知道會死不知道這樣死! 他下車看見「追撞夾死鵝」傻眼無言
胡男把雞鵝懸掛在車外,結果被後車追撞全死了。翻攝自微博
個人積分:524629分
文章編號:92911449
個人積分:406908分
文章編號:92911493
個人積分:75847分
文章編號:92911838
--
/ip firewall address-list
add address=45.90.28.0/24 comment="NextDNS-Primary DNS Server" list=\
"NextDNS DNS-Servers"
add address=45.90.30.0/24 comment="NextDNS-Secondary DNS Server" list=\
"NextDNS DNS-Servers"
/ip firewall mangle
add action=change-mss chain=forward comment="TCP MSS Clamping: Forward" \
new-mss=clamp-to-pmtu protocol=tcp tcp-flags=syn
add action=change-mss chain=output comment="TCP MSS Clamping: Router Self" \
new-mss=clamp-to-pmtu protocol=tcp tcp-flags=syn
add action=change-dscp chain=prerouting comment=\
"Clean up externally introduced DSCP contamination" in-interface-list=WAN \
new-dscp=0
add action=jump chain=forward comment="Jump to Classify new connections" \
connection-state=new jump-target=classify-conn
add action=jump chain=output connection-state=new jump-target=classify-conn
add action=mark-connection chain=classify-conn comment="T1: DNS/ICMP/NTP" \
new-connection-mark=conn-Tin1 passthrough=no protocol=icmp
add action=mark-connection chain=classify-conn new-connection-mark=conn-Tin1 \
passthrough=no port=53,123,179 protocol=udp
add action=mark-connection chain=classify-conn comment="T1: IGMP Control" \
new-connection-mark=conn-Tin1 passthrough=no protocol=igmp
add action=mark-connection chain=classify-conn comment="T1: NextDNS Traffic" \
dst-address-list="NextDNS DNS-Servers" new-connection-mark=conn-Tin1 \
passthrough=no port=443,853 protocol=tcp
add action=mark-connection chain=classify-conn comment=\
"T1: NextDNS Traffic (UDP)" dst-address-list="NextDNS DNS-Servers" \
new-connection-mark=conn-Tin1 passthrough=no port=443 protocol=udp
add action=mark-connection chain=classify-conn comment="T2: VoIP/VPN" \
new-connection-mark=conn-Tin2 passthrough=no port=\
500,4500,5060,5061,16384-32767 protocol=udp
add action=mark-connection chain=classify-conn new-connection-mark=conn-Tin2 \
passthrough=no port=5060,5061 protocol=tcp
add action=mark-connection chain=classify-conn comment="T5: Gaming Ports" \
new-connection-mark=conn-Tin5 passthrough=no port=\
1119,3074,3478,5000-5500,7000-8000,10000-20019,27000-27100,30000-32000 \
protocol=udp
add action=mark-connection chain=classify-conn comment="T5: Gaming Small UDP" \
dst-address-type=!local new-connection-mark=conn-Tin5 packet-size=0-150 \
passthrough=no protocol=udp
add action=mark-connection chain=classify-conn comment="T4: Video Conf" \
new-connection-mark=conn-Tin4 passthrough=no port=\
1900,3478-3481,5004,5353,8008,8009,8801-8810,19302-19309 protocol=udp
add action=mark-connection chain=classify-conn comment="T3: Chat/Push" \
new-connection-mark=conn-Tin3 passthrough=no port=5222,5223,5228-5230 \
protocol=tcp
add action=mark-connection chain=classify-conn comment="T6: Web/Streaming" \
new-connection-mark=conn-Tin6 port=80,443 protocol=tcp
add action=mark-connection chain=classify-conn new-connection-mark=conn-Tin6 \
port=443 protocol=udp
add action=mark-connection chain=classify-conn comment="T7: Bulk" \
new-connection-mark=conn-Tin7 passthrough=no port=\
20,21,445,6881-6889,17500 protocol=tcp
add action=mark-connection chain=classify-conn comment="T8: Catch-all" \
new-connection-mark=conn-Tin8
add action=jump chain=forward comment="Jump to High-volume Check" \
connection-mark=conn-Tin6 jump-target=check-High-volume
add action=jump chain=forward connection-mark=conn-Tin8 jump-target=\
check-High-volume
add action=mark-connection chain=check-High-volume comment=\
"Extreme Web > Bulk (50MB)" connection-bytes=50000000 connection-mark=\
conn-Tin6 disabled=yes new-connection-mark=conn-Tin7 passthrough=no
add action=mark-connection chain=check-High-volume comment=\
"Web > Bulk (20MB)" connection-bytes=20000000 connection-mark=conn-Tin6 \
new-connection-mark=conn-Tin7 passthrough=no
add action=mark-connection chain=check-High-volume comment=\
"Catch-all > Bulk (10MB)" connection-bytes=10000000 connection-mark=\
conn-Tin8 new-connection-mark=conn-Tin7 passthrough=no
add action=jump chain=forward comment="Jump to Packet Marking" \
connection-mark=!no-mark jump-target=mark-packet-forward
add action=jump chain=output connection-mark=!no-mark jump-target=\
mark-packet-output
add action=mark-packet chain=mark-packet-forward comment=\
"Priority: Downstream ACKs(RX)" connection-state=established \
in-interface-list=WAN new-packet-mark=RX-CS7 packet-size=0-128 \
passthrough=no protocol=tcp tcp-flags=ack
add action=mark-packet chain=mark-packet-forward comment=\
"Priority: Small TCP ACKs (TX)" connection-state=established \
new-packet-mark=TX-CS7 out-interface-list=WAN packet-size=0-128 \
passthrough=no protocol=tcp tcp-flags=ack
add action=mark-packet chain=mark-packet-forward comment=\
"Forward : Tin-1 > Net/DNS/ICMP (CS7)" connection-mark=conn-Tin1 \
in-interface-list=WAN new-packet-mark=RX-CS7 passthrough=no
add action=mark-packet chain=mark-packet-forward connection-mark=conn-Tin1 \
new-packet-mark=TX-CS7 out-interface-list=WAN
add action=change-dscp chain=mark-packet-forward comment=\
"Forward : Tin-1 -> DSCP(56)" connection-mark=conn-Tin1 new-dscp=56 \
passthrough=no
add action=mark-packet chain=mark-packet-forward comment=\
"Forward : Tin-2 -> VoIP/VPN (EF)" connection-mark=conn-Tin2 \
in-interface-list=WAN new-packet-mark=RX-EF passthrough=no
add action=mark-packet chain=mark-packet-forward connection-mark=conn-Tin2 \
new-packet-mark=TX-EF out-interface-list=WAN
add action=change-dscp chain=mark-packet-forward comment=\
"Forward : Tin-2 -> DSCP(46)" connection-mark=conn-Tin2 new-dscp=46 \
passthrough=no
add action=mark-packet chain=mark-packet-forward comment=\
"Forward : Tin-3 -> Chat/Push (CS5)" connection-mark=conn-Tin3 \
in-interface-list=WAN new-packet-mark=RX-CS5 passthrough=no
add action=mark-packet chain=mark-packet-forward connection-mark=conn-Tin3 \
new-packet-mark=TX-CS5 out-interface-list=WAN
add action=change-dscp chain=mark-packet-forward comment=\
"Forward : Tin-3 -> DSCP(40)" connection-mark=conn-Tin3 new-dscp=40 \
passthrough=no
add action=mark-packet chain=mark-packet-forward comment=\
"Forward : Tin-4 -> Video Conf (AF41)" connection-mark=conn-Tin4 \
in-interface-list=WAN new-packet-mark=RX-AF41 passthrough=no
add action=mark-packet chain=mark-packet-forward connection-mark=conn-Tin4 \
new-packet-mark=TX-AF41 out-interface-list=WAN
add action=change-dscp chain=mark-packet-forward comment=\
"Forward : Tin-4 -> DSCP(34)" connection-mark=conn-Tin4 new-dscp=34 \
passthrough=no
add action=mark-packet chain=mark-packet-forward comment=\
"Forward : Tin-5 -> Gaming (AF31)" connection-mark=conn-Tin5 \
in-interface-list=WAN new-packet-mark=RX-AF31 passthrough=no
