Selasa, 30 Juli 2013

CARA SETTING SUPAYA ACCESS FTP LOCAL TIDAK TERBACA PADA BROWSER ANDA JIKA ANDA MENGGUNAKAN IP WEB PROXY DAN FTP TIDAK MEMINTA ACCESS LINK ADDRESS UNTUK DIAL KE PROXY SERVER

Jika anda pengguna atau client dari web proxy dan mempunyai permasalahan ketika meng access FTP local dan menemukan Error :

ERROR

The requested URL could not be retrieved



Seperti pada gambar di bawah :



Cara Penyelesaiannya sangat simple, supaya FTP tidak membaca Dial ke Proxy Server.
Langkah-langkah untuk settingnya berikut :
cekidot.. dot cek it... cekit cekit.. crotttt muncrat :

1. Buka Program IE (Internet Explorer / Browser yang biasa anda gunakan) seperti pada contoh saya menggunakan IE browser Default dari windows dengan menekan double click ICON IE :

2. Klick "Tools" kemudian pilih "Internet Options" seperti pada gambar di bawah ini :

3. Setelah muncul Form "Internet options" kemudian pilih tombol atau Tab Menu "Connections" seperti pada gambar di bawah :

4. Pilih / click tombol "LAN Settings"


5. Kemudian tekan Tombol "Advanced"

6. Hilangkan cek list "use the same proxy server for all protocol" dan hilangkan IP Address beserta port proxy servernya kemudian tekan tombol "OK" jika sudah selesai, detail seperti pada gambar di bawah :

Selesai sudah configurasi setting pada browsernya.
Silahkan di coba kembali untuk mengaccess FTP Local anda menggunakan Browser.
Dan hasilnya pasti bisa.....
Bisa..
Bisa..
Dan...
Bisa..
Hati-hati kena Bisa..

Sekian.
Semoga artikel ini menambah pengetahuan dan berguna bagi kita.



Salam.
Merah Putih Segoroasat.
Thanks

Selasa, 23 Juli 2013

MENGHILANGKAN SSID "wifi.id" & "grovia" PADA MODEM SPEEDY TP-LINK TD W8151N

Beberapa hari ini agak pusing mikirin SSID yang bejibun bawaan Modem TP-LINK TD W8151N Wireless bawaan dari Speedy, Sebenarnya kagak masalah sih...., sebab telkom sendiri punya program sejuta wifi dengan tujuan seluruh negeri terhubung internet, namun keberadaan SSID wifi.id & grovia akan bermasalah manakala ada klient yang konek numpang di modem kita.

Secara finansial maupun speed internet tidak berpengaruh, namun jika klient wifi.id yang numpang di modem kita cukup banyak maka akan membuat modem kita jadi panas yang pada akhirnya bisa membuat kerja modem kita tidak optimal lagi 

Untuk console bisa menggunakan Command Prompt/CMD pada Windows
Atau menggunakan software putty

Ok..! langsung saja caranya seperti berikut :

1. Buka Program Command Prompt/CMD pada Windows / putty

2. Telnet IP TP-Link misal 192.168.1.1

3. Masukan Password TP-Link

4. Berikut tampilan sudah login masuk di TP-Link

5. Kemudian Ketikan "rtwlan setbssidnum 1" kemudian enter dan TP-Link akan reboot otomatis.




Taraaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa....!!!
Dan lihat hasilnya, sekarang "SSID wifi.id & grovia" sudah tidak ada lagi.

Sekian.
Semoga bermanfaat dan menambah pengetahuan kita.



Salam
Merah Putih Segoroasat
Thanks

Senin, 22 Juli 2013

CARA INSTALL UBUNTU SERVER 10.10 ATAU 10.04 UNTUK PROXY

Siapkan CD Linux Ubuntu 10.10 atau 10.04 untuk Intel atau untuk AMD
Jika mau pakai flashdisk lebih baik bootable-nya pakai universal usb installer atau pakai LiLi.
Contoh tutorial di bawah adalah untuk harddisk 80GB.

OKE, kita langsung saja pada tahap install:
1. Pilih language english
2. Pilih install ubuntu server
3. Choose langguage english
4. United states
5. "No" pada detect keyboard layout?
6. Pilih USA pada ubuntu installer main menu
7. Pilih USA pada keyboard layout
8. Continue pada configure the network
9. Configure network manually (isi misalnya: 192.168.7.2)
10. Netmask 255.255.255.0
11. Gateway 192.168.7.1
12. DNS name server addresses 192.168.7.1 203.130.193.74 8.8.8.8
13. Hotsname : myproxy
14. Domain name: kosongkan
15. Configure the clok pilih select from worldwide, pilih Jakarta
16. Menu partition disk pilih manual
17. Hapus dulu partisi yang lama
18. Guided partitioning-->manual
19. Create new partition pada free space
Ketik 1gb-->Primary-->Begining->use as = Ext4--> Mount point = /boot-> Mount options = noatime-->Bootable flag = on (jika tidak berubah menjadi on biarkan saja-->Done setting up the partition.
20. Create new partition lagi pada free space
ketik 17gb-->Logical-->Begining-->use as = Ext4-->Mount point = / -->Mount options = noatime-->Done setting up the partition
21. Pilih Create new partition lagi pada free space
ketik 2gb (2x ukuran ram di PC)-->Logcal-->Begining-->use as = swap area-->Done setting up the partition
22. Pilih Create new partition pada free space
ketik 5gb-->Logical-->Begining-->use as = Ext4-->Mount point = /var -->Mount options = noatime-->Done setting up the partition
23. Pilih Create new partition pada free space
ketik 5gb-->Logical-->Begining-->use as = Ext4-->Mount point = /usr -->Mount options = noatime-->Done setting up the partition
24. Pilih Create new partition pada free space

