Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
  1. #1
    Status
    Offline
    donipermono1982's Avatar
    Moderator
    Join Date
    Feb 2008
    Location
    Jakarta Selatan
    Posts
    2,809
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    [tutorial]konfigurasi mikrotik dengan winbox Update

    Assalamualaikum Wr.WB dan salam sejahtera bagi non muslim

    saya ingin mencoba membuat tutz dengan winbox untuk kalangan newbie yang masih bingung dengan script yang ada di tutz, kadang ngga semua yang ada di tutz bisa di mengerti newbie ( termasuk saya ) oleh karena itu saya buat konfigurasi winbox ini dengan tujuan membantu sesama newbie dengan tidak mengesampingkan tujuan belajar itu sendiri. mungkin dengan basic seperti ini akan memudahkan untuk memahami mikrotik itu sendiri

    BAB 1 Blok FTP scan dengan Winbox ( di ambil dari tutz nya bung[a] di bagian tutorial

    jangan lupa berdoa sebelum di mulai

    let's begin

    Melindungi FTP scan dengan winbox



    Click here to enlarge


    buka Winbox klik IP > Firewall


    Click here to enlarge

    masuk Tab > general

    klik menu drop down yang di beri tombol merah angka 1 , 2 , 3 kecuali dst Port di ketik manual “21” untuk In interface “INTERNET” < ini yang mengarah ke public (namanya bias bermacam2 tergantung winbox masing2”


    Click here to enlarge

    klik Tab > advance

    src.address.list di isi : ftp_blacklist


    Click here to enlarge

    klik tab > action

    klik drop down yang di beri tanda merah dan pilih drop

    klik tombol comment “ Filtering trafik 21 “

    jangan lupa setiap perubahan klik tombol Apply dan OK









    2.


    Click here to enlarge

    klik tab> general

    klik yang di beri tombol merah


    Click here to enlarge

    klik tab > advance

    klik content dan ketik “ 530 login incorrect “

    Click here to enlarge

    klik tab > extra

    isi sesuai dengan yang ada pada gambar

    Click here to enlarge


    klik tab > action

    pilih sesuai yang ada di gambar

    klik tombol comment “ menerima 10 kesalahan login per/minute “

    jangan lupa klik Aplly dan OK pada setiap perubahan



    3

    Click here to enlarge

    klik tab > general

    pilih sesuai yang ada di gambar

    Click here to enlarge

    klik tab > advance

    ketik “530 login failed”


    Click here to enlarge

    klik tab > action

    pilih dan sesuaikan dengan yang ada di gambar

    klik tombol comment “ menambahkan daftar blacklist ip address “

    jangan lupa klik tombol apply dan OK



    Hasil print dari settingan yang telah di buat

    Klik > new terminal di winbox

    Ketik : ip firewall

    Ip firewall> filter print


    1 ;;; Filtering Trafik 21
    chain=input action=drop src-address-list=ftp_blacklist in-interface=INTERNET dst-port=21 protocol=tcp

    2 ;;; Menerima 10 kesalahan login per/minute
    chain=output action=accept protocol=tcp content=530 Login incorrect dst-limit=1/1m,9,dst-address/1m

    3 ;;; menambahkan daftar black List IP address
    chain=output action=add-dst-to-address-list address-list=ftp_blacklist address-list-timeout=3h protocol=tcp content=530 Login Failed



    hasilnya akan seperti gambar di bawah ini.

    Click here to enlarge


    untuk melihat daftar ip address yang terdeteksi

    Click here to enlarge

    . selamat mencoba

    Ora et Labora

    go go go go
    Last edited by donipermono1982; 19-06-2008 at 10:48.

  2. The Following 12 Users Say Thank You to donipermono1982 For This Useful Post:

    + Show/Hide list of the thanked


  3. #2
    Status
    Offline
    princenux's Avatar
    Member
    Join Date
    Aug 2007
    Posts
    264
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    tutz yg bagus... Click here to enlarge
    tapi gambarnya di blur2.. jadi inget miyabi...

  4. #3
    Status
    Offline
    donipermono1982's Avatar
    Moderator
    Join Date
    Feb 2008
    Location
    Jakarta Selatan
    Posts
    2,809
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by princenux Click here to enlarge
    tutz yg bagus... Click here to enlarge
    tapi gambarnya di blur2.. jadi inget miyabi...
    ni anak kalo ke xxx ngeprosesClick here to enlarge nya kaya intel quadcore aja

    nyampe aja ke situ mikirnya....Click here to enlarge







    iya juga sih

  5. #4
    Status
    Offline
    darusatrio's Avatar
    Newbie
    Join Date
    May 2008
    Posts
    33
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Mantaab... wah baru nglihat.... Click here to enlarge Click here to enlarge

    terimakasih banyak....

  6. #5
    Status
    Offline
    mossy's Avatar
    Member
    Join Date
    Apr 2008
    Location
    Jakarta, Cikarang
    Posts
    247
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    mantab seh kk...Click here to enlarge
    tapi knp gk posting dibagian Tutorial ajaClick here to enlarge
    oops sorry...Click here to enlarge

  7. #6
    Status
    Offline
    donipermono1982's Avatar
    Moderator
    Join Date
    Feb 2008
    Location
    Jakarta Selatan
    Posts
    2,809
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by mossy Click here to enlarge
    mantab seh kk...Click here to enlarge
    tapi knp gk posting dibagian Tutorial ajaClick here to enlarge
    oops sorry...Click here to enlarge
    y semua di serahkan ke sisi admin... saya di sini cuma sebagai hamba yang memberikan secara sukarela.. Click here to enlarge

  8. #7
    Status
    Offline
    ricokotzen's Avatar
    Baru Gabung
    Join Date
    Jan 2010
    Posts
    11
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Thumbs up mas doni memang mantap......!!!!!!!!!!!

    makasih banyak mas doni.....

  9. #8
    Status
    Offline
    donipermono1982's Avatar
    Moderator
    Join Date
    Feb 2008
    Location
    Jakarta Selatan
    Posts
    2,809
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    lahhh, baru liat ini thread....gw kira thread gw yg lama, ternyata dah di pisah sama momod ... Click here to enlarge thanks Click here to enlarge


    karena di judul ada kata update, gw update juga dah..thread nya .. gw buat cara blok p2p memakai firewall,layer7,dan queue tree. yg pasti winbox juga...semoga berkenan.
    Last edited by donipermono1982; 25-01-2010 at 13:09.

  10. #9
    Status
    Offline
    Skyper's Avatar
    Newbie
    Join Date
    May 2009
    Posts
    68
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    good...............Click here to enlarge

  11. #10
    Status
    Offline
    bocor's Avatar
    Member
    Join Date
    Nov 2009
    Location
    ^_* medan cyberpolitan ^_*
    Posts
    198
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    keren om doni,,

    Click here to enlarge

  12. #11
    Status
    Offline
    donipermono1982's Avatar
    Moderator
    Join Date
    Feb 2008
    Location
    Jakarta Selatan
    Posts
    2,809
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    oke.sesuai janji gw . di sini gw coba pake screenshoot untuk melimit p2p. semoga dapat membantu yg sedang membutuhkan. Cekidot....


    1. Buat layer 7

    masukkan aplikasi p2p yg akan di blok

    coba lihat scriptnya di sini



    jadinya akan seperti ini

    Click here to enlarge

    2. Mangle

    chain=prerouting action=mark-packet new-packet-mark=100bao-p2p_In
    passthrough=yes layer7-protocol=100BAO in-interface=Telkom

    chain=postrouting action=mark-packet new-packet-mark=100bao-p2p_Out
    passthrough=yes layer7-protocol=100BAO out-interface=Telkom

    buat 2 untuk setiap aplikasi p2p

    hasilnya akan seperti ini

    Click here to enlarge

    3. Filter

    chain=forward action=drop layer7-protocol=Kugoo

    buat satu untuk masing2 p2p yg sudah terdaftar di layer7

    hasilnya

    Click here to enlarge

    Blok port p2p

    scriptnya

    ;;; Drop p2p
    chain=forward action=drop p2p=all-p2p

    220 chain=forward action=drop protocol=tcp dst-port=6346-6348

    221 chain=forward action=drop protocol=tcp dst-port=41170

    222 chain=forward action=drop protocol=tcp dst-port=28864-28865

    223 chain=forward action=drop protocol=tcp dst-port=8888-8889

    224 chain=forward action=drop protocol=tcp dst-port=8311

    225 chain=forward action=drop protocol=tcp dst-port=7668

    226 chain=forward action=drop protocol=tcp dst-port=6881-6889

    227 chain=forward action=drop protocol=tcp dst-port=6969

    228 chain=forward action=drop protocol=tcp dst-port=5500-5503

    229 chain=forward action=drop protocol=tcp dst-port=4762

    230 chain=forward action=drop protocol=tcp dst-port=4661-4665

    hasilnya

    Click here to enlarge

    4. Limit p2p

    ;;; Limit p2p connection
    chain=p2p action=drop packet-mark=p2p-MP

    238 chain=p2p action=drop p2p=all-p2p

    239 chain=forward action=jump jump-target=p2p

    240 chain=output action=jump jump-target=p2p

    241 chain=input action=jump jump-target=p2p

    Click here to enlarge

    5.Queue tree

    buat 2 script untuk setiap 1 aplikasi p2p


    name="Kugoo-in" parent=p2p-In packet-mark=kugoo-p2p_In limit-at=0 queue=default
    priority=2 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s

    name="Kugoo2-out" parent=p2p-Out packet-mark=Kugoo-p2p_Out limit-at=0
    queue=default priority=2 max-limit=0 burst-limit=0 burst-threshold=0
    burst-time=0s


    Click here to enlarge

    Click here to enlarge

    Sampai di sini selesai tutorial yg gw buat. mohon review nya kalau udah berhasil atau gagal sekalipun.masukan anda sangat berarti. Click here to enlarge

    Tested hardware Router :

    OS Router 3.23 X86 Lisensi
    Asus P5GD1-VM
    Vgen DDR1 1 Gb PC 3200
    Intel 2.8 Ghz HT
    Seagate 40 Gb Sata
    PSU Acbel I Power 510
    Realtek Fast ethernet
    Dlink Fast Ethernet

    dont try this at rb !!

    cendol nya jangan lupeee Click here to enlarge Click here to enlarge Click here to enlarge

  13. The Following 5 Users Say Thank You to donipermono1982 For This Useful Post:


  14. #12
    Status
    Offline
    TESSACELL.NET's Avatar
    Member
    Join Date
    Dec 2009
    Posts
    142
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    makasih om doni atas tutorial yang 1

    sekali lagi trims
    Last edited by TESSACELL.NET; 27-01-2010 at 03:35.

  15. #13
    Status
    Offline
    panji's Avatar
    VIP Member
    Join Date
    Jul 2008
    Posts
    966
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Tut yang mantap bos, layer7 buat blok idm dah ketemu belum bos, hehhehehe, adanya cuma dap aja nich.....Click here to enlarge

  16. #14
    Status
    Offline
    labosanet's Avatar
    Newbie
    Join Date
    Dec 2009
    Location
    jakarta, Indonesia
    Posts
    33
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge...ini die nii yang gw cari...Click here to enlarge

  17. #15
    Status
    Offline
    donipermono1982's Avatar
    Moderator
    Join Date
    Feb 2008
    Location
    Jakarta Selatan
    Posts
    2,809
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by TESSACELL.NET Click here to enlarge
    makasih om doni atas tutorial yang 1

    selama ini hanya pake ip binding.

    sekali lagi trims
    Itulah gunanya forum bro Click here to enlarge

    Click here to enlarge Originally Posted by panji Click here to enlarge
    Tut yang mantap bos, layer7 buat blok idm dah ketemu belum bos, hehhehehe, adanya cuma dap aja nich.....Click here to enlarge
    gw ga pake layer7 untuk idm ga tembus2 bos kaya charm Click here to enlarge

    Click here to enlarge Originally Posted by labosanet Click here to enlarge
    Click here to enlarge...ini die nii yang gw cari...Click here to enlarge
    sapa banggg....Click here to enlarge

 

 
Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Mikrotik Load Balancing - Winbox version
    By princenux in forum Tutorial
    Replies: 89
    Last Post: 16-05-2014, 10:14
  2. Replies: 24
    Last Post: 10-03-2011, 17:36
  3. winbox log in dengan mac scan always disconnect
    By agus.santosa in forum Beginner Basics
    Replies: 4
    Last Post: 27-08-2009, 16:02
  4. Replies: 14
    Last Post: 18-08-2008, 13:16
  5. [ASK] TUTORIAL mikrotik versi winbox pliisss....
    By shincan^_^ in forum Beginner Basics
    Replies: 14
    Last Post: 11-12-2007, 21:31

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •