Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 10 of 10
  1. #1
    Status
    Offline
    aswar's Avatar
    Newbie
    Join Date
    May 2013
    Posts
    35
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Bingung menggunakan mangel help me suhu fmi

    Para suhu mohon pencerahannya, bagaimana sih aturan mangele dari kasus saya ini
    Di tempat ane pembagian ip local berdasarkan departemen:
    Bndwith 2Mb
    Ip public di ether 1 saya namakan public degan ip 182.1.1.
    Ether 2 saya namakan depA degan Ip 192.168.1.0/28
    Ether 3 saya namakan depB degan ip 192.168.2.0/28
    Ether 4 saya namakan depC degan ip 192.168.3.0/28
    Ether 5 saya namakan service degan ip 192.168.100.0/28 ( web, mail , file server)
    Nah yang saya mau tanyakan bagaimana melimit seluruh clien dep A,B dan C kecuali setiap BOS BESAR di setiap dep tidak ikut terlimit begitupn degan Ethernet 5 service web, mail dan file.

    mau psot di tapi da coslet Click here to enlarge

  2. #2
    Status
    Offline
    aswar's Avatar
    Newbie
    Join Date
    May 2013
    Posts
    35
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    bantu dong para suhu

  3. #3
    Status
    Offline
    oktama's Avatar
    Forum Guru
    Join Date
    Jul 2008
    Location
    Jayapura
    Posts
    1,929
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by aswar Click here to enlarge
    Para suhu mohon pencerahannya, bagaimana sih aturan mangele dari kasus saya ini
    Di tempat ane pembagian ip local berdasarkan departemen:
    Bndwith 2Mb
    Ip public di ether 1 saya namakan public degan ip 182.1.1.
    Ether 2 saya namakan depA degan Ip 192.168.1.0/28
    Ether 3 saya namakan depB degan ip 192.168.2.0/28
    Ether 4 saya namakan depC degan ip 192.168.3.0/28
    Ether 5 saya namakan service degan ip 192.168.100.0/28 ( web, mail , file server)
    Nah yang saya mau tanyakan bagaimana melimit seluruh clien dep A,B dan C kecuali setiap BOS BESAR di setiap dep tidak ikut terlimit begitupn degan Ethernet 5 service web, mail dan file.

    mau psot di tapi da coslet Click here to enlarge
    anda mau melakukan limit berdasarkan apa? bisa coba baca dan coba diterapkan di network anda

  4. #4
    Status
    Offline
    aswar's Avatar
    Newbie
    Join Date
    May 2013
    Posts
    35
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by oktama Click here to enlarge
    anda mau melakukan limit berdasarkan apa? bisa coba baca dan coba diterapkan di network anda
    saya mau pisahkan antara download dan browsing mas oktama nah keliling di FMI dapet pencerahan dikit udah saya terapin ok sip da jalan limitnya nah tapi kekuarangannya semua trafik download dan browsing ttp ketangkep yang ip si bos dan service padahal udah aku buat list untuk bypass mas oktama ini aturan yang saya terapkan skarang mas oktama mohon koreksinya dimana letak kesalahan saya.

    /ip firewall address-list
    add address=192.168.10.1 comment="mail" disabled=no list=bypass
    add address=192.168.10.4 comment="web" disabled=no list=bypass
    add address=192.168.10.5 comment="file" disabled=no list=bypass
    add address=192.168.10.6 comment="bos" disabled=no list=bypass
    add address=192.168.10.100 comment="bos" disabled=no list=bypass
    ================================================== ===============
    /ip firewall mangle
    add action=mark-connection chain=prerouting comment=Content_download disabled=no dst-address-list=content_download new-connection-mark=\
    Bw_Download passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="" connection-bytes=524292-4294967295 disabled=no dst-address-list=!bypass new-connection-mark=\
    Bw_Download passthrough=yes protocol=!icmp
    add action=mark-packet chain=prerouting comment="" connection-mark=Bw_Download disabled=no dst-address-list=!bypass new-packet-mark=Paket_Download \
    passthrough=no
    add action=mark-connection chain=prerouting comment=Content_browsing disabled=no dst-address-list=!bypass new-connection-mark=Bw_Browsing passthrough=yes \
    protocol=!icmp
    add action=mark-packet chain=prerouting comment="" connection-mark=Bw_Browsing disabled=no dst-address-list=!bypass new-packet-mark=Paket_Browsing \
    passthrough=no
    ================================================== ===================
    /queue type
    add kind=pcq name=pcq-down pcq-classifier=dst-address pcq-limit=50 pcq-rate=256000 pcq-total-limit=2000
    add kind=pcq name=Pcq_Browsing_Down pcq-classifier=dst-address pcq-limit=50 pcq-rate=0 pcq-total-limit=2000
    ================================================== ===================
    /queue tree
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=DOWN parent=local priority=8
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name=Browsing_Down packet-mark=Paket_Browsing parent=DOWN priority=5 \
    queue=Pcq_Browsing_Down
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no max-limit=256k name=Regular_Down packet-mark=Paket_Download parent=DOWN \
    priority=8 queue=pcq-dow

  5. #5
    Status
    Offline
    oktama's Avatar
    Forum Guru
    Join Date
    Jul 2008
    Location
    Jayapura
    Posts
    1,929
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    tambahkan dipaling atas dari firewall mangle
    add action=mark-connection chain=prerouting comment="" disabled=no dst-address-list=bypass new-connection-mark=\
    Bw_bypass passthrough=yes protocol=!icmp
    add action=mark-packet chain=prerouting disabled=no connection-mark=Bw_bypass new-packet-mark=\
    Bw-bypass passtrough=no

    queue-tree tambahkan queue untuk Bw_bypass, silahkan dicoba

  6. #6
    Status
    Offline
    aswar's Avatar
    Newbie
    Join Date
    May 2013
    Posts
    35
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by oktama Click here to enlarge
    tambahkan dipaling atas dari firewall mangle
    add action=mark-connection chain=prerouting comment="" disabled=no dst-address-list=bypass new-connection-mark=\
    Bw_bypass passthrough=yes protocol=!icmp
    add action=mark-packet chain=prerouting disabled=no connection-mark=Bw_bypass new-packet-mark=\
    Bw-bypass passtrough=no

    queue-tree tambahkan queue untuk Bw_bypass, silahkan dicoba
    baru sempet balas um oktama ia aku coba dulu saran dari um oktama

  7. #7
    Status
    Offline
    aswar's Avatar
    Newbie
    Join Date
    May 2013
    Posts
    35
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    suda di lakukan sesuai instruksi om oktama tapi hasilnya ttp sama om yang ada di list bypass ttp terlimit

  8. #8
    Status
    Offline
    aswar's Avatar
    Newbie
    Join Date
    May 2013
    Posts
    35
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    add action=mark-connection chain=prerouting comment="" disabled=no src-address-list=bypass new-connection-mark=\
    Bw_bypass passthrough=yes protocol=!icmp
    add action=mark-packet chain=prerouting disabled=no connection-mark=Bw_bypass new-packet-mark=\
    Bw-bypass passtrough=no

    weeeeeeeeww jadi Um Oktama entah kenapa dst-address-listnya kagamau jadi ane rubah jadi src-address-list baru mau dia um Click here to enlarge makasi banyak um Oktama aturan yang sangat baik untuk kondisi jaringan saya disini sekali lagi terimakasih banyak atas bantuannya um Oktama.

  9. #9
    Status
    Offline
    oktama's Avatar
    Forum Guru
    Join Date
    Jul 2008
    Location
    Jayapura
    Posts
    1,929
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by aswar Click here to enlarge
    add action=mark-connection chain=prerouting comment="" disabled=no src-address-list=bypass new-connection-mark=\
    Bw_bypass passthrough=yes protocol=!icmp
    add action=mark-packet chain=prerouting disabled=no connection-mark=Bw_bypass new-packet-mark=\
    Bw-bypass passtrough=no

    weeeeeeeeww jadi Um Oktama entah kenapa dst-address-listnya kagamau jadi ane rubah jadi src-address-list baru mau dia um Click here to enlarge makasi banyak um Oktama aturan yang sangat baik untuk kondisi jaringan saya disini sekali lagi terimakasih banyak atas bantuannya um Oktama.
    Ok solved case closed

  10. #10
    Status
    Offline
    aswar's Avatar
    Newbie
    Join Date
    May 2013
    Posts
    35
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by oktama Click here to enlarge
    Ok solved case closed
    Click here to enlarge Sip mantap om Oktama

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [ASK] setting mangel untuk streaming
    By jeffry christopher in forum General Networking
    Replies: 6
    Last Post: 04-06-2012, 00:12
  2. Replies: 268
    Last Post: 16-12-2011, 20:45
  3. ip firewall mangel NTH untuk load balance
    By d3v4 in forum General Networking
    Replies: 267
    Last Post: 12-12-2010, 18:45
  4. [ASK] Mohon bantuan pada para suhu-suhu mikrotik
    By salman in forum Beginner Basics
    Replies: 4
    Last Post: 12-12-2009, 19:53

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •