Home » » 1line 2 mega

1line 2 mega

/ip firewall nat add action=dst-nat chain=dstnat comment="TRANSPARENT DNS"
disabled=no dst-port=53 in-interface=local protocol=udp to-ports=53

/ip firewall nat add action=dst-nat chain=dstnat comment="" disabled=no
dst-port=53 in-interface=local protocol=tcp to-ports=53

/ip firewall nat add action=dst-nat chain=dstnat comment="" disabled=no
dst-port=53 in-interface=proxy protocol=udp to-ports=53

/ip firewall nat add action=dst-nat chain=dstnat comment="" disabled=no
dst-port=53 in-interface=proxy protocol=tcp to-ports=53

/ip firewall nat add action=dst-nat chain=dstnat comment="TRANSPARENT PROXY"
disabled=no dst-address-list=!ProxyNET dst-port=80,8080,3128
in-interface=local protocol=tcp to-addresses=192.168.40.10 to-ports=3128

/ip firewall nat add action=dst-nat chain=dstnat comment="PROXY NAT"
disabled=no dst-address=192.168.0.1 dst-port=22,81,10000 in-interface=local
protocol=tcp to-addresses=192.168.40.10

/ip firewall nat add action=masquerade chain=srcnat comment="MASQUERADE
MODEM" disabled=no out-interface=public




/ip firewall mangle add action=mark-packet chain=forward
comment="PROXY-HIT-DSCP 12" disabled=no dscp=12 new-packet-mark=proxy-hit
passthrough=no

/ip firewall mangle add action=change-dscp chain=postrouting
comment=CRITICAL disabled=no new-dscp=1 protocol=icmp

/ip firewall mangle add action=change-dscp chain=postrouting comment=""
disabled=no dst-port=53 new-dscp=1 protocol=udp

/ip firewall mangle add action=change-dscp chain=postrouting comment=""
disabled=no dst-port=53 new-dscp=1 protocol=tcp

/ip firewall mangle add action=mark-connection chain=postrouting comment=""
disabled=no dscp=1 new-connection-mark=critical_conn passthrough=yes

/ip firewall mangle add action=mark-packet chain=postrouting comment=""
connection-mark= critical_conn disabled=no new-packet-mark=critical_pkt
passthrough=no




/ip firewall mangle add action=mark-connection chain=prerouting
comment=MARK-ALL-CONN disabled=no dst-address-list=!ApisTECH
in-interface=local new-connection-mark=all.pre_conn passthrough=yes

/ip firewall mangle add action=mark-connection chain=forward comment=""
disabled=no new-connection-mark=all.post_conn out-interface=local
passthrough=yes src-address-list=!ApisTECH

/ip firewall mangle add action=mark-packet chain=prerouting comment=""
connection-mark= all.pre_conn disabled=no new-packet-mark=all.pre_pkt
passthrough=yes

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-mark=all.post_conn disabled=no new-packet-mark=all.post_pkt
passthrough=yes




/ip firewall mangle add action=mark-connection chain=prerouting
comment=GAMES connection-mark=all.pre_conn disabled=no dst-port=9339,843
new-connection-mark=games_conn passthrough=yes protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=""
connection-mark=all.pre_conn disabled=no dst-port=40000-40010
new-connection-mark=games_conn passthrough=yes protocol=udp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-mark=games_conn disabled=no new-packet-mark=games_pkt
passthrough=no




/ip firewall mangle add action=mark-connection chain=prerouting
comment=HTTP-CLIENT connection-mark=all.pre_conn disabled=no
new-connection-mark=browsing_conn packet-size=0-64 passthrough=yes
protocol=tcp tcp-flags=ack

/ip firewall mangle add action=mark-connection chain=prerouting comment=""
connection-mark=all.pre_conn disabled=no dst-port=80,443
new-connection-mark=browsing_conn passthrough=yes protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=0-131072 connection-mark=browsing_conn disabled=no
new-packet-mark=browsing_pkt passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting
comment=HTTP-PROXY disabled=no dst-address-list=!ApisTECH dst-port=80,443
new-connection-mark=proxy_conn passthrough=yes protocol=tcp
src-address-list=ProxyNET

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-mark=proxy_conn disabled=no new-packet-mark=proxy_pkt
passthrough=no




/ip firewall mangle add action=mark-connection chain=prerouting
comment=REALTIME connection-mark= all.pre_conn disabled=no
dst-port=22,179,110,161,8291 new-connection-mark=realtime_conn
passthrough=yes protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=""
connection-mark=all.pre_conn disabled=no dst-port=123
new-connection-mark=realtime_conn passthrough=yes protocol=udp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-mark=realtime_conn disabled=no new-packet-mark=realtime_pkt
passthrough=no




/ip firewall mangle add action=mark-connection chain=prerouting
comment=FILETRANSER connection-mark=all.pre_conn disabled=no
dst-port=20,21,23 new-connection-mark=communication_conn passthrough=yes
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-mark=communication_conn disabled=no
new-packet-mark=communication_pkt passthrough=no




/ip firewall mangle add action=mark-connection chain=prerouting
comment=NORMAL connection-mark=all.pre_conn disabled=no
dst-address-list=!ProxyNET new-connection-mark= normal_conn passthrough=yes

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-mark=normal_conn disabled=no new-packet-mark=normal_pkt
passthrough=no




/ip firewall mangle add action=mark-packet chain=forward comment=DOWNLOAD
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.2 new-packet-mark=ApisTECH01.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.150 new-packet-mark=ApisTECH02.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.151 new-packet-mark=ApisTECH03.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.152 new-packet-mark=ApisTECH04.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.153 new-packet-mark=ApisTECH05.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.154 new-packet-mark=ApisTECH06.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.155 new-packet-mark=ApisTECH07.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.156 new-packet-mark=ApisTECH08.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.157 new-packet-mark=ApisTECH09.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.158 new-packet-mark=ApisTECH010.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.159 new-packet-mark=ApisTECH011.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.160 new-packet-mark=ApisTECH012.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.161 new-packet-mark=ApisTECH013.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.162 new-packet-mark=ApisTECH014.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.163 new-packet-mark=ApisTECH015.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.164 new-packet-mark=ApisTECH016.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.165 new-packet-mark=ApisTECH017.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.166 new-packet-mark=ApisTECH018.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.167 new-packet-mark=ApisTECH019.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.168 new-packet-mark=ApisTECH020.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.169 new-packet-mark=ApisTECH021.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.170 new-packet-mark=ApisTECH022.d_pkt passthrough=no
protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward comment=""
connection-bytes=131072-4294967295 connection-mark=all.post_conn disabled=no
dst-address=192.168.0.4 new-packet-mark=ApisTECH023.d_pkt passthrough=no
protocol=tcp




/queue type add kind=pcq name=pcq_up pcq-classifier=src-address
pcq-limit=200 pcq-rate=0 pcq-total-limit=8000

/queue type add kind=pcq name=pcq_down pcq-classifier=dst-address
pcq-limit=200 pcq-rate=0 pcq-total-limit=8000

/queue type add kind=pfifo name=pfifo-critical pfifo-limit=10

/queue type add kind=pcq name=pcq_critical.up
pcq-classifier=src-address,src-port pcq-limit=20 pcq-rate=0
pcq-total-limit=500

/queue type add kind=pcq name=pcq_critical.down
pcq-classifier=dst-address,dst-port pcq-limit=20 pcq-rate=0
pcq-total-limit=500




/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=0 name="A. PROXY HIT" packet-mark=proxy-hit
parent=local priority=1 queue=default

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=0 name="B. CRITICAL" packet-mark=critical_pkt
parent=public priority=1 queue=pfifo-critical

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=0 name="C. INBOUND" packet-mark=all.post_pkt
parent=global-out priority=8

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=0 name="D. OUTBOUND" packet-mark=all.pre_pkt
parent=public priority=8




/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=0 name="A. GAMES" packet-mark=games_pkt parent="C.
INBOUND" priority=2 queue=pcq_critical.down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=0 name="B. HTTP" packet-mark=browsing_pkt parent="C.
INBOUND" priority=3 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=64k max-limit=128k name="C. REALTIME" packet-mark=realtime_pkt
parent="C. INBOUND" priority=4 queue=pcq_critical.down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=64k max-limit=128k name="D. FILETRANS"
packet-mark=communication_pkt parent="C. INBOUND" priority=5 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=64k max-limit=128k name="E. NORMAL" packet-mark=normal_pkt
parent="C. INBOUND" priority=6 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=1024k name="F. DOWN 1M" parent="C. INBOUND" priority=8

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=0 name="G. DOWN 2M" parent="C. INBOUND" priority=8




/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH01-D packet-mark=ApisTECH01.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH02-D packet-mark=ApisTECH02.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH03-D packet-mark=ApisTECH03.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH04-D packet-mark=ApisTECH04.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH05-D packet-mark=ApisTECH05.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH06-D packet-mark=ApisTECH06.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH07-D packet-mark=ApisTECH07.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH08-D packet-mark=ApisTECH08.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH09-D packet-mark=ApisTECH09.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH010-D packet-mark=ApisTECH010.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH011-D packet-mark=ApisTECH011.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH012-D packet-mark=ApisTECH012.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH013-D packet-mark=ApisTECH013.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH014-D packet-mark=ApisTECH014.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH015-D packet-mark=ApisTECH015.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH016-D packet-mark=ApisTECH016.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH017-D packet-mark=ApisTECH017.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH018-D packet-mark=ApisTECH018.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH019-D packet-mark=ApisTECH019.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH020-D packet-mark=ApisTECH020.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH021-D packet-mark=ApisTECH021.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH022-D packet-mark=ApisTECH022.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=256k name=ApisTECH023-D packet-mark=ApisTECH023.d_pkt
parent="F. DOWN 1M" priority=8 queue=pcq_down




/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=0 max-limit=0 name="A. GAMES UP" packet-mark=games_pkt parent="D.
OUTBOUND" priority=2 queue=pcq_critical.up

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=64k max-limit=256k name="B. HTTP UP" packet-mark=proxy_pkt
parent="D. OUTBOUND" priority=3 queue=pcq_up

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=32k max-limit=64k name="C. REALTIME UP" packet-mark=realtime_pkt
parent="D. OUTBOUND" priority=4 queue=pcq_critical.up

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=64k max-limit=128k name="D. FILETRANS UP"
packet-mark=communication_pkt parent="D. OUTBOUND" priority=5 queue=pcq_up

/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no
limit-at=64k max-limit=128k name="E. NORMAL UP" packet-mark=normal_pkt
parent="D. OUTBOUND" priority=6 queue=pcq_up


------Coba pake ini.....queue tree....edit sesuai BW dan interface dan ip
address gan.....Squid nggak kelimit
Share this article :
Label:

0 komentar:

Speak up your mind

Tell us what you're thinking... !

 
Support : Creating Website | Najwa Azra and Mas Template
Proudly powered by Blogger
Copyright © 2013. Bahan Ajar - All Rights Reserved
Template Design by Creating Website G+ Mas Template