Minggu, 14 April 2013

Mikrotik Rule Firewall Mangle

14.46    

Mikrotik
Sharing rule mikrotik ip firewall mangle yang dipakai warnet ciputih. Silahkan anda edit sendiri sesuai dengan kebutuhan anda. Kira-kira seperti dibawah ini, tidak perlu bayar seperti penawaran website tetangga. Dengan usaha dan kopi secangkir plus sebatang rokok anda akan mahir seting mikrotik yang okey punya. Silahkan comment di facebook warnet ciputih jika ada sesuatu atau datang ajalah ke warnet sekalian sharing keadaan warnet ciputih. Banggalah dengan usaha anda sendiri...hhmmm..



MIKROTIK WARNET CIPUTIH
+++++++++++++++++++++++

INTERFACE <<<<<<<<<<<<<<<<<<<<<<<<<+++++++++++++++++++++++++++
ether1 = Modem1 => pppoe = sapidi1
ether2 = Modem2 => pppoe = sapidi2
ether3 = Local
ether4 = Proxy
ether5 = wifi
==============================================================

ADDRESS-LIST <<<<<<<<<<<<<<<<<<<<<<<<<+++++++++++++++++++++++++++
/ip fi add

add list=Local address=192.168.1.0/27
add list=Local+Proxy address=192.168.10.0/30
add list=Local+Proxy address=192.168.1.0/27
add list=Local address=192.168.100.0/27
add list=Local+Proxy address=192.168.100.0/27

add list=Games address=69.175.20.186
add list=Games address=174.37.246.56
add list=Games address=202.43.171.0/24
add list=Games address=174.132.16.196
add list=Games address=203.89.146.0/23
add list=Games address=122.102.49.0/24
add list=Games address=202.93.20.0/23
add list=Games address=202.93.21.0/24
add list=Games address=202.93.16.0/24
add list=Games address=222.124.196.0/24
add list=Games address=122.144.2.0/24
add list=Games address=119.110.87.179
add list=Games address=203.89.147.0/24
add list=Games address=202.162.207.111
add list=Games address=69.0.145.160
add list=Games address=72.172.238.49
add list=Games address=202.78.197.18
add list=Games address=202.78.197.0/24
add list=Games address=122.102.51.19
add list=Games address=122.102.51.17
add list=Games address=202.43.167.72
add list=Games address=202.93.20.253
add list=Games address=202.43.167.72
add list=Games address=202.93.17.197
add list=Games address=117.103.58.198
add list=Load-Poker address=216.252.121.168
add list=Load-Poker address=216.252.121.169
add list=Load-Poker address=216.252.121.178
add list=Load-Poker address=208.43.79.19
add list=Load-Poker address=216.252.121.179
add list=Load-Poker address=184.72.247.138
add list=Load-Poker address=208.85.150.85
add list=Load-Poker address=216.227.212.167
add list=Load-Poker address=68.180.219.146
add list=Load-Poker address=67.228.216.164
add list=Load-Poker address=74.114.14.0/24
add list=Load-Poker address=64.71.138.105
add list=Load-Poker address=62.146.56.166
add list=Load-Poker address=184.105.197.12
add list=Load-Poker address=74.114.13.18
add list=Load-Poker address=74.217.68.204
add list=Load-Poker address=208.88.18.6
add list=Load-Poker address=199.9.252.170
add list=Load-Poker address=72.172.239.168
add list=Load-Poker address=74.114.12.233
add list=Load-Poker address=74.114.12.234
add list=Load-Poker address=199.9.252.172
add list=Load-Poker address=174.129.209.171
add list=Load-Poker address=75.126.250.198
add list=Load-Poker address=199.9.252.173
add list=Load-Poker address=68.180.219.144
add list=Load-Poker address=184.73.219.31
add list=Load-Poker address=174.129.56.62
add list=Load-Poker address=98.136.48.240
add list=Load-Poker address=174.129.190.31
add list=Load-Poker address=97.107.132.179
add list=Load-Poker address=64.127.108.169
add list=Load-Poker address=98.136.48.163
add list=Load-Poker address=74.86.119.18
add list=Load-Poker address=98.136.48.213
add list=Load-Poker address=67.228.216.163
add list=Load-Poker address=98.136.48.243
add list=Load-Poker address=98.136.48.234
add list=Load-Poker address=64.127.108.162
add list=Load-Poker address=202.157.174.20
add list=Load-Poker address=219.96.104.162
add list=Load-Poker address=98.136.48.219
add list=Load-Poker address=98.136.48.221
add list=Load-Poker address=98.136.48.220
add list=Load-Poker address=98.136.48.222
add list=Load-Poker address=98.136.48.235
add list=Load-Poker address=98.136.48.167
add list=Load-Poker address=79.125.7.18
add list=Load-Poker address=79.125.9.4
add list=Load-Poker address=218.213.86.12
add list=Load-Poker address=218.213.86.7
add list=Load-Poker address=98.136.48.218
add list=Load-Poker address=98.136.48.212
add list=Load-Poker address=98.136.48.209
add list=Load-Poker address=98.136.48.208
add list=Load-Poker address=98.136.48.214
add list=Load-Poker address=98.136.48.241
add list=Load-Poker address=98.136.48.161
add list=Load-Poker address=98.136.48.215
add list=Load-Poker address=98.136.48.216
add list=Load-Poker address=98.136.48.210
add list=Load-Poker address=98.136.48.238
add list=Load-Poker address=202.78.200.35
add list=Load-Poker address=173.231.142.100
add list=Load-Poker address=98.136.48.236
add list=Load-Poker address=67.228.29.180
add list=Load-Poker address=98.136.48.242
add list=Load-Poker address=98.136.48.160
add list=Load-Poker address=98.136.48.165
add list=Load-Poker address=72.172.224.17
add list=Load-Poker address=72.172.224.11
add list=Load-Poker address=98.136.48.211
add list=Load-Poker address=98.136.48.233
add list=Load-Poker address=98.136.48.166
add list=Load-Poker address=98.136.48.232
add list=Load-Poker address=98.136.48.239
add list=Load-Poker address=98.136.48.223
add list=Load-Poker address=98.136.48.237
add list=Load-Poker address=98.136.48.217
add list=Load-Poker address=98.136.48.162
add list=Load-Poker address=64.127.108.168
add list=Load-Poker address=209.20.93.211
add list=Load-Poker address=209.20.77.127
add list=Load-Poker address=174.36.242.26
add list=Load-Poker address=174.37.191.94
add list=Load-Poker address=72.172.239.163
add list=Load-Poker address=69.63.181.105
add list=Load-Poker address=64.127.108.165
add list=Load-Poker address=216.67.249.137
add list=Load-Poker address=173.231.142.101
add list=Load-Poker address=184.72.233.87
add list=Load-Poker address=72.172.239.164
add list=Load-Poker address=74.53.7.203
add list=Load-Poker address=184.72.58.19
add list=Load-Poker address=69.164.217.106
add list=Load-Poker address=74.86.120.196
add list=Load-Poker address=212.72.60.32
add list=Load-Poker address=74.53.22.42
add list=Load-Poker address=128.242.240.212
add list=Load-Poker address=128.242.240.148
add list=Load-Poker address=72.35.71.168
add list=Load-Poker address=74.86.120.195
add list=Load-Poker address=67.228.132.167
add list=Load-Poker address=64.236.111.28
add list=Load-Poker address=174.36.242.42
add list=Load-Poker address=72.172.232.90
add list=Load-Poker address=72.37.153.226
add list=Load-Poker address=67.228.132.166
add list=Load-Poker address=67.228.132.169
add list=Load-Poker address=72.172.224.16
add list=Load-Poker address=209.20.84.182
add list=Load-Poker address=67.228.132.170
add list=Load-Poker address=128.242.245.148
add list=Load-Poker address=74.53.7.199
add list=Load-Poker address=72.172.224.13
add list=Load-Poker address=72.172.239.162
add list=Load-Poker address=72.172.224.9
add list=Load-Poker address=208.85.93.166
add list=Load-Poker address=208.85.93.165
add list=Load-Poker address=67.228.132.171
add list=Load-Poker address=75.101.154.77
add list=Load-Poker address=67.228.216.162
add list=Load-Poker address=174.36.242.34
add list=Load-Poker address=184.72.223.245
add list=Load-Poker address=174.120.49.154

Mikrotik Mangle 
NAT <<<<<<<<<<<<<<<<<<<<<<<<<+++++++++++++++++++++++++++
/ip fi nat

add chain=srcnat action=masquerade src-address=192.168.1.0/27 dst-address=192.1
add chain=srcnat action=masquerade src-address=192.168.1.0/27 dst-address=192.1
add chain=srcnat action=masquerade out-interface=sapidi1
add chain=srcnat action=masquerade out-interface=sapidi2
add chain=dstnat action=dst-nat to-addresses=192.168.10.1 to-ports=3128 protoco
add chain=dstnat action=dst-nat to-addresses=192.168.10.1 to-ports=3128 protoco
add chain=dstnat action=dst-nat to-addresses=192.168.10.1 to-ports=22 protocol=
add chain=dstnat action=dst-nat to-addresses=192.168.10.1 to-ports=22 protocol=

MANGLE <<<<<<<<<<<<<<<<<<<<<<<<<+++++++++++++++++++++++++++
/ip fi man

DNS Request==
add chain=prerouting action=accept protocol=udp dst-address=192.168.10.2 src-address-list=Local dst-port=53
add chain=prerouting action=accept protocol=tcp dst-address=192.168.10.1 src-address-list=Local dst-port=80
add chain=prerouting action=accept protocol=tcp dst-port=8291
add chain=prerouting action=accept protocol=udp dst-port=53,67,68
add chain=output action=accept protocol=udp dst-port=53,67,68

Proxy Hit==
add chain=prerouting action=mark-packet new-packet-mark=proxy-hit passthrough=no in-interface=Proxy dscp=12
add chain=forward action=mark-packet new-packet-mark=proxy-hit passthrough=no in-interface=Proxy dscp=12

=========Start-QoS=========
add chain=forward action=log log-prefix=""
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=1818
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=1801-1809
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=icmp dst-address-list=Games
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=4300,19101,19000,39100,39110,39220,39190,49100
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=udp dst-port=40000-40010
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=29000
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=yes protocol=tcp dst-address-list=Games dst-port=6000-6152
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=2001
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=5105
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=22100
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=5121
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=27780
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=9601-9602
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=8085
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=11011-11041
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=13413
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=19000
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=10009,13008,16666,28012
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=5340-5352
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=6000-6001
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=29200
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=10402
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=15000-15002
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=16402-16502
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=5126
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=3010
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=11031
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=udp dst-port=11100-11125
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=udp dst-port=11440-11460
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=udp dst-port=12020-12080
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=udp dst-port=13000-13080
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=400
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=12011,12110
add chain=prerouting action=mark-routing new-routing-mark=Games passthrough=no protocol=tcp dst-address-list=Games dst-port=15001,15002

=========================== See interface
add chain=prerouting action=mark-packet new-packet-mark=all.pre.con passthrough=yes dst-address-list=!1warnet in-interface=Harnet
add chain=forward action=mark-packet new-packet-mark=all.fw.con passthrough=yes src-address-list=!1warnet out-interface=Harnet
add chain=prerouting action=mark-packet new-packet-mark=all.pre.con passthrough=no dst-address-list=!2Ciputih in-interface=Ciputih
add chain=postrouting action=mark-packet new-packet-mark=all.fw.con passthrough=no out-interface=Ciputih
===========================


=======Rules-Upstream======
add chain=forward action=log log-prefix=""

critical_up==
add chain=prerouting action=mark-packet new-packet-mark=critical_up passthrough=no protocol=udp dst-port=53,123
add chain=prerouting action=mark-packet new-packet-mark=critical_up passthrough=no protocol=icmp icmp-options=0:0
add chain=prerouting action=mark-packet new-packet-mark=critical_up passthrough=no protocol=icmp icmp-options=8:0

critical_up==for game time
add chain=prerouting action=mark-packet new-packet-mark=time_critical_up passthrough=no tcp-flags=ack protocol=tcp dst-address-list=Games packet-mark=all.pre.con packet-size=0-123
add chain=prerouting action=mark-packet new-packet-mark=time_critical_up passthrough=no tcp-flags=syn protocol=tcp dst-address-list=Games packet-mark=all.pre.con packet-size=0-666
add chain=prerouting action=mark-packet new-packet-mark=game_critical_up passthrough=no protocol=tcp dst-address-list=Games dst-port=!80 packet-mark=all.pre.con
add chain=prerouting action=mark-packet new-packet-mark=game_critical_up passthrough=no protocol=udp dst-address-list=Games packet-mark=all.pre.con

poker_time_critical_up==
add chain=prerouting action=mark-packet new-packet-mark=time_critical_up passthrough=no tcp-flags=ack protocol=tcp dst-address-list=Load-Poker packet-mark=all.pre.con packet-size=0-123
add chain=prerouting action=mark-packet new-packet-mark=time_critical_up passthrough=no tcp-flags=syn protocol=tcp dst-address-list=Load-Poker packet-mark=all.pre.con packet-size=0-666
add chain=prerouting action=mark-packet new-packet-mark=game_critical_up passthrough=no protocol=tcp dst-address-list=Load-Poker packet-mark=all.pre.con

http/s_time_critical_up===
add chain=prerouting action=mark-packet new-packet-mark=time_critical_up passthrough=no tcp-flags=ack protocol=tcp dst-port=80,443,3128 packet-mark=all.pre.con packet-size=0-123
add chain=prerouting action=mark-packet new-packet-mark=time_critical_up passthrough=no tcp-flags=syn protocol=tcp dst-port=80,443,3128 packet-mark=all.pre.con packet-size=0-666

browse_up===
add chain=prerouting action=mark-packet new-packet-mark=browse_up passthrough=no protocol=tcp dst-port=80,443,3128 packet-mark=all.pre.con connection-bytes=0-64000
add chain=prerouting action=mark-packet new-packet-mark=browse_big_up passthrough=no protocol=tcp dst-address-list=!Games dst-port=80,443,3128 packet-mark=all.pre.con connection-bytes=64000-0
add chain=prerouting action=mark-packet new-packet-mark=bulk_big_up passthrough=no protocol=tcp dst-address-list=!Games packet-mark=all.pre.con connection-bytes=64000-0


=======Rules-Downstream======
add chain=forward action=log log-prefix=""

critical_d==
add chain=postrouting action=mark-packet new-packet-mark=critical_d passthrough=no protocol=udp src-port=53
add chain=postrouting action=mark-packet new-packet-mark=critical_d passthrough=no protocol=icmp icmp-options=0:0 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=critical_d passthrough=no protocol=icmp icmp-options=8:0 packet-mark=all.fw.con

critical_d=== base on time
add chain=postrouting action=mark-packet new-packet-mark=time_critical_d passthrough=no tcp-flags=ack protocol=tcp src-address-list=Games packet-mark=all.fw.con packet-size=0-123
add chain=postrouting action=mark-packet new-packet-mark=time_critical_d passthrough=no tcp-flags=syn protocol=tcp src-address-list=Games packet-mark=all.fw.con packet-size=0-666
add chain=postrouting action=mark-packet new-packet-mark=time_critical_d passthrough=no tcp-flags=ack protocol=tcp src-port=80,443,3128 packet-mark=all.fw.con packet-size=0-123
add chain=postrouting action=mark-packet new-packet-mark=time_critical_d passthrough=no tcp-flags=syn protocol=tcp src-port=80,443,3128 packet-mark=all.fw.con packet-size=0-123

All_Game!80_d ===
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=!80,3128,21 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=udp src-address-list=Games packet-mark=all.fw.con

pokergame_critical_d====
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Load-Poker src-port=843,9339 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=1818 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=1801-1809 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=4300,19101,19000,39100,39110,39220,39190,49100 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=udp src-address-list=Games src-port=40000-40010 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=29000 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=6000-6152 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=2001 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=5105 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=22100 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=5121 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=27780 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=9601-9602 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=8085 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=11011-11041 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=13413 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=19000 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=10009,13008,16666,28012 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=5340-5352 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=6000-6001 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=29200 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=10402 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=15000-15002 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=16402-16502 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=5126 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=3010 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=11031 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=udp src-address-list=Games src-port=11100-11125 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=udp src-address-list=Games src-port=11440-11460 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=udp src-address-list=Games src-port=12020-12080 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=udp src-address-list=Games src-port=13000-13080 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=udp src-address-list=Games src-port=13000-13080 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=400 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=12011,12110 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=game_critical_d passthrough=no protocol=tcp src-address-list=Games src-port=15001,15002 packet-mark=all.fw.con

Browse donlot client====
add chain=postrouting action=mark-packet new-packet-mark=browse_d passthrough=no protocol=tcp src-port=21,80,3128,8080,8008 packet-mark=all.fw.con connection-bytes=0-96000


=========SATR-DOWNLOAD-CLIENT=========
add chain=forward action=log log-prefix=""
add chain=postrouting action=mark-packet new-packet-mark=pc01.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.1 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc02.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.2 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc03.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.3 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc04.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.4 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc05.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.5 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc06.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.6 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc07.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.7 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc08.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.8 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc09.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.9 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc10.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.10 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc11.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.11 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc12.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.12 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc13.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.13 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc14.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.14 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc15.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.15 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc16.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.16 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc17.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.17 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc18.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.18 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc19.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.19 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc20.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.20 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc21.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.21 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc22.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.22 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc23.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.23 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc24.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.24 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc25.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.25 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc26.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.26 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc27.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.27 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc28.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.28 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc29.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.29 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=pc30.d_pkt passthrough=no protocol=tcp dst-address=192.168.1.30 packet-mark=all.fw.con
add chain=postrouting action=mark-packet new-packet-mark=wifi-all.d_pkt passthrough=no protocol=tcp dst-address=192.168.100.0/27 packet-mark=all.fw.con


QUEUE TYPE <<<<<<<<<<<<<<<<<<<<<<<<<+++++++++++++++++++++++++++
/que typ

add name="pcq-down" kind=pcq pcq-rate=0 pcq-limit=30 pcq-classifier=dst-address pcq-total-limit=500
add name="browse" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
add name="pfifo-critical-d" kind=pfifo pfifo-limit=600
add name="pfifo-critical-up" kind=pfifo pfifo-limit=600
add name="pcq-big-up" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000
add name="sfq-down" kind=sfq sfq-perturb=5 sfq-allot=1514
add name="pcq-game-d" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
add name="sfq-up" kind=sfq sfq-perturb=5 sfq-allot=1514
add name="pcq-up" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address,src-port pcq-total-limit=3000


QUEUE TREE <<<<<<<<<<<<<<<<<<<<<<<<<+++++++++++++++++++++++++++
/que tre

add name="2.Main-U" parent=global-in packet-mark=all.pre.con limit-at=0 priority=8 max-limit=5M
add name="3.Main-D" parent=global-out packet-mark=all.fw.con limit-at=0 priority=8 max-limit=10M
add name="5.Client-D" parent=3.Main-D limit-at=0 priority=8 max-limit=1M
add name="1.Hit-Cache" parent=global-out packet-mark=proxy-hit limit-at=0 queue=default priority=1 max-limit=50M
add name="1.critical_up" parent=2.Main-U packet-mark=critical_up limit-at=128k queue=pfifo-critical-up priority=1 max-limit=5M
add name="2.time_critical_up" parent=2.Main-U packet-mark=time_critical_up limit-at=128k queue=pcq-up priority=2 max-limit=5M
add name="4.browse_up" parent=2.Main-U packet-mark=browse_up limit-at=64k queue=pcq-up priority=4 max-limit=128k
add name="5.browse_big_up" parent=2.Main-U packet-mark=browse_big_up limit-at=0 queue=pcq-big-up priority=8 max-limit=128k
add name="3.game_critical_up" parent=2.Main-U packet-mark=game_critical_up limit-at=256k queue=pcq-up priority=2 max-limit=5M
add name="6.bulk_big_up" parent=2.Main-U packet-mark=bulk_big_up limit-at=0 queue=pcq-big-up priority=8 max-limit=128k
add name="1.critical_d" parent=3.Main-D packet-mark=critical_d limit-at=128k queue=pcq-game-d priority=1 max-limit=10M
add name="2.time_critical_d" parent=3.Main-D packet-mark=time_critical_d limit-at=128k queue=pcq-game-d priority=2 max-limit=10M
add name="3.game_critical_d" parent=3.Main-D packet-mark=game_critical_d limit-at=1M queue=pcq-game-d priority=3 max-limit=1M
add name="4.browse_d" parent=3.Main-D packet-mark=browse_d limit-at=256k queue=pcq-down priority=4 max-limit=768k

add name="pc01" parent=5.Client-D packet-mark=pc01.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc02" parent=5.Client-D packet-mark=pc02.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc03" parent=5.Client-D packet-mark=pc03.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc04" parent=5.Client-D packet-mark=pc04.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc05" parent=5.Client-D packet-mark=pc05.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc06" parent=5.Client-D packet-mark=pc06.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc07" parent=5.Client-D packet-mark=pc07.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc08" parent=5.Client-D packet-mark=pc08.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc09" parent=5.Client-D packet-mark=pc09.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc11" parent=5.Client-D packet-mark=pc11.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc12" parent=5.Client-D packet-mark=pc12.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc10" parent=5.Client-D packet-mark=pc10.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc13" parent=5.Client-D packet-mark=pc13.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc14" parent=5.Client-D packet-mark=pc14.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc15" parent=5.Client-D packet-mark=pc15.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc16" parent=5.Client-D packet-mark=pc16.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc17" parent=5.Client-D packet-mark=pc17.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc18" parent=5.Client-D packet-mark=pc18.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc19" parent=5.Client-D packet-mark=pc19.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc20" parent=5.Client-D packet-mark=pc20.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc21" parent=5.Client-D packet-mark=pc21.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc22" parent=5.Client-D packet-mark=pc22.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc23" parent=5.Client-D packet-mark=pc23.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc24" parent=5.Client-D packet-mark=pc24.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc25" parent=5.Client-D packet-mark=pc25.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc26" parent=5.Client-D packet-mark=pc26.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc27" parent=5.Client-D packet-mark=pc27.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc28" parent=5.Client-D packet-mark=pc28.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc29" parent=5.Client-D packet-mark=pc29.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k
add name="pc30" parent=5.Client-D packet-mark=pc30.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k

add name="wifi-all" parent=5.Client-D packet-mark=wifi-all.d_pkt limit-at=64k queue=pcq-down priority=8 max-limit=384k


SEMOGA BERMANFAAT
Diposting oleh di

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)