Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 2 of 4 FirstFirst 1234 LastLast
Results 16 to 30 of 57
  1. #16
    Status
    Offline
    zainalk29's Avatar
    Member Super Senior
    Join Date
    Aug 2007
    Location
    Banjarmasin, Yogyakarta, Indonesia
    Posts
    676
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    naise inpo juragan ......... patut banget nie dicoba .. thx banget bos

  2. #17
    Status
    Offline
    donipermono1982's Avatar
    Moderator
    Join Date
    Feb 2008
    Location
    Jakarta Selatan
    Posts
    2,809
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by felix_sg Click here to enlarge
    sorry, gw edit total aja postingan gw.. soalnya berantakan... Click here to enlarge

    mikrotik layer 7 = layer7-protocol is a method of looking for patterns in connections.

    hanya terdapat di mikrotik ver3 ke atas.

    gunanya adalah mencari pattern dalam koneksi, sehingga betul2 dapat memblok dengan benar apa yang ingin kita blok. karena kalo pake content susah ngebloknya. misal kalo mau blok bittorrent pake content=bittorent, maka semua web yang mengandung kata bittorrent akan di blok. padahal tidak mendownload. sedang kalo pake layer7, maka hanya koneksi yang memakai bittorrent yang di blok. Click here to enlarge

    cuma penggunaan layer7 ini akan memakan banyak resource dari mikrotik.

    contoh apabila mau blok koneksi bittorent, bukannya blok web yang mengandung kata bittorrent :

    /ip firewall layer7-protocol
    add=bittorent regexp="^(\13bittorrent protocol|azver\01\$|get /scrape\\\?info_hash=)|d1:ad2:id20:|\08'7P\\)[RP]"

    terus setting di firewall filter
    addchain=forward layer7-protocol="bittorrent" action=drop Click here to enlarge

    dibawah ini adalah beberapa daftar regexp untuk layer7 :

    edonkey
    "^[\C5\D4\E3-\E5].\?.\?.\?.\?([\01\02\05\14\15\16\18\19\1A\1B\1C\20\21\32\33\34\3 5\36\38\40\41\42\43\46\47\48\49\4A\4B\4C\4D\4E\4F\ 50\51\52\53\54\55\56\57\58[\60\81\82\90\91\93\96\97\98\99\9A\9B\9C\9E\A0\A1\A 2\A3\A4]|\59................\?[ -~]|\96....\$)"

    shoutcast
    "icy [1-5][0-9][0-9] [\09-\0D -~]*(content-type:audio|icy-)"

    smb
    "\FFsmb[\72\25]"

    bittorrent
    "^(\13bittorrent protocol|azver\01\$|get /scrape\\\?info_hash=)|d1:ad2:id20:|\08'7P\\)[RP]"

    directconnect
    "^(\\\$mynick |\\\$lock |\\\$key )"

    ares
    "^\03[]Z].\?.\?\05\$"

    fasttrack/kaaza
    "^get (/.download/[ -~]*|/.supernode[ -~]|/.status[ -~]|/.network[ -~]*|/.files|/.hash=[0-9a-f]*/[ -~]*) http/1.1|user-agent: kazaa|x-kazaa(-username|-network|-ip|-supernodeip|-xferid|-xferuid|tag)|^give [0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]\?[0-9]\?[0-9]\?"

    soulseek
    "^(\05..\?|.\01.[ -~]+\01F..\?.\?.\?.\?.\?.\?.\?)\$"

    dan lain2 bro... termasuk mau blok msn, yahoo, skype dan teman2nya
    yg di bold w copas ke l7 invalid...just inpo aja

    kalau gw ngikutin yg ini bisa

    ^(\x13bittorrent protocol|azver\x01$|get /scrape\?info_hash=get /announce\?info_hash=|get /client/bitcomet/|GET /data\?fid=)|d1:ad2:id20:|\x08'7P\)[RP]

    sekalian nanya, kalau ngeblok kata "sex" gimana y, yg sekarang w coba, di webproxy jadi ke block semua setiap ada kata "sex" tsb.

    thanks. Click here to enlarge
    Last edited by donipermono1982; 06-03-2009 at 19:37.

  3. #18
    Status
    Offline
    ripmanis's Avatar
    VIP Member
    Join Date
    Dec 2008
    Location
    Balikpapan as Balikpapaners
    Posts
    774
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    pas nyoba script buat skypeout ma skypetoskype, ym malah gak bis login Click here to enlarge

  4. #19
    Status
    Offline
    ripmanis's Avatar
    VIP Member
    Join Date
    Dec 2008
    Location
    Balikpapan as Balikpapaners
    Posts
    774
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    di firewall rules, pada rule edonkey (copas dari daftar itu juga), ada jumlah paket dan byte yang ter-counter. itu maksudnya apaan sich ? currrrriga gitu loh Click here to enlarge
    apa itu jumlah link yang ter-drop atau yang lewwwwaattss Click here to enlargeClick here to enlarge

  5. #20
    Status
    Offline
    yogaponsel's Avatar
    Forum Guru
    Join Date
    Oct 2008
    Location
    "BnetAkses"
    Posts
    2,511
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    pengen nyoba sih cuma sampe sekarang masih belum ngeh juga ... ni buat apaan sih ....Click here to enlarge

  6. #21
    Status
    Offline
    donipermono1982's Avatar
    Moderator
    Join Date
    Feb 2008
    Location
    Jakarta Selatan
    Posts
    2,809
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by yogaponsel Click here to enlarge
    pengen nyoba sih cuma sampe sekarang masih belum ngeh juga ... ni buat apaan sih ....Click here to enlarge
    ini buat blok per content jadi di harapkan gag ngeblok radikal

    misal kalau di webproxy kita mau blok kata bittorent maka semua yg ada tulisan bittorent di mana pun dia ada pasti ke blok

    nah dengan ini hal itu bs di hindari. CMIIW....Click here to enlarge

  7. #22
    Status
    Offline
    bramand's Avatar
    Newbie
    Join Date
    Jan 2008
    Posts
    53
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    Click here to enlarge Originally Posted by yosanpro Click here to enlarge
    Wew... coba juga ah...
    Moga-moga P3-800 kuat buat L7...

    Update: Udah nyoba buat mengarahkan trafik YM dan berjalan lancar.
    Pasti kuat Mas Yosan, saya pake P I 200MHz RAM 256MB aja kuat kok.
    Saya juga udah berhasil memfilter traffic YM, tapi blom berhasil utk mIRC, bisa kasih petunjuk Mas?

  8. #23
    Status
    Offline
    donipermono1982's Avatar
    Moderator
    Join Date
    Feb 2008
    Location
    Jakarta Selatan
    Posts
    2,809
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by bramand Click here to enlarge
    Pasti kuat Mas Yosan, saya pake P I 200MHz RAM 256MB aja kuat kok.
    Saya juga udah berhasil memfilter traffic YM, tapi blom berhasil utk mIRC, bisa kasih petunjuk Mas?
    itu pake webproxy juga y mas...mantap dah kalau bs.Click here to enlarge

  9. #24
    Status
    Offline
    bramand's Avatar
    Newbie
    Join Date
    Jan 2008
    Posts
    53
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    Click here to enlarge Originally Posted by donipermono1982 Click here to enlarge
    itu pake webproxy juga y mas...mantap dah kalau bs.Click here to enlarge
    Benul Mas Doni, webproxynya jg aktif.

  10. #25
    Status
    Offline
    donipermono1982's Avatar
    Moderator
    Join Date
    Feb 2008
    Location
    Jakarta Selatan
    Posts
    2,809
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by bramand Click here to enlarge
    Benul Mas Doni, webproxynya jg aktif.
    jadi inget saat gw bikin webproxy kantor

    spekny

    p4 lga 478 2.4 ghz
    ram 512 mb ddr1
    hdd 40 gb seagate

    sering hang...kalau di aktivin webproxy nya Click here to enlarge

  11. #26
    Status
    Offline
    bramand's Avatar
    Newbie
    Join Date
    Jan 2008
    Posts
    53
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    Click here to enlarge Originally Posted by donipermono1982 Click here to enlarge
    jadi inget saat gw bikin webproxy kantor

    spekny

    p4 lga 478 2.4 ghz
    ram 512 mb ddr1
    hdd 40 gb seagate

    sering hang...kalau di aktivin webproxy nya Click here to enlarge
    Ah gile aja spec kayak gitu dipake di MikroTik.. Ter La Lu kalo kata Oma Irama.
    Mending buat saya aja, buat PC Admin he he he..

  12. #27
    Status
    Offline
    yogaponsel's Avatar
    Forum Guru
    Join Date
    Oct 2008
    Location
    "BnetAkses"
    Posts
    2,511
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    ^(\x13bittorrent protocol|azver\x01$|get /scrape\?info_hash=get /announce\?info_hash=|get /client/bitcomet/|GET /data\?fid=)|d1:ad2:id20:|\x08'7P\)[RP]


    yang ini yang binun... dari mana katak kata mutiara ini di dapet ... ( daftar regexp untuk layer7 : ) kalo mo blok situs yg ber unsur ....xxxx

  13. #28
    Status
    Offline
    felix_sg's Avatar
    Member Super Senior
    Join Date
    Sep 2007
    Location
    indonesia
    Posts
    607
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    di halaman 1, post ke 2 di thread ini kan udah saya masukkan gan, link untuk perintah layer7 lainnya

  14. #29
    Status
    Offline
    ripmanis's Avatar
    VIP Member
    Join Date
    Dec 2008
    Location
    Balikpapan as Balikpapaners
    Posts
    774
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ada gak sich yang mo ngasih contoh dikiiiiiiiiiiiiiiiitttt aja L7 untuk blocking keyword gituh... pleaaseeeee Click here to enlarge
    udah mati gaya niihh... Click here to enlargeClick here to enlarge

  15. #30
    Status
    Offline
    kdebugx86's Avatar
    Moderator
    Join Date
    Oct 2008
    Location
    greyarea
    Posts
    1,283
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    blajar regex doooooongg...

    btw, kalo l7 sih buat saya gunanya untuk mengendalikan traffic p2p saja, soalnya suka lolos,( mangle lewat port gak jitu p2p suka liar portnya) dan l7 ini seiring waktu harus sering2 di update, soalnya patternnya berubah2x mengikuti program nya...

    cmiiw,
    di wiki menyarankan untuk menaruh di urutan paling akhir, soalnya cukup memory dan cpu intensive, (soalnya pattern/foot print kan panjang & bervariasi, semakin panjang semakin jitu.. ya.. jadi cpu nya 'cape' harus bolak balik 'menbandingkan pattern' belum lagi kalo rules patternnya banyak...
    mungkin untuk pc router kuat.. tapi kalo untuk routerboard.... mungkin enggak..

    ok d...
    Last edited by kdebugx86; 06-04-2009 at 00:19.

 

 
Page 2 of 4 FirstFirst 1234 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. NTP (Network Time Protocol)
    By eddysubakir in forum Beginner Basics
    Replies: 63
    Last Post: 13-03-2013, 15:08
  2. [ask]perintah dasar mikrotik
    By lefter in forum Beginner Basics
    Replies: 33
    Last Post: 24-12-2009, 10:09
  3. vpn protocol IPSec
    By chezz in forum General Networking
    Replies: 2
    Last Post: 07-03-2009, 12:01
  4. perintah ping lewat interface tertentu
    By makan in forum General Networking
    Replies: 18
    Last Post: 27-07-2008, 18:08
  5. Replies: 2
    Last Post: 23-05-2008, 03:00

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •