彻底解决讯雷下载时打开网页慢的问题

jiansuper

/ queue type
set default name="default" kind=pfifo pfifo-limit=50
set ethernet-default name="ethernet-default" kind=pfifo pfifo-limit=50
set wireless-default name="wireless-default" kind=sfq sfq-perturb=5 sfq-allot=1514
set synchronous-default name="synchronous-default" kind=red red-limit=60 red-min-threshold=10 red-max-threshold=50 red-burst=20 red-avg-packet=1000
set hotspot-default name="hotspot-default" kind=sfq sfq-perturb=5 sfq-allot=1514
add name="PCQ_Down" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
add name="PCQ_Up" kind=pcq pcq-rate=64000 pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000
add name="default-small" kind=pfifo pfifo-limit=2000

/ queue simple
add name="PCQ_Main" target-address=192.168.1.0/24 dst-address=0.0.0.0/0 \
    interface=all parent=none direction=both priority=8 queue=PCQ_Up/PCQ_Down limit-at=0/0 \
    max-limit=512000/2000000 total-queue=default-small disabled=no
add name="Slow" target-address=192.168.1.0/24 dst-address=0.0.0.0/0 \
    interface=all parent=PCQ_Main packet-marks=mark_slow direction=both priority=8 \
    queue=PCQ_Up/PCQ_Down limit-at=0/0 max-limit=256000/1250000 total-queue=default-small \
    disabled=no
add name="Fast" target-address=192.168.1.0/24 dst-address=0.0.0.0/0 \
    interface=all parent=PCQ_Main packet-marks=mark_fast direction=both priority=1 \
    queue=PCQ_Up/PCQ_Down limit-at=0/0 max-limit=512000/2000000 total-queue=default-small \
    disabled=no
add name="Midd" target-address=192.168.1.0/24 dst-address=0.0.0.0/0 \
    interface=all parent=PCQ_Main packet-marks=mark_midd direction=both priority=5 \
    queue=PCQ_Up/PCQ_Down limit-at=0/0 max-limit=256000/2000000 total-queue=default-small \
    disabled=no


/ ip firewall mangle
add chain=prerouting action=mark-packet new-packet-mark=mark_slow passthrough=yes comment="Mark All" disabled=no
add chain=prerouting protocol=tcp dst-port=8291 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="winbox" disabled=no
add chain=prerouting protocol=icmp action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="DNS" disabled=no
add chain=prerouting protocol=udp dst-port=53 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="" disabled=no
add chain=prerouting protocol=tcp dst-port=8139 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="    " disabled=no
add chain=prerouting protocol=tcp dst-port=7709 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="" disabled=no
add chain=prerouting protocol=tcp dst-port=7711 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="" disabled=no
add chain=prerouting protocol=tcp dst-port=8601 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="" disabled=no
add chain=prerouting protocol=tcp dst-port=22220-22230 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="" disabled=no
add chain=prerouting protocol=udp dst-port=8000-8008 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="QQ" disabled=no
add chain=prerouting protocol=udp dst-port=27000-27100 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="games CS" disabled=no
add chain=prerouting protocol=tcp dst-port=443 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="games qq https " disabled=no
add chain=prerouting protocol=tcp dst-port=6020-6100 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="games zhengtu" disabled=no
add chain=prerouting protocol=tcp dst-port=9010-9020 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="games wendao" disabled=no
add chain=prerouting src-address=192.168.1.0/24 protocol=tcp dst-port=80 src-address-list=!src2 action=add-src-to-address-list address-list=src1 \
    address-list-timeout=3s comment="TimeOut1" disabled=no
add chain=prerouting src-address=192.168.1.0/24 protocol=tcp dst-port=80 action=add-src-to-address-list address-list=src2 address-list-timeout=3h \
    comment="TimeOut2" disabled=no
add chain=prerouting dst-address=192.168.1.1 protocol=tcp dst-port=9999 action=add-src-to-address-list address-list=handlimit address-list-timeout=1h \
    comment="        " disabled=no
add chain=prerouting protocol=tcp dst-port=80 content=.gif action=add-dst-to-address-list address-list=web80 address-list-timeout=5m comment="AutoWeb80" \
    disabled=no
add chain=prerouting protocol=tcp dst-port=80 content=.jpg action=add-dst-to-address-list address-list=web80 address-list-timeout=5m comment="" \
    disabled=no
add chain=prerouting protocol=tcp dst-port=80 content=.htm action=add-dst-to-address-list address-list=web80 address-list-timeout=5m comment="" \
    disabled=no
add chain=prerouting protocol=tcp dst-port=80 content=.html action=add-dst-to-address-list address-list=web80 address-list-timeout=5m comment="" \
    disabled=no
add chain=prerouting protocol=tcp dst-port=80 content=.asp action=add-dst-to-address-list address-list=web80 address-list-timeout=5m comment="" \
    disabled=no
add chain=prerouting protocol=tcp dst-port=80 content=.aspx action=add-dst-to-address-list address-list=web80 address-list-timeout=5m comment="" \
    disabled=no
add chain=prerouting protocol=tcp dst-port=80 content=.php action=add-dst-to-address-list address-list=web80 address-list-timeout=5m comment="" \
    disabled=no  
add chain=prerouting protocol=tcp dst-port=80 content=.swf action=add-dst-to-address-list address-list=web80 address-list-timeout=5m comment="" \
    disabled=no
add chain=prerouting dst-address-list=web80 aaction=mark-packet new-packet-mark=mark_midd passthrough=yes comment="AutoWeb80" disabled=no
add chain=prerouting src-address-list=web80 add chain=prerouting dst-address-list=web80 action=mark-packet new-packet-mark=mark_midd passthrough=yes comment="" disabled=no
add chain=prerouting dst-address-list=web80 action=mark-packet new-packet-mark=mark_midd passthrough=yes comment="" disabled=no

在六楼的基础上改的，删除了MSIE因为迅雷的标识中好像也有这个，成功后可以在simple Queues中看到浏览网页走的是Midd 下载走的是Slow(对从80端口走的下载软件都有用),顺便说一下我是两根1MADSL,局域网网段是192.168.1.0/24

[ 本帖最后由 jiansuper 于 2008-6-17 15:40 编辑 ]

wt020

再加上这个就更OK了

/ ip firewall mangle
add chain=prerouting src-address=10.200.0.0/15 protocol=udp \
    src-port=1000-65535 packet-size=800-1500 src-address-list=p2p-udp \
    action=mark-packet new-packet-mark=P2PUP passthrough=yes comment="P2P-UDP" \
    disabled=no
add chain=prerouting src-address=10.200.0.0/16 protocol=!tcp \
    connection-limit=15,32 action=add-src-to-address-list address-list=p2p-udp \
    address-list-timeout=30s comment="" disabled=no
add chain=prerouting src-address=10.200.0.0/15 protocol=tcp dst-port=!80 \
    packet-size=800-1500 src-address-list=p2p-20 action=mark-packet \
    new-packet-mark=P2PUP passthrough=yes comment="P2P-TCP" disabled=no
add chain=prerouting src-address=10.200.0.0/15 protocol=tcp dst-port=!80 \
    connection-limit=20,32 packet-size=800-1500 action=add-src-to-address-list \
    address-list=p2p-20 address-list-timeout=30s comment="" disabled=no
#注意10.200.0.0/15是我内网源地址,你使用前改成你的源.

/ queue simple
add name="P2P-all" dst-address=0.0.0.0/0 interface=ydwan parent=none \
    packet-marks=P2PUP direction=download priority=8 queue=Pcq_UP_C/Pcq_UP_C \
    limit-at=64000/64000 max-limit=200000/128000 total-queue=default-small \
    disabled=no

#queue=Pcq_UP_C  自己建一个PCQ
#interface=ydwan 是ROS出口,我内网全是PPPOE上网,所以只好用出口限制.
#以是只是限制了P2P上传流量,别的限制应该很简单了.

/ ip firewall filter
add chain=forward protocol=udp src-port=10000-65535 \
    time=20h-23h,sat,fri,thu,wed,tue,mon,sun src-address-list=p2p-udp \
    action=drop comment="P2P-UDP" disabled=no
#再加个drop也很不错

kemeilian

suchengyu

add chain=prerouting src-address=10.200.0.0/16 protocol=!tcp \
    connection-limit=15,32 action=add-src-to-address-list address-list=p2p-udp \
    address-list-timeout=30s comment="" disabled=no
这句是错误的，非tcp是不可以在connection-limit设置，系统提示错误，，最麻烦就是这里，udp的线程数限制不了

westhack

效果不错.

wbyz20

这种做法有误,在做了NAT之后,要先标记连接，然后才能标记数据包。官方的wiki上面说的。。。passthrough=yes：没有理解意思（官方的：忽略这条规则，并继续到下一条），就用默认的，

[ 本帖最后由 wbyz20 于 2008-9-6 10:44 编辑 ]

dalookda88

彻底解决讯雷下载时打开网页慢的问题
我的是2兆ADSL
/ queue simple
add name="PCQ_Main" target-addresses=192.168.0.0/24,10.10.10.0/24 dst-address=0.0.0.0/0 \
    interface=all parent=none direction=both priority=8 queue=PCQ_Up/PCQ_Down limit-at=0/0 \
    max-limit=512000/2000000 total-queue=default-small disabled=no
add name="Slow" target-addresses=192.168.0.0/24,10.10.10.0/24 dst-address=0.0.0.0/0 \
    interface=all parent=PCQ_Main packet-marks=mark_slow direction=both priority=8 \
    queue=PCQ_Up/PCQ_Down limit-at=0/0 max-limit=256000/1250000 total-queue=default-small \
    disabled=no
add name="Fast" target-addresses=192.168.0.0/24,10.10.10.0/24 dst-address=0.0.0.0/0 \
    interface=all parent=PCQ_Main packet-marks=mark_fast direction=both priority=1 \
    queue=PCQ_Up/PCQ_Down limit-at=0/0 max-limit=512000/2000000 total-queue=default-small \
    disabled=no
add name="Midd" target-addresses=192.168.0.0/24,10.10.10.0/24 dst-address=0.0.0.0/0 \
    interface=all parent=PCQ_Main packet-marks=mark_midd direction=both priority=5 \
    queue=PCQ_Up/PCQ_Down limit-at=0/0 max-limit=256000/2000000 total-queue=default-small \
    disabled=no


/ queue type
set default name="default" kind=pfifo pfifo-limit=50
set ethernet-default name="ethernet-default" kind=pfifo pfifo-limit=50
set wireless-default name="wireless-default" kind=sfq sfq-perturb=5 sfq-allot=1514
set synchronous-default name="synchronous-default" kind=red red-limit=60 red-min-threshold=10 red-max-threshold=50 red-burst=20 red-avg-packet=1000
set hotspot-default name="hotspot-default" kind=sfq sfq-perturb=5 sfq-allot=1514
add name="PCQ_Down" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
add name="PCQ_Up" kind=pcq pcq-rate=64000 pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000
add name="default-small" kind=pfifo pfifo-limit=2000


/ ip firewall mangle
add chain=prerouting action=mark-packet new-packet-mark=mark_slow passthrough=yes comment="Mark All" disabled=no
add chain=prerouting protocol=tcp dst-port=8291 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="winbox" disabled=no
add chain=prerouting protocol=icmp action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="DNS" disabled=no
add chain=prerouting protocol=udp dst-port=53 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="" disabled=no
add chain=prerouting protocol=tcp dst-port=8139 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="    " disabled=no
add chain=prerouting protocol=tcp dst-port=7709 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="" disabled=no
add chain=prerouting protocol=tcp dst-port=7711 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="" disabled=no
add chain=prerouting protocol=tcp dst-port=8601 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="" disabled=no
add chain=prerouting protocol=tcp dst-port=22220-22230 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="" disabled=no
add chain=prerouting protocol=udp dst-port=8000-8008 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="QQ" disabled=no
add chain=prerouting protocol=udp dst-port=27000-27100 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="games CS" disabled=no
add chain=prerouting protocol=tcp dst-port=443 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="games qq https " disabled=no
add chain=prerouting protocol=tcp dst-port=6020-6100 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="games zhengtu" disabled=no
add chain=prerouting protocol=tcp dst-port=9010-9020 action=mark-packet new-packet-mark=mark_fast passthrough=yes comment="games wendao" disabled=no
......
add chain=prerouting src-address=192.168.0.0/24 protocol=tcp dst-port=80 src-address-list=!src2 action=add-src-to-address-list address-list=src1 \
    address-list-timeout=3s comment="TimeOut1" disabled=no
add chain=prerouting src-address=192.168.0.0/24 protocol=tcp dst-port=80 action=add-src-to-address-list address-list=src2 address-list-timeout=3h \
    comment="TimeOut2" disabled=no
add chain=prerouting dst-address=192.168.0.1 protocol=tcp dst-port=9999 action=add-src-to-address-list address-list=handlimit address-list-timeout=1h \
    comment="        " disabled=no
add chain=prerouting protocol=tcp dst-port=80 content=MSIE action=add-dst-to-address-list address-list=web80 address-list-timeout=5m comment="AutoWeb80" \
    disabled=no
add chain=prerouting dst-address-list=web80 action=mark-packet new-packet-mark=mark_midd passthrough=yes comment="AutoWeb80" disabled=no


你的做法我很喜欢。
本人是菜乌~在Windows 终端程机粘贴你的脚本，结果不行。
我的ros是2.9.27板本的.全是3兆ADSL,5线l负载均衡,客户机全是pppoe拔号。可不可以帮我做脚本。希望帮忙~~ pool1 10.10.10.0/24   网段是192.168.2.0/24

47771885

思路很不错

jazzlee

收藏一个，不知道有效吗。

windosac

支持!!!

泥公仔

謝謝.分享,先收藏以後再試試.哈哈.

lulinjan

顶个有点道理