Sabtu, 16 Februari 2013

Cara Setting Bypass Hit Squid,Mangle Game,Queue Tree,Browsing Terbaru di Mikrotik (Update-2012-08-04)



wirelessrouterproxy.com - Cara Setting Bypass Hit Squid,Mangle Game,Queue Tree,Browsing Terbaru di Mikrotik (Update-2012-08-04) awal
Ada beberapa perbedaan dengan tutorial sebelumnya,disini juga membagi Https di queue tree dan untuk Limit extention di gabung ke dalam Semua Down , jadi misalnya bandwidth 2 MB didalam 2 MB tersebut saya namakan ALL DOWN yang di dalamnya ada:Browsing (Http),Https dan Limit Extention,kemudian untuk upload saya gunakan parent=global-out tidak parent=proxy karna mangle saya gunakan postrouting yang di serahakan ke proxy external ini akan membuat Hit Proxy menjadi besar..anda bisa test speedtest untuk test nya ,ok mari kita mulai:
Bagi yang menggunakan PC mikrotik supaya sinkron dengan scripts di bawah silahkan upgrade dulu PC mikrotiknya dengan Os.5.18 , Tutorialnya ((DISINI))
Topologi Jaringan:
Ether1 - public Modem
Ether2 - local HUB (Client)
Ether3 - proxy External Proxy

  • Ganti nama interface menjadi internet,local,proxy supaya sesuai dengan scripts tutorial berikut , perintahnya:
Pastekan di “New Terminal” winbox
/interface set 0 name=public \
;/interface set 1 name=local \
;/interface set 2 name=proxy

  • Set Jam supaya tidak berubah-ubah:
Pastekan di “New Terminal” winbox
/system ntp client \
set enabled=yes mode=unicast \
primary-ntp=152.118.24.8 \
secondary-ntp=202.169.224.16

  • System Note:
Ini scripts gunanya nanti jika buka “New Terminal” akan nongol Note nya=
Pastekan di “New Terminal” winbox
/system note \
set note=www.wirelessrouterproxy.com.setup.by.HUSNI \
show-at-login=yes

  • NAT Transparent Proxy dan Local Masquerade:
Tulisan yang saya kasih warna merah di bawah ini sesuaikan dengan network proxy anda dan ip address proxy anda dan juga port proxy anda:
Edit Sebelum di Pastekan di “New Terminal” winbox
/ip firewall nat add action=dst-nat \
chain=dstnat comment="TRANSPARENT PROXY" \
disabled=no dst-port=80 in-interface=local \
protocol=tcp src-address=!192.168.254.0/24 \
to-addresses=192.168.254.2 to-ports=3128
/ip firewall nat add action=masquerade chain=srcnat \
comment=MASQUERADE disabled=no

  • Ip firewall layer7-protocol untuk melimit download seperti rar,zip,youtube,exe,dll kecuali file yang tersimpan di proxy otomatis loss:
Pastekan di “New Terminal” winbox
/ip firewall layer7-protocol
add name="YOUTUBE DOWNLOAD" regexp="http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5\
    ][0-9][0-9][\\x09-\\x0d -~]*(content-type: video)"
add name=EXE regexp=\\.(exe)
add name=RAR regexp="\\.(rar)"
add name=ZIP regexp="\\.(zip)"
add name=7z regexp="\\.(7z)"
add name=WMV regexp="\\.(wmv)"
add name=MPG regexp="\\.(mpg)"
add name=MPEG regexp="\\.(mpeg)"
add name=AVI regexp="\\.(avi)"
add name=FLV regexp="\\.(flv)"
add name=WAV regexp="\\.(wav)"
add name=MP3 regexp="\\.(mp3)"
add name=MP4 regexp="\\.(mp4)"
add name=ISO regexp="\\.(iso)"
add name=3GP regexp="\\.(3gp)"
add name=MOV regexp="\\.(mov)"
add name=MKV regexp="\\.(mkv)"
add name="YOUTUBE STREAMING" regexp=youtube
add name=PORN regexp=porn
add name=TUBE regexp=tube
add name=VIDEO regexp=video
add name=MOVIE regexp=movie
hasilnya seperti gambar di bawah ini:
wirelessrouterproxy.com - Cara Setting Bypass Hit Squid,Mangle Game,Queue Tree,Browsing Terbaru di Mikrotik (Update-2012-08-04) 1

  • Ip Firewall Filter Drop Virus:
Pastekan di “New Terminal” winbox
/ip firewall filter
add action=accept chain=input \
disabled=no dst-port=8291 protocol=tcp
add action=drop chain=forward \
connection-state=invalid disabled=no
add action=drop chain=virus disabled=no \
dst-port=135-139 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=1433-1434 protocol=tcp
add action=drop chain=virus \
disabled=no dst-port=445 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=445 protocol=udp
add action=drop chain=virus disabled=no \
dst-port=593 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=1024-1030 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=1080 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=1214 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=1363 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=1364 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=1368 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=1373 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=1377 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=2745 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=2283 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=2535 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=2745 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=3127 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=3410 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=4444 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=4444 protocol=udp
add action=drop chain=virus disabled=no \
dst-port=5554 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=8866 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=9898 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=10080 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=12345 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=17300 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=27374 protocol=tcp
add action=drop chain=virus disabled=no \
dst-port=65506 protocol=tcp
add action=jump chain=forward \
disabled=no jump-target=virus
add action=drop chain=input \
connection-state=invalid disabled=no
add action=accept chain=input \
disabled=no protocol=udp
add action=accept chain=input \
disabled=no limit=50/5s,2 protocol=icmp
add action=drop chain=input \
disabled=no protocol=icmp
add action=accept chain=input \
disabled=no dst-port=21 protocol=tcp
add action=accept chain=input \
disabled=no dst-port=22 protocol=tcp
add action=accept chain=input \
disabled=no dst-port=23 protocol=tcp
add action=accept chain=input \
disabled=no dst-port=80 protocol=tcp
add action=accept chain=input \
disabled=no dst-port=8291 protocol=tcp
add action=accept chain=input \
disabled=no dst-port=1723 protocol=tcp
add action=accept chain=input \
disabled=no dst-port=23 protocol=tcp
add action=accept chain=input \
disabled=no dst-port=80 protocol=tcp
add action=accept chain=input disabled=no \
dst-port=1723 protocol=tcp
add action=add-src-to-address-list \
address-list=DDOS address-list-timeout=15s \
chain=input disabled=no dst-port=1337 protocol=tcp
add action=add-src-to-address-list \
address-list=DDOS address-list-timeout=15m \
chain=input disabled=no dst-port=7331 \
protocol=tcp src-address-list=knock
add action=add-src-to-address-list \
address-list="port scanners" \
address-list-timeout=2w chain=input \
comment="Port scanners to list " \
disabled=no protocol=tcp psd=21,3s,3,1
add action=add-src-to-address-list \
address-list="port scanners" \
address-list-timeout=2w chain=input \
comment="SYN/FIN scan" disabled=no \
protocol=tcp tcp-flags=fin,syn
add action=add-src-to-address-list \
address-list="port scanners" \
address-list-timeout=2w chain=input \
comment="SYN/RST scan" disabled=no \
protocol=tcp tcp-flags=syn,rst
add action=add-src-to-address-list \
address-list="port scanners" \
address-list-timeout=2w chain=input \
comment="FIN/PSH/URG scan" disabled=\
no protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
add action=add-src-to-address-list \
address-list="port scanners" \
address-list-timeout=2w chain=input \
comment="ALL/ALL scan" disabled=no \
protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg
add action=add-src-to-address-list \
address-list="port scanners" \
address-list-timeout=2w chain=input \
comment="NMAP NULL scan" disabled=no \
protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
add action=accept chain=input \
comment="ANTI NETCUT" disabled=no dst-port=\
0-65535 protocol=tcp \
src-address=61.213.183.1-61.213.183.254
add action=accept chain=input \
comment="ANTI NETCUT" disabled=no \
dst-port=0-65535 protocol=tcp \
src-address=67.195.134.1-67.195.134.254
add action=accept chain=input \
comment="ANTI NETCUT" disabled=no \
dst-port=0-65535 protocol=tcp \
src-address=68.142.233.1-68.142.233.254
add action=accept chain=input \
comment="ANTI NETCUT" disabled=no dst-port=\
0-65535 protocol=tcp \
src-address=68.180.217.1-68.180.217.254
add action=accept chain=input \
comment="ANTI NETCUT" disabled=no \
dst-port=0-65535 protocol=tcp \
src-address=203.84.204.1-203.84.204.254
add action=accept chain=input \
comment="ANTI NETCUT" disabled=no \
dst-port=0-65535 protocol=tcp \
src-address=69.63.176.1-69.63.176.254
add action=accept chain=input \
comment="ANTI NETCUT" \
disabled=no dst-port=0-65535 protocol=tcp \
src-address=69.63.181.1-69.63.181.254
add action=accept chain=input \
comment="ANTI NETCUT" \
disabled=no dst-port=0-65535 protocol=tcp \
src-address=63.245.209.1-63.245.209.254
add action=accept chain=input \
comment="ANTI NETCUT" disabled=no dst-port=\
0-65535 protocol=tcp \
src-address=63.245.213.1-63.245.213.254
hasilnya seperti gambar di bawah ini:
wirelessrouterproxy.com - Cara Setting Bypass Hit Squid,Mangle Game,Queue Tree,Browsing Terbaru di Mikrotik (Update-2012-08-04) 2

  • Ip Firewall Mangle
    • Ini Scripts Mangle Squid Hit,DSCP=12 untuk me Loss kan proxy dari limit client,Di queue tree saya buat 80 MB Posisi di mangle paling di letakkan paling atas=
Pastekan di “New Terminal” winbox
/ip firewall mangle
add action=mark-packet chain=postrouting comment="SQUID PROXY HIT" \
dscp=12 new-packet-mark="wirelessrouterproxy.com SPH" passthrough=no

    • Scripts mangle untuk menstabilkan ping jika koneksi padat dan DNS=
Pastekan di “New Terminal” winbox
/ip firewall mangle
add action=mark-connection chain=prerouting comment=ICMP \
new-connection-mark="wirelessrouterproxy.com I" passthrough=yes protocol=\
icmp
add action=change-dscp chain=prerouting connection-mark=\
"wirelessrouterproxy.com I" new-dscp=1 passthrough=yes
add action=mark-packet chain=prerouting connection-mark=\
"wirelessrouterproxy.com I" new-packet-mark=\
"wirelessrouterproxy.com I" passthrough=no
add action=mark-connection chain=prerouting comment=DNS dst-port=\
53 new-connection-mark="wirelessrouterproxy.com D" passthrough=yes \
protocol=tcp
add action=mark-connection chain=prerouting dst-port=53 \
new-connection-mark="wirelessrouterproxy.com D" passthrough=yes protocol=\
udp
add action=change-dscp chain=prerouting connection-mark=\
"wirelessrouterproxy.com D" new-dscp=1 passthrough=yes
add action=mark-packet chain=prerouting connection-mark=\
"wirelessrouterproxy.com D" new-packet-mark=\
"wirelessrouterproxy.com D" passthrough=no

