1. instal pake cd mikrotik
a. boot dg cd mikrotik
b. setelah bisa boot pake iso linux, pilih beberapa paket yang dibutuhkan. (kalo bingung centang aja semua)
c ikuti aja langkahnya tekan (Yes) (Yes)
setelah restart, login : admin pass : (kosong)
trus copy paste aja tulisan berikut ;
DASAR_______________
system identity set name=warnet.beenet
user set admin password=sukasukalu
ethernet____________________
interface ethernet enable ether1
interface ethernet enable ether2
interface Ethernet set ether1 name=intranet
interface Ethernet set ether2 name=internet
IP ADDRESS_______________
ip address add interface=internet address=XXXXX (dari ISP)
ip address add interface=intranet address=192.168.0.1/24
route_______________
ip route add gateway=XXXXX (dari ISP)
dns___________
ip dns set primary-dns=XXXXX (dari ISP) 2 secondary-dns=XXXXX (dari ISP)
nat & filter firewall standar_______________
ip firewall nat add action=masquerade chain=srcnat
ip firewall filter add chain=input connection-state=invalid action=drop
ip firewall filter add chain=input protocol=udp action=accept
ip firewall filter add chain=input protocol=icmp action=accept
ip firewall filter add chain=input in-interface=LAN action=accept
ip firewall filter add chain=input in-interface=INTERNET action=accept
dhcp server______________________________________
ip dhcp-server setup
dhcp server interface: intranet
dhcp address space: 192.168.0.0/24
gateway for dhcp network: 192.168.0.1
addresses to give out: 192.168.0.2-192.168.0.254
dns servers: XXXXX (dari ISP),XXXXX (dari ISP)
lease time: 3d
web proxy_________________________
ip web-proxy
set enabled=yes
set src-address=0.0.0.0
set port=8080
set hostname=”proxy-apaaja”
set transparent-proxy=yes
set parent-proxy=0.0.0.0:0
set cache-administrator=”silahkan.pannggil.operator”
set max-object-size=4096KiB
set cache-drive=system
set max-cache-size=unlimited
set max-ram-cache-size=unlimited
bikinredirect port ke transparant proxy__________________________
/ip firewall nat add chain=dstnat protocol=tcp dst-port=80 action=redirect to-ports=8080
/ip firewall nat add chain=dstnat protocol=tcp dst-port=3128 action=redirect to-ports=8080
/ip firewall nat add chain=dstnat protocol=tcp dst-port=8080 action=redirect to-ports=8080
PCQ ________________________
/ip firewall mangle add chain=forward src-address=192.168.169.0/28
action=mark-connection new-connection-mark=client1-cm
/ip firewall mangle add connection-mark=client1-cm action=mark-packet
new-packet-mark=client1-pm chain=forward
/queue type add name=downsteam-pcq kind=pcq pcq-classifier=dst-address
/queue type add name=upstream-pcq kind=pcq pcq-classifier=src-address
/queue tree add parent=intranet queue=downsteam-pcq packet-mark=client1-pm
/queue tree add parent=internet queue=upstream-pcq packet-mark=client1-pm
simpel queue______________________________
queue simple add name=kbu-01 target-addresses=192.168.0.11
queue simple add name=kbu-02 target-addresses=192.168.0.12
queue simple add name=kbu-03 target-addresses=192.168.0.13
queue simple add name=kbu-04 target-addresses=192.168.0.14
queue simple add name=kbu-05 target-addresses=192.168.0.15
queue simple add name=kbu-06 target-addresses=192.168.0.16
queue simple add name=kbu-07 target-addresses=192.168.0.17
queue simple add name=kbu-08 target-addresses=192.168.0.18
queue simple add name=kbu-09 target-addresses=192.168.0.19
queue simple add name=kbu-10 target-addresses=192.168.0.20
queue simple add name=xbilling target-addresses=192.168.0.2
BLOX SPAM____________________________
/ip firewall filter add chain=forward dst-port=135-139 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=135-139 protocol=udp action=drop
/ip firewall filter add chain=forward dst-port=445 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=445 protocol=udp action=drop
/ip firewall filter add chain=forward dst-port=593 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=4444 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=5554 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=9996 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=995-999 protocol=udp action=drop
/ip firewall filter add chain=forward dst-port=53 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=55 protocol=tcp action=drop
Copyright 2010 BROTHER DOT COM
Theme designed by Bima Firewall
Blogger Templates by Blogger Template Place | supported by Bima
0 comments:
Post a Comment