Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 7 of 7
  1. #1
    Status
    Offline
    wonkfeihung's Avatar
    Newbie
    Join Date
    Jan 2010
    Posts
    34
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Blocking UltraSurf

    scrip buat blok ultrasurf (akhirnya berhasil juga....) Click here to enlarge

    ane buat mangle buat nangkepin paket yang pake port 443, tambahin exception ip (buat Ymail, Gmail, etc) sesuai kebutuhan, tinggal di drop deh kalo udah ketangkep

    /ip firewall address-list
    add address=72.14.192.0/18 comment="" disabled=no list=ultra
    add address=208.53.128.0/18 comment="" disabled=no list=ultra
    add address=98.136.0.0/14 comment="" disabled=no list=ultra
    add address=64.233.160.0/19 comment="" disabled=no list=ultra
    add address=124.108.120.0/21 comment="" disabled=no list=ultra
    add address=124.108.112.0/20 comment="" disabled=no list=ultra
    add address=68.180.128.0/17 comment="" disabled=no list=ultra
    add address=206.190.32.0/19 comment="" disabled=no list=ultra
    add address=202.158.49.0/24 comment="" disabled=no list=ultra
    add address=203.84.200.0/21 comment="" disabled=no list=ultra
    add address=203.84.204.0/22 comment="" disabled=no list=ultra
    add address=192.221.0.0/16 comment="" disabled=no list=ultra
    /ip firewall filter
    add action=jump chain=forward comment="blok ultrasurf" disabled=no \
    jump-target="url ultra" packet-mark="ultra packet"
    add action=drop chain="url ultra" comment="" disabled=no
    /ip firewall mangle
    add action=mark-connection chain=forward comment=ULTRASURF disabled=no \
    dst-address=0.0.0.0/0 dst-address-list=!ultra dst-port=443 \
    new-connection-mark="ultra connect" passthrough=yes protocol=tcp
    add action=mark-packet chain=forward comment="" connection-mark=\
    "ultra connect" disabled=no new-packet-mark="ultra packet" passthrough=\
    yes

    credited to my pal...BERNARD...thx atas masukannya! --> "kenapa lu ga coba tangkep paketnya?" Click here to enlarge

  2. The Following User Says Thank You to wonkfeihung For This Useful Post:

    sgz

  3. #2
    Status
    Offline
    awarmanf's Avatar
    Member
    Join Date
    Apr 2008
    Posts
    222
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Pakai linux sebagai proxy? Kalau pakai linux dijamin tokcer bloking ultrasurf, tidak pakai layer7. Saya sudah mencoba menerapkannya di mikrotik, tetapi masih belum ketangkap juga paketnya. Petunjuk untuk menganalisa ultrasurf dan cara memblok koneksinya bisa baca-baca tulisan saya:


    Proxy linux dipasang sebagai bridge, jadi posisinya antara mikrotik dan user.

    Salam,

    Arief Yudhawarman

  4. The Following User Says Thank You to awarmanf For This Useful Post:


  5. #3
    Status
    Offline
    sgz
    sgz's Avatar
    Baru Gabung
    Join Date
    May 2010
    Posts
    10
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    sebelumnya gw coba ultrasurf dan gw buka pesbuk berhasil kebuka dengan lancar padahal gw blok di squid nya.. Click here to enlarge

    setelah itu gw coba jalanin script yang TS kasih.. gw coba lagi ultrasurf nya.. status ultrasurf nya "Failed to connect to server" Click here to enlarge

  6. #4
    Status
    Offline
    oscark007's Avatar
    Member
    Join Date
    Jul 2010
    Posts
    116
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    wah, mau coba ah,.

  7. #5
    Status
    Offline
    sgz
    sgz's Avatar
    Baru Gabung
    Join Date
    May 2010
    Posts
    10
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    udah dua hari pake script ini, facebook, ym, email yahoo sering ga bisa konek.. setelah gw disable mangle yang 'mark connection' baru bisa login lagi facebook ama email yahoo nya.. gimana menurut TS ? apa TS ngalamin hal yang serupa Click here to enlarge

  8. #6
    Status
    Offline
    wonkfeihung's Avatar
    Newbie
    Join Date
    Jan 2010
    Posts
    34
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by sgz Click here to enlarge
    udah dua hari pake script ini, facebook, ym, email yahoo sering ga bisa konek.. setelah gw disable mangle yang 'mark connection' baru bisa login lagi facebook ama email yahoo nya.. gimana menurut TS ? apa TS ngalamin hal yang serupa Click here to enlarge
    yup...pertama2 sih kaya gitu tp coba kita perhatiin, contoh...ym kalo login pasti ke port 443 dulu, makanya ipnya kita masukin ke exception list, jadi yg ujung2nya login, kaya gmail, ymail ato sejenisnya pasti awalnya verifikasi ke port 443 dulu, so masukin exception deh....Click here to enlarge

  9. #7
    Status
    Offline
    Othux's Avatar
    Newbie
    Join Date
    Apr 2010
    Posts
    30
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    hmm masih tembus bos,di test pake yg versi terbaru 999
    filter rule :
    Code:
     4 I ;;; blok ultrasurf
         chain=forward action=jump jump-target=url ultra packet-mark=ultra packet 
    
     5   chain=forward action=drop src-address=192.168.99.0/28 
         packet-mark=ultra packet
    apa rule gw yg salah? Click here to enlarge

    [Edit]
    Wah gila ni ultrasurf, makin pinter aja, kalo port 443 di blockir bisa connect ke port laen Click here to enlarge
    Last edited by Othux; 09-10-2010 at 23:18.

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Bloking ultrasurf di hotspot mikrotik
    By agoesh in forum Scripting @ Mikrotik
    Replies: 43
    Last Post: 07-09-2012, 19:02
  2. Blocking P2P dengan layer 7
    By hakeem in forum General Networking
    Replies: 7
    Last Post: 20-12-2009, 11:34

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •