Kasus ini ditanyakan ke saya oleh mas Ronny Susetyo aka ballacksave, admin (ngaku-nya newbie) stiki.ac.id via YM
Nah pertanyaan saya pada dasarx sama seperti dasep yaitu bgm client yg di bawah mikrotik
(dosen, sabarnet,hotspot) klo buka jaringan yg diatas mikrotik seperti webserver, mail dan webhosting (203.134.237.0/29) bisa nggak ke limit, tapi klo browsing ke internet tetep ke limit.
nb:
di mikrotikx saya pake /ip hotspot, untuk bagi2 bandwidthx……
mohon pencerahan…
Read more »
Tags: check, default, firewall, host, hotspot, interface, intranet, limit, mail, mikrotik, php, proxy, queue, rx, simple, stiki.ac.id, user, vi
Filed in Mikrotik | admin | February 6, 2008 10:25 am | 
Comments (27)
Diambil dari http://forum.mikrotik.com/viewtopic.php?t=12870
This is little how-to create manual burst using queue tree.
As it is bandwidth control using queue tree first we need to mangle traffic
first i mangle all connections, then i mark first 2Mbytes then i mark the rest of packets
/ip firewall mangle add chain=forward protocol=tcp \
action=mark-connection \
new-connection-mark=new_conn passthrough=yes \
comment="mark all new connections" disabled=no
/ip firewall mangle add chain=forward protocol=tcp \
connection-mark=new_conn \
connection-bytes=0-2000000 action=mark-packet \
new-packet-mark=new_packet passthrough=no \
comment="mark packets" disabled=no
/ip firewall mangle add chain=forward protocol=tcp \
connection-mark=new_conn action=mark-packet \
new-packet-mark=old_packets passthrough=no \
comment="marking old packets" disabled=no
Read more »
Tags: default, firewall, forward, ip mangle, limit, mangle, marking, mbits, mikrotik, pcq, php, queue, queue tree, tcp, time, TTL, user, vi
Filed in Mikrotik | admin | January 11, 2008 11:36 pm | Comments (0)
Diambil dari http://forum.mikrotik.com/viewtopic.php?t=11474
Hi, i created these 2 simple rules for firewall forward and this work very fine…… do not say it to anybody ;) :D
2 ;;; BLOCK SPAMMERS OR INFECTED USERS
chain=forward protocol=tcp dst-port=25 \
src-address-list=spammer action=drop
3 ;;; Detect and add-list SMTP virus or spammers
chain=forward protocol=tcp dst-port=25 connection-limit=30,32 \
limit=50,5 src-address-list=!spammer action=add-src-to-address-list \
address-list=spammer address-list-timeout=1d
When detect an infected user with a worm or doing spamming this rule add this user to a spammer list and block the SMTP outgoing for 1 day ;)
Regards!
Alessio
Tags: drop, firewall, forward, infected, limit, mikrotik, port, simple, smtp, spam, tcp, time, user, virus
Filed in Mikrotik | admin | 11:23 pm | Comments (1)
Diambil dari http://forum.mikrotik.com/viewtopic.php?f=9&t=20370
YOU WANT IT – YOU GOT IT ![icon cool Disconnecting the users with bad signal [2.9.X]](http://forum.mikrotik.com/images/smilies/icon_cool.gif "Cool")
Small manual:
Install – click system->scripts, click “+”, enter in the name whatevery you want (like signallimiter), click ok, done!
![6z42kbr Disconnecting the users with bad signal [2.9.X]](http://network.web.id/wp-content/uploads/2008/01/6z42kbr.jpg "Disconnecting the users with bad signal [2.9.X]")
Read more »
Tags: check, icon, interface, lease, limit, mikrotik, network, php, signal, time, user, vi
Filed in Mikrotik | admin | January 8, 2008 12:12 pm | Comments Off
Sesuai dengan judul diatas,
inti dari kasus ini adalah penyedia jasa tidak ingin BW yang diberikan kepada user di sharing lagi mempergunakan nat-router.
Ilmu baru buat saya, dengan memberikan TTL=1 ?, mmmm aneh sekali.
Read more »
Tags: firewall, forward, host, icmp, linux, live, mail, mangle, mikrotik, php, router, time, TTL, user, vi, Zero
Filed in Mikrotik | admin | 11:22 am | Comments Off
Diambil dari http://forum.mikrotik.com/viewtopic.php?f=9&t=20420
:local sum; :local traf;
:set sum 0
/ip firewall rule forward {
:foreach i in [find] do={:incr sum}
:for i from=1 to=$sum do={
:set traf [get [find comment=("user" . $i)]
bytes]
:set traf ($traf/1073741824)
:if ($traf>1) do={:log facility=System-Info \
message=("user" . $i ." exceeded 1Gb limit!")}
}
}
