/ ip firewall mangle
add chain=forward action=log connection-state=new out-interface=!Auth \
dst-address=!172.21.0.0/16 dst-port=!4662 protocol=tcp \
src-address-list=PPPoE_Clienti log-prefix="p2k" comment="" disabled=no
add chain=input action=accept dst-port=8291 protocol=tcp comment="WinBox" \
disabled=no
add chain=prerouting action=accept dst-port=8291 protocol=tcp comment="" \
disabled=no
add chain=forward action=accept dst-port=8291 protocol=tcp comment="" \
disabled=no
add chain=prerouting action=accept src-address=81.174.63.xx comment="traffico \
varapodio" disabled=no
add chain=prerouting action=accept dst-address=81.174.63.xx comment="" \
disabled=no
add chain=prerouting action=accept dst-port=8000 protocol=tcp comment="CPE web \
management" disabled=no
add chain=prerouting action=accept src-port=8000 protocol=tcp comment="" \
disabled=no
add chain=prerouting action=accept src-address=192.168.5.98 \
dst-address=172.21.254.6 comment="" disabled=no
add chain=prerouting action=accept protocol=icmp dst-address-list=management \
comment="ICMP" disabled=no
add chain=prerouting action=jump jump-target=known protocol=icmp comment="" \
disabled=no
add chain=prerouting action=jump jump-target=unknown protocol=tcp \
dst-address-list=rapidshare comment="###### RAPIDSHARE" disabled=no
add chain=prerouting action=jump jump-target=unknown protocol=tcp \
src-address-list=rapidshare comment="" disabled=no
add chain=prerouting action=jump jump-target=unknown protocol=tcp \
src-address-list=megaupload comment="###### Megaupload " disabled=no
add chain=prerouting action=jump jump-target=unknown protocol=tcp \
dst-address-list=megaupload comment="" disabled=no
add chain=prerouting action=mark-connection new-connection-mark=knowntest \
passthrough=yes src-address=172.21.254.222 comment="" disabled=yes
add chain=prerouting action=mark-routing new-routing-mark=vs-Telecom \
passthrough=no src-address=172.21.254.222 protocol=tcp \
connection-mark=knowntest comment="" disabled=yes
add chain=prerouting action=jump jump-target=known dst-port=110 protocol=tcp \
comment="" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=0-1024 \
protocol=tcp comment="###### TCP < 1024" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=0-1024 \
protocol=udp comment="###### UDP < 1024" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=8899 protocol=tcp \
comment="###### DUDE" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=1200-1281 \
protocol=tcp comment="###### Porte MSN" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=1862 protocol=tcp \
comment="" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=1863 protocol=tcp \
comment="" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=2210 protocol=tcp \
comment="" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=6821-6900 \
protocol=tcp comment="" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=9000-9010 \
protocol=tcp comment="" disabled=no
add chain=prerouting action=jump jump-target=known src-address=192.168.3.12 \
comment="## Rocco Lombardo tutto KNOWN !!!!!!!" disabled=no
add chain=prerouting action=jump jump-target=known src-address=192.168.3.11 \
comment="## fabio tutto KNOWN !!!!!!!" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=110 protocol=tcp \
comment="###### Traffico POP3" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=8050 protocol=tcp \
comment="###### Videocamera Comune Saponara" disabled=no
add chain=prerouting action=jump jump-target=known src-port=8050 protocol=tcp \
dst-address-list=!management comment="" disabled=no
add chain=prerouting action=jump jump-target=known src-address=192.168.9.17 \
comment="###### Carroccio quando cassisi down" disabled=no
add chain=prerouting action=jump jump-target=known dst-address=65.54.239.20 \
comment="###### Server Login MSN" disabled=no
add chain=prerouting action=jump jump-target=known dst-address=65.54.183.202 \
comment="" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=5060-5061 \
protocol=udp comment="###### VOIP" disabled=no
add chain=prerouting action=jump jump-target=known src-port=5060-5061 \
protocol=udp comment="" disabled=no
add chain=prerouting action=jump jump-target=known src-address=172.21.254.250 \
comment="" disabled=no
add chain=prerouting action=jump jump-target=known dst-address=172.21.254.250 \
comment="" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=5900-5901 \
protocol=tcp dst-address-list=!management comment="###### VNC" \
disabled=no
add chain=prerouting action=jump jump-target=known src-port=5900-5901 \
protocol=tcp dst-address-list=!management comment="" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=3389 protocol=tcp \
comment="###### Desktop Remoto" disabled=no
add chain=prerouting action=jump jump-target=known src-port=3389 protocol=tcp \
comment="" disabled=no
add chain=prerouting action=jump jump-target=known dst-address=89.119.211.62 \
comment="###### PPTP Bandiera" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=11999 protocol=tcp \
comment="###### Yahoo Giochi" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=8999 protocol=tcp \
comment="###### Scuola Saponara" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=14601-14603 \
protocol=tcp comment="###### Porte sito Photocity" disabled=no
add chain=prerouting action=jump jump-target=known src-port=9443 protocol=tcp \
comment="###### G.Pino Porte X Sito SKY" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=6100 protocol=tcp \
comment="###### Trischitta Videosorveglianza" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=6550 protocol=tcp \
comment="###### Supermercato GM" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=6551 protocol=tcp \
comment="" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=6996 protocol=tcp \
comment="" disabled=no
add chain=prerouting action=jump jump-target=known dst-address=213.61.92.197 \
protocol=tcp comment="ftp AsRock" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=9443 protocol=tcp \
comment="" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=12975 protocol=tcp \
comment="hamachi" disabled=no
add chain=prerouting action=jump jump-target=known dst-port=32976 protocol=tcp \
comment="" disabled=no
add chain=prerouting action=jump jump-target=known connection-type=ftp \
comment="Mark FTP come know" disabled=no
add chain=prerouting action=mark-connection new-connection-mark=knowntest \
passthrough=yes src-address=192.168.5.99 comment="Test" disabled=yes
add chain=prerouting action=mark-connection new-connection-mark=knowntest \
passthrough=yes src-address=172.21.254.149 comment="" disabled=yes
add chain=prerouting action=mark-routing new-routing-mark=vs-Telecom \
passthrough=no src-address=172.21.254.149 connection-mark=knowntest \
comment="" disabled=yes
add chain=prerouting action=jump jump-target=unknown connection-mark=!known \
comment="########### Jump alla chain UNKNOWN \
###############" disabled=no
add chain=known action=passthrough \
comment="######################################## \
CHAIN KNOWN \
###########################################" disabled=no
add chain=known action=mark-connection new-connection-mark=known \
passthrough=yes comment="Mark Connection" disabled=no
add chain=known action=mark-packet new-packet-mark=known passthrough=yes \
comment="" disabled=no
add chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=no \
dst-address=85.33.2.56 dst-port=110 protocol=tcp comment="Mark POP3 \
telecom " disabled=no
add chain=known action=mark-routing new-routing-mark=posta-su-NGI \
passthrough=no dst-address=88.149.128.13 dst-port=25 protocol=tcp \
comment="Mark servers SMTP: smtp.ngi.it, out.alice.it, smtp.fastweb.it, \
out.virgilio.it, box.tin.it" disabled=no
add chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=no \
dst-address=85.33.2.55 dst-port=25 protocol=tcp comment="" disabled=no
add chain=known action=mark-routing new-routing-mark=posta-su-FW \
passthrough=no dst-address=85.18.95.140 dst-port=25 protocol=tcp \
comment="" disabled=no
add chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=no \
dst-address=62.211.72.20 dst-port=25 protocol=tcp comment="" disabled=no
add chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=no \
dst-address=85.33.2.55 dst-port=25 protocol=tcp comment="" disabled=no
add chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=no \
dst-address=62.211.72.30 dst-port=25 protocol=tcp comment="" disabled=no
add chain=known action=passthrough comment="####### NGI ########" \
disabled=no
add chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=no \
src-address=192.168.5.33 connection-mark=known comment=" ### Arte in \
ferro \( Mail Virgilio In \) #############*************** problema posta" \
disabled=yes
add chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=no \
src-address=172.21.254.250 connection-mark=known comment=" ### VOIP \
ufficio " disabled=no
add chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no \
src-address=192.168.3.0/24 connection-mark=known comment=" ### \
Classe 3.0, da Nicola" disabled=no
add chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no \
src-address=192.168.4.0/24 connection-mark=known comment=" ### \
Classe 4.0, da Nicola" disabled=no
add chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no \
src-address=192.168.5.0/24 connection-mark=known \
dst-address-list=!management comment=" ### Classe 5.0, auth su P2K" \
disabled=no
add chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no \
src-address=192.168.6.0/24 connection-mark=known comment=" ### \
Classe 6.0, da Nicola" disabled=no
add chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no \
src-address=192.168.7.0/24 connection-mark=known comment=" ### \
Classe 7.0, da Pace del Mela" disabled=no
add chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no \
src-address=88.149.204.xxx-88.149.204.xxx dst-address-list=!management \
comment=" ### mark vs NGI pubblici clienti \(Tecnospace, H.Terme, \
Server posta\)" disabled=no
add chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no \
src-address=172.21.254.0/24 connection-mark=known \
dst-address-list=!management comment=" ### Ufficio" disabled=no
add chain=known action=passthrough comment="####### TELECOM \
########" disabled=no
add chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=no \
connection-mark=knownTI comment=" ### TEST Fabio" disabled=no
add chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=no \
src-address=192.168.9.0/24 connection-mark=known comment=" ### \
Classe 9.0, da Serro, quando Cassisi is Down" disabled=no
add chain=prerouting action=jump jump-target=known dst-address=87.248.217.214 \
protocol=tcp comment="Shan Lifu" disabled=no
add chain=prerouting action=jump jump-target=known src-address=87.248.217.214 \
protocol=tcp comment="" disabled=no
add chain=prerouting action=jump jump-target=unknown connection-mark=!known \
comment="" disabled=no
add chain=unknown action=passthrough \
comment="######################################## \
CHAIN UNKNOWN \
###########################################" disabled=no
add chain=unknown action=mark-connection new-connection-mark=unknown \
passthrough=yes comment="Mark Connection" disabled=no
add chain=unknown action=mark-packet new-packet-mark=unknown passthrough=yes \
comment="" disabled=no
add chain=unknown action=mark-routing new-routing-mark=vs-Telecom \
passthrough=no src-address=172.21.254.99 connection-mark=unknown \
comment="Verso Telecom host VPN Tonino" disabled=no
add chain=unknown action=mark-routing new-routing-mark=posta-su-FW \
passthrough=no src-address=172.21.254.222 connection-mark=unknown \
comment="Verso Fastweb P2P Ufficio" disabled=yes
add chain=unknown action=mark-routing new-routing-mark=unknown passthrough=no \
packet-mark=unknown src-address-list=PPPoE_Clienti comment="vs FW" \
disabled=no
add chain=postrouting action=change-mss new-mss=1380 tcp-flags=syn \
src-address=192.168.6.7 protocol=tcp comment="Cosimo Mavilia" disabled=no
add chain=postrouting action=change-mss new-mss=1360 tcp-flags=syn \
src-address=213.156.51.2 protocol=tcp comment="Sito Santander" disabled=no
add chain=postrouting action=change-mss new-mss=1360 tcp-flags=syn \
dst-address=213.156.51.2 protocol=tcp comment="" disabled=no
add chain=postrouting action=change-mss new-mss=1380 tcp-flags=syn \
dst-address=192.168.6.7 protocol=tcp comment="" disabled=no
add chain=postrouting action=change-mss new-mss=1360 tcp-flags=syn \
src-address=192.168.6.4 protocol=tcp comment="Cipriano" disabled=no
add chain=postrouting action=change-mss new-mss=1360 tcp-flags=syn \
dst-address=192.168.6.4 protocol=tcp comment="" disabled=no
add chain=postrouting action=change-mss new-mss=1360 tcp-flags=syn \
protocol=tcp src-address-list="change MSS" comment="Prova per \
sito############" disabled=no
[admin@AdiesselleP2K] ip firewall service-port> print
Flags: X - disabled, I - invalid
# NAME PORTS
0 ftp 21
1 tftp 69
2 irc 6667
3 X h323
4 quake3
5 X gre
6 X pptp
[admin@AdiesselleP2K] ip firewall mangle> print prerouting
Flags: X - disabled, I - invalid, D - dynamic
0 chain=prerouting action=accept dst-port=8291 protocol=tcp
1 ;;; traffico varapodio
chain=prerouting action=accept src-address=81.174.63.xx
2 chain=prerouting action=accept dst-address=81.174.63.xx
3 ;;; CPE web management
chain=prerouting action=accept dst-port=8000 protocol=tcp
4 chain=prerouting action=accept src-port=8000 protocol=tcp
5 ;;; ICMP
chain=prerouting action=accept protocol=icmp dst-address-list=management
6 chain=prerouting action=jump jump-target=known protocol=icmp
7 ;;; ###### RAPIDSHARE
chain=prerouting action=jump jump-target=unknown protocol=tcp
dst-address-list=rapidshare
8 chain=prerouting action=jump jump-target=unknown protocol=tcp
src-address-list=rapidshare
9 X ;;; ####### AKAMAI
chain=prerouting action=jump jump-target=unknown dst-address-list=akamai
10 X chain=prerouting action=jump jump-target=unknown src-address-list=akamai
11 ;;; ###### MEGAUPLOAD
chain=prerouting action=jump jump-target=unknown protocol=tcp
src-address-list=megaupload
12 chain=prerouting action=jump jump-target=unknown protocol=tcp
dst-address-list=megaupload
13 chain=prerouting action=jump jump-target=known dst-port=110 protocol=tcp
14 ;;; ###### TCP < 1024
chain=prerouting action=jump jump-target=known dst-port=0-1024
protocol=tcp
15 ;;; ###### UDP < 1024
chain=prerouting action=jump jump-target=known dst-port=0-1024
protocol=udp
16 ;;; ###### VOIP
chain=prerouting action=jump jump-target=known src-port=5060
dst-port=5061 protocol=udp
17 chain=prerouting action=jump jump-target=known dst-address=212.97.59.91
src-port=5004-5007 protocol=udp
18 ;;; ###### DUDE
chain=prerouting action=jump jump-target=known dst-port=8899
protocol=tcp
19 ;;; ###### Ghizzoni Videocamere
chain=prerouting action=jump jump-target=known
src-address=88.149.204.xxx src-port=80 protocol=tcp
dst-address-list=!management
20 chain=prerouting action=jump jump-target=known src-address=88.149.204.xxx
src-port=8085 protocol=tcp dst-address-list=!management
21 ;;; ###### Porte MSN
chain=prerouting action=jump jump-target=known dst-port=1200-1281
protocol=tcp
22 chain=prerouting action=jump jump-target=known dst-port=1862 protocol=tcp
23 chain=prerouting action=jump jump-target=known dst-port=1863 protocol=tcp
24 chain=prerouting action=jump jump-target=known dst-port=2210 protocol=tcp
25 chain=prerouting action=jump jump-target=known dst-port=6821-6900
protocol=tcp
26 chain=prerouting action=jump jump-target=known dst-port=9000-9010
protocol=tcp
27 ;;; VOIP Ufficio
chain=prerouting action=jump jump-target=known
src-address=172.21.254.250
28 ;;; ## Rocco Lombardo tutto KNOWN !!!!!!!
chain=prerouting action=jump jump-target=known src-address=192.168.3.12
29 ;;; ## fabio tutto KNOWN !!!!!!!
chain=prerouting action=jump jump-target=known src-address=192.168.3.11
30 ;;; ###### Traffico POP3
chain=prerouting action=jump jump-target=known dst-port=110 protocol=tcp
31 ;;; ###### Videocamera Comune Saponara
chain=prerouting action=jump jump-target=known dst-port=8050
protocol=tcp
32 chain=prerouting action=jump jump-target=known src-port=8050 protocol=tcp
dst-address-list=!management
33 ;;; ###### Carroccio quando cassisi down
chain=prerouting action=jump jump-target=known src-address=192.168.9.17
34 ;;; ###### Server Login MSN
chain=prerouting action=jump jump-target=known dst-address=65.54.239.20
35 chain=prerouting action=jump jump-target=known dst-address=65.54.183.202
36 X ;;; ###### VOIP
chain=prerouting action=jump jump-target=known dst-port=5060-5061
protocol=udp
37 X chain=prerouting action=jump jump-target=known src-port=5060-5061
protocol=udp
38 ;;; ###### VNC
chain=prerouting action=jump jump-target=known dst-port=5900-5901
protocol=tcp dst-address-list=!management
39 chain=prerouting action=jump jump-target=known src-port=5900-5901
protocol=tcp dst-address-list=!management
40 ;;; ###### Desktop Remoto
chain=prerouting action=jump jump-target=known dst-port=3389
protocol=tcp
41 chain=prerouting action=jump jump-target=known src-port=3389 protocol=tcp
42 ;;; ###### PPTP Bandiera
chain=prerouting action=jump jump-target=known dst-address=89.119.211.62
43 ;;; ###### Yahoo Giochi
chain=prerouting action=jump jump-target=known dst-port=11999
protocol=tcp
44 ;;; ###### Scuola Saponara
chain=prerouting action=jump jump-target=known dst-port=8999
protocol=tcp
45 ;;; ###### Porte sito Photocity
chain=prerouting action=jump jump-target=known dst-port=14601-14603
protocol=tcp
46 ;;; ###### G.Pino Porte X Sito SKY
chain=prerouting action=jump jump-target=known src-port=9443
protocol=tcp
47 ;;; ###### Trischitta Videosorveglianza
chain=prerouting action=jump jump-target=known dst-port=6100
protocol=tcp
48 ;;; ###### Supermercato GM
chain=prerouting action=jump jump-target=known dst-port=6550
protocol=tcp
49 chain=prerouting action=jump jump-target=known dst-port=6551 protocol=tcp
50 chain=prerouting action=jump jump-target=known dst-port=6996 protocol=tcp
51 ;;; ftp AsRock
chain=prerouting action=jump jump-target=known dst-address=213.61.92.197
protocol=tcp
52 chain=prerouting action=jump jump-target=known dst-port=9443 protocol=tcp
53 ;;; hamachi
chain=prerouting action=jump jump-target=known dst-port=12975
protocol=tcp
54 chain=prerouting action=jump jump-target=known dst-port=32976 protocol=tc>
55 ;;; Mark FTP come know
chain=prerouting action=jump jump-target=known connection-type=ftp
56 X ;;; Test
chain=prerouting action=mark-connection new-connection-mark=knowntest
passthrough=yes src-address=192.168.5.99
57 X chain=prerouting action=mark-connection new-connection-mark=knowntest
passthrough=yes src-address=172.21.254.149
58 X chain=prerouting action=mark-routing new-routing-mark=vs-Telecom
passthrough=no src-address=172.21.254.149 connection-mark=knowntest
59 ;;; ########### Jump alla chain UNKNOWN ###############
chain=prerouting action=jump jump-target=unknown connection-mark=!known
60 ;;; Shan Lifu
chain=prerouting action=jump jump-target=known
dst-address=87.248.217.214 protocol=tcp
61 chain=prerouting action=jump jump-target=known src-address=87.248.217.214
protocol=tcp
62 chain=prerouting action=jump jump-target=unknown connection-mark=!known
[admin@AdiesselleP2K] ip firewall mangle> print known
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; ######################################## CHAI>
NOWN ###########################################
chain=known action=passthrough
1 ;;; Mark Connection
chain=known action=mark-connection new-connection-mark=known
passthrough=yes
2 chain=known action=mark-packet new-packet-mark=known passthrough=yes
3 ;;; Mark POP3 telecom. in.aliceposta.it, box.tin.it, in.virgilio.it
chain=known action=mark-routing new-routing-mark=vs-Telecom
passthrough=no dst-address=85.33.2.56 dst-port=110 protocol=tcp
4 chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=n>
dst-address=62.211.72.30 dst-port=110 protocol=tcp
5 ;;; Mark servers SMTP: smtp.ngi.it, out.alice.it, smtp.fastweb.it, out.v>
ilio.it, box.tin.it
chain=known action=mark-routing new-routing-mark=posta-su-NGI
passthrough=no dst-address=88.149.128.13 dst-port=25 protocol=tcp
6 chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=n>
dst-address=85.33.2.55 dst-port=25 protocol=tcp
7 chain=known action=mark-routing new-routing-mark=posta-su-FW
passthrough=no dst-address=85.18.95.140 dst-port=25 protocol=tcp
8 chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=n>
dst-address=62.211.72.20 dst-port=25 protocol=tcp
9 chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=n>
dst-address=85.33.2.55 dst-port=25 protocol=tcp
10 chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=n>
dst-address=62.211.72.30 dst-port=25 protocol=tcp
11 ;;; ####### NGI ########
chain=known action=passthrough
12 X ;;; ### Arte in ferro ( Mail Virgilio In ) #############************>
problema posta
chain=known action=mark-routing new-routing-mark=vs-Telecom
passthrough=no src-address=192.168.5.33 connection-mark=known
13 ;;; ### VOIP ufficio
chain=known action=mark-routing new-routing-mark=vs-Telecom
passthrough=no src-address=172.21.254.250 connection-mark=known
14 ;;; ### Classe 4.0, da Nicola
chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no
src-address=192.168.4.0/24 connection-mark=known
15 ;;; ### Classe 5.0, auth su P2K
chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no
src-address=192.168.5.0/24 connection-mark=known
dst-address-list=!management
16 ;;; ### Classe 6.0, da Nicola
chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no
src-address=192.168.6.0/24 connection-mark=known
17 ;;; ### mark vs NGI pubblici clienti (Tecnospace, H.Terme, Server >
ta)
chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no
src-address=88.149.204.xxx-88.149.204.xxx dst-address-list=!management
18 ;;; ### Ufficio
chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no
src-address=172.21.254.0/24 connection-mark=known
dst-address-list=!management
19 ;;; ####### TELECOM ########
chain=known action=passthrough
20 ;;; ### TEST Fabio
chain=known action=mark-routing new-routing-mark=vs-Telecom
passthrough=no connection-mark=knownTI
21 ;;; ### Classe 7.0, da Pace del Mela
chain=known action=mark-routing new-routing-mark=vs-Telecom
passthrough=no src-address=192.168.7.0/24 connection-mark=known
22 ;;; ### Classe 3.0, da Nicola
chain=known action=mark-routing new-routing-mark=vs-Telecom
passthrough=no src-address=192.168.3.0/24 connection-mark=known
23 ;;; ### Classe 9.0, da Serro, quando Cassisi is Down
chain=known action=mark-routing new-routing-mark=vs-Telecom
passthrough=no src-address=192.168.9.0/24 connection-mark=known
Thank you Chupaka,
Ip/Firewall/service-ports seems to be ok:
[code][admin@AdiesselleP2K] ip firewall service-port> print
Flags: X - disabled, I - invalid
# NAME PORTS
0 ftp 21
1 tftp 69
2 irc 6667
3 X h323
4 quake3
5 X gre
6 X pptp
[admin@AdiesselleP2K] ip firewall mangle> print prerouting
Flags: X - disabled, I - invalid, D - dynamic
0 chain=prerouting action=accept dst-port=8291 protocol=tcp
1 ;;; traffico varapodio
chain=prerouting action=accept src-address=81.174.63.xx
2 chain=prerouting action=accept dst-address=81.174.63.xx
3 ;;; CPE web management
chain=prerouting action=accept dst-port=8000 protocol=tcp
4 chain=prerouting action=accept src-port=8000 protocol=tcp
5 ;;; ICMP
chain=prerouting action=accept protocol=icmp dst-address-list=management
6 chain=prerouting action=jump jump-target=known protocol=icmp
7 ;;; ###### RAPIDSHARE
chain=prerouting action=jump jump-target=unknown protocol=tcp
dst-address-list=rapidshare
8 chain=prerouting action=jump jump-target=unknown protocol=tcp
src-address-list=rapidshare
9 X ;;; ####### AKAMAI
chain=prerouting action=jump jump-target=unknown dst-address-list=akamai
10 X chain=prerouting action=jump jump-target=unknown src-address-list=akamai
11 ;;; ###### MEGAUPLOAD
chain=prerouting action=jump jump-target=unknown protocol=tcp
src-address-list=megaupload
12 chain=prerouting action=jump jump-target=unknown protocol=tcp
dst-address-list=megaupload
13 chain=prerouting action=jump jump-target=known dst-port=110 protocol=tcp
14 ;;; ###### TCP < 1024
chain=prerouting action=jump jump-target=known dst-port=0-1024
protocol=tcp
15 ;;; ###### UDP < 1024
chain=prerouting action=jump jump-target=known dst-port=0-1024
protocol=udp
16 ;;; ###### VOIP
chain=prerouting action=jump jump-target=known src-port=5060
dst-port=5061 protocol=udp
17 chain=prerouting action=jump jump-target=known dst-address=212.97.59.91
src-port=5004-5007 protocol=udp
18 ;;; ###### DUDE
chain=prerouting action=jump jump-target=known dst-port=8899
protocol=tcp
19 ;;; ###### Ghizzoni Videocamere
chain=prerouting action=jump jump-target=known
src-address=88.149.204.xxx src-port=80 protocol=tcp
dst-address-list=!management
20 chain=prerouting action=jump jump-target=known src-address=88.149.204.xxx
src-port=8085 protocol=tcp dst-address-list=!management
21 ;;; ###### Porte MSN
chain=prerouting action=jump jump-target=known dst-port=1200-1281
protocol=tcp
22 chain=prerouting action=jump jump-target=known dst-port=1862 protocol=tcp
23 chain=prerouting action=jump jump-target=known dst-port=1863 protocol=tcp
24 chain=prerouting action=jump jump-target=known dst-port=2210 protocol=tcp
25 chain=prerouting action=jump jump-target=known dst-port=6821-6900
protocol=tcp
26 chain=prerouting action=jump jump-target=known dst-port=9000-9010
protocol=tcp
27 ;;; VOIP Ufficio
chain=prerouting action=jump jump-target=known
src-address=172.21.254.250
28 ;;; ## Rocco Lombardo tutto KNOWN !!!!!!!
chain=prerouting action=jump jump-target=known src-address=192.168.3.12
29 ;;; ## fabio tutto KNOWN !!!!!!!
chain=prerouting action=jump jump-target=known src-address=192.168.3.11
30 ;;; ###### Traffico POP3
chain=prerouting action=jump jump-target=known dst-port=110 protocol=tcp
31 ;;; ###### Videocamera Comune Saponara
chain=prerouting action=jump jump-target=known dst-port=8050
protocol=tcp
32 chain=prerouting action=jump jump-target=known src-port=8050 protocol=tcp
dst-address-list=!management
33 ;;; ###### Carroccio quando cassisi down
chain=prerouting action=jump jump-target=known src-address=192.168.9.17
34 ;;; ###### Server Login MSN
chain=prerouting action=jump jump-target=known dst-address=65.54.239.20
35 chain=prerouting action=jump jump-target=known dst-address=65.54.183.202
36 X ;;; ###### VOIP
chain=prerouting action=jump jump-target=known dst-port=5060-5061
protocol=udp
37 X chain=prerouting action=jump jump-target=known src-port=5060-5061
protocol=udp
38 ;;; ###### VNC
chain=prerouting action=jump jump-target=known dst-port=5900-5901
protocol=tcp dst-address-list=!management
39 chain=prerouting action=jump jump-target=known src-port=5900-5901
protocol=tcp dst-address-list=!management
40 ;;; ###### Desktop Remoto
chain=prerouting action=jump jump-target=known dst-port=3389
protocol=tcp
41 chain=prerouting action=jump jump-target=known src-port=3389 protocol=tcp
42 ;;; ###### PPTP Bandiera
chain=prerouting action=jump jump-target=known dst-address=89.119.211.62
43 ;;; ###### Yahoo Giochi
chain=prerouting action=jump jump-target=known dst-port=11999
protocol=tcp
44 ;;; ###### Scuola Saponara
chain=prerouting action=jump jump-target=known dst-port=8999
protocol=tcp
45 ;;; ###### Porte sito Photocity
chain=prerouting action=jump jump-target=known dst-port=14601-14603
protocol=tcp
46 ;;; ###### G.Pino Porte X Sito SKY
chain=prerouting action=jump jump-target=known src-port=9443
protocol=tcp
47 ;;; ###### Trischitta Videosorveglianza
chain=prerouting action=jump jump-target=known dst-port=6100
protocol=tcp
48 ;;; ###### Supermercato GM
chain=prerouting action=jump jump-target=known dst-port=6550
protocol=tcp
49 chain=prerouting action=jump jump-target=known dst-port=6551 protocol=tcp
50 chain=prerouting action=jump jump-target=known dst-port=6996 protocol=tcp
51 ;;; ftp AsRock
chain=prerouting action=jump jump-target=known dst-address=213.61.92.197
protocol=tcp
52 chain=prerouting action=jump jump-target=known dst-port=9443 protocol=tcp
53 ;;; hamachi
chain=prerouting action=jump jump-target=known dst-port=12975
protocol=tcp
54 chain=prerouting action=jump jump-target=known dst-port=32976 protocol=tc>
55 ;;; Mark FTP come know
chain=prerouting action=jump jump-target=known connection-type=ftp
56 X ;;; Test
chain=prerouting action=mark-connection new-connection-mark=knowntest
passthrough=yes src-address=192.168.5.99
57 X chain=prerouting action=mark-connection new-connection-mark=knowntest
passthrough=yes src-address=172.21.254.149
58 X chain=prerouting action=mark-routing new-routing-mark=vs-Telecom
passthrough=no src-address=172.21.254.149 connection-mark=knowntest
59 ;;; ########### Jump alla chain UNKNOWN ###############
chain=prerouting action=jump jump-target=unknown connection-mark=!known
60 ;;; Shan Lifu
chain=prerouting action=jump jump-target=known
dst-address=87.248.217.214 protocol=tcp
61 chain=prerouting action=jump jump-target=known src-address=87.248.217.214
protocol=tcp
62 chain=prerouting action=jump jump-target=unknown connection-mark=!known
[admin@AdiesselleP2K] ip firewall mangle> print known
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; ######################################## CHAI>
NOWN ###########################################
chain=known action=passthrough
1 ;;; Mark Connection
chain=known action=mark-connection new-connection-mark=known
passthrough=yes
2 chain=known action=mark-packet new-packet-mark=known passthrough=yes
3 ;;; Mark POP3 telecom. in.aliceposta.it, box.tin.it, in.virgilio.it
chain=known action=mark-routing new-routing-mark=vs-Telecom
passthrough=no dst-address=85.33.2.56 dst-port=110 protocol=tcp
4 chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=n>
dst-address=62.211.72.30 dst-port=110 protocol=tcp
5 ;;; Mark servers SMTP: smtp.ngi.it, out.alice.it, smtp.fastweb.it, out.v>
ilio.it, box.tin.it
chain=known action=mark-routing new-routing-mark=posta-su-NGI
passthrough=no dst-address=88.149.128.13 dst-port=25 protocol=tcp
6 chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=n>
dst-address=85.33.2.55 dst-port=25 protocol=tcp
7 chain=known action=mark-routing new-routing-mark=posta-su-FW
passthrough=no dst-address=85.18.95.140 dst-port=25 protocol=tcp
8 chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=n>
dst-address=62.211.72.20 dst-port=25 protocol=tcp
9 chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=n>
dst-address=85.33.2.55 dst-port=25 protocol=tcp
10 chain=known action=mark-routing new-routing-mark=vs-Telecom passthrough=n>
dst-address=62.211.72.30 dst-port=25 protocol=tcp
11 ;;; ####### NGI ########
chain=known action=passthrough
12 X ;;; ### Arte in ferro ( Mail Virgilio In ) #############************>
problema posta
chain=known action=mark-routing new-routing-mark=vs-Telecom
passthrough=no src-address=192.168.5.33 connection-mark=known
13 ;;; ### VOIP ufficio
chain=known action=mark-routing new-routing-mark=vs-Telecom
passthrough=no src-address=172.21.254.250 connection-mark=known
14 ;;; ### Classe 4.0, da Nicola
chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no
src-address=192.168.4.0/24 connection-mark=known
15 ;;; ### Classe 5.0, auth su P2K
chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no
src-address=192.168.5.0/24 connection-mark=known
dst-address-list=!management
16 ;;; ### Classe 6.0, da Nicola
chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no
src-address=192.168.6.0/24 connection-mark=known
17 ;;; ### mark vs NGI pubblici clienti (Tecnospace, H.Terme, Server >
ta)
chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no
src-address=88.149.204.xxx-88.149.204.xxx dst-address-list=!management
18 ;;; ### Ufficio
chain=known action=mark-routing new-routing-mark=vs-NGI passthrough=no
src-address=172.21.254.0/24 connection-mark=known
dst-address-list=!management
19 ;;; ####### TELECOM ########
chain=known action=passthrough
20 ;;; ### TEST Fabio
chain=known action=mark-routing new-routing-mark=vs-Telecom
passthrough=no connection-mark=knownTI
21 ;;; ### Classe 7.0, da Pace del Mela
chain=known action=mark-routing new-routing-mark=vs-Telecom
passthrough=no src-address=192.168.7.0/24 connection-mark=known
22 ;;; ### Classe 3.0, da Nicola
chain=known action=mark-routing new-routing-mark=vs-Telecom
passthrough=no src-address=192.168.3.0/24 connection-mark=known
23 ;;; ### Classe 9.0, da Serro, quando Cassisi is Down
chain=known action=mark-routing new-routing-mark=vs-Telecom
passthrough=no src-address=192.168.9.0/24 connection-mark=known
;;; ##### Mark FTP as known
chain=prerouting action=jump jump-target=known connection-type=ftp 
. I'll try to apply it on the same router that is using my "known/unknown" method in order to fully compare them