add chain=srcnat action=masquerade out-interface=Speedy comment="Masquerade"
add chain=srcnat action=masquerade out-interface=Speedy
add chain=dstnat action=redirect to-ports=53 protocol=tcp in-interface=Local dst-port=53 \
comment="Transparent DNS"
add chain=dstnat action=redirect to-ports=53 protocol=udp in-interface=Local dst-port=53
add chain=dstnat action=redirect to-ports=53 protocol=tcp in-interface=Proxy dst-port=53
add chain=dstnat action=redirect to-ports=53 protocol=udp in-interface=Proxy dst-port=53
add chain=dstnat action=dst-nat to-addresses=192.168.35.2 to-ports=3128 protocol=tcp src-address-list="ProxyNet" dst-address-list=!ProxyBypass in-interface=Local dst-port=80 comment="Transparent Proxy"
IP Address List
Squid Allowed = 192.168.100.0/24
ProxyBypass = 202.93.17.0/24 >> Ninjakita
Layer 7
untuk CAche Hit nya ... silahkan sesuaikan...dengan Topologi masing"
# NAME REGEXP
Video http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(content-type: video)
Cache HIT http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(x-cache: hit)
MANGLE
add chain=postrouting action=mark-connection new-connection-mark=con-HIT passthrough=yes \
protocol=tcp out-interface=Local src-port=3128 dscp=12 comment="Proxy Loss"
add chain=postrouting action=mark-connection new-connection-mark=con-HIT passthrough=yes \
protocol=tcp layer7-protocol=CACHE-HIT out-interface=Hotspot src-port=3128
add chain=prerouting action=mark-packet new-packet-mark=HIT passthrough=no connection-mark=con-HIT
add chain=prerouting action=mark-connection new-connection-mark=con-bypass passthrough=yes \
protocol=tcp dst-port=445,22,139,4899,554,8291 comment="Bypass"
add chain=prerouting action=mark-connection new-connection-mark=con-bypass passthrough=yes \
protocol=udp dst-port=53,123
add chain=prerouting action=mark-packet new-packet-mark=bypass passthrough=no connection-mark=con-bypass
add chain=prerouting action=jump jump-target=Warnet in-interface=Local \
connection-mark=!con-facebook comment="Warnet"
add chain=Warnet action=mark-connection new-connection-mark=con-user passthrough=yes \
protocol=!icmp in-interface=Local connection-mark=!con-streaming
add chain=postrouting action=mark-connection new-connection-mark=con-streaming passthrough=yes \
layer7-protocol=http-video out-interface=Local comment="Streaming"
add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
protocol=tcp in-interface=Local dst-port=5340-5352,6000-6152,10001-10011,14009-14030,18901-18909 comment="Game"
add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
protocol=tcp in-interface=Hotspot dst-port=39190,27780,29000,22100,10009,4300,15001,1500 2,7341,7451
add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
protocol=tcp in-interface=Hotspot dst-port=40000,9300,9400,9700,7342,8005-8010,37466,36567,8822
add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
protocol=tcp in-interface=Hotspot dst-port=47611,16666,20000,5105,29000,18901-18909,9015
add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
protocol=udp in-interface=Hotspot src-port=27005,27015
add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
protocol=udp in-interface=Hotspot dst-port=27005-27020,13055,7800-7900,12060-12070
add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
protocol=udp in-interface=Hotspot dst-port=8005-8010,9068,1293,1479,9401,9600,30000
add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
protocol=udp in-interface=Hotspot dst-port=14009-14030,42051-42052,40000-40050,13000-13080
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp in-interface=Local connection-mark=!con-fb.game content=static.ak.connect.facebook.com comment="Facebook"
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp in-interface=Local dst-port=80,443 connection-mark=!con-fb.game content=.twitter.com
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp dst-address-list=bypass in-interface=Hotspot dst-port=80,443 connection-mark=!con-fb.game content=.facebook.com
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp in-interface=Local connection-mark=!con-fb.game content=pixel.facebook.com
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp in-interface=Local connection-mark=!con-fb.game content=static.ak.facebook.com
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp in-interface=Local connection-mark=!con-fb.game content=.static.ak.fbcdn.net
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp in-interface=Local connection-mark=!con-fb.game content=creative.ak.fbcdn.net
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp in-interface=Local connection-mark=!con-fb.game content=connect.facebook.net
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp in-interface=Local connection-mark=!con-fb.game content=.channel.facebook.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local dst-port=9339,843,8890,4000,5050,7020-7030 comment="FacebookGames"
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=apps.facebook.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.ninjasaga.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.castle.zgncdn.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.static.zynga.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.static.zgncdn.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.empire.zynga.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.poker.zynga.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.castle.zynga.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.farmville.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.farmville.zgncdn.com
add chain=prerouting action=mark-packet new-packet-mark=user passthrough=no packet-mark=!HIT \
connection-mark=con-user comment="Mark Packet"
add chain=prerouting action=mark-packet new-packet-mark=streaming passthrough=no packet-mark=!HIT \
connection-mark=con-streaming
add chain=prerouting action=mark-packet new-packet-mark=game passthrough=no packet-mark=!HIT \
connection-mark=con-game
add chain=prerouting action=mark-packet new-packet-mark=facebook passthrough=no packet-mark=!HIT \
connection-mark=con-facebook
add chain=prerouting action=mark-packet new-packet-mark=fb-game passthrough=no packet-mark=!HIT \
connection-mark=con-fb.game
add chain=forward action=mark-connection new-connection-mark=con-proxy passthrough=yes \
in-interface=Proxy out-interface=Speedy comment="Proxy Inet Connection"
add chain=prerouting action=mark-packet new-packet-mark=proxy passthrough=no connection-mark=con-proxy
Queue
- Queue Type
add name="up-htb" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000
add name="down-htb" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
add name="up-64k" kind=pcq pcq-rate=64k pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000
add name="down-300k" kind=pcq pcq-rate=300k pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
- Queue Tree
add name="Download" parent=global-out limit-at=0 priority=8 max-limit=2048000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="DownUser" parent=Download limit-at=750000 priority=2 max-limit=1500000 burst-limit=0 burst-threshold=0 burst-time=0
add name="Facebook" parent=DownUser packet-mark=facebook limit-at=250000 queue=down-htb priority=3 max-limit=512000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="FacebookGames" parent=DownUser packet-mark=fb-game limit-at=250000 queue=down-htb priority=4 max-limit=512000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="User" parent=DownUser packet-mark=user limit-at=750000 queue=down-300k priority=5 max-limit=1200000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="Streaming" parent=DownUser packet-mark=streaming limit-at=250000 queue=down-htb priority=8 max-limit=512000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="DownGames" parent=Download packet-mark=game limit-at=512000 queue=down-htb priority=1 max-limit=1000000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="Upload" parent=Speedy limit-at=0 priority=8 max-limit=512000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="UpUser" parent=Upload limit-at=150000 priority=2 max-limit=350000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="UpFacebook" parent=UpUser packet-mark=facebook limit-at=75000 queue=up-htb priority=3 max-limit=100000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="UpFacebookGames" parent=UpUser packet-mark=fb-game limit-at=75000 queue=up-htb priority=4 max-limit=126000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="UserUp" parent=UpUser packet-mark=user limit-at=150000 queue=up-64k priority=5 max-limit=200000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="UpGames" parent=Upload packet-mark=game limit-at=150000 queue=up-htb priority=1 max-limit=350000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="ProxyHit" parent=global-out packet-mark=HIT limit-at=100000000 queue=default priority=8 max-limit=100000000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="ProxyDown" parent=Proxy packet-mark=proxy limit-at=750000 queue=default priority=8 max-limit=1500000 burst-limit=0 burst-threshold=0 burst-time=0
add name="ProxyUp" parent=Upload packet-mark=proxy limit-at=150000 queue=up-htb priority=1 max-limit=250000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="Bypass" parent=global-out packet-mark=bypass limit-at=100000000 queue=default priority=8 max-limit=100000000 burst-limit=0 burst-threshold=0 burst-time=0s
Untuk cek status squid proxy kita.. Jika Down maka akan di disable secara otomatis.. dan sebaliknya
/tool netwatch add host=192.168.35.2 interval=10s timeout=25s\
down-script="/ip firewall nat disable [find comment=Transparent Proxy]"\
up-script="/ip firewall nat enable [find comment=Transparent Proxy]"\
disabled=no
NB:
Prioritas Utama untuk Game , browsign, Download, streaming.. lumayan...lah
Silahkan Sesuaikan Dengan Topologi Masing Masing...
Dikutip Dari FMI..
add chain=srcnat action=masquerade out-interface=Speedy
add chain=dstnat action=redirect to-ports=53 protocol=tcp in-interface=Local dst-port=53 \
comment="Transparent DNS"
add chain=dstnat action=redirect to-ports=53 protocol=udp in-interface=Local dst-port=53
add chain=dstnat action=redirect to-ports=53 protocol=tcp in-interface=Proxy dst-port=53
add chain=dstnat action=redirect to-ports=53 protocol=udp in-interface=Proxy dst-port=53
add chain=dstnat action=dst-nat to-addresses=192.168.35.2 to-ports=3128 protocol=tcp src-address-list="ProxyNet" dst-address-list=!ProxyBypass in-interface=Local dst-port=80 comment="Transparent Proxy"
IP Address List
Squid Allowed = 192.168.100.0/24
ProxyBypass = 202.93.17.0/24 >> Ninjakita
Layer 7
untuk CAche Hit nya ... silahkan sesuaikan...dengan Topologi masing"
# NAME REGEXP
Video http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(content-type: video)
Cache HIT http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(x-cache: hit)
MANGLE
add chain=postrouting action=mark-connection new-connection-mark=con-HIT passthrough=yes \
protocol=tcp out-interface=Local src-port=3128 dscp=12 comment="Proxy Loss"
add chain=postrouting action=mark-connection new-connection-mark=con-HIT passthrough=yes \
protocol=tcp layer7-protocol=CACHE-HIT out-interface=Hotspot src-port=3128
add chain=prerouting action=mark-packet new-packet-mark=HIT passthrough=no connection-mark=con-HIT
add chain=prerouting action=mark-connection new-connection-mark=con-bypass passthrough=yes \
protocol=tcp dst-port=445,22,139,4899,554,8291 comment="Bypass"
add chain=prerouting action=mark-connection new-connection-mark=con-bypass passthrough=yes \
protocol=udp dst-port=53,123
add chain=prerouting action=mark-packet new-packet-mark=bypass passthrough=no connection-mark=con-bypass
add chain=prerouting action=jump jump-target=Warnet in-interface=Local \
connection-mark=!con-facebook comment="Warnet"
add chain=Warnet action=mark-connection new-connection-mark=con-user passthrough=yes \
protocol=!icmp in-interface=Local connection-mark=!con-streaming
add chain=postrouting action=mark-connection new-connection-mark=con-streaming passthrough=yes \
layer7-protocol=http-video out-interface=Local comment="Streaming"
add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
protocol=tcp in-interface=Local dst-port=5340-5352,6000-6152,10001-10011,14009-14030,18901-18909 comment="Game"
add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
protocol=tcp in-interface=Hotspot dst-port=39190,27780,29000,22100,10009,4300,15001,1500 2,7341,7451
add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
protocol=tcp in-interface=Hotspot dst-port=40000,9300,9400,9700,7342,8005-8010,37466,36567,8822
add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
protocol=tcp in-interface=Hotspot dst-port=47611,16666,20000,5105,29000,18901-18909,9015
add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
protocol=udp in-interface=Hotspot src-port=27005,27015
add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
protocol=udp in-interface=Hotspot dst-port=27005-27020,13055,7800-7900,12060-12070
add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
protocol=udp in-interface=Hotspot dst-port=8005-8010,9068,1293,1479,9401,9600,30000
add chain=prerouting action=mark-connection new-connection-mark=con-game passthrough=yes \
protocol=udp in-interface=Hotspot dst-port=14009-14030,42051-42052,40000-40050,13000-13080
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp in-interface=Local connection-mark=!con-fb.game content=static.ak.connect.facebook.com comment="Facebook"
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp in-interface=Local dst-port=80,443 connection-mark=!con-fb.game content=.twitter.com
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp dst-address-list=bypass in-interface=Hotspot dst-port=80,443 connection-mark=!con-fb.game content=.facebook.com
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp in-interface=Local connection-mark=!con-fb.game content=pixel.facebook.com
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp in-interface=Local connection-mark=!con-fb.game content=static.ak.facebook.com
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp in-interface=Local connection-mark=!con-fb.game content=.static.ak.fbcdn.net
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp in-interface=Local connection-mark=!con-fb.game content=creative.ak.fbcdn.net
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp in-interface=Local connection-mark=!con-fb.game content=connect.facebook.net
add chain=prerouting action=mark-connection new-connection-mark=con-facebook passthrough=yes \
protocol=tcp in-interface=Local connection-mark=!con-fb.game content=.channel.facebook.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local dst-port=9339,843,8890,4000,5050,7020-7030 comment="FacebookGames"
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=apps.facebook.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.ninjasaga.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.castle.zgncdn.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.static.zynga.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.static.zgncdn.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.empire.zynga.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.poker.zynga.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.castle.zynga.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.farmville.com
add chain=prerouting action=mark-connection new-connection-mark=con-fb.game passthrough=yes \
protocol=tcp in-interface=Local content=.farmville.zgncdn.com
add chain=prerouting action=mark-packet new-packet-mark=user passthrough=no packet-mark=!HIT \
connection-mark=con-user comment="Mark Packet"
add chain=prerouting action=mark-packet new-packet-mark=streaming passthrough=no packet-mark=!HIT \
connection-mark=con-streaming
add chain=prerouting action=mark-packet new-packet-mark=game passthrough=no packet-mark=!HIT \
connection-mark=con-game
add chain=prerouting action=mark-packet new-packet-mark=facebook passthrough=no packet-mark=!HIT \
connection-mark=con-facebook
add chain=prerouting action=mark-packet new-packet-mark=fb-game passthrough=no packet-mark=!HIT \
connection-mark=con-fb.game
add chain=forward action=mark-connection new-connection-mark=con-proxy passthrough=yes \
in-interface=Proxy out-interface=Speedy comment="Proxy Inet Connection"
add chain=prerouting action=mark-packet new-packet-mark=proxy passthrough=no connection-mark=con-proxy
Queue
- Queue Type
add name="up-htb" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000
add name="down-htb" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
add name="up-64k" kind=pcq pcq-rate=64k pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000
add name="down-300k" kind=pcq pcq-rate=300k pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
- Queue Tree
add name="Download" parent=global-out limit-at=0 priority=8 max-limit=2048000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="DownUser" parent=Download limit-at=750000 priority=2 max-limit=1500000 burst-limit=0 burst-threshold=0 burst-time=0
add name="Facebook" parent=DownUser packet-mark=facebook limit-at=250000 queue=down-htb priority=3 max-limit=512000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="FacebookGames" parent=DownUser packet-mark=fb-game limit-at=250000 queue=down-htb priority=4 max-limit=512000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="User" parent=DownUser packet-mark=user limit-at=750000 queue=down-300k priority=5 max-limit=1200000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="Streaming" parent=DownUser packet-mark=streaming limit-at=250000 queue=down-htb priority=8 max-limit=512000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="DownGames" parent=Download packet-mark=game limit-at=512000 queue=down-htb priority=1 max-limit=1000000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="Upload" parent=Speedy limit-at=0 priority=8 max-limit=512000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="UpUser" parent=Upload limit-at=150000 priority=2 max-limit=350000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="UpFacebook" parent=UpUser packet-mark=facebook limit-at=75000 queue=up-htb priority=3 max-limit=100000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="UpFacebookGames" parent=UpUser packet-mark=fb-game limit-at=75000 queue=up-htb priority=4 max-limit=126000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="UserUp" parent=UpUser packet-mark=user limit-at=150000 queue=up-64k priority=5 max-limit=200000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="UpGames" parent=Upload packet-mark=game limit-at=150000 queue=up-htb priority=1 max-limit=350000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="ProxyHit" parent=global-out packet-mark=HIT limit-at=100000000 queue=default priority=8 max-limit=100000000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="ProxyDown" parent=Proxy packet-mark=proxy limit-at=750000 queue=default priority=8 max-limit=1500000 burst-limit=0 burst-threshold=0 burst-time=0
add name="ProxyUp" parent=Upload packet-mark=proxy limit-at=150000 queue=up-htb priority=1 max-limit=250000 burst-limit=0 burst-threshold=0 burst-time=0s
add name="Bypass" parent=global-out packet-mark=bypass limit-at=100000000 queue=default priority=8 max-limit=100000000 burst-limit=0 burst-threshold=0 burst-time=0s
Untuk cek status squid proxy kita.. Jika Down maka akan di disable secara otomatis.. dan sebaliknya
/tool netwatch add host=192.168.35.2 interval=10s timeout=25s\
down-script="/ip firewall nat disable [find comment=Transparent Proxy]"\
up-script="/ip firewall nat enable [find comment=Transparent Proxy]"\
disabled=no
NB:
Prioritas Utama untuk Game , browsign, Download, streaming.. lumayan...lah
Silahkan Sesuaikan Dengan Topologi Masing Masing...
Dikutip Dari FMI..