Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 3 of 3
  1. #1
    Status
    Offline
    bud1gata's Avatar
    Baru Gabung
    Join Date
    Oct 2015
    Posts
    2
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Membuat User Hotspot Terkoneksi Lokal

    (Persoalan)
    -ada 2 ID (Bebas dan Tamu).
    -ID (bebas) dapat terkoneksi internet.
    -ID (tamu) tidak terkoneksi internet, namun dapat menggunakan lokal service (Stream Video, Download, dan lain-lain).

    (yang sudah saya coba)
    -saya menggunakan packet mark.(tidak berhasil)
    -saya menggunakan konfig profile hotspot memisahkan berdasarkan pool, bebas (192.168.60.2-192.168.60.7), tamu (192.168.60.8-192.168.60.14) >>(sekarang)

    (pertanyaannya)
    saya sudah membuat rule filter firewall, tapi id tamu tetap tembus ke luar internet, adakah rule yang bertabrakan? berikut rulenya.

    =====Rule Filter=====

    Flags: X - disabled, I - invalid, D - dynamic
    0 chain=forward action=accept protocol=tcp src-address=192.168.60.8-192.168.60.14 dst-address=192.168.30.2 in-interface=wlan1 log=no log-prefix=""

    1 chain=forward action=drop protocol=tcp src-address=192.168.60.8-192.168.60.14 out-interface=ppp-out1 log=no log-prefix=""

    2 D chain=forward action=jump jump-target=hs-unauth hotspot=from-client,!auth log=no log-prefix=""

    3 D chain=forward action=jump jump-target=hs-unauth-to hotspot=to-client,!auth log=no log-prefix=""

    4 D chain=input action=jump jump-target=hs-input hotspot=from-client log=no log-prefix=""

    5 D chain=input action=drop protocol=tcp hotspot=!from-client dst-port=64872-64875 log=no log-prefix=""

    6 D chain=hs-input action=jump jump-target=pre-hs-input log=no log-prefix=""

    7 D chain=hs-input action=accept protocol=udp dst-port=64872 log=no log-prefix=""

    8 D chain=hs-input action=accept protocol=tcp dst-port=64872-64875 log=no log-prefix=""

    9 D chain=hs-input action=jump jump-target=hs-unauth hotspot=!auth log=no log-prefix=""

    10 D chain=hs-unauth action=reject reject-with=tcp-reset protocol=tcp log=no log-prefix=""

    11 D chain=hs-unauth action=reject reject-with=icmp-net-prohibited log=no log-prefix=""

    12 D chain=hs-unauth-to action=reject reject-with=icmp-host-prohibited log=no log-prefix=""

    13 X ;;; place hotspot rules here
    chain=unused-hs-chain action=passthrough log=no log-prefix=""

    14 D ;;; special dummy rule to show fasttrack counters
    chain=forward

    =====Rule NAT=====
    Flags: X - disabled, I - invalid, D - dynamic
    0 D chain=dstnat action=jump jump-target=hotspot hotspot=from-client log=no log-prefix=""

    1 D chain=hotspot action=jump jump-target=pre-hotspot log=no log-prefix=""

    2 D chain=hotspot action=redirect to-ports=64872 protocol=udp dst-port=53 log=no log-prefix=""

    3 D chain=hotspot action=redirect to-ports=64872 protocol=tcp dst-port=53 log=no log-prefix=""

    4 D chain=hotspot action=redirect to-ports=64873 protocol=tcp hotspot=local-dst dst-port=80 log=no log-prefix=""

    5 D chain=hotspot action=redirect to-ports=64875 protocol=tcp hotspot=local-dst dst-port=443 log=no log-prefix=""

    6 D chain=hotspot action=jump jump-target=hs-unauth protocol=tcp hotspot=!auth log=no log-prefix=""

    7 D chain=hotspot action=jump jump-target=hs-auth protocol=tcp hotspot=auth log=no log-prefix=""

    8 D chain=hs-unauth action=redirect to-ports=64874 protocol=tcp dst-port=80 log=no log-prefix=""

    9 D chain=hs-unauth action=redirect to-ports=64874 protocol=tcp dst-port=3128 log=no log-prefix=""

    10 D chain=hs-unauth action=redirect to-ports=64874 protocol=tcp dst-port=8080 log=no log-prefix=""

    11 D chain=hs-unauth action=redirect to-ports=64875 protocol=tcp dst-port=443 log=no log-prefix=""

    12 D chain=hs-unauth action=jump jump-target=hs-smtp protocol=tcp dst-port=25 log=no log-prefix=""

    13 D chain=hs-auth action=redirect to-ports=64874 protocol=tcp hotspot=http log=no log-prefix=""

    14 D chain=hs-auth action=jump jump-target=hs-smtp protocol=tcp dst-port=25 log=no log-prefix=""

    15 X ;;; place hotspot rules here
    chain=unused-hs-chain action=passthrough log=no log-prefix=""

    16 chain=srcnat action=masquerade src-address=192.168.20.1-192.168.20.2 out-interface=ppp-out1 log=no log-prefix=""

    17 chain=srcnat action=masquerade src-address=192.168.30.1-192.168.30.2 out-interface=ppp-out1 log=no log-prefix=""

    18 chain=srcnat action=masquerade src-address=192.168.40.1-192.168.40.2 out-interface=ppp-out1 log=no log-prefix=""

    19 chain=srcnat action=masquerade src-address=192.168.50.1-192.168.50.6 out-interface=ppp-out1 log=no log-prefix=""

    20 ;;; masquerade hotspot network
    chain=srcnat action=masquerade src-address=192.168.60.2-192.168.60.7 out-interface=wlan1 log=no log-prefix=""


    terima kasih, maaf saya masih pemula Click here to enlargeClick here to enlargeClick here to enlargeClick here to enlarge

  2. #2
    Status
    Offline
    pos_ronda's Avatar
    VIP Member
    Join Date
    Aug 2009
    Location
    Sleman, Indonesia
    Posts
    903
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    rule filter no 1, protocol tcp nya di hilangkan saja.
    rule filter no 14, kalau bisa dihilangkan

    yang lebih advance, gunakan fitur filter-id pada hotspot

  3. #3
    Status
    Offline
    bud1gata's Avatar
    Baru Gabung
    Join Date
    Oct 2015
    Posts
    2
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by pos_ronda Click here to enlarge
    rule filter no 1, protocol tcp nya di hilangkan saja.
    rule filter no 14, kalau bisa dihilangkan

    yang lebih advance, gunakan fitur filter-id pada hotspot
    untuk rule no 14 gak bisa di remove gan.

    kalau untuk filter-id langsung search dulu makasih.

 

 

Thread Information

Users Browsing this Thread

There are currently 3 users browsing this thread. (0 members and 3 guests)

Similar Threads

  1. [ASK] membuat autentikasi user ke internet, tanpa mengganggu proses berjalan di lokal
    By blackrouf in forum HotSpot, The Dude & User Manager
    Replies: 0
    Last Post: 13-05-2015, 13:13
  2. Replies: 0
    Last Post: 26-08-2013, 18:01
  3. [ASK] bagaimana user yg terdaftar macadrres bs langsung terkoneksi hotspot
    By tofan_friend in forum HotSpot, The Dude & User Manager
    Replies: 24
    Last Post: 05-09-2012, 08:46
  4. cara membuat user hotspot
    By RiftX in forum HotSpot, The Dude & User Manager
    Replies: 2
    Last Post: 03-09-2010, 00:06
  5. Membuat user hotspot 5 jam/hari
    By choim in forum HotSpot, The Dude & User Manager
    Replies: 17
    Last Post: 11-08-2009, 00:14

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •