Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 1 of 1
  1. #1
    Status
    Offline
    atut's Avatar
    Member
    Join Date
    Aug 2012
    Posts
    154
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    [ASK] Mangle kapan mark connection dan kapan mark packet?

    Saya bingung, kapan harus mark connection, kapan hanya cukup dengan mark packet tanpa mark connection.

    Dari salah satu pakar CNI, dikatakan mark connection digunakan jika traffic tersebut mempunyai request dan response.
    Request dan response berarti seperti
    1. Client download: client mengirim request bahwa lagu.mp3 ingin di download, kemudian server response dengan lagu.mp3 untuk traffic downloadnya
    2. Client browsing: client mengirim request untuk akses google.com, kemudian server google.com response http content nya kepada client
    3. Client icmp ping: client mengirim icmp ke google.com, kemudian google.com response icmp kembali ke client

    Dari pengertian diatas, jika saya ingin mangle client request icmp ping ke google.com, maka saya menggunakan rule ini
    Code:
    /ip firewall mangle chain=prerouting action=mark-connection new-connection-mark=cm-icmp-up passthrough=yes protocol=icmp src-address=192.168.0.0/23  in-interface=local
    /ip firewall mangle chain=prerouting action=mark-packet new-packet-mark=pm-icmp-up passthrough=no connection-mark=cm-icmp-up
    Dan jika saya ingin mangle response icmp ping dari google.com ke client, maka saya menggunakan rule dibawah ini
    Code:
    /ip firewall mangle chain=postrouting action=mark-connection new-connection-mark=cm-icmp-down passthrough=yes protocol=icmp dst-address=192.168.0.0/23 out-interface=Internet
    /ip firewall mangle chain=postrouting action=mark-packet new-packet-mark=pm-icmp-down passthrough=no connection-mark=cm-icmp-down
    Pertanyaan: untuk mangle response icmp ping dari google.com ke client, saya gunakan postrouting, berarti traffic ini tidak mengandung "client request", apakah boleh saya abaikan mark connection nya dan hanya cukup dengan mark packet tanpa mark connection?
    Last edited by atut; 29-08-2013 at 12:33.

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 0
    Last Post: 29-06-2013, 10:40
  2. [ASK] Apa beda mark-connection dengan mark-packet?
    By atut in forum Beginner Basics
    Replies: 1
    Last Post: 29-06-2013, 09:33
  3. Pemakaian Packet Mark & Connection ?
    By Aria in forum Beginner Basics
    Replies: 3
    Last Post: 11-11-2009, 06:54
  4. [ask] beda packet-mark and connection-mark di PCQ?
    By sempy26 in forum General Networking
    Replies: 4
    Last Post: 28-06-2008, 00:23
  5. [ask] beda mark packet , connection , routing ?
    By rendyka in forum Beginner Basics
    Replies: 0
    Last Post: 05-03-2008, 03:45

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •