/ip firewall layer7-protocol add name=YOUTUBE \regexp="http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5][0-9][0-9][\\x09-\\x0d -~]*(content-type: video)"
/ip firewall layer7-protocol add name="EXE" \regexp="\\.(exe)"
/ip firewall layer7-protocol add name="RAR" \regexp="\\.(rar)"
/ip firewall layer7-protocol add name="7z" \regexp="\\.(7z)"
/ip firewall layer7-protocol add name="CAB" \regexp="\\.(cab)"
/ip firewall layer7-protocol add name="ASF" \regexp="\\.(asf)"
/ip firewall layer7-protocol add name="MOV" \regexp="\\.(mov)"
/ip firewall layer7-protocol add name="WMV" \regexp="\\.(wmv)"
/ip firewall layer7-protocol add name="MPG" \regexp="\\.(mpg)"
/ip firewall layer7-protocol add name="MPEG" \regexp="\\.(mpeg)"
/ip firewall layer7-protocol add name="MKV" \regexp="\\.(mkv)"
/ip firewall layer7-protocol add name="ZIP" \regexp="\\.(zip)"
/ip firewall layer7-protocol add name="AVI" \regexp="\\.(avi)"
/ip firewall layer7-protocol add name="FLV" \regexp="\\.(flv)"
/ip firewall layer7-protocol add name="WAV" \regexp="\\.(wav)"
/ip firewall layer7-protocol add name="RM" \regexp="\\.(rm)"
/ip firewall layer7-protocol add name="MP3" \regexp="\\.(mp3)"
/ip firewall layer7-protocol add name="MP4" \regexp="\\.(mp4)"
/ip firewall layer7-protocol add name="RAM" \regexp="\\.(ram)"
/ip firewall layer7-protocol add name="RMVB" \regexp="\\.(rmvb)"
/ip firewall layer7-protocol add name="DAT" \regexp="\\.(dat)"
/ip firewall layer7-protocol add name="DAA" \regexp="\\.(daa)"
/ip firewall layer7-protocol add name="ISO" \regexp="\\.(iso)"
/ip firewall layer7-protocol add name="NRG" \regexp="\\.(nrg)"
/ip firewall layer7-protocol add name="BIN" \regexp="\\.(bin)"
/ip firewall layer7-protocol add name="VCD" \regexp=\\.(vcd)
buat mangle hit
/ip firewall layer7-protocol add name="EXE" \regexp="\\.(exe)"
/ip firewall layer7-protocol add name="RAR" \regexp="\\.(rar)"
/ip firewall layer7-protocol add name="7z" \regexp="\\.(7z)"
/ip firewall layer7-protocol add name="CAB" \regexp="\\.(cab)"
/ip firewall layer7-protocol add name="ASF" \regexp="\\.(asf)"
/ip firewall layer7-protocol add name="MOV" \regexp="\\.(mov)"
/ip firewall layer7-protocol add name="WMV" \regexp="\\.(wmv)"
/ip firewall layer7-protocol add name="MPG" \regexp="\\.(mpg)"
/ip firewall layer7-protocol add name="MPEG" \regexp="\\.(mpeg)"
/ip firewall layer7-protocol add name="MKV" \regexp="\\.(mkv)"
/ip firewall layer7-protocol add name="ZIP" \regexp="\\.(zip)"
/ip firewall layer7-protocol add name="AVI" \regexp="\\.(avi)"
/ip firewall layer7-protocol add name="FLV" \regexp="\\.(flv)"
/ip firewall layer7-protocol add name="WAV" \regexp="\\.(wav)"
/ip firewall layer7-protocol add name="RM" \regexp="\\.(rm)"
/ip firewall layer7-protocol add name="MP3" \regexp="\\.(mp3)"
/ip firewall layer7-protocol add name="MP4" \regexp="\\.(mp4)"
/ip firewall layer7-protocol add name="RAM" \regexp="\\.(ram)"
/ip firewall layer7-protocol add name="RMVB" \regexp="\\.(rmvb)"
/ip firewall layer7-protocol add name="DAT" \regexp="\\.(dat)"
/ip firewall layer7-protocol add name="DAA" \regexp="\\.(daa)"
/ip firewall layer7-protocol add name="ISO" \regexp="\\.(iso)"
/ip firewall layer7-protocol add name="NRG" \regexp="\\.(nrg)"
/ip firewall layer7-protocol add name="BIN" \regexp="\\.(bin)"
/ip firewall layer7-protocol add name="VCD" \regexp=\\.(vcd)
/ip firewall mangle add action=mark-packet \
chain=forward comment="SQUID PROXY HIT" \
disabled=no dscp=12 \
new-packet-mark="PROXY HIT" passthrough=no
Mangle Squid koneksi dan squid Paket:
/ip firewall mangle add action=mark-connection \
chain=prerouting comment="BROWSING SQUID" disabled=no \
dst-address-list="!client" \
dst-port=80,443 new-connection-mark="SQUID KONEKSI" \
passthrough=yes protocol=tcp \
src-address-list="proxy"
/ip firewall mangle add action=mark-packet \
chain=forward comment="SQUID PAKET" \
connection-mark="SQUID KONEKSI" disabled=no \
new-packet-mark="SQUID PAKET" passthrough=no
Mangle Semua koneksi masuk dan koneksi keluar
/ip firewall mangle add action=mark-connection \
chain=prerouting comment="TANDA SEMUA KONEKSI" disabled=no \
dst-address-list="!client" \
in-interface=local new-connection-mark="SEMUA KONEKSI MASUK" \
passthrough=yes
/ip firewall mangle add action=mark-connection \
chain=forward disabled=no \
new-connection-mark="SEMUA KONEKSI KELUAR" \
out-interface=local passthrough=yes \
src-address-list="!client" \
comment="SEMUA KONEKSI KELUAR"
/ip firewall mangle add chain=prerouting \
action=mark-packet new-packet-mark="SEMUA PAKET_MASUK"\
passthrough=yes connection-mark="SEMUA KONEKSI MASUK" \
comment="SEMUA PAKET MASUK"
/ip firewall mangle add chain=forward \
action=mark-packet new-packet-mark="SEMUA PAKET KELUAR" \
passthrough=yes connection-mark="SEMUA KONEKSI KELUAR" \
comment="SEMUA PAKET KELUAR"
Mangle Browsing koneksi yang koneksi dari semua koneksi masuk:
/ip firewall mangle add action=mark-connection chain=prerouting \
comment="BROWSING CLIENT" \
connection-mark="SEMUA KONEKSI MASUK" disabled=no \
new-connection-mark="BROWSING KONEKSI" \
passthrough=yes protocol=tcp
Mangle Koneksi ICMP dengan dscp1:
/ip firewall mangle add action=mark-connection \
chain=postrouting disabled=no dscp=1 \
new-connection-mark="ICMP KONEKSI" passthrough=yes \
comment="ICMP KONEKSI"
Mangle Game koneksi yang koneksi dari semua koneksi masuk:
Mangle Pointblank,Poker,dan RF online,jika anda ingin memasukkan game lainnya silahkan cari port game tersebut:
/ip firewall mangle add action=mark-connection \
chain=prerouting comment="POINT BLANK" \
connection-mark="SEMUA KONEKSI MASUK" \
disabled=no dst-port=40000-40010 \
new-connection-mark="GAME KONEKSI" \
passthrough=yes protocol=udp
/ip firewall mangle add action=mark-connection \
chain=prerouting comment="POKER" \
connection-mark="SEMUA KONEKSI MASUK" \
disabled=no dst-port=9339,843 \
new-connection-mark="GAME KONEKSI" \
passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection \
chain=prerouting comment="RF ONLINE" \
connection-mark="SEMUA KONEKSI MASUK" disabled=no \
dst-port=10001,10002,10003,10004,10005,10006,10007 \
new-connection-mark="GAME KONEKSI" \
passthrough=yes protocol=udp
Mangle ICMP PAKET:
/ip firewall mangle add action=mark-packet \
chain=postrouting connection-mark="ICMP KONEKSI" \
disabled=no new-packet-mark="ICMP PAKET" passthrough=no \
comment="ICMP PAKET"
Selanjutnya mangle Game Paket:
/ip firewall mangle add action=mark-packet \
chain=forward comment="SEMUA GAME DIPAKETKAN" \
connection-mark="GAME KONEKSI" disabled=no \
new-packet-mark="GAME PAKET" passthrough=no
Selanjutnya Bowsing paket:
/ip firewall mangle add action=mark-packet \
chain=forward comment="BROWSING PAKET" \
connection-bytes=0-131072 \
connection-mark="BROWSING KONEKSI" \
disabled=no new-packet-mark="BROWSING PAKET" \
passthrough=no protocol=tcp
Change dscp ICMP dan Port 53:
/ip firewall mangle add action=change-dscp \
chain=postrouting comment="ICMP CHANGE DSCP" \
disabled=no new-dscp=1 protocol=icmp
/ip firewall mangle add action=change-dscp \
chain=postrouting disabled=no dst-port=53 new-dscp=1 \
protocol=udp
/ip firewall mangle add action=change-dscp \
chain=postrouting disabled=no dst-port=53 new-dscp=1 \
protocol=tcp
Mangle Extention file seperti .zip .rar .flv .exe dll :
/ip firewall mangle add action=change-dscp \
/ip firewall mangle add action=mark-connection \
chain=forward comment="EXTENTION KONEKSI" \
disabled=no in-interface=local \
new-connection-mark="EXTENTION KONEKSI" \
passthrough=yes
/ip firewall mangle add action=mark-packet \
chain=forward comment="YOUTUBE MARK" \
connection-mark="EXTENTION KONEKSI" disabled=no \
new-packet-mark="YOUTUBE" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="WMV MARK" \
connection-mark="EXTENTION KONEKSI" disabled=no \
new-packet-mark="WMV" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="EXE MARK" \
connection-mark="EXTENTION KONEKSI" disabled=no \
new-packet-mark="EXE" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="ZIP MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="ZIP" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="RAR MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="RAR" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="MPG MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="MPG" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="MPEG MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="MPEG" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="MP3 MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="MP3" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="MOV MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="MOV" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="ISO MARK" disabled=no \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="ISO" \
passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="MKV MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="MKV" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="FLV MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="FLV" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="AVI MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="AVI" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="CAB MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="CAB" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="ASF MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="ASF" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="WAV MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="WAV" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="RM MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="RM" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="RAM MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="RAM" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="RMVB MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="RMVB" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="DAT MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="DAT" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="DAA MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="DAA" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="NRG MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="NRG" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="BIN MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="BIN" passthrough=no
/ip firewall mangle add action=mark-packet \
chain=forward comment="VCD MARK" \
connection-mark="EXTENTION KONEKSI" \
new-packet-mark="VCD" passthrough=no
Queue Tree
Queue tree ICMP prioritas ke 1:
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s disabled=no \
limit-at=0 max-limit=0 name="ICMP PING" \
packet-mark="ICMP PAKET" parent=public priority=1 \
queue="default"
Queue Squid Hit Prioritas ke 2:
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s disabled=no \
limit-at=0 max-limit=0 name="SQUID HIT" \
packet-mark="PROXY HIT" parent=local priority=2 \
queue=default
Queue Limit Extention prioritas ke 3 (jika anda ingin melimit yang berbeda silahkan ubah max-limitnya):
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=1000000 \
name="LIMIT FILE EXTENTION" parent=global-out priority=3
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=128000 \
name="AVI" packet-mark=AVI parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="EXE" packet-mark="EXE" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=128000 \
name="FLV" packet-mark="FLV" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="YOUTUBE" packet-mark="YOUTUBE" \
parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="ISO" packet-mark=iso parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 name="MP3" \
packet-mark="MP3" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 name="MP4" \
packet-mark="MP4" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=128000 \
name="MPEG" packet-mark="MPEG" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=128000 \
name="MPG" packet-mark="MPG" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="RAR" packet-mark="RAR" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=128000 \
name="WMV" packet-mark="WMV" \
parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="ZIP" packet-mark="ZIP" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="CAB" packet-mark="CAB" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="ASF" packet-mark="ASF" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="MOV" packet-mark="MOV" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="MKV" packet-mark="MKV" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="WAV" packet-mark="WAV" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="RM" packet-mark="RM" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="RAM" packet-mark="RAM" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="RMVB" packet-mark="RMVB" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="DAT" packet-mark="DAT" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="DAA" packet-mark="DAA" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="NRG" packet-mark="NRG" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="BIN" packet-mark="BIN" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="VCD" packet-mark="VCD" parent="LIMIT FILE EXTENTION" \
priority=3 queue=default
Queue tree Semua Upload Prioritas ke 4 :
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="+++TOTAL UPLOAD+++" \
packet-mark="SEMUA PAKET MASUK" \
parent=public priority=4 queue=default
Total download Prioritas ke 5 :
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="+++TOTAL DOWNLOAD+++" packet-mark="SEMUA PAKET KELUAR" \
parent=global priority=5
Game download Prioritas ke 6 :
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="GAME DOWNLOAD" packet-mark="GAME PAKET" \
parent="+++TOTAL DOWNLOAD+++" priority=6 \
queue=default
Queue Browsing Paket Priority ke 7
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s \
disabled=no limit-at=0 max-limit=0 \
name="BROWSING PAKET" packet-mark="BROWSING PAKET" \
parent="+++TOTAL DOWNLOAD+++" priority=7 queue=default
Queue tree Total download client priority8
/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s disabled=no \
limit-at=0 max-limit=0 name="+++TOTAL DOWNLOAD CLIENT+++" \
parent="+++TOTAL DOWNLOAD+++" priority=8
0 Response to "Membuat Limit extensi di mikrotik"
Post a Comment
Ilmu ibarat sempax, kita harus menggunakannya, tapi tak perlu memamerkannya..".Tolong klik iklan dong..biar blog nya tetep eksis..Thxs "