Abaixo um script pronto para rodar um controle por horário de p2p:
/ip firewall mangle add chain=prerouting p2p=all-p2p action=mark-connection new-connection-mark=conn-p2p passthrough=yes comment="CONTROLE DO P2P" disabled=no add chain=prerouting connection-mark=conn-p2p action=mark-packet new-packet-mark=pacotes-p2p passthrough=yes comment="" disabled=noAqui vamos marcar as conexões e pacotes.
/ip firewall filter add chain=forward p2p=all-p2p src-address-list=!p2p-sem-bloqueio action=drop comment="BLOQUEIO DO P2P" disabled=yes
Aqui a regra de bloquei.
/queue tree add name="\[P2P\] - Download" parent=global-in packet-mark=pacotes-p2p limit-at=0 queue=default priority=8 max-limit=640000 burst-limit=0 burst-threshold=0 burst-time=0s disabled=no add name="\[P2P\] - Upload" parent=global-out packet-mark=pacotes-p2p limit-at=0 queue=default priority=8 max-limit=64000 burst-limit=0 burst-threshold=0 burst-time=0s disabled=noAqui controlamos quanto do link iremos disponibilizar para os p2ps.
/system script add name="liberar-p2p" source="/ip firewall filter disable \[/ip firewall filter find p2p=all-p2p\]" \ policy=ftp,reboot,read,write,policy,test,winbox add name="bloquear-p2p" source="/ip firewall filter enable \[/ip firewall filter find p2p=all-p2p\]" \ policy=ftp,reboot,read,write,policy,test,winboxAqui vamos liberar e bloquear a regra no firewall filter.
/system scheduler add name="bloquear-p2p" on-event=bloquear-p2p start-date=feb/27/2008 start-time=08:00:00 interval=1d comment="" disabled=no add name="liberar-p2p" on-event=liberar-p2p start-date=feb/27/2008 start-time=21:00:00 interval=1d comment="" disabled=noAqui controlamos os horários de bloqueio e liberação da regra.
/ip firewall address-list add list=p2p-sem-bloqueio address=192.168.20.249 comment="" disabled=noAqui colocamos os ips de quem não queremos que sofram o bloqueio.
Até a próxima dica.
Nenhum comentário:
Postar um comentário