add action=mark-packet chain=mark-packet-forward connection-mark=conn-Tin5 \
new-packet-mark=TX-AF31 out-interface-list=WAN
add action=change-dscp chain=mark-packet-forward comment=\
"Forward : Tin-5 -> DSCP(26)" connection-mark=conn-Tin5 new-dscp=26 \
passthrough=no
add action=mark-packet chain=mark-packet-forward comment=\
"Forward : Tin-6 -> Web/Streaming (AF21)" connection-mark=conn-Tin6 \
in-interface-list=WAN new-packet-mark=RX-AF21 passthrough=no
add action=mark-packet chain=mark-packet-forward connection-mark=conn-Tin6 \
new-packet-mark=TX-AF21 out-interface-list=WAN
add action=change-dscp chain=mark-packet-forward comment=\
"Forward : Tin-6 -> DSCP(18)" connection-mark=conn-Tin6 new-dscp=18 \
passthrough=no
add action=mark-packet chain=mark-packet-forward comment=\
"Forward : Tin-7 -> Bulk (CS1)" connection-mark=conn-Tin7 \
in-interface-list=WAN new-packet-mark=RX-CS1 passthrough=no
add action=mark-packet chain=mark-packet-forward connection-mark=conn-Tin7 \
new-packet-mark=TX-CS1 out-interface-list=WAN
add action=change-dscp chain=mark-packet-forward comment=\
"Forward : Tin-7 -> DSCP(8)" connection-mark=conn-Tin7 new-dscp=8 \
passthrough=no
add action=mark-packet chain=mark-packet-forward comment=\
"Forward : Tin-8 -> Catch-all (CS0)" connection-mark=conn-Tin8 \
in-interface-list=WAN new-packet-mark=RX-CS0 passthrough=no
add action=mark-packet chain=mark-packet-forward connection-mark=conn-Tin8 \
new-packet-mark=TX-CS0 out-interface-list=WAN
add action=change-dscp chain=mark-packet-forward comment=\
"Forward : Tin-8 -> DSCP(0)" connection-mark=conn-Tin8 new-dscp=0 \
passthrough=no
add action=mark-packet chain=mark-packet-output comment=\
"Output : Tin-1 > Net/DNS/ICMP (CS7)" connection-mark=conn-Tin1 \
new-packet-mark=TX-CS7
add action=change-dscp chain=mark-packet-output comment=\
"Output : Tin-1 -> DSCP(56)" connection-mark=conn-Tin1 new-dscp=56 \
passthrough=no
add action=mark-packet chain=mark-packet-output comment=\
"Output : Tin-2 -> VoIP/VPN (EF)" connection-mark=conn-Tin2 \
new-packet-mark=TX-EF
add action=change-dscp chain=mark-packet-output comment=\
"Output: : Tin-2 -> DSCP(46)" connection-mark=conn-Tin2 new-dscp=46 \
passthrough=no
add action=mark-packet chain=mark-packet-output comment=\
"Output : Tin-3 -> Chat/Push (CS5)" connection-mark=conn-Tin3 \
new-packet-mark=TX-CS5
add action=change-dscp chain=mark-packet-output comment=\
"Output : Tin-3 -> DSCP(40)" connection-mark=conn-Tin3 new-dscp=40 \
passthrough=no
add action=mark-packet chain=mark-packet-output comment=\
"Output : Tin-4 -> Video Conf (AF41)" connection-mark=conn-Tin4 \
new-packet-mark=TX-AF41
add action=change-dscp chain=mark-packet-output comment=\
"Output : Tin-4 -> DSCP(34)" connection-mark=conn-Tin4 new-dscp=34 \
passthrough=no
add action=mark-packet chain=mark-packet-output comment=\
"Output : Tin-5 -> Gaming (AF31)" connection-mark=conn-Tin5 \
new-packet-mark=TX-AF31
add action=change-dscp chain=mark-packet-output comment=\
"Output : Tin-5 -> DSCP(26)" connection-mark=conn-Tin5 new-dscp=26 \
passthrough=no
add action=mark-packet chain=mark-packet-output comment=\
"Output : Tin-6 -> Web/Streaming (AF21)" connection-mark=conn-Tin6 \
new-packet-mark=TX-AF21
add action=change-dscp chain=mark-packet-output comment=\
"Output : Tin-6 -> DSCP(18)" connection-mark=conn-Tin6 new-dscp=18 \
passthrough=no
add action=mark-packet chain=mark-packet-output comment=\
"Output: Tin-7 -> Bulk (CS1)" connection-mark=conn-Tin7 new-packet-mark=\
TX-CS1
add action=change-dscp chain=mark-packet-output comment=\
"Output : Tin-7 -> DSCP(8)" connection-mark=conn-Tin7 new-dscp=8 \
passthrough=no
add action=mark-packet chain=mark-packet-output comment=\
"Output : Tin-8 -> Catch-all (CS0)" connection-mark=conn-Tin8 \
new-packet-mark=TX-CS0
add action=change-dscp chain=mark-packet-output comment=\
"Output : Tin-8 -> DSCP(0)" connection-mark=conn-Tin8 new-dscp=0 \
passthrough=no
/queue type
add cake-atm=ptm cake-diffserv=diffserv8 cake-memlimit=64.0MiB cake-mpu=68 \
cake-nat=yes cake-overhead=34 kind=cake name=cake-rx
add cake-ack-filter=filter cake-atm=ptm cake-diffserv=diffserv8 \
cake-memlimit=64.0MiB cake-mpu=68 cake-nat=yes cake-overhead=34 kind=cake \
name=cake-tx
add kind=pfifo name="Packet First-In, First-Out" pfifo-limit=69
/queue tree
add comment="Download bandwidth 100Mbps, limit 90% of traffic to 90Mbps" \
max-limit=90M name=Download-Parent parent=global queue=\
"Packet First-In, First-Out"
add name=RX_T1_Net/DNS/ICMP packet-mark=RX-CS7 parent=Download-Parent \
priority=1 queue=cake-rx
add name=RX_T2_VoIP/VPN packet-mark=RX-EF parent=Download-Parent priority=1 \
queue=cake-rx
add name=RX_T3_Chat/Push packet-mark=RX-CS5 parent=Download-Parent \
priority=2 queue=cake-rx
add name="RX_T4_Video Conf" packet-mark=RX-AF41 parent=Download-Parent \
priority=2 queue=cake-rx
add name=RX_T5_Gaming packet-mark=RX-AF31 parent=Download-Parent \
priority=3 queue=cake-rx
add name=RX_T6_Web/Streaming packet-mark=RX-AF21 parent=Download-Parent \
priority=4 queue=cake-rx
add name=RX_T7_Bulk packet-mark=RX-CS1 parent=Download-Parent priority=7 \
queue=cake-rx
add name=RX_T8_Catch-all packet-mark=RX-CS0 parent=Download-Parent queue=\
cake-rx
add comment="Upload bandwidth 40Mbps, limit 90% of traffic to 36Mbps" \
max-limit=36M name=Upload-Parent parent=global queue=\
"Packet First-In, First-Out"
add name=TX_T1_Net/DNS/ICMP packet-mark=TX-CS7 parent=Upload-Parent \
priority=1 queue=cake-tx
add name=TX_T2_VoIP/VPN packet-mark=TX-EF parent=Upload-Parent priority=1 \
queue=cake-tx
add name=TX_T3_Chat/Push packet-mark=TX-CS5 parent=Upload-Parent priority=2 \
queue=cake-tx
add name="TX_T4_Video Conf" packet-mark=TX-AF41 parent=Upload-Parent \
priority=2 queue=cake-tx
add name=TX_T5_Gaming packet-mark=TX-AF31 parent=Upload-Parent priority=3 \
queue=cake-tx
add name=TX_T6_Web/Streaming packet-mark=TX-AF21 parent=Upload-Parent \
priority=4 queue=cake-tx
add name=TX_T7_Bulk packet-mark=TX-CS1 parent=Upload-Parent priority=7 \
queue=cake-tx
add name=TX_T8_Catch-all packet-mark=TX-CS0 parent=Upload-Parent queue=\
cake-tx
--
cake應用的條件設定.依我目前所知的.供參考囉.
--
ADSL或DSL的話.寬頻不對稱時TX的設定新增ack-filter=filter.
RX: cake-atm=atm cake-flowmode=dual-dsthost cake-mpu=64
cake-nat=yes cake-overhead=44
TX: ack-filter=filter cake-atm=atm cake-flowmode=dual-srchost
cake-mpu=64 cake-nat=yes cake-overhead=44
--
FTTB-VDSL/2[100M以下,overhead=34 (PPPoE 8 + VLAN 4 + Ethernet 22),
以此類推,沒vlan,則30.沒PPPoE,則26.僅Ethernet,則22.].
MPU則是隨overhead之進退,30時MPU則64.34時MPU則68,值最低就64.
RX: cake-atm=ptm cake-flowmode=dual-dsthost cake-mpu=64
cake-nat=yes cake-overhead=30
TX: ack-filter=filter cake-atm=ptm cake-flowmode=dual-srchost
cake-mpu=64 cake-nat=yes cake-overhead=30
PS: atm設定的atm/ptm值,跟著寬頻而定,100M以上,則選no,
因為ISP在100M以上已有atm=ptm,故atm設定可忽略.
--
DOCSIS (有線電視寬頻/Cable Modem)的話,不需要處理atm與ptm分段.
overhead=18,22(有vlan則設).
RX: cake-flowmode=dual-dsthost cake-mpu=64
cake-nat=yes cake-overhead=18
TX: ack-filter=filter cake-flowmode=dual-srchost
cake-mpu=64 cake-nat=yes cake-overhead=18
PS: 因共用網路,Rx/Tx寬頻很難對稱,故Tx端的ack-filter要設filter.
若中間參雜太多雜七雜八的設備.低於760Mbps時,就維持上述.
寬頻高於760Mbps時,overhead設44,MPU設84.
WAN端只有乙太網路(類中繼路由):
RX: cake-flowmode=dual-dsthost cake-mpu=0
cake-nat=yes cake-overhead=18
TX: ack-filter= cake-flowmode=dual-srchost
cake-mpu=0 cake-nat=yes cake-overhead=18
--
FTTH:光纖100M以上者.跟前者差不多接近.只要對稱寬頻.ack-filter則none,
overhead=18(DHCP/Static IP-Mode:Ethernet 14 + FCS 4),
22(PPPoE-Mode:PPPoE (8) + Ethernet (14))
RX: cake-flowmode=dual-dsthost cake-mpu=0
cake-nat=yes cake-overhead=18
TX: ack-filter=none cake-flowmode=dual-srchost
cake-mpu=0 cake-nat=yes cake-overhead=18
PS:光纖對稱寬頻不需要設定最小封包補償.
WAN端只有乙太網路(類中繼路由).對稱:
RX: cake-flowmode=dual-dsthost cake-mpu=0
cake-nat=yes cake-overhead=18
TX: ack-filter=none cake-flowmode=dual-srchost
cake-mpu=0 cake-nat=yes cake-overhead=18
非對稱:
RX: cake-flowmode=dual-dsthost cake-mpu=0
cake-nat=yes cake-overhead=18
TX: ack-filter=filter cake-flowmode=dual-srchost
cake-mpu=0 cake-nat=yes cake-overhead=18
--
另種新手不知道啥.隨便.都可以.
寬頻對稱則:
RX: cake-flowmode=dual-dsthost cake-mpu=96
cake-nat=yes cake-overhead=44
TX: ack-filter=none cake-flowmode=dual-srchost
cake-mpu=96 cake-nat=yes cake-overhead=44
寬頻不對稱則:
RX: cake-flowmode=dual-dsthost cake-mpu=96
cake-nat=yes cake-overhead=44
TX: ack-filter=filter cake-flowmode=dual-srchost
cake-mpu=96 cake-nat=yes cake-overhead=44
成為對的人是要持續執行核心價值來成就自己附加價值的永恆.[V-Ing]By Myself
個人積分:42205分
文章編號:92912224
個人積分:205235分
文章編號:92912506
網友分享一個有趣的故事:
有一位客人走進一家餐廳用餐.
看見牆上掛著一個很霸氣的招牌:
[只要你想得到,我們都做得出來。]
客人心裡想:這廚師口氣也太大了吧?
既然如此,那就來考考你.
他不看菜單,直接點了三道菜.
第一道:「看不到的菜。」
第二道:「聽不見的菜。」
第三道:「既看不到、又聽不見的菜。」
服務生當場愣住,心想:這位客人是來吃飯,
還是來考試的呢?但還是趕緊把單子送進廚房。
沒想到.過了一會兒,三道菜真的端上桌了!
客人一看,驚呼:「太神奇了吧!」
而且還吃得津津有味、讚不絕口。
原來,大廚是這樣解答的:
第一道「看不到的菜」-蝦子.
(因為:瞎子看不到)
第二道「聽不見的菜」—木耳.
(因為:木耳聽不到)
第三道「既看不到又聽不見的菜」—龍蝦.
(又聾又瞎 )
全場瞬間笑翻.
個人積分:75847分
文章編號:92912852
以下為沒用DoH時的DNS標記.大功告成!徹底改善DNS解析速度.
個人積分:205235分
文章編號:92912922
個人積分:75847分
文章編號:92912958
個人積分:524629分
文章編號:92912969
