khoan888join
Senior Member
thanks bác,
giá nhượng lại hap AC^2 second hand giờ là bao nhiêu vậy bác ơi
thảo luận Cộng đồng người dùng MikroTik Router
- Thread starter tuanreb
- Start date
giá nhượng lại hap AC^2 second hand giờ là bao nhiêu vậy bác ơi
tmk1207
Senior Member
thanks bác,
Chịu thôi bác, hàng của bác mà. Bác tự hét đi
, rẻ như trên tivi pm mình nhé
vuducdong
Senior Member
Bạn nên có 1 cái hồi đáp là xử lý xong như thế nào, để những bạn khác sau này gặp lỗi tương tự, thì biết cách làm theo.
tmk1207
Senior Member
Ném vào quote đó.
# mar/02/2021 20:21:47 by RouterOS 6.48.1
# software id = 8HPW-CR7P
#
# model = RBD52G-5HacD2HnD
# serial number =
/interface bridge
add add-dhcp-option82=yes dhcp-snooping=yes igmp-snooping=yes name=bridgeLAN
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether2 name=pppoe-VNPT \
password= user=
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
set [ find default-name=wlan2 ] ssid=MikroTik
/interface vlan
add interface=bridgeLAN name="KHACH VLAN20" vlan-id=20
add interface=bridgeLAN name="NHAN VIEN VLAN10" vlan-id=10
add interface=bridgeLAN name="NOIBO VLAN30" vlan-id=30
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip firewall layer7-protocol
add name="BLOCK DELL" regexp=
/ip pool
add name=dhcp_pool0 ranges=192.168.16.2-192.168.16.254
add name=dhcp_pool1 ranges=10.10.10.2-10.10.10.254
add name=dhcp_pool2 ranges=10.10.20.2-10.10.20.254
add name=dhcp_pool3 ranges=10.10.30.2-10.10.30.254
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=bridgeLAN lease-time=30m \
name="dhcp LAN"
add address-pool=dhcp_pool1 disabled=no interface="NHAN VIEN VLAN10" \
lease-time=30m name=dhcpVLAV10
add address-pool=dhcp_pool2 disabled=no interface="KHACH VLAN20" lease-time=\
30m name=dhcpVLAN20
add address-pool=dhcp_pool3 disabled=no interface="NOIBO VLAN30" lease-time=\
30m name=dhcpVLAN30
/queue type
add kind=pfifo name="GOI TIN TONG" pfifo-limit=100
/queue simple
add max-limit=150M/150M name="TONG BANG THONG" queue=\
"GOI TIN TONG/GOI TIN TONG" target="192.168.16.0/24,KHACH VLAN20"
add name="1- BROWSING CON LAI" packet-marks=\
"BROWSING CONLAI- UPLOAD,BROWSING CONLAI- DOWNLOAD" parent=\
"TONG BANG THONG" priority=1/1 queue=\
pcq-upload-default/pcq-download-default target=\
"192.168.16.0/24,KHACH VLAN20"
add name="3- ICMP" packet-marks="ICMP- UPLOAD,ICMP- DOWNLOAD" parent=\
"TONG BANG THONG" priority=2/2 queue=\
pcq-upload-default/pcq-download-default target=\
"192.168.16.0/24,KHACH VLAN20"
add name="4- DNS" packet-marks="DNS- UPLOAD,DNS- DOWNLOAD" parent=\
"TONG BANG THONG" priority=3/3 queue=\
pcq-upload-default/pcq-download-default target=\
"192.168.16.0/24,KHACH VLAN20"
add max-limit=40M/40M name="5- ALL TRAFFIC" packet-marks="BROWSING- UPLOAD,BRO\
WSING- DOWNLOAD,HEAVY BROWSING- UPLOAD,HEAVY BROWSING- DOWNLOAD,FACEBOOK- \
UPLOAD,FACEBOOK- DOWNLOAD,YOUTUBE- UPLOAD,YOUTUBE- DOWNLOAD,ZALO- UPLOAD,Z\
ALO- DOWNLOAD,INSTAGRAM- UPLOAD,INSTAGRAM- DOWNLOAD,TIKTOK- UPLOAD,TIKTOK-\
\_DOWNLOAD" parent="TONG BANG THONG" priority=3/3 queue=\
"GOI TIN TONG/GOI TIN TONG" target="192.168.16.0/24,KHACH VLAN20"
add name="2. LAN LOCAL" parent="5- ALL TRAFFIC" priority=6/6 queue=\
pcq-upload-default/pcq-download-default target=\
"192.168.16.0/24,KHACH VLAN20"
add name="2- GAME ONLINE" packet-marks=\
"GAME ONLINE- UPLOAD,GAME ONLINE- DOWNLOAD" parent="TONG BANG THONG" \
priority=2/2 queue=pcq-upload-default/pcq-download-default target=\
"192.168.16.0/24,KHACH VLAN20"
/queue tree
add name="TONG BANG THONG" parent=global queue="GOI TIN TONG"
add max-limit=150M name="1- DOWNLOAD" parent="TONG BANG THONG" queue=\
pcq-download-default
add max-limit=150M name="2- UPLOAD" parent="TONG BANG THONG" queue=\
pcq-upload-default
add name="1. BROWSING CONLAI- DOWNLOAD" packet-mark=\
"BROWSING CONLAI- DOWNLOAD" parent="1- DOWNLOAD" priority=1 queue=\
pcq-download-default
add name="2. GAME ONLINE- DOWNLOAD" packet-mark="GAME ONLINE- DOWNLOAD" \
parent="1- DOWNLOAD" priority=2 queue=pcq-download-default
add name="3. ICMP- DOWNLOAD" packet-mark="ICMP- DOWNLOAD" parent=\
"1- DOWNLOAD" priority=2 queue=pcq-download-default
add name="4. DNS- DOWNLOAD" packet-mark="DNS- DOWNLOAD" parent="1- DOWNLOAD" \
priority=3 queue=pcq-download-default
add max-limit=40M name="5. ALL TRAFFIC- DOWNLOAD" parent="1- DOWNLOAD" queue=\
pcq-download-default
add limit-at=10M max-limit=28M name="1- BROWSING- DOWNLOAD" packet-mark=\
"BROWSING- DOWNLOAD" parent="5. ALL TRAFFIC- DOWNLOAD" priority=6 queue=\
pcq-download-default
add limit-at=20M max-limit=28M name="2- HEAVY BROWSING- DOWNLOAD" \
packet-mark="HEAVY BROWSING- DOWNLOAD" parent="5. ALL TRAFFIC- DOWNLOAD" \
priority=5 queue=pcq-download-default
add limit-at=20M max-limit=28M name="3- FACEBOOK- DOWNLOAD" packet-mark=\
"FACEBOOK- DOWNLOAD" parent="5. ALL TRAFFIC- DOWNLOAD" priority=7 queue=\
pcq-download-default
add limit-at=20M max-limit=28M name="4- YOUTUBE- DOWNLOAD" packet-mark=\
"YOUTUBE- DOWNLOAD" parent="5. ALL TRAFFIC- DOWNLOAD" priority=7 queue=\
pcq-download-default
add limit-at=10M max-limit=28M name="5- ZALO- DOWNLOAD" packet-mark=\
"ZALO- DOWNLOAD" parent="5. ALL TRAFFIC- DOWNLOAD" priority=7 queue=\
pcq-download-default
add limit-at=10M max-limit=28M name="6- INSTAGRAM- DOWNLOAD" packet-mark=\
"INSTAGRAM- DOWNLOAD" parent="5. ALL TRAFFIC- DOWNLOAD" priority=7 queue=\
pcq-download-default
add limit-at=10M max-limit=28M name="7- TIKTOK- DOWNLOAD" packet-mark=\
"TIKTOK- DOWNLOAD" parent="5. ALL TRAFFIC- DOWNLOAD" priority=7 queue=\
pcq-download-default
add name="1. BROWSING CONLAI- UPLOAD" packet-mark="BROWSING- UPLOAD" parent=\
"2- UPLOAD" priority=1 queue=pcq-upload-default
add name="2. GAME ONLINE- UPLOAD" packet-mark="GAME ONLINE- UPLOAD" parent=\
"2- UPLOAD" priority=2 queue=pcq-upload-default
add name="3. ICMP- UPLOAD" packet-mark="ICMP- UPLOAD" parent="2- UPLOAD" \
priority=2 queue=pcq-upload-default
add name="4. DNS- UPLOAD" packet-mark="DNS- UPLOAD" parent="2- UPLOAD" \
priority=3 queue=pcq-upload-default
add max-limit=40M name="5. ALL TRAFFIC- UPLOAD" parent="2- UPLOAD" queue=\
pcq-upload-default
add limit-at=20M max-limit=28M name="1- BROWSING- UPLOAD" packet-mark=\
"BROWSING- UPLOAD" parent="5. ALL TRAFFIC- UPLOAD" priority=6 queue=\
pcq-upload-default
add limit-at=20M max-limit=28M name="2- HEAVY BROWSING- UPLOAD" packet-mark=\
"HEAVY BROWSING- UPLOAD" parent="5. ALL TRAFFIC- UPLOAD" priority=5 \
queue=pcq-upload-default
add limit-at=20M max-limit=28M name="3- FACEBOOK- UPLOAD" packet-mark=\
"FACEBOOK- UPLOAD" parent="5. ALL TRAFFIC- UPLOAD" priority=7 queue=\
pcq-upload-default
add limit-at=20M max-limit=28M name="4- YOUTUBE- UPLOAD" packet-mark=\
"YOUTUBE- UPLOAD" parent="5. ALL TRAFFIC- UPLOAD" priority=7 queue=\
pcq-upload-default
add limit-at=10M max-limit=28M name="5- ZALO- UPLOAD" packet-mark=\
"ZALO- UPLOAD" parent="5. ALL TRAFFIC- UPLOAD" priority=7 queue=\
pcq-upload-default
add limit-at=10M max-limit=28M name="6- INSTAGRAM- UPLOAD" packet-mark=\
"INSTAGRAM- UPLOAD" parent="5. ALL TRAFFIC- UPLOAD" priority=7 queue=\
pcq-upload-default
add limit-at=10M max-limit=28M name="7- TIKTOK- UPLOAD" packet-mark=\
"TIKTOK- UPLOAD" parent="5. ALL TRAFFIC- UPLOAD" priority=7 queue=\
pcq-upload-default
/interface bridge port
add bridge=bridgeLAN interface=ether1 multicast-router=disabled
add bridge=bridgeLAN interface=ether3 multicast-router=disabled
add bridge=bridgeLAN interface=ether4 multicast-router=disabled
add bridge=bridgeLAN interface=ether5 multicast-router=disabled
add bridge=bridgeLAN interface=wlan1 multicast-router=disabled
add bridge=bridgeLAN interface=wlan2 multicast-router=disabled
/ip address
add address=192.168.16.1/24 interface=bridgeLAN network=192.168.16.0
add address=10.10.10.1/24 interface="NHAN VIEN VLAN10" network=10.10.10.0
add address=10.10.20.1/24 interface="KHACH VLAN20" network=10.10.20.0
add address=10.10.30.1/24 interface="NOIBO VLAN30" network=10.10.30.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-server lease
add address=192.168.16.23 client-id=1:58:3:fb:9a:e2:29 comment=HIK3 \
mac-address=58:03:FB:9A:E2:29 server="dhcp LAN"
add address=192.168.16.24 client-id=1:58:3:fb:9a:e2:42 comment=HIK4 \
mac-address=58:03:FB:9A:E2:42 server="dhcp LAN"
add address=192.168.16.25 client-id=1:f8:4d:fc:c4:ad:ca comment=HIK5 \
mac-address=F8:4D:FC:C4:AD:CA server="dhcp LAN"
add address=192.168.16.19 client-id=1:4c:b0:8:21:3b:9b comment=IPCAM9 \
mac-address=4C:B0:08:21:3B:9B server="dhcp LAN"
add address=192.168.16.18 client-id=1:4c:b0:8:a4:6:18 comment=IPCAM8 \
mac-address=4C:B0:08:A4:06:18 server="dhcp LAN"
add address=192.168.16.6 client-id=1:0:50:56:0:0:2 comment=\
"NAS POINT OF VIEW" mac-address=00:50:56:00:00:02 server="dhcp LAN"
add address=192.168.16.97 client-id=1:54:48:10:ea:f7:23 comment="DELL WYSE" \
mac-address=54:48:10:EA:F7:23 server="dhcp LAN"
add address=192.168.16.27 client-id=1:ac:cb:51:d:a:5a comment=HIK7 \
mac-address=AC:CB:51:0D:0A:5A server="dhcp LAN"
add address=192.168.16.21 client-id=1:58:3:fb:6b:26:8a comment=HIK1 \
mac-address=58:03:FB:6B:26:8A server="dhcp LAN"
add address=192.168.16.22 client-id=1:94:e1:ac:b8:a7:7b comment=HIK2 \
mac-address=94:E1:AC:B8:A7:7B server="dhcp LAN"
add address=192.168.16.28 client-id=1:ac:cb:51:d:9:86 comment=HIK8 \
mac-address=AC:CB:51:0D:09:86 server="dhcp LAN"
add address=192.168.16.26 client-id=1:f8:4d:fc:c4:ac:55 comment=HIK6 \
mac-address=F8:4D:FC:C4:AC:55 server="dhcp LAN"
add address=192.168.16.93 client-id=1:80:2a:a8:d3:b5:b3 mac-address=\
80:2A:A8
3:B5:B3 server="dhcp LAN"
add address=192.168.16.92 client-id=1:80:2a:a8:19:30:1 mac-address=\
80:2A:A8:19:30:01 server="dhcp LAN"
add address=10.10.10.8 client-id=1:34:2e:b6:17:f9:2f comment=VU mac-address=\
34:2E:B6:17:F9:2F server=dhcpVLAV10
add address=10.10.20.2 client-id=1:fe:64:6:bc:81:93 comment=LOI mac-address=\
FE:64:06:BC:81:93 server=dhcpVLAN20
add address=10.10.20.8 client-id=1:34:2e:b6:17:f9:2f mac-address=\
34:2E:B6:17:F9:2F server=dhcpVLAN20
add address=10.10.10.4 client-id=1:6:7:3b:45:bc:85 comment=HONG mac-address=\
06:07:3B:45:BC:85 server=dhcpVLAV10
add address=10.10.10.5 client-id=1:86:1b:40:e5:27:b0 comment=TAN mac-address=\
86:1B:40:E5:27:B0 server=dhcpVLAV10
add address=10.10.10.3 client-id=1:4:b1:67:6f:df:94 comment=TUYEN \
mac-address=04:B1:67:6FF:94 server=dhcpVLAV10
/ip dhcp-server network
add address=10.10.10.0/24 gateway=10.10.10.1
add address=10.10.20.0/24 gateway=10.10.20.1
add address=10.10.30.0/24 gateway=10.10.30.1
add address=192.168.16.0/24 gateway=192.168.16.1
/ip dns
set servers=1.1.1.1,1.0.0.1,8.8.8.8,8.8.4.4
# software id = 8HPW-CR7P
#
# model = RBD52G-5HacD2HnD
# serial number =
/interface bridge
add add-dhcp-option82=yes dhcp-snooping=yes igmp-snooping=yes name=bridgeLAN
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether2 name=pppoe-VNPT \
password= user=
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
set [ find default-name=wlan2 ] ssid=MikroTik
/interface vlan
add interface=bridgeLAN name="KHACH VLAN20" vlan-id=20
add interface=bridgeLAN name="NHAN VIEN VLAN10" vlan-id=10
add interface=bridgeLAN name="NOIBO VLAN30" vlan-id=30
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip firewall layer7-protocol
add name="BLOCK DELL" regexp=
/ip pool
add name=dhcp_pool0 ranges=192.168.16.2-192.168.16.254
add name=dhcp_pool1 ranges=10.10.10.2-10.10.10.254
add name=dhcp_pool2 ranges=10.10.20.2-10.10.20.254
add name=dhcp_pool3 ranges=10.10.30.2-10.10.30.254
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=bridgeLAN lease-time=30m \
name="dhcp LAN"
add address-pool=dhcp_pool1 disabled=no interface="NHAN VIEN VLAN10" \
lease-time=30m name=dhcpVLAV10
add address-pool=dhcp_pool2 disabled=no interface="KHACH VLAN20" lease-time=\
30m name=dhcpVLAN20
add address-pool=dhcp_pool3 disabled=no interface="NOIBO VLAN30" lease-time=\
30m name=dhcpVLAN30
/queue type
add kind=pfifo name="GOI TIN TONG" pfifo-limit=100
/queue simple
add max-limit=150M/150M name="TONG BANG THONG" queue=\
"GOI TIN TONG/GOI TIN TONG" target="192.168.16.0/24,KHACH VLAN20"
add name="1- BROWSING CON LAI" packet-marks=\
"BROWSING CONLAI- UPLOAD,BROWSING CONLAI- DOWNLOAD" parent=\
"TONG BANG THONG" priority=1/1 queue=\
pcq-upload-default/pcq-download-default target=\
"192.168.16.0/24,KHACH VLAN20"
add name="3- ICMP" packet-marks="ICMP- UPLOAD,ICMP- DOWNLOAD" parent=\
"TONG BANG THONG" priority=2/2 queue=\
pcq-upload-default/pcq-download-default target=\
"192.168.16.0/24,KHACH VLAN20"
add name="4- DNS" packet-marks="DNS- UPLOAD,DNS- DOWNLOAD" parent=\
"TONG BANG THONG" priority=3/3 queue=\
pcq-upload-default/pcq-download-default target=\
"192.168.16.0/24,KHACH VLAN20"
add max-limit=40M/40M name="5- ALL TRAFFIC" packet-marks="BROWSING- UPLOAD,BRO\
WSING- DOWNLOAD,HEAVY BROWSING- UPLOAD,HEAVY BROWSING- DOWNLOAD,FACEBOOK- \
UPLOAD,FACEBOOK- DOWNLOAD,YOUTUBE- UPLOAD,YOUTUBE- DOWNLOAD,ZALO- UPLOAD,Z\
ALO- DOWNLOAD,INSTAGRAM- UPLOAD,INSTAGRAM- DOWNLOAD,TIKTOK- UPLOAD,TIKTOK-\
\_DOWNLOAD" parent="TONG BANG THONG" priority=3/3 queue=\
"GOI TIN TONG/GOI TIN TONG" target="192.168.16.0/24,KHACH VLAN20"
add name="2. LAN LOCAL" parent="5- ALL TRAFFIC" priority=6/6 queue=\
pcq-upload-default/pcq-download-default target=\
"192.168.16.0/24,KHACH VLAN20"
add name="2- GAME ONLINE" packet-marks=\
"GAME ONLINE- UPLOAD,GAME ONLINE- DOWNLOAD" parent="TONG BANG THONG" \
priority=2/2 queue=pcq-upload-default/pcq-download-default target=\
"192.168.16.0/24,KHACH VLAN20"
/queue tree
add name="TONG BANG THONG" parent=global queue="GOI TIN TONG"
add max-limit=150M name="1- DOWNLOAD" parent="TONG BANG THONG" queue=\
pcq-download-default
add max-limit=150M name="2- UPLOAD" parent="TONG BANG THONG" queue=\
pcq-upload-default
add name="1. BROWSING CONLAI- DOWNLOAD" packet-mark=\
"BROWSING CONLAI- DOWNLOAD" parent="1- DOWNLOAD" priority=1 queue=\
pcq-download-default
add name="2. GAME ONLINE- DOWNLOAD" packet-mark="GAME ONLINE- DOWNLOAD" \
parent="1- DOWNLOAD" priority=2 queue=pcq-download-default
add name="3. ICMP- DOWNLOAD" packet-mark="ICMP- DOWNLOAD" parent=\
"1- DOWNLOAD" priority=2 queue=pcq-download-default
add name="4. DNS- DOWNLOAD" packet-mark="DNS- DOWNLOAD" parent="1- DOWNLOAD" \
priority=3 queue=pcq-download-default
add max-limit=40M name="5. ALL TRAFFIC- DOWNLOAD" parent="1- DOWNLOAD" queue=\
pcq-download-default
add limit-at=10M max-limit=28M name="1- BROWSING- DOWNLOAD" packet-mark=\
"BROWSING- DOWNLOAD" parent="5. ALL TRAFFIC- DOWNLOAD" priority=6 queue=\
pcq-download-default
add limit-at=20M max-limit=28M name="2- HEAVY BROWSING- DOWNLOAD" \
packet-mark="HEAVY BROWSING- DOWNLOAD" parent="5. ALL TRAFFIC- DOWNLOAD" \
priority=5 queue=pcq-download-default
add limit-at=20M max-limit=28M name="3- FACEBOOK- DOWNLOAD" packet-mark=\
"FACEBOOK- DOWNLOAD" parent="5. ALL TRAFFIC- DOWNLOAD" priority=7 queue=\
pcq-download-default
add limit-at=20M max-limit=28M name="4- YOUTUBE- DOWNLOAD" packet-mark=\
"YOUTUBE- DOWNLOAD" parent="5. ALL TRAFFIC- DOWNLOAD" priority=7 queue=\
pcq-download-default
add limit-at=10M max-limit=28M name="5- ZALO- DOWNLOAD" packet-mark=\
"ZALO- DOWNLOAD" parent="5. ALL TRAFFIC- DOWNLOAD" priority=7 queue=\
pcq-download-default
add limit-at=10M max-limit=28M name="6- INSTAGRAM- DOWNLOAD" packet-mark=\
"INSTAGRAM- DOWNLOAD" parent="5. ALL TRAFFIC- DOWNLOAD" priority=7 queue=\
pcq-download-default
add limit-at=10M max-limit=28M name="7- TIKTOK- DOWNLOAD" packet-mark=\
"TIKTOK- DOWNLOAD" parent="5. ALL TRAFFIC- DOWNLOAD" priority=7 queue=\
pcq-download-default
add name="1. BROWSING CONLAI- UPLOAD" packet-mark="BROWSING- UPLOAD" parent=\
"2- UPLOAD" priority=1 queue=pcq-upload-default
add name="2. GAME ONLINE- UPLOAD" packet-mark="GAME ONLINE- UPLOAD" parent=\
"2- UPLOAD" priority=2 queue=pcq-upload-default
add name="3. ICMP- UPLOAD" packet-mark="ICMP- UPLOAD" parent="2- UPLOAD" \
priority=2 queue=pcq-upload-default
add name="4. DNS- UPLOAD" packet-mark="DNS- UPLOAD" parent="2- UPLOAD" \
priority=3 queue=pcq-upload-default
add max-limit=40M name="5. ALL TRAFFIC- UPLOAD" parent="2- UPLOAD" queue=\
pcq-upload-default
add limit-at=20M max-limit=28M name="1- BROWSING- UPLOAD" packet-mark=\
"BROWSING- UPLOAD" parent="5. ALL TRAFFIC- UPLOAD" priority=6 queue=\
pcq-upload-default
add limit-at=20M max-limit=28M name="2- HEAVY BROWSING- UPLOAD" packet-mark=\
"HEAVY BROWSING- UPLOAD" parent="5. ALL TRAFFIC- UPLOAD" priority=5 \
queue=pcq-upload-default
add limit-at=20M max-limit=28M name="3- FACEBOOK- UPLOAD" packet-mark=\
"FACEBOOK- UPLOAD" parent="5. ALL TRAFFIC- UPLOAD" priority=7 queue=\
pcq-upload-default
add limit-at=20M max-limit=28M name="4- YOUTUBE- UPLOAD" packet-mark=\
"YOUTUBE- UPLOAD" parent="5. ALL TRAFFIC- UPLOAD" priority=7 queue=\
pcq-upload-default
add limit-at=10M max-limit=28M name="5- ZALO- UPLOAD" packet-mark=\
"ZALO- UPLOAD" parent="5. ALL TRAFFIC- UPLOAD" priority=7 queue=\
pcq-upload-default
add limit-at=10M max-limit=28M name="6- INSTAGRAM- UPLOAD" packet-mark=\
"INSTAGRAM- UPLOAD" parent="5. ALL TRAFFIC- UPLOAD" priority=7 queue=\
pcq-upload-default
add limit-at=10M max-limit=28M name="7- TIKTOK- UPLOAD" packet-mark=\
"TIKTOK- UPLOAD" parent="5. ALL TRAFFIC- UPLOAD" priority=7 queue=\
pcq-upload-default
/interface bridge port
add bridge=bridgeLAN interface=ether1 multicast-router=disabled
add bridge=bridgeLAN interface=ether3 multicast-router=disabled
add bridge=bridgeLAN interface=ether4 multicast-router=disabled
add bridge=bridgeLAN interface=ether5 multicast-router=disabled
add bridge=bridgeLAN interface=wlan1 multicast-router=disabled
add bridge=bridgeLAN interface=wlan2 multicast-router=disabled
/ip address
add address=192.168.16.1/24 interface=bridgeLAN network=192.168.16.0
add address=10.10.10.1/24 interface="NHAN VIEN VLAN10" network=10.10.10.0
add address=10.10.20.1/24 interface="KHACH VLAN20" network=10.10.20.0
add address=10.10.30.1/24 interface="NOIBO VLAN30" network=10.10.30.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-server lease
add address=192.168.16.23 client-id=1:58:3:fb:9a:e2:29 comment=HIK3 \
mac-address=58:03:FB:9A:E2:29 server="dhcp LAN"
add address=192.168.16.24 client-id=1:58:3:fb:9a:e2:42 comment=HIK4 \
mac-address=58:03:FB:9A:E2:42 server="dhcp LAN"
add address=192.168.16.25 client-id=1:f8:4d:fc:c4:ad:ca comment=HIK5 \
mac-address=F8:4D:FC:C4:AD:CA server="dhcp LAN"
add address=192.168.16.19 client-id=1:4c:b0:8:21:3b:9b comment=IPCAM9 \
mac-address=4C:B0:08:21:3B:9B server="dhcp LAN"
add address=192.168.16.18 client-id=1:4c:b0:8:a4:6:18 comment=IPCAM8 \
mac-address=4C:B0:08:A4:06:18 server="dhcp LAN"
add address=192.168.16.6 client-id=1:0:50:56:0:0:2 comment=\
"NAS POINT OF VIEW" mac-address=00:50:56:00:00:02 server="dhcp LAN"
add address=192.168.16.97 client-id=1:54:48:10:ea:f7:23 comment="DELL WYSE" \
mac-address=54:48:10:EA:F7:23 server="dhcp LAN"
add address=192.168.16.27 client-id=1:ac:cb:51:d:a:5a comment=HIK7 \
mac-address=AC:CB:51:0D:0A:5A server="dhcp LAN"
add address=192.168.16.21 client-id=1:58:3:fb:6b:26:8a comment=HIK1 \
mac-address=58:03:FB:6B:26:8A server="dhcp LAN"
add address=192.168.16.22 client-id=1:94:e1:ac:b8:a7:7b comment=HIK2 \
mac-address=94:E1:AC:B8:A7:7B server="dhcp LAN"
add address=192.168.16.28 client-id=1:ac:cb:51:d:9:86 comment=HIK8 \
mac-address=AC:CB:51:0D:09:86 server="dhcp LAN"
add address=192.168.16.26 client-id=1:f8:4d:fc:c4:ac:55 comment=HIK6 \
mac-address=F8:4D:FC:C4:AC:55 server="dhcp LAN"
add address=192.168.16.93 client-id=1:80:2a:a8:d3:b5:b3 mac-address=\
80:2A:A8
3:B5:B3 server="dhcp LAN"add address=192.168.16.92 client-id=1:80:2a:a8:19:30:1 mac-address=\
80:2A:A8:19:30:01 server="dhcp LAN"
add address=10.10.10.8 client-id=1:34:2e:b6:17:f9:2f comment=VU mac-address=\
34:2E:B6:17:F9:2F server=dhcpVLAV10
add address=10.10.20.2 client-id=1:fe:64:6:bc:81:93 comment=LOI mac-address=\
FE:64:06:BC:81:93 server=dhcpVLAN20
add address=10.10.20.8 client-id=1:34:2e:b6:17:f9:2f mac-address=\
34:2E:B6:17:F9:2F server=dhcpVLAN20
add address=10.10.10.4 client-id=1:6:7:3b:45:bc:85 comment=HONG mac-address=\
06:07:3B:45:BC:85 server=dhcpVLAV10
add address=10.10.10.5 client-id=1:86:1b:40:e5:27:b0 comment=TAN mac-address=\
86:1B:40:E5:27:B0 server=dhcpVLAV10
add address=10.10.10.3 client-id=1:4:b1:67:6f:df:94 comment=TUYEN \
mac-address=04:B1:67:6F
F:94 server=dhcpVLAV10/ip dhcp-server network
add address=10.10.10.0/24 gateway=10.10.10.1
add address=10.10.20.0/24 gateway=10.10.20.1
add address=10.10.30.0/24 gateway=10.10.30.1
add address=192.168.16.0/24 gateway=192.168.16.1
/ip dns
set servers=1.1.1.1,1.0.0.1,8.8.8.8,8.8.4.4
/ip firewall address-list
add address=192.168.16.0/24 list="IP LAN"
add address=10.10.20.0/24 list="IP LAN"
/ip firewall filter
add action=drop chain=forward dst-address=192.168.16.0/24 src-address=\
10.10.20.0/24
add action=drop chain=forward disabled=yes layer7-protocol="!BLOCK DELL" \
protocol=tcp src-address=192.168.16.97
add action=drop chain=forward disabled=yes layer7-protocol="!BLOCK DELL" \
protocol=udp src-address=192.168.16.97
/ip firewall mangle
add action=accept chain=prerouting comment=QOS dst-address-list=CONNECTED \
src-address-list=CONNECTED
add action=accept chain=forward dst-address-list=CONNECTED src-address-list=\
CONNECTED
add action=mark-connection chain=postrouting comment="KET NOI BROWSING" \
dst-address-list="IP BROWSING" new-connection-mark=BROWSING passthrough=\
yes src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark=BROWSING \
dst-address-list="IP LAN" in-interface=pppoe-VNPT new-packet-mark=\
"BROWSING- DOWNLOAD" passthrough=no
add action=mark-packet chain=forward connection-mark=BROWSING \
new-packet-mark="BROWSING- UPLOAD" out-interface=pppoe-VNPT passthrough=\
no src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark="BROWSING CONLAI" \
dst-address-list="IP LAN" in-interface=pppoe-VNPT new-packet-mark=\
"BROWSING CONLAI- DOWNLOAD" passthrough=no
add action=mark-packet chain=forward connection-mark="BROWSING CONLAI" \
new-packet-mark="BROWSING CONLAI- UPLOAD" out-interface=pppoe-VNPT \
passthrough=no src-address-list="IP LAN"
add action=mark-connection chain=postrouting comment="KET NOI HEAVY BROWSING" \
connection-mark=BROWSING connection-rate=2048k-40M dst-address-list=\
!CONNECTED new-connection-mark="HEAVY BROWSING" passthrough=yes \
src-address-list="IP LAN"
add action=mark-connection chain=prerouting connection-mark="BROWSING CONLAI" \
connection-rate=2048k-40M dst-address-list=!CONNECTED \
new-connection-mark="HEAVY BROWSING" passthrough=yes src-address-list=\
"IP LAN"
add action=mark-packet chain=forward connection-mark="HEAVY BROWSING" \
new-packet-mark="HEAVY BROWSING- UPLOAD" out-interface=pppoe-VNPT \
passthrough=no src-address-list="IP LAN"
add action=mark-connection chain=prerouting comment="KET NOI ICMP" \
dst-address-list=!CONNECTED new-connection-mark=ICMP passthrough=yes \
protocol=icmp src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark=ICMP dst-address-list=\
"IP LAN" in-interface=pppoe-VNPT new-packet-mark="ICMP- DOWNLOAD" \
passthrough=no
add action=mark-packet chain=forward connection-mark=ICMP new-packet-mark=\
"ICMP- UPLOAD" out-interface=pppoe-VNPT passthrough=no src-address-list=\
"IP LAN"
add action=mark-connection chain=prerouting comment="KET NOI DNS" \
connection-mark=!BROWSING dst-address-list=!CONNECTED dst-port=53 \
new-connection-markNS passthrough=yes protocol=tcp src-address-list=\
"IP LAN"
add action=mark-connection chain=prerouting connection-mark=!BROWSING \
dst-address-list=!CONNECTED dst-port=53 new-connection-markNS \
passthrough=yes protocol=udp src-address-list="IP LAN"
add action=mark-packet chain=forward connection-markNS dst-address-list=\
"IP LAN" in-interface=pppoe-VNPT new-packet-mark="DNS- DOWNLOAD" \
passthrough=no
add action=mark-packet chain=forward connection-markNS new-packet-mark=\
"DNS- UPLOAD" out-interface=pppoe-VNPT passthrough=no src-address-list=\
"IP LAN"
add action=mark-connection chain=postrouting comment="KET NOI FACEBOOK" \
dst-address-list="IP FACEBOOK" new-connection-mark=FACEBOOK passthrough=\
yes src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark=FACEBOOK \
dst-address-list="IP LAN" in-interface=pppoe-VNPT new-packet-mark=\
"FACEBOOK- DOWNLOAD" passthrough=no
add action=mark-packet chain=forward connection-mark=FACEBOOK \
new-packet-mark="FACEBOOK- UPLOAD" out-interface=pppoe-VNPT passthrough=\
no src-address-list="IP LAN"
add action=mark-connection chain=postrouting comment="KET NOI YOUTUBE" \
dst-address-list="IP YOUTUBE" new-connection-mark=YOUTUBE passthrough=yes \
src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark=YOUTUBE \
dst-address-list="IP LAN" in-interface=pppoe-VNPT new-packet-mark=\
"YOUTUBE- DOWNLOAD" passthrough=no
add action=mark-packet chain=forward connection-mark=YOUTUBE new-packet-mark=\
"YOUTUBE- UPLOAD" out-interface=pppoe-VNPT passthrough=no \
src-address-list="IP LAN"
add action=mark-connection chain=postrouting comment="KET NOI ZALO" \
dst-address-list="IP ZALO" new-connection-mark=ZALO passthrough=yes \
src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark=ZALO dst-address-list=\
"IP LAN" in-interface=pppoe-VNPT new-packet-mark="ZALO- DOWNLOAD" \
passthrough=no
add action=mark-packet chain=forward connection-mark=ZALO new-packet-mark=\
"ZALO- UPLOAD" out-interface=pppoe-VNPT passthrough=no src-address-list=\
"IP LAN"
add action=mark-connection chain=postrouting comment="KET NOI INSTAGRAM" \
dst-address-list="IP INSTAGRAM" new-connection-mark=INSTAGRAM \
passthrough=yes src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark=INSTAGRAM \
dst-address-list="IP LAN" in-interface=pppoe-VNPT new-packet-mark=\
"INSTAGRAM- DOWNLOAD" passthrough=no
add action=mark-packet chain=forward connection-mark=INSTAGRAM \
new-packet-mark="INSTAGRAM- UPLOAD" out-interface=pppoe-VNPT passthrough=\
no src-address-list="IP LAN"
add action=mark-connection chain=postrouting comment="KET NOI TIKTOK" \
dst-address-list="IP TIKTOK" new-connection-mark=TIKTOK passthrough=yes \
src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark=TIKTOK dst-address-list=\
"IP LAN" in-interface=pppoe-VNPT new-packet-mark="TIKTOK- DOWNLOAD" \
passthrough=no
add action=mark-packet chain=forward connection-mark=TIKTOK new-packet-mark=\
"TIKTOK- UPLOAD" out-interface=pppoe-VNPT passthrough=no \
src-address-list="IP LAN"
add action=mark-connection chain=postrouting comment="KET NOI GAME ONLINE" \
connection-mark=!BROWSING dst-address-list="IP GAME" new-connection-mark=\
"GAME ONLINE" passthrough=yes src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark="GAME ONLINE" \
dst-address-list="IP LAN" in-interface=pppoe-VNPT new-packet-mark=\
"GAME ONLINE- DOWNLOAD" passthrough=no
add action=mark-packet chain=forward connection-mark="GAME ONLINE" \
new-packet-mark="GAME ONLINE- UPLOAD" out-interface=pppoe-VNPT \
passthrough=no src-address-list="IP LAN"
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-VNPT src-address=\
192.168.16.0/24
add action=masquerade chain=srcnat out-interface=pppoe-VNPT src-address=\
10.10.20.0/24
add action=dst-nat chain=dstnat comment="MO PROT NAS" dst-port=5000 \
in-interface=pppoe-VNPT protocol=tcp to-addresses=192.168.16.6 to-ports=\
5000
add action=dst-nat chain=dstnat dst-port=6990 in-interface=pppoe-VNPT \
protocol=tcp to-addresses=192.168.16.6 to-ports=6990
add action=dst-nat chain=dstnat dst-port=6690 in-interface=pppoe-VNPT \
protocol=tcp to-addresses=192.168.16.6 to-ports=6690
add action=dst-nat chain=dstnat dst-port=5001 in-interface=pppoe-VNPT \
protocol=tcp to-addresses=192.168.16.6 to-ports=5001
add action=dst-nat chain=dstnat dst-port=8443 in-interface=pppoe-VNPT \
protocol=tcp to-addresses=192.168.16.6 to-ports=8443
/ip firewall raw
add action=add-dst-to-address-list address-list="IP BROWSING" \
address-list-timeout=30m chain=prerouting comment="IP BROWSING" \
dst-address-list=!CONNECTED dst-port=\
80,81,443,8000-8081,21,22,23,81,88,5050,843,182,53 protocol=tcp \
src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP BROWSING" \
address-list-timeout=30m chain=prerouting dst-address-list=!CONNECTED \
dst-port=80,81,443,8000-8081,21,22,23,81,88,5050,843,182,53 protocol=udp \
src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP YOUTUBE" \
address-list-timeout=30m chain=prerouting comment="IP YOUTUBE" content=\
googlevideo.com dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP YOUTUBE" \
address-list-timeout=30m chain=prerouting content=.youtube \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP YOUTUBE" \
address-list-timeout=30m chain=prerouting content=ytimg.com \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP FACEBOOK" \
address-list-timeout=30m chain=prerouting comment="IP FACEBOOK" content=\
.facebook.com dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP FACEBOOK" \
address-list-timeout=30m chain=prerouting content=.facebook.net \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP FACEBOOK" \
address-list-timeout=30m chain=prerouting content=.fbcdn.net \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP ZALO" \
address-list-timeout=30m chain=prerouting comment="IP ZALO" content=\
.chat.zalo.me dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP ZALO" \
address-list-timeout=30m chain=prerouting content=.zalo.me \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP ZALO" \
address-list-timeout=30m chain=prerouting content=log.api.zaloapp.com \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP ZALO" \
address-list-timeout=30m chain=prerouting content=.zadn.vn \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP INSTAGRAM" \
address-list-timeout=30m chain=prerouting comment="IP INSTAGRAM" content=\
.cdninstagram.com dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP INSTAGRAM" \
address-list-timeout=30m chain=prerouting content=\
scontent-sin6-2.cdninstagram.com dst-address-list=!CONNECTED \
src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP INSTAGRAM" \
address-list-timeout=30m chain=prerouting content=.instagram.com \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP TIKTOK" \
address-list-timeout=30m chain=prerouting comment="IP TIKTOK" content=\
tiktokcdn.com dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP TIKTOK" \
address-list-timeout=30m chain=prerouting content=tiktokv.com \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP TIKTOK" \
address-list-timeout=30m chain=prerouting content=.amemv.com \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP TIKTOK" \
address-list-timeout=30m chain=prerouting content=.musical.ly \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP GAME" \
address-list-timeout=1h chain=prerouting comment="GAME: AOV - LIEN QUAN" \
dst-address-list=!CONNECTED dst-port=10001-10094 protocol=tcp \
src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP GAME" \
address-list-timeout=1h chain=prerouting dst-address-list=!CONNECTED \
dst-port=10101-10201,10080-10110,17000-18000 protocol=udp \
src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP GAME" \
address-list-timeout=1h chain=prerouting comment="GAME: FREE FIRE" \
dst-address-list=!CONNECTED dst-port=7006,14000,20561,39698,39779,39003 \
protocol=tcp src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP GAME" \
address-list-timeout=1h chain=prerouting dst-address-list=!CONNECTED \
dst-port=7008,10000-10009,17000 protocol=udp src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP GAME" \
address-list-timeout=1h chain=prerouting comment="GAME: MOBILE LEGENDS" \
dst-address-list=!CONNECTED dst-port=\
5000-5508,5551-5558,5601-5608,5651-5658,30097-30147,9000-9010 protocol=\
tcp src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP GAME" \
address-list-timeout=1h chain=prerouting dst-address-list=!CONNECTED \
dst-port=5000-5200,5500-5700,8001,30000-30300,9000-9010 protocol=udp \
src-address-list="IP LAN"
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system clock
set time-zone-name=Asia/Ho_Chi_Minh
/system ntp client
set enabled=yes primary-ntp=216.239.35.8
/system routerboard settings
set auto-upgrade=yes
add address=192.168.16.0/24 list="IP LAN"
add address=10.10.20.0/24 list="IP LAN"
/ip firewall filter
add action=drop chain=forward dst-address=192.168.16.0/24 src-address=\
10.10.20.0/24
add action=drop chain=forward disabled=yes layer7-protocol="!BLOCK DELL" \
protocol=tcp src-address=192.168.16.97
add action=drop chain=forward disabled=yes layer7-protocol="!BLOCK DELL" \
protocol=udp src-address=192.168.16.97
/ip firewall mangle
add action=accept chain=prerouting comment=QOS dst-address-list=CONNECTED \
src-address-list=CONNECTED
add action=accept chain=forward dst-address-list=CONNECTED src-address-list=\
CONNECTED
add action=mark-connection chain=postrouting comment="KET NOI BROWSING" \
dst-address-list="IP BROWSING" new-connection-mark=BROWSING passthrough=\
yes src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark=BROWSING \
dst-address-list="IP LAN" in-interface=pppoe-VNPT new-packet-mark=\
"BROWSING- DOWNLOAD" passthrough=no
add action=mark-packet chain=forward connection-mark=BROWSING \
new-packet-mark="BROWSING- UPLOAD" out-interface=pppoe-VNPT passthrough=\
no src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark="BROWSING CONLAI" \
dst-address-list="IP LAN" in-interface=pppoe-VNPT new-packet-mark=\
"BROWSING CONLAI- DOWNLOAD" passthrough=no
add action=mark-packet chain=forward connection-mark="BROWSING CONLAI" \
new-packet-mark="BROWSING CONLAI- UPLOAD" out-interface=pppoe-VNPT \
passthrough=no src-address-list="IP LAN"
add action=mark-connection chain=postrouting comment="KET NOI HEAVY BROWSING" \
connection-mark=BROWSING connection-rate=2048k-40M dst-address-list=\
!CONNECTED new-connection-mark="HEAVY BROWSING" passthrough=yes \
src-address-list="IP LAN"
add action=mark-connection chain=prerouting connection-mark="BROWSING CONLAI" \
connection-rate=2048k-40M dst-address-list=!CONNECTED \
new-connection-mark="HEAVY BROWSING" passthrough=yes src-address-list=\
"IP LAN"
add action=mark-packet chain=forward connection-mark="HEAVY BROWSING" \
new-packet-mark="HEAVY BROWSING- UPLOAD" out-interface=pppoe-VNPT \
passthrough=no src-address-list="IP LAN"
add action=mark-connection chain=prerouting comment="KET NOI ICMP" \
dst-address-list=!CONNECTED new-connection-mark=ICMP passthrough=yes \
protocol=icmp src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark=ICMP dst-address-list=\
"IP LAN" in-interface=pppoe-VNPT new-packet-mark="ICMP- DOWNLOAD" \
passthrough=no
add action=mark-packet chain=forward connection-mark=ICMP new-packet-mark=\
"ICMP- UPLOAD" out-interface=pppoe-VNPT passthrough=no src-address-list=\
"IP LAN"
add action=mark-connection chain=prerouting comment="KET NOI DNS" \
connection-mark=!BROWSING dst-address-list=!CONNECTED dst-port=53 \
new-connection-mark
NS passthrough=yes protocol=tcp src-address-list=\"IP LAN"
add action=mark-connection chain=prerouting connection-mark=!BROWSING \
dst-address-list=!CONNECTED dst-port=53 new-connection-mark
NS \passthrough=yes protocol=udp src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark
NS dst-address-list=\"IP LAN" in-interface=pppoe-VNPT new-packet-mark="DNS- DOWNLOAD" \
passthrough=no
add action=mark-packet chain=forward connection-mark
NS new-packet-mark=\"DNS- UPLOAD" out-interface=pppoe-VNPT passthrough=no src-address-list=\
"IP LAN"
add action=mark-connection chain=postrouting comment="KET NOI FACEBOOK" \
dst-address-list="IP FACEBOOK" new-connection-mark=FACEBOOK passthrough=\
yes src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark=FACEBOOK \
dst-address-list="IP LAN" in-interface=pppoe-VNPT new-packet-mark=\
"FACEBOOK- DOWNLOAD" passthrough=no
add action=mark-packet chain=forward connection-mark=FACEBOOK \
new-packet-mark="FACEBOOK- UPLOAD" out-interface=pppoe-VNPT passthrough=\
no src-address-list="IP LAN"
add action=mark-connection chain=postrouting comment="KET NOI YOUTUBE" \
dst-address-list="IP YOUTUBE" new-connection-mark=YOUTUBE passthrough=yes \
src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark=YOUTUBE \
dst-address-list="IP LAN" in-interface=pppoe-VNPT new-packet-mark=\
"YOUTUBE- DOWNLOAD" passthrough=no
add action=mark-packet chain=forward connection-mark=YOUTUBE new-packet-mark=\
"YOUTUBE- UPLOAD" out-interface=pppoe-VNPT passthrough=no \
src-address-list="IP LAN"
add action=mark-connection chain=postrouting comment="KET NOI ZALO" \
dst-address-list="IP ZALO" new-connection-mark=ZALO passthrough=yes \
src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark=ZALO dst-address-list=\
"IP LAN" in-interface=pppoe-VNPT new-packet-mark="ZALO- DOWNLOAD" \
passthrough=no
add action=mark-packet chain=forward connection-mark=ZALO new-packet-mark=\
"ZALO- UPLOAD" out-interface=pppoe-VNPT passthrough=no src-address-list=\
"IP LAN"
add action=mark-connection chain=postrouting comment="KET NOI INSTAGRAM" \
dst-address-list="IP INSTAGRAM" new-connection-mark=INSTAGRAM \
passthrough=yes src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark=INSTAGRAM \
dst-address-list="IP LAN" in-interface=pppoe-VNPT new-packet-mark=\
"INSTAGRAM- DOWNLOAD" passthrough=no
add action=mark-packet chain=forward connection-mark=INSTAGRAM \
new-packet-mark="INSTAGRAM- UPLOAD" out-interface=pppoe-VNPT passthrough=\
no src-address-list="IP LAN"
add action=mark-connection chain=postrouting comment="KET NOI TIKTOK" \
dst-address-list="IP TIKTOK" new-connection-mark=TIKTOK passthrough=yes \
src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark=TIKTOK dst-address-list=\
"IP LAN" in-interface=pppoe-VNPT new-packet-mark="TIKTOK- DOWNLOAD" \
passthrough=no
add action=mark-packet chain=forward connection-mark=TIKTOK new-packet-mark=\
"TIKTOK- UPLOAD" out-interface=pppoe-VNPT passthrough=no \
src-address-list="IP LAN"
add action=mark-connection chain=postrouting comment="KET NOI GAME ONLINE" \
connection-mark=!BROWSING dst-address-list="IP GAME" new-connection-mark=\
"GAME ONLINE" passthrough=yes src-address-list="IP LAN"
add action=mark-packet chain=forward connection-mark="GAME ONLINE" \
dst-address-list="IP LAN" in-interface=pppoe-VNPT new-packet-mark=\
"GAME ONLINE- DOWNLOAD" passthrough=no
add action=mark-packet chain=forward connection-mark="GAME ONLINE" \
new-packet-mark="GAME ONLINE- UPLOAD" out-interface=pppoe-VNPT \
passthrough=no src-address-list="IP LAN"
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-VNPT src-address=\
192.168.16.0/24
add action=masquerade chain=srcnat out-interface=pppoe-VNPT src-address=\
10.10.20.0/24
add action=dst-nat chain=dstnat comment="MO PROT NAS" dst-port=5000 \
in-interface=pppoe-VNPT protocol=tcp to-addresses=192.168.16.6 to-ports=\
5000
add action=dst-nat chain=dstnat dst-port=6990 in-interface=pppoe-VNPT \
protocol=tcp to-addresses=192.168.16.6 to-ports=6990
add action=dst-nat chain=dstnat dst-port=6690 in-interface=pppoe-VNPT \
protocol=tcp to-addresses=192.168.16.6 to-ports=6690
add action=dst-nat chain=dstnat dst-port=5001 in-interface=pppoe-VNPT \
protocol=tcp to-addresses=192.168.16.6 to-ports=5001
add action=dst-nat chain=dstnat dst-port=8443 in-interface=pppoe-VNPT \
protocol=tcp to-addresses=192.168.16.6 to-ports=8443
/ip firewall raw
add action=add-dst-to-address-list address-list="IP BROWSING" \
address-list-timeout=30m chain=prerouting comment="IP BROWSING" \
dst-address-list=!CONNECTED dst-port=\
80,81,443,8000-8081,21,22,23,81,88,5050,843,182,53 protocol=tcp \
src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP BROWSING" \
address-list-timeout=30m chain=prerouting dst-address-list=!CONNECTED \
dst-port=80,81,443,8000-8081,21,22,23,81,88,5050,843,182,53 protocol=udp \
src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP YOUTUBE" \
address-list-timeout=30m chain=prerouting comment="IP YOUTUBE" content=\
googlevideo.com dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP YOUTUBE" \
address-list-timeout=30m chain=prerouting content=.youtube \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP YOUTUBE" \
address-list-timeout=30m chain=prerouting content=ytimg.com \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP FACEBOOK" \
address-list-timeout=30m chain=prerouting comment="IP FACEBOOK" content=\
.facebook.com dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP FACEBOOK" \
address-list-timeout=30m chain=prerouting content=.facebook.net \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP FACEBOOK" \
address-list-timeout=30m chain=prerouting content=.fbcdn.net \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP ZALO" \
