The next objective is to prioritize skyward while throttling .flv and .mp4 content from youtube. I haven't put a queue in for the youtube mark yet because the L7 filters don't seem to be working. Also, the skyward queue isn't getting hit. I can't tell if the packets are getting mangled properly in the skyward chain or not.
Code: Select all
# dec/02/2011 18:07:43 by RouterOS 5.9
#
#
/ip firewall mangle
add action=jump chain=prerouting content=youtube.com disabled=no jump-target=\
youtube
add action=jump chain=prerouting content=skyward.com disabled=no jump-target=\
skyward
add action=mark-packet chain=output comment="Proxy \"hits\"" disabled=no \
dscp=4 new-packet-mark=unqueued-download out-interface=LAN passthrough=no
add action=mark-packet chain=prerouting comment="upload traffic" disabled=no \
in-interface=LAN new-packet-mark=upload passthrough=yes src-address=\
172.25.25.0/24
add action=add-dst-to-address-list address-list=Skyward address-list-timeout=\
5m chain=skyward comment=\
"All packets processed in this chain should be added to Skyward list." \
disabled=no dst-port=80 protocol=tcp
add action=mark-connection chain=forward comment=\
"Connection mark for all tracked connections" disabled=no \
new-connection-mark=tracked-conn passthrough=yes src-address=\
172.25.25.0/24
add action=mark-packet chain=forward comment="Direct Download (non-HTTP)" \
connection-mark=tracked-conn disabled=no in-interface=ether1 \
new-packet-mark=unqueued-download passthrough=no
add action=mark-packet chain=output comment="Proxy HTTP traffic (MISS)" \
disabled=no dst-address=172.25.25.0/24 new-packet-mark=queued-download \
out-interface=LAN passthrough=no
add action=add-dst-to-address-list address-list=Youtube address-list-timeout=\
5m chain=youtube comment=\
"All packets processed in this chain should be added to Youtube list." \
disabled=no dst-port=80 protocol=tcp
add action=mark-connection chain=youtube disabled=no dst-address-list=Youtube \
new-connection-mark=youtube_conn passthrough=yes
add action=mark-packet chain=output connection-mark=youtube_conn disabled=no \
layer7-protocol="Extension \".mp4 \"" new-packet-mark=youtube_mp4 \
passthrough=yes
add action=mark-packet chain=skyward connection-mark=skyward_conn disabled=no \
new-packet-mark=skyward_pkt passthrough=yes
add action=mark-packet chain=output connection-mark=youtube_conn disabled=no \
layer7-protocol="Extension \".mp4 \"" new-packet-mark=youtube_flv \
passthrough=yes
add action=mark-connection chain=skyward disabled=no dst-address-list=Skyward \
new-connection-mark=skyward_conn passthrough=yes
Code: Select all
# dec/02/2011 18:08:25 by RouterOS 5.9
#
#
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=downstream packet-mark=unqueued-download parent=LAN \
priority=8
add burst-limit=0 burst-threshold=0 burst-time=0s comment=\
"Applies for HTTP traffic redirected through proxy." disabled=no \
limit-at=5M max-limit=10M name="Queued download" packet-mark=\
queued-download parent=downstream priority=8 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=upstream packet-mark=upload parent=ether1 priority=8 \
queue=PCQ
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=skyward packet-mark=skyward_pkt parent=downstream \
priority=1 queue=default
Code: Select all
# dec/02/2011 18:19:05 by RouterOS 5.9
#
#
/ip firewall layer7-protocol
add name="Extension \".mp4 \"" regexp="\\.(mp4)"
add name="Extension \".flv \"" regexp="\\.(flv)"
2) Why aren't my skyward packets getting queued? The desired affect here would be to type skyward.com into a browser and see it come up at full speed with priority.