Mikrotik | Forum Mikrotik Indonesia   Mikrotik Manual Mikrotik iSPY Mikrotik RSS Feed
This Logo is a Courtesy from RumahDowty

Go Back   Mikrotik | Forum Mikrotik Indonesia > Diskusi Mikrotik RouterOS > Beginner Basics
Reload this Page blok situs helppppp
iSpy My iTrade Register FAQ Members List Calendar Mark Forums Read

Diskusi blok situs helppppp pada Beginner Basics | Mikrotik | Forum Mikrotik Indonesia : halo para senior, pengen minta bantuan nih, saya punya kasus saya nyoba ngeblok situ dengan ...


Official Board Announcements
NEW
Kunjungi Forum Diskusi PROXY Linux di FMI
donasi



 
Reply
 
LinkBack Thread Tools
  #1 (permalink)  
Old 31-01-2008, 13:49
aris-setiawan aris-setiawan is offline
Baru Gabung
  
Join Date: Jan 2008
Posts: 2
iTrader: (0)
Thanks: 0
Thanked 0 Times in 0 Posts
aris-setiawan is on a distinguished road
blok situs helppppp



halo para senior, pengen minta bantuan nih, saya punya kasus saya nyoba ngeblok situ dengan cara allow beberapa situs doang buat client di kantor gw dan alow semua situs buar server doang dan abis itu blok semua yg ga di allow buat clientnya, scriptnya gini, sori ya kalo salah
1. chain=forward dst-address=192.168.3.2 protocol=tcp src-port=0-65535 packet-mark=155 action=accept
chain=forward dst-address=192.168.3.3 protocol=tcp src-port=0-65535 packet-mark=155 action=accept
chain=forward dst-address=192.168.3.4 protocol=tcp src-port=0-65535 packet-mark=155 action=accept
(buka punya sendiri)

2. chain=forward src-address=202.59.161.0/24 protocol=tcp src-port=0-65535 action=accept
(buat buka ip yg di perlukan, per subnet ip website soalnya suka redirect)

3. chain=forward dst-address=192.168.3.0/24 protocol=tcp src-port=0-65535 action=reject reject-with=icmp-admin-prohibited
(buat blok semua port)


maksunya begini
1. buka IP local comp saya
2. buka semua IP public web yg saya perlu
3. tutup semua port

tapi pada script(perintah) terakhir no.3 ngebuat web browser jadi lemot(hang)
tapi pas no. 3 di ilangin lancar aja, tapi kan percuma aja kalo no 3 ga ada, toloooooong doooooooong

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 31-01-2008, 16:54
sum14rdi's Avatar
sum14rdi sum14rdi is offline
VIP Member
  
Join Date: Sep 2007
Location: Tambun-Bekasi
Posts: 731
iTrader: (1)
Thanks: 115
Thanked 140 Times in 108 Posts
sum14rdi is on a distinguished roadsum14rdi is on a distinguished roadsum14rdi is on a distinguished roadsum14rdi is on a distinguished roadsum14rdi is on a distinguished roadsum14rdi is on a distinguished roadsum14rdi is on a distinguished road
Send a message via Yahoo to sum14rdi
maaf masih blum ngerti...kemauan anda....

bisa diperjelas lagi....

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 31-01-2008, 20:13
aris-setiawan aris-setiawan is offline
Baru Gabung
  
Join Date: Jan 2008
Posts: 2
iTrader: (0)
Thanks: 0
Thanked 0 Times in 0 Posts
aris-setiawan is on a distinguished road
saya mau ngeblok semua situs kecuali situs2 buat keperluan kerjaan aja(untuk client) kecuali komputer saya yg bisa ngebuka situs apa aja, hanya itu aja sih, ada yang bisa ngebantu

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 31-01-2008, 20:36
[a]'s Avatar
[a] [a] is offline
Forum Advisor
  
Join Date: Jun 2007
Location: Jakarta
Posts: 1,690
iTrader: (1)
Thanks: 311
Thanked 962 Times in 243 Posts
[a] has disabled reputation
Send a message via Yahoo to [a]
web proxy nya di aktifkan..

setelah itu create rule untuk blok situs yg tidak diinginkan

baca2 dulu di tutorial, kalo ada yg tidak jelas silahkan ditanyakan kembali...

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 31-01-2008, 20:51
sum14rdi's Avatar
sum14rdi sum14rdi is offline
VIP Member
  
Join Date: Sep 2007
Location: Tambun-Bekasi
Posts: 731
iTrader: (1)
Thanks: 115
Thanked 140 Times in 108 Posts
sum14rdi is on a distinguished roadsum14rdi is on a distinguished roadsum14rdi is on a distinguished roadsum14rdi is on a distinguished roadsum14rdi is on a distinguished roadsum14rdi is on a distinguished roadsum14rdi is on a distinguished road
Send a message via Yahoo to sum14rdi
oooo gitu
1. inventaris IP-IP dari situs "keperluan kerjaan" lalu buat address-list
2. buat /ip firewall filter untuk src-address dan dst-address-list yang allow or drop (lebih manjur pake chain forward)
3. drop semua tujuan (0.0.0.0/0) ini diletakan setelah rule untuk drop/allow situs "keperluan kerjaan"

kenapa saya menganjurkan pake address-list, jika ada penambahan situs(ip) "keperluan kerjaan" kita tinggal masukan ke address-list tanpa mengubah/menambah di /ip firewall filter

semoga membantu

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« ask: setting 2 koneksi tanpa load balancing | Tidak Bisa Akses Mikrotik »


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Klient login Hotspot langsung diarahin ke situs tertentu Nasry Scripting @ Mikrotik 42 03-08-2010 21:57
Ada yang tau list IP Situs Porno d0d0ls General Networking 13 06-01-2009 09:19
Blok P2P kipyes Beginner Basics 2 16-07-2008 16:59
(ask) filter dan blok ip agung Beginner Basics 3 28-11-2007 09:42
blok mac k1j0r Wireless Networking 3 12-11-2007 18:46


This Forum is Powered by Orion Net.

All times are GMT +8. The time now is 06:11.

Contact Us - Forum Mikrotik Indonesia - Top