To achieve it, I added comments in all MARK CONNECTION ( prerouting) mangle rules, like “ rule1” “ rule2” and so on, then I used following code in scheduled script which actually change the per connection classifier settings only. He had to do this manually on a daily basis, so he asked me if it can be done automatically by the system. For some customized reasons, He wanted to run dst-address as Per-connection-classifier in Day time, & both-address-and-portsin Night time. Recently I configured a load balancer ( PCC base) in Mikrotik RB for a client. TOP- Block TRACEROUTE in Mikrotik /ip firewall filterĪdd action=drop chain=forward comment="BLOCK TRACEROUTE - ZAIB" icmp-options=11:0 protocol=icmpĪdd action=drop chain=forward comment="BLOCK TRACEROUTE - ZAIB" icmp-options=3:3 protocol=icmpĠ- Change mangle PCC rules by finding comments If you set it to 0, the router will not disconnect clients until they explicitly log out or the router is restarted. Keepalive timeout may only be reached if client is physically disconnected or turned off.The default keepalive-timeout value of 10 is OK in most cases. It is used to detect, if user is available and reachable, if check fails client will be dropped out, etc. – ` keep-alive-timeout` keepalive timeout checks availability. If user is online but is just not sending./receiving anything, he may reach its idle timeout.
In other words, idle timeout checks traffic. Reaching timeout user will be logged out, etc. – ` idle-timeout` is used to detect, if client is not using Router networks (INTERNET or locally natted hosts).
If user is connected with the router, he will be disconnected either he is using router network or not, – ` Session-timeout` is used to disconnect user after specific period of time (like after x seconds/minutes/hours).
Session-timeout / Idle-timeout / Keepalive-timeout in Mikrotik – session-timeout / idle-timeout / keepalive-timeoutġ- Secure Services by Firewall Filter Rulesĥ- Filter Rules to Allow/Block VPN ProtocolĦ- Howto block P2P / Torrents & Downloads using L7/ContentsĨ- Script to reboot Router Daily in night at 1:00amĩ- Disable/Enable Users using Script and Scheduleġ0- Update Hotspot walled garden list by fetching text fileġ3- Monitor WAN link (pppoe-out1) and reconnect (for ptcl 50mb vdsl hang issue)ġ4- Disable HOTSPOT Users based who donot have comments “PAID”ġ5- Script to disconnect previously logged user if same id connected with second computer ġ6- Radius Offline, enable local ppp secretġ7- Download Mikrotik Upgrade package via command in ROS ġ8- Multiple WAN ISP’s link with SAME GATEWAY ġ9 – Print/Find WAN ip (if you have multiple wan IP assigned on same wan interface] Ģ0- Print/Find (pppoe dialer base) WAN IP address Ģ1- Mikrotik 10g SFP+ Supported Card Ģ2- Login to FBR site IRIS not working with Load Balancing PCCĢ3- Monitor LOG & email upon admin user logged inĢ4- Delete BUSY leases from Mikrotik DHCP
0 kommentar(er)
