| | |  | | | 
26-07-2007, 10:12
|  | Baru Gabung | | Join Date: Jul 2007
Posts: 1
iTrader: ( 0)
Thanks: 0
Thanked 0 Times in 0 Posts
| | | Cara blok ip gmn sih?
Ouh iya bwt para master mikrotik mohon bantuannya nih gmn sih cara blok ip? jadi hanya ip tertentu aja yg bisa di gunakan misalnya yg mau sy pake 192.168.1.1 ampe 192.168.1.50 trs ip yg gk di pakenya di blok gmn tuh? terima kasih
|
26-07-2007, 10:37
|  | Member Super Senior | | Join Date: Jul 2007
Posts: 638
iTrader: ( 0)
Thanks: 10
Thanked 250 Times in 104 Posts
| | |
ada macem macem bro
pertama pake subnetting nah biasanya kalo /24 dipake semua (256 ip) /25 128 ip /26 64 ip. ini tgt jaringann elo bro... kalo kantoran biasanya sih pake /24 nanti di firewall rulenya tinggal di drop aja ip yg ga boleh akses inet kalo gamecenter lebih enak pake /26 ato /25 tgt kapasitas kompi juga.
semakin kecil subnet broadcast ip nya makin cepet jadi latency makin kecil.
kalo menurut tulisan elo.. cuman pake ip 192.168.1.1 - 50 pake subnet yg /26 aja terus ip yg ga boleh akses di drop aja di rule firewall.
@admin
ini salah kamar nigh pindahin yah ^^
| | The Following User Says Thank You to okto_2005 For This Useful Post: | |
26-07-2007, 10:44
|  | Member | | Join Date: Jul 2007
Posts: 156
iTrader: ( 0)
Thanks: 37
Thanked 5 Times in 5 Posts
| | |
coba gini
ip firewall filter>add chain=forward src-address=192.168.x.x action=accept
(sampai ip yang mau u kasih akses )
trus di bawah nya
ip firewall filter add chain=forward action=drop
nah jadi selain ip yang u masukin ga bakalan bisa konek ke mikrotik/internet
|
26-07-2007, 11:19
|  | Newbie | | Join Date: Jun 2007
Posts: 27
iTrader: ( 0)
Thanks: 1
Thanked 12 Times in 4 Posts
| | Quote:
Originally Posted by server_2net  Ouh iya bwt para master mikrotik mohon bantuannya nih gmn sih cara blok ip? jadi hanya ip tertentu aja yg bisa di gunakan misalnya yg mau sy pake 192.168.1.1 ampe 192.168.1.50 trs ip yg gk di pakenya di blok gmn tuh? terima kasih | @server_2net
Itu pake ip firewall aja bro..
tinggal anda urutin yang mao di blok dan mana yang di passthrough..
set yang 192.168.1.1 - 192.168.1.50 actionnya = accept.Selain itu actionnya = drop.
Semoga membantu..
|
26-07-2007, 19:13
|  | Member | | Join Date: Jul 2007
Posts: 238
iTrader: ( 0)
Thanks: 4
Thanked 44 Times in 30 Posts
| | Quote:
Originally Posted by server_2net Ouh iya bwt para master mikrotik mohon bantuannya nih gmn sih cara blok ip? jadi hanya ip tertentu aja yg bisa di gunakan misalnya yg mau sy pake 192.168.1.1 ampe 192.168.1.50 trs ip yg gk di pakenya di blok gmn tuh? terima kasih | misal sisa ip yg gak kepake adl 192.168.1.51 - 192.168.1.255, script nya berarti..
drop input: Code: :for e from 51 to 255 do={ /ip firewall filter add chain=input src-address=(192.168.1. . $e) action=drop } drop forward: Code: :for e from 51 to 255 do={ /ip firewall filter add chain=forward src-address=(192.168.1. . $e) action=drop } drop output: Code: :for e from 51 to 255 do={ /ip firewall filter add chain=output src-address=(192.168.1. . $e) action=drop } coba test bro... 
| | The Following 4 Users Say Thank You to nux For This Useful Post: | |
26-07-2007, 19:26
| ![[a]'s Avatar](http://www.forummikrotik.com/customavatars/avatar1_2.gif) | Administrator | | Join Date: Jun 2007 Location: Jakarta
Posts: 1,477
iTrader: ( 1)
Thanks: 190
Thanked 339 Times in 139 Posts
| |
|
26-07-2007, 19:46
| | Member | | Join Date: Jul 2007
Posts: 238
iTrader: ( 0)
Thanks: 4
Thanked 44 Times in 30 Posts
| | |
bro [a], biar code bisa keliatan semua gimana tuh??, gak usah pake scroll bar.
|
26-07-2007, 19:50
| | Administrator | | Join Date: Jun 2007 Location: Jakarta
Posts: 1,477
iTrader: ( 1)
Thanks: 190
Thanked 339 Times in 139 Posts
| | |
wuahh....postbitnya musti dikulik mah klo gituh....
|
26-07-2007, 19:53
| | Member | | Join Date: Jul 2007
Posts: 238
iTrader: ( 0)
Thanks: 4
Thanked 44 Times in 30 Posts
| | |
postbit sebelah mana??
|
26-07-2007, 19:59
| | Administrator | | Join Date: Jun 2007 Location: Jakarta
Posts: 1,477
iTrader: ( 1)
Thanks: 190
Thanked 339 Times in 139 Posts
| | Quote:
Originally Posted by nux postbit sebelah mana?? | itu salah satu elemen di template forum ini bro...
musti dikulik dan dipelajarin nih ribuan baris template itu.. 
tapi pada dasarnya sih gua setuju sama ide lo...
thanks yahh...
| | The Following 2 Users Say Thank You to [a] For This Useful Post: | |
28-07-2007, 21:36
| | Newbie | | Join Date: Jul 2007
Posts: 20
iTrader: ( 0)
Thanks: 9
Thanked 2 Times in 2 Posts
| | Quote:
Originally Posted by nux misal sisa ip yg gak kepake adl 192.168.1.51 - 192.168.1.255, script nya berarti..
drop input: Code: :for e from 51 to 255 do={ /ip firewall filter add chain=input src-address=(192.168.1. . $e) action=drop } drop forward: Code: :for e from 51 to 255 do={ /ip firewall filter add chain=forward src-address=(192.168.1. . $e) action=drop } drop output: Code: :for e from 51 to 255 do={ /ip firewall filter add chain=output src-address=(192.168.1. . $e) action=drop } coba test bro... |
wah uda di coba mantaf bos 
| | The Following User Says Thank You to bu5y3t For This Useful Post: | |
14-08-2007, 17:43
| | Baru Gabung | | Join Date: Aug 2007
Posts: 19
iTrader: ( 0)
Thanks: 1
Thanked 1 Time in 1 Post
| | Quote:
Originally Posted by nux misal sisa ip yg gak kepake adl 192.168.1.51 - 192.168.1.255, script nya berarti..
drop input: Code: :for e from 51 to 255 do={ /ip firewall filter add chain=input src-address=(192.168.1. . $e) action=drop } drop forward: Code: :for e from 51 to 255 do={ /ip firewall filter add chain=forward src-address=(192.168.1. . $e) action=drop } drop output: Code: :for e from 51 to 255 do={ /ip firewall filter add chain=output src-address=(192.168.1. . $e) action=drop } coba test bro... | thank's banget pencerahannya, tapi saya masih awam bikin skripnya kalau pake winbox dimananya ya.. trus skripnya dijalankan dimana,dan yang dimaksut di skrip yang tulisan
src-address=(192.168.1. . $e) "..$e" nya maksutnya dan harus ditulus apa , mohon pencerahannya lebih lanjut
Last edited by aa_uwan : 14-08-2007 at 17:45.
| | The Following User Says Thank You to aa_uwan For This Useful Post: | |
14-08-2007, 21:28
| | Member | | Join Date: Jul 2007
Posts: 238
iTrader: ( 0)
Thanks: 4
Thanked 44 Times in 30 Posts
| | Quote:
Originally Posted by aa_uwan thank's banget pencerahannya, tapi saya masih awam bikin skripnya kalau pake winbox dimananya ya.. trus skripnya dijalankan dimana,dan yang dimaksut di skrip yang tulisan
src-address=(192.168.1. . $e) "..$e" nya maksutnya dan harus ditulus apa , mohon pencerahannya lebih lanjut | skripnya tinggal kopi paste di terminal (kalo pake winbox), tp edit dulu disesuiakan dengan ip yg mo diblok. misal:
ip yg mo diblok 3 biji (192.168.0.1-192.168.0.3), jadi skripnya:
:for e from 1 to 3 do={ /ip firewall filter add chain=input src-address=(192.168.0. . $e) action=drop }
note: $e gak usah diganti, biarkan seperti itu, kan utk e udah didefinisikan di depan ( for e from 1 to 3 do), yg perlu diedit yaitu ip mana aja yg mo diblok, contoh di sini adl antara 1 ampe 3, dan sesuaikan ip address anda, contoh disini adl 192.168.0.1-192.168.0.3 maka di skripnya 192.168.0. . $e
| | The Following 3 Users Say Thank You to nux For This Useful Post: | |
16-08-2007, 14:52
| | Baru Gabung | | Join Date: Aug 2007
Posts: 19
iTrader: ( 0)
Thanks: 1
Thanked 1 Time in 1 Post
| | Quote:
Originally Posted by nux skripnya tinggal kopi paste di terminal (kalo pake winbox), tp edit dulu disesuiakan dengan ip yg mo diblok. misal:
ip yg mo diblok 3 biji (192.168.0.1-192.168.0.3), jadi skripnya:
:for e from 1 to 3 do={ /ip firewall filter add chain=input src-address=(192.168.0. . $e) action=drop }
note: $e gak usah diganti, biarkan seperti itu, kan utk e udah didefinisikan di depan (for e from 1 to 3 do), yg perlu diedit yaitu ip mana aja yg mo diblok, contoh di sini adl antara 1 ampe 3, dan sesuaikan ip address anda, contoh disini adl 192.168.0.1-192.168.0.3 maka di skripnya 192.168.0. . $e | oc banget pencerahannya tararequ , thanksbanget
|
23-08-2007, 13:41
| | Baru Gabung | | Join Date: Jul 2007
Posts: 4
iTrader: ( 0)
Thanks: 0
Thanked 0 Times in 0 Posts
| |
kl pake DHCP gimana cara blok nya???
Thanks... 
| |
![[a] has disabled reputation](http://www.forummikrotik.com/images/reputation/reputation_off.gif)
