Ada kemauan ada jalan.: Maret 2013

##### PFSENSE 2.0.2 MIKROTIK ####

##### PFSENSE 2.0.2 MIKROTIK ####
ROUTER DI MAKAN ROUTER
MONGGO TINGGAL NYRUPUT KAYAK DEWET GULO KELOPO

SETING HIT LOS DI /queue tree>

NANDAI PAKET PINK

add name="1-PINK=PKT" parent=global-out packet-mark=PINK-PKT limit-at=0 queue=default priority=1 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s

MENANDAI HIT LOS DI QUEUE TREE

add name="PC-1" parent=global-out packet-mark=PC-2 limit-at=0 queue=default priority=1 max-limit=20M burst-limit=0 burst-threshold=0 burst-time=0s
addname="PC-2" parent=global-out packet-mark=PC-2 limit-at=0 queue=default priority=1 max-limit=20M burst-limit=0 burst-threshold=0 burst-time=0s
add name="PC-3" parent=global-out packet-mark=PC-3 limit-at=0 queue=default priority=1 max-limit=20M burst-limit=0 burst-threshold=0 burst-time=0s

MENANDAI GAME PKT DI QUEUE TREE

add name="gamepkt" parent=global-out packet-mark="" limit-at=512k priority=1 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s
add name="game-online" parent=gamepkt packet-mark=game-pkt limit-at=521k queue=default priority=1 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s
add name="game-online-2" parent=gamepkt packet-mark=GAME-FB limit-at=512k queue=default priority=2 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s

SETING LIMIT /queue simple>

LIMIT PAKAI SAMPLE AE MAS BRO PENAK HASILE MAK NYOS=======

add name="BILING" target-addresses=192.168.5.2/32 interface=3-WARNET parent=WANET=Q packet-marks="" direction=both priority=8 queue=default-small/default-small limit-at=34k/128k max-limit=150k/256k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
add name="PC-1" target-addresses=192.168.5.3/32 interface=3-WARNET parent=WANET=Q packet-marks="" direction=both priority=8 queue=default-small/default-small limit-at=34k/100k max-limit=150k/300k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
add name="PC-2" target-addresses=192.168.5.4/32 interface=3-WARNET parent=WANET=Q packet-marks="" direction=both priority=8 queue=default-small/default-small limit-at=34k/100k max-limit=150k/300k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small

SETING MANGLE /ip firewall mangle>

PINK====

add name="chain=prerouting action=mark-connection new-connection-mark=CON-PNK passthrough=yes protocol=icmp
add name="chain=prerouting action=mark-packet new-packet-mark=PINK-PKT passthrough=no connection-mark=CON-PNK

GAME DI CARUK WAE======

add name="chain=prerouting action=mark-connection new-connection-mark=game-con passthrough=yes protocol=tcp dst-port=39190,1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6152,7777
add name="chain=prerouting action=mark-connection new-connection-mark=game-con passthrough=yes protocol=tcp dst-port=8085,9600,9601-9602,9300,9400,9700,9376-9377,10001-10011,40000,7341-7350
add name="chain=prerouting action=mark-connection new-connection-mark=game-con passthrough=yes protocol=tcp dst-port=16666,28012,11011-11041,10402,11031,12011,12110,13413,15000-15002,15001,3014,3025
add name="chain=prerouting action=mark-connection new-connection-mark=game-con passthrough=yes protocol=udp dst-port=1293,1479,6152,7777-7977,9401,9600-9602,12020-12080,30000,40000-40010,48734
add name="chain=prerouting action=mark-connection new-connection-mark=game-con passthrough=yes protocol=udp dst-port=42051-42052,11100-11125,11440-11460,14009-14010
add name="chain=prerouting action=mark-connection new-connection-mark=GAME FACEBOOK passthrough=yes protocol=tcp dst-port=843,9339
add name="chain=prerouting action=mark-packet new-packet-mark=GAME-FB passthrough=no connection-mark=GAME FACEBOO>
add name="chain=forward action=mark-packet new-packet-mark=game-pkt passthrough=no connection-mark=game-con
add name="chain=forward action=add-dst-to-address-list protocol=tcp address-list=pb address-list-timeout=10s dst-port=39120,39100,39110,39220,49100,39190
add name="chain=forward action=add-dst-to-address-list protocol=udp address-list=pb address-list-timeout=10s dst-port=40000-40010

DNS RA PAHAM MAKSUTE===

add name="chain=prerouting action=mark-connection new-connection-mark=DNS passthrough=yes protocol=udp dst-port=53
add name="chain=prerouting action=mark-packet new-packet-mark=DNS=PKT passthrough=no connection-mark=DNS

HIT DI ATUR PER IP MAS BRO====

add name="chain=postrouting action=mark-packet new-packet-mark=PC-1 passthrough=no dst-address=192.168.5.1 out-interface=3-WARNET dscp=12
add name="chain=postrouting action=mark-packet new-packet-mark=PC-2 passthrough=no dst-address=192.168.5.2 out-interface=3-WARNET dscp=12
add name="chain=postrouting action=mark-packet new-packet-mark=PC-3 passthrough=no dst-address=192.168.5.3 out-interface=3-WARNET dscp=12

SETING NAT /ip firewall nat>

add name="chain=srcnat action=masquerade out-interface=3-WARNET
add name="chain=srcnat action=masquerade out-interface=pppoe-out1
add name="chain=srcnat action=masquerade out-interface=1-MODEM
add name="chain=dstnat action=dst-nat to-addresses=192.168.10.2 to-ports=3128 protocol=tcp src-address=192.168.5.0/24 dst-address=!192.168.10.0/24 in-interface=3-WARNET dst-port=80
add name="chain=dstnat action=dst-nat to-ports=53 protocol=udp dst-port=53

SETIN FILTER /ip firewall filter>

add name="chain=forward action=accept connection-state=established
add name="chain=forward action=accept connection-state=related
add name="chain=forward action=drop connection-state=invalid
add name="chain=virus action=drop protocol=tcp dst-port=25
add name="chain=virus action=drop protocol=tcp dst-port=135-139
add name="chain=virus action=drop protocol=tcp dst-port=445
add name="chain=virus action=drop protocol=tcp dst-port=593
add name="chain=virus action=drop protocol=tcp dst-port=1024-1030
add name="chain=virus action=drop protocol=tcp dst-port=1080
add name="chain=virus action=drop protocol=tcp dst-port=1214
add name="chain=virus action=drop protocol=tcp dst-port=1363
add name="chain=virus action=drop protocol=tcp dst-port=1368
add name="chain=virus action=drop protocol=tcp dst-port=1373
add name="chain=virus action=drop protocol=tcp dst-port=1377
add name="chain=virus action=drop protocol=tcp dst-port=1364
add name="chain=virus action=drop protocol=tcp dst-port=1433-1434
add name="chain=virus action=drop protocol=tcp dst-port=2745
add name="chain=virus action=drop protocol=tcp dst-port=2283
add name="chain=virus action=drop protocol=tcp dst-port=2535
add name="chain=virus action=drop protocol=udp dst-port=135-139
add name="chain=virus action=drop protocol=udp dst-port=445
add name="chain=virus action=drop protocol=udp dst-port=4444
add name="chain=virus action=drop protocol=tcp dst-port=2745
add name="chain=virus action=drop protocol=tcp dst-port=3410
add name="chain=virus action=drop protocol=tcp dst-port=4444
add name="chain=virus action=drop protocol=tcp dst-port=3127
add name="chain=virus action=drop protocol=tcp dst-port=3127
add name="chain=forward action=jump jump-target=virus

SARATNYA SQUID DI PFSENSE UDAH DI EDIT MANUAL, SAMA NAT PFSENSE UDAH DI BELOKAN
DI include PFSENSE TAMBAH IKI BIASA NYA KALAU ADA KLIEN DOWLOAD File VIDIO PAKAI IDM MENGACAK,ACAK PABLIK BIAR AMAN

acl idm req_header Range -i bytes=.*
acl idm1 req_header User-Agent -i Mozilla/(19.0|18.0|17.0|16.0|15.0|5.0|4.0)
http_reply_access deny idm idm1

Langganan: Postingan (Atom)