    • Ini Di bawah Scripts untuk Game Online dan Game Facebook:
Edit Sebelum di Pastekan di “New Terminal” winbox
/ip firewall mangle
add action=mark-connection chain=prerouting comment="GAME ONLINE" disabled=no \
dst-port=1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6152,7777 \
new-connection-mark="wirelessrouterproxy.com GO" passthrough=yes \
protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-port="7341-7350,74\
51,8085,9600,9601-9602,9300,9400,9700,9376-9377,10001-10011,40000" \
new-connection-mark="wirelessrouterproxy.com GO" passthrough=yes \
protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-port="7341-7350,74\
51,8085,9600,9601-9602,9300,9400,9700,9376-9377,10001-10011,40000" \
new-connection-mark="wirelessrouterproxy.com GO" passthrough=yes \
protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-port="10009,13008,\
16666,28012,11011-11041,10402,11031,12011,12110,13413,15000-15002,15001,15\
002" new-connection-mark="wirelessrouterproxy.com GO" passthrough=yes \
protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-port="16402-16502,\
18901-18909,19000,19101,22100,27780,29000,29200,39100,39110,39220,39190,49\
100" new-connection-mark="wirelessrouterproxy.com GO" passthrough=yes \
protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-port=\
14009-14010,14300,14301,14403,7000,14500 new-connection-mark=\
"wirelessrouterproxy.com GO" passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-port="1293,1479,61\
00-6152,7777-7977,9401,9600-9602,12020-12080,30000,40000-40010" \
new-connection-mark="wirelessrouterproxy.com GO" passthrough=yes \
protocol=udp
add action=mark-connection chain=prerouting disabled=no dst-port=\
42051-42052,11100-11125,11440-11460 new-connection-mark=\
"wirelessrouterproxy.com GO" passthrough=yes protocol=udp
add action=mark-connection chain=prerouting disabled=no dst-port=14009-14010 \
new-connection-mark="wirelessrouterproxy.com GO" passthrough=yes \
protocol=udp
add action=mark-packet chain=prerouting connection-mark=\
"wirelessrouterproxy.com GO" disabled=no new-packet-mark=\
"wirelessrouterproxy.com GO" passthrough=no
add action=mark-connection chain=prerouting comment="GAME FACEBOOK" disabled=\
no dst-port=843,9339 new-connection-mark="wirelessrouterproxy.com GF" \
passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=\
"wirelessrouterproxy.com GF" disabled=no new-packet-mark=\
"wirelessrouterproxy.com GF" passthrough=no

    • Ini Di bawah adalah Scripts dan lain lain nya…di bawah port 1935 dalah port tv online..jika ada port lain silahkan tambah dengna pembatas koma:
Pastekan di “New Terminal” winbox
/ip firewall mangle
add action=mark-connection chain=prerouting comment=DLL disabled=no dst-port=\
1935 new-connection-mark="wirelessrouterproxy.com DLL" passthrough=yes \
protocol=tcp
add action=mark-packet chain=forward connection-mark=\
"wirelessrouterproxy.com DLL" disabled=no new-packet-mark=\
"wirelessrouterproxy.com DLL" passthrough=no

    • Di bawah ini adalah scripts Https:
Pastekan di “New Terminal” winbox
/ip firewall mangle
add action=mark-connection chain=postrouting comment=HTTPS disabled=no \
dst-port=443 new-connection-mark="wirelessrouterproxy.com H" passthrough=\
yes protocol=tcp
add action=mark-packet chain=postrouting connection-mark=\
"wirelessrouterproxy.com H" disabled=no new-packet-mark=\
"wirelessrouterproxy.com H" passthrough=no

    • Ini Di bawah Scripts mangle untuk Limit extention (yang download rar,zip,exe,dll ) akan di limit dan jika udah pernah di download tidak akan masuk limit mangle ini,otomatis ke Ip Firewall Mangle Squid Hit,DSCP=12 =
Bisa di perhatikan setiap paket layer 7 di bawah mempunyai connection mark,beda dengan tutorial sebelumnya:
Pastekan di “New Terminal” winbox
/ip firewall mangle
add action=mark-connection chain=forward comment="LIMIT EXTENTION" disabled=\
no layer7-protocol="YOUTUBE DOWNLOAD" new-connection-mark=\
"YOUTUBE DOWNLOAD" passthrough=yes
add action=mark-packet chain=forward connection-mark="YOUTUBE DOWNLOAD" \
disabled=no new-packet-mark="YOUTUBE DOWNLOAD" \
passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=\
"YOUTUBE STREAMING" new-connection-mark="YOUTUBE STREAMING" passthrough=\
yes
add action=mark-packet chain=forward connection-mark="YOUTUBE STREAMING" \
disabled=no new-packet-mark="YOUTUBE STREAMING" \
passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=TUBE \
new-connection-mark=PORN1 passthrough=yes
add action=mark-packet chain=forward connection-mark=PORN1 disabled=no \
new-packet-mark=PORN1 passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=PORN \
new-connection-mark=PORN2 passthrough=yes
add action=mark-packet chain=forward connection-mark=PORN2 disabled=no \
new-packet-mark=PORN2 passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=VIDEO \
new-connection-mark=PORN3 passthrough=yes
add action=mark-packet chain=forward connection-mark=PORN3 disabled=no \
new-packet-mark=PORN3 passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=MOVIE \
new-connection-mark=PORN4 passthrough=yes
add action=mark-packet chain=forward connection-mark=PORN4 disabled=no \
new-packet-mark=PORN4 passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=MKV \
new-connection-mark=MKV passthrough=yes
add action=mark-packet chain=forward connection-mark=MKV disabled=no \
new-packet-mark=MKV passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=MP3 \
new-connection-mark=MP3 passthrough=yes
add action=mark-packet chain=forward connection-mark=MP3 disabled=no \
new-packet-mark=MP3 passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=MP4 \
new-connection-mark=MP4 passthrough=yes
add action=mark-packet chain=forward connection-mark=MP4 disabled=no \
new-packet-mark=MP4 passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=ZIP \
new-connection-mark=ZIP passthrough=yes
add action=mark-packet chain=forward connection-mark=ZIP disabled=no \
new-packet-mark=ZIP passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=EXE \
new-connection-mark=EXE passthrough=yes
add action=mark-packet chain=forward connection-mark=EXE disabled=no \
new-packet-mark=EXE passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=FLV \
new-connection-mark=FLV passthrough=yes
add action=mark-packet chain=forward connection-mark=FLV disabled=no \
new-packet-mark=FLV passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=ISO \
new-connection-mark=ISO passthrough=yes
add action=mark-packet chain=forward connection-mark=ISO disabled=no \
new-packet-mark=ISO passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=MOV \
new-connection-mark=MOV passthrough=yes
add action=mark-packet chain=forward connection-mark=MOV disabled=no \
new-packet-mark=MOV passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=MPEG \
new-connection-mark=MPEG passthrough=yes
add action=mark-packet chain=forward connection-mark=MPEG disabled=no \
new-packet-mark=MPEG passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=MPG \
new-connection-mark=MPG passthrough=yes
add action=mark-packet chain=forward connection-mark=MPG disabled=no \
new-packet-mark=MPG passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=WAV \
new-connection-mark=WAV passthrough=yes
add action=mark-packet chain=forward connection-mark=WAV disabled=no \
new-packet-mark=WAV passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=RAR \
new-connection-mark=RAR passthrough=yes
add action=mark-packet chain=forward connection-mark=RAR disabled=no \
new-packet-mark=RAR passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=WMV \
new-connection-mark=WMV passthrough=yes
add action=mark-packet chain=forward connection-mark=WMV disabled=no \
new-packet-mark=WMV passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=3GP \
new-connection-mark=3GP passthrough=yes
add action=mark-packet chain=forward connection-mark=3GP disabled=no \
new-packet-mark=3GP passthrough=no
add action=mark-connection chain=forward disabled=no layer7-protocol=7z \
new-connection-mark=7z passthrough=yes
add action=mark-packet chain=forward connection-mark=7z disabled=no \
new-packet-mark=7z passthrough=no

    • Ini Di bawah Scripts mangle Untuk pembagian otomatis bandwidth browsing Upload dan Download,Sesuaikan network yang kolom bewarna merah dengan network proxy anda=
Bisa di perhatikan paket di bawah menggunakan postrouting dan in interface proxy yang akan membuat lebih Besar HIT nya,beda dengan tutorial sebelumnya:
Edit sebelum di Pastekan di “New Terminal” winbox
/ip firewall mangle
add action=mark-connection chain=prerouting comment=HTTP disabled=no \
dst-port=80 in-interface=proxy new-connection-mark=\
"wirelessrouterproxy.com HTTP" passthrough=yes protocol=tcp
add action=mark-packet chain=postrouting connection-mark=\
"wirelessrouterproxy.com HTTP" disabled=no dst-address=192.168.254.0/24 \
new-packet-mark="wirelessrouterproxy.com HTTP D" passthrough=no
add action=mark-packet chain=postrouting connection-mark=\
"wirelessrouterproxy.com HTTP" disabled=no new-packet-mark=\
"wirelessrouterproxy.com HTTP U" passthrough=no src-address=\
192.168.254.0/24
hasilnya seperti gambar di bawah ini:
wirelessrouterproxy.com - Cara Setting Bypass Hit Squid,Mangle Game,Queue Tree,Browsing Terbaru di Mikrotik (Update-2012-08-04) 3
wirelessrouterproxy.com - Cara Setting Bypass Hit Squid,Mangle Game,Queue Tree,Browsing Terbaru di Mikrotik (Update-2012-08-04) 4
wirelessrouterproxy.com - Cara Setting Bypass Hit Squid,Mangle Game,Queue Tree,Browsing Terbaru di Mikrotik (Update-2012-08-04) 5
  • Queue Type
Di bawah adalah Queue type untuk Bandwidth 3 MB,Jika Bandwidth anda 2 MB silahkan ganti tulisan yang berwarna merah (3000) menjadi 2000 , dan upload di bawah adalah 512KB ,jika anda mempunyai upload yang berbeda silahkan sesuaikan
Edit sebelum di Pastekan di “New Terminal” winbox
/queue type
add kind=pcq name="PROXY DOWN" pcq-burst-rate=0 pcq-burst-threshold=0 \
pcq-burst-time=10s pcq-classifier=\
src-address,dst-address,src-port,dst-port pcq-dst-address-mask=32 \
pcq-dst-address6-mask=128 pcq-limit=50 pcq-rate=0 pcq-src-address-mask=32 \
pcq-src-address6-mask=128 pcq-total-limit=3000
add kind=pcq name=DOWN pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=\
5s pcq-classifier=dst-address,dst-port pcq-dst-address-mask=32 \
pcq-dst-address6-mask=128 pcq-limit=50 pcq-rate=0 pcq-src-address-mask=32 \
pcq-src-address6-mask=128 pcq-total-limit=3000
add kind=pcq name=UP pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=\
10s pcq-classifier=src-address,src-port pcq-dst-address-mask=32 \
pcq-dst-address6-mask=128 pcq-limit=50 pcq-rate=0 pcq-src-address-mask=32 \
pcq-src-address6-mask=128 pcq-total-limit=512
add kind=pfifo name=PING pfifo-limit=64
add kind=pcq name=DLL pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=\
10s pcq-classifier=src-address,dst-address,src-port,dst-port \
pcq-dst-address-mask=32 pcq-dst-address6-mask=64 pcq-limit=50 pcq-rate=0 \
pcq-src-address-mask=32 pcq-src-address6-mask=64 pcq-total-limit=3000
add kind=pcq name=HTTPS pcq-burst-rate=0 pcq-burst-threshold=0 \
pcq-burst-time=10s pcq-classifier=\
src-address,dst-address,src-port,dst-port pcq-dst-address-mask=32 \
pcq-dst-address6-mask=64 pcq-limit=50 pcq-rate=0 pcq-src-address-mask=32 \
pcq-src-address6-mask=64 pcq-total-limit=3000

  • Queue Tree
    • Di bawah ini adalah queue tree “ALL DOWN” yang child nya nanti adalah A.BROWSING, C.HTTPS, D.LIMIT EXTENTION, E.DLL yang bertulisan merah di bawah 2800k untuk bandwidth 3 MB ,200k saya sisakan , silahkan sesuaikan dengan bandwidth anda:
Edit sebelum di Pastekan di “New Terminal” winbox
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=2800k name="4.ALL DOWN" packet-mark="" parent=global-out \
priority=3

    • Dibawah ini adalah queue tree “LIMIT EXTENTION” yang childnya nanti adalah ZIP,RAR,YOUTUBE dan lain-lain , yang bertulisan merah di bawah ini 1500k adalah setengah dari total bandwidth,silahkan sesuaikan dengan bandwidth anda:
Edit sebelum di Pastekan di “New Terminal” winbox
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=1500k name="D.LIMIT EXTENTION" packet-mark="" parent=\
"4.ALL DOWN" priority=4

