feat: migrasi mangle ke connection mark 2-tahap (stabil saat ip-lokal refresh)
This commit is contained in:
Wartana
@@ -40,6 +40,7 @@ def update_mangle_and_queue():
|
||||
# 1. CLEANUP (Hapus Mangle Mark-Packet, Queue Type 1/2 lama kalo ada, Queue Tree Lokal, dll jika script dijalankan berulang)
|
||||
print("Membersihkan Mangle & Queue peninggalan lama...")
|
||||
cleanup_script = """
|
||||
/ip/firewall/mangle/remove [find chain=forward action=mark-connection]
|
||||
/ip/firewall/mangle/remove [find chain=forward action=mark-packet]
|
||||
/queue/tree/remove [find name~"_LOKAL"]
|
||||
/queue/tree/remove [find name~"_local"]
|
||||
@@ -82,12 +83,16 @@ def update_mangle_and_queue():
|
||||
commands.append("/ip/firewall/mangle/add action=mark-packet chain=forward src-address-list=EXPIRED new-packet-mark=EXPIRED_ul passthrough=no")
|
||||
# Queue Tree EXPIRED sudah ada di 178 eksisting, jadi kita tak ubah
|
||||
|
||||
# PROFIL HEMAT (Bypass LOKAL penuh, Tidak di split speed)
|
||||
# Catatan: Hemat itu "Up to X", kita biarkan max-limit ikut apa yang ada di tree. Intinya LOKAL 5G loss, INT nya biarkan seperti biasa max-limit 3G (PCQ default hemat 6M).
|
||||
commands.append("/ip/firewall/mangle/add action=mark-packet chain=forward dst-address-list=hemat src-address-list=!ip-lokal new-packet-mark=hemat_dl passthrough=no")
|
||||
commands.append("/ip/firewall/mangle/add action=mark-packet chain=forward src-address-list=hemat dst-address-list=!ip-lokal new-packet-mark=hemat_ul passthrough=no")
|
||||
commands.append("/ip/firewall/mangle/add action=mark-packet chain=forward dst-address-list=hemat src-address-list=ip-lokal new-packet-mark=hemat_dl_local passthrough=no")
|
||||
commands.append("/ip/firewall/mangle/add action=mark-packet chain=forward src-address-list=hemat dst-address-list=ip-lokal new-packet-mark=hemat_ul_local passthrough=no")
|
||||
# PROFIL HEMAT (Connection Mark)
|
||||
# Tahap 1: Mark connection lokal
|
||||
commands.append("/ip/firewall/mangle/add action=mark-connection chain=forward dst-address-list=hemat src-address-list=ip-lokal new-connection-mark=conn_hemat_local passthrough=yes")
|
||||
commands.append("/ip/firewall/mangle/add action=mark-connection chain=forward src-address-list=hemat dst-address-list=ip-lokal new-connection-mark=conn_hemat_local passthrough=yes")
|
||||
# Tahap 2a: Packet mark lokal (berdasarkan connection mark)
|
||||
commands.append("/ip/firewall/mangle/add action=mark-packet chain=forward connection-mark=conn_hemat_local dst-address-list=hemat new-packet-mark=hemat_dl_local passthrough=no")
|
||||
commands.append("/ip/firewall/mangle/add action=mark-packet chain=forward connection-mark=conn_hemat_local src-address-list=hemat new-packet-mark=hemat_ul_local passthrough=no")
|
||||
# Tahap 2b: Packet mark international (catch-all)
|
||||
commands.append("/ip/firewall/mangle/add action=mark-packet chain=forward dst-address-list=hemat new-packet-mark=hemat_dl passthrough=no")
|
||||
commands.append("/ip/firewall/mangle/add action=mark-packet chain=forward src-address-list=hemat new-packet-mark=hemat_ul passthrough=no")
|
||||
# Child Queue Lokal HEMAT
|
||||
commands.append("/queue/tree/add max-limit=5G name=hemat_dl_local packet-mark=hemat_dl_local parent=1_all_dl_Dimensi_LOKAL queue=hemat_dl_6m")
|
||||
commands.append("/queue/tree/add max-limit=5G name=hemat_ul_local packet-mark=hemat_ul_local parent=5_all_ul_Dimensi_LOKAL queue=hemat_ul_6m")
|
||||
@@ -108,12 +113,20 @@ def update_mangle_and_queue():
|
||||
dl_loc = f"{name}_dl_local"
|
||||
up_loc = f"{name}_ul_local"
|
||||
|
||||
# 1. BIKIN MANGLE INT (!ip-lokal) & LOKAL (ip-lokal)
|
||||
commands.append(f"/ip/firewall/mangle/add action=mark-packet chain=forward dst-address-list={name} src-address-list=!ip-lokal new-packet-mark={dl_int} passthrough=no")
|
||||
commands.append(f"/ip/firewall/mangle/add action=mark-packet chain=forward src-address-list={name} dst-address-list=!ip-lokal new-packet-mark={up_int} passthrough=no")
|
||||
# 1. MANGLE CONNECTION MARK + PACKET MARK (2-tahap)
|
||||
conn_mark = f"conn_{name}_local"
|
||||
|
||||
commands.append(f"/ip/firewall/mangle/add action=mark-packet chain=forward dst-address-list={name} src-address-list=ip-lokal new-packet-mark={dl_loc} passthrough=no")
|
||||
commands.append(f"/ip/firewall/mangle/add action=mark-packet chain=forward src-address-list={name} dst-address-list=ip-lokal new-packet-mark={up_loc} passthrough=no")
|
||||
# Tahap 1: Mark connection lokal (passthrough=yes → lanjut ke rule berikut)
|
||||
commands.append(f"/ip/firewall/mangle/add action=mark-connection chain=forward dst-address-list={name} src-address-list=ip-lokal new-connection-mark={conn_mark} passthrough=yes")
|
||||
commands.append(f"/ip/firewall/mangle/add action=mark-connection chain=forward src-address-list={name} dst-address-list=ip-lokal new-connection-mark={conn_mark} passthrough=yes")
|
||||
|
||||
# Tahap 2a: Packet mark LOKAL (berdasarkan connection mark, passthrough=no)
|
||||
commands.append(f"/ip/firewall/mangle/add action=mark-packet chain=forward connection-mark={conn_mark} dst-address-list={name} new-packet-mark={dl_loc} passthrough=no")
|
||||
commands.append(f"/ip/firewall/mangle/add action=mark-packet chain=forward connection-mark={conn_mark} src-address-list={name} new-packet-mark={up_loc} passthrough=no")
|
||||
|
||||
# Tahap 2b: Packet mark INTERNATIONAL (catch-all, sisa yang belum ter-mark)
|
||||
commands.append(f"/ip/firewall/mangle/add action=mark-packet chain=forward dst-address-list={name} new-packet-mark={dl_int} passthrough=no")
|
||||
commands.append(f"/ip/firewall/mangle/add action=mark-packet chain=forward src-address-list={name} new-packet-mark={up_int} passthrough=no")
|
||||
|
||||
# 2. UBAH/BUAT BIKIN QUEUE TYPES SETENGAH (Hanya jika belum ada).
|
||||
# Kita menggunakan _half sebagai penanda
|
||||
|
||||
Reference in New Issue
Block a user