Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 5 of 5
  1. #1
    Status
    Offline
    notepad's Avatar
    Baru Gabung
    Join Date
    Aug 2012
    Posts
    2
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    merubah simple queue menjadi queue tree

    permisi..

    mohon bantuannya om merubah script dibawah ini menjadi queue tree,

    gmn ya? bingung.. maklum newbie

    /queue simple


    add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment="" \
    direction=both disabled=no dst-address=0.0.0.0/0 interface=all limit-at=\
    0/0 max-limit=0/1536k name=squid parent=none priority=8 queue=\
    default/default target-addresses=192.168.8.88/32 total-queue=\
    default-small


    add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment="" \
    direction=both disabled=no dst-address=192.168.8.88/32 interface=all \
    limit-at=0/0 max-limit=0/0 name="menuju squid" parent=none priority=8 \
    queue=default/default target-addresses=192.168.8.0/24 total-queue=\
    default-small


    add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment="" \
    direction=both disabled=no dst-address=0.0.0.0/0 interface=all limit-at=\
    0/0 max-limit=32k/32k name=blok parent=none priority=8 queue=\
    default/default target-addresses=192.168.8.0/24 total-queue=\
    default-small
    topologi jaringan

    client: 192.168.8.1 dst..

    proxy: 192.168.8.88

    oiya, ini pake proxy sejajar client, gmn ya bro?


    terima kasih sebelumnya

  2. #2
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,383
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by notepad Click here to enlarge
    queue simple
    add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment="" \
    direction=both disabled=no dst-address=0.0.0.0/0 interface=all limit-at=\
    0/0 max-limit=0/1536k name=squid parent=none priority=8 queue=\
    default/default target-addresses=192.168.8.88/32 total-queue=\
    default-small
    ini rule umum queue simple, dengan single target address.. limit tx = unlimited dan rx = 1536k
    sayangnya anda tidak mendefenisikan interfacenya..
    coba ini

    -mark koneksi 1 subnet, untuk mempermudah connection-tracking (untuk static routing jg berguna)
    Code:
    ip firewall mangle
    add action=mark-connection chain=prerouting src-address=192.168.8.88 \
    new-connection-mark=proxy
    add action=mark-connection chain=prerouting src-address=192.168.8.0/24 \
    new-connection-mark=local
    sy memarking koneksi demikian karena proxy & local adalah 1 subnet, karena chainnya sama, tidak akan terjadi double marking..

    -marking paket download upload & download proxy, sy asumsikan proxy ini ipnya 192.168.8.88
    Code:
    ip firewall mangle
    add action=mark-packet chain=postrouting src-address=192.168.8.88 \
    connection-mark=proxy out-interface=publik new-packet-mark=up-proxy passthrough=no
    add action=mark-packet chain=prerouting dst-address=192.168.8.88 \
    connection-mark=proxy in-interface=publik new-packet-mark=down-proxy passthrough=no
    untuk queue tree, sy tambahkan rule limit upload, 384 kbps hasil dari 1536kbps : 4
    Code:
    queue tree
    add max-limit=1536000 name=down_proxy packet-mark="down-proxy" parent=global-in priority=8 \
        queue=default
    add max-limit=384000 name=up_proxy packet-mark="up-proxy" parent=global-out priority=8 \
        queue=default

    Click here to enlarge Originally Posted by notepad Click here to enlarge
    add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment="" \
    direction=both disabled=no dst-address=192.168.8.88/32 interface=all \
    limit-at=0/0 max-limit=0/0 name="menuju squid" parent=none priority=8 \
    queue=default/default target-addresses=192.168.8.0/24 total-queue=\
    default-small
    untuk rule ini, kelihatannya anda tidak melakukan apa2... :ngapain??:
    menuju-squid??
    namun karena proxy sejajar klien,.. so buatkan dulu rule tambahan
    jika transparent proxy (dengan NAT)
    Code:
    add action=mark-packet chain=prerouting connection-mark=local src-address=192.168.8.0/24 dst-port=80 new-packet-mark=menuju-squid
    jika tanpa NAT (setting di browser)
    Code:
    tidak butuh code
    kenapa dst-port=80 ?? nanti aja deh...
    limiter
    Code:
    queue tree
    add max-limit=10m name=menuju-squid packet-mark="menuju-squid" parent=global-in priority=8 \
        queue=default
    limiter per client
    Code:
    ip firewall mangle
    add action=mark-packet chain=prerouting connection-mark=local src-address=192.168.8.N/24 new-packet-mark=up-client1
    add action=mark-packet chain=postrouting connection-mark=local dst-address=192.168.8.N/24 new-packet-mark=down-client1
    Code:
    queue tree
    add max-limit=512000 name=up-client1 packet-mark="up-client1" parent=global-in priority=8 \
        queue=default
    add max-limit=128000 name=down-client1 packet-mark="down-client1" parent=global-out priority=8 \
        queue=default
    untuk rule HIT(jika hit kebetulan terlimit), tinggal tambah rule berikut, posisinya tepat berada diatas rule mangle per client
    Code:
    add action=accept chain=postrouting src-port=3128 dst-address=192.168.8.0/24 connection-mark=proxy DSCP=12
    tanpa queue tree pun, HITnya pasti loss..

    CMIIW lo.. soalnya ane jg masih nubie dalam hal mangle-me-mangle...

    trus..
    ini, sy ga ngerti maksudnya apa..
    Click here to enlarge Originally Posted by notepad Click here to enlarge
    add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment="" \
    direction=both disabled=no dst-address=0.0.0.0/0 interface=all limit-at=\
    0/0 max-limit=32k/32k name=blok parent=none priority=8 queue=\
    default/default target-addresses=192.168.8.0/24 total-queue=\
    default-small
    Last edited by Anto.PJ; 21-08-2012 at 05:29.

  3. #3
    Status
    Offline
    luluknet24's Avatar
    Member
    Join Date
    May 2012
    Posts
    144
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Nyoba kasih masukkan ya bro, ane juga pake queue tree HTB sangat efektif untuk kondisi jaringan ane, agan bisa pelajari . Untuk implementasi script mangle dan queue tree bisa search di forum ini..., atau googling.

  4. #4
    Status
    Offline
    notepad's Avatar
    Baru Gabung
    Join Date
    Aug 2012
    Posts
    2
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by Anto.PJ Click here to enlarge
    ini rule umum queue simple, dengan single target address.. limit tx = unlimited dan rx = 1536k
    sayangnya anda tidak mendefenisikan interfacenya..
    modem = ether 1
    LAN = ether3
    Click here to enlarge Originally Posted by Anto.PJ Click here to enlarge
    coba ini

    -mark koneksi 1 subnet, untuk mempermudah connection-tracking (untuk static routing jg berguna)
    Code:
    ip firewall mangle
    add action=mark-connection chain=prerouting src-address=192.168.8.88 \
    new-connection-mark=proxy
    add action=mark-connection chain=prerouting src-address=192.168.8.0/24 \
    new-connection-mark=local
    sy memarking koneksi demikian karena proxy & local adalah 1 subnet, karena chainnya sama, tidak akan terjadi double marking..
    Click here to enlarge Originally Posted by Anto.PJ Click here to enlarge
    -marking paket download upload & download proxy, sy asumsikan proxy ini ipnya 192.168.8.88
    Code:
    ip firewall mangle
    add action=mark-packet chain=postrouting src-address=192.168.8.88 \
    connection-mark=proxy out-interface=publik new-packet-mark=up-proxy passthrough=no
    add action=mark-packet chain=prerouting dst-address=192.168.8.88 \
    connection-mark=proxy in-interface=publik new-packet-mark=down-proxy passthrough=no
    mark paket nya tidak jalan om, padahal saya sudah ikuti cara2 di atas..

    untuk queue tree, sy tambahkan rule limit upload, 384 kbps hasil dari 1536kbps : 4
    Code:
    queue tree
    add max-limit=1536000 name=down_proxy packet-mark="down-proxy" parent=global-in priority=8 \
        queue=default
    add max-limit=384000 name=up_proxy packet-mark="up-proxy" parent=global-out priority=8 \
        queue=default
    [/QUOTE]
    Click here to enlarge Originally Posted by Anto.PJ Click here to enlarge
    untuk rule ini, kelihatannya anda tidak melakukan apa2... :ngapain??:
    menuju-squid??
    namun karena proxy sejajar klien,.. so buatkan dulu rule tambahan
    jika transparent proxy (dengan NAT)
    Code:
    add action=mark-packet chain=prerouting connection-mark=local src-address=192.168.8.0/24 dst-port=80 new-packet-mark=menuju-squid
    jika tanpa NAT (setting di browser)
    Code:
    tidak butuh code
    kenapa dst-port=80 ?? nanti aja deh...
    limiter
    Code:
    queue tree
    add max-limit=10m name=menuju-squid packet-mark="menuju-squid" parent=global-in priority=8 \
        queue=default
    brarti di abaiakan saja rule ini ya, soalnya nat sudah saya buat

    Click here to enlarge Originally Posted by Anto.PJ Click here to enlarge
    limiter per client
    Code:
    ip firewall mangle
    add action=mark-packet chain=prerouting connection-mark=local src-address=192.168.8.N/24 new-packet-mark=up-client1
    add action=mark-packet chain=postrouting connection-mark=local dst-address=192.168.8.N/24 new-packet-mark=down-client1
    Code:
    queue tree
    add max-limit=512000 name=up-client1 packet-mark="up-client1" parent=global-in priority=8 \
        queue=default
    add max-limit=128000 name=down-client1 packet-mark="down-client1" parent=global-out priority=8 \
        queue=default
    untuk rule HIT(jika hit kebetulan terlimit), tinggal tambah rule berikut, posisinya tepat berada diatas rule mangle per client
    Code:
    add action=accept chain=postrouting src-port=3128 dst-address=192.168.8.0/24 connection-mark=proxy DSCP=12
    tanpa queue tree pun, HITnya pasti loss..

    CMIIW lo.. soalnya ane jg masih nubie dalam hal mangle-me-mangle...

    trus..
    ini, sy ga ngerti maksudnya apa..
    saya praktekin dulu om


    Click here to enlarge Originally Posted by luluknet24 Click here to enlarge
    Nyoba kasih masukkan ya bro, ane juga pake queue tree HTB sangat efektif untuk kondisi jaringan ane, agan bisa pelajari . Untuk implementasi script mangle dan queue tree bisa search di forum ini..., atau googling.
    terima kasih atas bacaannya om
    Last edited by notepad; 21-08-2012 at 12:24.

  5. #5
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,383
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by notepad Click here to enlarge
    modem = ether 1
    LAN = ether3

    mark paket nya tidak jalan om, padahal saya sudah ikuti cara2 di atas..

    untuk queue tree, sy tambahkan rule limit upload, 384 kbps hasil dari 1536kbps : 4
    sy jg pikir gak bakalan jalan kalo out-interfacenya = ether1 (modem)

    asumsi saya, situ pakai interface pppoe(bridge modem)
    pakai interface yang itu.. (defaulnya = pppout1)

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [ASK] eksternal proxy di hotspot dengan simple queue ke queue tree
    By tommymks in forum General Networking
    Replies: 8
    Last Post: 30-04-2012, 13:00
  2. Load balancing sederhana+port game+queue tree +simple queue
    By yohanexz in forum General Networking
    Replies: 39
    Last Post: 24-02-2012, 13:34
  3. [ASK]apa bisa rule QUEUE TREE running bersamaan dgn SIMPLE QUEUE
    By andi_pettaruka in forum Beginner Basics
    Replies: 9
    Last Post: 01-11-2011, 16:45

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
ads