老师来一下，新手请教一个HTB标记问题

棋魔 · 发表于 2010-10-9 13:42:12

看着有点晕，虽然不知道为什么你在这里找不到标记的数据包名称，不过你这样标记是标记不到server的下行数据的
你应该使用forword链表，目标地址为你的服务器来标记服务器的下行数据

^嗳 · 发表于 2010-10-9 20:45:07

你这是给出的防火墙部分代码，不能看出你是如何做数据包标记的，你应放出你ip-firewall-mangle中的代码

youbo1 · 发表于 2010-10-10 07:21:53

add action=mark-connection chain=prerouting comment=
"C4A7CADECAC0BDE7CCA8B7FE" disabled=no new-connection-mark=
Game_Tank passthrough=yes protocol=tcp src-port=1080
add action=mark-connection chain=prerouting comment="B7E2C9F1B0F12"
disabled=no new-connection-mark=Game_Tank passthrough=yes protocol=tcp
src-port=8888
add action=mark-connection chain=prerouting comment=
"B4F3CCC6B7E7D4C6" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=udp src-port=31001
add action=mark-connection chain=prerouting comment=
"CDF2CDF5D6AECDF5" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=tcp src-port=1234-1238
add action=mark-connection chain=prerouting comment=
"BDA3CFC0C7E9D4B53" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=tcp src-port=16763
add action=mark-connection chain=prerouting comment="" disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=udp src-port=16763
add action=mark-connection chain=prerouting comment="CCECCFC22" disabled=
no new-connection-mark=Game_Tank passthrough=yes protocol=udp src-port=
32824,32404-32407,32424,32299
add action=mark-connection chain=prerouting comment=
"B7B4BFD6D0D0B6AF" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=tcp src-port=7341-7351
add action=mark-connection chain=prerouting comment=QQ disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=tcp src-port=443
add action=mark-connection chain=prerouting comment="" disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=udp src-port=8000
add action=mark-connection chain=prerouting comment=winbox disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=tcp src-port=8291
add action=mark-packet chain=prerouting comment=
"D3CECFB7B6CBBFDACAFDBEDDB6AFD7F7B0FC" connection-mark=
Game_Tank disabled=no new-packet-mark=Games passthrough=no
add action=mark-connection chain=prerouting comment=
"CAA3D3E0CAFDBEDDB1EABCC7B0FC" disabled=no
new-connection-mark=Other_Tank passthrough=yes
add action=mark-packet chain=prerouting comment=
"CAA3D3E0CAFDBEDDB6AFD7F7B0FC" connection-mark=Other_Tank
disabled=no new-packet-mark=Other passthrough=no

想你了的他他 · 发表于 2010-10-12 05:12:34

以下是 mangle全部代码. 麻烦版主看看.谢谢了

/ip firewall mangle
add action=change-ttl chain=forward comment=
"B7C0D6B9C4DACDF82BCB6C2B7D3C9" disabled=no dst-address=
192.168.0.0/24 in-interface=wan new-ttl=set:1
add action=accept chain=prerouting comment=
"D3C5CFC8ICMPB1EABCC7B0FC" disabled=no protocol=icmp
add action=mark-connection chain=prerouting comment=
"D3CECFB7B7FECEF1C6F7B1EABCC7B0FC" disabled=no
new-connection-mark=Server_tank passthrough=no src-address=192.168.0.253
add action=mark-connection chain=prerouting comment=
"C7B0CCA8CFC2D4D8B7FECEF1C6F7B1EABCC7B0FC" disabled=
no new-connection-mark=Server_tank passthrough=no src-address=
192.168.0.246
add action=mark-connection chain=prerouting comment=
"CEDEC5CCB7FECEF1C6F7B1EABCC7B0FC" disabled=no
new-connection-mark=Server_tank passthrough=no src-address=192.168.0.251
add action=mark-connection chain=prerouting comment=
"B5E7D3B0B7FECEF1C6F7B1EABCC7B0FC" disabled=no
new-connection-mark=Server_tank passthrough=no src-address=192.168.0.199
add action=mark-packet chain=prerouting comment=
"B7FECEF1C6F7D7E9CFC2D4D8B6AFD7F7B0FC" connection-mark=
Server_tank disabled=no in-interface=wan new-packet-mark=Server_down
passthrough=no
add action=mark-packet chain=forward comment=
"B7FECEF1C6F7D7E9C9CFB4ABB6AFD7F7B0FC" connection-mark=
Server_tank disabled=no new-packet-mark=Server-up out-interface=wan
passthrough=no
add action=mark-packet chain=prerouting comment=
"BFCDBBA7BBFACFC2D4D8B6AFD7F7B0FC" disabled=no
in-interface=lan new-packet-mark=Client-up passthrough=no
add action=mark-packet chain=forward comment=
"BFCDBBA7BBFAC9CFB4ABB6AFD7F7B0FC" disabled=no
new-packet-mark=Client-down out-interface=lan passthrough=no
add action=mark-connection chain=prerouting comment=
"Web80B6CBBFDAB1EABCC7B0FC" disabled=no new-connection-mark=
80_Tank passthrough=yes protocol=tcp src-port=80
add action=mark-connection chain=prerouting comment="" disabled=no
new-connection-mark=80_Tank passthrough=yes protocol=udp src-port=53
add action=mark-packet chain=prerouting comment=
"Web80B6CBBFDAB6AFD7F7B0FC" connection-mark=80_Tank disabled=no
new-packet-mark=Web_80 passthrough=no
add action=mark-connection chain=prerouting comment=
"D3CECFB7B6CBBFDAB1EABCC7B0FC" disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=tcp src-port=2347
add action=mark-connection chain=prerouting comment=
"B9A6B7F2CAC0BDE7" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=tcp src-port=5052
add action=mark-connection chain=prerouting comment=
"C4A7D3F2BCA4D5BD" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=tcp src-port=5816
add action=mark-connection chain=prerouting comment=
"C5DCC5DCBFA8B6A1B3B5" disabled=no new-connection-mark=
Game_Tank passthrough=yes protocol=tcp src-port=39311
add action=mark-connection chain=prerouting comment="" disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=udp src-port=39311
add action=mark-connection chain=prerouting comment=
"C4A7CADECAC0BDE7" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=tcp src-port=3724,1119,8085
add action=mark-connection chain=prerouting comment=
"CCECC1FAB0CBB2BF" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=tcp src-port=3731-3736
add action=mark-connection chain=prerouting comment="D5F7CDBE" disabled=
no new-connection-mark=Game_Tank passthrough=yes protocol=tcp src-port=
6020
add action=mark-connection chain=prerouting comment=
"VSBEBABCBCC6BDCCA8" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=tcp src-port=1759
add action=mark-connection chain=prerouting comment="QQC8FDB9FA"
disabled=no new-connection-mark=Game_Tank passthrough=yes protocol=tcp
src-port=6299
add action=mark-connection chain=prerouting comment=
"C8C8D1AAB4ABC6E6" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=tcp src-port=7000-7200
add action=mark-connection chain=prerouting comment=
"CAA2B4F3B4ABC6E6CAC0BDE7" disabled=no new-connection-mark=
Game_Tank passthrough=yes protocol=tcp src-port=7201-7205
add action=mark-connection chain=prerouting comment="B4ABC6E63" disabled=
no new-connection-mark=Game_Tank passthrough=yes protocol=tcp src-port=
7200-7205
add action=mark-connection chain=prerouting comment="CCECCCC32" disabled=
no new-connection-mark=Game_Tank passthrough=yes protocol=tcp src-port=
7777,2106
add action=mark-connection chain=prerouting comment="CECAB5C0" disabled=
no new-connection-mark=Game_Tank passthrough=yes protocol=tcp src-port=
9010-9012
add action=mark-connection chain=prerouting comment="B2CABAE7B5BA"
disabled=no new-connection-mark=Game_Tank passthrough=yes protocol=tcp
src-port=10003
add action=mark-connection chain=prerouting comment="C1FAD6AEB9C8"
disabled=no new-connection-mark=Game_Tank passthrough=yes protocol=tcp
src-port=14300-14600
add action=mark-connection chain=prerouting comment=
"BDD6CDB7C0BAC7F2" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=tcp src-port=10011
add action=mark-connection chain=prerouting comment="" disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=udp src-port=17065
add action=mark-connection chain=prerouting comment=
"C8C8D1AABDADBAFE" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=tcp src-port=13000
add action=mark-connection chain=prerouting comment=CS disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=udp src-port=
27005,27015,27016
add action=mark-connection chain=prerouting comment=
"B3ACBCB6CEE8D5DF" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=tcp src-port=15010
add action=mark-connection chain=prerouting comment=
"B7E7BBF0D6AEC2C3" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=tcp src-port=20001
add action=mark-connection chain=prerouting comment="BEA2CEE8CDC5"
disabled=no new-connection-mark=Game_Tank passthrough=yes protocol=tcp
src-port=25510-25530
add action=mark-connection chain=prerouting comment="QQD2F4CBD9"
disabled=no new-connection-mark=Game_Tank passthrough=yes protocol=tcp
src-port=28008
add action=mark-connection chain=prerouting comment=
"CDEAC3C0CAC0BDE7D6EFCFC9,C8C8CEE8C5C9B6D3" disabled=
no new-connection-mark=Game_Tank passthrough=yes protocol=tcp src-port=
29000
add action=mark-connection chain=prerouting comment=
"B5D8CFC2B3C7D3EBD3C2CABF" disabled=no new-connection-mark=
Game_Tank passthrough=yes protocol=tcp src-port=10010-10060
add action=mark-connection chain=prerouting comment="" disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=tcp src-port=7103
add action=mark-connection chain=prerouting comment=CF disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=tcp src-port=10008
add action=mark-connection chain=prerouting comment="" disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=udp src-port=
10060-12190
add action=mark-connection chain=prerouting comment="QQECC5CEE8"
disabled=no new-connection-mark=Game_Tank passthrough=yes protocol=tcp
src-port=31414
add action=mark-connection chain=prerouting comment="QQB7C9B3B5"
disabled=no new-connection-mark=Game_Tank passthrough=yes protocol=tcp
src-port=39311
add action=mark-connection chain=prerouting comment="D1B0CFC9" disabled=
no new-connection-mark=Game_Tank passthrough=yes protocol=tcp src-port=
15002
add action=mark-connection chain=prerouting comment=
"B4F3BBB0C3CEBBC3CEF7D3CE" disabled=no new-connection-mark=
Game_Tank passthrough=yes protocol=tcp src-port=10616,22288,14288
add action=mark-connection chain=prerouting comment=
"QQB6D4D5BDC6BDCCA8" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=udp src-port=1671
add action=mark-connection chain=prerouting comment=
"BAC6B7BDB6D4D5BDC6BDCCA8" disabled=no new-connection-mark=
Game_Tank passthrough=yes protocol=udp src-port=1509-1513
add action=mark-connection chain=prerouting comment="" disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=udp src-port=
9000,1511
add action=mark-connection chain=prerouting comment="" disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=tcp src-port=
5050,1203
add action=mark-connection chain=prerouting comment=
"B1DFB7E6D3CECFB7C6BDCCA8" disabled=no new-connection-mark=
Game_Tank passthrough=yes protocol=udp src-port=2311-2312,29919
add action=mark-connection chain=prerouting comment="" disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=tcp src-port=4000
add action=mark-connection chain=prerouting comment=
"BDA3CFC0CAC0BDE7" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=tcp src-port=6047
add action=mark-connection chain=prerouting comment=
"BDA3CFC0C7E9D4B53" disabled=no new-connection-mark=Game_Tank
passthrough=yes protocol=tcp src-port=16763
add action=mark-connection chain=prerouting comment="" disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=udp src-port=16763
add action=mark-connection chain=prerouting comment="" disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=tcp src-port=
3112-3115
add action=mark-connection chain=prerouting comment=
"C6F0B7B2D3CECFB7C6BDCCA8" disabled=no new-connection-mark=
Game_Tank passthrough=yes protocol=tcp src-port=1607
add action=mark-connection chain=prerouting comment="" disabled=no
new-connection-mark=Game_Tank passthrough=yes protocol=udp src-port=
6600,6660,1308,1610
add action=mark-connection chain=prerouting comment="C5DDC5DDCCC3"
disabled=no new-connection-mark=Game_Tank passthrough=yes protocol=tcp
src-port=3838,4848,29865

LU1978 · 发表于 2010-10-3 20:12:42

马上注册成为ROSABC会员，随时发帖回复。

您需要登录才可以下载或查看，没有账号？会员注册

x

2011-2-22 02:25 上传
下载附件 (78.71 KB)

为什么我在packet mark里找不serverdown的标记呢？我用的网上的脚本标记的。
下面是脚本内容。请问老师是这端脚本不完整吗？

/ip firewall filter
add action=drop chain=input comment="BDFBD6B9CDE2CDF8ping"
connection-state=new disabled=no in-interface=wan protocol=icmp
add action=add-src-to-address-list address-list="D4DACFDF"
address-list-timeout=2m chain=forward comment=
"CDB3BCC6D4DACFDFBBFAC6F7" disabled=no in-interface=lan
add action=add-src-to-address-list address-list="D6D0B9EDD3B0"
address-list-timeout=1w chain=forward comment=
"CFD4CABED6D0B6BEBBFAC6F7" disabled=no dst-address=
74.82.63.96
add action=add-src-to-address-list address-list="D6D0B9EDD3B0"
address-list-timeout=1w chain=forward comment="" disabled=no dst-address=
74.63.89.0/24
add action=drop chain=forward comment="BDFBD6B9B9EDD3B0IP" disabled=
no dst-address=74.82.63.96
add action=drop chain=forward comment="" disabled=no dst-address=
74.63.89.0/24
add action=drop chain=forward comment="" disabled=no dst-port=10085 protocol=
tcp
add action=drop chain=input comment="B7E2135-139B6CBBFDA" disabled=no
dst-port=135-139 protocol=udp
add action=drop chain=input comment="" disabled=no dst-port=135-139 protocol=
tcp

		自动登录	找回密码
密码			会员注册

[交流] 老师来一下，新手请教一个HTB标记问题

马上注册成为ROSABC会员，随时发帖回复。

相关帖子