address-list-timeout=30m chain=prerouting comment="IP ZALO" content=\
.chat.zalo.me dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP ZALO" \
address-list-timeout=30m chain=prerouting content=.zalo.me \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP ZALO" \
address-list-timeout=30m chain=prerouting content=log.api.zaloapp.com \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP ZALO" \
address-list-timeout=30m chain=prerouting content=.zadn.vn \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP INSTAGRAM" \
address-list-timeout=30m chain=prerouting comment="IP INSTAGRAM" content=\
.cdninstagram.com dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP INSTAGRAM" \
address-list-timeout=30m chain=prerouting content=\
scontent-sin6-2.cdninstagram.com dst-address-list=!CONNECTED \
src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP INSTAGRAM" \
address-list-timeout=30m chain=prerouting content=.instagram.com \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP TIKTOK" \
address-list-timeout=30m chain=prerouting comment="IP TIKTOK" content=\
tiktokcdn.com dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP TIKTOK" \
address-list-timeout=30m chain=prerouting content=tiktokv.com \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP TIKTOK" \
address-list-timeout=30m chain=prerouting content=.amemv.com \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP TIKTOK" \
address-list-timeout=30m chain=prerouting content=.musical.ly \
dst-address-list=!CONNECTED src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP GAME" \
address-list-timeout=1h chain=prerouting comment="GAME: AOV - LIEN QUAN" \
dst-address-list=!CONNECTED dst-port=10001-10094 protocol=tcp \
src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP GAME" \
address-list-timeout=1h chain=prerouting dst-address-list=!CONNECTED \
dst-port=10101-10201,10080-10110,17000-18000 protocol=udp \
src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP GAME" \
address-list-timeout=1h chain=prerouting comment="GAME: FREE FIRE" \
dst-address-list=!CONNECTED dst-port=7006,14000,20561,39698,39779,39003 \
protocol=tcp src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP GAME" \
address-list-timeout=1h chain=prerouting dst-address-list=!CONNECTED \
dst-port=7008,10000-10009,17000 protocol=udp src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP GAME" \
address-list-timeout=1h chain=prerouting comment="GAME: MOBILE LEGENDS" \
dst-address-list=!CONNECTED dst-port=\
5000-5508,5551-5558,5601-5608,5651-5658,30097-30147,9000-9010 protocol=\
tcp src-address-list="IP LAN"
add action=add-dst-to-address-list address-list="IP GAME" \
address-list-timeout=1h chain=prerouting dst-address-list=!CONNECTED \
dst-port=5000-5200,5500-5700,8001,30000-30300,9000-9010 protocol=udp \
src-address-list="IP LAN"
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system clock
set time-zone-name=Asia/Ho_Chi_Minh
/system ntp client
set enabled=yes primary-ntp=216.239.35.8
/system routerboard settings
set auto-upgrade=yes
Rối thím ơi. thím rành xem dùm em cần chỉnh gì ko
VN.Classic
Member
thanks bác,
Thím pm cho mình cái giá của thím đi, được thì mình xúc về vọc chơi
via theNEXTvoz for iPhone
tmk1207
Senior Member
tuanlm
Senior Member
mình check lại toàn bộ hệ thống, cắm lại dây thì phát hiện có 2 tb phát wifi nó làm loop mạng bac ạ. mình cô lập 2 thiết bị đó thì mạng bình thường ạ
ceibga
Đã tốn tiền
Lại là em đây
Vừa múc CCR1036-12G-4S-EM, bản 8GB 36 core CPU, dual PSU, 1200 bai đần
Sếp chê RB4011 với CCR1009 rẻ quá, chắc là đồ đểu, nên là múc cho sếp coi con khủng nhất của Mik luôn cho sếp vừa ý
Cao hơn có con 1072 nhưng là cổng SFP ko tính
Vừa loay hoay lắp lên giá, mới kết nối mạng được thôi, chưa set up gì nữa cả. Ko biết liệu có setup thành công cho nó ko nữa, ko được thì ăn cám
Sếp chê RB4011 với CCR1009 rẻ quá, chắc là đồ đểu, nên là múc cho sếp coi con khủng nhất của Mik luôn cho sếp vừa ý
Vừa loay hoay lắp lên giá, mới kết nối mạng được thôi, chưa set up gì nữa cả. Ko biết liệu có setup thành công cho nó ko nữa, ko được thì ăn cám
sếp chịu chơi quáLại là em đâyVừa múc CCR1036-12G-4S-EM, bản 8GB 36 core CPU, dual PSU, 1200 bai đần
Sếp chê RB4011 với CCR1009 rẻ quá, chắc là đồ đểu, nên là múc cho sếp coi con khủng nhất của Mik luôn cho sếp vừa ýCao hơn có con 1072 nhưng là cổng SFP ko tính
Vừa loay hoay lắp lên giá, mới kết nối mạng được thôi, chưa set up gì nữa cả. Ko biết liệu có setup thành công cho nó ko nữa, ko được thì ăn cám
xem sếp có con gái không thím.
tmk1207
Senior Member
Lại là em đâyVừa múc CCR1036-12G-4S-EM, bản 8GB 36 core CPU, dual PSU, 1200 bai đần
Sếp chê RB4011 với CCR1009 rẻ quá, chắc là đồ đểu, nên là múc cho sếp coi con khủng nhất của Mik luôn cho sếp vừa ýCao hơn có con 1072 nhưng là cổng SFP ko tính
Vừa loay hoay lắp lên giá, mới kết nối mạng được thôi, chưa set up gì nữa cả. Ko biết liệu có setup thành công cho nó ko nữa, ko được thì ăn cám
View attachment 432835
View attachment 432837
@anhyeuviolet sếp nhà ngta nè em
ppptran
Senior Member
Thơm.Lại là em đâyVừa múc CCR1036-12G-4S-EM, bản 8GB 36 core CPU, dual PSU, 1200 bai đần
Sếp chê RB4011 với CCR1009 rẻ quá, chắc là đồ đểu, nên là múc cho sếp coi con khủng nhất của Mik luôn cho sếp vừa ýCao hơn có con 1072 nhưng là cổng SFP ko tính
Vừa loay hoay lắp lên giá, mới kết nối mạng được thôi, chưa set up gì nữa cả. Ko biết liệu có setup thành công cho nó ko nữa, ko được thì ăn cám
View attachment 432835
View attachment 432837
Con này power 2 của nó là AC hay DC vậy thím ?
ceibga
Đã tốn tiền
Cả 2 đều là AC thím nhé
L.A.D.Y
Senior Member
sếp nhà người ta,còn đm thằng phó tổng cty em còn tự hì hục sửa máy tính
anhyeuviolet
Đã tốn tiền
Sếp this sếp thatsếp nhà người ta,còn đm thằng phó tổng cty em còn tự hì hục sửa máy tính
