Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 8 of 8
  1. #1
    Status
    Offline
    g00db0y's Avatar
    Baru Gabung
    Join Date
    Jan 2012
    Posts
    6
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    [ask] mangle game+limited iix+int

    setelah baca2 di porum ini, saya coba buat mangle di kelompokin dari tutor yang ada
    FIREWALL FILTER
    Code:
    /ip firewall filter
    add action=add-dst-to-address-list address-list=content_download \
        address-list-timeout=5s chain=forward comment="contain download" \
        disabled=no dst-address-list=!openixp layer7-protocol=\
        "Extension \" .mp3 \"" protocol=tcp
    add action=add-dst-to-address-list address-list=content_download \
        address-list-timeout=5s chain=forward comment="" disabled=no \
        dst-address-list=!openixp layer7-protocol="Extension \" .avi \"" \
        protocol=tcp
    add action=add-dst-to-address-list address-list=content_download \
        address-list-timeout=5s chain=forward comment="" disabled=no \
        dst-address-list=!openixp layer7-protocol="Extension \" .flv \"" \
        protocol=tcp
    add action=add-dst-to-address-list address-list=content_download \
        address-list-timeout=5s chain=forward comment="" disabled=no \
        dst-address-list=!openixp layer7-protocol="Extension \" .iso \"" \
        protocol=tcp
    add action=add-dst-to-address-list address-list=content_download \
        address-list-timeout=5s chain=forward comment="" disabled=no \
        dst-address-list=!openixp layer7-protocol="Extension \" .pdf \"" \
        protocol=tcp
    add action=add-dst-to-address-list address-list=content_download \
        address-list-timeout=5s chain=forward comment="" disabled=no \
        dst-address-list=!openixp layer7-protocol="Extension \" .mpeg \"" \
        protocol=tcp
    add action=add-dst-to-address-list address-list=content_download \
        address-list-timeout=5s chain=forward comment="" disabled=no \
        dst-address-list=!openixp layer7-protocol="Extension \" .exe \"" \
        protocol=tcp
    add action=add-dst-to-address-list address-list=content_download \
        address-list-timeout=5s chain=forward comment="" disabled=no \
        dst-address-list=!openixp layer7-protocol="Extension \" .rar \"" \
        protocol=tcp
    add action=add-dst-to-address-list address-list=content_download \
        address-list-timeout=5s chain=forward comment="" disabled=no \
        dst-address-list=!openixp layer7-protocol="Extension \" .zip \"" \
        protocol=tcp
    add action=add-dst-to-address-list address-list=content_download \
        address-list-timeout=5s chain=forward comment="" disabled=no \
        dst-address-list=!openixp layer7-protocol="Extension \" .mp4 \"" \
        protocol=tcp
    add action=add-dst-to-address-list address-list=content_download \
        address-list-timeout=5s chain=forward comment="" disabled=no \
        dst-address-list=!openixp layer7-protocol="Extension \" .mp2 \"" \
        protocol=tcp
    add action=add-dst-to-address-list address-list=content_download \
        address-list-timeout=5s chain=forward comment="" disabled=no \
        dst-address-list=!openixp layer7-protocol="Extension \" .3gp \"" \
        protocol=tcp
    add action=add-dst-to-address-list address-list=content_download \
        address-list-timeout=5s chain=forward comment="" disabled=no \
        dst-address-list=!openixp layer7-protocol="Extension \" .mov \"" \
        protocol=tcp
    add action=drop chain=input comment="Drop Semua Akses yang tidak di ijinkan" \
        disabled=yes in-interface=INTERNET
    FIREWALL MANGLE
    BERDASAR PORT GAME
    Code:
    /ip firewall mangle
    add action=mark-connection chain=prerouting comment="Cross Fire UDP" \
        disabled=yes dst-address-list=nice dst-port=12020-12080,13000-13080 \
        new-connection-mark=game-online-indonesia passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment="War Rock" disabled=yes \
        dst-address-list=nice dst-port=5340-5352 new-connection-mark=\
        game-online-indonesia passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="Fast Black" disabled=yes \
        dst-address-list=nice dst-port=6000-6001 new-connection-mark=\
        game-online-indonesia passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="Rose Online" disabled=\
        yes dst-address-list=nice dst-port=29200 new-connection-mark=\
        game-online-indonesia passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="Crazy Kart 2" disabled=\
        yes dst-address-list=nice dst-port=9600 new-connection-mark=\
        game-online-indonesia passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="Return of Warrior" \
        disabled=yes dst-address-list=nice dst-port=10402 new-connection-mark=\
        game-online-indonesia passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="Luna Online" disabled=\
        yes dst-address-list=nice dst-port=15000-15002 new-connection-mark=\
        game-online-indonesia passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="Runes of Magic" \
        disabled=yes dst-address-list=nice dst-port=16400-16502 \
        new-connection-mark=game-online-indonesia passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="Fresh Ragnarok PS" \
        disabled=yes dst-address-list=nice dst-port=5171 new-connection-mark=\
        game-online-indonesia passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=Atlantica disabled=yes \
        dst-port=4300 new-connection-mark=game-online-indonesia passthrough=yes \
        protocol=tcp
    add action=mark-connection chain=prerouting comment="ECO Online" disabled=yes \
        dst-address-list=nice dst-port=12011,12110 new-connection-mark=\
        game-online-indonesia passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="Cabal Indonesia" \
        disabled=yes dst-address-list=nice dst-port=15000-15002 \
        new-connection-mark=game-online-indonesia passthrough=yes protocol=tcp
    add action=mark-packet chain=prerouting comment="ALL GAMESS" connection-mark=\
        game-online-indonesia disabled=yes new-packet-mark=Game passthrough=no
    KONEKSI IIX SELAEN PORT GAME/LIMIT PER PC IIX(GAME2 BARU DAN LIMIT STREMING)
    Code:
    /ip firewall mangle
    add action=mark-connection chain=prerouting comment=\
        "##############limited pc" connection-mark=!game-online-indonesia \
        disabled=no dst-address-list=openixp new-connection-mark=pc1 passthrough=\
        yes src-address=192.168.100.101
    add action=mark-packet chain=prerouting comment="" connection-mark=pc1 \
        disabled=no in-interface=Local new-packet-mark=up-pc1 passthrough=no \
        src-address=192.168.100.101
    add action=mark-packet chain=prerouting comment="" connection-mark=pc1 \
        disabled=no new-packet-mark=pc1 passthrough=no
    --------------------------------------------------------
    /ip firewall mangle
    add action=mark-connection chain=prerouting comment=\
        "##############limited pc" connection-mark=!game-online-indonesia \
        disabled=no dst-address-list=openixp new-connection-mark=pc2 passthrough=\
        yes src-address=192.168.100.102
    add action=mark-packet chain=prerouting comment="" connection-mark=pc2 \
        disabled=no in-interface=Local new-packet-mark=up-pc1 passthrough=no \
        src-address=192.168.100.102
    add action=mark-packet chain=prerouting comment="" connection-mark=pc2 \
        disabled=no new-packet-mark=pc2 passthrough=no
    Code:
    /ip firewall mangle
    add action=mark-connection chain=prerouting comment=Content_download disabled=no dst-address-list=content_download new-connection-mark=\
        Bw_Download passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="" connection-bytes=262146-4294967295 disabled=no dst-address-list=!NICE new-connection-mark=\
        Bw_Download passthrough=yes protocol=!icmp
    add action=mark-packet chain=prerouting comment="" connection-mark=Bw_Download disabled=no dst-address-list=!bypass new-packet-mark=Paket_Download \
        passthrough=no
    content Layer7
    Code:
    /ip firewall layer7-protocol
    add comment="" name="Extension \" .exe \"" regexp="\\.(exe)"
    add comment="" name="Extension \" .rar \"" regexp="\\.(rar)"
    add comment="" name="Extension \" .zip \"" regexp="\\.(zip)"
    add comment="" name="Extension \" .7z \"" regexp="\\.(7z)"
    add comment="" name="Extension \" .cab \"" regexp="\\.(cab)"
    add comment="" name="Extension \" .asf \"" regexp="\\.(asf)"
    add comment="" name="Extension \" .mov \"" regexp="\\.(mov)"
    add comment="" name="Extension \" .wmv \"" regexp="\\.(wmv)"
    add comment="" name="Extension \" .mpg \"" regexp="\\.(mpg)"
    add comment="" name="Extension \" .mpeg \"" regexp="\\.(mpeg)"
    add comment="" name="Extension \" .mkv \"" regexp="\\.(mkv)"
    add comment="" name="Extension \" .avi \"" regexp="\\.(avi)"
    add comment="" name="Extension \" .flv \"" regexp="\\.(flv)"
    add comment="" name="Extension \" .pdf \"" regexp="\\.(pdf)"
    add comment="" name="Extension \" .wav \"" regexp="\\.(wav)"
    add comment="" name="Extension \" .rm \"" regexp="\\.(rm)"
    add comment="" name="Extension \" .mp3 \"" regexp="\\.(mp3)"
    yang menjadi pertanyaan,
    1. di buat web proxy bawaan pc mikrotik kenapa semua mangle ga ke limited ya?
    pengen nya si international aj yang di bantu ma web proxy nya. tolong kk
    Code:
    add action=redirect chain=dstnat comment="web proxy" disabled=yes \
        dst-address-list=!openixp dst-port=80,8080,3128 in-interface=Local protocol=tcp \
        to-ports=3128
    2. limit international browsing masih sering lost gara user buka bokep streaming yasmine.com padahal kan uda ada .flv pake layer7

    mohon bantuan nya kk smua. thx

  2. #2
    Status
    Online
    dhopack's Avatar
    Forum Guru
    Join Date
    Dec 2010
    Location
    KUDUS
    Posts
    1,919
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    kalau boleh tahu memakai ROS versi berapa?
    untuk kasus diatas mungkin bisa menggunakan tutnya om reges
    untuk L7 mungkin bisa menggunakan ini,
    /ip firewall layer7-protocol
    add comment="" name=kontens regexp="^.*get.+\\.(exe|rar|zip|7z|cab|asf|mov|wmv \
    |mpg|mpeg|mkv|avi|flv|pdf|wav|rm|mp3|mp4|ram|rmvb| dat|daa|iso|nrg|bin|vcd|\
    mp2|3gp|mpe|qt|raw|wma|ogg|doc|deb|tar|bzip|gzip|g zip2|0[0-9][0-9]).*\$"
    /ip firewall mangle
    add action=mark-packet chain=forward comment=Kontens disabled=no \
    layer7-protocol=kontens new-packet-mark=kontens passthrough=no protocol=tcp
    sumber
    CMIIW

  3. #3
    Status
    Offline
    g00db0y's Avatar
    Baru Gabung
    Join Date
    Jan 2012
    Posts
    6
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    versi 3.3.
    /ip firewall layer7-protocol
    add comment="" name=kontens regexp="^.*get.+\\.(exe|rar|zip|7z|cab|asf|mov|wmv \
    |mpg|mpeg|mkv|avi|flv|pdf|wav|rm|mp3|mp4|ram|rmvb| dat|daa|iso|nrg|bin|vcd|\
    mp2|3gp|mpe|qt|raw|wma|ogg|doc|deb|tar|bzip|gzip|g zip2|0[0-9][0-9]).*\$"
    sama
    /ip firewall layer7-protocol
    add comment="" name="Extension \" .exe \"" regexp="\\.(exe)"
    pengertiannya sama aj ky na ya, harusnya sama donk ya.
    tp ta coba dulu d. thx

    ---------- Post added at 11:01 ---------- Previous post was at 10:26 ----------

    Gagal memisahkan IIX dan Internasional dengan connection bytes + PROXY external
    waduh pake routing2 segala ya, help donk kasi contoh nya mas. thx.
    btw kl pake internal proxy bisa jg kah?apa harus pake squid??

  4. #4
    Status
    Online
    dhopack's Avatar
    Forum Guru
    Join Date
    Dec 2010
    Location
    KUDUS
    Posts
    1,919
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    L7 tersebut tidak memakai filter tapi langsng ditangkap di mangle, kalau memakai RB cpu load nya melonjak lonjak, cpu load yang tinggi bisa menyebabkan RB nya restart/hang,
    Last edited by dhopack; 30-01-2012 at 12:07.

  5. #5
    Status
    Offline
    iamspa's Avatar
    Member Super Senior
    Join Date
    Jan 2010
    Location
    MEDAN DONK AH....
    Posts
    685
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by dhopack Click here to enlarge
    L7 tersebut tidak memakai filter tapi langsng ditangkap di mangle, kalau memakai RB cpu load nya melonjak lonjak, cpu load yang tinggi bisa menyebabkan RB nya restart/hang,
    makanya....
    gunakan lah PC ROUTER.....
    aman dan terjaga kualitas......
    cintailah produk indonesia......

  6. #6
    Status
    Online
    dhopack's Avatar
    Forum Guru
    Join Date
    Dec 2010
    Location
    KUDUS
    Posts
    1,919
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    itu kalau yang sudah terlanjur beli RB(seperti saya), pengen punya PC buat router tp listrik dirumah msh belum kuat hehehehe
    Last edited by dhopack; 30-01-2012 at 12:13.

  7. #7
    Status
    Offline
    iamspa's Avatar
    Member Super Senior
    Join Date
    Jan 2010
    Location
    MEDAN DONK AH....
    Posts
    685
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by dhopack Click here to enlarge
    itu kalau yang sudah terlanjur beli RB(seperti saya), pengen punya PC buat router tp listrik dirumah msh belum kuat hehehehe
    waduh gan.....
    listrik buat pc router gak besar gan.....
    gak pake vga gak pake cdrom gak pake monitor gak pake apalagi yah....
    kecil kok.....
    gak nya besar....
    jangan donk disamain ama pc buat gaming.....
    ya gak tahan donk listrik nya.........

  8. #8
    Status
    Online
    dhopack's Avatar
    Forum Guru
    Join Date
    Dec 2010
    Location
    KUDUS
    Posts
    1,919
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    iya sih, smpe sekarang kalau ngidupin PC aja msh "njeglek" maklum listrik masih 450, jadi kudu sabar dan semangat cari pelanggan sebanyaknya dan upgrade listrik lalu upgrade PCrouter, hehehehe

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 51
    Last Post: 19-06-2013, 04:15
  2. [ASK] pentingkah mangle routing static untuk game online 1 line internet
    By joko_kuno in forum General Networking
    Replies: 5
    Last Post: 03-12-2011, 19:15
  3. masalah setting mangle untuk game online
    By kuromokuro in forum Scripting @ Mikrotik
    Replies: 13
    Last Post: 06-07-2011, 14:35

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •