把常用游戏的目标连接端口来做一个标记,然后优先,这个办法不错,经过测试效果也可以,不过 chain是 forward比prerouting效果差很多,如果加在forward里还不如不优化,不知道为什么,只是实践的结果。
/ ip firewall mangle
add chain=forward protocol=tcp tcp-flags=syn action=change-mss new-mss=1452 \
comment="改变MSS" disabled=no
add chain=prerouting src-address=192.168.0.0/23 tos=min-delay \
action=mark-packet new-packet-mark=LEVEL-1 passthrough=yes \
comment="上行数据标记" disabled=no
add chain=prerouting src-address=192.168.0.0/23 tos=max-reliability \
action=mark-packet new-packet-mark=LEVEL-2 passthrough=yes comment="" \
disabled=no
add chain=prerouting src-address=192.168.0.0/23 tos=normal action=mark-packet \
new-packet-mark=LEVEL-3 passthrough=yes comment="" disabled=no
add chain=prerouting src-address=192.168.0.0/23 packet-size=0-768 \
action=mark-packet new-packet-mark=LEVEL-2 passthrough=yes \
comment="上行中小包数据" disabled=no
add chain=prerouting src-address=192.168.0.0/23 protocol=tcp dst-port=3724 \
action=mark-packet new-packet-mark=LEVEL-1 passthrough=yes \
comment="魔兽世界" disabled=no
add chain=prerouting src-address=192.168.0.0/23 protocol=tcp \
dst-port=8086-8087 action=mark-packet new-packet-mark=LEVEL-1 \
passthrough=yes comment="" disabled=no
add chain=prerouting src-address=192.168.0.0/23 protocol=tcp \
dst-port=9090-9091 action=mark-packet new-packet-mark=LEVEL-1 \
passthrough=yes comment="" disabled=no
add chain=prerouting src-address=192.168.0.0/23 protocol=tcp dst-port=9100 \
action=mark-packet new-packet-mark=LEVEL-1 passthrough=yes comment="" \
disabled=no
add chain=prerouting src-address=192.168.0.0/23 protocol=udp dst-port=8000 \
action=mark-packet new-packet-mark=LEVEL-1 passthrough=yes comment="QQ" \
disabled=no
add chain=prerouting src-address=192.168.0.0/23 protocol=tcp dst-port=8000 \
action=mark-packet new-packet-mark=LEVEL-1 passthrough=yes comment="" \
disabled=no
add chain=prerouting src-address=192.168.0.0/23 protocol=tcp dst-port=39311 \
action=mark-packet new-packet-mark=LEVEL-1 passthrough=yes \
comment="跑跑卡丁车" disabled=no
add chain=prerouting src-address=192.168.0.0/23 protocol=udp dst-port=39311 \
action=mark-packet new-packet-mark=LEVEL-1 passthrough=yes comment="" \
disabled=no
add chain=prerouting src-address=192.168.0.0/23 protocol=tcp dst-port=36567 \
action=mark-packet new-packet-mark=LEVEL-1 passthrough=yes comment="" \
disabled=no
add chain=prerouting src-address=192.168.0.0/23 protocol=udp dst-port=36567 \
action=mark-packet new-packet-mark=LEVEL-1 passthrough=yes comment="" \
disabled=no
add chain=prerouting src-address=192.168.0.0/23 protocol=tcp dst-port=11527 \
action=mark-packet new-packet-mark=LEVEL-1 passthrough=yes comment="" \
disabled=no
add chain=prerouting src-address=192.168.0.0/23 protocol=udp dst-port=11527 \
action=mark-packet new-packet-mark=LEVEL-1 passthrough=yes comment="" \
disabled=no
add chain=prerouting src-address=192.168.0.0/23 protocol=tcp dst-port=11107 \
action=mark-packet new-packet-mark=LEVEL-1 passthrough=yes comment="" \
disabled=no
add chain=prerouting src-address=192.168.0.0/23 protocol=udp dst-port=11107 \
action=mark-packet new-packet-mark=LEVEL-1 passthrough=yes comment="" \
disabled=no
add chain=prerouting src-address=192.168.0.0/23 protocol=tcp \
dst-port=9066-9070 action=mark-packet new-packet-mark=LEVEL-1 \
passthrough=yes comment="大航海时代" disabled=no
/ queue tree
add name="优先级-上行" parent=global-out packet-mark="" limit-at=0 \
queue=default priority=3 max-limit=0 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=no
add name="优先通过的数据包" parent=优先级-上行 packet-mark="" limit-at=0 \
queue=default priority=3 max-limit=0 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=no
add name="第一级别" parent=优先通过的数据包 packet-mark=LEVEL-1 limit-at=0 \
queue=default priority=3 max-limit=0 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=no
add name="中等优先通过的数据包" parent=优先级-上行 packet-mark="" limit-at=0 \
queue=default priority=6 max-limit=0 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=no
add name="第二级别" parent=中等优先通过的数据包 packet-mark=LEVEL-2 limit-at=0 \
queue=default priority=6 max-limit=0 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=no
add name="最后通过的数据包" parent=优先级-上行 packet-mark="" limit-at=0 \
queue=default priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=no
add name="第三级别" parent=最后通过的数据包 packet-mark=LEVEL-3 limit-at=0 \
queue=default priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=no
posted on 2006-12-19 17:19
蝴蝶の风 阅读(892)
评论(1) 编辑 收藏 引用