Tampilkan postingan dengan label MikroTik. Tampilkan semua postingan
Tampilkan postingan dengan label MikroTik. Tampilkan semua postingan

15/12/15

Cara Melihat PC Yang Menguras Bandwidth Dengan Mikrotik

Bandwidth Terkuras.. Kenapa?
Hari ini client warnet pakai speedy komplain,.. kenapa yang main game pada lemot,.. padahal semua sedang main game online. Game Point Blank Garena Indonesia.. Nggak ada yang download atau browsing.
Setelah di cek di Mikrotik ada file ext yang hit nya sangat tinggi sekali sampai memakai hampir 1 GB,,


Kemudia Warnet Pakai Speedy sarankan untuk mengecek secara manual PC mana yang telah menguras banyak bandwidth.
Ada satu PC yang nyala dan hit pada mikrotik masih tinggi.., jadi Warnet Pakai Speedy berkesimpulan bahwa kompi itulah menjadi penyebab terkuras nya banyak bandwidth.

Penyebab terkurasanya bandwidht adalah :
  1. Virus 
  2. Adanya program yang update otomatis dibackdoor.
Solusi terkurasnya bandwidht adalah :
  1. Clean computer dengan Antivirus terbaru
  2. Jika dengan cleaning virus masih tidak mempam, instan ulang windows
  3. Update semua program,.. jika program itu tidak penting Uninstal saja.

Kambali judul "Cara Melihat PC Yang Menguras Bandwidth dengan Mikrotik"

1. Masuk ke Mikrotik dengan Winbox
2. Klik Tools ----> Torch
3. Pada Basic Interface pilih Local
4. Pada Filters Scr. Address masukan Ip Address Computer yang ingin dilihat
5. Klik Start.
6. Jika yakin udah selesai klik Stop
7. Selesai..

04/12/15

Cara Membuat Hotspot di Mikrotik

Cara Membuat Hotspot di Mikrotik Cara membuat dan seting mikrotik sebagai Hotspot.

Dengan menggunakan Mikrotik sebagai Hotspot, kita dapat mengkonfigurasi jaringan wireless yang hanya bisa digunakan dengan username dan password tertentu. Kita juga dapat melakukan manajemen terhadap user-user tersebut. >Konfigurasi dasar hotspot.

1. Tentukan interface yang akan dibuatkan hotspot. 
Karena kita akan membuat hotspot via wifi maka pilih interface wlan. Kita akan menggunakan wlan1. Aktifkan wlan1 dan gunakan mode AP Bridge, isikan SSID dengan nama hotspot anda.

2. Beri IP address interface wlan1, misalnya 192.168.100.1/24
[admin@MikroTik] > ip address add address= 192.168.100.1/24 interface=wlan1
Atau bisa melalui winbox, masuk ke menu IP --> Address

3. Sekarang kita mulai membuat Hotspot untuk wlan1. Gunakan wizard Hotspot Setup.
Masuk ke menu IP --> Hotspot --> Hotspot Setup

4. Pilih Hotspot Interface : wlan1 --> klik Next
5. Selanjutnya mengisikan IP address dari wlan1 dan centang Masquerade Network. klik Next

 6. Menentukan range IP address yang akan diberikan ke user (DHCP Server), misal : 192.168.100.10-192.168.100.254.
Jadi user akan diberikan IP secara otomatis oleh DHCP Server antara range IP tersebut.

7. Memilih SSL certificate. Pilih none saja, klik Next.

8. IP Address untuk SMTP Server kosongkan saja. Klik Next.
9. Memasukkan alamat DNS Server. 
Isikan saja dengan DNS Server nya Google : 8.8.8.8 dan 8.8.4.4. Klik Next.

10. Memasukkan nama DNS untuk local hotspot server. Jika diisi nantinya akan menggantikan alamat IP dari wlan1 sebagai url halaman login. Jika tidak diisi maka url halaman login akan mengguakan IP address dari wlan1. Kosongkan saja, klik next.

11. Hotspot sudah berhasil dibuat. Silakan anda coba koneksikan laptop anda ke wifi hotspot anda.



12. Buka browser dan akses web sembarang, misalnya mikrotikindo.blogspot.com maka anda akan dialihkan ke halaman login hotspot mikrotik.

 
13. Silakan coba login dengan username : admin dan password : kosong.
14. Jika berhasil login berarti Hotspot sudah beres.
15. Untuk mengedit dan menambahkan user silakan masuk ke menu IP --> Hotspot --> klik tab Users


Sekian Cara Membuat Hotspot di Mikrotik

Sumber :http://mikrotikindo.blogspot.co.id/ 

Cara Upgrade Dan Downgrade MikrotikOs

Setiap software yang kita gunakan harus atau wajib untuk di Upgrade, karena akan banyak perubahan atau penyempurnaan dari software-software tersebut. Termasuk dengan Mikrotik, mikrotik juga harus di upgrade.
Untuk men Upgrade Mikrotik, yang Warnet Pakai Speedy ketahui ada 2 cara , yaitu :
  • Secara Manual
  • Secara Otomatis
Sebelum mikrotik di Upgrade disarankan untuk membackup semua data yang ada, untuk jaga-jaga kalau terjadi hal-hal yang tidak kita inginkan. Sebaiknya ketahui versi terakhir dari mikrotik yang kita milik, pada gambar dibawah terlihat versi dari mikrotik yang Warnet Pakai Speedy gunakan adalah v5.7 on RB750 (mipsbe).

Sebelum di upgrade

Cara UpGrade Mikrotik
1. UpGrade Mikrotik Secara Menual
  • Download Router OS sesuai dengan jenis Mikrotik yang kita gunakan (Download Disini)
  • Buka Winbox Pilih menu Files
  • Kembali ke folder hasil download RouterOS tadi, kemudian drag and drop ke halaman menu files tadi, atau klik kanan File RouterOS(klik kanan pilih copy) kemudian pilah Icon warna coklat di menu file, (dicopy paste)
  • Cek apakah file RouterOS sudah berada di dalam menu files, jika sudah silahkan Reboot Mikrotiknya, proses Upgrade sedang berlangsung, dan Mikrotik akan restar.
  • Jika proses berhasil maka, versi Mikrotik akan berubah.
http://warnet-speedy.blogspot.co.id/2015/12/cara-upgrade-dan-downgrade-mikrotikos.html
Setelah di upgrade

Coba bandingkan dua gambar di atas, akan kelihatan jelas, sebelum dan sesudah mikrotik di upgrade.
semoga mengerti..

2.  UpGrade Mikrotik Secara Otomatis (Online)
  • Masuk ke webfig Mikrotik menggunakan Mozilla Fierfox atau Google Chrome, ketikan Ip Address mikrotik (misalnya : 192.168.0.1) sama dengan cara masuk ke winbox
  • Klik menu System --> Packages ---> Pilih Chek For Updates, akan muncul RouterOS terbaru, 
  • Klik Download And Upadates, 
  • Tunggu proses sampai selesai, sekitar 5 menit atau lebih
  • Mikrotik akan reboot
http://warnet-speedy.blogspot.co.id/2015/12/cara-upgrade-dan-downgrade-mikrotikos.html


Catt :
Kalo ingin me Downgrade Mikrotik, cara nya hampir sama..
Semoga bisa membantu

23/10/15

Cara Setting Tanggal Di Mikrotik Agar Tidak Berubah

Cara Setting Tanggal Di Mikrotik Agar Tidak Berubah

Agar tanggal di Mikrotik tidak berubah saat mikrotik di shootdown, sehingga tidak perlu lagi menyeting lagi ketika log in ke Mikrotik..

Langsung aja..
  1. Log in ke mikrotik 
  2. Pilih menu "System"
  3. Pada menu System pilih NTP Client atau SNTP Client (untuk V 6.32.2)
  4. Contreng "Enable"
  5. Isikan "Primary NTP Server" dengan 152.118.24.8 dan "Secondary NTP Server" dengan 202.169.224.16
  6. Click "Apply" maka Mode akan berubah jadi "Unicast"
  7. OK
  8. Selesai 
Untuk mengetesnya reboot Mikrotik

Untuk lebih jelasnya silahkan lihat Video Cara Setting Tanggal Mikrotik Agar Tidak Berubah


04/08/15

Terbaru Port Game Point Blank Online GarenaID Mikrotik

Setelah game Online Point Blank Gemscool pindah ke GarenaID secara otomatis port game Point Blank juga berubah di settingan mikrotik.

Agar main game Point Blank GarenaID lancar, settingan mangle mikrotik untuk Game Online Point Blank harus dirubah..

Ini port game online Point Blank GarenaID
TCP: 9100,9200,39190
UDP: 40000-40010 

Screenshoot setelah mangel port game online Point Blank dari Gemscool dirobah ke GarenaID

Mangle Port Game Mikrotik

Demikian port game online Point Blank terbaru GarenaID mikrotik
mudah mudahan bisam membantu dan lancar

15/11/13

Setting Mikrotik Dan Proxy External IpCop

Kebutuhan akan akses jaringan yang cepat sangat penting, tapi bagaimana dengan bandwidth yang pas-pasan terutama di daerah, paling tinggi untuk acces speedy cuma paket 1Mb, untuk 5-10 PC warnet game online dan browsing sudah ngosh-ngoshan, apalagi client yang doyan download dan nonton you tube?
Ada yang mengatasi dengan memasang 2 line speedy 1Mb, agar bandwidth speedy bisa mencapai 2Mb, apa itu bisa? . Loadbalance solusinya..   Entahlah

Akhirnya Warnet Pakai Speedy mencoba menggabungkan Mikrotik RB750 dengan Proxy External IpCop dan walaupun belum menemukan settingan yang memuaskan tapi cukup membatu terutama untuk Update game online seperti PB dan LS dan game online lainnya, ada perubahan saat mengakses halaman Web yang sudah pernah di buka, cukup cepat..

Berikut ini Screen Shootnya..
Proxy Hit


Squid Log
Untuk sementara Warnet Pakai Speedy merasa tenang, karena klient yang berteriak leg, sudah berkurang walaupun ada yang teriak tapi maklum setelah Warnet Pakai SPeedy perhatikan disebabkan oleh ping dari google atau DNS speedy yang telah pada waktu dan hari-hari tertentu, contohnya hari ini , Jum,at
Perhatikan Screenshoot dari ping ke Google
Ping Google.com

Jika ada yang ingin mencoba mencoba silahkan..
Untuk tutorialnya ada di blog warnet pakai speedy ini..

Tambahan :
Untuk settingg squid.conf  IpCop Warnet pakai SPeedy menggunakan seperti dibawah ini :
# Do not modify '/var/ipcop/proxy/squid.conf' directly since any changes
# you make will be overwritten whenever you resave proxy settings using the
# web interface!
#
# Instead, modify the file '/var/ipcop/proxy/advanced/acls/include.acl' and
# then restart the proxy service using the web interface. Changes made to the
# 'include.acl' file will propagate to the 'squid.conf' file at that time.

shutdown_lifetime 5 seconds
icp_port 0

http_port 192.168.5.2:3128 transparent
#tcp_outgoing_tos 0x30 localnet
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136
#End of custom includes

cache_effective_user squid
cache_effective_group squid
umask 022

pid_filename /var/run/squid.pid

cache_mem 8 MB
cache_dir aufs /var/log/cache 1000 16 256

error_directory /usr/lib/squid/advproxy/errors.ipcop/English

memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA

access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none

log_mime_hdrs off
forwarded_for off
via off

acl within_timeframe time MTWHFAS 00:00-24:00

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 563 # snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 3128 # Squids port (for icons)

acl IPCop_http  port 81
acl IPCop_https port 445
acl IPCop_ips              dst 192.168.5.2
acl IPCop_networks         src "/var/ipcop/proxy/advanced/acls/src_subnets.acl"
acl IPCop_servers          dst "/var/ipcop/proxy/advanced/acls/src_subnets.acl"
acl IPCop_green_network    src 192.168.5.0/255.255.255.0
acl IPCop_green_servers    dst 192.168.5.0/255.255.255.0
acl CONNECT method CONNECT
#Start of custom includes

cache_swap_low 98
cache_swap_high 99
maximum_object_size_in_memory 64 KB
ipcache_size 8192
cache_vary on
ipcache_low 98
ipcache_high 99

# Add File Extension you want to cache
refresh_pattern -i \.(jp?g|gif|pnp|png|\?bm?)$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.jar$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.dll$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.klz$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.dif$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.avi$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.iso$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.3gp$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.mpeg$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.xml$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.exe$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.zip$ 0 90% 40320 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.rar$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.mp3$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.dll$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.rar$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.npz$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.cfg$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.ver$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.erl$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.npz$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.xt$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.xtp$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.cfg$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.des$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.new$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.t2bk$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.smd$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.gi$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.dat$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.luc$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.flv$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.html$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.htm$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.php$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.jsp$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.swf$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.bin$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.pdf$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.mp4$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 ignore-reload override-expire reload-into-ims

refresh_pattern /.gif 4320 50% 43200
refresh_pattern /.jpg 4320 50% 43200
refresh_pattern /.jpeg 4320 50% 43200
refresh_pattern /.png 4320 50% 43200
refresh_pattern ^http://www.friendster.com/.* 720 100% 10080
refresh_pattern ^http://mail.yahoo.com/.* 720 100% 10080
refresh_pattern ^http://*.yahoo.*/.* 720 100% 7200
refresh_pattern ^http://*.google.com/.* 720 100% 10080
refresh_pattern ^http://www.telkomspeedy.com/.* 720 100% 28800
refresh_pattern ^http://*.blogsome.com/.* 720 80% 10080
refresh_pattern ^http://*.gemscool.com/.* 720 80% 10080

refresh_pattern ^http://*.wordpress.com/.* 720 80% 10080

refresh_pattern ^http://*.detik.com/.* 720 90% 2880

refresh_pattern ^http://*.facebook.com/.* 720 90% 2880
refresh_pattern ^http://*.akamaihd.*/.* 720 90% 2880

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
##--------------
quick_abort_min 0
quick_abort_max 0
quick_abort_pct 98
store_avg_object_size 32 KB
log_fqdn off
log_icp_queries off
memory_pools off
log_ip_on_direct off
log_mime_hdrs off
buffered_logs off
icp_hit_stale on
query_icmp on
reload_into_ims on
pipeline_prefetch on
vary_ignore_expire on

#acl download url_regex -i ftp .mp3 .vqf .flv .tar.gz .exe .mpeg .mp2 .mp4 .torent .gz .rpm .zip .rar .avi .3gp .mov .mpe .mpg .qt .ram .rm .iso .raw .wav .pdf .wmv .wma .ogg .doc
#acl download url_regex -i \.exe$ \.mp3$ \.vqf$ \.gz$ \.rpm$ \.zip$ \.rar$ \.pdf$ \.doc$ \.avi$ \.mpe$ \.mpg$ \.qt$ \.ram$ \.rm$ \.iso$ \.dat$ \.raw$ \.wav$ \.mp4$ \.mpeg$ \.3gp$ \.flv$
#delay_pools 1
#delay_class 1 1
#delay_parameters 1 24000/24000
#delay_access 1 deny IPCop_ips
#delay_access 1 allow download
#delay_initial_bucket_level 100

#Access to squid:
#local machine, no restriction
http_access allow         localhost

#GUI admin if local machine connects
http_access allow         IPCop_ips IPCop_networks IPCop_http
http_access allow CONNECT IPCop_ips IPCop_networks IPCop_https

#Deny not web services
http_access deny          !Safe_ports
http_access deny  CONNECT !SSL_ports

#Prevent internal proxy access to Green
http_access deny IPCop_green_servers !IPCop_green_network

#Set custom configured ACLs
http_access allow IPCop_networks within_timeframe
http_access deny  all

#Strip HTTP Header
header_access X-Forwarded-For deny all
header_access Via deny all

maximum_object_size 10096 KB
minimum_object_size 0 KB

request_body_max_size 0 KB
reply_body_max_size 0 allow all

visible_hostname garashinet.localdomain

Agar Hit dapat di Access oleh mikrotik warnet pakai speedy menambahkan ini pada etc/rc.d/rc.local
route add default gateway 192.168.5.1
iptables -A PREROUTING -t nat -j REDIRECT -p tcp -s 192.168.0.0/24 -d 0/0 --dport 80 --to-ports 3128
iptables -A INPUT -p tcp -s 0.0.0.0/0 -d 192.168.5.2 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s 192.168.5.2 --sport 3128 -d 0.0.0.0/0 -m state --state ESTABLISHED -j ACCEPT
Demikianlah Setting Mikrotik dan Proxy External IpCop
Semoga bisa membantu..

25/10/13

Cara Mengganti Login Page Hotspot Mikrotik

Cara Mengganti Login Page Hotspot Mikrotik

Alat dan bahan :
  • HTML editor : Dreamweaver, Notepad++, dll
  • Picture editor : CorelDraw, Photoshop, dll

Pastikan Hotspot Mikrotik anda sudah jalan, coba akses halaman login hotspot anda di Browser.

Buka Winbox, masuk ke menu Files. Semua file halaman login hotspot ada di folder hotspot.


Agar bisa mengedit file nya, copy dulu file di folder hotspot itu ke komputer. Caranya bisa dengan mengakses file itu via FTP. Buka Windows Explorer, masukkan alamat berikut : ftp://ipaddressmikrotik, misalnya : ftp://192.168.100.1
Login dengan username dan password seperti pada winbox.


Masuk ke folder hotspot. Copy semua file nya,


Edit  file .html nya pakai Dreamweaver atau Notepad++. 
Untuk halaman login ada di file login.html.



Save dan upload ke Mikrotik

Hasilnya

Ingin lebih profesional .. ???


Silakan download aja contoh halaman login hotspot Mikrotik disini :

Edit sesuai dengan selera anda ... Gunakak Dreawever atau Notepad ++


Oke  sekian Cara Mengganti  Login Page Hotspot Mikrotik.

Cara Setting Transparent Proxy Mikrotik

Cara Setting Transparent Proxy Mikrotik
Transparent Proxy adalah konsep proxy transparan yaitu konfigurasi proxy dimana client yang terhubung ke proxy tidak harus menyeting atau memasukkan konfigurasi proxy ke browser satu per satu. Sehingga penggunaan proxy akan lebih simpel dan mudah. 

Setting Web Proxy Mikrotik

Silakan buka Winbox dan ikuti langkah berikut :
1. Masuk ke menu IP --> Web Proxy pada Winbox
2. Untuk mengaktifkan Web Proxy centang tombol "Enabled"
3. Isikan port yang akan digunakan oleh Proxy. Isikan saja port 8080
4. Cache Administrator bisa anda ganti dengan email anda sendiri selaku Admin nya
5. Max. Cache Size menentukan berapa besar alokasi memori untuk menyimpan cache proxy nya. Silakan anda isikan sesuai kebutuhan atau bisa saja pilih unlimited.
6. Centang opsi Cache On Disk agar penyimpanan dilakukan pada harddisk Mikrotik bukannya RAM. Karena biasanya harddisk Mikrotik lebih basar daripada RAM nya.
7. Klik Apply --> OK 



Sampai disini Web Proxy sudah berhasil dibuat. Anda sudah bisa menggunakan Web Proxy Mikrotik ini namun harus mengkonfigurasi setingan Proxy pada Browser anda dulu dengan IP address Mikrotik dan port 8080. Nah, biar ga ribet seting browser dan membuatnya lebih simple kita akan mengaktifkan fungsi Transparent Proxy.

Cara Setting Transparent Proxy Mikrotik

Cara kerja Transparent Proxy ini dengan mengalihkan (redirect) Traffic data HTTP (destination port 80) ke port yang digunakan proxy yaitu 8080. Caranya dengan mengkonfigurasi Firewall NAT nya dengan chain=dstnat dan action redirect.
Berikut ini command nya :
ip firewall nat add chain=dstnat protocol=tcp dst-port=80 action=redirect to-ports=8080
atau bisa melalui Winbox, masuk menu IP --> Firewall



Pada tab General 
Chain : dstnat
Protocol : tcp
Dst. Port : 80


Pada tab Action
Action : redirect
To Ports : 8080

Sekarang Proxy Mikrotik nya sudah Transparent. Untuk mengujinya, silakan anda buka menu IP --> Web Proxy di Winbox. Masuk tab Status dan klik Connections. Kalau keduanya sudah ada isinya berarti transparent Proxy Mikrotik sudah jalan.


Selain itu anda juga bisa menguji nya dengan membuka browser kemudian masukkan alamat sembarang supaya terjadi pesan error. Jika Transparent Proxy Mikrotik sudah jalan maka akan muncul pesan error dari Mikrotik nya seperti gambar berikut ini :


VIDEO TUTORIAL



 Tutorial Cara Setting Transparent Proxy Mikrotik

Cara Melihat Username dan Password Mikrotik

Cara Melihat Username dan Password Mikrotik
 
Oke, berikut cara recovery username dan password Mikrotik dengan Mikrotik Backup Password Recovery :

1. Pastikan anda masih menyimpan file backup dari Router Mikrotik yang anda lupa password nya.



3. Klik Browse dan pilih file backup Mikrotik anda --> Klik Open



4. Kemudian klik Show Password untuk melihat username dan password Router Mikrotik anda yang kelupaan.


5. Akan muncul username di sebelah kiri dan password nya di samping kanan nya seperti gambar di atas.

Yang penting anda harus rajin Backup Konfigurasi Mikrotik anda supaya hal-hal yang tidak diinginkan tidak terjadi dan juga catat username dan password anda supaya ketika lupa tidak repot

Jika cara ini tidak bisa digunakan mungkin karena tidak ada file backup dari Mikrotik anda, cara lainnya adalah dengan mereset Router Mikrotik anda. Saya sudah pernah membahasnya pada artikel ini Tutorial Cara Reset Mikrotik

Oke, Semoga Tutorial Mikrotik Indonesia tentang Cara Melihat Username & Password Mikrotik ini bisa bermanfaat.

03/08/13

Cara Load Balancing 2 Line Speedy Dengan Mikrotik RB750

Cara Load Balancing 2 Line Jaringan Telkom Speedy 

Misalnya :
IP Modem Speedy
IP Modem 1 : 192.168.1.1
IP Modem 2 : 192.168.2.1

IP Mikrotik 
Ether 1 Mikrotik : 192.168.1.2 (Speedy1)
Ether 2 Mikrotik : 192.168.2.2 (Speedy2)
Ether 3 Mikrotik : 192.168.0.1 (Local)

Colokkan Modem 1 pada Ether 1
Colokkan Modem 2 pada Ether 2
Colokkan Swicht Hub pada Ether 3
Dial Up dari Modem

Lanjut ...
1. Set IP Address Mikrotik
/ip address
add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=Speedy1
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=Speedy2
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local 

2. Set  Routes
/ip routes
add dst-address=0.0.0.0/0 gateway=192.168.1.1 mark=Speedy1
add dst-address=0.0.0.0/0 gateway=192.168.2.1 mark=Speedy2 

3. Set Mangle (untuk load balancing)
/ip firewall mangle
add chain=prerouting action=mark-connection new-connection-mark=Speedy1 passthrough=yes connection-state=new in-interface=Local extra-nth=2,1
add chain=prerouting action=mark-routing new-routing-mark=Speedy1 passthrough=no in-interface=Local connection-mark=Speedy1 add chain=prerouting action=mark-connection new-connection-mark=Speedy2 passthrough=yes connection-state=new in-interface=Local extra-nth=2,2
add chain=prerouting action=mark-routing new-routing-mark=Speedy2 passthrough=no in-interface=Local connection-mark=Speedy2 

4. Set NAT (untuk load balancing)
/ip firewall Nat
add chain=srcnat action=masquerade 
 atau
/ip firewall Nat
add chain=srcnat out-interface=Speedy1 action=masquerade
add chain=srcnat out-interface=Speedy2 action=masquerade 

Masukkan menggunakan "WinBox", Jika ingin copas silahkan copas ke notepad dulu baru kemudian di copas ke "New Terminal Mikrotik"

Pada dasarnya cara setting mikrotik menggunakan 1 atau lebih line speedy adalah sama, hanya perbedaan pada pengaturan mangle dan nat..

Selamat mencoba.. semoga membantu

13/06/13

Setting Mikrotik Untuk Game Online Dan Browsing (1Mb Speedy)

SETTING MIKROTIK UNTUK GAME ONLINE DAN BROWSING (1Mb Speedy)

Pada tutor kali ini saya coba uraikan settingan mikrotik untuk game online dicampur dengan kepentingan browsing agar berjalan serasi dan seimbang.

Lgo Warnet Garashi
Note:
Script di bawah hanya berjalan pada mikrotik versi 3.30 ke atas. Bandwidth yang diimplementasikan 1Mbps/256Kbps (SPEEDY)

SET INTERFACE MIKROTIK
/interface
set 0 name=Public
set 1 name=Local

SET IP  ADDRESS
/ip address
add address=192.168.1.2/24 interface=Public
add address=192.168.0.1/24 interface=Local

SET ROUTE
/ip route
add gateway=192.168.1.1

SET DNS
/ip dns
set primary-dns=222.124.204.34,202.134.0.155
set allow-remote-requests=yes

SET NAT
/ip fi nat
add chain=srcnat action=masquerade out-interface=Public

ROUTING UNTUK GAME ONLINE:
/ip firewall mangle \
add action=mark-connection chain=prerouting \
comment="GAME ONLINE" dst-port=\
"1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6001,6000-6152,7777" \
new-connection-mark="zar-goc" passthrough=yes protocol=tcp
/ip firewall mangle \
add action=mark-connection chain=prerouting \
disabled=no dst-port="7341-7350,7451,8085,9600,9601-9602,9300,9400,9700,93\
76-9377,10001-10011,40000" \
new-connection-mark="zar-goc" passthrough=yes protocol=tcp
/ip firewall mangle \
add action=mark-connection chain=prerouting \
dst-port="10009,13008,16666,28012,11011-11041,10402,11031,12011,12110,13413,15000-15002,15001,15002" \
new-connection-mark="zar-goc" \
passthrough=yes protocol=tcp
/ip firewall mangle \
add action=mark-connection chain=prerouting \
disabled=no dst-port="16402-16502,18901-18909,19000,19101,22100,27780,29000,29200,39100,39110,39220,39190,49100" \
new-connection-mark="zar-goc" passthrough=yes protocol=tcp
/ip firewall mangle \
add action=mark-connection chain=prerouting \
dst-port=14009-14010 new-connection-mark="zar-goc" \
passthrough=yes protocol=tcp
/ip firewall mangle \
add action=mark-connection chain=prerouting \
dst-port="1293,1479,6100-6152,7777-7977,9401,9600-9602,12020-12080,30000,40000-40010" \
new-connection-mark="zar-goc" passthrough=yes protocol=udp
/ip firewall mangle \
add action=mark-connection chain=prerouting \
dst-port=42051-42052,11100-11125,11440-11460 \
new-connection-mark="zar-goc" passthrough=yes protocol=udp
/ip firewall mangle \
add action=mark-connection chain=prerouting \
dst-port=14009-14010 new-connection-mark="zar-goc" \
passthrough=yes protocol=udp


GAME DIBUAT PREROUTING AGAR TIDAK BERLIKU DI TUBUH ROUTER
/ip firewall mangle \
add action=mark-packet chain=prerouting \
connection-mark="zar-goc"  \
new-packet-mark="zar-gopd" passthrough=no

INI ROUTING UNTUK GAME FACEBOOK
/ip firewall mangle \
add action=mark-connection chain=prerouting \
comment="GAME FACEBOOK" dst-port=843,9339 \
new-connection-mark="zar-gfc" passthrough=yes \
protocol=tcp
/ip firewall mangle \
add action=mark-packet chain=forward \
connection-mark="zar-gfc" disabled=no \
dst-address=192.168.0.0/24 new-packet-mark="zar-gfpd" \
passthrough=no
/ip firewall mangle \
add action=mark-packet chain=forward \
connection-mark="zar-gfc" new-packet-mark="zar-gfpu"\
passthrough=no src-address=192.168.0.0/24

PCQ UNTUK SPEED BAGI RATA
/queue type \
add kind=pcq name=DOWN \
pcq-classifier=dst-address,dst-port
/queue type \
add kind=pcq name=UP \
pcq-classifier=src-address,src-port

INI QUEUE UNTUK GAME ONLINE
/queue tree \
add name="2.GAME DOWN" \
parent=global-out priority=2
/queue tree \
add name="3.GAME UPLOAD" \
parent=Public priority=2
/queue tree \
add name="1.GAME ONLINE DOWN" \
packet-mark="zar-gopd" \
parent="2.GAME DOWN" priority=2 queue=DOWN
/queue tree \
add max-limit=256000 \
name="2.GAME FACEBOOK DOWN" \
packet-mark="zar-gfpd" \
parent="2.GAME DOWN" priority=3 queue=DOWN
/queue tree \
add name="1.GAME ONLINE UPLOAD" \
packet-mark="zar-gopd" \
parent="3.GAME UPLOAD" priority=2 queue=UP
/queue tree \
add limit-at=0 max-limit=128000 \
name="2.GAME FACEBOOK UPLOAD" \
packet-mark="zar-gfpu" \
parent="3.GAME UPLOAD" priority=3 queue=UP


LIMIT FILE EXTENSI, SEPERTI .EXE .RAR .YOUTUBE, DLL
/ip firewall layer7-protocol
add name="YOUTUBE DOWNLOAD" \
regexp="http/(0\\.9|1\\.0|1\\.1) \
[\\x09-\\x0d ][1-5][0-9][0-9] \
[\\x09-\\x0d -~]*(content-type: video)"
add name=EXE regexp="\\.(exe)"
add name=RAR regexp="\\.(rar)"
add name=ZIP regexp="\\.(zip)"
add name=7z regexp="\\.(7z)"
add name=WMV regexp="\\.(wmv)"
add name=MPG regexp="\\.(mpg)"
add name=MPEG regexp="\\.(mpeg)"
add name=AVI regexp="\\.(avi)"
add name=FLV regexp="\\.(flv)"
add name=WAV regexp="\\.(wav)"
add name=MP3 regexp="\\.(mp3)"
add name=MP4 regexp="\\.(mp4)"
add name=ISO regexp="\\.(iso)"
add name=3GP regexp="\\.(3gp)"
add name=MOV regexp="\\.(mov)"
add name=MKV regexp="\\.(mkv)"
add name="YOUTUBE STREAMING" regexp=youtube
add name=PORN regexp=porn
add name=TUBE regexp=tube
add name=VIDEO regexp=video
add name=MOVIE regexp=movie

ROUTING UNTUK EXTENSI
/ip firewall mangle
add action=mark-packet chain=forward \
comment="LIMIT EXTENTION" disabled=no \
layer7-protocol="YOUTUBE DOWNLOAD" \
new-packet-mark="YOUTUBE DOWNLOAD" \
passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol="YOUTUBE STREAMING" \
new-packet-mark="YOUTUBE STREAMING" \
passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=TUBE \
new-packet-mark=PORN1 passthrough=no
add action=mark-packet chain=forward disabled=no \
layer7-protocol=PORN \
new-packet-mark=PORN2 passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=VIDEO \
new-packet-mark=PORN3 passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MOVIE \
new-packet-mark=PORN4 passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MKV \
new-packet-mark=MKV passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MP3 \
new-packet-mark=MP3 passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MP4 \
new-packet-mark=MP4 passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=ZIP \
new-packet-mark=ZIP passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=EXE \
new-packet-mark=EXE passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=FLV \
new-packet-mark=FLV passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=ISO \
new-packet-mark=ISO passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MOV \
new-packet-mark=MOV passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MPEG \
new-packet-mark=MPEG passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MPG \
new-packet-mark=MPG passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=RAR \
new-packet-mark=RAR passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=WAV \
new-packet-mark=WAV passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=WMV \
new-packet-mark=WMV passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=ISO \
new-packet-mark=3GP passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=7z \
new-packet-mark=7z passthrough=no

ROUTING UNTUK BROWSING (DOWNLOAD/UPLOAD)
/ip firewall mangle \
add action=mark-connection chain=prerouting \
comment=HTTP  dst-port=21,80 \
new-connection-mark="browsing-con" passthrough=yes protocol=tcp
/ip firewall mangle \
add action=mark-packet chain=forward \
connection-mark="browsing-con" disabled=no \
dst-address=192.168.0.0/24 \
new-packet-mark="download" passthrough=no
/ip firewall mangle \
add action=mark-packet chain=forward \
connection-mark="browsing-con" disabled=no \
new-packet-mark="upload" \
passthrough=no src-address=192.168.0.0/24

INI QUEUE UNTUK KEGIATAN  BROWSING-DOWNLOAD-UPLOAD
/queue tree \
add max-limit=128000 \
name="UPLOAD-BROWSING" \
packet-mark="upload" parent=Public \
priority=4 queue=UP
/queue tree \
add max-limit=750000 \
name="1.2 HTTP-DOWN" \
parent=global-out priority=2
/queue tree \
add max-limit=750000 \
name="1.3 BROWSING DOWN" \
packet-mark="download" \
parent="1.2 HTTP-DOWN" \
priority=4 queue=DOWN
/queue tree \
add max-limit=512000 \
name="1.4 LIMIT EXTENTION" \
parent="1.2 HTTP-DOWN" priority=5
/queue tree
add name=YOUTUBE \
parent="1.4 LIMIT EXTENTION" priority=5
add name="YOUTUBE STREAMING" \
packet-mark="YOUTUBE STREAMING" \
parent=YOUTUBE priority=5 queue=DOWN
add name=MKV packet-mark=MKV \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=MP3 packet-mark=MP3 \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=MP4 packet-mark=MP4 \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=ZIP packet-mark=ZIP \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=EXE packet-mark=EXE \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=ISO packet-mark=ISO \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=AVI packet-mark=AVI \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=MOV packet-mark=MOV \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=MPEG packet-mark=MPEG \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=MPG packet-mark=MPG \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=RAR packet-mark=RAR \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=WAV packet-mark=WAV \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=WMV packet-mark=WMV \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=3GP packet-mark=3GP \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=7z packet-mark=7z \
parent="1.4 LIMIT EXTENTION" priority=5 \
queue=DOWN
add name="YOUTUBE DOWNLOAD" \
packet-mark="YOUTUBE DOWNLOAD" \
parent=YOUTUBE priority=5 queue=DOWN
add name=PORN \
parent="1.4 LIMIT EXTENTION" priority=5
add name=PORN1 \
packet-mark=PORN1 parent=PORN \
priority=5 queue=DOWN
add name=PORN2 packet-mark=PORN2 \
parent=PORN priority=5 queue=DOWN
add name=PORN3 packet-mark=PORN3 \
parent=PORN priority=5 queue=DOWN
add name="MIVO TV" \
packet-mark="MIVO TV" parent=\
"1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=PORN4 packet-mark=PORN4 \
parent=PORN priority=5 queue=DOWN
 
Catatan:
  1. Game online dirouting langsung ke alamat port game online dan menggunakan bandwith maksimal (unlimited) karena tidak terlalu memakan bandwith sekalipun game PB hanya butuh koneksi dengan trafic yang mulus.
  2. Browsing dirouting pada port 80 dan 21 dan diberikan bandwith maksimal 750Kbps untuk download dan   128Kbps untuk upload dan tidak boleh melebihi dari itu atau game online akan nge-lag.
  3. Limit Extensi dirouting berdasarkan layer 7 protocol dan diberikan maksimal bandwidth 512Kbps dan tidak boleh lebih dari itu atau browsing dan game online akan terganggu.

PERHATIAN:
Tutorial di atas untuk 10 PC saja dengan Bandwidthnya 1Mbps,. Jika PC lebih dari 10 dan BW tetap 1 MBPS, maka pada queue tree download menjadi 512Kbps dan limit extensi menjadi 256Kbps.
Jika mempunyai BW 2Mbps ke atas, silahkan 2x lipatkan saja pada queue tree-nya atau gunakan logika anda sendiri.



10/06/13

Setting IpCop Sebagai Web Proxy Eksternal Mikrotik

Untuk Setting IpCop Sebagai Web Proxy Eksternal Mikrotik yang perlu diperhatikan adalah :

  1. Mikrotik sudah konek ke internat
  2. IpCop sudah di instal serta pengaturannya [ DISINI ]
  3. Setting HIT SQUID dan Bandwidth management di Mikrotik [ DISINI atau DISINI ]

my_Logo2

Setting Squid Proxy External, Hit, Queues Tree serta Mangle di Mikrotik (2nd Mode)

Setting Squid Proxy External, Hit, Queues Tree serta Mangle di Mikrotik

Topology Jaringan Saya Seperti Ini


Dalam sebuah jaringan internet seperti diwarnet-warnet itu sangat cocok dengan menggunakan Server proxy apalagi warnet yang khususnya Game online, Server proxy ini sangat mendukung untuk kelancaran jaringan anda, yang mana nantinya didalam server anda akan mendukung squid proxy, Hit, Queues tree dan Mangle pada mikrotik anda, berikut tutornya.

Sebelumnya saya akan menerapkan IP address dari beberapa jaringan saya :
IP Address Ehter1 untuk koneksi dari modem : 192.168.1.2
IP Address Ether2 untuk koneksi Local 192.168.0.1
IP Address Ether3 ke Proxy : 192.168.5.1
dan
IP Address External Proxy : 192.168.5.2 (Green IpCop)
Sebelum memulai tutorialnya jangan lupa untuk menyesuaikan "nama interface" Routerboar mikrotik anda serta menyesuaikan IP address tutorial ini dengan ip address jaringan anda, disini kita akan membahasa masalah hit squid Proxy, pembagian bandwith download serta upload dan juga tentang Ping untuk Game Online dan Browsing.
Langsung saja kepermasalahan, untuk permulaan ada dapat mengeset interface lan anda lewat "new terminal" di Mikrotik, berikut nama interface di mikrotik saya,

Set Interface Mikrotik
/interface set 0 name=Public
/interface set 1 name=Local
/interface set 2 name=Proxy
Maka hasilnya dapat anda lihat seperti gambar dibawah ini
clip_image002

Set IP Address pada tiap-tiap interface (ketik di new terminal)
/ip address add address=192.168.1.2 netmask=255.255.255.0 interface=Public
/ip address add address=192.168.0.1 netmask=255.255.255.0 interface=Local
/ip address add address=192.168.5.1 netmask=255.255.255.0 interface=Proxy
clip_image003

Set range jaringan Local anda
/ip pool add name=pool ranges=192.168.0.2-192.168.0.254
clip_image004

Set DNS jaringan (Sesuaikan dengan DNS Anda)
/ip dns set servers=203.130.208.18 allow-remote-requested=yes
clip_image006
Setting Gateway sesuai dengan gateway jaringan anda (dari ISP)
/ip route add gateway=192.168.1.1
clip_image008

Setting IP Firewall Nat di Mikrotik, disini diterapkan juga Nat untuk Redirect Proxy Squid dengan menggunakan port 3128,
Bila mana pada Firewall nat ada terdapat IP address dan nama interface, maka sesuaikan dengan IP address dan nama interface mikrotik anda, berikut perintahnya :
/ip firewall nat add chain=srcnat out-interface=Public src-address=192.168.0.0/24 action=masquerade src-address-list="REGISTRASI IP CLIENT" comment="LOCAL NAT MASQUERADE"
/ip firewall nat add chain=srcnat out-interface=Public src-address=192.168.5.0/24 action=masquerade src-address-list="REGISTRASI IP PROXY" comment="PROXY NAT MASQUERADE"
/ip firewall nat add chain=dstnat src-address=!192.168.5.0/24 protocol=tcp dst-port=80 in-interface=Local src-address-list="REGISTRASI IP PROXY" action=dst-nat to-address=192.168.5.2 to-ports=3128 comment="REDIRECT KE PROXY"
/ip firewall nat add action=dst-nat chain=dstnat comment="TRANSPARENT DNS UDP LOCAL" disabled=no dst-port=53 in-interface=Local protocol=udp to-ports=53
/ip firewall nat add action=dst-nat chain=dstnat disabled=no dst-port=53 in-interface=Local protocol=tcp to-ports=53 comment="TRANSPARENT DNS TCP LOCAL"
/ip firewall nat add action=dst-nat chain=dstnat disabled=no dst-port=53 in-interface=Proxy protocol=udp to-ports=53 comment="TRANSPARENT DNS UDP PROXY"
/ip firewall nat add action=dst-nat chain=dstnat disabled=no dst-port=53 in-interface=Proxy protocol=tcp to-ports=53 comment="TRANSPARENT DNS TCP PROXY"
Maka hasilnya anda dapat lihat pada gambar dibawah ini
clip_image009
Set Security atau keamanan Mikrotik
/ip firewall filter add action=add-src-to-address-list address-list="PORT SCANNER1" address-list-timeout=2w chain=input comment="PORT SCANNER2 KE ADDRESS LIST " disabled=no protocol=tcp psd=21,3s,3,1
/ip firewall filter add action=add-src-to-address-list address-list="PORT SCANNER2" address-list-timeout=2w chain=input comment="NMAP FIN Stealth scan" disabled=no protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg
/ip firewall filter add action=add-src-to-address-list address-list="PORT SCANNER3" address-list-timeout=2w chain=input comment="SYN/FIN scan" disabled=no protocol=tcp tcp-flags=fin,syn
/ip firewall filter add action=add-src-to-address-list address-list="PORT SCANNER4" address-list-timeout=2w chain=input comment="SYN/RST scan" disabled=no protocol=tcp tcp-flags=syn,rst
/ip firewall filter add action=add-src-to-address-list address-list="PORT SCANNER5" address-list-timeout=2w chain=input comment="FIN/PSH/URG scan" disabled=no protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
/ip firewall filter add action=add-src-to-address-list address-list="PORT SCANNER6" address-list-timeout=2w chain=input comment="ALL/ALL scan" disabled=no protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg
/ip firewall filter add action=add-src-to-address-list address-list="PORT SCANNER7" address-list-timeout=2w chain=input comment="NMAP NULL scan" disabled=no protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
/ip firewall filter add action=drop chain=input comment="BLOK PORT SCANNER" disabled=no src-address-list="PORT SCANNER1"
/ip firewall filter add action=accept chain=input comment="IZINKAN MENDIRIKAN KONEKSI" connection-state=established disabled=no
/ip firewall filter add action=accept chain=input comment="IZINKAN KONEKSI TERKAIT" connection-state=related disabled=no
/ip firewall filter add action=accept chain=input comment="IZINKAN PING LOCAL" disabled=no protocol=icmp src-address-list="REGISTRASI IP CLIENT"
/ip firewall filter add action=accept chain=input comment="IZINKAN PING PROXY" disabled=no protocol=icmp src-address-list="REGISTRASI IP PROXY"
/ip firewall filter add action=accept chain=input comment="IZINKAN INPUT DARI LOCAL" disabled=no src-address-list="REGISTRASI IP CLIENT"
/ip firewall filter add action=accept chain=input comment="IZINKAN INPUT DARI PROXY" disabled=no src-address-list="REGISTRASI IP PROXY"
/ip firewall filter add action=jump chain=forward comment="FILTER PAKET YANG JELEK" disabled=no jump-target=tcp protocol=tcp
/ip firewall filter add action=jump chain=forward disabled=no jump-target=udp protocol=udp
/ip firewall filter add action=jump chain=forward disabled=no jump-target=icmp protocol=icmp
/ip firewall filter add action=drop chain=tcp comment="TOLAK SMTP" disabled=no dst-port=25 protocol=tcp
/ip firewall filter add action=drop chain=tcp comment="TOLAK RPC2portmapper" disabled=no dst-port=135 protocol=tcp
/ip firewall filter add action=drop chain=tcp comment="TOLAK NBT" disabled=no dst-port=137-139 protocol=tcp
/ip firewall filter add action=drop chain=tcp comment="TOLAK CIFS" disabled=no dst-port=445 protocol=tcp
/ip firewall filter add action=drop chain=tcp comment="TOLAK NFS" disabled=no dst-port=2049 protocol=tcp
/ip firewall filter add action=drop chain=tcp comment="TOLAK NETBUS" disabled=no dst-port=20034 protocol=tcp
/ip firewall filter add action=drop chain=tcp comment="TOLAK BackOriffice" disabled=no dst-port=3133 protocol=tcp
/ip firewall filter add action=drop chain=tcp comment="BLOK DHCP" disabled=no dst-port=67-68 protocol=tcp
/ip firewall filter add action=drop chain=tcp comment="TOLAK P2P" disabled=no p2p=all-p2p
/ip firewall filter add action=drop chain=udp comment="TOLAK TFTP" disabled=no dst-port=69 protocol=udp
/ip firewall filter add action=drop chain=udp comment="TOLAK PRC portmapper" disabled=no dst-port=111 protocol=udp
/ip firewall filter add action=drop chain=udp comment="TOLAK PRC portmapper" disabled=no dst-port=135 protocol=udp
/ip firewall filter add action=drop chain=tcp comment="TOLAK NETBUS" disabled=no dst-port=12345-12346 protocol=tcp
/ip firewall filter add action=drop chain=udp comment="BLOK NBT" disabled=no dst-port=137-139 protocol=udp
/ip firewall filter add action=drop chain=udp comment="BLOK NFS" disabled=no dst-port=2049 protocol=udp
/ip firewall filter add action=drop chain=udp comment="TOLAK BackOriffice" disabled=no dst-port=3133 protocol=udp
/ip firewall filter add action=accept chain=icmp comment="limit packets 5/secs" disabled=no icmp-options=0:0-255 limit=5,5 protocol=icmp
/ip firewall filter add action=accept chain=icmp comment="limit packets 5/secs" disabled=no icmp-options=3:0 protocol=icmp
/ip firewall filter add action=accept chain=icmp comment="limit packets 5/secs" disabled=no icmp-options=3:3 limit=5,5 protocol=icmp
/ip firewall filter add action=accept chain=icmp comment="limit packets 5/secs" disabled=no icmp-options=3:4 limit=5,5 protocol=icmp
/ip firewall filter add action=accept chain=icmp comment="limit packets 5/secs" disabled=no icmp-options=8:0-255 limit=5,5 protocol=icmp
/ip firewall filter add action=accept chain=icmp comment="limit packets 5/secs" disabled=no icmp-options=11:0-255 limit=5,5 protocol=icmp
/ip firewall filter add action=accept chain=forward comment="Allow Established connections" connection-state=established disabled=no
/ip firewall filter add action=accept chain=forward comment="Allow Forward from LOCAL Network" disabled=no src-address-list="REGISTRASI IP CLIENT"
/ip firewall filter add action=accept chain=forward comment="Allow Forward from PROXY Network" disabled=no src-address-list="REGISTRASI IP PROXY"
clip_image010

Membuat Address List jaringan Local yang dapat konek ke internet, (sesuaikan dengan ip address Local anda)
/ip firewall address-list add address=192.168.5.2 comment="SQUID PROXY EXTERNAL" disabled=no list=" REGISTRASI IP PROXY"
/ip firewall address-list add address=192.168.0.2 comment="CLIENT1" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.3 comment="CLIENT2" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.4 comment="CLIENT3" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.5 comment="CLIENT4" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.6 comment="CLIENT5" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.7 comment="CLIENT6" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.8 comment="CLIENT7" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.9 comment="CLIENT8" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.10 comment="CLIENT9" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.11 comment="CLIENT10" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.12 comment="CLIENT11" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.13 comment="CLIENT12" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.14 comment="CLIENT13" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.15 comment="CLIENT14" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.16 comment="CLIENT15" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.17 comment="CLIENT16" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.18 comment="CLIENT17" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.19 comment="CLIENT18" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.20 comment="CLIENT19" disabled=no list="REGISTRASI IP CLIENT"
/ip firewall address-list add address=192.168.0.21 comment="CLIENT20" disabled=no list="REGISTRASI IP CLIENT"
Kemudian setting Upload dan Donwload Youtube serta files ectention di Layar7 Protocols.
/ip firewall layer7-protocol add name=YOUTUBE regexp="http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5][0-9][0-9][\\x09-\\x0d -~]*(content-type: video)"
/ip firewall layer7-protocol add name="EXE" regexp="\\.(exe)"
/ip firewall layer7-protocol add name="RAR" regexp="\\.(rar)"
/ip firewall layer7-protocol add name="7z" regexp="\\.(7z)"
/ip firewall layer7-protocol add name="CAB" regexp="\\.(cab)"
/ip firewall layer7-protocol add name="ASF" regexp="\\.(asf)"
/ip firewall layer7-protocol add name="MOV" regexp="\\.(mov)"
/ip firewall layer7-protocol add name="WMV" regexp="\\.(wmv)"
/ip firewall layer7-protocol add name="MPG" regexp="\\.(mpg)"
/ip firewall layer7-protocol add name="MPEG" regexp="\\.(mpeg)"
/ip firewall layer7-protocol add name="MKV" regexp="\\.(mkv)"
/ip firewall layer7-protocol add name="ZIP" regexp="\\.(zip)"
/ip firewall layer7-protocol add name="AVI" regexp="\\.(avi)"
/ip firewall layer7-protocol add name="FLV" regexp="\\.(flv)"
/ip firewall layer7-protocol add name="WAV" regexp="\\.(wav)"
/ip firewall layer7-protocol add name="RM" regexp="\\.(rm)"
/ip firewall layer7-protocol add name="MP3" regexp="\\.(mp3)"
/ip firewall layer7-protocol add name="MP4" regexp="\\.(mp4)"
/ip firewall layer7-protocol add name="RAM" regexp="\\.(ram)"
/ip firewall layer7-protocol add name="RMVB" regexp="\\.(rmvb)"
/ip firewall layer7-protocol add name="DAT" regexp="\\.(dat)"
/ip firewall layer7-protocol add name="DAA" regexp="\\.(daa)"
/ip firewall layer7-protocol add name="ISO" regexp="\\.(iso)"
/ip firewall layer7-protocol add name="NRG" regexp="\\.(nrg)"
/ip firewall layer7-protocol add name="BIN" regexp="\\.(bin)"
/ip firewall layer7-protocol add name="VCD" regexp=\\.(vcd)

clip_image011

Setting Firewall Mangle
Berikut perintah Firewall Mangle untuk Squid Hit Proxy, Mangle untuk squid koneksi dan Mangle untuk squid paket
/ip firewall mangle add action=mark-packet chain=forward comment="SQUID PROXY HIT" disabled=no dscp=12 new-packet-mark="PROXY HIT" passthrough=no
/ip firewall mangle add action=mark-connection chain=prerouting comment="BROWSING SQUID" disabled=no dst-address-list="!REGISTRASI IP CLIENT" dst-port=80,443 new-connection-mark="SQUID KONEKSI" passthrough=yes protocol=tcp src-address-list="REGISTRASI IP PROXY"
/ip firewall mangle add action=mark-packet chain=forward comment="SQUID PAKET" connection-mark="SQUID KONEKSI" disabled=no new-packet-mark="SQUID PAKET" passthrough=no
SET Mangle untuk semua koneksi masuk dan keluar, Mangle Browsing dari semua koneksi masuk dan Mangle ICMP
/ip firewall mangle add action=mark-connection chain=prerouting comment="TANDA SEMUA KONEKSI" disabled=no dst-address-list="!REGISTRASI IP CLIENT" in-interface=Local new-connection-mark="SEMUA KONEKSI MASUK" passthrough=yes
/ip firewall mangle add action=mark-connection chain=forward disabled=no new-connection-mark="SEMUA KONEKSI KELUAR" out-interface=Local passthrough=yes src-address-list="!REGISTRASI IP CLIENT" comment="SEMUA KONEKSI KELUAR"
/ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark="SEMUA PAKET MASUK" passthrough=yes connection-mark="SEMUA KONEKSI MASUK" comment="SEMUA PAKET MASUK"
/ip firewall mangle add chain=forward action=mark-packet new-packet-mark="SEMUA PAKET KELUAR" passthrough=yes connection-mark="SEMUA KONEKSI KELUAR" comment="SEMUA PAKET KELUAR"
/ip firewall mangle add action=mark-connection chain=prerouting comment="BROWSING CLIENT" connection-mark="SEMUA KONEKSI MASUK" disabled=no new-connection-mark="BROWSING KONEKSI" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=postrouting disabled=no dscp=1 new-connection-mark="ICMP KONEKSI" passthrough=yes comment="ICMP KOMEKSI"
clip_image012

Mangle untuk game online seperti RF-Online, Pointblank dll,
/ip firewall mangle add action=mark-connection chain=prerouting comment="POINT BLANK" connection-mark="SEMUA KONEKSI MASUK" disabled=no dst-port=40000-40010 new-connection-mark="GAME KONEKSI" passthrough=yes protocol=udp
/ip firewall mangle add action=mark-connection chain=prerouting comment="POKER" connection-mark="SEMUA KONEKSI MASUK" disabled=no dst-port=9339,843 new-connection-mark="GAME KONEKSI" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="RF ONLINE" connection-mark="SEMUA KONEKSI MASUK" disabled=no dst-port=10001,10002,10003,10004,10005,10006,10007 new-connection-mark="GAME KONEKSI" passthrough=yes protocol=udp

Kemudian Mangle ICMP Paket, Mangle game paket dan Mangle browsing paket
/ip firewall mangle add action=mark-packet chain=postrouting connection-mark="ICMP KONEKSI" disabled=no new-packet-mark="ICMP PAKET" passthrough=no comment="ICMP PAKET"
/ip firewall mangle add action=mark-packet chain=forward comment="SEMUA GAME DIPAKETKAN" connection-mark="GAME KONEKSI" disabled=no new-packet-mark="GAME PAKET" passthrough=no
/ip firewall mangle add action=mark-connection new-connection-mark="GAME KONEKSI" chain=prerouting protocol=udp connection-mark="SEMUA KONEKSI MASUK" comment="GAME CLIENT"
/ip firewall mangle add action=mark-packet chain=forward comment="BROWSING PAKET" connection-bytes=0-131072 connection-mark="BROWSING KONEKSI" disabled=no new-packet-mark="BROWSING PAKET" passthrough=no protocol=tcp
clip_image013

Setting Change DSCP ICMP dan port 53
/ip firewall mangle add action=change-dscp chain=postrouting comment="ICMP CHANGE DSCP" disabled=no new-dscp=1 protocol=icmp
/ip firewall mangle add action=change-dscp chain=postrouting disabled=no dst-port=53 new-dscp=1 protocol=udp
/ip firewall mangle add action=change-dscp chain=postrouting disabled=no dst-port=53 new-dscp=1 protocol=tcp

Set Mangle Files Ectention seperti iso, rar, mp3, zip, exe, dll.
/ip firewall mangle add action=mark-connection chain=forward comment="EXTENTION KONEKSI" disabled=no out-interface=Local new-connection-mark="EXTENTION KONEKSI" passthrough=yes
/ip firewall mangle add action=mark-packet chain=forward comment="YOUTUBE MARK" layer7-protocol=YOUTUBE disabled=no new-packet-mark="YOUTUBE" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="WMV MARK" layer7-protocol=WMV disabled=no new-packet-mark="WMV" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="EXE MARK" layer7-protocol=EXE disabled=no new-packet-mark="EXE" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="ZIP MARK" layer7-protocol=ZIP new-packet-mark="ZIP" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="RAR MARK" layer7-protocol=RAR new-packet-mark="RAR" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="MPG MARK" layer7-protocol=MPG new-packet-mark="MPG" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="MPEG MARK" layer7-protocol=MPEG new-packet-mark="MPEG" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="MP3 MARK" layer7-protocol=MP3 new-packet-mark="MP3" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="MOV MARK" layer7-protocol=MOV new-packet-mark="MOV" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="ISO MARK" disabled=no layer7-protocol=ISO new-packet-mark="ISO" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="MKV MARK" layer7-protocol=MKV new-packet-mark="MKV" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="FLV MARK" layer7-protocol=FLV new-packet-mark="FLV" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="AVI MARK" layer7-protocol=AVI new-packet-mark="AVI" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="CAB MARK" layer7-protocol=CAB new-packet-mark="CAB" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="ASF MARK" layer7-protocol=ASF new-packet-mark="ASF" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="WAV MARK" layer7-protocol=WAV new-packet-mark="WAV" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="RM MARK" layer7-protocol=RM new-packet-mark="RM" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="RAM MARK" layer7-protocol=RAM new-packet-mark="RAM" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="RMVB MARK" layer7-protocol=RMVB new-packet-mark="RMVB" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="DAT MARK" layer7-protocol=DAT new-packet-mark="DAT" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="DAA MARK" layer7-protocol=DAA new-packet-mark="DAA" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="NRG MARK" layer7-protocol=NRG new-packet-mark="NRG" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="BIN MARK" layer7-protocol=BIN new-packet-mark="BIN" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward comment="VCD MARK" VCD new-packet-mark="VCD" passthrough=no
clip_image015

Setting Mangle Paket pada client, sesuaikan dengan IP Address Client anda
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT1" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.2 new-packet-mark="CLIENT1" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT2" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.3 new-packet-mark="CLIENT2" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT3" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.4 new-packet-mark="CLIENT3" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT4" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.5 new-packet-mark="CLIENT4" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT5" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.6 new-packet-mark="CLIENT5" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT6" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.7 new-packet-mark="CLIENT6" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT7" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.8 new-packet-mark="CLIENT7" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT8" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.9 new-packet-mark="CLIENT8" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT9" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.10 new-packet-mark="CLIENT9" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT10" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.11 new-packet-mark="CLIENT10" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT11" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.12 new-packet-mark="CLIENT11" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT12" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.13 new-packet-mark="CLIENT12" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT13" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.30.14 new-packet-mark="CLIENT13" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT14" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.15 new-packet-mark="CLIENT14" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT15" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.16 new-packet-mark="CLIENT15" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT16" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.17 new-packet-mark="CLIENT16" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT17" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.18 new-packet-mark="CLIENT17" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT18" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.19 new-packet-mark="CLIENT18" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT19" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.20 new-packet-mark="CLIENT19" passthrough=no protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward comment="CLIENT20" connection-mark="SEMUA KONEKSI KELUAR" disabled=no dst-address=192.168.0.21 new-packet-mark="CLIENT20" passthrough=no protocol=tcp
clip_image016


Setting Queues Tree, ICMP Priority, Queues Squid Hit Priority, Queues Limit file Ectention Priority, Queues tree semua upload priority, total download priority, Game download priority, Browsing paket priority, Queues tree total download client serta Queues tree client.
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="ICMP PING" packet-mark="ICMP PAKET" parent=global-out priority=1 queue="default"
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="SQUID HIT" packet-mark="PROXY HIT" parent=Local priority=2 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=256000 name="LIMIT FILE EXTENTION" parent=global-out priority=3
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="AVI" packet-mark=AVI parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="EXE" packet-mark="EXE" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="FLV" packet-mark="FLV" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=256000 name="YOUTUBE" packet-mark="YOUTUBE" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="ISO" packet-mark=iso parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="MP3" packet-mark="MP3" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="MP4" packet-mark="MP4" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="MPEG" packet-mark="MPEG" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="MPG" packet-mark="MPG" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="RAR" packet-mark="RAR" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="WMV" packet-mark="WMV" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="ZIP" packet-mark="ZIP" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="CAB" packet-mark="CAB" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="ASF" packet-mark="ASF" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="MOV" packet-mark="MOV" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="MKV" packet-mark="MKV" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="WAV" packet-mark="WAV" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="RM" packet-mark="RM" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="RAM" packet-mark="RAM" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="RMVB" packet-mark="RMVB" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="DAT" packet-mark="DAT" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="DAA" packet-mark="DAA" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="NRG" packet-mark="NRG" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="BIN" packet-mark="BIN" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=128000 name="VCD" packet-mark="VCD" parent="LIMIT FILE EXTENTION" priority=3 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="+++TOTAL UPLOAD+++" packet-mark="SEMUA PAKET MASUK" parent=Public priority=4 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="+++TOTAL DOWNLOAD+++" packet-mark="SEMUA PAKET KELUAR" parent=global-out priority=5
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="GAME DOWNLOAD" packet-mark="GAME PAKET" parent="+++TOTAL DOWNLOAD+++" priority=6 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="BROWSING PAKET" packet-mark="BROWSING PAKET" parent="+++TOTAL DOWNLOAD+++" priority=7 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="+++TOTAL DOWNLOAD CLIENT+++" parent="+++TOTAL DOWNLOAD+++" priority=8 packet-mark="SEMUA PAKET KELUAR"
Setting Queues Per Client
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT1" packet-mark="CLIENT1" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT2" packet-mark="CLIENT2" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT3" packet-mark="CLIENT3" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT4" packet-mark="CLIENT4" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT5" packet-mark="CLIENT5" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT6" packet-mark="CLIENT6" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT7" packet-mark="CLIENT7" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT8" packet-mark="CLIENT8" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT9" packet-mark="CLIENT9" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT10" packet-mark="CLIENT10" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT11" packet-mark="CLIENT11" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT12" packet-mark="CLIENT12" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT13" packet-mark="CLIENT13" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT14" packet-mark="CLIENT14" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT15" packet-mark="CLIENT15" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT16" packet-mark="CLIENT16" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT17" packet-mark="CLIENT17" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT18" packet-mark="CLIENT18" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT19" packet-mark="CLIENT19" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="CLIENT20" packet-mark="CLIENT20" parent="+++TOTAL DOWNLOAD CLIENT+++" priority=8 queue=default
clip_image017
Note:
Sesuaika dengan IP Publik Jaringan anda, sesuaikan dengan IP Local anda dan sesuaikan dengan IP Server Proxy anda
Seting IpCop juga!

Cara Flash Mito A82 100% Success

Flashing Mito A82 Success 100% Lupa pola, Lupa Password dan Bootloop dapat diatasi dengan cara flashing, untuk lupa pola atau lupa passwo...