[hc] - fourslickz/notes GitHub Wiki

/ ip address
add address=192.168.1.251/24 network=192.168.1.0 interface=ether1 actual-interface=ether1 
add address=10.10.2.3/24 network=10.10.2.0 interface=ether2 actual-interface=ether2 
add address=10.10.4.3/24 network=10.10.4.0 interface=ether4 actual-interface=ether4 

/ ip firewall address-list
add list=LAN address=192.168.1.0/24
add list=LOCAL-NET address=192.168.1.0/24
add list=LOCAL-NET address=10.10.2.0/24
add list=LOCAL-NET address=10.10.4.0/24
add list=SERVER-GAME address=192.168.1.200
add list=WIFI address=192.168.1.120

# ROUTE-BROWSING
/ ip firewall mangle
add chain=prerouting action=mark-routing new-routing-mark=ROUTE-BROWSING passthrough=no protocol=tcp src-address-list=LAN dst-address-list=!LOCAL-NET dst-port=80,443,8080
add chain=prerouting action=mark-routing new-routing-mark=ROUTE-BROWSING passthrough=no protocol=udp src-address-list=LAN dst-address-list=!LOCAL-NET dst-port=80,443,8080
       
# QUEUE TREE PARENT
/queue tree add name="ALL" parent=global
       
:for b from 1  to 9 do={
       / ip firewall mangle add chain=forward action=mark-connection new-connection-mark="conn-browsing-0$b" passthrough=yes protocol=tcp src-address="192.168.1.$b" dst-address-list=!LOCAL-NET dst-port=80,443
       / ip firewall mangle add chain=forward action=mark-connection new-connection-mark="conn-browsing-0$b" passthrough=yes protocol=udp src-address="192.168.1.$b" dst-address-list=!LOCAL-NET dst-port=80,443
       /  ip firewall mangle add chain=forward action=mark-packet new-packet-mark="packet-browsing-0$b" passthrough=no connection-mark="conn-browsing-0$b"
       
      / queue tree add name="pc-0$b" parent=ALL packet-mark="packet-browsing-0$b" limit-at=0 queue=default-small priority=8 max-limit=10M burst-limit=0 burst-threshold=0 burst-time=0s
}
       
:for c from 10  to 26 do={
      / ip firewall mangle add chain=forward action=mark-connection new-connection-mark="conn-browsing-$c" passthrough=yes protocol=tcp src-address="192.168.1.$c" dst-address-list=!LOCAL-NET dst-port=80,443
      / ip firewall mangle add chain=forward action=mark-connection new-connection-mark="conn-browsing-$c" passthrough=yes protocol=udp src-address="192.168.1.$c" dst-address-list=!LOCAL-NET dst-port=80,443
      / ip firewall mangle add chain=forward action=mark-packet new-packet-mark="packet-browsing-$c" passthrough=no connection-mark="conn-browsing-$c"
       
      / queue tree add name="pc-$c" parent=ALL packet-mark="packet-browsing-$c" limit-at=0 queue=default-small priority=8 max-limit=10M burst-limit=0 burst-threshold=0 burst-time=0s
}
       
:for d from 27  to 44 do={
       / ip firewall mangle add chain=forward action=mark-connection new-connection-mark="conn-browsing-$d" passthrough=yes protocol=tcp src-address="192.168.1.$d" dst-address-list=!LOCAL-NET dst-port=80,443
       / ip firewall mangle add chain=forward action=mark-connection new-connection-mark="conn-browsing-$d" passthrough=yes protocol=udp src-address="192.168.1.$d" dst-address-list=!LOCAL-NET dst-port=80,443
       / ip firewall mangle add chain=forward action=mark-packet new-packet-mark="packet-browsing-$d" passthrough=no connection-mark="conn-browsing-$d"
     
       / queue tree add name="pc-$d" parent=ALL packet-mark="packet-browsing-$d" limit-at=0 queue=default-small priority=8 max-limit=10M burst-limit=0 burst-threshold=0 burst-time=0s
}
       
:for e from 45  to 56 do={
       / ip firewall mangle add chain=forward action=mark-connection new-connection-mark="conn-browsing-$e" passthrough=yes protocol=tcp src-address="192.168.1.$e" dst-address-list=!LOCAL-NET dst-port=80,443
       / ip firewall mangle add chain=forward action=mark-connection new-connection-mark="conn-browsing-$e" passthrough=yes protocol=udp src-address="192.168.1.$e" dst-address-list=!LOCAL-NET dst-port=80,443
       / ip firewall mangle add chain=forward action=mark-packet new-packet-mark="packet-browsing-$e" passthrough=no connection-mark="conn-browsing-$e"
       
       / queue tree add name="pc-$e" parent=ALL packet-mark="packet-browsing-$e" limit-at=0 queue=default-small priority=8 max-limit=30M burst-limit=0 burst-threshold=0 burst-time=0s
}

/ ip route
add dst-address=0.0.0.0/0 gateway=10.10.4.1 gateway-status=10.10.4.1 inactive distance=1 scope=30 target-scope=10 routing-mark=ROUTE-BROWSING comment="BROWSING-INDIHOME"
add dst-address=0.0.0.0/0 gateway=10.10.2.1 gateway-status=10.10.2.1 inactive distance=1 scope=30 target-scope=10 routing-mark=ROUTE-BROWSING comment="BROWSING-GLOBALEXTREME"
add dst-address=0.0.0.0/0 gateway=10.10.4.1 gateway-status=10.10.4.1 reachable via  ether4 distance=1 scope=30 target-scope=10 routing-mark=ROUTE-SERVER-GAME comment="SERVER-GAME-INDIHOME"
add dst-address=0.0.0.0/0 gateway=10.10.2.1 gateway-status=10.10.2.1 inactive distance=1 scope=30 target-scope=10 routing-mark=ROUTE-SERVER-GAME comment="SERVER-GAME-GLOBALEXTREME"
add dst-address=0.0.0.0/0 gateway=10.10.2.1 gateway-status=10.10.2.1 reachable via  ether2 distance=1 scope=30 target-scope=10 comment="GAME-GLOBALEXTREME"
add dst-address=0.0.0.0/0 gateway=10.10.4.1 gateway-status=10.10.4.1 inactive distance=1 scope=30 target-scope=10 comment="GAME-INDIHOME"