Access Points
    Wi-Fi Routers
    Magicbox
    Software
    Wireless PCI Cards
    Wireless Mini PCI Cards
    Wireless USB Cards
    Wireless PCMCIA Cards
    Wireless CF Cards
    Karty ExpressCard
    Client Antennas
    Base Station Antennas
    Access Points
    Magicbox
    Wireless PCI Cards
    Wireless Mini PCI Cards
    Wireless PCMCIA Cards
    Karty ExpressCard
    Client Antennas
    Base Station Antennas
    MikroTik Software
    Motherboards
    WRAP, Mini ITX
    Radio modules
    Accessories
    Router LAN adapters
    Enclosures
    Client sets
    Motherboards
    Radio modules
    Access points
    MiniPCI/ PCMCIA/ CF Adapters
    CF, DOM, S/ATA memory
    Pigtails (Jumper Cables)
    Connectors
    Surge protectors
    Coaxial Cable Assembly
    Coaxial Cables
    Power Supply
    Tools
    Enclosures
    Wireless Amplifiers
    Wireless converters
    Spliters
    Bluetooth
    Accessories
    Optical fibre
    Switches
    DSL/ADSL Routers
    ADSL Modem
    Wireless PCI/PCMCIA Cards
    Print Servers
    LAN accessories
  
  Wiedza/MikroTik/Jak to zrobić??/How to Apply Different Treatment for Overseas Traffic

How to Apply Different Treatment for Overseas Traffic

Description

You want to deny, slow down or proxy oversea traffic. To distinguish oversea traffic from the local country traffic, 'mangle mark' function can be used. It will 'mark' the packets to / from the networks that reside in your country and the oversea traffic with different marks, so that you may apply different treatment for these flows.

To prepare mangle list, you need to get a list of local networks. List of network numbers belonging to ISPs in Latvia can be extracted from file http://www.nic.lv/local.net Generate router script file (.rsc) (for example, using spreadsheet program, such as Microsoft Excel), upload it to the router via FTP and import it (with '/import' command). Here is a condensed example of a such a script for Latvian networks:

/ip firewall mangle
add in-interface=ether1 dst-address=159.148.0.0/16 action=passthrough
.. mark-connection=mark-con-latvia comment="mark all latvian traffic"
add dst-address=193.41.195.0/24 action=passthrough
.. mark-connection=mark-con-latvia comment="mark all latvian traffic"
add dst-address=193.41.33.0/24 action=passthrough
.. mark-connection=mark-con-latvia comment="mark all latvian traffic"
add dst-address=193.41.45.0/24 action=passthrough
.. mark-connection=mark-con-latvia comment="mark all latvian traffic"
add dst-address=193.68.64.0/19 action=passthrough
.. mark-connection=mark-con-latvia comment="mark all latvian traffic"
...
add connection =>
 mark-con-latvia action=passthrough mark-flow=latvia comment="mark latvia"
add flow=!latvia action =>
passthrough mark-flow=overseas comment="mark all oversea traffic"

Next, you should define, what to do with the marked packets. The basic usages are:

  1. Limit access to/from oversea sites from some or all hosts of your network. For example, to deny oversea traffic for 10.0.0.0/24 network:

    /ip firewall rule forward
    add action=drop flow=overseas src-address=10.0.0.0/24
    add action=drop flow=overseas dst-address=10.0.0.0/24

    The same way you may deny oversea traffic for some computers (for example, to specify a particular host, you should use the host's address with the mask of 32).

  2. Slow down speed of oversea connections. For example, to limit overall speed of downloading from overseas to 128Kbit/s and of uploading - to 64Kbit/s:

    /queue tree
    add flow=overseas parent=local max-limit=131072
    add flow=overseas parent=public max-limit=65536

  3. To use local transparent web proxy server for oversea HTTP traffic:

    /ip web-proxy set enabled=yes transparent-proxy=yes address=:3128
/ip firewall dst-nat add flow=overseas in-interface=local protocol=tcp
dst-port=80 action=redirect to-dst-port=3128
Powrót    
Copyright 2002-2005 by Advert all rights reserved.