yes;
[ Nivel 03 ] ------------------------------------------------- [ FIN ]

/queue tree add name=010400.ICMP parent=010000.WAN1 packet-mark=ICMP.Pack limit-at=128k max-limit=256k priority=2queue=ethernet-default comment="010C+: QoS (WAN1.ICMP) ::" disable=yes;
/queue tree add name=010500.SocialM parent=010000.WAN1 limit-at=0 max-limit=0 priority=3 queue=ethernet-defaultcomment="011C+: QoS (WAN1.SocialMedia) ::" disable=yes;

[ Nivel 03 ] ------------------------------------------------- [ INI ]
/queue tree add name=010501.Youtube parent=010500.SocialM packet-mark=Youtube.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="012C+: QoS (WAN1.Youtube::" disable=yes;
/queue tree add name=010502.Netflix parent=010500.SocialM packet-mark=Netflix.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="013C+: QoS (WAN1.Netflix) ::" disable=yes;
/queue tree add name=010503.Facebook parent=010500.SocialM packet-mark=Facebook.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="014C+: QoS (WAN1.Facebook::" disable=yes;
/queue tree add name=010504.Whatsapp parent=010500.SocialM packet-mark=Whatsapp.Pack limit-at=0 max-limit=0priority=3 queue=ethernet-default comment="015C+: QoS (WAN1.Whatsapp::" disable=yes;
/queue tree add name=010505.Twitter parent=010500.SocialM packet-mark=Twitter.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="016C+: QoS (WAN1.Twitter::" disable=yes;
/queue tree add name=010506.Instagram parent=010500.SocialM packet-mark=Instagram.Pack limit-at=0 max-limit=0priority=3 queue=ethernet-default comment="017C+: QoS (WAN1.Instagram::" disable=yes;
/queue tree add name=010507.Skype parent=010500.SocialM packet-mark=Skype.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="018C+: QoS (WAN1.Skype::" disable=yes;
/queue tree add name=010508.Spotify parent=010500.SocialM packet-mark=Spotify.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="019C+: QoS (WAN1.Spotify::" disable=yes;
/queue tree add name=010509.Snapchat parent=010500.SocialM packet-mark=Snapchat.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="020C+: QoS (WAN1.Snapchat::" disable=yes;
/queue tree add name=010510.Telegram parent=010500.SocialM packet-mark=Telegram.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="021C+: QoS (WAN1.Telegram::" disable=yes;
/queue tree add name=010511.Twitch parent=010500.SocialM packet-mark=Twitch.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="022C+: QoS (WAN1.Twitch::" disable=yes;
/queue tree add name=010512.Vimeo parent=010500.SocialM packet-mark=Vimeo.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="023C+: QoS (WAN1.Vimeo::" disable=yes;
[ Nivel 03 ] ------------------------------------------------- [ FIN ]

/queue tree add name=010600.HTTPSTCP parent=010000.WAN1 packet-mark=HTTPS-TCP.Pack limit-at=0 max-limit=0priority=4 queue=ethernet-default comment="041C+: QoS (WAN1.HTTPS-TCP::" disable=yes;
/queue tree add name=010700.HTTPSUDP parent=010000.WAN1 packet-mark=HTTPS-UDP.Pack limit-at=0 max-limit=0priority=4 queue=ethernet-default comment="042C+: QoS (WAN1.HTTPS-UDP::" disable=yes;
/queue tree add name=010800.HTTP parent=010000.WAN1 packet-mark=HTTP.Pack limit-at=0 max-limit=0 priority=4queue=ethernet-default comment="043C+: QoS (WAN1.HTTP::" disable=yes;
/queue tree add name=010900.VPNTCP parent=010000.WAN1 packet-mark=VPN-TCP.Pack limit-at=0 max-limit=0 priority=5queue=ethernet-default comment="044C+: QoS (WAN1.VPN-TCP::" disable=yes;
/queue tree add name=011000.VPNUDP parent=010000.WAN1 packet-mark=VPN-UDP.Pack limit-at=0 max-limit=0 priority=5queue=ethernet-default comment="045C+: QoS (WAN1.VPN-UDP::" disable=yes;
/queue tree add name=011100.FTP parent=010000.WAN1 packet-mark=FTP.Pack limit-at=0 max-limit=0 priority=5queue=ethernet-default comment="046C+: QoS (WAN1.FTP/SFTP::" disable=yes;
/queue tree add name=011200.SeepT parent=010000.WAN1 packet-mark=SpeedTest.Pack limit-at=0 max-limit=0 priority=5queue=ethernet-default comment="047C+: QoS (WAN1.SpeedTest::" disable=yes;
/queue tree add name=011500.Down parent=010000.WAN1 limit-at=0 max-limit=0 priority=6 queue=ethernet-defaultcomment="048C+: QoS (WAN1.Downs::" disable=yes;

[ Nivel 03 ] ------------------------------------------------- [ INI ]
/queue tree add name=011501.File parent=011500.Down packet-mark=FileDown.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="049C+: QoS (WAN1.File Down::" disable=yes;
/queue tree add name=011502.VideoS parent=011500.Down packet-mark=VideoStreaming.Pack limit-at=0 max-limit=0priority=6 queue=ethernet-default comment="050C+: QoS (WAN1.VideoStreaming::" disable=yes;
/queue tree add name=011503.P2PWWW parent=011500.Down packet-mark=P2P-WWW.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="051C+: QoS (WAN1.P2PWWW::" disable=yes;
/queue tree add name=011504.P2PDNS parent=011500.Down packet-mark=P2P-DNS.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="052C+: QoS (WAN1.P2PDNS::" disable=yes;
/queue tree add name=011505.P2PBitT parent=011500.Down packet-mark=P2P-BitT.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="053C+: QoS (WAN1.P2PBitTorrent::" disable=yes;
/queue tree add name=011506.P2PBitTE parent=011500.Down packet-mark=P2P-BitTE.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="054C+: QoS (WAN1.P2PBitTorrentExp::" disable=yes;
[ Nivel 03 ] ------------------------------------------------- [ FIN ]

/queue tree add name=013000.Rest parent=010000.WAN1 packet-mark=Rest.Pack limit-at=0 max-limit=0 priority=7queue=ethernet-default comment="099C+: QoS (WAN1.Rest::" disable=yes;
[ Nivel 02 ] ------------------------------------------------------------------- [ FIN ]
[ Nivel 01 ] ------------------------------------------------------------------- [ FIN ]

# QoS.DwLoad conections (QueueTree Rules): ---------------------------------
# ----------------------------------------------------------------------------- [ INI ]

[ Nivel 01 ] ------------------------------------------------------------------- [ INI ]
/queue tree add name=020000.LAN1 parent=$InterfLAN1 limit-at=0 max-limit=0 priority=8 queue=ethernet-defaultcomment="101C+: QoS (LAN1.Downs::" disable=yes;

[ Nivel 02 ] ---------------------------------------------------------- [ INI ]
/queue tree add name=020100.VoIP parent=020000.LAN1 limit-at=0 max-limit=0 priority=1 queue=ethernet-defaultcomment="102Cx: QoS (WAN1.VoIPs) ::" disable=yes;

[ Nivel 03 ] ------------------------------------------------- [ INI ]
/queue tree add name=020101.RTP parent=020100.VoIP packet-mark=VoIP-RTP.Pack limit-at=0 max-limit=0 priority=1queue=ethernet-default comment="103Cx: QoS (LAN1.VoIP-RTP) ::" disable=yes;
/queue tree add name=020102.SIPTCP parent=020100.VoIP packet-mark=VoIP-SIPTCP.Pack limit-at=0 max-limit=0 priority=1queue=ethernet-default comment="104Cx: QoS (LAN1.VoIP-SIPTCP::" disable=yes;
/queue tree add name=020103.SIPUDP parent=020100.VoIP packet-mark=VoIP-SIPUDP.Pack limit-at=0 max-limit=0 priority=1queue=ethernet-default comment="105Cx: QoS (LAN1.VoIP-SIPUTP::" disable=yes;
[ Nivel 03 ] ------------------------------------------------- [ FIN ]

/queue tree add name=020200.IPTV parent=020000.LAN1 packet-mark=IPTV.Pack limit-at=0 max-limit=0 priority=2queue=ethernet-default comment="106Cx: QoS (LAN1.IPTVs::" disable=yes;
/queue tree add name=020300.DNS parent=020000.LAN1 limit-at=256k max-limit=512k priority=2 queue=ethernet-defaultcomment="107C+: QoS (LAN1.DNS) ::" disable=yes;

[ Nivel 03 ] ------------------------------------------------- [ INI ]
/queue tree add name=020301.DNS-UDP parent=020300.DNS packet-mark=DNS-UDP.Pack limit-at=128k max-limit=256kpriority=2 queue=ethernet-default comment="108C+: QoS (LAN1.DNS-UDP::" disable=yes;
/queue tree add name=020302.DNS-TCP parent=020300.DNS packet-mark=DNS-TCP.Pack limit-at=128k max-limit=256kpriority=2 queue=ethernet-default comment="109C+: QoS (LAN1.DNS-TCP::" disable=yes;
[ Nivel 03 ] ------------------------------------------------- [ FIN ]

/queue tree add name=020400.ICMP parent=020000.LAN1 packet-mark=ICMP.Pack limit-at=128k max-limit=256k priority=2queue=ethernet-default comment="110C+: QoS (LAN1.ICMP::" disable=yes;
/queue tree add name=020500.SocialM parent=020000.LAN1 limit-at=0 max-limit=0 priority=3 queue=ethernet-defaultcomment=111C+: QoS (LAN1.SocialMedia) ::disable=yes;

[ Nivel 03 ] ------------------------------------------------- [ INI ]
/queue tree add name=020501.Youtube parent=020500.SocialM packet-mark=Youtube.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="112C+: QoS (LAN1.Youtube::" disable=yes;
/queue tree add name=020502.Netflix parent=020500.SocialM packet-mark=Netflix.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="113C+: QoS (LAN1.Netflix::" disable=yes;
/queue tree add name=020503.Facebook parent=020500.SocialM packet-mark=Facebook.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="114C+: QoS (LAN1.Facebook::" disable=yes;
/queue tree add name=020504.Whatsapp parent=020500.SocialM packet-mark=Whatsapp.Pack limit-at=0 max-limit=0priority=3 queue=ethernet-default comment="115C+: QoS (LAN1.Whatsapp::" disable=yes;
/queue tree add name=020505.Twitter parent=020500.SocialM packet-mark=Twitter.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="116C+: QoS (LAN1.Twitter::" disable=yes;
/queue tree add name=020506.Instagram parent=020500.SocialM packet-mark=Instagram.Pack limit-at=0 max-limit=0priority=3 queue=ethernet-default comment="117C+: QoS (LAN1.Instagram::" disable=yes;
/queue tree add name=020507.Skype parent=020500.SocialM packet-mark=Skype.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="118C+: QoS (LAN1.Skype::" disable=yes;
/queue tree add name=020508.Spotify parent=020500.SocialM packet-mark=Spotify.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="119+: QoS (LAN1.Spotify) ::" disable=yes;
/queue tree add name=020509.Snapchat parent=020500.SocialM packet-mark=Snapchat.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="120C+: QoS (LAN1.Snapchat::" disable=yes;
/queue tree add name=020510.Telegram parent=020500.SocialM packet-mark=Telegram.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="121C+: QoS (LAN1.Telegram::" disable=yes;
/queue tree add name=020511.Twitch parent=020500.SocialM packet-mark=Twitch.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="122C+: QoS (LAN1.Twitch::" disable=yes;
/queue tree add name=020512.Vimeo parent=020500.SocialM packet-mark=Vimeo.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="123C+: QoS (LAN1.Vimeo::" disable=yes;
[ Nivel 03 ] ------------------------------------------------- [ FIN ]

/queue tree add name=020600.HTTPSTCP parent=020000.LAN1 packet-mark=HTTPS-TCP.Pack limit-at=0 max-limit=0 priority=4queue=ethernet-default comment="141C+: QoS (LAN1.HTTPS-TCP::" disable=yes;
/queue tree add name=020700.HTTPSUDP parent=020000.LAN1 packet-mark=HTTPS-UDP.Pack limit-at=0 max-limit=0priority=4 queue=ethernet-default comment=“142C+: QoS (LAN1.HTTPS-UDP::" disable=yes;
/queue tree add name=020800.HTTP parent=020000.LAN1 packet-mark=HTTP.Pack limit-at=0 max-limit=0 priority=4queue=ethernet-default comment="143C+: QoS (LAN1.HTTP::" disable=yes;
/queue tree add name=020900.VPNTCP parent=020000.LAN1 packet-mark=VPN-TCP.Pack limit-at=0 max-limit=0 priority=5queue=ethernet-default comment="144C+: QoS (LAN1.VPN-TCP::" disable=yes;
/queue tree add name=021000.VPNUDP parent=020000.LAN1 packet-mark=VPN-UDP.Pack limit-at=0 max-limit=0 priority=5queue=ethernet-default comment="145C+: QoS (LAN1.VPN-UDP::" disable=yes;
/queue tree add name=021100.FTP parent=020000.LAN1 packet-mark=FTP.Pack limit-at=0 max-limit=0 priority=5queue=ethernet-default comment="146C+: QoS (LAN1.FTP/SFTP::" disable=yes;
/queue tree add name=021200.SeepT parent=020000.LAN1 packet-mark=SpeedTest.Pack limit-at=0 max-limit=0 priority=5queue=ethernet-default comment="147C+: QoS (LAN1.SpeedTest::" disable=yes;
/queue tree add name=021500.Down parent=020000.LAN1 limit-at=0 max-limit=0 priority=6 queue=ethernet-defaultcomment="148C+: QoS (LAN1.Downs::" disable=yes;

[ Nivel 03 ] ------------------------------------------------- [ INI ]
/queue tree add name=021501.File parent=021500.Down packet-mark=FileDown.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="149C+: QoS (LAN1.File Down::" disable=yes;
/queue tree add name=021502.VideoS parent=021500.Down packet-mark=VideoStream.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="150C+: QoS (LAN1.VideoStream::" disable=yes;
/queue tree add name=021503.P2PWWW parent=021500.Down packet-mark=P2P-WWW.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="151C+: QoS (LAN1.P2PWWW::" disable=yes;
/queue tree add name=021504.P2PDNS parent=021500.Down packet-mark=P2P-DNS.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="152C+: QoS (LAN1.P2PDNS::" disable=yes;
/queue tree add name=021505.P2PBitT parent=021500.Down packet-mark=P2P-BitT.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="153C+: QoS (LAN1.P2PBitTorrent::" disable=yes;
/queue tree add name=021506.P2PBitTE parent=021500.Down packet-mark=P2P-BitTE.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="154C+: QoS (LAN1.P2PBitTorrentExp::" disable=yes;
[ Nivel 03 ] ------------------------------------------------- [ FIN ]

/queue tree add name=023000.Rest parent=020000.LAN1 packet-mark=Rest.Pack limit-at=0 max-limit=0 priority=7queue=ethernet-default comment="199C+: QoS (LAN1.Rest::" disable=yes;
[ Nivel 02 ] ---------------------------------------------------------- [ FIN ]
[ Nivel 01 ] ------------------------------------------------------------------- [ FIN ]

[ Nivel 01 ] ------------------------------------------------------------------- [ INI ]
/queue tree add name=030000.LAN2 parent=$InterfLAN2 limit-at=0 max-limit=0 priority=8 queue=ethernet-defaultcomment="201C+: QoS (LAN2.Downs::" disable=yes;

[ Nivel 02 ] ---------------------------------------------------------- [ INI ]
/queue tree add name=030100.VoIP parent=030000.LAN2 limit-at=0 max-limit=0 priority=1 queue=ethernet-defaultcomment="202Cx: QoS (WAN1.VoIPs::" disable=yes;

[ Nivel 03 ] ------------------------------------------------- [ INI ]
/queue tree add name=030101.RTP parent=030100.VoIP packet-mark=VoIP-RTP.Pack limit-at=0 max-limit=0 priority=1queue=ethernet-default comment="203Cx: QoS (LAN2.VoIP-RTP::" disable=yes;
/queue tree add name=030102.SIPTCP parent=030100.VoIP packet-mark=VoIP-SIPTCP.Pack limit-at=0 max-limit=0 priority=1queue=ethernet-default comment="204Cx: QoS (LAN2.VoIP-SIPTCP::" disable=yes;
/queue tree add name=030103.SIPUDP parent=030100.VoIP packet-mark=VoIP-SIPUDP.Pack limit-at=0 max-limit=0 priority=1queue=ethernet-default comment="205Cx: QoS (LAN2.VoIP-SIPUTP::" disable=yes;
[ Nivel 03 ] ------------------------------------------------- [ FIN ]

/queue tree add name=030200.IPTV parent=030000.LAN2 packet-mark=IPTV.Pack limit-at=0 max-limit=0 priority=2queue=ethernet-default comment="206Cx: QoS (LAN2.IPTVs::" disable=yes;
/queue tree add name=030300.DNS parent=030000.LAN2 limit-at=256k max-limit=512k priority=2 queue=ethernet-defaultcomment="207C+: QoS (LAN2.DNS::" disable=yes;

[ Nivel 03 ] ------------------------------------------------- [ INI ]
/queue tree add name=030301.DNS-UDP parent=030300.DNS packet-mark=DNS-UDP.Pack limit-at=128k max-limit=256kpriority=2 queue=ethernet-default comment="208C+: QoS (LAN2.DNS-UDP::" disable=yes;
/queue tree add name=030302.DNS-TCP parent=030300.DNS packet-mark=DNS-TCP.Pack limit-at=128k max-limit=256kpriority=2 queue=ethernet-default comment="209C+: QoS (LAN2.DNS-TCP::" disable=yes;
[ Nivel 03 ] ------------------------------------------------- [ FIN ]

/queue tree add name=030400.ICMP parent=030000.LAN2 packet-mark=ICMP.Pack limit-at=128k max-limit=256k priority=2queue=ethernet-default comment="210C+: QoS (LAN2.ICMP::" disable=yes;
/queue tree add name=030500.SocialM parent=030000.LAN2 limit-at=0 max-limit=0 priority=3 queue=ethernet-defaultcomment="211C+: QoS (LAN2.SocialMedia::" disable=yes;

[ Nivel 03 ] ------------------------------------------------- [ INI ]
/queue tree add name=030501.Youtube parent=030500.SocialM packet-mark=Youtube.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="212C+: QoS (LAN2.Youtube::" disable=yes;
/queue tree add name=030502.Netflix parent=030500.SocialM packet-mark=Netflix.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="213C+: QoS (LAN2.Netflix::" disable=yes;
/queue tree add name=030503.Facebook parent=030500.SocialM packet-mark=Facebook.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="214C+: QoS (LAN2.Facebook::" disable=yes;
/queue tree add name=030504.Whatsapp parent=030500.SocialM packet-mark=Whatsapp.Pack limit-at=0 max-limit=0priority=3 queue=ethernet-default comment="215C+: QoS (LAN2.Whatsapp::" disable=yes;
/queue tree add name=030505.Twitter parent=030500.SocialM packet-mark=Twitter.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="216C+: QoS (LAN2.Twitter::" disable=yes;
/queue tree add name=030506.Instagram parent=030500.SocialM packet-mark=Instagram.Pack limit-at=0 max-limit=0priority=3 queue=ethernet-default comment="217C+: QoS (LAN2.Instagram::" disable=yes;
/queue tree add name=030507.Skype parent=030500.SocialM packet-mark=Skype.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="218C+: QoS (LAN2.Skype::" disable=yes;
/queue tree add name=030508.Spotify parent=030500.SocialM packet-mark=Spotify.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="219C+: QoS (LAN2.Spotify::" disable=yes;
/queue tree add name=030509.Snapchat parent=030500.SocialM packet-mark=Snapchat.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="220C+: QoS (LAN2.Snapchat::" disable=yes;
/queue tree add name=030510.Telegram parent=030500.SocialM packet-mark=Telegram.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="221C+: QoS (LAN2.Telegram::" disable=yes;
/queue tree add name=030511.Twitch parent=030500.SocialM packet-mark=Twitch.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="222C+: QoS (LAN2.Twitch::" disable=yes;
/queue tree add name=030512.Vimeo parent=030500.SocialM packet-mark=Vimeo.Pack limit-at=0 max-limit=0 priority=3queue=ethernet-default comment="223C+: QoS (LAN2.Vimeo::" disable=yes;
[ Nivel 03 ] ------------------------------------------------- [ FIN ]

/queue tree add name=030600.HTTPSTCP parent=030000.LAN2 packet-mark=HTTPS-TCP.Pack limit-at=0 max-limit=0 priority=4queue=ethernet-default comment="241C+: QoS (LAN2.HTTPS-TCP::" disable=yes;
/queue tree add name=030700.HTTPSUDP parent=030000.LAN2 packet-mark=HTTPS-UDP.Pack limit-at=0 max-limit=0priority=4 queue=ethernet-default comment="242C+: QoS (LAN2.HTTPS-UDP::" disable=yes;
/queue tree add name=030800.HTTP parent=030000.LAN2 packet-mark=HTTP.Pack limit-at=0 max-limit=0 priority=4queue=ethernet-default comment="243C+: QoS (LAN2.HTTP::" disable=yes;
/queue tree add name=030900.VPNTCP parent=030000.LAN2 packet-mark=VPN-TCP.Pack limit-at=0 max-limit=0 priority=5queue=ethernet-default comment="244C+: QoS (LAN2.VPN-TCP::" disable=yes;
/queue tree add name=031000.VPNUDP parent=030000.LAN2 packet-mark=VPN-UDP.Pack limit-at=0 max-limit=0 priority=5queue=ethernet-default comment="245C+: QoS (LAN2.VPN-UDP::" disable=yes;
/queue tree add name=031100.FTP parent=030000.LAN2 packet-mark=FTP.Pack limit-at=0 max-limit=0 priority=5queue=ethernet-default comment="246C+: QoS (LAN2.FTP/SFTP::" disable=yes;
/queue tree add name=031200.SeepT parent=030000.LAN2 packet-mark=SpeedTest.Pack limit-at=0 max-limit=0 priority=5queue=ethernet-default comment="247C+: QoS (LAN2.SpeedTest::" disable=yes;
/queue tree add name=031500.Down parent=030000.LAN2 limit-at=0 max-limit=0 priority=6 queue=ethernet-defaultcomment="248C+: QoS (LAN2.Downs::" disable=yes;

[ Nivel 03 ] ------------------------------------------------- [ INI ]
/queue tree add name=031501.File parent=031500.Down packet-mark=FileDown.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="249C+: QoS (LAN2.File Down::" disable=yes;
/queue tree add name=031502.VideoS parent=031500.Down packet-mark=VideoStream.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="250C+: QoS (LAN2.VideoStream::" disable=yes;
/queue tree add name=031503.P2PWWW parent=031500.Down packet-mark=P2P-WWW.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="251C+: QoS (LAN2.P2PWWW::" disable=yes;
/queue tree add name=031504.P2PDNS parent=031500.Down packet-mark=P2P-DNS.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="252C+: QoS (LAN2.P2PDNS::" disable=yes;
/queue tree add name=031505.P2PBitT parent=031500.Down packet-mark=P2P-BitT.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="253C+: QoS (LAN2.P2PBitTorrent::" disable=yes;
/queue tree add name=031506.P2PBitTE parent=031500.Down packet-mark=P2P-BitTE.Pack limit-at=0 max-limit=0 priority=6queue=ethernet-default comment="254C+: QoS (LAN2.P2PBitTorrentExp::" disable=yes;
[ Nivel 03 ] ------------------------------------------------- [ FIN ]

/queue tree add name=033000.Rest parent=030000.LAN2 packet-mark=Rest.Pack limit-at=0 max-limit=0 priority=7queue=ethernet-default comment="299C+: QoS (LAN2.Rest::" disable=yes;
[ Nivel 02 ] ---------------------------------------------------------- [ FIN ]
[ Nivel 01 ] ------------------------------------------------------------------- [ FIN ]

# QoS conections (QueueTree Rules): -------------------------------------------
# ----------------------------------------------------------------------------- [ FIN ]

QoS.QueueTree (Remove Variables): --------------------------------------- [ INI ]
/system script environment remove [find name="InterfWAN1"];
/system script environment remove [find name="InterfWAN2"];
/system script environment remove [find name="InterfLAN1"];
/system script environment remove [find name="InterfLAN2"];
/system script environment remove [find name="InterfLAN3"];
QoS.QueueTree (Remove Variables): --------------------------------------- [ FIN ]
# -------------------------- HTB (QueueTree Rules): ----------------- [ FIN: 01 ]

# QoS.QueueType (QueueType Rules): ------- [ act. no usado ] ------ [ INI ]
# /queue type add kind=pcq name=PCQ.Down pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=dst-address pcq-dst-address-mask=32 pcq-dst-address6-mask=128 pcq-limit=50 pcq-rate=384k pcq-src-address-mask=32 pcq-src-address6-mask=128 pcq-total-limit=2000 comment=”C: PCQ (Down.384k)”;

# /queue type add kind=pcq name=PCQ.Up pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=src-addresspcq-dst-address-mask=32 pcq-dst-address6-mask=128 pcq-limit=50 pcq-rate=128k pcq-src-address-mask=32 pcq-src-address6-mask=128 pcq-total-limit=2000 comment=”C: PCQ (Up.128k)”;
Nota: (pcq-total-limit), maxino nro de datos en cola (tree). (pcq-limit), tamaño de cola (tree). (pcq-rate), velocidad máxima disponible para cada cola (tree).
# QoS.QueueType (QueueType Rules): ------- [ act. no usado ] ------ [ FIN ]

# -------------------------------------------------------------------------------------
# [FINALMENTE]:  --------------------------------------------------------- [ INI ]
# -------------------------------------------------------------------------------------
# Filtrar: /ip firewall x (comment=”+:”) y habilitar reglas filtradas (en Address-ListFirewall NAT MangleRaw, Queue.Tree).
# Filtrar: /ip firewall x (comment=(”>:user(Full)) o (<:user(Read-Write))), según corresponda y habilitar reglas filtradas.
# Listo.
# -------------------------------------------------------------------------------------
# [FINALMENTE]:  --------------------------------------------------------- [ FIN ]
# -------------------------------------------------------------------------------------


----------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------
--------------------------- ( RouterOS.Basic-Config ) --------------------- [ FIN ]
----------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------
Publicado por en

No hay comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)