/ip firewall mangle
add action=mark-connection
chain=prerouting disabled=no dst-address-list=game
dst-port=843,1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6152,7341-7350
new-connection-mark="Trafik game" passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting
disabled=no dst-address-list=game \
dst-port=7451,7777,8085,9300,9339,9376-9377,9400,9600-9602,9700,10001-10011,10402
\
new-connection-mark="Trafik game" passthrough=yes protocol=tcp
add action=mark-connection
chain=prerouting disabled=no dst-address-list=game
\dst-port="11011-11041,12011,12110,13008,13413,14009-14010,15000-15002,16402-16502,16666,18901-18909"
new-connection-mark="Trafik game" passthrough=yes protocol=tcp
add action=mark-connection
chain=prerouting disabled=no dst-address-list=game
dst-port="19000,19101,22100,27780,28012,29000,29200,39100,39110,39190,39220,40000,49100"
new-connection-mark="Trafik game" passthrough=yes protocol=tcp
add action=mark-connection
chain=prerouting disabled=no dst-address-list=game dst-port="1293,1479,6100-6152,7777-7977,9401,9600-9602,11100-11125,11440-11460,12020-12080"
new-connection-mark="Trafik game" passthrough=yes protocol=udp
add action=mark-connection
chain=prerouting disabled=no dst-address-list=game \
dst-port=\
13000-13080,14009-14010,30000,40000-40010,40040-40500,42051-42052
\
new-connection-mark="Trafik game" passthrough=yes protocol=udp
add action=mark-packet
chain=prerouting connection-mark="Trafik game" \
disabled=no
new-packet-mark=Game passthrough=yes
add action=mark-routing
chain=prerouting connection-mark="Trafik game" \
disabled=no
dst-address-list=game in-interface="ether5 to 450" \
new-routing-mark=game passthrough=no src-address-list=client
add action=mark-connection
chain=input connection-state=new disabled=no \
dst-address-list=!publik in-interface=vlan1 new-connection-mark=conn1 \
passthrough=yes
add action=mark-connection
chain=input connection-state=new disabled=no \
in-interface=vlan2 new-connection-mark=conn2 passthrough=yes
add action=mark-connection
chain=input connection-state=new disabled=no \
in-interface=vlan3 new-connection-mark=conn3 passthrough=yes
add action=mark-connection
chain=input connection-state=new disabled=no \
in-interface=vlan4 new-connection-mark=conn4 passthrough=yes
add action=mark-connection
chain=input connection-state=new disabled=no \
in-interface=vlan5 new-connection-mark=conn5 passthrough=yes
add action=mark-connection
chain=prerouting connection-state=established \
disabled=no
dst-address-list=!publik in-interface=vlan1 \
new-connection-mark=conn1 passthrough=yes
add action=mark-connection
chain=prerouting connection-state=established \
disabled=no
in-interface=vlan2 new-connection-mark=conn2 passthrough=yes
add action=mark-connection
chain=prerouting connection-state=established \
disabled=no
in-interface=vlan3 new-connection-mark=conn3 passthrough=yes
add action=mark-connection
chain=prerouting connection-state=established \
disabled=no
in-interface=vlan4 new-connection-mark=conn4 passthrough=yes
add action=mark-connection
chain=prerouting connection-state=established \
disabled=no
in-interface=vlan5 new-connection-mark=conn5 passthrough=yes
add action=mark-connection
chain=prerouting connection-state=related \
disabled=no
dst-address-list=!publik in-interface=vlan1 \
new-connection-mark=conn1 passthrough=yes
add action=mark-connection
chain=prerouting connection-state=related \
disabled=no
in-interface=vlan2 new-connection-mark=conn2 passthrough=yes
add action=mark-connection
chain=prerouting connection-state=related \
disabled=no
in-interface=vlan3 new-connection-mark=conn3 passthrough=yes
add action=mark-connection
chain=prerouting connection-state=related \
disabled=no in-interface=vlan4
new-connection-mark=conn4 passthrough=yes
add action=mark-connection
chain=prerouting connection-state=related \
disabled=no
in-interface=vlan5 new-connection-mark=conn5 passthrough=yes
add action=mark-routing chain=output
connection-mark=conn1 disabled=no \
dst-address-list=!publik new-routing-mark=isp-1 passthrough=no
add action=mark-routing chain=output
connection-mark=conn2 disabled=no \
new-routing-mark=isp-2 passthrough=no
add action=mark-routing chain=output
connection-mark=conn3 disabled=no \
new-routing-mark=isp-3 passthrough=no
add action=mark-routing chain=output
connection-mark=conn4 disabled=no \
new-routing-mark=isp-4 passthrough=no
add action=mark-routing chain=output
connection-mark=conn5 disabled=no \
new-routing-mark=isp-5 passthrough=no
add action=mark-connection
chain=prerouting connection-state=new disabled=no \
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn1 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/0
protocol=tcp
add action=mark-connection
chain=prerouting connection-state=new disabled=no \
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn2 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/1 protocol=tcp
add action=mark-connection
chain=prerouting connection-state=new disabled=no \
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn3 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/2 protocol=tcp
add action=mark-connection
chain=prerouting connection-state=new disabled=no \
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn4 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/3 protocol=tcp
add action=mark-connection
chain=prerouting connection-state=new disabled=no \
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn5 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/4 protocol=tcp
add action=mark-connection
chain=prerouting connection-state=established \
disabled=no
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn1 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/0 protocol=tcp
add action=mark-connection
chain=prerouting connection-state=established \
disabled=no
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn2 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/1 protocol=tcp
add action=mark-connection
chain=prerouting connection-state=established \
disabled=no
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn3 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/2 protocol=tcp
add action=mark-connection
chain=prerouting connection-state=established \
disabled=no
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn4 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/3
protocol=tcp
add action=mark-connection
chain=prerouting connection-state=established \
disabled=no
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn5 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/4 protocol=tcp
add action=mark-connection
chain=prerouting connection-state=new disabled=no \
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn1 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/0 protocol=udp
add action=mark-connection
chain=prerouting connection-state=new disabled=no \
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn2 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/1 protocol=udp
add action=mark-connection
chain=prerouting connection-state=new disabled=no \
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn3 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/2 protocol=udp
add action=mark-connection
chain=prerouting connection-state=new disabled=no \
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn4 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/3 protocol=udp
add action=mark-connection
chain=prerouting connection-state=new disabled=no \
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn5 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/4 protocol=udp
add action=mark-connection
chain=prerouting connection-state=established \
disabled=no
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn1 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/0
protocol=udp
add action=mark-connection
chain=prerouting connection-state=established \
disabled=no
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn2 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/1 protocol=udp
add action=mark-connection
chain=prerouting connection-state=established \
disabled=no
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn3 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/2 protocol=udp
add action=mark-connection
chain=prerouting connection-state=established \
disabled=no
dst-address-list=!game dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn4 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/3 protocol=udp
add action=mark-connection
chain=prerouting connection-state=established \
disabled=no dst-address-list=!game
dst-address-type=!local in-interface=\
"ether5 to
450" new-connection-mark=xconn5 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:5/4 protocol=udp
add action=mark-routing
chain=prerouting connection-mark=xconn1 disabled=no \
dst-address-list=!publik new-routing-mark=isp-1 passthrough=yes
add action=mark-routing
chain=prerouting connection-mark=xconn2 disabled=no \
dst-address-list=!isp1 new-routing-mark=isp-2 passthrough=yes
add action=mark-routing
chain=prerouting connection-mark=xconn3 disabled=no \
dst-address-list=!isp1 new-routing-mark=isp-3 passthrough=yes
add action=mark-routing
chain=prerouting connection-mark=xconn4 disabled=no \
dst-address-list=!isp1 new-routing-mark=isp-4 passthrough=yes
add action=mark-routing
chain=prerouting connection-mark=xconn5 disabled=no \
dst-address-list=!isp1 new-routing-mark=isp-5 passthrough=yes
add action=add-dst-to-address-list
address-list=game address-list-timeout=0s \
chain=forward
disabled=no dst-port=\
843,1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6152,7341-7350 \
protocol=tcp
add action=add-dst-to-address-list
address-list=game address-list-timeout=0s \
chain=forward
disabled=no dst-port=\
7451,7777,8085,9300,9339,9376-9377,9400,9600-9602,9700,10001-10011,10402 \
protocol=tcp
add action=add-dst-to-address-list
address-list=game address-list-timeout=0s \
chain=forward
disabled=no dst-port="11011-11041,12011,12110,13008,13413,14\
009-14010,15000-15002,16402-16502,16666,18901-18909" protocol=tcp
add action=add-dst-to-address-list
address-list=game address-list-timeout=0s \
chain=forward
disabled=no dst-port="19000,19101,22100,27780,28012,29000,29\
200,39100,39110,39190,39220,40000,49100" protocol=tcp
add action=add-dst-to-address-list
address-list=game address-list-timeout=0s \
chain=forward
disabled=no dst-port="1293,1479,6100-6152,7777-7977,9401,960\
0-9602,11100-11125,11440-11460,12020-12080" protocol=udp
add action=add-dst-to-address-list
address-list=game address-list-timeout=0s \
chain=forward
disabled=no dst-port=\
13000-13080,14009-14010,30000,40000-40010,40040-40500,42051-42052 \
protocol=udp
powered by : Ahmad Munji
Tidak ada komentar:
Posting Komentar