Belajar Jaringan - Belajar Pemrograman

Senin, 13 Mei 2013

Cara Install Unbound Di FreeBSD 9.1

Jasa seting Mikrotik - Cara Install Unbound. Cara install unbound di freebsd 9.1 - Unbound salah satu software opensource digunakan sebagai server dns. Layaknya bind9 unbound dapat di gunakan untuk pemetaan domain terhadap ip address.

cara install unbound freebsd di freebsd 9.1, step by step semoga unboundnya bermanfaat di padukan dengan mikrotik.

pkg_add -rv unbound
cd /usr/local/etc/unbound
fetch ftp://FTP.INTERNIC.NET/domain/named.cache
unbound-control-setup
chown unbound:wheel unbound_*
chmod 440 unbound_*
mkdir /usr/local/etc/unbound/dev
echo "devfs   /usr/local/etc/unbound/dev devfs rw 0 0"  >> /etc/fstab
echo 'unbound_enable="YES"' >> /etc/rc.conf
echo 'devfs_set_rulesets="/usr/local/etc/unbound/dev=unbound_ruleset"' >> /etc/rc.conf

edit /usr/local/etc/unbound/unbound.conf

ee /usr/local/etc/unbound/unbound.conf

Cara mudah menginstall unbound di freebsd 9.1
Kemudian isikan unbound.conf di bawah ini, namun ubah dulu ipnya sesuai configurasi ip proxy anda.

unbond config

server:
verbosity: 1
statistics-interval: 120
extended-statistics: yes
statistics-cumulative: yes
num-threads: 1
interface: 0.0.0.0

outgoing-range: 512
num-queries-per-thread: 1024

msg-cache-size: 16m
rrset-cache-size: 32m

msg-cache-slabs: 4
rrset-cache-slabs: 4

cache-max-ttl: 86400
infra-host-ttl: 60
infra-lame-ttl: 120

infra-cache-numhosts: 10000
infra-cache-lame-size: 10k

do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
do-daemonize: yes
#ip yang boleh mengakses unbound
access-control: 0.0.0.0/0 refuse
access-control: 192.168.3.0/24 allow
access-control: 192.168.200.0/24 allow     
access-control: 192.168.100.0/24 allow
access-control: 192.168.168.0/24 allow      
chroot: "/usr/local/etc/unbound"
username: "unbound"
directory: "/usr/local/etc/unbound"
logfile: ""
use-syslog: no
root-hints: "/usr/local/etc/unbound/named.cache"
     
identity: "DNS"
version: "1.4"
hide-identity: yes
hide-version: yes
harden-glue: yes
do-not-query-address: 127.0.0.1/8
do-not-query-localhost: yes
module-config: "iterator"

#zone localhost
local-zone: "localhost." static
local-data: "localhost. 10800 IN NS localhost."
local-data: "localhost. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
local-data: "localhost. 10800 IN A 127.0.0.1"

local-zone: "127.in-addr.arpa." static
local-data: "127.in-addr.arpa. 10800 IN NS localhost."
local-data: "127.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 2 3600 1200 604800 10800"
local-data: "1.0.0.127.in-addr.arpa. 10800 IN PTR localhost."

#zone balaijaya.net (edit bagian ini sesuai ip proxy dan hostname
local-zone: "balaijaya.net." static
local-data: "balaijaya.net. 86400 IN NS ns1.balaijaya.net."
local-data: "balaijaya.net. 86400 IN SOA balaijaya.net. hostmaster.balaijaya.net.  3 3600 1200 604800 86400"
local-data: "balaijaya.net. 86400 IN A 172.17.18.2"
local-data: "www.balaijaya.net. 86400 IN A 172.17.18.2"
local-data: "ns1.balaijaya.net. 86400 IN A 172.17.18.2"

#isi dengan ip proxy server /dns server anda. 
local-zone: "18.17.172.in-addr.arpa." static
local-data: "18.17.172.in-addr.arpa. 10800 IN NS balaijaya.net."
local-data: "18.17.172.in-addr.arpa. 10800 IN SOA balaijaya.net. hostmaster.balaijaya.net. 4 3600 1200 604800 864000"
local-data: "2.18.17.172.in-addr.arpa. 10800 IN PTR balaijaya.net."

#seting untuk DNS Forward
forward-zone:
name: "."
forward-addr: 202.134.1.10
forward-addr: 202.134.0.155
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4
forward-addr: 208.67.222.222
forward-addr: 208.67.220.220
forward-addr: 180.131.144.144
forward-addr: 180.131.145.145      
               
remote-control:
control-enable: yes
control-interface: 127.0.0.1
control-port: 953
server-key-file: "/usr/local/etc/unbound/unbound_server.key"
server-cert-file: "/usr/local/etc/unbound/unbound_server.pem"
control-key-file: "/usr/local/etc/unbound/unbound_control.key"
control-cert-file: "/usr/local/etc/unbound/unbound_control.pem"

set nameserver baru di file /etc/resolv.conf buat baris di bahah ini paling atas.

nameserver 127.0.0.1

Buat sebuah file bernama devfs.rules di /etc

#ee /etc/devfs.rules

[unbound_ruleset=20]
add hide
add path null unhide
add path zero unhide
add path crypto unhide
add path random unhide
add path urandom unhide

Simpan settingan unbound

devfs.rules

Lalu reboot server freebsd yang terinstall unbound didalamnya dengan perintah

reboot

Chek apakah unbound sudah berjalan dengan baik, lakukan perintah chek unbound

unbound-control stats

Cara Install Unbound Di FreeBSD 9.1 . Semoga cara install unbound freebsd ini bermanfaat.

Selasa, 07 Mei 2013

Jasa Setting Mikrotik dan Jasa Setting Proxy Gebang Tanjung Pura

Jasa Setting Mikrotik dan Jasa Setting Proxy Gebang Tanjung Pura - Jasa Setting Mikrotik dan Jasa Setting Proxy Gebang, Kec. Tanjung Pura, Kab.Langkat kemarin hari minggu, karena kondisi warnet yang koneksinya di tembakkan via wireless dari isp setempat, remote secara langsung tidak bisa saya lakukan di tambah minimnya pengetahuan pengelola warnet terhadap networking mikrotik dan proxy. Saya terpaksa turun langsung ke gebang, tanjung pura, langkat.

Routerboard menggunakan mikrotik rb750, dan proxy dengan pc terbaru high-end hardisk 500, dan alhamdulillah selesai dengan berjalan baik, menggunakan management bandwidth membagi trafik game browsing, streaming dan download pada satu line speed internet 2mbps.

