Here is a script:
/ip firewall layer7-protocol
add name=L7-Torrent regexp="^(\\x13bittorrent protocol|azver\\x01\$|get /scrap\
e\\\?info_hash=get /announce\\\?info_hash=|get /client/bitcomet/|GET /data\
\\\?fid=)|d1:ad2:id20:|\\x08'7P\\)[RP]"
/queue tree
add limit-at=256k max-limit=256k name=Torrent-Download packet-mark=\
Torrent-Conn parent=global priority=5 queue=default
/ip firewall filter
add action=add-src-to-address-list address-list=Torrent-Add \
address-list-timeout=2m chain=forward layer7-protocol=L7-Torrent \
src-address=192.168.96.0/24
add action=add-src-to-address-list address-list=Torrent-Add \
address-list-timeout=2m chain=forward p2p=all-p2p src-address=\
192.168.96.0/24
add action=add-src-to-address-list address-list=Torrent-Add \
address-list-timeout=2m chain=forward p2p=bit-torrent src-address=\
192.168.96.0/24
/ip firewall mangle
add action=mark-connection chain=prerouting comment=Torrent-Conn dst-port=\
!0-1024,8291,5900,5800,3389,14147,5222,59905 new-connection-mark=\
Torrent-Conn protocol=tcp src-address-list=Torrent-Add
add action=mark-connection chain=prerouting dst-port=\
!0-1024,8291,5900,5800,3389,14147,5222,59905 new-connection-mark=\
Torrent-Conn protocol=udp src-address-list=Torrent-Add
add action=mark-connection chain=prerouting new-connection-mark=Torrent-Conn \
p2p=all-p2p src-address-list=Torrent-Add
add action=mark-connection chain=prerouting new-connection-mark=Torrent-Conn \
p2p=bit-torrent src-address-list=Torrent-Add
add action=mark-packet chain=prerouting connection-mark=Torrent-Conn \
new-packet-mark=Torrent-Conn passthrough=no
No comments:
Post a Comment