Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 1 of 2 12 LastLast
Results 1 to 15 of 26
  1. #1
    Status
    Offline
    Inidian's Avatar
    Baru Gabung
    Join Date
    Jun 2008
    Posts
    18
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Mikrotik Warnet (Game + Browsing) | Speedy 1 Line + Squid |

    Skema Jaringan

    Internet -- Modem -- Mikrotik -- Client
    ..............................................|
    ........................... ...............Squid


    IP Address

    192.168.1.1/24 (ether1-local) (Mikrotik)
    192.168.4.254/24 (ether3-Proxy) (Ubuntu)
    192.168.2.1/24 (ether5-Out) (Modem)
    xx.xx.xx.xx/xx (pppoe client) (Speedy) (Add Default Route)

    NAT

    Code:
    add chain=srcnat action=masquerade out-interface=ether5-Out comment="Masquerade"
    add chain=srcnat action=masquerade out-interface=Speedy 
    
    add chain=dstnat action=redirect to-ports=53 protocol=tcp in-interface=ether1-local dst-port=53 \
    comment="Transparent DNS"
    add chain=dstnat action=redirect to-ports=53 protocol=udp in-interface=ether1-local dst-port=53 
    add chain=dstnat action=redirect to-ports=53 protocol=tcp in-interface=ether3-Proxy dst-port=53 
    add chain=dstnat action=redirect to-ports=53 protocol=udp in-interface=ether3-Proxy dst-port=53 
    add chain=dstnat action=dst-nat to-addresses=192.168.4.254 to-ports=3128 protocol=tcp \ 
    src-address-list="Squid Allowed" dst-address-list=!ProxyBypass in-interface=ether1-local dst-port=80 \
    comment="Transparent Proxy"
    
    add chain=dstnat action=dst-nat to-addresses=192.168.4.254 to-ports=22 protocol=tcp in-interface=Speedy \
    dst-port=2222 comment="Redirect"
    add chain=dstnat action=dst-nat to-addresses=192.168.4.254 to-ports=80 protocol=tcp in-interface=Speedy \
    dst-port=81
    add chain=dstnat action=dst-nat to-addresses=192.168.2.1 to-ports=80 protocol=tcp in-interface=Speedy \
    dst-port=8081
    IP Address List

    Squid Allowed = 192.168.1.0/24
    ProxyBypass = 68.71.46.227 (Rohan XOR)

    Layer 7

    # NAME REGEXP
    0 Video http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(content-type: video)
    1 Cache HIT http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(x-cache: hit)

    MANGLE

    Code:
    add chain=postrouting action=mark-connection new-connection-mark=con-HIT passthrough=yes \
    protocol=tcp out-interface=ether1-local src-port=3128 dscp=12 comment="Proxy Loss"
    add chain=postrouting action=mark-connection new-connection-mark=con-HIT passthrough=yes \
    protocol=tcp layer7-protocol=Cache HIT out-interface=ether1-local src-port=3128 
    add chain=prerouting action=mark-packet new-packet-mark=HIT passthrough=no connection-mark=con-HIT 
    
    add chain=prerouting action=mark-connection new-connection-mark=con-bypass passthrough=yes \
    protocol=tcp dst-port=445,22,139,4899,554,8291 comment="Bypass"
    add chain=prerouting action=mark-connection new-connection-mark=con-bypass passthrough=yes \
    protocol=udp dst-port=53,123 
    add chain=prerouting action=mark-packet new-packet-mark=bypass passthrough=no connection-mark=con-bypass 
    
    add chain=prerouting action=jump jump-target=Warnet in-interface=ether1-local \
    connection-mark=!con-facebook comment="Warnet"
    add chain=Warnet action=mark-connection new-connection-mark=con-user passthrough=yes \
    protocol=!icmp in-interface=ether1-local connection-mark=!con-streaming 
    
    add chain=postrouting action=mark-connection new-connection-mark=con-streaming passthrough=yes \
    layer7-protocol=Video out-interface=ether1-local comment="Streaming"
    
    add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
    protocol=tcp in-interface=ether1-local dst-port=5340-5352,6000-6152,10001-10011,14009-14030,18901-18909 comment="Game"
    add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
    protocol=tcp in-interface=ether1-local dst-port=39190,27780,29000,22100,10009,4300,15001,15002,7341,7451 
    add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
    protocol=tcp in-interface=ether1-local dst-port=40000,9300,9400,9700,7342,8005-8010,37466,36567,8822 
    add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
    protocol=tcp in-interface=ether1-local dst-port=47611,16666,20000,5105,29000,18901-18909,9015 
    add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
    protocol=udp in-interface=ether1-local src-port=27005,27015 
    add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
    protocol=udp in-interface=ether1-local dst-port=27005-27020,13055,7800-7900,12060-12070 
    add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
    protocol=udp in-interface=ether1-local dst-port=8005-8010,9068,1293,1479,9401,9600,30000 
    add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
    protocol=udp in-interface=ether1-local dst-port=14009-14030,42051-42052,40000-40050,13000-13080 
    
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp in-interface=ether1-local connection-mark=!con-fb.game content=static.ak.connect.facebook.com comment="Facebook"
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp in-interface=ether1-local dst-port=80,443 connection-mark=!con-fb.game content=.twitter.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp dst-address-list=bypass in-interface=ether1-local dst-port=80,443 connection-mark=!con-fb.game content=.facebook.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp in-interface=ether1-local connection-mark=!con-fb.game content=pixel.facebook.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp in-interface=ether1-local connection-mark=!con-fb.game content=static.ak.facebook.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp in-interface=ether1-local connection-mark=!con-fb.game content=.static.ak.fbcdn.net 
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp in-interface=ether1-local connection-mark=!con-fb.game content=creative.ak.fbcdn.net 
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp in-interface=ether1-local connection-mark=!con-fb.game content=connect.facebook.net 
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp in-interface=ether1-local connection-mark=!con-fb.game content=.channel.facebook.com 
    
    addchain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local dst-port=9339,843,8890,4000,5050,7020-7030 comment="FacebookGames"
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=apps.facebook.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.ninjasaga.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.castle.zgncdn.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.static.zynga.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.static.zgncdn.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.empire.zynga.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.poker.zynga.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.castle.zynga.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.farmville.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.farmville.zgncdn.com 
    
    add chain=prerouting action=mark-packet new-packet-mark=user passthrough=no packet-mark=!HIT \
    connection-mark=con-user comment="Mark Packet"
    add chain=prerouting action=mark-packet new-packet-mark=streaming passthrough=no packet-mark=!HIT \
    connection-mark=con-streaming 
    add chain=prerouting action=mark-packet new-packet-mark=game passthrough=no packet-mark=!HIT \
    connection-mark=con-game 
    add chain=prerouting action=mark-packet new-packet-mark=facebook passthrough=no packet-mark=!HIT \
    connection-mark=con-facebook 
    add chain=prerouting action=mark-packet new-packet-mark=fb-game passthrough=no packet-mark=!HIT \
    connection-mark=con-fb.game
    
    add chain=forward action=mark-connection new-connection-mark=con-proxy passthrough=yes \
    in-interface=ether3-Proxy out-interface=Speedy comment="Proxy Inet Connection"
    add chain=prerouting action=mark-packet new-packet-mark=proxy passthrough=no connection-mark=con-proxy
    Queue

    - Queue Type

    Code:
       name="up-htb" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000 pcq-burst-rate=0 
       pcq-burst-threshold=0 pcq-burst-time=10s pcq-src-address-mask=32 pcq-dst-address-mask=32 pcq-src-address6-mask=128 
       pcq-dst-address6-mask=128 
    
       name="down-htb" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000 pcq-burst-rate=0 
       pcq-burst-threshold=0 pcq-burst-time=10s pcq-src-address-mask=32 pcq-dst-address-mask=32 pcq-src-address6-mask=128 
       pcq-dst-address6-mask=128 
    
       name="up-64k" kind=pcq pcq-rate=64k pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000 pcq-burst-rate=0 
       pcq-burst-threshold=0 pcq-burst-time=10s pcq-src-address-mask=32 pcq-dst-address-mask=32 pcq-src-address6-mask=128 
       pcq-dst-address6-mask=128 
    
       name="down-300k" kind=pcq pcq-rate=300k pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000 pcq-burst-rate=0 
       pcq-burst-threshold=0 pcq-burst-time=10s pcq-src-address-mask=32 pcq-dst-address-mask=32 pcq-src-address6-mask=128 
       pcq-dst-address6-mask=128
    - Queue Tree

    Code:
    name="Download" parent=global-out limit-at=0 priority=8 max-limit=2048k burst-limit=0 burst-threshold=0 burst-time=0s 
    
    
    name="DownUser" parent=Download limit-at=750k priority=2 max-limit=1500k burst-limit=1600k burst-threshold=750k burst-time=10s
    name="Facebook" parent=DownUser packet-mark=facebook limit-at=250k queue=down-htb priority=3 max-limit=512k burst-limit=0 burst-threshold=0 burst-time=0s name="FacebookGames" parent=DownUser packet-mark=fb-game limit-at=250k queue=down-htb priority=4 max-limit=512k burst-limit=0 burst-threshold=0 burst-time=0s name="User" parent=DownUser packet-mark=user limit-at=750k queue=down-300k priority=5 max-limit=1200k burst-limit=0 burst-threshold=0 burst-time=0s name="Streaming" parent=DownUser packet-mark=streaming limit-at=250k queue=down-htb priority=8 max-limit=512k burst-limit=0 burst-threshold=0 burst-time=0s
    name="DownGames" parent=Download packet-mark=game limit-at=512k queue=down-htb priority=1 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s
    name="Upload" parent=Speedy limit-at=0 priority=8 max-limit=512k burst-limit=0 burst-threshold=0 burst-time=0s
    name="UpUser" parent=Upload limit-at=150k priority=2 max-limit=350k burst-limit=0 burst-threshold=0 burst-time=0s
    name="UpFacebook" parent=UpUser packet-mark=facebook limit-at=75k queue=up-htb priority=3 max-limit=100k burst-limit=0 burst-threshold=0 burst-time=0s name="UpFacebookGames" parent=UpUser packet-mark=fb-game limit-at=75k queue=up-htb priority=4 max-limit=126k burst-limit=0 burst-threshold=0 burst-time=0s name="UserUp" parent=UpUser packet-mark=user limit-at=150k queue=up-64k priority=5 max-limit=200k burst-limit=0 burst-threshold=0 burst-time=0s
    name="UpGames" parent=Upload packet-mark=game limit-at=150k queue=up-htb priority=1 max-limit=350k burst-limit=0 burst-threshold=0 burst-time=0s
    name="ProxyHit" parent=global-out packet-mark=HIT limit-at=100M queue=default priority=8 max-limit=100M burst-limit=0 burst-threshold=0 burst-time=0s name="ProxyDown" parent=ether3-Proxy packet-mark=proxy limit-at=750k queue=default priority=8 max-limit=1500k burst-limit=1600k burst-threshold=750k burst-time=10s name="ProxyUp" parent=Upload packet-mark=proxy limit-at=150k queue=up-htb priority=1 max-limit=250k burst-limit=0 burst-threshold=0 burst-time=0s name="Bypass" parent=global-out packet-mark=bypass limit-at=100M queue=default priority=8 max-limit=100M burst-limit=0 burst-threshold=0 burst-time=0s
    System Script

    - SquidDown
    /ip fi na dis num=6

    - SquidUp
    /ip fi na ena num=6

    Tool Netwatch

    Host : 192.168.4.254
    Interval : 00:00:10
    Timeout : 25
    Up : SquidUp
    Down : SquidDown


    Credit : All Member

    Preview

    NAT

    Click here to enlarge

    Mangle

    Click here to enlarge
    Click here to enlarge

    Queue

    Click here to enlarge
    Last edited by Inidian; 29-05-2012 at 00:45. Reason: Add Picture

  2. The Following 2 Users Say Thank You to Inidian For This Useful Post:


  3. #2
    Status
    Offline
    Inidian's Avatar
    Baru Gabung
    Join Date
    Jun 2008
    Posts
    18
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    dimohon kritik dan saran nya ...


    Caching
    Click here to enlarge
    Last edited by Inidian; 29-05-2012 at 01:18.

  4. #3
    Status
    Offline
    zdienos's Avatar
    Forum Guru
    Join Date
    Feb 2010
    Location
    ~/makasar
    Posts
    1,246
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    tinggal dicopas....
    truss, reviewnya bagaimana? mungkin bisa disampaikan juga bagaimana kondisi warnetnya.
    terutama untuk masalah game yang lag, dan user yang browsing/download, baik itu dalam keadaan full ataupun lagi sepi.

    nb:scriptnya mungkin bisa dirapikan pake tag [code]

  5. #4
    Status
    Offline
    Inidian's Avatar
    Baru Gabung
    Join Date
    Jun 2008
    Posts
    18
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by zdienos Click here to enlarge
    tinggal dicopas....
    truss, reviewnya bagaimana? mungkin bisa disampaikan juga bagaimana kondisi warnetnya.
    terutama untuk masalah game yang lag, dan user yang browsing/download, baik itu dalam keadaan full ataupun lagi sepi.
    - Browsing
    -- untuk browsing non HIT per user bisa dapat 300kbps untuk down, dengan max-limit 1500kbps, 64 kbps untuk up dengan max-limit 200 kbps
    -- untuk Streaming video user bisa dapat 512 kbps bagi rata

    - Game
    -- untuk sementara blm ada keluhan lag, terutama pada saat war nya 3 Kingdoms
    -- total bandwidth upto 1 mbps > down (bagi rata), upto 350 kbps > up

    nb:scriptnya mungkin bisa dirapikan pake tag [code]
    makasih atas saran nya xD

  6. #5
    Status
    Offline
    mikrotikaja's Avatar
    Newbie
    Join Date
    Oct 2010
    Posts
    24
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by Inidian Click here to enlarge
    Skema Jaringan

    Internet -- Modem -- Mikrotik -- Client
    ..............................................|
    ........................... ...............Squid


    IP Address

    192.168.1.1/24 (ether1-local) (Mikrotik)
    192.168.4.254/24 (ether3-Proxy) (Ubuntu)
    192.168.2.1/24 (ether5-Out) (Modem)
    xx.xx.xx.xx/xx (pppoe client) (Speedy) (Add Default Route)

    NAT

    Code:
    add chain=srcnat action=masquerade out-interface=ether5-Out comment="Masquerade"
    add chain=srcnat action=masquerade out-interface=Speedy 
    
    add chain=dstnat action=redirect to-ports=53 protocol=tcp in-interface=ether1-local dst-port=53 \
    comment="Transparent DNS"
    add chain=dstnat action=redirect to-ports=53 protocol=udp in-interface=ether1-local dst-port=53 
    add chain=dstnat action=redirect to-ports=53 protocol=tcp in-interface=ether3-Proxy dst-port=53 
    add chain=dstnat action=redirect to-ports=53 protocol=udp in-interface=ether3-Proxy dst-port=53 
    add chain=dstnat action=dst-nat to-addresses=192.168.4.254 to-ports=3128 protocol=tcp \ 
    src-address-list="Squid Allowed" dst-address-list=!ProxyBypass in-interface=ether1-local dst-port=80 \
    comment="Transparent Proxy"
    
    add chain=dstnat action=dst-nat to-addresses=192.168.4.254 to-ports=22 protocol=tcp in-interface=Speedy \
    dst-port=2222 comment="Redirect"
    add chain=dstnat action=dst-nat to-addresses=192.168.4.254 to-ports=80 protocol=tcp in-interface=Speedy \
    dst-port=81
    add chain=dstnat action=dst-nat to-addresses=192.168.2.1 to-ports=80 protocol=tcp in-interface=Speedy \
    dst-port=8081
    IP Address List

    Squid Allowed = 192.168.1.0/24
    ProxyBypass = 68.71.46.227 (Rohan XOR)

    Layer 7

    # NAME REGEXP
    0 Video http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(content-type: video)
    1 Cache HIT http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(x-cache: hit)

    MANGLE

    Code:
    add chain=postrouting action=mark-connection new-connection-mark=con-HIT passthrough=yes \
    protocol=tcp out-interface=ether1-local src-port=3128 dscp=12 comment="Proxy Loss"
    add chain=postrouting action=mark-connection new-connection-mark=con-HIT passthrough=yes \
    protocol=tcp layer7-protocol=Cache HIT out-interface=ether1-local src-port=3128 
    add chain=prerouting action=mark-packet new-packet-mark=HIT passthrough=no connection-mark=con-HIT 
    
    add chain=prerouting action=mark-connection new-connection-mark=con-bypass passthrough=yes \
    protocol=tcp dst-port=445,22,139,4899,554,8291 comment="Bypass"
    add chain=prerouting action=mark-connection new-connection-mark=con-bypass passthrough=yes \
    protocol=udp dst-port=53,123 
    add chain=prerouting action=mark-packet new-packet-mark=bypass passthrough=no connection-mark=con-bypass 
    
    add chain=prerouting action=jump jump-target=Warnet in-interface=ether1-local \
    connection-mark=!con-facebook comment="Warnet"
    add chain=Warnet action=mark-connection new-connection-mark=con-user passthrough=yes \
    protocol=!icmp in-interface=ether1-local connection-mark=!con-streaming 
    
    add chain=postrouting action=mark-connection new-connection-mark=con-streaming passthrough=yes \
    layer7-protocol=Video out-interface=ether1-local comment="Streaming"
    
    add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
    protocol=tcp in-interface=ether1-local dst-port=5340-5352,6000-6152,10001-10011,14009-14030,18901-18909 comment="Game"
    add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
    protocol=tcp in-interface=ether1-local dst-port=39190,27780,29000,22100,10009,4300,15001,15002,7341,7451 
    add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
    protocol=tcp in-interface=ether1-local dst-port=40000,9300,9400,9700,7342,8005-8010,37466,36567,8822 
    add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
    protocol=tcp in-interface=ether1-local dst-port=47611,16666,20000,5105,29000,18901-18909,9015 
    add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
    protocol=udp in-interface=ether1-local src-port=27005,27015 
    add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
    protocol=udp in-interface=ether1-local dst-port=27005-27020,13055,7800-7900,12060-12070 
    add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
    protocol=udp in-interface=ether1-local dst-port=8005-8010,9068,1293,1479,9401,9600,30000 
    add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
    protocol=udp in-interface=ether1-local dst-port=14009-14030,42051-42052,40000-40050,13000-13080 
    
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp in-interface=ether1-local connection-mark=!con-fb.game content=static.ak.connect.facebook.com comment="Facebook"
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp in-interface=ether1-local dst-port=80,443 connection-mark=!con-fb.game content=.twitter.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp dst-address-list=bypass in-interface=ether1-local dst-port=80,443 connection-mark=!con-fb.game content=.facebook.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp in-interface=ether1-local connection-mark=!con-fb.game content=pixel.facebook.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp in-interface=ether1-local connection-mark=!con-fb.game content=static.ak.facebook.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp in-interface=ether1-local connection-mark=!con-fb.game content=.static.ak.fbcdn.net 
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp in-interface=ether1-local connection-mark=!con-fb.game content=creative.ak.fbcdn.net 
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp in-interface=ether1-local connection-mark=!con-fb.game content=connect.facebook.net 
    add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
    protocol=tcp in-interface=ether1-local connection-mark=!con-fb.game content=.channel.facebook.com 
    
    addchain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local dst-port=9339,843,8890,4000,5050,7020-7030 comment="FacebookGames"
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=apps.facebook.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.ninjasaga.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.castle.zgncdn.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.static.zynga.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.static.zgncdn.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.empire.zynga.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.poker.zynga.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.castle.zynga.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.farmville.com 
    add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
    protocol=tcp in-interface=ether1-local content=.farmville.zgncdn.com 
    
    add chain=prerouting action=mark-packet new-packet-mark=user passthrough=no packet-mark=!HIT \
    connection-mark=con-user comment="Mark Packet"
    add chain=prerouting action=mark-packet new-packet-mark=streaming passthrough=no packet-mark=!HIT \
    connection-mark=con-streaming 
    add chain=prerouting action=mark-packet new-packet-mark=game passthrough=no packet-mark=!HIT \
    connection-mark=con-game 
    add chain=prerouting action=mark-packet new-packet-mark=facebook passthrough=no packet-mark=!HIT \
    connection-mark=con-facebook 
    add chain=prerouting action=mark-packet new-packet-mark=fb-game passthrough=no packet-mark=!HIT \
    connection-mark=con-fb.game
    
    add chain=forward action=mark-connection new-connection-mark=con-proxy passthrough=yes \
    in-interface=ether3-Proxy out-interface=Speedy comment="Proxy Inet Connection"
    add chain=prerouting action=mark-packet new-packet-mark=proxy passthrough=no connection-mark=con-proxy
    Queue

    - Queue Type

    Code:
       name="up-htb" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000 pcq-burst-rate=0 
       pcq-burst-threshold=0 pcq-burst-time=10s pcq-src-address-mask=32 pcq-dst-address-mask=32 pcq-src-address6-mask=128 
       pcq-dst-address6-mask=128 
    
       name="down-htb" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000 pcq-burst-rate=0 
       pcq-burst-threshold=0 pcq-burst-time=10s pcq-src-address-mask=32 pcq-dst-address-mask=32 pcq-src-address6-mask=128 
       pcq-dst-address6-mask=128 
    
       name="up-64k" kind=pcq pcq-rate=64k pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000 pcq-burst-rate=0 
       pcq-burst-threshold=0 pcq-burst-time=10s pcq-src-address-mask=32 pcq-dst-address-mask=32 pcq-src-address6-mask=128 
       pcq-dst-address6-mask=128 
    
       name="down-300k" kind=pcq pcq-rate=300k pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000 pcq-burst-rate=0 
       pcq-burst-threshold=0 pcq-burst-time=10s pcq-src-address-mask=32 pcq-dst-address-mask=32 pcq-src-address6-mask=128 
       pcq-dst-address6-mask=128
    - Queue Tree

    Code:
    name="Download" parent=global-out limit-at=0 priority=8 max-limit=2048k burst-limit=0 burst-threshold=0 burst-time=0s 
    
    
    name="DownUser" parent=Download limit-at=750k priority=2 max-limit=1500k burst-limit=1600k burst-threshold=750k burst-time=10s
    name="Facebook" parent=DownUser packet-mark=facebook limit-at=250k queue=down-htb priority=3 max-limit=512k burst-limit=0 burst-threshold=0 burst-time=0s name="FacebookGames" parent=DownUser packet-mark=fb-game limit-at=250k queue=down-htb priority=4 max-limit=512k burst-limit=0 burst-threshold=0 burst-time=0s name="User" parent=DownUser packet-mark=user limit-at=750k queue=down-300k priority=5 max-limit=1200k burst-limit=0 burst-threshold=0 burst-time=0s name="Streaming" parent=DownUser packet-mark=streaming limit-at=250k queue=down-htb priority=8 max-limit=512k burst-limit=0 burst-threshold=0 burst-time=0s
    name="DownGames" parent=Download packet-mark=game limit-at=512k queue=down-htb priority=1 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s
    name="Upload" parent=Speedy limit-at=0 priority=8 max-limit=512k burst-limit=0 burst-threshold=0 burst-time=0s
    name="UpUser" parent=Upload limit-at=150k priority=2 max-limit=350k burst-limit=0 burst-threshold=0 burst-time=0s
    name="UpFacebook" parent=UpUser packet-mark=facebook limit-at=75k queue=up-htb priority=3 max-limit=100k burst-limit=0 burst-threshold=0 burst-time=0s name="UpFacebookGames" parent=UpUser packet-mark=fb-game limit-at=75k queue=up-htb priority=4 max-limit=126k burst-limit=0 burst-threshold=0 burst-time=0s name="UserUp" parent=UpUser packet-mark=user limit-at=150k queue=up-64k priority=5 max-limit=200k burst-limit=0 burst-threshold=0 burst-time=0s
    name="UpGames" parent=Upload packet-mark=game limit-at=150k queue=up-htb priority=1 max-limit=350k burst-limit=0 burst-threshold=0 burst-time=0s
    name="ProxyHit" parent=global-out packet-mark=HIT limit-at=100M queue=default priority=8 max-limit=100M burst-limit=0 burst-threshold=0 burst-time=0s name="ProxyDown" parent=ether3-Proxy packet-mark=proxy limit-at=750k queue=default priority=8 max-limit=1500k burst-limit=1600k burst-threshold=750k burst-time=10s name="ProxyUp" parent=Upload packet-mark=proxy limit-at=150k queue=up-htb priority=1 max-limit=250k burst-limit=0 burst-threshold=0 burst-time=0s name="Bypass" parent=global-out packet-mark=bypass limit-at=100M queue=default priority=8 max-limit=100M burst-limit=0 burst-threshold=0 burst-time=0s
    System Script

    - SquidDown
    /ip fi na dis num=6

    - SquidUp
    /ip fi na ena num=6

    Tool Netwatch

    Host : 192.168.4.254
    Interval : 00:00:10
    Timeout : 25
    Up : SquidUp
    Down : SquidDown


    Credit : All Member
    ijin bookmark... ntar malam bisa di tes nih..

    thx for share

  7. #6
    Status
    Offline
    ipuy's Avatar
    Baru Gabung
    Join Date
    Aug 2011
    Posts
    12
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    add chain=forward action=mark-connection new-connection-mark=con-proxy passthrough=yes \
    in-interface=ether3-Proxy out-interface=Speedy comment="Proxy Inet Connection"
    add chain=prerouting action=mark-packet new-packet-mark=proxy passthrough=no connection-mark=con-proxy

    MaaF Gan rule di atas Bwt apa ya Gan? Bwt mark Download dari proxy Atau Gmn ,... ??
    Mohon Penjelasannya Click here to enlarge

  8. #7
    Status
    Offline
    Inidian's Avatar
    Baru Gabung
    Join Date
    Jun 2008
    Posts
    18
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by ipuy Click here to enlarge
    add chain=forward action=mark-connection new-connection-mark=con-proxy passthrough=yes \
    in-interface=ether3-Proxy out-interface=Speedy comment="Proxy Inet Connection"
    add chain=prerouting action=mark-packet new-packet-mark=proxy passthrough=no connection-mark=con-proxy

    MaaF Gan rule di atas Bwt apa ya Gan? Bwt mark Download dari proxy Atau Gmn ,... ??
    Mohon Penjelasannya Click here to enlarge
    itu rule untuk membatasi koneksi proxy ke internet nya

  9. #8
    Status
    Offline
    ipuy's Avatar
    Baru Gabung
    Join Date
    Aug 2011
    Posts
    12
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by Inidian Click here to enlarge
    itu rule untuk membatasi koneksi proxy ke internet nya
    klo PC proxy nya Download / update OS nya rule itu akan melimit Download nya ?

  10. #9
    Status
    Offline
    Mil Dus's Avatar
    Baru Gabung
    Join Date
    Apr 2012
    Posts
    16
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Cool

    kalau saya mau buat seperti ini, tappi blom jumpa hasil nya.mohon bantuannya master.

    Saya memiliki rbt750. jadi rencananya saya mau menginstall squidnt dan di gabungkan dengan mikrotik nya.

    Squidnt nya saya install menggunakan vmware menggunakan port 3128 dan untuk mikrotiknya saya set transparant nya dengan parent proxy ke squidnt.

    Dan masalah yg timbul setelah saya setting user nya gak bisa browsing muncuk error nya dari squidnt nya. tetapi jika kita setting proxy pada browser nya secara manual client nya bisa browsing.

    kemungkinan saya ada kesalahan setting pada mikrotik nya. mohon panduan dari master-master seperti apa setingan pada mikrotik nya.

    berikut topologinya.



    Click here to enlarge

  11. #10
    Status
    Offline
    Inidian's Avatar
    Baru Gabung
    Join Date
    Jun 2008
    Posts
    18
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by ipuy Click here to enlarge
    klo PC proxy nya Download / update OS nya rule itu akan melimit Download nya ?
    setiap koneksi proxy menuju internet akan masuk ke rule itu ...
    jadi bila ada koneksi dari proxy --> internet atau client --> proxy --> internet (rule transparent proxy) akan masuk ke rule itu dan di batasi oleh rule queue tree nya ..

    Click here to enlarge Originally Posted by Mil Dus Click here to enlarge
    kalau saya mau buat seperti ini, tappi blom jumpa hasil nya.mohon bantuannya master.

    Saya memiliki rbt750. jadi rencananya saya mau menginstall squidnt dan di gabungkan dengan mikrotik nya.

    Squidnt nya saya install menggunakan vmware menggunakan port 3128 dan untuk mikrotiknya saya set transparant nya dengan parent proxy ke squidnt.

    Dan masalah yg timbul setelah saya setting user nya gak bisa browsing muncuk error nya dari squidnt nya. tetapi jika kita setting proxy pada browser nya secara manual client nya bisa browsing.

    kemungkinan saya ada kesalahan setting pada mikrotik nya. mohon panduan dari master-master seperti apa setingan pada mikrotik nya.

    berikut topologinya.
    maaf .. gambar topologi nya ga muncul .... bisa kasih gambar laen ?

  12. #11
    Status
    Offline
    n4z4r's Avatar
    Newbie
    Join Date
    Jan 2012
    Posts
    66
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    kalau seandaninya saya gak pake Squid, yg mana yg perlu saya buang pak...

  13. #12
    Status
    Offline
    ipuy's Avatar
    Baru Gabung
    Join Date
    Aug 2011
    Posts
    12
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by Inidian Click here to enlarge
    setiap koneksi proxy menuju internet akan masuk ke rule itu ...
    jadi bila ada koneksi dari proxy --> internet atau client --> proxy --> internet (rule transparent proxy) akan masuk ke rule itu dan di batasi oleh rule queue tree nya ..



    maaf .. gambar topologi nya ga muncul .... bisa kasih gambar laen ?
    Ooo Gt gan,...
    itu yg agan pake koneksi 2 Mbps?
    yg bikin ane aneh gan,...
    di que tree untuk koneksi Proxy---> internet ane kasih 1024k
    untuk game dan Lain'' nya ane ngikutin tutor di atas,..
    tp pas ada yg Lg streaming ,... Ampun dah koneksi langsung Drop,..
    trs yg dimakdsud dengan rule name="User" parent=DownUser packet-mark=user limit-at=750k queue=down-300k priority=5 max-limit=1200k burst-limit=0 burst-threshold=0 burst-time=0s ( gini Bukan ? dari max limit 1200k itu masing '' client akan mendapatkan Limit 300k )

  14. #13
    Status
    Offline
    ipuy's Avatar
    Baru Gabung
    Join Date
    Aug 2011
    Posts
    12
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Gan ini review ane,..
    yg Aneh nya entah dari limit user atau,..dari proxy down,..
    terkadang klo dua'' Merah ,.. PB langsung DRop ( LAG )


    apa ketika ada client streaming atau donlot
    otomatis proxydown berjlan?
    klo gt berarti bandwidth udh kemakan sama proxy dong gan ?
    Click here to enlarge

    [IMG]Click here to enlarge[/IMG]
    Last edited by ipuy; 27-05-2012 at 09:54.

  15. #14
    Status
    Offline
    Inidian's Avatar
    Baru Gabung
    Join Date
    Jun 2008
    Posts
    18
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by n4z4r Click here to enlarge
    kalau seandaninya saya gak pake Squid, yg mana yg perlu saya buang pak...
    walopun nda pake proxy, konfigurasi ini juga bisa berjalan. karena pada dasar nya koneksi proxy hanya buangan dari koneksi client keluar router.

    Click here to enlarge Originally Posted by ipuy Click here to enlarge
    Gan ini review ane,..
    yg Aneh nya entah dari limit user atau,..dari proxy down,..
    terkadang klo dua'' Merah ,.. PB langsung DRop ( LAG )

    apa ketika ada client streaming atau donlot
    otomatis proxydown berjlan?
    klo gt berarti bandwidth udh kemakan sama proxy dong gan ?
    Click here to enlarge
    coba di cek lagi rule streaming nya, karena pada gambar rule "Streaming" nda jalan.

    Click here to enlarge Originally Posted by ipuy Click here to enlarge
    Ooo Gt gan,...
    itu yg agan pake koneksi 2 Mbps?
    yg bikin ane aneh gan,...
    di que tree untuk koneksi Proxy---> internet ane kasih 1024k
    untuk game dan Lain'' nya ane ngikutin tutor di atas,..
    tp pas ada yg Lg streaming ,... Ampun dah koneksi langsung Drop,..
    trs yg dimakdsud dengan rule name="User" parent=DownUser packet-mark=user limit-at=750k queue=down-300k priority=5 max-limit=1200k burst-limit=0 burst-threshold=0 burst-time=0s ( gini Bukan ? dari max limit 1200k itu masing '' client akan mendapatkan Limit 300k )
    ia, rule Queue yang saya tulis untuk di aplikasi kan ke Speedy 2 Mbps. tapi juga bisa di pakai ke yg laen nya. tinggal sesuaikan MAX BANDWIDTH yang ada dengan Max Limit di queue.

    Queue User itu untuk semua koneksi client. jadi masing " user bisa dapat 300kbps jika Queue User tidak penuh.

  16. #15
    Status
    Offline
    amirdonk's Avatar
    Baru Gabung
    Join Date
    Mar 2012
    Posts
    3
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    mohon pencerahannya para master..

    topologi warnet saya..

    Internet -- Modem -- Mikrotik -- HUB -- Client

    IP Address

    192.168.10.254/24 (ether5-local) (Mikrotik)
    192.168.2.1/24 (ether1-Out) (Modem)
    xx.xx.xx.xx/xx (pppoe client) (Speedy) (Add Default Route)

    kalau saya mau menggunakan proxy sejajar client..
    atau lebih tepatnya proxy berada di PC Operator...

    jika menggunakan script yang di atas..
    bagian mana yang harus di tukar atau di tambah..
    agar tidak perlu setting manual proxy di setiap browser client..

    topologi menjadi seperti ini:

    Internet -- Modem -- Mikrotik -- HUB -- Client
    ................................................||
    ....................................... Proxy Lusca di Windows (komp OP)

    IP Address

    192.168.10.254/24 (ether5-local) (Mikrotik)
    192.168.10.253 (Proxy) (Lusca for windows) Komp OP
    192.168.2.1/24 (ether1-Out) (Modem)
    xx.xx.xx.xx/xx (pppoe client) (Speedy) (Add Default Route)

    Terima kasih...
    Last edited by amirdonk; 29-05-2012 at 11:19.

 

 
Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 1
    Last Post: 26-06-2010, 19:58
  2. Replies: 2
    Last Post: 30-05-2010, 07:18
  3. memisahkan browsing dan download dengan 2 line speedy?
    By bolang in forum Scripting @ Mikrotik
    Replies: 23
    Last Post: 11-05-2010, 23:59

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
ads