RSS

Mikrotik Cli Bag (2)

Posted in

Kali Ini kita Share Lanjutan Dari Configure Lusca Head
Ok Gan Tanpa basa Basi Kita Copas Mikrotik Cli....
Tinggal Agan2 Sesuaikan Ip na.... Di Rb750 Dll...

Kalau sudah selesai anda setting mikrotiknya seperti dibawah ini :
Masukkan ini di mangle :
#======================================================================================#
;;; Intl-conn
/ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=packet-intl passthrough=no
/ip firewall mangle add chain=output action=mark-packet new-packet-mark=packet-intl passthrough=no

;;; PROXY-HIT
/ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=proxy-hit passthrough=no dscp=12

;;; http-conn
/ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=http-conn passthrough=yes protocol=tcp dst-port=80
/ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=http passthrough=yes connection-mark=http-conn

;;; https-conn
/ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=https-conn passthrough=yes connection-state=new protocol=tcp dst-port=443
/ip firewall mangle add chain=prerouting action=mark-routing new-routing-mark=https passthrough=no connection-mark=https-conn

;;; CHANGE MMS
/ip firewall mangle add chain=forward action=change-mss new-mss=1440 tcp-flags=syn protocol=tcp in-interface=public tcp-mss=1441-65535

IP FIREWALL ADDRESS-LIST :
;;; LocalNet
LocalNet     192.168.2.0/24     — IP local sesuaikan dengan IP lokal anda

;;; PROXY
ProxyNet     192.168.2.0/24 -- IP network Proxy
DNS             202.134.1.10     -- sesuaikan DNS ISP anda
DNS             202.134.0.155     -- sesuaikan DNS ISP anda
GAMES           63.241.101.0/25
GAMES           74.114.8.0/21

IP FIREWALL NAT :
;;; Nat Proxy
/ip firewall add chain=dstnat action=dst-nat to-addresses=192.168.2.20 to-ports=3128 protocol=tcp src-address=!192.168.2.20 src-address-list=LocalNet dst-address-list=!ProxyNet dst-port=80,8080,3128
connection-mark=http-conn

;;; Added by webbox
/ip firewall add chain=srcnat action=masquerade out-interface=ether1-gateway

;;; Proxy Out
/ip firewall add chain=srcnat action=src-nat to-addresses=IP INTERNET ANDA/IP PUBLIC misalnya 192.168.1.2 src-address=IP LOKAL ANDA misalnya 192.168.2.1
/ip firewall add chain=dstnat action=dst-nat to-ports=53 protocol=udp dst-port=53

;;; SSH
/ip firewall add chain=dstnat action=dst-nat to-addresses=192.168.1.2 to-ports=22 protocol=tcp dst-address=IP INTERNET ANDA/IP PUBLIC dst-port=22,10000

;;; queue tree

/queue tree add name="A_HIT-Proxy" parent=lan packet-mark=proxy-hit limit-at=0 queue=default priority=8 max-limit=0 burst-limit=0 \
burst-threshold=0 burst-time=0s 


DNS: 208.67.222.222


Semoga Bermanfaat....
----------->><<---------

Sumber : http://lahuddu.blogspot.com
  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • Twitter
  • rss
Read Comments

0 komentar:

Posting Komentar

Squid Tuning Off By Lahuddu

Langganan: Postingan (Atom)
Copyright 2009 (( Mr. Wirlan & Lahuddu )). All rights reserved.
Kunjungi Mesin Digital Print Dll.. | visid index ivanez by Lahuddu Templates