Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 11 of 11
  1. #1
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,696
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0

    capioverlan <--apakah itu??

    sesuai judul.. ada yang bisa jelaskan ga?
    ane baru dapat masalah ini setelah bertambah seorang client yang agak misterius..
    udah beberapa hari kejadian.. membuat ane selalu merombak mangle,Click here to enlarge
    ni kalo lagi download tuh menembus traffic shaping..
    dst-portnya tetap port 80 tapi dibantu dengan membuka port udp 11447 yang ane cari tahu adalah port capioverlan.. semacam web tools untuk memeriksa firewall di jaringan..
    tapi tidak selalu.. kadang aja, penampakannya seperti ini
    Click here to enlarge
    pernah ane dapati membuka dst-port secara random (TCP) bukan port 80 yang setelah di torch, per koneksi sebesar 30 kbps.. parallel sebanyak 20-40 koneksiClick here to enlarge

    FYI
    sistem trafik shaping ane= BW total dibagi 3 prioritas
    prio1 (icmp dan port game)
    prio2 (port http)
    prio8 (port lain2)
    tapi sejak clien misterius ini bergabung, trafik donlod nya kadang masuk prioritas 1 .. jadi kasian user yang lagi maen game.. nge lag..
    dan kadang packetnya seperti kalo ga kena mark, padahal user laen kena semua..

    mohon bantuan nya..
    Last edited by Anto.PJ; 07-07-2011 at 01:22.

  2. #2
    Status
    Offline
    endrixk4's Avatar
    Newbie
    Join Date
    Sep 2010
    Location
    adadeh..
    Posts
    21
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ngedownloadnya pake sopwer apa gan?
    wajib di razia tuh..Click here to enlarge

  3. #3
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,696
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0
    gak enak lah gan. tanya2 ke klien tentang urusan OS apa yang dia pakai atau software apa yang digunakan itu diluar kontrakClick here to enlarge

    yang di kontrak cuman koneksi, dengan sharing bw yang adil. kontrak sama klien yang satu terpenuhi. yang lain dilanggar.

  4. #4
    Status
    Offline
    c0nf's Avatar
    Contributor
    Join Date
    Jul 2007
    Location
    Bandung, Indonesia
    Posts
    1,816
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    kalo ngga salah inget, dulu ada situs download yang ngga menggunakan port2 yang normal. Cuman lupa web nya apa.

  5. #5
    Status
    Offline
    wandie's Avatar
    Member Super Senior
    Join Date
    Apr 2010
    Location
    banjarmasin,surabaya
    Posts
    621
    Reviews
    Read 0 Reviews
    Downloads
    5
    Uploads
    0
    Feedback Score
    0
    om anto coba shap pake l7 pilter aja ada di situs klir os Click here to enlarge ... ntu kek nya pernah tw .. sejenis p2p deh Click here to enlarge
    Last edited by wandie; 07-07-2011 at 09:58.

  6. #6
    Status
    Offline
    xeon's Avatar
    Verified Account - Partner
    Join Date
    Mar 2008
    Location
    DKI Jakarta
    Posts
    1,539
    Reviews
    Read 0 Reviews
    Downloads
    3
    Uploads
    0
    Feedback Score
    2 (100%)
    Click here to enlarge Originally Posted by Anto.PJ Click here to enlarge
    ni kalo lagi download tuh menembus traffic shaping..
    Ini nih yang selalu saya bingung, kok bisa ya, bandwidth managernya ditembus?

    Saya selama ini ngeset sih, mau download pake apapun, pasti kena kelimit.

    Kalau saran saya, coba aja diberesin urusan mangle dan queuenya.

  7. #7
    Status
    Offline
    c0nf's Avatar
    Contributor
    Join Date
    Jul 2007
    Location
    Bandung, Indonesia
    Posts
    1,816
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    atau kalau mau coba2, bisa aja sih langsung di blok. Biar nanti si client nya nelpon, di situ baru ditanya dia donlot nya pake software apa atau ke situs apa.

