Cara Memisahkan Browse, Download, Upload, Dan Game
Settingan ini Berjalan Pada Mikrotik RB750 OS ver.4.5 Dan percobaan Ini
dilakukan pada mikrotik PC dengan Mikrotik Versi V2.9.27
Siapkan Perangkat PC dan Instal Mikrotik V2.9.27
Siapkan Perangkat PC dan Instal Mikrotik V2.9.27
- Lan Card 1 menuju ISP dalam settingan ini menggunakan Speedy "Jaringan Speedy"
- Lan Card 2 Menuju Jaringan Local dengan nama "Jaringan Local"
- Setting IP untuk Lan 1 (Baca Tutorial Instal Mikrotik)
- setting IP untuk Lan 2 (disini IP : 192.168.0.0/24
Settingan Yang akan Dilakukan :
- GAME Poin Blank
- Game Poker
- BROWSING
- UPLOAD
- LIMIT DOWNLOAD
- QUEUE
Tahapan atau teknik setting seperti
berikut :
- Settingan Untuk GAME Poin Blank
contoh buat Point Blank, game lain sesuaikan aja port/ip nya
Untuk Perintah Dibawah buatkan Pada bagian IP-Firewall-Mangle
-------------------------------------------------------------------------------------------------
chain=game action=mark-connection new-connection-mark=Game passthrough=yes protocol=tcp dst-address=203.89.146.0/23 dst-port=39190 comment=”Point Blank”
-------------------------------------------------------------------------------------------------
chain=game action=mark-connection new-connection-mark=Game passthrough=yes protocol=udp dst-address=203.89.146.0/23 dst-port=40000-40010
-------------------------------------------------------------------------------------------------
chain=game action=mark-packet new-packet-mark=Game_pkt passthrough=no connection-mark=Game
-------------------------------------------------------------------------------------------------
chain=prerouting action=jump jump-target=game
-------------------------------------------------------------------------------------------------
- Settingan Untuk GAME Poker
Untuk Perintah Dibawah buatkan Pada
bagian IP-Firewall-Mangle
-------------------------------------------------------------------------------------------------
chain=forward action=mark-connection new-connection-mark=Poker_con passthrough=yes protocol=tcp dst-address-list=LOAD POKER comment=”POKER”
-------------------------------------------------------------------------------------------------
chain=forward action=mark-connection new-connection-mark=Poker_con passthrough=yes protocol=tcp content=statics.poker.static.zynga.com
-------------------------------------------------------------------------------------------------
chain=forward action=mark-packet new-packet-mark=Poker passthrough=no connection-mark=Poker_con
-------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------
chain=forward action=mark-connection new-connection-mark=Poker_con passthrough=yes protocol=tcp dst-address-list=LOAD POKER comment=”POKER”
-------------------------------------------------------------------------------------------------
chain=forward action=mark-connection new-connection-mark=Poker_con passthrough=yes protocol=tcp content=statics.poker.static.zynga.com
-------------------------------------------------------------------------------------------------
chain=forward action=mark-packet new-packet-mark=Poker passthrough=no connection-mark=Poker_con
-------------------------------------------------------------------------------------------------
- BROWSING
-------------------------------------------------------------------------------------------------
chain=forward action=mark-connection new-connection-mark=http passthrough=yes protocol=tcp in-interface=WAN out-interface=Lan packet-mark=!Game_pkt connection-mark=!Game connection-bytes=0-262146 comment=”BROWSE”
-------------------------------------------------------------------------------------------------
chain=forward action=mark-packet new-packet-mark=http_pkt passthrough=no protocol=tcp connection-mark=http
-------------------------------------------------------------------------------------------------
chain=forward action=mark-packet new-packet-mark=http_pkt passthrough=no protocol=tcp connection-mark=http
-------------------------------------------------------------------------------------------------
chain=forward action=mark-connection new-connection-mark=http passthrough=yes protocol=tcp in-interface=WAN out-interface=Lan packet-mark=!Game_pkt connection-mark=!Game connection-bytes=0-262146 comment=”BROWSE”
-------------------------------------------------------------------------------------------------
chain=forward action=mark-packet new-packet-mark=http_pkt passthrough=no protocol=tcp connection-mark=http
-------------------------------------------------------------------------------------------------
chain=forward action=mark-packet new-packet-mark=http_pkt passthrough=no protocol=tcp connection-mark=http
-------------------------------------------------------------------------------------------------
- UPLOAD
-------------------------------------------------------------------------------------------------
chain=prerouting action=mark-packet new-packet-mark=Upload passthrough=no protocol=tcp src-address=192.168.0.0/24 in-interface=Lan packet-mark=!icmp_pkt comment=”UPLOAD”
-------------------------------------------------------------------------------------------------
chain=prerouting action=mark-packet new-packet-mark=Upload passthrough=no protocol=tcp src-address=192.168.0.0/24 in-interface=Lan packet-mark=!icmp_pkt comment=”UPLOAD”
-------------------------------------------------------------------------------------------------
- LIMIT DOWNLOAD
-------------------------------------------------------------------------------------------------
chain=forward action=mark-connection new-connection-mark=Download passthrough=yes protocol=tcp in-interface=WAN out-interface=Lan packet-mark=!Game_pkt connection-mark=!Poker_con connection bytes=262146-4294967295 comment=”LIMIT DOWNLOAD”
-------------------------------------------------------------------------------------------------
chain=forward action=mark-packet new-packet-mark=Download_pkt passthrough=no packet-mark=!Game_pkt connection-mark=Download
-------------------------------------------------------------------------------------------------
chain=forward action=mark-connection new-connection-mark=Download passthrough=yes protocol=tcp in-interface=WAN out-interface=Lan packet-mark=!Game_pkt connection-mark=!Poker_con connection bytes=262146-4294967295 comment=”LIMIT DOWNLOAD”
-------------------------------------------------------------------------------------------------
chain=forward action=mark-packet new-packet-mark=Download_pkt passthrough=no packet-mark=!Game_pkt connection-mark=Download
-------------------------------------------------------------------------------------------------
- QUEUE
Queue Type
-------------------------------------------------------------------------------------------------
name=”Download” kind=pcq pcq-rate=256000 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
name=”Http” kind=pcq pcq-rate=1M pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
name=”Game” kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address,dst-address,src-port,dst-port pcq-total-limit=2000
name=”Upload” kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000
-------------------------------------------------------------------------------------------------
Queue Tree
-------------------------------------------------------------------------------------------------
name=”Main Browse” parent=Lan limit-at=0 priority=8 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s
name=”Browse” parent=Main Browse packet-mark=http_pkt limit-at=0 queue=Http priority=8 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s
name=”Game” parent=global-total packet-mark=Game_pkt limit-at=0 queue=Game priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
name=”Poker” parent=global-out packet-mark=Poker limit-at=0 queue=Game priority=3 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
name=”Download” parent=global-out packet-mark=Download_pkt limit-at=0 queue=Download priority=8 max-limit=256k burst-limit=0 burst-threshold=0 burst-time=0s
name=”Main Upload” parent=global-in limit-at=0 priority=8 max-limit=256k burst-limit=0 burst-threshold=0 burst-time=0s
name=”Upload” parent=Main Upload packet-mark=Upload limit-at=0 queue=Upload priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
-------------------------------------------------------------------------------------------------
name=”Download” kind=pcq pcq-rate=256000 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
name=”Http” kind=pcq pcq-rate=1M pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
name=”Game” kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address,dst-address,src-port,dst-port pcq-total-limit=2000
name=”Upload” kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000
-------------------------------------------------------------------------------------------------
Queue Tree
-------------------------------------------------------------------------------------------------
name=”Main Browse” parent=Lan limit-at=0 priority=8 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s
name=”Browse” parent=Main Browse packet-mark=http_pkt limit-at=0 queue=Http priority=8 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s
name=”Game” parent=global-total packet-mark=Game_pkt limit-at=0 queue=Game priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
name=”Poker” parent=global-out packet-mark=Poker limit-at=0 queue=Game priority=3 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
name=”Download” parent=global-out packet-mark=Download_pkt limit-at=0 queue=Download priority=8 max-limit=256k burst-limit=0 burst-threshold=0 burst-time=0s
name=”Main Upload” parent=global-in limit-at=0 priority=8 max-limit=256k burst-limit=0 burst-threshold=0 burst-time=0s
name=”Upload” parent=Main Upload packet-mark=Upload limit-at=0 queue=Upload priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
- Tambahan Untuk NAT :
action=masquerade chain=srcnat comment="" disabled=no out-interface=Speedy src-address=192.168.0.0/24
add action=redirect chain=dstnat comment="" disabled=no dst-port=53 in-interface=lan protocol=udp to-ports=53
add action=redirect chain=dstnat comment="" disabled=no dst-port=53 in-interface=lan protocol=udp to-ports=53
Sepengalaman saya yang masih CUPU bin Newbie, untuk
sebuah warnet yang juga menyediakan game online ternyata lebih optimal dengan
Bandwith Management menggunakan methode Simple Queue.Dengan Simple queue kita
cukup me mangle setiap ip/port game online dan seterusnya di queue diberikan
limit bandwith yang lebih besar atau unlimited saja dan prioritaskan paling
tinggi.
Untuk browse/download baru kita limit per ip klien.Juga memungkinakan untuk
mebagi trafik IIX dan OIX nya sekaligus memprioritaskannya juga. Karena sesuai namanya
simple queue ternyata memang simple.CMIIW.
Berikut saya sertakan port game online yang menggunakan IIX/koneksi lokal:
1. Ayo Dance : tcp 18901-18909
2. SealOnline : tcp 1818
3. PointBlank : tcp 39100,39110,39220,39190,49100, udp 40000-40010
4. Lineage2 : tcp 7777
5. GhostOnline : tcp 19101
6. RF-Elven : tcp 27780
7. Perfect world : tcp 29000
8. Rohan : tcp 22100
9. Zeus RO : tcp 5121
10. Dotta : tcp 6000-6152
11. IdolStreet : tcp 2001
12. CrazyKart : tcp 9601-9602
13. WOW AMPM : tcp 8085
14. DriftCity : tcp 11011-11041
15. GetAmped : tcp 13413
16. Yullgang : tcp 19000
17. RAN Online : tcp 5105
18. CrossFire : tcp 10009,[b]13008, 16666, 28012, udp 12020-12080,13000 - 13080 tambahan ji177my
19. WarRock : tcp 5340-5352
20. FastBlack : tcp 6000-6001
21. Rose Online : tcp 29200
UPDATE:
22. Return Of Warrior : tcp 10402
23. CrazyKart 2 : tcp 9600
25. Luna Online : tcp 15000-15002
26. Runes Of Magic : tcp 16402-16502
27. Fresh Ragnarok PS, www.freshro.org dst address 119.110.87.179 : 5171 (koreksi by zeroice)
28. Tantra Online : tcp 3010 (tambahan bro s4ndy78)
29. Heroes Of Newearth Incatamers chat server -> TCP 11031 game server -> UDP 11100-11125 VOIP -> UDP 11440-11460 (by LOVIAN)
30. Atlantica : tcp 4300 , ip 203.89.147.0/24 link: http://atlantica.gemscool.com/
31. ECO Online --> Port 12011 , 12110 by RB750
32. Cabal Indo --> Port 15001, 15002 by RB750
33. X-SHOT : tcp 7341-7350,7451 , udp 7777-7977,30000
34. 3 Kingdoms : UDP 42051-42052
FILTERING :
/ ip firewall filter
add chain=input connection-state=invalid action=drop comment=”Drop
Invalid connections”
add chain=input connection-state=established
action=accept comment=”Allow Established connections”
add chain=input protocol=udp action=accept comment=”Allow
UDP”
add chain=input protocol=icmp action=accept comment=”Allow
ICMP”
add chain=input src-address=192.168.0.0/24 action=accept
comment=”Allow access to router from known network”
add chain=input action=drop comment=”Drop anything
else”
ANTI VIRUS UTK
MICROTIK :
add chain=forward action=jump jump-target=virus
comment=”jump to the virus chain”
add chain=forward protocol=icmp comment=”allow ping”add
chain=forward protocol=udp comment=”allow udp”add chain=forward action=drop
comment=”drop everything else
SECURITY ROUTER
MICROTIK ANDA :
/ ip firewall filter
add chain=input connection-state=established
comment=”Accept established connections”
add chain=input connection-state=related comment=”Accept
related connections”
add chain=input connection-state=invalid action=drop
comment=”Drop invalid connections”
add chain=input protocol=udp action=accept comment=”UDP”
disabled=no
add chain=input protocol=icmp limit=50/5s,2
comment=”Allow limited pings”
add chain=input protocol=icmp action=drop comment=”Drop
excess pings”
add chain=input protocol=tcp dst-port=22 comment=”SSH for
secure shell”
add chain=input protocol=tcp dst-port=8291
comment=”winbox”
# Edit these rules to
reflect your actual IP addresses! #
add chain=input src-address=159.148.172.192/28
comment=”From Mikrotikls network” add chain=input src-address=10.0.0.0/8
comment=”From our private LAN”
# End of Edit #
add chain=input action=log log-prefix=”DROP INPUT”
comment=”Log everything else”
add chain=input action=drop comment=”Drop everything
else”
“http://wiki.mikrotik.com/wiki/Securing_your_router“
SETTING KEAMANAN
JARINGAN HANYA UNTUK LOKAL AREA ANDA :
/ip firewall filter
add chain=forward connection-state=established
comment=”allow established connections”
add chain=forward connection-state=related comment=”allow
related connections”
add chain=forward connection-state=invalid action=drop
comment=”drop invalid connections”
add chain=virus protocol=tcp dst-port=135-139 action=drop
comment=”Drop Blaster Worm”
add chain=virus protocol=udp dst-port=135-139 action=drop
comment=”Drop Messenger Worm”
add chain=virus protocol=tcp dst-port=445 action=drop
comment=”Drop Blaster Worm” add chain=virus protocol=udp dst-port=445
action=drop comment=”Drop Blaster Worm” add chain=virus protocol=tcp
dst-port=593 action=drop comment=”________”
add chain=virus protocol=tcp dst-port=1024-1030
action=drop comment=”________” add chain=virus protocol=tcp dst-port=1080
action=drop comment=”Drop MyDoom” add chain=virus protocol=tcp dst-port=1214
action=drop comment=”________”
add chain=virus protocol=tcp dst-port=1363 action=drop
comment=”ndm requester”
add chain=virus protocol=tcp dst-port=1364 action=drop
comment=”ndm server”
add chain=virus protocol=tcp dst-port=1368 action=drop
comment=”screen cast”
add chain=virus protocol=tcp dst-port=1373 action=drop
comment=”hromgrafx”
add chain=virus protocol=tcp dst-port=1377 action=drop
comment=”cichlid”
add chain=virus protocol=tcp dst-port=1433-1434
action=drop comment=”Worm”
add chain=virus protocol=tcp dst-port=2745 action=drop
comment=”Bagle Virus”
add chain=virus protocol=tcp dst-port=2283 action=drop
comment=”Drop Dumaru.Y” add chain=virus protocol=tcp dst-port=2535 action=drop
comment=”Drop Beagle”
add chain=virus protocol=tcp dst-port=2745 action=drop
comment=”Drop Beagle.C-K” add chain=virus protocol=tcp dst-port=3127-3128
action=drop comment=”Drop MyDoom”
add chain=virus protocol=tcp dst-port=3410 action=drop
comment=”Drop Backdoor OptixPro”
add chain=virus protocol=tcp dst-port=4444 action=drop
comment=”Worm”
add chain=virus protocol=udp dst-port=4444 action=drop
comment=”Worm”
add chain=virus protocol=tcp dst-port=5554 action=drop
comment=”Drop Sasser”
add chain=virus protocol=tcp dst-port=8866 action=drop
comment=”Drop Beagle.B”
add chain=virus protocol=tcp dst-port=9898 action=drop
comment=”Drop Dabber.A-B” add chain=virus protocol=tcp dst-port=10000
action=drop comment=”Drop Dumaru.Y” add chain=virus protocol=tcp dst-port=10080
action=drop comment=”Drop MyDoom.B” add chain=virus protocol=tcp dst-port=12345
action=drop comment=”Drop NetBus”
add chain=virus protocol=tcp dst-port=17300 action=drop
comment=”Drop Kuang2″
add chain=virus protocol=tcp dst-port=27374 action=drop
comment=”Drop SubSeven” add chain=virus protocol=tcp dst-port=65506 action=drop
comment=”Drop PhatBot, Agobot, Gaobot”
#MatikanPort yang Biasa di pakai Spam :
/ip firewall filter add chain=forward dst-port=135-139
protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=135-139
protocol=udp action=drop
/ip firewall filter add chain=forward dst-port=445
protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=445
protocol=udp action=drop
/ip firewall filter add chain=forward dst-port=593
protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=4444
protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=5554
protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=9996
protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=995-999
protocol=udp action=drop
/ip firewall filter add chain=forward dst-port=53
protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=55
protocol=tcp action=drop
