Scribd
Upload
396 views

Script Mangle Queue

The document configures firewall rules to mark network traffic passing through different interfaces. It marks traffic like games, ICMP, DNS, remote access, YouTube, file extensions and browsing as different connection marks. It further marks this traffic based on the incoming/outgoing interface as down or up marks to differentiate internal and external traffic directions.

Uploaded by

Jasa Mikrotik
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
396 views

Script Mangle Queue

The document configures firewall rules to mark network traffic passing through different interfaces. It marks traffic like games, ICMP, DNS, remote access, YouTube, file extensions and browsing as different connection marks. It further marks this traffic based on the incoming/outgoing interface as down or up marks to differentiate internal and external traffic directions.

Uploaded by

Jasa Mikrotik
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

/ip firewall mangle

add action=accept chain=prerouting comment="Bypass Local Traffic" dst-address-


list=private_IPv4 src-address-list=private_IPv4
add action=accept chain=forward dst-address-list=private_IPv4 src-address-
list=private_IPv4
add action=mark-connection chain=forward comment="Games Traffic" dst-port=39190-
39200 new-connection-mark=games passthrough=yes protocol=tcp src-address-
list=private_IPv4
add action=mark-connection chain=forward dst-port=40000-40010 new-connection-
mark=games passthrough=yes protocol=udp src-address-list=private_IPv4
add action=mark-packet chain=forward connection-mark=games in-interface="ether1-
Astinet" new-packet-mark=games_down passthrough=no
add action=mark-packet chain=forward connection-mark=games in-interface="ether2-
Indihome" new-packet-mark=games_down passthrough=no
add action=mark-packet chain=forward connection-mark=games in-interface="ether3-
Telkomsel" new-packet-mark=games_down passthrough=no
add action=mark-packet chain=forward connection-mark=games in-interface="ether4-
Lokal" new-packet-mark=games_up passthrough=no
add action=mark-connection chain=forward comment="ICMP Traffic" new-connection-
mark=icmp passthrough=yes protocol=icmp src-address-list=private_IPv4
add action=mark-packet chain=forward connection-mark=icmp in-interface="ether1-
Astinet" new-packet-mark=icmp_down passthrough=no protocol=icmp
add action=mark-packet chain=forward connection-mark=icmp in-interface="ether2-
Indihome" new-packet-mark=icmp_down passthrough=no protocol=icmp
add action=mark-packet chain=forward connection-mark=icmp in-interface="ether3-
Telkomsel" new-packet-mark=icmp_down passthrough=no protocol=icmp
add action=mark-packet chain=forward connection-mark=icmp in-interface="ether4-
Lokal" new-packet-mark=icmp_up passthrough=no protocol=icmp
add action=mark-connection chain=forward comment="DNS Traffic" dst-port=53 new-
connection-mark=dns passthrough=yes protocol=udp src-address-list=private_IPv4
add action=mark-packet chain=forward connection-mark=dns in-interface="ether1-
Astinet" new-packet-mark=dns_down passthrough=no protocol=udp
add action=mark-packet chain=forward connection-mark=dns in-interface="ether2-
Indihome" new-packet-mark=dns_down passthrough=no protocol=udp
add action=mark-packet chain=forward connection-mark=dns in-interface="ether3-
Telkomsel" new-packet-mark=dns_down passthrough=no protocol=udp
add action=mark-packet chain=forward connection-mark=dns in-interface="ether4-
Lokal" new-packet-mark=dns_up passthrough=no protocol=udp
add action=mark-connection chain=forward comment="Remote Traffic" dst-
port=22,23,8291,5938,4899 new-connection-mark=remote passthrough=yes protocol=tcp
src-address-list=private_IPv4
add action=mark-packet chain=forward connection-mark=remote in-interface="ether1-
Astinet" new-packet-mark=remote_down passthrough=no
add action=mark-packet chain=forward connection-mark=remote in-interface="ether2-
Indihome" new-packet-mark=remote_down passthrough=no
add action=mark-packet chain=forward connection-mark=remote in-interface="ether3-
Telkomsel" new-packet-mark=remote_down passthrough=no
add action=mark-packet chain=forward connection-mark=remote in-interface="ether4-
Lokal" new-packet-mark=remote_up passthrough=no
add action=mark-connection chain=forward comment="YouTube Traffic" layer7-
protocol=youtube new-connection-mark=youtube passthrough=yes src-address-
list=private_IPv4
add action=mark-packet chain=forward connection-mark=youtube in-interface="ether1-
Astinet" new-packet-mark=youtube_down passthrough=no
add action=mark-packet chain=forward connection-mark=youtube in-interface="ether2-
Indihome" new-packet-mark=youtube_down passthrough=no
add action=mark-packet chain=forward connection-mark=youtube in-interface="ether3-
Telkomsel" new-packet-mark=youtube_down passthrough=no
add action=mark-packet chain=forward connection-mark=youtube in-interface="ether4-
Lokal" new-packet-mark=youtube_up passthrough=no
add action=mark-connection chain=forward comment="Extension Layer7" layer7-
protocol=EXE new-connection-mark=extensi passthrough=yes
add action=mark-connection chain=forward layer7-protocol=ZIP new-connection-
mark=extensi passthrough=yes
add action=mark-connection chain=forward layer7-protocol=MP3 new-connection-
mark=extensi passthrough=yes
add action=mark-connection chain=forward layer7-protocol=RAR new-connection-
mark=extensi passthrough=yes
add action=mark-packet chain=forward connection-mark=extensi in-interface="ether1-
Astinet" new-packet-mark=extensi_down passthrough=no
add action=mark-packet chain=forward connection-mark=extensi in-interface="ether2-
Indihome" new-packet-mark=extensi_down passthrough=no
add action=mark-packet chain=forward connection-mark=extensi in-interface="ether3-
Telkomsel" new-packet-mark=extensi_down passthrough=no
add action=mark-packet chain=forward connection-mark=extensi in-interface="ether4-
Lokal" new-packet-mark=extensi_up passthrough=no
add action=mark-connection chain=forward comment="Browsing Traffic" connection-
mark=!heavy_traffic new-connection-mark=browsing passthrough=yes src-address-
list=private_IPv4
add action=mark-connection chain=forward comment="Heavy Traffic" connection-
bytes=1024000-0 connection-mark=browsing connection-rate=256k-102400k new-
connection-mark=heavy_traffic passthrough=yes protocol=tcp
add action=mark-connection chain=forward connection-bytes=1024000-0 connection-
mark=browsing connection-rate=256k-102400k new-connection-mark=heavy_traffic
passthrough=yes protocol=udp
add action=mark-packet chain=forward connection-mark=heavy_traffic in-
interface="ether1-Astinet" new-packet-mark=heavy_browsing_down passthrough=no
add action=mark-packet chain=forward connection-mark=heavy_traffic in-
interface="ether2-Indihome" new-packet-mark=heavy_browsing_down passthrough=no
add action=mark-packet chain=forward connection-mark=heavy_traffic in-
interface="ether3-Telkomsel" new-packet-mark=heavy_browsing_down passthrough=no
add action=mark-packet chain=forward connection-mark=heavy_traffic in-
interface="ether4-Lokal" new-packet-mark=heavy_browsing_up passthrough=no
add action=mark-packet chain=forward connection-mark=browsing in-interface="ether1-
Astinet" new-packet-mark=small_browsing_down passthrough=no
add action=mark-packet chain=forward connection-mark=browsing in-interface="ether2-
Indihome" new-packet-mark=small_browsing_down passthrough=no
add action=mark-packet chain=forward connection-mark=browsing in-interface="ether3-
Telkomsel" new-packet-mark=small_browsing_down passthrough=no
add action=mark-packet chain=forward connection-mark=browsing in-interface="ether4-
Lokal" new-packet-mark=small_browsing_up passthrough=no

You might also like