  8. #8
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,696
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by c0nf Click here to enlarge
    kalo ngga salah inget, dulu ada situs download yang ngga menggunakan port2 yang normal. Cuman lupa web nya apa.
    Click here to enlarge Originally Posted by c0nf
    atau kalau mau coba2, bisa aja sih langsung di blok. Biar nanti si client nya nelpon, di situ baru ditanya dia donlot nya pake software apa atau ke situs apa.
    ntu client beraksi lagi hari ini.. bingung gan, yang saya mau blok apanya??
    soalnya yang dia request cuma ke alamat biasa.. macam situs2 download yang sering kita gunakan..
    cuman yang lewat udp 11447 ini..
    84.107.72.75 > amsterdam QUICKNET.NL
    77.23.131.76 > jerman SUPERKABEL.DE
    77.78.204.21 > bosnia GLOBALCO.NET
    83.149.241.117 > russia irland.ru
    94.129.140.153, 94.129.193.176 94.129.164.250 > kuwait
    94.137.223.160 > russia irknet.ru
    94.178.67.32 > ukrainia UKRTEL.NET
    dst....
    ngapain ya?? penasaran saya.. sopwernya apaan gitu..
    om anto coba shap pake l7 pilter aja ada di situs klir os ... ntu kek nya pernah tw .. sejenis p2p deh
    semua opsi p2p, ftp, torrent, dan lain2 udah saya pake.. kalo saya pribadi download ke hp.com lewat ftp pasti kena razia.. download pake torrent juga
    dapat.. huft.. tapi tetap aj dia lolos..
    Ini nih yang selalu saya bingung, kok bisa ya, bandwidth managernya ditembus?
    Saya selama ini ngeset sih, mau download pake apapun, pasti kena kelimit.
    Kalau saran saya, coba aja diberesin urusan mangle dan queuenya.
    mungkin memang ada masalah di mangle ane
    sebagai contoh:
    Code:
    ;;; Upload
    chain=postrouting action=mark-connection new-connection-mark=upprior passthrough=yes 
    protocol=icmp out-interface=schatz-inet 
    
    chain=postrouting action=mark-connection new-connection-mark=upprior passthrough=yes 
    protocol=udp out-interface=schatz-inet dst-port=53 
    
    chain=postrouting action=mark-connection new-connection-mark=upprior passthrough=yes 
    protocol=tcp dst-address-list=game_list out-interface=schatz-inet dst-port=39100-39200 
    
    chain=postrouting action=mark-connection new-connection-mark=upprior passthrough=yes 
    protocol=tcp dst-address-list=game_list out-interface=schatz-inet dst-port=49100 
    
    chain=postrouting action=mark-connection new-connection-mark=upprior passthrough=yes 
    protocol=udp dst-address-list=game_list out-interface=schatz-inet dst-port=40000-40009 
    
    chain=postrouting action=mark-packet new-packet-mark=upprior passthrough=no 
    out-interface=schatz-inet connection-mark=upprior 
    
    chain=postrouting action=mark-connection new-connection-mark=upIIX passthrough=yes 
    dst-address-list=nice out-interface=schatz-inet dst-port=80
    
    chain=postrouting action=mark-packet new-packet-mark=IIXup passthrough=no 
    out-interface=schatz-inet dst-port=80 connection-mark=upIIX 
    
    chain=postrouting action=mark-packet new-packet-mark=IXup passthrough=no 
    out-interface=schatz-inet dst-port=80 connection-mark=!upIIX 
    
    chain=postrouting action=mark-connection new-connection-mark=lastup passthrough=yes 
    out-interface=schatz-inet
    
    chain=postrouting action=mark-packet new-packet-mark=lastup passthrough=no 
    out-interface=schatz-inet connection-mark=lastup 
    
    ;;; download
    chain=prerouting action=mark-connection new-connection-mark=firstprior passthrough=yes 
    protocol=icmp in-interface=schatz-inet  
    
    chain=prerouting action=mark-connection new-connection-mark=firstprior passthrough=yes 
    protocol=udp in-interface=schatz-inet src-port=53 
    
    chain=prerouting action=mark-connection new-connection-mark=firstprior passthrough=yes 
    protocol=tcp src-address-list=game_list in-interface=schatz-inet src-port=39100-39200 
    
    chain=prerouting action=mark-connection new-connection-mark=firstprior passthrough=yes 
    protocol=tcp src-address-list=game_list in-interface=schatz-inet src-port=49100 
    
    chain=prerouting action=mark-connection new-connection-mark=firstprior passthrough=yes 
    protocol=udp src-address-list=game_list in-interface=schatz-inet src-port=40000-40009 
    
    chain=prerouting action=mark-packet new-packet-mark=firstprior passthrough=no 
    in-interface=schatz-inet connection-mark=firstprior 
    
    chain=prerouting action=mark-connection new-connection-mark=IIX passthrough=yes 
    src-address-list=nice src-port=80 in-interface=schatz-inet 
    
    chain=prerouting action=mark-packet src-port=80 new-packet-mark=IIX passthrough=no in-interface=schatz-inet
    connection-mark=IIX 
    
    chain=prerouting action=mark-packet src-port=80 new-packet-mark=IX passthrough=no in-interface=schatz-inet 
    connection-mark=!IIX 
    
    chain=prerouting action=mark-connection new-connection-mark=lastprior passthrough=yes 
    in-interface=schatz-inet
    
    chain=prerouting action=mark-packet new-packet-mark=lastprior passthrough=no in-interface=schatz-inet 
    connection-mark=lastprior
    terakhir ntu kan seharusnya melakukan marking connection + packet selain port 80 dan port prioritas, supaya bisa di bereskan di queue dengan prioritas terakhir.. tapi dari client misterius ini banyak yang ga kena mark loh bos agan..
    padahal kan ane udah limit downstream untuk browsing 640 kbps dan untuk keperluan trafik game dan icmp 256 kbps ,
    sisanya 128kbps untuk prioritas terakhir di parent dengan browsing dengan max limit parent 800 kbps (HTB)
    tapi client ini sanggup mengambil semuanya.. walau udah dilimit di queue tree tetap aja dia bisa lolos . sampe bw yang 1mbps di ambil semua.. (walau ga ada yang lagi main game..)
    sepuluh jempol deh buat klien ini..Click here to enlarge
    Last edited by Anto.PJ; 07-07-2011 at 17:05.

  9. #9
    Status
    Offline
    c0nf's Avatar
    Contributor
    Join Date
    Jul 2007
    Location
    Bandung, Indonesia
    Posts
    1,816
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    saya sih curiga nya antara torrent atau virus/trojan dkk. coba aja di blok port nya bro, jangan dst nya.

    atau cara lain, bikin mangle tambahan
    isinya adalah selain port 53, 39100-39200, 49100, 40000-40009, dan 80.

    soalnya kalau berdasar mangle tadi, hanya port2 itu yg ditangkap, tapi sisanya dilepas sama sekali. dengan kata lain, hanya port2 tsb yg dilimit, sisanya dilepas. jangan lupa tcp udp nya juga diawasin ya. yaa memang begitulah kalo pake queue tree, lbh ter manage, tapi pas bikinnya emang harus ribet Click here to enlarge

    oiya, port 11447 secara resmi nya blm dipakai. jadi masih bisa dipakai oleh program apapun.

  10. The Following User Says Thank You to c0nf For This Useful Post:


  11. #10
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,696
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0

    Thumbs up

    Case solved

  12. #11
    Status
    Offline
    yosanpro's Avatar
    Co-Admin
    Join Date
    Nov 2007
    Location
    Bantul, Bantul, Yogyakarta
    Posts
    2,548
    Reviews
    Read 0 Reviews
    Downloads
    11
    Uploads
    4
    Feedback Score
    1 (100%)
    Click here to enlarge Originally Posted by Anto.PJ Click here to enlarge
    Case solved
    Nggak di share bro? solved nya gimana?
    A person's junk is another person's treasure.

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Apakah ini bug V4.10???
    By Spring in forum General Networking
    Replies: 8
    Last Post: 04-09-2010, 06:21
  2. apakah ini bug di MT 3.20
    By Chendl Astro in forum Beginner Basics
    Replies: 2
    Last Post: 22-12-2009, 13:51
  3. apakah ini normal ?
    By wie_chang81 in forum Wireless Networking
    Replies: 4
    Last Post: 10-11-2009, 15:00
  4. Apakah Ini Interference?????
    By jacky10 in forum Wireless Networking
    Replies: 25
    Last Post: 01-11-2008, 07:39
  5. (ask) apakah ini bugs di v3.13 ????
    By sum14rdi in forum General Networking
    Replies: 6
    Last Post: 20-09-2008, 09:27

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •