Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 14 of 14
  1. #1
    Status
    Offline
    adh1et's Avatar
    Member Senior
    Join Date
    Jul 2010
    Posts
    341
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Cara Pakai action=jump

    malem semua,
    tolong dong para master" jelasin ke ane, gmn sih cara pake chain jump? trus kapan saat yang tepat di pake nya?

    thx ya
    Last edited by adh1et; 19-07-2011 at 15:28. Reason: salah judul

  2. The Following 2 Users Say Thank You to adh1et For This Useful Post:


  3. #2
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,696
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0

    Wink

    yang ada kayaknya action=jump deh..
    coba bantu ya
    bisa digunakan di filter maupun mangle untuk membuat chain baru
    di filter chainnya kan ada 3 = input, forward, output
    Nat ada 2 = scrnat, dstnat
    mangle ada 5 = input, forward, output, postrouting, prerouting

    kadang itu ga cukup untuk melakukan penyaringan protokol/port, apalagi untuk hal yang spesifik, terutama yang rawan2 bentrok chainnya(bikin pusing) dan biasanya butuh beberapa chain yang sama tapi berbeda..

    misalnya chain=input action=jump jump-target=rantai
    sekarang chain input = rantai

    jadi ente bisa pakai add chain=rantai action=bla..bla..bla..

    action jump untuk mengarahkan flow ke chain baru (sub chain)

  4. The Following 4 Users Say Thank You to Anto.PJ For This Useful Post:


  5. #3
    Status
    Offline
    adh1et's Avatar
    Member Senior
    Join Date
    Jul 2010
    Posts
    341
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    eh iya bener action jump Click here to enlarge,

    setelah di jump ke chain rantai, trus jika gak ada yang kesaring di chain itu nanti packet nya gmn? di buang gitu aja ya? jika iya maka gmn caranya kita mengembalikan packet yang di buang tadi?

    thx ya...

  6. The Following 2 Users Say Thank You to adh1et For This Useful Post:


  7. #4
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,696
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by adh1et Click here to enlarge
    eh iya bener action jump Click here to enlarge,

    setelah di jump ke chain rantai, trus jika gak ada yang kesaring di chain itu nanti packet nya gmn? di buang gitu aja ya? jika iya maka gmn caranya kita mengembalikan packet yang di buang tadi?

    thx ya...
    ngga dong..
    untuk chain input kita harus mendefinisikan si paket akan masuk masuk dari interface mana, atau berasal dari address mana..
    paket yang tidak di defenisikan ga akan di buang, cuma dilewatkan saja

    misalnya
    1. chain=rantai protocol=icmp out-interface=eth2 action=accept
    2. chain=rantai protocol=icmp out-interface=eth3 action=accept
    3. chain=input protocol=icmp in-interface=eth1 action=jump jump-target=rantai
    4. chain=rantai action=drop
    5. chain=input in-interface=eth1 action=drop
    perlu di dipahami bahwa rule akan di eksekusi berurutan, rule baris 1 dan 2 belum dikenali chainnya hingga di defenisikan pada rule baris ke 3(di langkahi saja)
    pada baris ke 3 ini, protokol icmp dialihkan ke rule yang menggunakan chain rantai.. dan selain icmp akan menemui ajalnya di rule baris ke 5, alias kena drop

    yang chain=rantai tadi di kembali ke rule baris 1,2 dan menemui ajalnya di rule nomor 4

    penggunaan action=jump ini akan memakan sedikit resource, karena eksekusi firewall akan berjalan multitasking
    CMIW
    Last edited by Anto.PJ; 19-07-2011 at 09:02.

  8. The Following 3 Users Say Thank You to Anto.PJ For This Useful Post:


  9. #5
    Status
    Offline
    adh1et's Avatar
    Member Senior
    Join Date
    Jul 2010
    Posts
    341
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    wah jadi sangat jelas sekali, thx bgt ya..
    skarang tinggal eksperimen Click here to enlarge

  10. The Following 2 Users Say Thank You to adh1et For This Useful Post:


  11. #6
    Status
    Offline
    stofa's Avatar
    Baru Gabung
    Join Date
    Jun 2010
    Posts
    5
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Nyimak

    ane belum mudeng masing bingung gan..... Click here to enlargeClick here to enlarge

  12. The Following 2 Users Say Thank You to stofa For This Useful Post:


  13. #7
    Status
    Offline
    adh1et's Avatar
    Member Senior
    Join Date
    Jul 2010
    Posts
    341
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    maaf mas, 1 lg kelupaan..

    1. chain=rantai protocol=icmp out-interface=eth2 action=accept
    2. chain=rantai protocol=icmp out-interface=eth3 action=accept
    3. chain=input protocol=icmp in-interface=eth1 action=jump jump-target=rantai
    4. chain=rantai action=drop
    5. chain=input in-interface=eth1 action=drop
    nah pada langkah no.4 kan dilakukan jika no.1 dan no.2 tidak tersaring, nah gmn caranya agar chain=rantai (langkah no.4) dikembalikan ke chain input sehingga bisa di proses lagi.

    mungkin kalo melihat contoh di atas sebagian besar akhiranya pasti drop.

    saya mau buat jump untuk protocol tcp kira" gambaran yang mau saya buat begini :

    chain=input protocol=tcp action=jump jump-target=tcp-http
    chain tcp-http protocol=tcp dst-port=80 action=accept


    nah langkah selanjutnya di sini saya mau buat jump baru untuk tcp-winbox namun dengan menggunakan sisa packet yang telah di-jump di atas.
    kira" benar gak yang saya tulis di bawah ini :

    chain=tcp-http protocol=tcp action=jump jump-target=input
    chain=input protocol=tcp action=jump jump-target=tcp-winbox
    chain tcp-winbox protocol=tcp dst-port=8291 action=accept

    yang berwarna merah di atas apa perlu di lakukan?
    apa langsung ke warna biru?


    thx atas jawabanya, maaf ngerepotin nanya terus Click here to enlarge

  14. The Following 2 Users Say Thank You to adh1et For This Useful Post:


  15. #8
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,696
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by adh1et Click here to enlarge
    maaf mas, 1 lg kelupaan..



    nah pada langkah no.4 kan dilakukan jika no.1 dan no.2 tidak tersaring, nah gmn caranya agar chain=rantai (langkah no.4) dikembalikan ke chain input sehingga bisa di proses lagi.

    mungkin kalo melihat contoh di atas sebagian besar akhiranya pasti drop.

    saya mau buat jump untuk protocol tcp kira" gambaran yang mau saya buat begini :

    chain=input protocol=tcp action=jump jump-target=tcp-http
    chain tcp-http protocol=tcp dst-port=80 action=accept


    nah langkah selanjutnya di sini saya mau buat jump baru untuk tcp-winbox namun dengan menggunakan sisa packet yang telah di-jump di atas.
    kira" benar gak yang saya tulis di bawah ini :

    chain=tcp-http protocol=tcp action=jump jump-target=input
    chain=input protocol=tcp action=jump jump-target=tcp-winbox
    chain tcp-winbox protocol=tcp dst-port=8291 action=accept

    yang berwarna merah di atas apa perlu di lakukan?
    apa langsung ke warna biru?

    thx atas jawabanya, maaf ngerepotin nanya terus Click here to enlarge
    wah.. semestinya simpel saja, saya pikir mau pakai jump nya untuk apaan gitu, di simpelkan saja
    contoh
    chain=tcpinet protocol=tcp src-port=80 action=accept
    chain=tcpinet protocol=tcp dst-port=8291 action accept
    chain=tcpinet bla..bla..bla....
    chain=tcpinet action=drop
    chain=icmpinet out-interface=lan1 action accept
    chain=icmpinet out-interface=lokal-lan action=drop
    chain=input in-interface=wan protocol=tcp action=jump jump-target=tcpinet
    chain=input in-interface=wan protocol=icmp action=jump jump-target=icmpinet

    ntar malah pusing sendiri loh.. Click here to enlarge

    =========================
    added..