Eh iya proxy terpaksa saya install ulang, karena ada kesalahan sedikit saat mengubah boot default proxy ubuntu, sehingga ketika booting proxynya menjalankan memori test tanpa bisa di cancel. Kasus ini terjadi karena kesalah tersebut untuk membuat ubuntu auto run saat listrik mati mendadak.

Untuk membuat ubuntu auto start ketika listrik mati mendadak.

Ubah file /etc/grub.d/00_header

Dengan cara perintah

sudo nano /etc/grub.d/00_header

Kemudian cari tulisan seperti di bawah ini.

if [ "${recordfail}" = 1 ]; then
set timeout=-1

Ubah value -1 menjadi 0, kemudian simpan file 00_header nya,

Dan perintah update grup dengna perintah

sudo update-grub

Insya ALLAH, ubuntu akan auto start jika terjadi listrik failure.

Jasa setting mikrotik dan jasa setting proxy lusca high_performance untuk daerah binjai, tanjung pura, langkat, pangkalan brandan aceh & seluruh indonesia, baik jasa setting mikrotik dan jasa setting proxy lusca secara langsung maupun remote. Jasa setting mikrotik dan proxy lusca.

Untuk jasa setting proxy saya tidak lagi membuka layanan.

Minggu, 05 Mei 2013

Setting Mikrotik SevenStar Net Binjai Sumatera Utara

Setting Mikrotik SevenStart Net Binjai Sumatera Utara - Warnet SevenStart Net Binjai Sumatera Utara, sebenernya warnet ini sudah saya setting beberapa bulan lalu, namun ada keluhan sedikit soal game dan browsingnya, sehingga di restore kembali ke settingan awal. Dan saya setting ulang dengan limit browsing dan game online menggunakan queue tree. SevenStart menggunakan dua line speedy, sehingga butuh sedikit mangle load balancing untuk membagi paket data yang ada di kedua line tersebut.

Seperti di tulisan jasa setting mikrotik sebelumnya, saya mengumpulkan ip game di address-list yang kemudian di mangle untuk prioritas game, dan membagi bandwidth dengan browsing. Berikut mangle untuk menangkap ip game yang di kumpulkan di address-list mikrotik

/ip firewall filter
add action=drop chain=forward disabled=no in-interface=ether3 src-address-list=!IP
add action=add-dst-to-address-list address-list=FB-Game address-list-timeout=0s chain=forward disabled=no dst-port=843,9339,8291 in-interface=ether3 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6152,7777 in-interface=ether3 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
7341-7350,7451,8085,9600,9601-9602,9300,9376-9377,9400,9700,10001-10011 in-interface=ether3 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
10402,11011-11041,12011,12110,13008,13413,15000-15002,16402-16502,16666,18901-18909,19000 in-interface=ether3 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
19101,22100,27780,28012,29000,29200,39100,39110,39220,39190,40000,49100,4300 in-interface=ether3 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=14009-14010,4300 in-interface=ether3 protocol=udp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=14009-14010 in-interface=ether3 protocol=udp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
1293,1479,6100-6152,7777-7977,8001,9401,9600-9602,12020-12080,30000,40000-40010 in-interface=ether3 protocol=udp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=42051-42052,11100-11125,11440-11460 in-interface=\
ether3 protocol=udp

Kemudian saya menggunakan layer7 untuk melimit download, yang mana limit bandwidth menggunakan extensi layer7 ini di beri prioritas terbawah. Berikut Layer7 untuk melimit bandwidth yang saya gunakan.

/ip firewall layer7-protocol
add name=youtube regexp="http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5][0-9][0-9][\\x09-\\x0d -~]*(content-type: video)"
add name=big regexp="^.*get.+\\.(exe|rar|zip|7z|cab|asf|mov|wmv|mpg|mpeg|mkv|avi|flv|pdf|wav|rm|mp3|mp4|ram|msu|msi|nup|vdf|rmvb|dat|daa|iso|nrg|bin|vcd|mp2|3gp|mpe|qt|raw|wma|ogg|doc|deb|tar|bzip|gzip|gzip2|0[0-9][0-9]).*\$"
add name=streaming regexp="a.youtube.com|d.youtube.com|e.youtube.com|f.youtube.com|g.youtube.com|h.youtube.com|i.youtube.com|j.youtube.com|l.youtube.com|c.youtube.com|d.youtube.com|youtube|tube|dailymotion.com"

Setelah ip game online indonesia di tangkap sesuai port yang ada pada mikrotik, lalu saya beri mangle untuk game ini, Berikut mangle untuk game online menggunakan mikrotik, yang saya buat.

/ip firewall mangle 
add action=mark-connection chain=prerouting comment=GAME disabled=no dst-address-list=game_online dst-port=\
1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6152,7777 new-connection-mark=game_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online dst-port=7341-7350,7451,8085,9600,9601-9602,9300,9376-9377,9400,9700,10001-10011 \
new-connection-mark=game_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online dst-port=\
10402,11011-11041,12011,12110,13008,13413,15000-15002,16402-16502,16666,18901-18909,19000 new-connection-mark=game_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online dst-port=19101,22100,27780,28012,29000,29200,39100,39110,39220,39190,40000,49100 \
new-connection-mark=game_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online dst-port=14009-14010 new-connection-mark=game_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online dst-port=14009-14010 new-connection-mark=game_conn passthrough=yes protocol=udp
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online dst-port=\
1293,1479,6100-6152,7777-7977,8001,9401,9600-9602,12020-12080,30000,40000-40010 new-connection-mark=game_conn passthrough=yes protocol=udp
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online dst-port=42051-42052,11100-11125,11440-11460 new-connection-mark=game_conn \
passthrough=yes protocol=udp
add action=mark-packet chain=prerouting connection-mark=game_conn disabled=no new-packet-mark=game_pkt passthrough=no
add action=mark-connection chain=prerouting comment="Update Game" disabled=no dscp=!12 dst-address-list=game_online dst-port=80,21 new-connection-mark=update-conn \
packet-mark=!hit passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=update-conn disabled=no dscp=!12 new-packet-mark=update passthrough=no

Lalu saya buat mangle untuk, update game yang konon jika tidak lewat proxy agar di limit sesuai kebutuhan,

/ip firewall mangle 
add action=mark-connection chain=prerouting comment="Update Game" disabled=no dscp=!12 dst-address-list=game_online dst-port=80,21 new-connection-mark=update-conn \
packet-mark=!hit passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=update-conn disabled=no dscp=!12 new-packet-mark=update passthrough=no

Kemudian mangle untuk layer7 streaming, dan saya tambah dengan sedikit content di manglenya.

/ip firewall mangle 
add action=mark-connection chain=prerouting comment=Streaming disabled=no layer7-protocol=YOUTUBE new-connection-mark=streaming-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting disabled=no dscp=!12 layer7-protocol=streaming new-connection-mark=streaming-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=dailymotion.com disabled=no new-connection-mark=streaming-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=mivo disabled=no new-connection-mark=streaming-conn passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=streaming-conn disabled=no new-packet-mark=streaming passthrough=no

Kemudian saya set mangle untuk facebook, dan game online facebook.

/ip firewall mangle 
add action=mark-connection chain=prerouting comment=Facebook disabled=no dst-address-list=FB-Game new-connection-mark=facebook-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=apps.facebook.com disabled=no dscp=!12 new-connection-mark=facebook-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=facebook.com/apps disabled=no dscp=!12 new-connection-mark=facebook-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=app.facebook.com/pool-live disabled=no dscp=!12 new-connection-mark=facebook-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=static.ak.connect.facebook.com disabled=no dscp=!12 new-connection-mark=facebook-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=statics.poker.static.zynga.com disabled=no dscp=!12 new-connection-mark=facebook-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.ninjasaga.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!hit passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.castle.zgncdn.com disabled=no dscp=!12 new-connection-mark=facebook-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.static.zynga.com disabled=no dscp=!12 new-connection-mark=facebook-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.static.zgncdn.com disabled=no dscp=!12 new-connection-mark=facebook-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.empire.zynga.com disabled=no dscp=!12 new-connection-mark=facebook-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.poker.zynga.com disabled=no dscp=!12 new-connection-mark=facebook-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.castle.zynga.com disabled=no dscp=!12 new-connection-mark=facebook-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.farmville.com disabled=no dscp=!12 new-connection-mark=facebook-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.farmville.zgncdn.com disabled=no dscp=!12 new-connection-mark=facebook-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=akamai.net disabled=no dscp=!12 new-connection-mark=facebook-conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.channel.facebook.com disabled=no dscp=!12 new-connection-mark=facebook-conn passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=facebook-conn disabled=no dscp=!12 new-packet-mark=facebook passthrough=no

Untuk Browsingnya saya buat mangle seperti di bawah ini.

/ip firewall mangle 
add action=mark-connection chain=prerouting comment=browsing connection-bytes=100000-256 connection-mark=!facebook-conn disabled=no dscp=!12 dst-address-list=\
!game_online dst-port=80 new-connection-mark=browse-conn packet-mark=!game_pkt passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=browse-conn disabled=no dscp=!12 new-packet-mark=browse passthrough=no

Untuk loadbalancingnya silahkan di gunakan yang nth atau pcc, saya tidak sebut lagi rule-rule tersebut disini.
Untuk Queue Treenya silahkan di kreasikan sendiri..!
Thanks to ForumMikrotik dan segala sumber yang tak bisa disebutkan satu persatu, seperti rule mangle facebook, port game online, rule layer7, dan tak lupa serta connection-bytesnya.

Jasa setting mikrotik dan jasa setting proxy warnet

Jumat, 03 Mei 2013

Jasa Setting Mikrotik Proxy External Ubuntu FreeBSD via Remote

Jasa Setting Mikrotik dan Proxy External Ubuntu FreeBSD via Remote - kami menyediakan Jasa Setting Mikrotik dan Proxy External Ubuntu FreeBSD via Remote untuk seluruh indonesia, beberapa client kami berada jauh di ujung indonesia, seperti papua dan aceh. Jasa setting proxy dan mikrotik dapat di lakukan dengan bantuan software kecil teamviewer, yang berfungsi untuk meremote komputer client, sehingga mikrotik dan client terkoneksi ke internet dengan benar.

Setelah koneksi internet tersambung dengan baik complit dengan management bandwidth yang memisahkan space bandwidth browsing dan game, baik di dalam 1mbps maupun 2mbps atau 3mbps, kemudian di lanjutkan dengan menginstall proxy, installasi proxy external dapat di lakukan via remote, tentunya seperti saya bilang tadi jika koneksi internet sudah terhubung dengan baik lewat mikrotik, meskipun setting dan installasi via teamviewer dapat di lakukan, namun rasanya lebih elegan dan mudah jika koneksi sudah lewat mikrotik.

Soal management bandwidth, bisa di pilih menggunakan queue tree atau menggunakan queue simple, pada prinsifnya queue simple dan tree memiliki kemampuan yang sama, yakni memanagement bandwidth, bedanya hanya mudah dan rumitnya, dalam menconfigurasinya. Jika menggunakan queue tree mungkin bisa menggunakan rule yang panjang lebar, meskipun rule yang sama dapat di gunakan di queue simple.

Jika anda bertanya apa bedanya queue simple dan queue tree, bedanya tak jauh, hanya soal expert dan tidak expertnya, soal mudah dan tidak mudahnya. Warnet - warnet di indonesia umumnya sudah menggunakan proxy external untuk membantu koneksi yang didapat dari penyedia jasa internet seperti telkomspeedy.

Fungsinya seperti di beberapa posting yang saya buat, adalah untuk menghemat bandwidth internet, artinya setiap content yang di cache dan di simpan oleh proxy, jika di access ulang oleh user yang berbeda, koneksi internet tidak lagi di sibukkan request ke isp, tapi langsung mengembalikan paket yang di ambil dari proxy. Simplenya proxy adalah media penyimpanan content yang pernah di kunjungi oleh user, tentunya

TIDAK SEMUA CONTENT BISA - BOLEH DI CACHE OLEH PROXY

Alasannya tentu sangat banyak dan berpariasi, ada alasan security, ada alasan update, dan berbagai macam alasan lainnya yang menyebabkan proxy tidak boleh mencache semua conten, simplenya bayangkan jika hacksield point blank di cache oleh proxy, tentu anda akan di sibukkan oleh pesan bahwa di computer anda ada cheat atau beragam alasan lainnya yang menyebabkan point blank tidak bisa berjalan dengan semestinya. Misal kata saja ada program ilegal di computernya, hanya di karenakan upate hacksield tidak lagi relevan dengan game yang ada.

Tapi umumnya hal-hal seperti itu ada baiknya tidak di cache. Mudah-mudahan tulisan singkat ini, memberikan sedikit pencarahan bagi anda dalam management warnet anda, atau koneksi wireless milik anda. Agar lebih optimal, dengan bantuan dan settingan proxy external ubuntu dan Freebsd, tentu saja LUSCA yang saya install adalah LUSCA_HEAD.

Contact
Jasa Setting Mikrotik
Jasa Setting Proxy External Ubuntu / FreeBSD Warnet

Jumat, 19 April 2013

Jasa setting Mikrotik aceh Remote

Jasa Setting Mikrotik dan Proxy External Aceh - Setting Mikrotik - Proxy External Aceh beberapa hari lalu, ternyata memberikan dampak yang tidak berarti, karena kwalitas koneksi yang ada jauh dari yang di harapkan.

Bagaimana tidak ? Koneksi yang konon katanya 2mbps, lag game, dan lambat buka web ternyata hanya paket sosialia, begitupun bolak - balik di complainkan ke telkomspeedy perubahan yang signifikan tidak juga terjadi. Meski Lusca Proxy yang high Performance kata mereka telah di install.

Koneksi tetap di kondisi yang sama, paket socialia. Pakai jurus apapun dan kesaktian seperti apapun dalam mengconfigurasi dan setting mikrotik, dengan kondisi koneksi seperti ini sepertinya tidak akan mampu menyelamatkan game online seperti point blank untuk dapat di gunakan sebagai mana normalnya di daerah yang memiliki koneksi speedy.

Warnet Ceknet, lah yang menjadi korban ketidak jelasan telkom speedy, seperti penuturan pemiliknya, koneksi internetnya sudah di upgrade ke 2mbps, namun hasilnya tetap socialia.Tak ada harapan koneksi akan lebih baik, karena kwalitas koneksi yang ada hanya mampu mengangkat beban koneksi 512kbps, begitu kata seseorang yang memiliki access untuk melihat koneksi speedy warnet ceknet.

Mudah-mudahan saja FO segera terealisasikan di aceh, khususnya blangkejeren, lokasi warnet ceknet, agar koneksi dapat sedikit lebih baik. Insya ALLAH.

Kamis, 04 April 2013

Prioritas Game Limit Browsing 1MB Speedy

Prioritas Game Limit Browsing 1MB Speedy - Prioritas Game Limit Browsing 1MB Speedy cara ini saya buat sedemikian rupa, tergantung kondisi warnetnya, silahkan di sesuaikan mau pake queue simple atau queue tree, tergantung settingannya.

jasa setting mikrotik warnet untuk game online dan browsing 1mbps speedy

Untuk total browsing ada baiknya di kasih parent, namun disini tidak saya berikan parent mengingat tidak semua user disini menggunakan game online.

Didalamanya saya set limit untuk download update game, mengingat ketika ada user yang main game saat orang lain update jadi tidak terganggu. Dan saya tidak membuat limit bandwidth browsing sekampung.

/ip firewall filter
add action=drop chain=forward disabled=no in-interface=ether3 src-address-list=!IP
add action=add-dst-to-address-list address-list=FB-Game address-list-timeout=0s chain=forward disabled=no dst-port=843 protocol=tcp
add action=add-dst-to-address-list address-list=FB-Game address-list-timeout=0s chain=forward disabled=no dst-port=9339 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6152,7777 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
7341-7350,7451,8085,9600,9601-9602,9300,9376-9377,9400,9700,10001-10011 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
10402,11011-11041,12011,12110,13008,13413,15000-15002,16402-16502,16666,18901-18909,19000 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
19101,22100,27780,28012,29000,29200,39100,39110,39220,39190,40000,49100,4300 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=14009-14010,4300 protocol=udp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=14009-14010 protocol=udp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
1293,1479,6100-6152,7777-7977,8001,9401,9600-9602,12020-12080,30000,40000-40010 protocol=udp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=42051-42052,11100-11125,11440-11460 \
protocol=udp

Mangle nya

/ip firewall mangle
add action=mark-connection chain=prerouting comment=ICMP disabled=no new-connection-mark=icmp-conn passthrough=yes protocol=icmp
add action=change-dscp chain=prerouting disabled=no in-interface=ether3 new-dscp=1 passthrough=yes protocol=icmp
add action=mark-packet chain=prerouting connection-mark=icmp-conn disabled=no new-packet-mark=icmp-pkt passthrough=no
add action=mark-connection chain=prerouting comment=GAME-CONN disabled=no dst-address-list=game_online dst-port=!80,21 in-interface=ether3 new-connection-mark=\
    iix-conn passthrough=yes protocol=tcp src-address-list=IP
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online in-interface=ether3 new-connection-mark=iix-conn passthrough=yes protocol=\
    udp src-address-list=IP
add action=mark-connection chain=prerouting comment="game pb" disabled=no dst-address-list=game_online dst-port=40000-40010 in-interface=ether3 \
    new-connection-mark=iix-conn passthrough=yes protocol=udp src-address-list=IP
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online dst-port=39190,40000-40010 in-interface=ether3 new-connection-mark=\
    iix-conn passthrough=yes protocol=tcp src-address-list=IP
add action=mark-packet chain=prerouting connection-mark=iix-conn disabled=no new-packet-mark=iix-pkt passthrough=no
add action=mark-connection chain=prerouting comment="game fb" disabled=no dst-address-list=FB-Game in-interface=ether3 new-connection-mark=game_fb_conn \
    passthrough=yes
add action=mark-connection chain=prerouting content=.facebook.com disabled=no in-interface=ether3 new-connection-mark=game_fb_conn passthrough=yes
add action=mark-packet chain=prerouting connection-mark=game_fb_conn disabled=no new-packet-mark=game_fb_pkt passthrough=no
add action=mark-connection chain=prerouting comment="Streaming " content=youtube.com disabled=yes in-interface=ether3 new-connection-mark=streaming_conn \
    passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=flv disabled=yes in-interface=ether3 new-connection-mark=streaming_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=mivo disabled=yes in-interface=ether3 new-connection-mark=streaming_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.tv disabled=yes in-interface=ether3 new-connection-mark=streaming_conn passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=streaming_conn disabled=yes new-packet-mark=streaming_pkt passthrough=no
add action=mark-connection chain=prerouting comment="DOWNLOAD dari IIX" disabled=no dst-address-list=game_online dst-port=80,21,3128,8080 in-interface=ether3 \
    new-connection-mark=down-iix-conn passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=down-iix-conn disabled=no new-packet-mark=down-iix-pkt passthrough=no
add action=mark-connection chain=prerouting comment=DOWNLOAD connection-bytes=262146-4294967295 disabled=yes dst-address-list=!game_online dst-port=\
    80,21,8080,443,3128 in-interface=ether3 new-connection-mark=idm_conn passthrough=yes protocol=tcp src-address-list=IP
add action=mark-packet chain=prerouting connection-mark=idm_conn disabled=yes new-packet-mark=download_pkt passthrough=no
add action=mark-connection chain=prerouting comment=BROWSING connection-bytes=0-262146 disabled=yes dst-address-list=!game_online dst-port=80,8080,3128,443 \
    new-connection-mark=browsing passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=browsing disabled=yes new-packet-mark=browsing_pkt passthrough=no
add action=mark-packet chain=prerouting comment=IX disabled=no new-packet-mark=int-pkt passthrough=no

Queue Type

/queue type
set 0 kind=pfifo name=default pfifo-limit=50
set 1 kind=pfifo name=ethernet-default pfifo-limit=50
set 2 kind=sfq name=wireless-default sfq-allot=1514 sfq-perturb=5
set 3 kind=red name=synchronous-default red-avg-packet=1000 red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set 4 kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=5
add kind=pfifo name=ping pfifo-limit=64
add kind=pcq name=GAME pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=src-address,dst-address,src-port,dst-port pcq-dst-address-mask=\
32 pcq-dst-address6-mask=64 pcq-limit=50 pcq-rate=0 pcq-src-address-mask=32 pcq-src-address6-mask=64 pcq-total-limit=2000
add kind=pcq name=Browsing pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=dst-address pcq-dst-address-mask=32 pcq-dst-address6-mask=\
64 pcq-limit=50 pcq-rate=784k pcq-src-address-mask=32 pcq-src-address6-mask=64 pcq-total-limit=2000
add kind=pcq name=Download pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=dst-address pcq-dst-address-mask=32 pcq-dst-address6-mask=\
64 pcq-limit=50 pcq-rate=512k pcq-src-address-mask=32 pcq-src-address6-mask=64 pcq-total-limit=2000
add kind=pcq name=FB pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=dst-address pcq-dst-address-mask=32 pcq-dst-address6-mask=64 \
pcq-limit=50 pcq-rate=512k pcq-src-address-mask=32 pcq-src-address6-mask=64 pcq-total-limit=2000
add kind=pcq name=iix-download pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=dst-address pcq-dst-address-mask=32 \
pcq-dst-address6-mask=64 pcq-limit=50 pcq-rate=512k pcq-src-address-mask=32 pcq-src-address6-mask=64 pcq-total-limit=2000
add kind=pcq name=streaming pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=dst-address pcq-dst-address-mask=32 pcq-dst-address6-mask=\
64 pcq-limit=50 pcq-rate=512k pcq-src-address-mask=32 pcq-src-address6-mask=64 pcq-total-limit=2000
set 12 kind=none name=only-hardware-queue
set 13 kind=mq-pfifo mq-pfifo-limit=50 name=multi-queue-ethernet-default
set 14 kind=pfifo name=default-small pfifo-limit=10

/queue simple
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=0/0 name="A. GAME" packet-marks=\
iix-pkt parent=none priority=1 queue=GAME/GAME target-addresses=0.0.0.0/0 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=0/0 name="B. PING" packet-marks=\
icmp-pkt parent=none priority=2 queue=ping/ping target-addresses=0.0.0.0/0 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=0/512k name="C. IIX-DOWN" \
packet-marks=down-iix-pkt parent=none priority=8 queue=default-small/Browsing target-addresses=0.0.0.0/0 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=0/512k name="D. GAME-FB" packet-marks=\
game_fb_pkt parent=none priority=3 queue=FB/FB target-addresses=0.0.0.0/0 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment=IIX direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC01 \
packet-marks=int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.2/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/256k name=PC02 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.3/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/256k name=PC03 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.4/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/256k name=PC04 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.5/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/256k name=PC05 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.6/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/256k name=PC06 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.7/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/256k name=PC07 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.8/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC08 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.9/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC09 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.10/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC10 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.11/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC11 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.12/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC12 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.13/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC13 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.14/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC14 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.15/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC15 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.16/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC16 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.17/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC17 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.18/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC18 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.19/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC19 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.20/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC20 packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.21/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PCOP packet-marks=\
int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.100/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=yes interface=all limit-at=0/0 max-limit=0/0 name=BROWSING packet-marks=\
browsing_pkt parent=none priority=8 queue=Browsing/Browsing target-addresses=0.0.0.0/0 total-queue=default-small

Sabtu, 30 Maret 2013

Jasa Setting Mikrotik Di FlowersNet Binjai

Jasa Setting Mikrotik Di FlowersNet Binjai - Jasa Setting Mikrotik Di FlowersNet Binjai untuk memisahkan bandwidth game dan browsing serta game facebook. Pada pembagian bandwidth flowersnet yang 1mbps, saya buat browsing untuk luar negeri di limit termasuk ke ip iix yang selain ip game di sebut sebagai ip internasional.

Yang di prioritaskan disini hanya ip game, yang di tangkap lewat ip firewall filter, untuk ip game saja.

/ip firewall filter
add action=drop chain=forward disabled=no in-interface=ether3 src-address-list=!IP
add action=add-dst-to-address-list address-list=FB-Game address-list-timeout=0s chain=forward disabled=no dst-port=843 protocol=tcp
add action=add-dst-to-address-list address-list=FB-Game address-list-timeout=0s chain=forward disabled=no dst-port=9339 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
    1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6152,7777 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
    7341-7350,7451,8085,9600,9601-9602,9300,9376-9377,9400,9700,10001-10011 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
    10402,11011-11041,12011,12110,13008,13413,15000-15002,16402-16502,16666,18901-18909,19000 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
    19101,22100,27780,28012,29000,29200,39100,39110,39220,39190,40000,49100,4300 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=14009-14010,4300 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=14009-14010 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
    1293,1479,6100-6152,7777-7977,8001,9401,9600-9602,12020-12080,30000,40000-40010 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=42051-42052,11100-11125,11440-11460 \
    protocol=tcp

Queue Type

/queue type
set 0 kind=pfifo name=default pfifo-limit=50
set 1 kind=pfifo name=ethernet-default pfifo-limit=50
set 2 kind=sfq name=wireless-default sfq-allot=1514 sfq-perturb=5
set 3 kind=red name=synchronous-default red-avg-packet=1000 red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set 4 kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=5
add kind=pfifo name=ping pfifo-limit=64
add kind=pcq name=GAME pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=src-address,dst-address,src-port,dst-port pcq-dst-address-mask=\
    32 pcq-dst-address6-mask=64 pcq-limit=50 pcq-rate=0 pcq-src-address-mask=32 pcq-src-address6-mask=64 pcq-total-limit=2000
add kind=pcq name=Browsing pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=dst-address pcq-dst-address-mask=32 pcq-dst-address6-mask=\
    64 pcq-limit=50 pcq-rate=784k pcq-src-address-mask=32 pcq-src-address6-mask=64 pcq-total-limit=2000
add kind=pcq name=Download pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=dst-address pcq-dst-address-mask=32 pcq-dst-address6-mask=\
    64 pcq-limit=50 pcq-rate=128k pcq-src-address-mask=32 pcq-src-address6-mask=64 pcq-total-limit=2000
add kind=pcq name=FB pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=dst-address pcq-dst-address-mask=32 pcq-dst-address6-mask=64 \
    pcq-limit=50 pcq-rate=500k pcq-src-address-mask=32 pcq-src-address6-mask=64 pcq-total-limit=2000
set 10 kind=none name=only-hardware-queue
set 11 kind=mq-pfifo mq-pfifo-limit=50 name=multi-queue-ethernet-default
set 12 kind=pfifo name=default-small pfifo-limit=10

Mangle

/ip firewall mangle
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1h chain=prerouting disabled=yes dst-port=\
    1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6152,7777 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1h chain=prerouting disabled=yes dst-port=\
    7341-7350,7451,8085,9600,9601-9602,9300,9376-9377,9400,9700,10001-10011 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1h chain=prerouting disabled=yes dst-port=\
    10402,11011-11041,12011,12110,13008,13413,15000-15002,16402-16502,16666,18901-18909,19000 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1h chain=prerouting disabled=yes dst-port=\
    19101,22100,27780,28012,29000,29200,39100,39110,39220,39190,40000,49100,4300 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1h chain=prerouting disabled=yes dst-port=14009-14010,4300 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1h chain=prerouting disabled=yes dst-port=14009-14010 protocol=udp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1h chain=prerouting disabled=yes dst-port=\
    1293,1479,6100-6152,7777-7977,8001,9401,9600-9602,12020-12080,30000,40000-40010 protocol=udp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1h chain=prerouting disabled=yes dst-port=42051-42052,11100-11125,11440-11460 \
    protocol=udp
add action=mark-connection chain=prerouting comment=ICMP disabled=no new-connection-mark=icmp-conn passthrough=yes protocol=icmp
add action=change-dscp chain=prerouting disabled=no in-interface=ether3 new-dscp=1 passthrough=yes protocol=icmp
add action=mark-packet chain=prerouting connection-mark=icmp-conn disabled=no new-packet-mark=icmp-pkt passthrough=no
add action=mark-connection chain=prerouting comment=IIX disabled=no dst-address-list=game_online dst-port=!80,21 in-interface=ether3 new-connection-mark=\
    iix-conn passthrough=yes protocol=tcp src-address-list=IP
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online in-interface=ether3 new-connection-mark=iix-conn passthrough=yes protocol=\
    udp src-address-list=IP
add action=mark-connection chain=prerouting comment=PB disabled=no dst-address-list=game_online dst-port=40000-40010 in-interface=ether3 new-connection-mark=\
    iix-conn passthrough=yes protocol=udp src-address-list=IP
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online dst-port=39190,40000-40010 in-interface=ether3 new-connection-mark=\
    iix-conn passthrough=yes protocol=tcp src-address-list=IP
add action=mark-packet chain=prerouting connection-mark=iix-conn disabled=no new-packet-mark=iix-pkt passthrough=no
add action=mark-connection chain=prerouting comment="IIX DOWN" disabled=no dst-address-list=game_online dst-port=80 in-interface=ether3 new-connection-mark=\
    down-iix-conn passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=down-iix-conn disabled=no new-packet-mark=down-iix-pkt passthrough=no
add action=mark-connection chain=prerouting comment="GAME FB" disabled=no dst-address-list=FB-Game in-interface=ether3 new-connection-mark=game_fb_conn \
    passthrough=yes
add action=mark-connection chain=prerouting content=.facebook.com disabled=no in-interface=ether3 new-connection-mark=game_fb_conn passthrough=yes
add action=mark-packet chain=prerouting connection-mark=game_fb_conn disabled=no new-packet-mark=game_fb_pkt passthrough=no
add action=mark-packet chain=prerouting comment=IX disabled=no new-packet-mark=int-pkt passthrough=no

Queue Simple router mikrotik warnet

/queue simple
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=0/0 name="A. GAME" packet-marks=\
    iix-pkt parent=none priority=1 queue=GAME/GAME target-addresses=0.0.0.0/0 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=0/0 name="B. PING" packet-marks=\
    icmp-pkt parent=none priority=2 queue=ping/ping target-addresses=0.0.0.0/0 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=0/700k name="C. IIX-DOWN" \
    packet-marks=down-iix-pkt parent=none priority=8 queue=default-small/Browsing target-addresses=0.0.0.0/0 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=0/0 name="D. GAME-FB" packet-marks=\
    game_fb_pkt parent=none priority=3 queue=FB/FB target-addresses=0.0.0.0/0 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment=IIX direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC01 \
    packet-marks=int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.2/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/256k name=PC02 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.3/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/256k name=PC03 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.4/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/256k name=PC04 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.5/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/256k name=PC05 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.6/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/256k name=PC06 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.7/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/256k name=PC07 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.8/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC08 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.9/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC09 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.10/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC10 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.11/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC11 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.12/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC12 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.13/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC13 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.14/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC14 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.15/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC15 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.16/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC16 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.17/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC17 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.18/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC18 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.19/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC19 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.20/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PC20 packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.21/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=64k/384k name=PCOP packet-marks=\
    int-pkt parent=none priority=8 queue=default-small/default-small target-addresses=192.168.1.100/32 total-queue=default-small

Kamis, 28 Maret 2013

Regedit Untuk Anti Install Exe

Mandailing Natal - Regedit Untuk Anti Install Exe - membuat Regedit Untuk Anti Install file exe yang di inginkan, misalnya kita ingin memblok agar cain.exe tidak bisa di install menggunakan regedit.

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"Disallowrun"=dword:00000001

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\disallowrun]
"1"="cain.exe"
"2"="netcut.exe"
"3"="program_yangditolaklainnya.exe"

simpan di notepad. dengan extensi .reg misalnya antiexe.reg namanya.
Mudah-mudahan script regedit ini mampu memblok installasi software hacking yang tak di ingin, silahkan di coba saya blom sempat mencobanya.

Selasa, 26 Maret 2013

Limit Download Dengan Queue Tree

Jasa setting mikrotik - Limit Download Dengan Queue Tree - cara limit download dengan queue tree seperti ini saya lakukan di mikrotik hotspot kampus swadaya binjai. Yang tujuannya hanya melimit download berdasarkan connection-bytes.

Limit download dengan queue tree ini berfungsi baik, jika hanya melimit sebesar connection-bytes yang di berikan sampai ke tak terhingga. Karena queue tree ini hanya di gunakan untuk kampus, saya tidak perlu pusing-pusing untuk mempriotiaskan game dan browsing. Queue ini cukup simple dan saya kira sangat powerfull.

Ya tentu saja sesuai kebutuhan.

add chain=forward action=mark-connection new-connection-mark=down-conn passthrough=yes \
    protocol=tcp out-interface=ether2-Lan connection-bytes=250000-4294967295 comment="DOWNLOAD"

add chain=forward action=mark-packet new-packet-mark=down-conn passthrough=no \
    protocol=tcp out-interface=ether2-Lan connection-mark=Download

add name="download" kind=pcq pcq-rate=256000 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 \
    max-limit=256k name=Download packet-mark="" parent=ehter2-Lan priority=8
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes limit-at=0 \
    max-limit=256k name=Down-client packet-mark=Download parent=Download \
    priority=8 queue=download

Untuk limit download dengan queue tree yang lebih baik, contoh limit bandwidth diatas dapat di explorasi lebih jauh.

Jasa setting mikrotik warnet - jasa setting proxy warnet - jasa setting hotspot kampus, jasa setting hotspot kantor, wisp binjai.

Minggu, 24 Februari 2013

Limit Bandwidth Mikrotik Dengan Layer7

Limit Bandwidth Mikrotik Dengan Layer7 - Limit Bandwidth Mikrotik Dengan Layer7 dalam sebuah manegement koneksi, limit bandwidth tak dapat di pisahkan dan sangat besar perananannya dalam menentukan kwalitas koneksi. Terlebih jika koneksi yang kita gunakan seperti koneksi speedy, yang mana koneksi tersebut di gunakan untuk beberapa client di sebuah warnet/office.

Untuk memudahkan kita memanagement bandwidth menggunakan queue tree kita bisa menggunakan mangle, tentunya kita harus memahami mangle itu apa, saya sendiri menyebut mangle mikrotik adalah cara menandai paket, dimana paket yang di tandai tersebut dapat di eksekusi di queue tree atau di bagian lainnya di router mikrotik.

Mangle mikrotik di padukan dengan regex, yang di set di layer7 mikrotik bisa kita eksekusi di queue tree atau di queue simple mikrotik, sehingga tercapai tujuan kita yaitu melimit bandwidth mikrotik dengan layer7.

Koneksi yang di management dengan tepat akan menghasilkan koneksi yang berkwalitas dan memuaskan, sehingga dapat di gunakan sesuai tujuannya. Dari itu limit bandwidth sangat penting, terlebih jika clientnya merupakan client game dan browsing.

/ip firewall layer7-protocol
add comment="" name=big regexp="^.*get.+\\.(exe|rar|iso|zip|7zip|0[0-9][1-9]|flv|mkv|avi|mp4|3gp|rmvb|mp3|img|dat|mov).*\$"
add comment="" name=mid regexp="^.*get.+\\.(zip|rar|7z).*\$"
add comment="" name=small regexp="^.*get.+\\.(pdf|doc|docx|xlsx|xls|rtf|ppt|ppt).*\$"
add comment="" name=Video regexp="http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5][0-9][0-9][\\x09-\\x0d -~]*(content-type: video)"

Layer7 mikrotik diatas di pisahkan dengan nama big,mid,small dan video, dengan layer7 mikrotik tersebut kita bisa memisahkan paket dengan nama big di kecilkan limitasinya, di banding dengan nama layer7 lainnya.

Selasa, 12 Februari 2013

Jasa setting mikrotik warnet jaya express subang

Jasa setting mikrotik warnet jaya express subang - jasa setting mikrotik pada warnet jaya express saya lakukan kemarin via remote dan teamviewer, sebenarnya mandailng natal, awalnya hanya melayani warnet jaya express subang jawa barat, untuk install proxy external yang di padukan denga rb750 mikrotik.

Namun sebagai penjual mikrotik dan settinga mikrotik nya, meskipun warnet jaya express tidak membeli mikrotik dari, router boardnya tetap saya configurasi, meski sederhana tapi saya yakin itu cukup powerfull, setidaknya download internet download manager tidak akan kebobolan, dan insya ALLAH game juga lancar.

Proxy sendiri saya install via jarak jauh, dengan bantuan dari pihak pengelola warnet, termasuk mendownload iso terbaru freebsd 9.1, meski sempat ada kendala sedikit, karena freebsd 9.1 zps belum support auto compile, yang mana file auto compile harus di download dan di install terlebih dahulu, agar install squid proxy dapat berjalan semestinya.

Butuh beberapa waktu untuk menyesuaikan kondisi warnet dengan mikrotik dan juga proxy, yang awalnya modem jaya express di setting dial di modem, dan saya ubah dial di mikrotik, tujuannya agar control dan membantu saat ada keluhan lebih mudah. Serta mempermudah pengelola jaya express untuk melihat kondisi koneksi, tak kalah penting konon kata para master mikrotik, dial di mikrotik akan memperringan kerja dari modem adsl speedy.

Awalnya mikrotik warnet ini sudah di configurasi, ya dengan configurasi sederhana, dial di modem -> mikrotik tanpa management bandwidth dan tanpa configurasi apapun, selain nat untuk masqurade, dan routing ke modem speedy sebagai gatewaynya.

Limit bandwidth sendiri saya tidak buat macam - macam, hanya untuk optimasi game, dan queue simple dengan mangle game online mikrotik, berdasarkan port, tak juga lupa mengaktifkan TOS untuk hit proxy external. Mudah-mudahan jaya express lancar dan makin jaya Insya ALLAH. Oh iya jasasettingmikrotik.web.id menginstall proxy lusca tentunya untuk cache youtube.

Minggu, 10 Februari 2013

Setting Hotspot Mikrotik Gorontalo Remote

Setting Hotspot Mikrotik Gorontalo Remote - Sebagai jasa setting mikrotik, hotspot, wifi dan jasa setting proxy external mikrotik, beberapa client kami banyak dari luar daerah lokasi kami berada, misalnya saja seperti sebuah warung pulsa di gorontalo yang tak kami sebut namanya disini, ada juga dari pedalaman riau, kerinci, kabupaten siak, dan di medan sendiri, dan Alhamdulillah masih memiliki hubungan yang baik dengan jasa setting mikrotik sampai hari ini.

Sebagai penyedia jasa, seharusnya antar client dan penjual jasa harus ada komunikasi yang harmonis, meski tak harus intens apalagi intim (hehehhe), ketika pelanggan menghadapi problem di jaringan, di mikrotik, atau di proxynya mau - tak mau seharusnya penyedia jasa harus rela di ganggu dan membantu pelanggannya, meskipun settingan sudah di lakukan beberapa bulan lalu. Itulah ciri seorang penjual yang islami.

Jujur, tak semua pelanggan kami dari kalangan muslim, namun kami memberikan service dan pelayanan yang sama tanpa membedakan ras, suku, dan agama, karena kami yakin, Tuhan yang maha kaya raya pasti melihat usaha kami, dan memberikan pertolongannya, jikalau kami bekerja dan melayani pelanggan dengan jujur dan baik.

Setting hotspot mikrotik via remote kemarin malam kami lakukan dari medan ke gorontalo, dengan bantuan software teamviewer, dikarenakan koneksi yang di gunakan oleh warung pulsa tersebut berasal dari bandwidth shared menggunakan wireless dari isp lokal. Yang kami tidak bisa memiliki access ke ip publiknya untuk setting port forwading.

Sebelumnya mikrotik sudah di set, dan hotspot, usermanager, serta pendukung lainnya sudah berjalan normal di mikrotik, masalahnya hanya Radius Server Is Not Responding pada hotspot mikrotiknya, yang artinya koneksi dari mikrotik ke dalam radius servernya tidak terjalin dengan baik, sehingga pesan radius server isnot responding di tampilkan, ya jelas sekali usermanager mikrotik sebagai billing hotspot tidak akan bekerja dengan baik.

Cara mengatasi radius server isnot responding lain kesempatan akan kami tuliskan disini. Alhamdulillah setting hotspot mikrotik gorontalo via remote selesai dalam hitungan menit.

Jumat, 08 Februari 2013

Download Acronis.iso untuk mengcloning hardisk windows

Mandailing Natal - Download Acronis.ISO Untuk Mengcloning Hardisk - Download Acronis.ISO Untuk Mengcloning Hardisk, sempat di pusingkan karena cd cloning hilang, tepatnya cd acronis yang dahulu di download dari indowebster. Kebetulan kemarin ada sedikit pekerjaan untuk menginstall ulang hampir seluruh komputer warnet di belawan.

Sialnya ketika ingin mengganti cd yang hilang tersebut yang diingat adalah hiren boot cd :( sementar www.mandailingnatal.com tidak terlalu pamiliar menggunakan hiren boot cd, apalagi jika hiren boot cd tersebut di set booting dengan flashdisk, 90 persen membuang waktu, setelah beberapa kali gagal, dengan software hiren boot cd yang 9.3, software kecil itu bener-benar membuat jengkel.

Karena ke jengkelan itu juga, harus mencari lagi lagi software cloning yang lebih baik, dan mudah menggunakannya tentunya bukan XXCLONE lagi, keiginan untuk menggunakan seperti cd acronis yang hilang, pencarian memberi titik terang, ketika melihat nama acronis, baru sadar, bahwa software yang sangat di butuhkan yang kelupaan namanya adalah acronis, bukan hiren boot cd dari flashdisk bukan juga xxclone sebagai software cloning windows via windows, yang sangat rugi, jika windows yang akan di cloning memilik virus, makanya menyebarlah sang virus ke hardisk yang masih suci bersih :(, jadi malas menggunakan xxclone jikalau tidak terpaksa.

Karena waktu yang semakin larut ketika mencari software acronis terkecil, acronis.iso dengan ukuran puluhan mb, bukan ratusan tentunya untuk menghemat waktu download. biasanya menggunakan keyword ?index.of? acronis jika mencari sebuah softwre, nah untuk mencari software lain, tinggal mengganti nama acronisnya saja, menjadi nama software yang ingin kita cari.

Untuk sofware acronis, bisa ente download disini dan burning ke cd, ukurannya kecil kok.

http://www.mmnt.net/db/0/0/81.200.23.6/progi/PROGRAMS/Acronis/iso

Atau bisa menggunakan software xxclone yang lebih mudah tanpa harus menggunakan cdroom /cd booting. lihat disini - > http://www.leechhouse.com/2012/06/cara-cloning-hardisk-dengan-mudah.html

Belajar Jaringan - Belajar Pemrograman

Senin, 13 Mei 2013

Cara Install Unbound Di FreeBSD 9.1

Selasa, 07 Mei 2013

Jasa Setting Mikrotik dan Jasa Setting Proxy Gebang Tanjung Pura

Minggu, 05 Mei 2013

Setting Mikrotik SevenStar Net Binjai Sumatera Utara

Jumat, 03 Mei 2013

Jasa Setting Mikrotik Proxy External Ubuntu FreeBSD via Remote

Jumat, 19 April 2013

Jasa setting Mikrotik aceh Remote

Kamis, 04 April 2013

Prioritas Game Limit Browsing 1MB Speedy

Sabtu, 30 Maret 2013

Jasa Setting Mikrotik Di FlowersNet Binjai

Kamis, 28 Maret 2013

Regedit Untuk Anti Install Exe

Selasa, 26 Maret 2013

Limit Download Dengan Queue Tree

Minggu, 24 Februari 2013

Limit Bandwidth Mikrotik Dengan Layer7

Selasa, 12 Februari 2013

Jasa setting mikrotik warnet jaya express subang

Minggu, 10 Februari 2013

Setting Hotspot Mikrotik Gorontalo Remote

Jumat, 08 Februari 2013

Download Acronis.iso untuk mengcloning hardisk windows

Belajar Jaringan - Belajar Pemrograman

Cari Blog Ini

Arsip Blog

Laporkan Penyalahgunaan

Postingan Populer

Template Dasar Blogspot Tanpa Css Tanpa JavaScript Bawaan