#Cantidad total de interfaces virtuales

global cantWan 15;

#Prefijo de las interfaces virtuales
global prefWan "portal";
#Limite maximo portal
global maxLimit "2100k";
#Prioridades
global pIcmp 1;
global pDns 2;
global pManagment 4;
global pGames 3;
global pWhatsapp 3;
global pFacebook 4;
global pBrowsing 5;
global pYoutube 6;
global pDownload 7;
global pOther 8;
/ip firewall mangle add action=mark-connection chain=prerouting comment="Mark -
Browsing" connection-bytes="0-1000000" dst-port=80,443 new-connection-mark=Browsing
passthrough=yes protocol=tcp;
:for ni from=1 to=$cantWan do={
/ip firewall mangle add action=mark-packet chain=prerouting connection-bytes="0-
1000000" connection-mark=Browsing in-interface="$prefWan$ni" new-packet-
mark="Browsing-$prefWan$ni" passthrough=no;
}
/ip firewall mangle add action=mark-packet chain=prerouting connection-bytes="0-
1000000" connection-mark=Browsing new-packet-mark=Browsing passthrough=no;
/ip firewall mangle add action=mark-connection chain=prerouting comment="Mark
Games" dst-port=27000-27060,28000-30000 new-connection-mark=Games passthrough=yes
protocol=udp;
:for ni from=1 to=$cantWan do={
/ip firewall mangle add action=mark-packet chain=prerouting connection-mark=Games
in-interface="$prefWan$ni" new-packet-mark="Games-$prefWan$ni" passthrough=no;
}
/ip firewall mangle add action=mark-packet chain=prerouting connection-mark=Games
new-packet-mark=Games passthrough=no;
/ip firewall mangle add action=mark-connection chain=prerouting comment="Mark -
Download" connection-bytes="1000001-0" dst-port=80,443 new-connection-mark=Download
passthrough=yes protocol=tcp;
:for ni from=1 to=$cantWan do={
/ip firewall mangle add action=mark-packet chain=prerouting connection-
bytes="1000001-0" connection-mark=Download in-interface="$prefWan$ni" new-packet-
mark="Download-$prefWan$ni" passthrough=no;
}
/ip firewall mangle add action=mark-packet chain=prerouting connection-
bytes="1000001-0" connection-mark=Download new-packet-mark=Download passthrough=no;
/ip firewall mangle add action=mark-connection chain=prerouting comment="Mark -
Whatsapp & VOIP" dst-
port=1719,1720,8008,8009,5222,5223,5228,5240,5243,5244,5248,5060-5061 new-
connection-mark=Whatsapp passthrough=yes protocol=tcp;
/ip firewall mangle add action=mark-connection chain=prerouting dst-
port=1167,1719,1720,8010,5222,5223,5228,5240,5243,5244,5248,5060-5061,10000-60000
new-connection-mark=Whatsapp passthrough=yes protocol=udp;
:for ni from=1 to=$cantWan do={
/ip firewall mangle add action=mark-packet chain=prerouting connection-
mark=Whatsapp in-interface="$prefWan$ni" new-packet-mark="Whatsapp-$prefWan$ni"
passthrough=no;
}
/ip firewall mangle add action=mark-packet chain=prerouting connection-
mark=Whatsapp new-packet-mark=Whatsapp passthrough=no;
/ip firewall layer7-protocol add name=L7-Youtube regexp="youtube.com|
googlevideo.com";
/ip firewall mangle add action=mark-connection chain=prerouting comment="Mark -
Youtube" layer7-protocol=L7-Youtube new-connection-mark=Youtube passthrough=yes;
:for ni from=1 to=$cantWan do={
/ip firewall mangle add action=mark-packet chain=prerouting connection-mark=Youtube
in-interface="$prefWan$ni" new-packet-mark="Youtube-$prefWan$ni" passthrough=no;
}
/ip firewall mangle add action=mark-packet chain=prerouting connection-mark=Youtube
new-packet-mark=Youtube passthrough=no;
/ip firewall layer7-protocol add name=L7_Facebook regexp="^(.*)(facebook)(.*)\\\$";
/ip firewall mangle add action=mark-connection chain=prerouting comment="Mark -
Facebook" layer7-protocol=L7_Facebook new-connection-mark=Facebook passthrough=yes;
:for ni from=1 to=$cantWan do={
/ip firewall mangle add action=mark-packet chain=prerouting connection-
mark=Facebook in-interface="$prefWan$ni" new-packet-mark="Facebook-$prefWan$ni"
passthrough=no;
}
/ip firewall mangle add action=mark-packet chain=prerouting connection-
mark=Facebook new-packet-mark=Facebook passthrough=no;
/ip firewall mangle add action=mark-connection chain=prerouting comment="Mark -
DNS" dst-port=53 new-connection-mark=Dns passthrough=yes protocol=udp;
/ip firewall mangle add action=mark-connection chain=prerouting dst-port=53 new-
connection-mark=Dns passthrough=yes protocol=tcp;
:for ni from=1 to=$cantWan do={
/ip firewall mangle add action=mark-packet chain=prerouting connection-mark=Dns in-
interface="$prefWan$ni" new-packet-mark="Dns-$prefWan$ni" passthrough=no;
}
/ip firewall mangle add action=mark-packet chain=prerouting connection-mark=Dns
new-packet-mark=Dns passthrough=no;
/ip firewall mangle add action=mark-connection chain=prerouting comment="Mark -
Managment (Forward)" dst-port=8291,8728,8729,22,23 new-connection-mark=Managment-fw
passthrough=yes protocol=tcp;
:for ni from=1 to=$cantWan do={
/ip firewall mangle add action=mark-packet chain=prerouting connection-
mark=Managment-fw in-interface="$prefWan$ni" new-packet-mark="Managment-fw-
$prefWan$ni" passthrough=no;
}
/ip firewall mangle add action=mark-packet chain=prerouting connection-
mark=Managment-fw new-packet-mark=Managment-fw passthrough=no;
/ip firewall mangle add action=mark-connection chain=prerouting comment="Mark -
ICMP" new-connection-mark=Icmp passthrough=yes protocol=icmp;
:for ni from=1 to=$cantWan do={
/ip firewall mangle add action=mark-packet chain=prerouting connection-mark=Icmp
in-interface="$prefWan$ni" new-packet-mark="Icmp-$prefWan$ni" passthrough=no
protocol=icmp;
}
/ip firewall mangle add action=mark-packet chain=prerouting connection-mark=Icmp
new-packet-mark=Icmp passthrough=no protocol=icmp;
/ip firewall mangle add action=mark-connection chain=prerouting comment="Mark -
Other" new-connection-mark=Other passthrough=yes;
:for ni from=1 to=$cantWan do={
/ip firewall mangle add action=mark-packet chain=prerouting connection-mark=Other
in-interface="$prefWan$ni" new-packet-mark="Other-$prefWan$ni" passthrough=no;
}
/ip firewall mangle add action=mark-packet chain=prerouting connection-mark=Other
new-packet-mark=Other passthrough=no;
/queue type add kind=pcq name=Bajada pcq-classifier=dst-address;
/queue type add kind=pcq name=Subida pcq-classifier=src-address;
:for ni from=1 to=$cantWan do={
/queue tree add max-limit=$maxLimit name="$prefWan$ni Downstream" parent=global
queue=Bajada;
/queue tree add max-limit=$maxLimit name="$prefWan$ni Upstream"
parent="$prefWan$ni" queue=Subida;
/queue tree add limit-at=200k max-limit=1500k name="$prefWan$ni - Browsing - rx"
packet-mark="Browsing-$prefWan$ni" parent="$prefWan$ni Downstream"
priority=$pBrowsing queue=Bajada;
/queue tree add limit-at=200k max-limit=1500k name="$prefWan$ni - Browsing - tx"
packet-mark=Browsing parent="$prefWan$ni Upstream" priority=$pBrowsing
queue=Subida;
/queue tree add limit-at=200k max-limit=1500k name="$prefWan$ni - Download - rx"
packet-mark="Download-$prefWan$ni" parent="$prefWan$ni Downstream"
priority=$pDownload queue=Bajada;
/queue tree add limit-at=200k max-limit=1500k name="$prefWan$ni - Download - tx"
packet-mark=Download parent="$prefWan$ni Upstream" priority=$pDownload
queue=Subida;
/queue tree add limit-at=200k max-limit=1500k name="$prefWan$ni - DNS - rx" packet-
mark="Dns-$prefWan$ni" parent="$prefWan$ni Downstream" priority=$pDns queue=Bajada;
/queue tree add limit-at=200k max-limit=1500k name="$prefWan$ni - DNS - tx" packet-
mark=Dns parent="$prefWan$ni Upstream" priority=$pDns queue=Subida;
/queue tree add limit-at=200k max-limit=1500k name="$prefWan$ni - Managment - rx"
packet-mark="Managment-fw-$prefWan$ni" parent="$prefWan$ni Downstream"
priority=$pManagment queue=Bajada;
/queue tree add limit-at=200k max-limit=1500k name="$prefWan$ni - Managment - tx"
packet-mark=Managment-fw parent="$prefWan$ni Upstream" priority=$pManagment
queue=Subida;
/queue tree add limit-at=200k max-limit=1M name="$prefWan$ni - ICMP - rx" packet-
mark="Icmp-$prefWan$ni" parent="$prefWan$ni Downstream" priority=$pIcmp
queue=Bajada;
/queue tree add limit-at=200k max-limit=1M name="$prefWan$ni - ICMP - tx" packet-
mark=Icmp parent="$prefWan$ni Upstream" priority=$pIcmp queue=Subida;
/queue tree add limit-at=200k max-limit=1500k name="$prefWan$ni - Whatsapp - rx"
packet-mark="Whatsapp-$prefWan$ni" parent="$prefWan$ni Downstream"
priority=$pWhatsapp queue=Bajada;
/queue tree add limit-at=200k max-limit=1500k name="$prefWan$ni - Whatsapp - tx"
packet-mark=Whatsapp parent="$prefWan$ni Upstream" priority=$pWhatsapp
queue=Subida;
/queue tree add limit-at=200k max-limit=500k name="$prefWan$ni - Youtube - rx"
packet-mark="Youtube-$prefWan$ni" parent="$prefWan$ni Downstream"
priority=$pYoutube queue=Bajada;
/queue tree add limit-at=200k max-limit=500k name="$prefWan$ni - Youtube - tx"
packet-mark=Youtube parent="$prefWan$ni Upstream" priority=$pYoutube queue=Subida;
/queue tree add limit-at=200k max-limit=1M name="$prefWan$ni - Facebook - rx"
packet-mark="Facebook-$prefWan$ni" parent="$prefWan$ni Downstream"
priority=$pFacebook queue=Bajada;
/queue tree add limit-at=200k max-limit=1M name="$prefWan$ni - Facebook - tx"
packet-mark=Facebook parent="$prefWan$ni Upstream" priority=$pFacebook
queue=Subida;
/queue tree add limit-at=200k max-limit=1500k name="$prefWan$ni - Other - rx"
packet-mark="Other-$prefWan$ni" parent="$prefWan$ni Downstream" priority=$pOther
queue=Bajada;
/queue tree add limit-at=200k max-limit=1500k name="$prefWan$ni - Other - tx"
packet-mark=Other parent="$prefWan$ni Upstream" priority=$pOther queue=Subida;
/queue tree add limit-at=200k max-limit=1500k name="$prefWan$ni - Games - rx"
packet-mark="Games-$prefWan$ni" parent="$prefWan$ni Downstream" priority=$pGames
queue=Bajada;
/queue tree add limit-at=200k max-limit=1500k name="$prefWan$ni - Games - tx"
packet-mark=Games parent="$prefWan$ni Upstream" priority=$pGames queue=Subida;
}