Manipulate CDN & Internet Traffic with Mikrotik Mangle & Queue Tree & Queue Tree
# jan/19/2022 11:13:51 by RouterOS 6.49.2
/interface bridge
add name=NAS_Core
/interface ethernet
set [ find default-name=sfp-sfpplus1 ] advertise=10000M-full name=\
"McSol in/out sfp1"
/interface vlan
add interface=NAS_Core name=MCS-MAN156 vlan-id=156
add interface="McSol in/out sfp1" name=vlan11-Server vlan-id=11
add interface=NAS_Core name=vlan100 vlan-id=100
add interface=NAS_Core name=vlan101 vlan-id=101
add interface=NAS_Core name=vlan102 vlan-id=102
add interface=NAS_Core name=vlan103 vlan-id=103
add interface=NAS_Core name=vlan104 vlan-id=104
add interface=NAS_Core name=vlan105 vlan-id=105
add interface=NAS_Core name=vlan106 vlan-id=106
add interface=NAS_Core name=vlan107 vlan-id=107
add interface=NAS_Core name=vlan108 vlan-id=108
add interface=NAS_Core name=vlan109 vlan-id=109
add interface=NAS_Core name=vlan110 vlan-id=110
add interface=NAS_Core name=vlan111 vlan-id=111
add interface=NAS_Core name=vlan112 vlan-id=112
add interface=NAS_Core name=vlan530 vlan-id=530
add interface=NAS_Core name=vlan2121 vlan-id=2121
add interface=NAS_Core name=vlan2122 vlan-id=2122
add interface=NAS_Core name=vlan2123 vlan-id=2123
add interface=NAS_Core name=vlan2124 vlan-id=2124
add interface=NAS_Core name=vlan2125 vlan-id=2125
add interface=NAS_Core name=vlan2126 vlan-id=2126
add interface=NAS_Core name=vlan2127 vlan-id=2127
add interface=NAS_Core name=vlan2128 vlan-id=2128
add interface=NAS_Core name=vlan2129 vlan-id=2129
add interface=NAS_Core name=vlan2130 vlan-id=2130
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=LocalPool ranges=56.155.0.2-56.155.95.254
add name=PPPOE-5Mbps ranges=105.170.0.2-105.170.15.254
add name=PPPOE-10Mbps ranges=110.170.0.2-110.170.15.254
add name=PPPOE-8Mbps ranges=108.170.0.2-108.170.15.254
add name=PPPOE-20Mbps ranges=120.170.0.2-120.170.15.254
add name=PPPOE-15Mbps ranges=115.170.0.2-115.170.15.254
add name=PPPOE-30Mbps ranges=130.170.0.2-130.170.15.254
add name=PPPOE-2Mbps ranges=102.170.0.2-102.170.15.254
add name=PPPOE-3Mbps ranges=103.170.0.2-103.170.15.254
add name=PPPOE-4Mbps ranges=104.170.0.2-104.170.15.254
add name=PPPOE-6Mbps ranges=106.170.0.2-106.170.15.254
add name=PPPOE-1Mbps ranges=101.170.0.2-101.170.15.254
add name=PPPOE ranges=100.170.0.2-100.170.15.254
add name=Expired ranges=99.99.0.1-99.99.63.254
/ppp profile
add bridge=NAS_Core change-tcp-mss=yes dns-server=8.8.8.8,1.1.1.1 \
local-address=LocalPool name="Radius McSOL"
add bridge=NAS_Core change-tcp-mss=yes dns-server=1.1.1.1,8.8.8.8 \
local-address=LocalPool name="Direct PPPOE" rate-limit=\
"10M/30M 31M/31M 10M/30M 45/9 8" remote-address=PPPOE
/queue type
add kind=pcq name=10Mb-PCQ-INT-UP pcq-burst-rate=30M pcq-burst-threshold=10M \
pcq-burst-time=45s pcq-classifier=src-address pcq-limit=1000KiB pcq-rate=\
10M
add kind=pcq name=10Mb-PCQ-YG-DW pcq-burst-rate=21M pcq-burst-threshold=20M \
pcq-burst-time=30s pcq-classifier=dst-address pcq-limit=1000KiB pcq-rate=\
20M pcq-total-limit=2000000KiB
add kind=pcq name=10Mb-PCQ-INT-DW pcq-burst-rate=12M pcq-burst-threshold=10M \
pcq-burst-time=30s pcq-classifier=dst-address pcq-limit=1000KiB pcq-rate=\
10M pcq-total-limit=2000000KiB
add kind=pcq name=5Mb-PCQ-INT-UP pcq-burst-rate=15M pcq-burst-threshold=5M \
pcq-burst-time=45s pcq-classifier=src-address pcq-limit=1000KiB pcq-rate=\
5M
add kind=pcq name=5Mb-PCQ-INT-DW pcq-burst-rate=6M pcq-burst-threshold=5M \
pcq-burst-time=11s pcq-classifier=dst-address pcq-limit=1000KiB pcq-rate=\
5M pcq-total-limit=2000000KiB
add kind=pcq name=5Mb-PCQ-YG-DW pcq-burst-rate=11M pcq-burst-threshold=10M \
pcq-burst-time=11s pcq-classifier=dst-address pcq-limit=1000KiB pcq-rate=\
10M pcq-total-limit=2000000KiB
add kind=pcq name=8Mb-PCQ-INT-DW pcq-burst-rate=9M pcq-burst-threshold=8M \
pcq-burst-time=11s pcq-classifier=dst-address pcq-limit=1000KiB pcq-rate=\
8M pcq-total-limit=2000000KiB
add kind=pcq name=8Mb-PCQ-INT-UP pcq-burst-rate=25M pcq-burst-threshold=8M \
pcq-burst-time=45s pcq-classifier=src-address pcq-limit=1000KiB pcq-rate=\
8M
add kind=pcq name=8Mb-PCQ-YG-DW pcq-burst-rate=17M pcq-burst-threshold=16M \
pcq-burst-time=11s pcq-classifier=dst-address pcq-limit=1000KiB pcq-rate=\
16M pcq-total-limit=2000000KiB
add kind=pcq name=3Mb-PCQ-INT-DW pcq-burst-rate=4M pcq-burst-threshold=3M \
pcq-burst-time=11s pcq-classifier=dst-address pcq-limit=1000KiB pcq-rate=\
3M pcq-total-limit=2000000KiB
add kind=pcq name=3Mb-PCQ-INT-UP pcq-burst-rate=10M pcq-burst-threshold=3M \
pcq-burst-time=45s pcq-classifier=src-address pcq-limit=1000KiB pcq-rate=\
3M
add kind=pcq name=3Mb-PCQ-YG-DW pcq-burst-rate=7M pcq-burst-threshold=6M \
pcq-burst-time=11s pcq-classifier=dst-address pcq-limit=1000KiB pcq-rate=\
6M pcq-total-limit=2000000KiB
add kind=pcq name=2Mb-PCQ-INT-DW pcq-burst-rate=3M pcq-burst-threshold=2M \
pcq-burst-time=11s pcq-classifier=dst-address pcq-limit=1000KiB pcq-rate=\
2M pcq-total-limit=2000000KiB
add kind=pcq name=1Mb-PCQ-INT-DW pcq-burst-rate=2M pcq-burst-threshold=1M \
pcq-burst-time=11s pcq-classifier=dst-address pcq-limit=1000KiB pcq-rate=\
1M pcq-total-limit=2000000KiB
add kind=pcq name=20Mb-PCQ-INT-DW pcq-burst-rate=22M pcq-burst-threshold=20M \
pcq-burst-time=11s pcq-classifier=dst-address pcq-limit=1000KiB pcq-rate=\
20M pcq-total-limit=2000000KiB
add kind=pcq name=30Mb-PCQ-INT-DW pcq-burst-rate=32M pcq-burst-threshold=30M \
pcq-burst-time=11s pcq-classifier=dst-address pcq-limit=1000KiB pcq-rate=\
30M pcq-total-limit=2000000KiB
add kind=pcq name=2Mb-PCQ-YG-DW pcq-burst-rate=5M pcq-burst-threshold=4M \
pcq-burst-time=11s pcq-classifier=dst-address pcq-limit=1000KiB pcq-rate=\
4M pcq-total-limit=2000000KiB
add kind=pcq name=1Mb-PCQ-YG-DW pcq-burst-rate=3M pcq-burst-threshold=2M \
pcq-burst-time=11s pcq-classifier=dst-address pcq-limit=1000KiB pcq-rate=\
2M pcq-total-limit=2000000KiB
add kind=pcq name=20Mb-PCQ-YG-DW pcq-burst-rate=42M pcq-burst-threshold=40M \
pcq-burst-time=11s pcq-classifier=dst-address pcq-limit=1000KiB pcq-rate=\
40M pcq-total-limit=2000000KiB
add kind=pcq name=30Mb-PCQ-YG-DW pcq-burst-rate=62M pcq-burst-threshold=60M \
pcq-burst-time=11s pcq-classifier=dst-address pcq-limit=1000KiB pcq-rate=\
60M pcq-total-limit=2000000KiB
add kind=pcq name=2Mb-PCQ-INT-UP pcq-burst-rate=7M pcq-burst-threshold=2M \
pcq-burst-time=45s pcq-classifier=src-address pcq-limit=1000KiB pcq-rate=\
2M
add kind=pcq name=1Mb-PCQ-INT-UP pcq-burst-rate=4M pcq-burst-threshold=1M \
pcq-burst-time=45s pcq-classifier=src-address pcq-limit=1000KiB pcq-rate=\
1M
add kind=pcq name=30Mb-PCQ-INT-UP pcq-burst-rate=92M pcq-burst-threshold=30M \
pcq-burst-time=45s pcq-classifier=src-address pcq-limit=1000KiB pcq-rate=\
30M
add kind=pcq name=20Mb-PCQ-INT-UP pcq-burst-rate=42M pcq-burst-threshold=20M \
pcq-burst-time=45s pcq-classifier=src-address pcq-limit=1000KiB pcq-rate=\
20M
/queue tree
add name=10Mb-INTUP-QT packet-mark=10Mbps_Internet_UP parent=global queue=\
10Mb-PCQ-INT-UP
add name=10Mb-INTD-QT packet-mark=10Mbps_Internet_DOWN parent=global queue=\
10Mb-PCQ-INT-DW
add name=10Mb-YGD-QT packet-mark=10Mbps_CDN_DOWN parent=global queue=\
10Mb-PCQ-YG-DW
add name=5Mb-INTD-QT packet-mark=PKT_Mbps_Internet_DOWN parent=global queue=\
5Mb-PCQ-INT-DW
add name=5Mb-YGD-QT packet-mark=PKT_Mbps_CDN_DOWN parent=global queue=\
5Mb-PCQ-YG-DW
add name=5Mb-INTUP-QT packet-mark=5Mbps_Internet_UP parent=global queue=\
5Mb-PCQ-INT-UP
add name=8Mb-INTD-QT packet-mark=8Mbps_Internet_DOWN parent=global queue=\
8Mb-PCQ-INT-DW
add name=8Mb-INTUP-QT packet-mark=8Mbps_Internet_UP parent=global queue=\
8Mb-PCQ-INT-UP
add name=8Mb-YGD-QT packet-mark=8Mbps_CDN_DOWN parent=global queue=\
8Mb-PCQ-YG-DW
add name=3Mb-INTD-QT packet-mark=3Mbps_Mbps_Internet_DOWN parent=global \
queue=3Mb-PCQ-INT-DW
add name=3Mb-INTUP-QT packet-mark=3Mbps_Internet_UP parent=global queue=\
3Mb-PCQ-INT-UP
add name=3Mb-YGD-QT packet-mark=3Mbps_Mbps_CDN_DOWN parent=global queue=\
3Mb-PCQ-YG-DW
add name=20Mb-INTD-QT packet-mark=20Mbps_Internet_DOWN parent=global queue=\
20Mb-PCQ-INT-DW
add name=20Mb-INTUP-QT packet-mark=20Mbps_Internet_UP parent=global queue=\
20Mb-PCQ-INT-UP
add name=20Mb-YGD-QT packet-mark=20Mbps_CDN_DOWN parent=global queue=\
20Mb-PCQ-YG-DW
add name=30Mb-INTD-QT packet-mark=30Mbps_Internet_DOWN parent=global queue=\
30Mb-PCQ-INT-DW
add name=2Mb-INTD-QT packet-mark=2Mbps_Internet_DOWN parent=global queue=\
2Mb-PCQ-INT-DW
add name=1Mb-INTD-QT packet-mark=1Mbps_Internet_DOWN parent=global queue=\
1Mb-PCQ-INT-DW
add name=1Mb-INTUP-QT packet-mark=1Mbps_Internet_UP parent=global queue=\
1Mb-PCQ-INT-UP
add name=2Mb-INTUP-QT packet-mark=2Mbps_Internet_UP parent=global queue=\
2Mb-PCQ-INT-UP
add name=30Mb-INTUP-QT packet-mark=30Mbps_Internet_UP parent=global queue=\
30Mb-PCQ-INT-UP
add name=1Mb-YGD-QT packet-mark=1Mbps_CDN_DOWN parent=global queue=\
1Mb-PCQ-YG-DW
add name=2Mb-YGD-QT packet-mark=2Mbps_CDN_DOWN parent=global queue=\
2Mb-PCQ-YG-DW
add name=30Mb-YGD-QT packet-mark=30Mbps_CDN_DOWN parent=global queue=\
30Mb-PCQ-YG-DW
/system logging action
add bsd-syslog=yes name=MCSOL remote=172.168.164.5 target=remote
/user group
set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,pas\
sword,web,sniff,sensitive,api,romon,dude,tikapp"
/interface bridge filter
add action=accept chain=forward dst-address=255.255.255.255/32 ip-protocol=\
udp mac-protocol=ip src-address=192.168.0.0/16 src-port=67-68
/interface bridge port
add bridge=NAS_Core interface="McSol in/out sfp1"
add bridge=NAS_Core interface=sfp-sfpplus2
/interface bridge settings
set use-ip-firewall=yes use-ip-firewall-for-vlan=yes
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface bridge vlan
add bridge=NAS_Core tagged="McSol in/out sfp1,sfp-sfpplus2" untagged=\
vlan11-Server vlan-ids=100-112,11,2121-2130,530,156
/interface detect-internet
set detect-interface-list=all
/interface pppoe-server server
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan101 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan102 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan530 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan100 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan103 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan104 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan105 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan106 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan107 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan108 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan109 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan110 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan2121 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan2122 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan2123 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan2124 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan2125 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan2126 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan2127 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan2128 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan2129 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan2130 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan111 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
add authentication=pap,chap default-profile="Radius McSOL" disabled=no \
interface=vlan112 max-mru=1480 max-mtu=1480 one-session-per-host=yes \
service-name=McSol-BRAS
/ip address
add address=156.168.164.1/24 interface=ether8 network=156.168.164.0
add address=103.X.x.x/29 interface=vlan11-Server network=103.x.x.0
add address=172.168.164.2/23 interface=MCS-MAN156 network=172.168.164.0
/ip cloud
set ddns-enabled=yes ddns-update-interval=1m
/ip dns
set allow-remote-requests=yes cache-size=6144KiB servers=8.8.8.8,1.1.1.1
/ip firewall address-list
add address=ifo.grandtel.com.pk list=EXPList
add address=103.x.x.x/27 list=Public_DW
add address=105.170.0.0/16 list=PPPOE-5Mbps
add address=203.128.22.10 comment=ifo.grandtel.com.pk list=EXPList
add address=27.255.28.140 comment=ifo.grandtel.com.pk list=EXPList
add address=175.110.102.163 list=EXPList
add address=202.59.80.52 list=EXPList
add address=103.8.112.178 list=EXPList
add address=58.27.149.65 list=EXPList
add address=202.142.160.20 list=EXPList
add address=43.251.255.253 list=EXPList
add address=103.73.102.242 list=EXPList
add address=103.7.79.252 list=EXPList
add address=119.30.107.141 list=EXPList
add address=103.83.89.16 list=EXPList
add address=115.42.76.14 list=EXPList
add address=103.221.246.58 list=EXPList
add address=203.135.29.17 list=EXPList
add address=58.65.177.234 list=EXPList
add address=115.42.72.14 list=EXPList
add address=103.209.52.230 list=EXPList
add address=115.167.73.248 list=EXPList
add address=202.69.12.13 list=EXPList
add address=119.30.107.214 list=EXPList
add address=182.176.14.38 list=EXPList
add address=103.116.250.230 list=EXPList
add address=103.116.250.222 list=EXPList
add address=103.131.215.11 list=EXPList
add address=103.103.42.10 list=EXPList
add address=124.29.201.150 list=EXPList
add address=42.201.200.178 list=EXPList
add address=124.29.242.206 list=EXPList
add address=45.249.9.241 list=EXPList
add address=119.159.242.145 list=EXPList
add address=202.69.44.88 list=EXPList
add address=113.203.225.6 list=EXPList
add address=118.103.236.68 list=EXPList
add address=202.69.11.13 list=EXPList
add address=103.11.0.11 list=EXPList
add address=111.119.161.74 list=EXPList
add address=103.131.11.242 list=EXPList
add address=119.160.95.5 list=EXPList
add address=103.24.96.54 list=EXPList
add address=45.249.11.16 list=EXPList
add address=210.2.157.133 list=EXPList
add address=202.154.239.26 list=EXPList
add address=103.137.69.2 list=EXPList
add address=www.speedtest.net list=EXPList
add address=117.20.18.10 list=EXPList
add address=8.8.8.8 list=EXPList
add address=8.8.4.4 list=EXPList
add address=139.99.61.0/24 list=EXPList
add address=fireprobe.net list=EXPList
add address=speedtest.tufatel.com list=EXPList
add address=speedtest.kknetworks.com.pk list=EXPList
add address=netze.lmpl.net list=EXPList
add address=acn.net.pk list=EXPList
add address=23.246.55.0/24 list=EXPList
add address=23.246.54.0/24 list=EXPList
add address=45.57.75.0/24 list=EXPList
add address=2.19.236.71 list=EXPList
add address=110.93.192.0/24 list=EXPList
add address=134.0.219.0/24 list=EXPList
add address=speedtest.transdigital.net.pk list=EXPList
add address=speedtestlhr.tes.com.pk list=EXPList
add address=speedtestftr.tufatel.com list=EXPList
add address=110.170.0.0/16 list=PPPOE-10Mbps
add address=100.170.0.0/16 list=ALL-PPPOE-List
add address=101.170.0.0/16 list=ALL-PPPOE-List
add address=102.170.0.0/16 list=ALL-PPPOE-List
add address=103.170.0.0/16 list=ALL-PPPOE-List
add address=104.170.0.0/16 list=ALL-PPPOE-List
add address=105.170.0.0/16 list=ALL-PPPOE-List