    baru saya paham maksudnya.. maksudnya mau di kembalikan lagi??
    action drop diganti dengan passthrough

    trus dibuatkan lagi chain input.. dan silahkan di jump kembali

    atau liat deh.. lengkap ma contoh2nya
    Last edited by Anto.PJ; 19-07-2011 at 16:10.

  16. The Following 3 Users Say Thank You to Anto.PJ For This Useful Post:


  17. #9
    Status
    Offline
    adh1et's Avatar
    Member Senior
    Join Date
    Jul 2010
    Posts
    341
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    yup betul, chain yang sudah di jump mau di balikin ke asal muasalnya lagi, biar sisa" packet yang gak ke filter bisa di ubek" lagi..

    thx bgt mas penjelasanya, jadi terang benderang Click here to enlarge

  18. The Following 2 Users Say Thank You to adh1et For This Useful Post:


  19. #10
    Status
    Offline
    tyang_dusun's Avatar
    Member Super Senior
    Join Date
    Jun 2008
    Location
    Klaten, Jawa Tengah, Indonesia, Indonesia
    Posts
    521
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    Nice Tread Brow ....

  20. The Following 2 Users Say Thank You to tyang_dusun For This Useful Post:


  21. #11
    Status
    Offline
    tyang_dusun's Avatar
    Member Super Senior
    Join Date
    Jun 2008
    Location
    Klaten, Jawa Tengah, Indonesia, Indonesia
    Posts
    521
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    ane numpang coba coba dul gan ....

  22. #12
    Status
    Offline
    adiputrolds's Avatar
    Forum Guru
    Join Date
    Oct 2008
    Posts
    1,485
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    add chain=otherchain action=return

    jump tidak akan memakan resource kalo tau cara pakeknya ........
    tp terus terang itu rahasia banged.....
    Last edited by adiputrolds; 19-09-2011 at 23:43.

  23. The Following User Says Thank You to adiputrolds For This Useful Post:


  24. #13
    Status
    Offline
    whiely's Avatar
    Member Senior
    Join Date
    Jun 2010
    Location
    :unidentified:
    Posts
    423
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by electrix_85 Click here to enlarge
    add chain=otherchain action=return

    jump tidak akan memakan resource kalo tau cara pakeknya ........
    tp terus terang itu rahasia banged.....
    ane mau donk d bisikin rahasianya.... Click here to enlarge

  25. The Following User Says Thank You to whiely For This Useful Post:


  26. #14
    Status
    Offline
    adiputrolds's Avatar
    Forum Guru
    Join Date
    Oct 2008
    Posts
    1,485
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by whiely Click here to enlarge
    ane mau donk d bisikin rahasianya.... Click here to enlarge
    sini waswasweswus ....
    dah kan Click here to enlarge

  27. The Following 2 Users Say Thank You to adiputrolds For This Useful Post:


 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 58
    Last Post: 23-10-2012, 22:55
  2. [ASK] cara membuang chain/nat/mangle yang tidak terpakai
    By maubelajarmikrotiknih in forum Beginner Basics
    Replies: 11
    Last Post: 09-12-2010, 17:36
  3. Gmn Cara Konek Ke Radio Langsung pakai console??
    By warkirasep in forum Wireless Networking
    Replies: 4
    Last Post: 18-02-2010, 22:26
  4. [ask] cara pakai semua ip public dari ISP
    By Xerophie in forum General Networking
    Replies: 26
    Last Post: 11-02-2009, 06:18
  5. [HELP] Cara Install + pakai WINBOX
    By thecapt in forum Beginner Basics
    Replies: 11
    Last Post: 17-12-2008, 09:01

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •