Tuesday 28 May 2013

Para pelanggan pada ngeluh "lag..lag..dan leg" kata-kata itu yang selalu terdengar di teliangaku setiap saya datang ke warnetku,kebetulan saya membual usaha warnet kecil-kecilan dan kebetulan saya memakai mikrotik 750 klo ada salah satu dari user yang nge-youtube ato nge-download..dan yang lainnya hmmm..

Yang ada di pikiran ku hanya termenung dan terdiam karna aku ga ngerti alias kaga bisa masalah urusan seting mikrotik,aku coba mengadu ke mbah google, dan  akhirnya semua yg aku dapat di mbah google
misalkan jaringan
 Ip modem :192.168.1.1
Ip Server : 192.168.1.2

trus hubungkan Ethernet 2 ke Pc server..
masukkan ip address yang di pc server :
contoh aku :
ip address : 192.168.1.2 *
netmask : 255.255.255.0 *
DNS server : 192.168.1.1 *
Def Gateway : 192.168.1.1 *

* = Sesuaikan dengan network kamu

abis itu setting mikrotik pake winbox. bisa downlod
 Selesai  anda download tinggal buka aja winbox nya seperti gambar di bawah ini

 
Terus klik mac adress nya terus connect.. passwordnya g usah d isi..
masuk di New Terminal
 
 
 
terus ketik dulu "system reset" trus "Y"
itu biar konfigurasi lama terhapus dan kita bisa setting sesuai address dan kebutuhan kita.

abis itu kita connect lagi.. nnti muncul "Router OS Default Confguration" itu klik "Remove Configuration"
pilih  "Bridge" trus klik "+" dan OK
 
 
 trus klik bagian sebelahnya "Port" dan "+" di bagian interface pilih "ether1" trus bridge nya pilih "bridge1" trus OK
 
 
 Abis itu klik "+" lagi sama kek di atas tapi "ether1" di ganti jadi "ether2" dan OK

aktifkan IP firewall dgn cara klik Brigde td, pilih "Setting" dan centang Ip Firewall trus OK


Hufft Langkah selanjutnya :

Sambungkan kabel LAN..
~Kabel Lan Modem ke ethernet1
~Kabel Lan Hub ke ethernet2
~Kabel Lan server ke Hub

Abis itu coba test ping ke 192.168.1.1 (ke modem maksudnya) connect g ? coba test browsing..

klo berhasil brarti sukses routernya jd Bridge.. asik ga
jangan senang dulu ini blom beres 100%
nah selanjutnya
buat firewall ama net cutnya... pilih "New Terminal"

copas yang di bawah ini :
 
 
/ip firewall filter
add action=accept chain=input disabled=no dst-port=8291 protocol=tcp
add action=drop chain=forward connection-state=invalid disabled=no
add action=drop chain=virus disabled=no dst-port=135-139 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1433-1434 protocol=tcp
add action=drop chain=virus disabled=no dst-port=445 protocol=tcp
add action=drop chain=virus disabled=no dst-port=445 protocol=udp
add action=drop chain=virus disabled=no dst-port=593 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1024-1030 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1080 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1214 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1363 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1364 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1368 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1373 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1377 protocol=tcp
add action=drop chain=virus disabled=no dst-port=2745 protocol=tcp
add action=drop chain=virus disabled=no dst-port=2283 protocol=tcp
add action=drop chain=virus disabled=no dst-port=2535 protocol=tcp
add action=drop chain=virus disabled=no dst-port=2745 protocol=tcp
add action=drop chain=virus disabled=no dst-port=3127 protocol=tcp
add action=drop chain=virus disabled=no dst-port=3410 protocol=tcp
add action=drop chain=virus disabled=no dst-port=4444 protocol=tcp
add action=drop chain=virus disabled=no dst-port=4444 protocol=udp
add action=drop chain=virus disabled=no dst-port=5554 protocol=tcp
add action=drop chain=virus disabled=no dst-port=8866 protocol=tcp
add action=drop chain=virus disabled=no dst-port=9898 protocol=tcp
add action=drop chain=virus disabled=no dst-port=10080 protocol=tcp
add action=drop chain=virus disabled=no dst-port=12345 protocol=tcp
add action=drop chain=virus disabled=no dst-port=17300 protocol=tcp
add action=drop chain=virus disabled=no dst-port=27374 protocol=tcp
add action=drop chain=virus disabled=no dst-port=65506 protocol=tcp
add action=jump chain=forward disabled=no jump-target=virus
add action=drop chain=input connection-state=invalid disabled=no
add action=accept chain=input disabled=no protocol=udp
add action=accept chain=input disabled=no limit=50/5s,2 protocol=icmp
add action=drop chain=input disabled=no protocol=icmp
add action=accept chain=input disabled=no dst-port=21 protocol=tcp
add action=accept chain=input disabled=no dst-port=22 protocol=tcp
add action=accept chain=input disabled=no dst-port=23 protocol=tcp
add action=accept chain=input disabled=no dst-port=80 protocol=tcp
add action=accept chain=input disabled=no dst-port=8291 protocol=tcp
add action=accept chain=input disabled=no dst-port=1723 protocol=tcp
add action=accept chain=input disabled=no dst-port=23 protocol=tcp
add action=accept chain=input disabled=no dst-port=80 protocol=tcp
add action=accept chain=input disabled=no dst-port=1723 protocol=tcp
add action=add-src-to-address-list address-list=DDOS address-list-timeout=15s \
    chain=input disabled=no dst-port=1337 protocol=tcp
add action=add-src-to-address-list address-list=DDOS address-list-timeout=15m \
    chain=input disabled=no dst-port=7331 protocol=tcp src-address-list=knock
add action=add-src-to-address-list address-list="port scanners" \
    address-list-timeout=2w chain=input comment="Port scanners to list " \
    disabled=no protocol=tcp psd=21,3s,3,1
add action=add-src-to-address-list address-list="port scanners" \
    address-list-timeout=2w chain=input comment="SYN/FIN scan" disabled=no \
    protocol=tcp tcp-flags=fin,syn
add action=add-src-to-address-list address-list="port scanners" \
    address-list-timeout=2w chain=input comment="SYN/RST scan" disabled=no \
    protocol=tcp tcp-flags=syn,rst
add action=add-src-to-address-list address-list="port scanners" \
    address-list-timeout=2w chain=input comment="FIN/PSH/URG scan" disabled=\
    no protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
add action=add-src-to-address-list address-list="port scanners" \
    address-list-timeout=2w chain=input comment="ALL/ALL scan" disabled=no \
    protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg
add action=add-src-to-address-list address-list="port scanners" \
    address-list-timeout=2w chain=input comment="NMAP NULL scan" disabled=no \
    protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=\
    0-65535 protocol=tcp src-address=61.213.183.1-61.213.183.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=\
    0-65535 protocol=tcp src-address=67.195.134.1-67.195.134.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=\
    0-65535 protocol=tcp src-address=68.142.233.1-68.142.233.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=\
    0-65535 protocol=tcp src-address=68.180.217.1-68.180.217.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=\
    0-65535 protocol=tcp src-address=203.84.204.1-203.84.204.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=\
    0-65535 protocol=tcp src-address=69.63.176.1-69.63.176.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=\
    0-65535 protocol=tcp src-address=69.63.181.1-69.63.181.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=\
    0-65535 protocol=tcp src-address=63.245.209.1-63.245.209.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=\
    0-65535 protocol=tcp src-address=63.245.213.1-63.245.213.254

abis itu masuk ke "Queues" pilih "+" trus ganti nama "queue1" jadi Client 1 trus target addressnya sesuai ama ip client 1.. max limit jg bisa d ganti brp batas client boleh make bandwith..kek gini 
 
 
 
 hasil akhirnya nya kira-kira kek ginii.
 
 
 
 
klo dah jalan kek gini coba tes aja  nge youtube d client sambil maen game online.. klo ping di game turun berarti pembatasan client SUKSES ..
yesss... yesss.. berhasil
Mudah-mudah bermanfaat bagi pengunjung blog newby ini..

0 comments:

amung

Unordered List

Sample Text

Statistik

Label 4

Video Category

Social Icons

Teman

PROFIL

bandung, jawa barat, Indonesia
ok banget
!

Label 1

Label 3

Label 2

Label 5

Ordered List

Pages

Powered by Blogger.

Pencarian

Popular Posts

Recent Posts

Ceebydith HLR Lookup Ceebydith HLR Lookup

Plag Counter

Backlink
free counters

Text Widget