You are on page 1of 2

Topologia: SPEEDR = 172.16.255.2/30 MK = 172.16.255.1/30 add address=10.3.0.1/22 broadcast=10.3.3.255 comment="PG CORTE" disabled=no inte rface=WIFI-CLIENTES network=10.3.0.

0 /ip firewall nat add action=dst-nat dst-address=!172.31.255.2 chain=dstnat comme nt="PG CORTE" disabled=no protocol=tcp src-address-list=pgcorte to-addresses=172 .31.255.2 to-ports=85

/ip firewall mangle add action=mark-connection chain=prerouting comment="if addr list = speedr-redirect -> mark connection [connmarkspeedr-redirect]" disabled=no dst-address-list=!intranet dst-port=80 new-connection-mark=connmarkspeedr-redir ect passthrough=no protocol=tcp src-address-list=speedr-redirect /ip firewall nat add action=dst-nat chain=dstnat comment="if [connmarkspeedr-red irect]-> redirect [172.16.255.2 tcp.dst=3128]" connection-mark=connmarkspeedr-re direct disabled=no dst-address-list=!intranet protocol=tcp to-addresses=172.16.2 55.2 to-ports=3128 /ip firewall address-list add address=192.168.0.0/16 comment="" disabled=no list =intranet /ip firewall address-list add address=192.168.0.0/16 comment="Regra webcache" di sabled=no list=speedr-redirect /ip firewall nat add action=masquerade chain=srcnat comment="Masquerade intranet " disabled=no dst-address=!172.16.255.2 src-address-list=intranet /ip firewall nat add action=masquerade chain=srcnat comment="Masquerade speedr" disabled=no dst-address-list=!intranet src-address=172.16.255.2 /ip firewall nat add action=dst-nat chain=dstnat disabled=no dst-port=80 in-interface=LINK-INTERN ET \ protocol=tcp to-addresses=172.31.255.2 to-ports=80 add action=dst-nat chain=dstnat comment="manuten\E7\E3o" disabled=yes \ dst-port =80 protocol=tcp src-address=0.0.0.0/0 src-address-list=\ "!Manuten\E7\E3o" to-a ddresses=172.31.255.2 to-ports=89 /ip firewall address-list add address=192.168.0.0/24 comment="MANUTEN\C7\C3O" disabled=no list="manuten\E7 \E3o" /system script add policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api source="ip firewall nat set [find comment=manuten\E7\E3o] disabled=no" add name=link-up policy=ftp,reboot,read,write,policy,test,winbox,password,sniff, sensitive,api source="ip firewall nat set [find comment=manuten\E7\E3o] disabled =yes" /ip hotspot walled-garden add action=allow disabled=no dst-host=172.31.255.2 dst-port=80-90 /tool netwatch add disabled=no down-script="/ip firewall nat set [find comment=\"manuten\E7\E3o \"] disabled=no" host=200.154.56.80 \ interval=5s timeout=1s up-script="/ip fire wall nat set [find comment=\"manuten\E7\E3o\"] disabled=yes"

CACHE FULL SPEEDR

/ip firewall nat add action=dst-nat chain=dstnat comment="dst-nat [172.16.255.2 tcp.dst=3128]" \ disabled=no dst-port=80 protocol=tcp src-address=!172.16.255.2 \ to-addresses=172.16.255.2 to-ports=3128 add action=masquerade chain=srcnat comment="Masquerade intranet" disabled=no \ dst-address=!172.16.255.2 src-address-list=intranet add action=masquerade chain=srcnat comment="Masquerade speedr" disabled=no \ dst-address-list=!intranet src-address=172.16.255.2 /ip firewall mangle add action=mark-connection chain=prerouting comment="if addrlist = speedr-redire ct -> mark connection [connmarkspeedr-redirect]" disabled=no \ dst-address-list= !intranet dst-port=80 new-connection-mark=\ connmarkspeedr-redirect passthrough= no protocol=tcp src-address-list=\ speedr-redirect add action=mark-packet chain=postrouting comment=\ "dscp->12) => [packet_speedr_ HIT]" disabled=no dscp=12 new-packet-mark=\ packet_speedr_HIT passthrough=no add action=mark-packet chain=postrouting comment=\ "dscp->10 => [packet_speedr_H IT]" disabled=no dscp=10 new-packet-mark=\ packet_speedr_HIT passthrough=no add action=mark-packet chain=postrouting comment=\ "dscp->48 => [packet_speedr_H IT]" disabled=no dscp=48 new-packet-mark=\ packet_speedr_HIT passthrough=no /queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=8M \ maxlimit=8M name="webcache HIT" packet-mark=packet_speedr_HIT parent=\ global-out p riority=8 queue=default

You might also like