Sunday 30 October 2011

Cara Praktis Blok Situs Di Mikrotik Router

Cara mudah dan praktis blok situs menggunakan mikrotik sebagai berikut:

  • Remote mikrotik anda dengan Winbox,di halaman utama winbox pilih “Ip” kemudian “Firewall” kemudian “Layer7 Protocols” dan klik + seperti gambar di bawah ini:

  • Selanjutnya di halaman “New Firewall L7 Protocol” isi:
    • Name=FACEBOOK  <<<nama situs yang akan di blok
    • Regexp=www.facebook.com <<<alamat situs yang akan di blok

Seperti gambar di bawah ini:

  • Dan klik “Ok” Selanjutnya klik Tab “Filter Rules” dan klik + dan  isi:
  • Di Tab “General”
    • Chain= forward
  • Di Tab “Advanced”
    • Layer7 Protocol=FACEBOOK <<<nama yang di isi di Ip-Firewall-Layer7 Protocol tadi
  • Di Tab “Action”
    • Action=drop

Seperti gambar di bawah ini:

Dan klik “Ok

Selamat mencoba....

Cara Limit Youtube yang Masih Belum Terlimit

Biasanya kita limit youtube streaming dengan http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(content-type: video) di  regexp layer7-protocols,ternyata tidak seluruh video terlimit,yang HD,HQ dan video luar tidak terlimit.bagaimana mengatasinya? Berikut caranya:

  • Langkah awal pastikan http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(content-type: video) di regexp layer7-protocol telah ada,jika belum masukkan di ip – firewall – layer7-protocols ,berikut caranya:
  • Buka winbox anda dan pilih “Ip” kemudian “Firewall” kemudian “Layer7 Protocols” dan kemudian klik + , seperti gambar di bawah ini:

  • Selanjutnya di halaman “New Firewall L7 Protocol” isi :
    • Name= YOUTUBE VIDEO LOKAL
    • Regexp= http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(content-type: video)
  • Dan klik “Ok” Seperti gambar di bawah ini:

  • Selanjutnya klik lagi + dan Selanjutnya di halaman “New Firewall L7 Protocol” isi :
  • Dan klik “Ok” Seperti gambar di bawah ini:

  • Selanjutnya di halaman utama winbox pilih “Ip” kemudian “Firewall” kemudian “Mangle” dan klik + seperti gambar di bawah ini:

  • Selanjutnya di halaman “New Mangle Rule” di Tab “General” pilih:
    • Chain= forward

Seperti gambar di bawah ini:

  • Selanjutnya di Tab “Advanced” pilih:
    • Layer7 Protocol=YOUTUBE VIDEO LOKAL

Seperti gambar di bawah ini:

  • Selanjutnya di Tab “Action” pilih:
    • Action= mark packet
    • New Packet Mark= YOUTUBE VIDEO LOKAL PACKET
    • Passthrough= Tidak Di centang

Seperti gambar di bawah ini:

  • Dan klik “Ok
  • Selanjutnya klik lagi + dan di Tab “General” isi:
    • Chain= forward

Seperti gambar di bawah ini:

  • Selanjutnya di Tab “Advanced” isi:
    • Layer7 Protocol=YOUTUBE VIDEO INTERNATIONAL

Seperti gambar di bawah ini:

  • Selanjutnya di Tab “Action” isi:
    • Action= mark packet
    • New Packet Mark= YOUTUBE VIDEO INTERNATIONAL PACKET
    • Passthrough= Tidak Di centang

Seperti gambar di bawah ini:

  • Dan klik “Ok
  • Selanjutnya di halaman utama winbox pilih “Queues” kemudian “Queue Tree” dan klik + Seperti gambar di bawah ini:

  • Selanjutnya di halaman “New Queue” isi:
    • Name= ALL YOUTUBE
    • Parent= global-out

Seperti gambar di bawah ini:

  • Dan klik “Ok
  • Selanjutnya klik + lagi dan isi:
    • Name= YOUTUBE LOKAL
    • Parent= ALL YOUTUBE
    • Packet Marks= YOUTUBE VIDEO LOKAL PACKET
    • Max limit= limit tergantung pada anda masing2, saya isi 128k

Seperti gambar di bawah ini:

  • Dan klik “Ok
  • Selanjutnya klik + lagi dan isi:
    • Name= YOUTUBE INTERNATIONAL
    • Parent= ALL YOUTUBE
    • Packet Marks= YOUTUBE VIDEO INTERNATIONAL PACKET
    • Max limit= limit tergantung pada anda masing2, saya isi 128k

Seperti gambar di bawah ini:

  • Dan klik “Ok

Sekarang kita test buka youtube video lokal,contoh On The Spot : 7 Kisah Kesetiaan Hewan.

Sambil mutar video tersebut buka winbox dan pilih queue tree,akan terlihat video lokal terlimit dengan limit yang telah di tentukan 128 kbps,seperti gambar di bawah ini:

Sekarang kita test buka youtube video lokal,contoh Queen and James Hetfield (Metallica) - Stone Cold Crazy.

Sambil mutar video tersebut buka winbox dan pilih queue tree,akan terlihat video international terlimit dengan limit yang telah di tentukan 128 kbps,seperti gambar di bawah ini:

Selesai...selamat mencoba...

Tuesday 18 October 2011

Cara memisahkan kecepatan limit download extentions .rar,.flv,.zip,.exe dll berdasarkan ip address di Mikrotik

Misalkan dalam Satu Network..kita ingin memisahkan kecepatan extentions .rar,.flv,.zip,.exe dll berdasarkan ip address yang berbeda beda dengan browsing tetap bagi rata seluruh bandwidth menggunakan queue tree ,berikut caranya:

  • Seperti Topologi di atas :
    • Total PC = 20 PC
  • Contoh ip address
    • Ke  internet : 192.168.9.16 – Ethernet1 Miktotik ke Modem
    • Ke PC client:192.168.11.254 – Ethernet2 Mikrotik Ke HUB
  • Komputer 1 Sampai 5:
    • Ip address = 192.168.11.1-192.168.11.5
    • Limit Extention seperti rar,zip,flv,exe = 512 KB
    • Browsing = Bagi rata seluruh Bandwidth
  • Komputer 6 sampai 10:
    • Ip address:192.168.11.6-192.168.11.10
    • Limit Extention seperti rar,zip,flv,exe = 256 KB
    • Browsing = Bagi rata seluruh Bandwidth
  • Komputer 11 sampai 20
    • Ip address = 192.168.11.6-192.168.11.10
    • Limit Extention seperti rar,zip,flv,exe = 1 MB
    • Browsing = Bagi rata seluruh Bandwidth

Mari kita mulai:

  • Remote Mikrotik anda dengan winbox,pastikan Ethernet yang mengarah ke Modem telah di beri nama public,jika belum silahkan rename dengan nama public,dan Ethernet yang mengarah ke HUB telah di beri nama local,jika belum silahkan rename dengan nama local.seperti gambar di bawah ini:

  • Selanjutnya pastikan Ip firewall nat di mikrotik anda kosong,karna kita akan membuat NAT berdasarkan address list,seperti gambar di bawah ini:

  • Selanjutnya kita buat ip address untuk Ethernet yang mengarah ke Modem yaitu public.
  • Klik “New Terminal” di winbox dan ketik perintah:

Dibawah ini ip addres contohnya saja,silahkan sesuaikan ip address yang mengarah ke modem anda masing masing:

/ip address add address=192.168.9.16 \
netmask=255.255.255.0 \
interface=public \
comment=”IP ADDRESS KE MODEM”

Seperti gambar di bawah ini:

  • Selanjutnya kita buat ip address untuk Ethernet yang mengarah ke HUB yaitu local.
  • Klik “New Terminal” di winbox dan ketik perintah:

Dibawah ini ip addres contohnya saja,silahkan sesuaikan ip address yang mengarah ke PC Client  anda masing masing:

/ip address add address=192.168.11.254 \
netmask=255.255.255.0 \
interface=local \
comment=”IP ADDRESS KE PC CLIENT”

Seperti gambar di bawah ini:

  • Selanjutnya kita masukkan gateway di “New Terminal”:

Dibawah ini ip gateway contohnya saja,silahkan sesuaikan dengan ip gateway masing masing:

/ip route add gateway=192.168.9.1

Seperti gambar di bawah ini:

  • Selanjutnya kita masukkan DNS di “New Terminal”:

Dibawah ini ip DNS contohnya saja,silahkan sesuaikan dengan ip DNS masing – masing:

    • Perintah DNS untuk mikrotik Os 4 Ke bawah:
/ip dns set primary-dns=203.130.193.74 \
;/ip dns set secondary-dns=203.130.206.250 \
allow-remote-requests=yes
    • Perintah DNS untuk mikrotik Os 4 Ke atas:
/ip dns set servers=203.130.193.74,203.130.206.250 \
allow-remote-requests=yes

Seperti gambar di bawah ini:

  • Selanjutnya kita buat address list untuk ip address – ip address yang akan kita bagi limit extention nya,perintah di “New Terminal”:

A. Untuk ip address limit extention 512 k :

/ip firewall address-list \
add list="IP LIMIT EXTENTION 512 K" \
address=192.168.11.1 \
comment="PC 1"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 512 K" \
address=192.168.11.2 \
comment="PC 2"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 512 K" \
address=192.168.11.3 \
comment="PC 3"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 512 K" \
address=192.168.11.4 \
comment="PC 4"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 512 K" \
address=192.168.11.5 \
comment="PC 5"

Seperti gambar di bawah ini:

B. Untuk ip address limit extention 256 k :

/ip firewall address-list \
add list="IP LIMIT EXTENTION 256 K" \
address=192.168.11.6 \
comment="PC 6"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 256 K" \
address=192.168.11.7 \
comment="PC 7"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 256 K" \
address=192.168.11.8 \
comment="PC 8"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 256 K" \
address=192.168.11.9 \
comment="PC 9"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 256 K" \
address=192.168.11.10 \
comment="PC 10"

Seperti gambar di bawah ini:

C. Untuk ip address limit extention 1 MB  :

/ip firewall address-list \
add list="IP LIMIT EXTENTION 1 MB" \
address=192.168.11.11 \
comment="PC 11"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 1 MB" \
address=192.168.11.12 \
comment="PC 12"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 1 MB" \
address=192.168.11.13 \
comment="PC 13"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 1 MB" \
address=192.168.11.14 \
comment="PC 14"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 1 MB" \
address=192.168.11.15 \
comment="PC 15"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 1 MB" \
address=192.168.11.16 \
comment="PC 16"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 1 MB" \
address=192.168.11.17 \
comment="PC 17"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 1 MB" \
address=192.168.11.18 \
comment="PC 18"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 1 MB" \
address=192.168.11.19 \
comment="PC 19"
/ip firewall address-list \
add list="IP LIMIT EXTENTION 1 MB" \
address=192.168.11.20 \
comment="PC 20"

  • Selanjutnya kita buat NAT untuk setiap address list yang di atas,dengan action masquerade,di “New Terminal”:
/ip firewall nat add chain=srcnat action=masquerade \
src-address-list=”IP LIMIT EXTENTION 512 K” \
out-interface=public \
comment=” MASQUERADE LIMIT EXTENTION 512 K”
/ip firewall nat add chain=srcnat action=masquerade \
src-address-list=”IP LIMIT EXTENTION 256 K” \
out-interface=public \
comment=” MASQUERADE LIMIT EXTENTION 256 K”
/ip firewall nat add chain=srcnat action=masquerade \
src-address-list=”IP LIMIT EXTENTION 1 MB” \
out-interface=public \
comment=” MASQUERADE LIMIT EXTENTION 1 MB”

Seperti gambar di bawah ini:

  • Selanjutnya kita buat regexp extention file dengan layer7,di “New Terminal”:
/ip firewall layer7-protocol add name="YOUTUBE LAYER7" regexp="http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5][0-9][0-9][\\x09-\\x0d -~]*(content-type: video)"
/ip firewall layer7-protocol add name="EXE LAYER7" regexp="\\.(exe)"
/ip firewall layer7-protocol add name="RAR LAYER7" regexp=\\.(rar)
/ip firewall layer7-protocol add name="ZIP LAYER7" regexp="\\.(zip)"
/ip firewall layer7-protocol add name="7z LAYER7" regexp="\\.(7z)"
/ip firewall layer7-protocol add name="WMV LAYER7" regexp="\\.(wmv)"
/ip firewall layer7-protocol add name="MPG LAYER7" regexp="\\.(mpg)"
/ip firewall layer7-protocol add name="MPEG LAYER7" regexp="\\.(mpeg)"
/ip firewall layer7-protocol add name="AVI LAYER7" regexp="\\.(avi)"
/ip firewall layer7-protocol add name="FLV LAYER7" regexp="\\.(flv)"
/ip firewall layer7-protocol add name="WAV LAYER7" regexp="\\.(wav)"
/ip firewall layer7-protocol add name="MP3 LAYER7" regexp="\\.(mp3)"
/ip firewall layer7-protocol add name="MP4 LAYER7" regexp="\\.(mp4)"
/ip firewall layer7-protocol add name="ISO LAYER7" regexp=\\.(iso)

Seperti gambar di bawah ini:

  • Kemudian kita buat Mangle untuk limit extention bersasarkan sumber address list yang telah kita tentukan.

A. Mangle Untuk Limit Extention 512K:

  • Di “New Terminal” winbox:
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”7z LAYER7 512K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 512 K” \
layer7-protocol=”7z LAYER7” \
comment=”7z LAYER7 DOWNLOAD 512K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”AVI LAYER7 512K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 512 K” \
layer7-protocol=”AVI LAYER7” \
comment=”AVI LAYER7 DOWNLOAD 512K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”EXE LAYER7 512K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 512 K” \
layer7-protocol=”EXE LAYER7” \
comment=”EXE LAYER7 DOWNLOAD 512K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”FLV LAYER7 512K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 512 K” \
layer7-protocol=”FLV LAYER7” \
comment=”FLV LAYER7 DOWNLOAD 512K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”ISO LAYER7 512K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 512 K” \
layer7-protocol=”ISO LAYER7” \
comment=”ISO LAYER7 DOWNLOAD 512K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”MP3 LAYER7 512K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 512 K” \
layer7-protocol=”MP3 LAYER7” \
comment=”MP3 LAYER7 DOWNLOAD 512K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”MP4 LAYER7 512K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 512 K” \
layer7-protocol=”MP4 LAYER7” \
comment=”MP4 LAYER7 DOWNLOAD 512K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”MPEG LAYER7 512K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 512 K” \
layer7-protocol=”MPEG LAYER7” \
comment=”MPEG LAYER7 DOWNLOAD 512K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”MPG LAYER7 512K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 512 K” \
layer7-protocol=”MPG LAYER7” \
comment=”MPG LAYER7 DOWNLOAD 512K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”RAR LAYER7 512K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 512 K” \
layer7-protocol=”RAR LAYER7” \
comment=”RAR LAYER7 DOWNLOAD 512K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”WAV LAYER7 512K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 512 K” \
layer7-protocol=”WAV LAYER7” \
comment=”WAV LAYER7 DOWNLOAD 512K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”WMV LAYER7 512K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 512 K” \
layer7-protocol=”WMV LAYER7” \
comment=”WMV LAYER7 DOWNLOAD 512K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”YOUTUBE LAYER7 512K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 512 K” \
layer7-protocol=”YOUTUBE LAYER7” \
comment=”YOUTUBE LAYER7 DOWNLOAD 512K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”ZIP LAYER7 512K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 512 K” \
layer7-protocol=”ZIP LAYER7” \
comment=”ZIP LAYER7 DOWNLOAD 512K”

B. Mangle Untuk Limit Extention 256K:

  • Di “New Terminal” winbox:
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”7z LAYER7 256K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 256 K” \
layer7-protocol=”7z LAYER7” \
comment=”7z LAYER7 DOWNLOAD 256K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”AVI LAYER7 256K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 256 K” \
layer7-protocol=”AVI LAYER7” \
comment=”AVI LAYER7 DOWNLOAD 256K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”EXE LAYER7 256K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 256 K” \
layer7-protocol=”EXE LAYER7” \
comment=”EXE LAYER7 DOWNLOAD 256K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”FLV LAYER7 256K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 256 K” \
layer7-protocol=”FLV LAYER7” \
comment=”FLV LAYER7 DOWNLOAD 256K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”ISO LAYER7 256K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 256 K” \
layer7-protocol=”ISO LAYER7” \
comment=”ISO LAYER7 DOWNLOAD 256K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”MP3 LAYER7 256K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 256 K” \
layer7-protocol=”MP3 LAYER7” \
comment=”MP3 LAYER7 DOWNLOAD 256K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”MP4 LAYER7 256K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 256 K” \
layer7-protocol=”MP4 LAYER7” \
comment=”MP4 LAYER7 DOWNLOAD 256K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”MPEG LAYER7 256K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 256 K” \
layer7-protocol=”MPEG LAYER7” \
comment=”MPEG LAYER7 DOWNLOAD 256K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”MPG LAYER7 256K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 256 K” \
layer7-protocol=”MPG LAYER7” \
comment=”MPG LAYER7 DOWNLOAD 256K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”RAR LAYER7 256K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 256 K” \
layer7-protocol=”RAR LAYER7” \
comment=”RAR LAYER7 DOWNLOAD 256K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”WAV LAYER7 256K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 256 K” \
layer7-protocol=”WAV LAYER7” \
comment=”WAV LAYER7 DOWNLOAD 256K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”WMV LAYER7 256K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 256 K” \
layer7-protocol=”WMV LAYER7” \
comment=”WMV LAYER7 DOWNLOAD 256K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”YOUTUBE LAYER7 256K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 256 K” \
layer7-protocol=”YOUTUBE LAYER7” \
comment=”YOUTUBE LAYER7 DOWNLOAD 256K”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”ZIP LAYER7 256K” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 256 K” \
layer7-protocol=”ZIP LAYER7” \
comment=”ZIP LAYER7 DOWNLOAD 256K”

C. Mangle Untuk Limit Extention 1 MB :

  • Di “New Terminal” winbox:
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”7z LAYER7 1MB” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 1 MB” \
layer7-protocol=”7z LAYER7” \
comment=”7z LAYER7 DOWNLOAD 1MB”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”AVI LAYER7 1MB” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 1 MB” \
layer7-protocol=”AVI LAYER7” \
comment=”AVI LAYER7 DOWNLOAD 1MB”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”EXE LAYER7 1MB” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 1 MB” \
layer7-protocol=”EXE LAYER7” \
comment=”EXE LAYER7 DOWNLOAD 1MB”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”FLV LAYER7 1MB” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 1 MB” \
layer7-protocol=”FLV LAYER7” \
comment=”FLV LAYER7 DOWNLOAD 1MB”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”ISO LAYER7 1MB” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 1 MB” \
layer7-protocol=”ISO LAYER7” \
comment=”ISO LAYER7 DOWNLOAD 1MB”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”MP3 LAYER7 1MB” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 1 MB” \
layer7-protocol=”MP3 LAYER7” \
comment=”MP3 LAYER7 DOWNLOAD 1MB”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”MP4 LAYER7 1MB” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 1 MB” \
layer7-protocol=”MP4 LAYER7” \
comment=”MP4 LAYER7 DOWNLOAD 1MB”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”MPEG LAYER7 1MB” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 1 MB” \
layer7-protocol=”MPEG LAYER7” \
comment=”MPEG LAYER7 DOWNLOAD 1MB”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”MPG LAYER7 1MB” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 1 MB” \
layer7-protocol=”MPG LAYER7” \
comment=”MPG LAYER7 DOWNLOAD 1MB”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”RAR LAYER7 1MB” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 1 MB” \
layer7-protocol=”RAR LAYER7” \
comment=”RAR LAYER7 DOWNLOAD 1MB”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”WAV LAYER7 1MB” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 1 MB” \
layer7-protocol=”WAV LAYER7” \
comment=”WAV LAYER7 DOWNLOAD 1MB”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”WMV LAYER7 1MB” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 1 MB” \
layer7-protocol=”WMV LAYER7” \
comment=”WMV LAYER7 DOWNLOAD 1MB”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”YOUTUBE LAYER7 1MB” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 1 MB” \
layer7-protocol=”YOUTUBE LAYER7” \
comment=”YOUTUBE LAYER7 DOWNLOAD 1MB”
/ip firewall mangle add chain=forward action=mark-packet \
new-packet-mark=”ZIP LAYER7 1MB” \
passthrough=no dst-address-list=”IP LIMIT EXTENTION 1 MB” \
layer7-protocol=”ZIP LAYER7” \
comment=”ZIP LAYER7 DOWNLOAD 1MB”
  • Selanjutnya Kita Buat Queue Tree untuk limitnya:

A.Untuk ip=192.168.1.1-192.168.1.5 = 512 KB

/queue tree add name="LIMIT EXTENTION" parent=global-out \
limit-at=0 priority=1 max-limit=0 \
burst-limit=0 burst-threshold=0 burst-time=0s
/queue tree add name="192.168.1.1-192.168.1.5" \
parent="LIMIT EXTENTION" \
packet-mark="7z LAYER7 512K, \
AVI LAYER7 512K,EXE LAYER7 512K, \
FLV LAYER7 512K,ISO LAYER7 512K, \
MP3 LAYER7 512K,MP4 LAYER7 512K, \
MPEG LAYER7 512K,MPG LAYER7 512K, \
RAR LAYER7 512K,WAV LAYER7 512K, \
WMV LAYER7 512K,YOUTUBE LAYER7 512K, \
ZIP LAYER7 512K" limit-at=0 queue=default \
priority=1 max-limit=512k burst-limit=0 \
burst-threshold=0 burst-time=0s

B.Untuk ip=192.168.1.6-192.168.1.10 = 256 KB

/queue tree add name="192.168.1.6-192.168.6.10" \
parent="LIMIT EXTENTION" \
packet-mark="7z LAYER7 256K, \
AVI LAYER7 256K,EXE LAYER7 256K, \
FLV LAYER7 256K,ISO LAYER7 256K, \
MP3 LAYER7 256K,MP4 LAYER7 256K, \
MPEG LAYER7 256K,MPG LAYER7 256K, \
RAR LAYER7 256K,WAV LAYER7 256K, \
WMV LAYER7 256K,YOUTUBE LAYER7 256K, \
ZIP LAYER7 256K" limit-at=0 queue=default \
priority=1 max-limit=256k burst-limit=0 \
burst-threshold=0 burst-time=0s

C.Untuk ip=192.168.1.11-192.168.1.20 = 1 MB

/queue tree add name="192.168.1.11-192.168.11.20" \
parent="LIMIT EXTENTION" \
packet-mark="7z LAYER7 1MB,AVI LAYER7 1MB, \
EXE LAYER7 1MB,FLV LAYER7 1MB,ISO LAYER7 1MB, \
MP3 LAYER7 1MB,MP4 LAYER7 1MB,MPEG LAYER7 1MB, \
MPG LAYER7 1MB,RAR LAYER7 1MB,WAV LAYER7 1MB, \
WMV LAYER7 1MB,YOUTUBE LAYER7 1MB, \
ZIP LAYER7 1MB" limit-at=0 queue=default \
priority=1 max-limit=1M burst-limit=0 \
burst-threshold=0 burst-time=0s

Seperti gambar di bawah ini:

  • Selanjutnya kita coba,Pertama Dengan ip address di PC 192.168.1.1 kemudian saya test download,seperti gambar di bawah ini:

  • Gambar di atas bisa di lihat bahwa ip yang telah di tentukan 192.168.1.1 sampai 192.168.1.5 dengan limit extention 512 KB berhasil terlimit dengan bukti bahwa limit extention bagian 512 KB di queue tree menjadi berwarna merah.
  • Selanjutnya kita coba,Dengan ip address di PC 192.168.1.6 kemudian saya test download,seperti gambar di bawah ini:

  • Gambar di atas bisa di lihat bahwa ip yang telah di tentukan 192.168.1.6 sampai 192.168.1.10 dengan limit extention 256 KB berhasil terlimit dengan bukti bahwa limit extention bagian 256 KB di queue tree menjadi berwarna merah.
  • Selanjutnya kita coba,Dengan ip address di PC 192.168.1.11 kemudian saya test download,seperti gambar di bawah ini:

  • Gambar di atas bisa di lihat bahwa ip yang telah di tentukan 192.168.1.11 sampai 192.168.1.20 dengan limit extention 1 MB berhasil terlimit dengan bukti bahwa limit extention bagian 1 MB di queue tree menjadi berwarna merah.

selamat mencoba...