Sabtu, 07 Juli 2012

Mikrotik + ClearOS

Ijin Sharing, setting mikrotik + clear os, udah include connection byte + layer7..
terserah, mau mode zph, qos flow, tinggal di ganti di bagian dscp toss mikrotik nya.
nice rule, sudah teruji di beberapa warnet di banjarmasin,

credit : oboy telkom banjarmasin

MODE PPOE CLIENT (MIKROTIK)

IP ADDRESS :: 192.168.1.1/24 (LAN)

IP ADDRESS :: 192.168.2.2/24 (MODEM)

IP ADDRESS :: 192.168.90.1/24 (SQUID)


MODEM MODE BRIDGE

IP ADDRESS :: 192.168.2.1 ( IP MODEM ADSL ENTE, HEHE)


NAT MIKROTIK


chain=srcnat action=masquerade

out-interface=speedy1


REDIRECT CLIENT TO PROXY

chain=dstnat action=dst-nat

to-addresses=192.168.90.2 to-ports=3128

protocol=tcp src-address=192.168.1.0/24

dst-port=80,8080


MASQUERADE PROXY (TAMBAHAN, BIASANYA KALO PKE CLEAR OS, CLIENT GK BISA BROWSING, COBA TAMBAHIN RULE ITU, SAYA KEMARIN SUKSES, HEHE)
chain=srcnat action=masquerade

out-interface=squid


DNS RESOLVER

chain=dstnat action=dst-nat

to-addresses=192.168.90.2 to-ports=3128

protocol=tcp src-address=192.168.1.0/24

dst-port=80,8080


chain=dstnat action=redirect to-ports=53

protocol=tcp dst-port=53


LAYER7

Name : Konten

^.*get.+\.(exe|rar|zip|7z|cab|asf|mov|wmv|mpg|mpeg|mkv|avi|flv|pdf|wav|rm|mp3|mp4|ram|rmvb|dat|daa|iso|nrg|bin|vcd|mp2|3gp|mpe|qt|raw|wma|ogg|doc|deb|tar|bzip|gzip|gzip2|0[0-9][0-9]).*$


Name : Youtube

^.*get.+.c.youtube.com.*$



DSCP TOSS PRIORITAS ZPH HIT, HARUS PALING ATAS, HAHAHAHAHA
chain=prerouting action=mark-packet new-packet-mark=paket-HIT

passthrough=no in-interface=Squid dscp=12


chain=forward action=mark-packet new-packet-mark=paket-HIT passthrough=no

in-interface=Squid dscp=12


Point Blank

chain=game action=mark-connection new-connection-mark=Game

passthrough=yes protocol=tcp dst-address=203.89.146.0/23 dst-port=39190


chain=game action=mark-connection new-connection-mark=Game passthrough=ye>

protocol=tcp dst-address=203.89.146.0/23 dst-port=39100


chain=game action=mark-connection new-connection-mark=Game passthrough=ye>

protocol=tcp dst-address=203.89.146.0/23 dst-port=39110


chain=game action=mark-connection new-connection-mark=Game passthrough=ye>

protocol=tcp dst-address=203.89.146.0/23 dst-port=39220


chain=game action=mark-connection new-connection-mark=Game passthrough=ye>

protocol=tcp dst-address=203.89.146.0/23 dst-port=39190


chain=game action=mark-connection new-connection-mark=Game passthrough=ye>

protocol=tcp dst-address=203.89.146.0/23 dst-port=49100


chain=game action=mark-connection new-connection-mark=Game passthrough=ye>

protocol=udp dst-address=203.89.146.0/23 dst-port=40000-40010


Ayodance

chain=game action=mark-connection new-connection-mark=Game

passthrough=yes protocol=tcp dst-port=18901-18909


Atlantica

chain=game action=mark-connection new-connection-mark=Game

passthrough=yes protocol=tcp dst-address=203.89.147.0/24 dst-port=4300


LOSS SAGA

chain=game action=mark-connection new-connection-mark=Game

passthrough=yes protocol=udp dst-port=14000-14132


Packet Game Online

chain=game action=mark-packet new-packet-mark=Game_pkt passthrough=no

connection-mark=Game


Poker
chain=forward action=mark-connection new-connection-mark=Poker_con

passthrough=yes protocol=tcp content=statics.poker.static.zynga.com


chain=forward action=mark-connection new-connection-mark=Poker_con

passthrough=yes protocol=tcp dst-port=9339


chain=forward action=mark-connection new-connection-mark=Poker_con

passthrough=yes protocol=tcp dst-port=843


chain=forward action=mark-packet new-packet-mark=Poker passthrough=no

connection-mark=Poker_con

UPLOAD

chain=prerouting action=mark-packet new-packet-mark=Upload

passthrough=no protocol=tcp src-address=192.168.1.0/24 in-interface=Lan


Youtube

chain=forward action=mark-connection new-connection-mark=youtube

passthrough=yes protocol=tcp layer7-protocol=youtube in-interface=Squid

out-interface=speedy1


chain=forward action=mark-packet new-packet-mark=linit-youtube

passthrough=no connection-mark=youtube


LIMIT DOWNLOAD Proxy

chain=forward action=mark-connection new-connection-mark=Download_pr

passthrough=yes layer7-protocol=kontens in-interface=Squid

out-interface=speedy1


chain=forward action=mark-packet new-packet-mark=Download_prx

passthrough=no connection-mark=Download_pr



Browse

chain=forward action=mark-connection new-connection-mark=Browse-Proxy

passthrough=yes protocol=tcp in-interface=Squid out-interface=speedy1

packet-mark=!linit-youtube connection-mark=!Download_pr

chain=forward action=mark-packet new-packet-mark=Browse_prx passthrough=n>

connection-mark=Browse-Proxy

LIMIT DOWNLOAD

chain=forward action=mark-connection new-connection-mark=Download

passthrough=yes protocol=tcp in-interface=speedy1 out-interface=Lan

packet-mark=!Game_pkt connection-mark=!Poker_con

connection-bytes=155000-4294967295



chain=forward action=mark-packet new-packet-mark=Download_pkt

passthrough=no packet-mark=!Game_pk connection-mark=Download


QUEUE TYPE

name="Download" kind=pcq pcq-rate=512000 pcq-limit=50 pcq-classifier=dst-address

pcq-total-limit=2000


name="Game" kind=pcq pcq-rate=0 pcq-limit=50

pcq-classifier=src-address,dst-address,src-port,dst-port pcq-total-limit=2000


name="Upload" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address

pcq-total-limit=2000



name="Proxy" kind=pcq pcq-rate=1000000 pcq-limit=50 pcq-classifier=dst-address

pcq-total-limit=2000



name="Lan" kind=pcq pcq-rate=1024000 pcq-limit=50 pcq-classifier=dst-address

pcq-total-limit=2000


QUEUE TREE

name="Main_Browse" parent=global-out limit-at=0 priority=8 max-limit=1M burst-limit=>

burst-threshold=0 burst-time=0s


name="Youtube" parent=Main_Browse packet-mark=linit-youtube limit-at=0 queue=default

priority=8 max-limit=5k burst-limit=0 burst-threshold=0 burst-time=0s


name="Download_Proxy" parent=Main_Browse packet-mark=Download_prx limit-at=0

queue=Proxy priority=5 max-limit=256k burst-limit=0 burst-threshold=0 burst-time=0s



name="Limit_Browsing" parent=Main_Browse packet-mark=Browse_prx limit-at=0

queue=default priority=3 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s


====MAIN BROWSE 1 PARENT, ANAK NYA YOUTUBE, DOWNLOAD PROXY, LIMIT BROWSING====


(GAME)

name="Game" parent=global-total packet-mark=Game_pkt limit-at=0 queue=Game priority=>

max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s


(POKER)

name="Poker" parent=global-out packet-mark=Poker limit-at=0 queue=Game priority=3

max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s


(UPLOAD)

name="Main-Upload" parent=global-in limit-at=0 priority=8 max-limit=256k

burst-limit=0 burst-threshold=0 burst-time=0s


name="Upload" parent=Main-Upload packet-mark=Upload limit-at=0 queue=Upload

priority=8 max-limit=256k burst-limit=0 burst-threshold=0 burst-time=0s


====MAIN UPLOAD 1 PARENT, ANAK NYA UPLOAD====


(DOWNLOAD-LAN)

name="Download-Lan" parent=global-out packet-mark=Download_pkt limit-at=0

queue=Download priority=8 max-limit=256k burst-limit=0 burst-threshold=0

burst-time=0s

sumber  : http://forum.clearos-indonesia.com/index.php?topic=1811.0
Diposting oleh di
Label:

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)