/ip firewall mangle
add chain=forward p2p=all-p2p action=mark-packet new-packet-mark=allp2p comment="" disabled=no
/ip firewall filter
add chain=forward packet-mark=allp2p action=jump jump-target=P2P comment="P2P" disabled=no
add chain=P2P protocol=tcp tcp-flags=syn connection-limit=10,32 action=drop comment="" disabled=no
/ ip firewall connection tracking
set enabled=yes tcp-syn-sent-timeout=2m tcp-syn-received-timeout=1m tcp-established-timeout=5m tcp-fin-wait-timeout=2m tcp-close-wait-timeout=1m \
tcp-last-ack-timeout=30s tcp-time-wait-timeout=2m tcp-close-timeout=10s udp-timeout=30s udp-stream-timeout=3m icmp-timeout=30s generic-timeout=10m
= 10 connection per IP for P2P QUOTE(lovellh @ Jul 5 2005, 08:48 AM)
P2P Problem
/ip firewall mangle
add chain=forward p2p=all-p2p action=mark-packet new-packet-mark=allp2p comment="" disabled=no
/ip firewall filter
add chain=forward packet-mark=allp2p action=jump jump-target=P2P comment="P2P" disabled=no
add chain=P2P protocol=tcp tcp-flags=syn connection-limit=10,32 action=drop comment="" disabled=no
/ ip firewall connection tracking
set enabled=yes tcp-syn-sent-timeout=2m tcp-syn-received-timeout=1m tcp-established-timeout=5m tcp-fin-wait-timeout=2m tcp-close-wait-timeout=1m \
tcp-last-ack-timeout=30s tcp-time-wait-timeout=2m tcp-close-timeout=10s udp-timeout=30s udp-stream-timeout=3m icmp-timeout=30s generic-timeout=10m
= 10 connection per IP for P2P
53135
好! 能用吗 嘿嘿。。看看我的P2P限制方法。。很管用。
/ip firewall mangle
0 ;;; p2p Rule
in-interface=530wan1 p2p=all-p2p action=accept mark-flow=p2p_in
1 in-interface=530lan1 p2p=all-p2p action=accept mark-flow=p2p_out
2 in-interface=139lan2 p2p=all-p2p action=accept mark-flow=p2p_out
3 X in-interface=isalan3 p2p=all-p2p action=accept mark-flow=p2p_out
/queue tree
0 name="P2P-IN1" parent=530lan1 flow=p2p_in limit-at=0 queue=PCQ-Download priority=8
max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0
1 name="P2P-OUT" parent=530wan1 flow=p2p_out limit-at=0 queue=PCQ-Upload priority=8
max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0
3 name="P2P-IN2" parent=139lan2 flow=p2p_in limit-at=0 queue=PCQ-Download priority=8
max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0
4 name="P2P-IN3" parent=isalan3 flow=p2p_in limit-at=0 queue=PCQ-Download priority=8
max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0
/queue type
1 name="PCQ-Download" kind=pcq bfifo-limit=15000 pfifo-limit=10 red-limit=60
red-min-threshold=10 red-max-threshold=50 red-burst=20 sfq-perturb=5 sfq-allot=1514
pcq-rate=256000 pcq-limit=50 pcq-classifier=dst-address
2 name="PCQ-Upload" kind=pcq bfifo-limit=15000 pfifo-limit=10 red-limit=60
red-min-threshold=10 red-max-threshold=50 red-burst=20 sfq-perturb=5 sfq-allot=1514
pcq-rate=64000 pcq-limit=50 pcq-classifier=src-address
页:
[1]