add address=106.170.0.0/16 list=ALL-PPPOE-List
add address=108.170.0.0/16 list=ALL-PPPOE-List
add address=110.170.0.0/16 list=ALL-PPPOE-List
add address=108.170.0.0/16 list=PPPOE-8Mbps
add address=223.29.224.0/20 comment=PAKISTAN list=EXPList
add address=103.221.247.205 list=EXPList
add address=103.221.247.204 list=EXPList
add address=74.125.167.75 list=EXPList
add address=103.166.150.76-103.166.150.80 list=10Public
add address=103.166.150.81-103.166.150.85 list=8Public
add address=103.166.150.64-103.166.150.66 list=5Public
add address=74.125.206.198 list=EXPList
add address=74.125.167.91 list=EXPList
add address=103.221.247.128/25 comment=253NAS list=EXPList
add address=77.77.7.8 list=EXPList
add address=203.80.128.27 list=EXPList
add address=speedtest-fsd1.mobilink.net list=EXPList
add address=speedtest1.lmpl.net list=EXPList
add address=speedtest.ges.net.pk list=EXPList
add address=180.178.184.62 list=EXPList
add address=speedtest-isb1.zong.com.pk list=EXPList
add address=speedtest.nayatel.net comment=speedtest-isb1.zong.com.pk list=\
EXPList
add address=speedtest1.telenor.com.pk comment=speedtest-isb1.zong.com.pk \
list=EXPList
add address=speedtest.ptcl.net comment=speedtest-isb1.zong.com.pk list=\
EXPList
add address=speedtest-isb1.mobilink.net comment=speedtest-isb1.zong.com.pk \
list=EXPList
add address=uspeedtest01.ufone.com comment=speedtest-isb1.zong.com.pk list=\
EXPList
add address=speedtest-isb1.jazz.com.pk comment=uspeedtest01.ufone.com list=\
EXPList
add address=speedtest-jrw.lmpl.net comment=speedtest-isb1.mobilink.net list=\
EXPList
add address=speedtest-khi1.zong.com.pk comment=uspeedtest01.ufone.com list=\
EXPList
add address=uspeedtest03.ufone.com comment=speedtest-isb1.mobilink.net list=\
EXPList
add address=speedtest.nationalbroadband.pk comment=\
speedtest-isb1.mobilink.net list=EXPList
add address=speedtestkhi.wi-tribe.net.pk comment=uspeedtest03.ufone.com list=\
EXPList
add address=speedtest-khi.worldcall.pk comment=speedtestkhi.wi-tribe.net.pk \
list=EXPList
add address=speedtest.fiberlink.net.pk comment=speedtestkhi.wi-tribe.net.pk \
list=EXPList
add address=203.124.29.4 comment=speedtestkhi.wi-tribe.net.pk list=EXPList
add address=speedtest3.telenor.com.pk comment=uspeedtest03.ufone.com list=\
EXPList
add address=speedtest.stormfiber.com comment=uspeedtest03.ufone.com list=\
EXPList
add address=103.11.63.254 comment=uspeedtest03.ufone.com list=EXPList
add address=speedtest3.ptcl.net comment=uspeedtest03.ufone.com list=EXPList
add address=speedtest.wancom.net.pk comment=uspeedtest03.ufone.com list=\
EXPList
add address=speedtest.connect.net.pk comment=uspeedtest03.ufone.com list=\
EXPList
add address=speedtest-khi1.jazz.com.pk comment=uspeedtest03.ufone.com list=\
EXPList
add address=speedtest1.ebonenet.com comment=uspeedtest03.ufone.com list=\
EXPList
add address=speedtest-khi1.mobilink.net comment=uspeedtest03.ufone.com list=\
EXPList
add address=speedtest.tes.com.pk comment=speedtest-khi1.mobilink.net list=\
EXPList
add address=speedtest.kbl.net.pk comment=speedtest-khi1.mobilink.net list=\
EXPList
add address=speedtest-lhr.worldcall.pk comment=speedtest-khi1.mobilink.net \
list=EXPList
add address=media.brain.net.pk comment=speedtest-khi1.mobilink.net list=\
EXPList
add address=speedtestlhr.wi-tribe.net.pk comment=speedtest-khi1.mobilink.net \
list=EXPList
add address=speedtest4.wateen.net comment=speedtest-khi1.mobilink.net list=\
EXPList
add address=speedtest.wateen.net comment=speedtest-khi1.mobilink.net list=\
EXPList
add address=speedtest-lhr1.zong.com.pk comment=speedtest-khi1.mobilink.net \
list=EXPList
add address=speed.beaconhouse.net comment=speedtest-khi1.mobilink.net list=\
EXPList
add address=speedtest1.nexlinx.net.pk comment=speedtest-khi1.mobilink.net \
list=EXPList
add address=speedtest2.visioneast.net comment=speedtest-khi1.mobilink.net \
list=EXPList
add address=speedtest-lhr1.jazz.com.pk comment=speedtest-khi1.mobilink.net \
list=EXPList
add address=180.178.172.210 comment=speedtest-khi1.mobilink.net list=EXPList
add address=speedtest.visiontelecom.com.pk comment=\
speedtest-khi1.mobilink.net list=EXPList
add address=speedtest2.ptcl.net comment=speedtest-khi1.mobilink.net list=\
EXPList
add address=lhesp1.multi.net.pk comment=speedtest-khi1.mobilink.net list=\
EXPList
add address=speedtest.waridtel.com comment=speedtest-khi1.mobilink.net list=\
EXPList
add address=speedtest-lhr1.mobilink.net comment=speedtest-khi1.mobilink.net \
list=EXPList
add address=speedtest.xoultech.com comment=speedtest-khi1.mobilink.net list=\
EXPList
add address=speedtest.mispl.pk comment=speedtest-khi1.mobilink.net list=\
EXPList
add address=sco.cloudns.pro comment=speedtest-khi1.mobilink.net list=EXPList
add address=speedtest-tts.lmpl.net comment=speedtest-khi1.mobilink.net list=\
EXPList
add address=115.167.75.81 comment="facebook cdn" list=EXPList
add address=58.181.97.18 comment="facebook cdn" list=EXPList
add address=182.176.35.145 comment="facebook cdn" list=EXPList
add address=182.176.35.209 comment="facebook cdn" list=EXPList
add address=182.176.35.81 comment="facebook cdn" list=EXPList
add address=182.176.36.81 comment="facebook cdn" list=EXPList
add address=115.167.72.76 comment="google cdn" list=EXPList
add address=115.167.72.77 comment="google cdn" list=EXPList
add address=115.167.72.78 comment="google cdn" list=EXPList
add address=speedtest4.xj.chinamobile.com list=EXPList
add address=23.246.54.141 comment=fast.com list=EXPList
add address=195.229.3.111 comment=fast.com list=EXPList
add address=23.246.55.135 comment=fast.com list=EXPList
add address=195.229.4.225 comment=fast.com list=EXPList
add address=23.246.54.137 comment=fast.com list=EXPList
add address=103.113.100.10 comment="WAYlink EXPList" list=EXPList
add address=103.70.251.246 comment=UsmanISP list=EXPList
add address=23.246.51.152 comment=fast.com list=EXPList
add address=speedtest.wi-tribe.net.pk list=EXPList
add address=13.233.83.43 list=EXPList
add address=fast.com list=EXPList
add address=www.fast.com list=EXPList
add address=104.116.245.9 comment=fast.com list=EXPList
add address=104.116.245.27 comment=fast.com list=EXPList
add address=202.69.12.15 list=EXPList
add address=202.154.239.27 list=EXPList
add address=119.30.107.218 list=EXPList
add address=103.170.0.0/16 list=PPPOE-3Mbps
add address=103.166.150.67-103.166.150.70 list=3Public
add address=103.166.150.71-103.166.150.75 list=2Public
add address=102.170.0.0/16 list=PPPOE-2Mbps
add address=101.170.0.0/16 list=PPPOE-1Mbps
add address=103.166.150.86 list=1Public
add address=103.166.150.87-103.166.150.90 list=20Public
add address=103.166.150.91-103.166.150.95 list=30Public
add address=120.170.0.0/16 list=PPPOE-20Mbps
add address=130.170.0.0/16 list=PPPOE-30Mbps
add address=100.170.0.0/16 list=PPPOE
add address=172.168.164.0/23 list=MCS-MAN156
add address=74.125.167.89 list=EXPList
add address=74.125.140.198 list=EXPList
add address=74.125.98.38 list=EXPList
add address=35.201.81.77 list=EXPList
add address=74.125.98.42 list=EXPList
add address=74.125.167.73 list=EXPList
/ip firewall filter
add action=drop chain=forward dst-port=67 protocol=udp
add action=drop chain=forward dst-port=68 protocol=udp
add action=drop chain=forward src-address=99.99.0.0/18
add action=log chain=forward connection-nat-state=srcnat connection-state=new \
log-prefix=McSolLog protocol=tcp
/ip firewall mangle
add action=mark-packet chain=prerouting dst-address-list=5Public \
new-packet-mark=PKT_Mbps_CDN_DOWN passthrough=no src-address-list=EXPList
add action=mark-packet chain=prerouting dst-address-list=5Public \
new-packet-mark=PKT_Mbps_Internet_DOWN passthrough=no src-address-list=\
!EXPList
add action=mark-packet chain=prerouting new-packet-mark=5Mbps_Internet_UP \
passthrough=no src-address-list=PPPOE-5Mbps
add action=mark-packet chain=prerouting dst-address-list=10Public \
new-packet-mark=10Mbps_CDN_DOWN passthrough=no src-address-list=EXPList
add action=mark-packet chain=prerouting dst-address-list=10Public \
new-packet-mark=10Mbps_Internet_DOWN passthrough=no src-address-list=\
!EXPList
add action=mark-packet chain=prerouting new-packet-mark=10Mbps_Internet_UP \
passthrough=no src-address-list=PPPOE-10Mbps
add action=mark-packet chain=prerouting dst-address-list=8Public \
new-packet-mark=8Mbps_CDN_DOWN passthrough=no src-address-list=EXPList
add action=mark-packet chain=prerouting dst-address-list=8Public \
new-packet-mark=8Mbps_Internet_DOWN passthrough=no src-address-list=\
!EXPList
add action=mark-packet chain=prerouting new-packet-mark=8Mbps_Internet_UP \
passthrough=no src-address-list=PPPOE-8Mbps
add action=mark-packet chain=prerouting dst-address-list=3Public \
new-packet-mark=3Mbps_Mbps_CDN_DOWN passthrough=no src-address-list=\
EXPList
add action=mark-packet chain=prerouting dst-address-list=3Public \
new-packet-mark=3Mbps_Mbps_Internet_DOWN passthrough=no src-address-list=\
!EXPList
add action=mark-packet chain=prerouting new-packet-mark=3Mbps_Internet_UP \
passthrough=no src-address-list=PPPOE-3Mbps
add action=mark-packet chain=prerouting dst-address-list=2Public \
new-packet-mark=2Mbps_CDN_DOWN passthrough=no src-address-list=EXPList
add action=mark-packet chain=prerouting dst-address-list=2Public \
new-packet-mark=2Mbps_Internet_DOWN passthrough=no src-address-list=\
!EXPList
add action=mark-packet chain=prerouting new-packet-mark=2Mbps_Internet_UP \
passthrough=no src-address-list=PPPOE-2Mbps
add action=mark-packet chain=prerouting dst-address-list=1Public \
new-packet-mark=1Mbps_CDN_DOWN passthrough=no src-address-list=EXPList
add action=mark-packet chain=prerouting dst-address-list=1Public \
new-packet-mark=1Mbps_Internet_DOWN passthrough=no src-address-list=\
!EXPList
add action=mark-packet chain=prerouting new-packet-mark=1Mbps_Internet_UP \
passthrough=no src-address-list=PPPOE-1Mbps
add action=mark-packet chain=prerouting dst-address-list=20Public \
new-packet-mark=20Mbps_CDN_DOWN passthrough=no src-address-list=EXPList
add action=mark-packet chain=prerouting dst-address-list=20Public \
new-packet-mark=20Mbps_Internet_DOWN passthrough=no src-address-list=\
!EXPList
add action=mark-packet chain=prerouting new-packet-mark=20Mbps_Internet_UP \
passthrough=no src-address-list=PPPOE-20Mbps
add action=mark-packet chain=prerouting dst-address-list=30Public \
new-packet-mark=30Mbps_CDN_DOWN passthrough=no src-address-list=EXPList
add action=mark-packet chain=prerouting dst-address-list=30Public \
new-packet-mark=30Mbps_Internet_DOWN passthrough=no src-address-list=\
!EXPList
add action=mark-packet chain=prerouting new-packet-mark=30Mbps_Internet_UP \
passthrough=no src-address-list=PPPOE-30Mbps
add action=add-dst-to-address-list address-list=EXPList address-list-timeout=\
none-dynamic chain=prerouting content=googleusercontent.com \
src-address-list=ALL-PPPOE-List
add action=add-dst-to-address-list address-list=EXPList address-list-timeout=\
none-dynamic chain=prerouting content=googlevideo.com src-address-list=\
ALL-PPPOE-List
/ip firewall nat
add action=masquerade chain=srcnat out-interface=vlan11-Server src-address=\
172.168.164.0/23 src-address-list=MCS-MAN156
add action=src-nat chain=srcnat out-interface=vlan11-Server src-address-list=\
PPPOE to-addresses=103.X.X.X/27
add action=src-nat chain=srcnat out-interface=vlan11-Server src-address-list=\
PPPOE-10Mbps to-addresses=103.x.x.3
add action=src-nat chain=srcnat out-interface=vlan11-Server src-address-list=\
PPPOE-5Mbps to-addresses=103.x.x.2
add action=src-nat chain=srcnat out-interface=vlan11-Server src-address-list=\
PPPOE-8Mbps to-addresses=103.x.x.4
add action=src-nat chain=srcnat out-interface=vlan11-Server src-address-list=\
PPPOE-3Mbps to-addresses=103.x.x.5
add action=src-nat chain=srcnat out-interface=vlan11-Server src-address-list=\
PPPOE-2Mbps to-addresses=103.x.x.6
add action=src-nat chain=srcnat out-interface=vlan11-Server src-address-list=\
PPPOE-1Mbps to-addresses=103.x.x.7
add action=src-nat chain=srcnat out-interface=vlan11-Server src-address-list=\
PPPOE-20Mbps to-addresses=103.x.x.8
add action=src-nat chain=srcnat out-interface=vlan11-Server src-address-list=\
PPPOE-30Mbps to-addresses=103.x.x.9
/ip route
add check-gateway=ping distance=1 gateway=103.X.X.1
/ip service
set telnet disabled=yes
set ssh disabled=yes
/ppp aaa
set interim-update=5m use-radius=yes
/ppp secret
add name=test2 password=1260 profile="Direct PPPOE" service=pppoe
/radius
add address=x.x.x.x secret=x.x.x.x service=ppp src-address=\
103.x.x.x
/radius incoming
set accept=yes
/system clock
set time-zone-name=Asia/Karachi
/system identity
set name=NAS.mcsol.com.pk
/system logging
add action=remote prefix=McSOL topics=info
/system scheduler
add interval=1m name=EXPList on-event="/system script run EXPList" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-time=startup
/system script
add dont-require-permissions=yes name=EXPList owner=admin policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="#\
\_Script to add Youtube IP addresses into address list\r\
\n\r\
\n# Tested with Mikrotik 6.42.7\r\
\n\r\
\n:local LISTNAME \93EXPList\94\r\
\n\r\
\n# Name of website to be added to address list\r\
\n\r\
\n:local TARGET1 \93youtube.com\94\r\
\n\r\
\n:local TARGET2 \93googlevideo.com\94\r\
\n\r\
\n# when site is visited for the first time add ip of site to address list\
\_if not listed\r\
\n\r\
\n:if ( [/ip firewall address-list find where list=\$LISTNAME] = \93\94) d\
o={\r\
\n\r\
\n\r\
\n \r\
\n:log warning \93No address list for \$TARGET1 and \$TARGET2 found ! crea\
ting and adding resolved entry for 1st time usage \85 gate\94\r\
\n\r\
\n:resolve \$TARGET1\r\
\n\r\
\n:resolve \$TARGET2\r\
\n\r\
\n/ip firewall address-list add list=\$LISTNAME\r\
\n\r\
\n} else={\r\
\n\r\
\n:log warning \93Previous List for \$LISTNAME found ! moving forward and \
checking if DNS entries can be added in it \85\94\r\
\n\r\
\n}\r\
\n\r\
\n# Check DNS entries for names matching websites\r\
\n\r\
\n:foreach i in=[/ip dns cache all find where (name~\94\$TARGET1\" || name\
~\94\$TARGET2\") && (type=\94A\94) ] do={\r\
\n\r\
\n# Get IP Address from the names for hold in temporary buffer\r\
\n\r\
\n:local Buffer [/ip dns cache get \$i address];\r\
\n\r\
\ndelay delay-time=10ms\r\
\n\r\
\n# Check if entry already exists in address list, otherwise add\r\
\n\r\
\n:if ( [/ip firewall address-list find where address=\$Buffer] = \93\94) \
do={\r\
\n\r\
\n# Fetch DNS names for the entries\r\
\n\r\
\n:local sitednsname [/ip dns cache get \$i name] ;\r\
\n\r\
\n# Print name in LOG window\r\
\n\r\
\n:log info (\93added entry: \$sitednsname \$Buffer\94);\r\
\n\r\
\n# Add IP addresses and sitename names to the address list\r\
\n\r\
\n/ip firewall address-list add address=\$Buffer list=\$LISTNAME comment=\
\$sitednsname;\r\
\n\r\
\n\r\
\n \r\
\n}\r\
\n\r\
\n} \r\
\n"
Comments
Post a Comment