    • Di bawah ini adalah queue tree “YOUTUBE” yang nantinya childnya adalah YOUTUBE STREAMING dan YOUTUBE DOWNLOAD :
Pastekan di “New Terminal” winbox
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=YOUTUBE packet-mark="" parent="D.LIMIT EXTENTION" \
priority=4

    • Di bawah ini adalah queue tree “PORN” yang nantinya childnya adalah PORN1, PORN2, PORN3, PORN4:
Pastekan di “New Terminal” winbox
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=PORN packet-mark="" parent="D.LIMIT EXTENTION" priority=\
4

    • Di bawah Ini adalah queue tree “GAME” yang nantinya childnya adalah GAME ONLINE dan GAME FACEBOOK , yang bertulisan merah di bawah silahkan disesuaikan dengan bandwidth anda:
Edit sebelum di Pastekan di “New Terminal” winbox
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=512k \
max-limit=3M name=3.GAME packet-mark="" parent=global-out priority=2

    • Di bawah ini adalah queue tree “BROWSING DOWNLOAD”:
Pastekan di “New Terminal” winbox
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=A.BROWSING packet-mark="wirelessrouterproxy.com HTTP D" \
parent="4.ALL DOWN" priority=3 queue=DOWN

    • Di bawah ini adalah queue tree “BROWSING UPLOAD” , yang bertulisan merah di bawah silahkan sesuaikan dengan bandwidth anda:
Edit sebelum di Pastekan di “New Terminal” winbox
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=300k name="2.BROWSING UPLOAD" packet-mark=\
"wirelessrouterproxy.com HTTP U" parent=global-out priority=2 queue=UP

    • Di bawah ini adalah queue tree LIMIT EXTENTION RAR,ZIP,YOUTUBE dan lain-lain:
Pastekan di “New Terminal” winbox
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name="YOUTUBE STREAMING" packet-mark="YOUTUBE STREAMING" \
parent=YOUTUBE priority=4 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=MKV packet-mark=MKV parent="D.LIMIT EXTENTION" priority=\
4 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=MP3 packet-mark=MP3 parent="D.LIMIT EXTENTION" priority=\
4 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=MP4 packet-mark=MP4 parent="D.LIMIT EXTENTION" priority=\
4 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=ZIP packet-mark=ZIP parent="D.LIMIT EXTENTION" priority=\
4 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=EXE packet-mark=EXE parent="D.LIMIT EXTENTION" priority=\
4 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=ISO packet-mark=ISO parent="D.LIMIT EXTENTION" priority=\
4 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=AVI packet-mark=AVI parent="D.LIMIT EXTENTION" priority=\
4 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=MOV packet-mark=MOV parent="D.LIMIT EXTENTION" priority=\
4 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=MPEG packet-mark=MPEG parent="D.LIMIT EXTENTION" \
priority=4 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=MPG packet-mark=MPG parent="D.LIMIT EXTENTION" priority=\
4 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=RAR packet-mark=RAR parent="D.LIMIT EXTENTION" priority=\
4 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=WAV packet-mark=WAV parent="D.LIMIT EXTENTION" priority=\
4 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=WMV packet-mark=WMV parent="D.LIMIT EXTENTION" priority=\
4 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=3GP packet-mark=3GP parent="D.LIMIT EXTENTION" priority=\
4 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=7z packet-mark=7z parent="D.LIMIT EXTENTION" priority=4 \
queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name="YOUTUBE DOWNLOAD" packet-mark="YOUTUBE DOWNLOAD" \
parent=YOUTUBE priority=4 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=PORN1 packet-mark=PORN1 parent=PORN priority=4 queue=\
DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=PORN2 packet-mark=PORN2 parent=PORN priority=4 queue=\
DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=PORN3 packet-mark=PORN3 parent=PORN priority=4 queue=\
DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=PORN4 packet-mark=PORN4 parent=PORN priority=4 queue=\
DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=FLV packet-mark=FLV parent="D.LIMIT EXTENTION" priority=\
4 queue=DOWN
    • Di bawah ini adalah queue tree “PROXY HIT” dengan limit 80M:
Pastekan di “New Terminal” winbox
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=80M \
max-limit=80M name="1.PROXY HIT" packet-mark=\
"wirelessrouterproxy.com SPH" parent=local priority=2 queue="PROXY DOWN"

    • Di bawah ini adalah queue tree “GAME ONLINE dan GAME FACEBOOK”:
Pastekan di “New Terminal” winbox
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name="A.GAME ONLINE" packet-mark="wirelessrouterproxy.com GO" \
parent=3.GAME priority=2 queue=DOWN
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name="B.GAME FACEBOOK" packet-mark=\
"wirelessrouterproxy.com GF" parent=3.GAME priority=2 queue=DOWN

    • Di bawah ini adalah queue tree HTTPS ,yg bertulisan merah di bawah ini silahkan sesuaikan dengan bandwidth anda (recomendasi 75% dari bandwidth) :
Edit sebelum di Pastekan di “New Terminal” winbox
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=2M name=C.HTTPS packet-mark="wirelessrouterproxy.com H" parent=\
"4.ALL DOWN" priority=2 queue=HTTPS

    • Di bawah ini adalah queue tree DLL,yang bertulisan merah di bawah silahkan sesuaikan dengan bandwidth anda (recomendasi 30% dari bandwidth):
Edit sebelum di Pastekan di “New Terminal” winbox
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=1M name=E.DLL packet-mark="wirelessrouterproxy.com DLL" parent=\
"4.ALL DOWN" priority=8 queue=DLL

    • Di bawah ini adalah queue tree ICMP dan DNS:
Pastekan di “New Terminal” winbox
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100M \
max-limit=100M name=4.ICMP packet-mark="wirelessrouterproxy.com I" \
parent=global-out priority=1 queue=PING
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100M \
max-limit=100M name=6.DNS packet-mark="wirelessrouterproxy.com D" parent=\
global-out priority=1 queue=PING
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100M \
max-limit=100M name=5.ICMP packet-mark="wirelessrouterproxy.com I" \
parent=public priority=1 queue=PING
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100M \
max-limit=100M name=7.DNS packet-mark="wirelessrouterproxy.com D" parent=\
public priority=1 queue=PING
hasilnya seperti gambar di bawah ini:
wirelessrouterproxy.com - Cara Setting Bypass Hit Squid,Mangle Game,Queue Tree,Browsing Terbaru di Mikrotik (Update-2012-08-04) 6
wirelessrouterproxy.com - Cara Setting Bypass Hit Squid,Mangle Game,Queue Tree,Browsing Terbaru di Mikrotik (Update-2012-08-04) 7

Catatan Penting:
  • Bgi yang mempunyai Mikrotik Routerboard CPU Frequency di bawah 600 Mhz seperti RB750,RB750G,RB,RB750UP,RB,Dll,CPU Frequency bisa di lihat di Winbox bagian “System” kemudian “Resources”
    • Harap Di edit Priority Queue Tree nya sebagai berikut ,Double Klik Point di bawah ini dan Edit Prioritynya:
      • 1.PROXY HIT : Priority : 1
      • 4.ALL HTTP DOWN : Priority : 8
      • A.BROWSING : Priority : 8
      • C.HTTPS: Priority : 8
      • D.LIMIT EXTENTION: Priority : 8
      • 3GP,7z,AVI,EXE,FLV,ISO,MKV,MOV,MP3,MP4,MPEG,MPG,PORN,PORN1,PORN2,PORN3,PORN4,RAR : Priority : 8
      • YOUTUBE,YOUTUBE DOWNLOAD,YOUTUBE STREAMING,ZIP : Priority : 8
      • E.DLL : Priority : 8
    • Tujuan..karna Processor kurang cepat jadi mesti di jauhkan priority dari PROXY HIT dengan yang lainnya..supaya terbaca Hit dahulu baru yang lain
    • dan jangan Lupa habis di setting restart Mikrotik anda
Selesai ..dan selamat mencoba…..

sumber : http://www.wirelessrouterproxy.com

Tidak ada komentar:

Poskan Komentar