ketik 50gb-->Logical-->Begining-->use as = reseiferFS (intel) btrfs (AMD)-->Mount point = /cache -->Mount options = noatime dan no tail-->Done setting up the partition
25. Pilih Create new partition pada free space (sisanya)

ketik 5gb-->Logical-->Begining-->use as = Ext4-->Mount point = /home -->Mount options = noatime-->Done setting up the partition
26. Finis partitioning and write changes to disk, write the changes to disk, pilih yes
27. pada full name for the new user isi  myproxy, continue
28. pada Username for your account isi  myproxy, continue
29. pada a password for the new user isi 12345, continue
30. pada re-enter password to verify isi 12345, continue
31. pada use weak password pilih yes
32. pada encrypt your home directory pilih no
33. pada HTTP proxy information biarkan kosong, enter saja
34. pada configurasi apt 43% bila berhenti tekan enter, pada bila berhenti 81% tekan enter dan pilih no automatic update
35. pada choose software to install pilih OpenSSH server pilih continus pd finis the installation and
restart akan dimulai

SELESAI SUDAH.
Instalasi Ubuntu server untuk proxy server dengan Harddisk 80GB

Source :
http://bandungjarkom.blogspot.com


Sekian.
Semoga bermanfaat dan menambah pengetahuan kita.



Salam 
Merah putih segoroasat
Thanks

Cara Install Squid Proxy Server Pada Ubuntu Server 10.10 dan 10.04

Saya anggap anda sudah paham cara install ubuntu server 10.10 atau 10.04.



Berikut konfigurasi partisi harddisk di ubuntu server dengan ukuran HDD 80GB:
1. /boot -----> 1Gb ext4 Boot Flag on
2. / ------> 3Gb ext4
3. /usr -----> 5Gb ext4
4. /var -----> 5Gb ext4
5. swap -----> 2Gb (2 x RAM di PC)
6. /cache -----> 50Gb ReiserFS (intel) atau BTRFS (AMD)
7. /home ------> sisanya jika ada

Langka-langkah:
1. Login ubuntu dengan putty
2. Jika belum membuat user root, ketik "sudo su", masukkan password ubuntu kamu, kemudian ketik "passwd" dan isikan password baru untuk root.
3. Silahkan copas sintak di bawah melalui putty:
sudo apt-get update
sudo apt-get install squid
sudo apt-get install squid squidclient squid-cgi
sudo apt-get install ccze
4. Stop squid-nya dengan perintah:
"squid stop" atau "/etc/init.d/squid stop" atau "service squid stop" jika tidak mau restart dulu PC-nya.
5. Edit squid.conf memakai winscp atau dengan perintah:
nano /etc/squid/squid.conf
Kemudian Copy-Paste isi squid.conf di bawah ini (sebelumnya backup dulu squid.conf yang asli:

# Port
http_port 3128 transparent
icp_port 3130
prefer_direct off

server_http11 on

# Cache

cache_mem 8 MB
cache_swap_low 98
cache_swap_high 99
max_filedesc 8192
maximum_object_size 128 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 128 KB

ipcache_size 10240
ipcache_low 98
ipcache_high 99
fqdncache_size 4096
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF

cache_dir aufs /cache 30000 16 256 # untuk partisi /cache 50GB

cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
pid_filename /var/run/squid.pid
cache_swap_log /var/log/squid/swap.state
dns_nameservers /etc/resolv.conf
emulate_httpd_log off
hosts_file /etc/hosts
half_closed_clients off
negative_ttl 1 minutes

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 873 # https snews rsync
acl Safe_ports port 80 # http
acl Safe_ports port 20 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 631 # cups
acl Safe_ports port 10000 # webmin
acl Safe_ports port 901 # SWAT
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 873 # rsync
acl Safe_ports port 110 # POP3
acl Safe_ports port 25 # SMTP
acl Safe_ports port 2095 2096 # webmail from cpanel
acl Safe_ports port 2082 2083 # cpanel

acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports !Safe_ports

# pictures & images
refresh_pattern -i \.(gif|png|jpeg|jpg|bmp|tif|tiff|ico)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth ignore-private
refresh_pattern -i \.(xml|html|htm|js|txt|css|php)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth

#sound & video
refresh_pattern -i \.(flv|x-flv|mov|avi|qt|mpg|mpeg|swf)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache
refresh_pattern -i \.(wav|mp3|mp4|au|mid)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth ignore-private

# files
refresh_pattern -i \.(iso|deb|rpm|zip|tar|tgz|ram|rar|bin|ppt|doc)$ 10080 90% 43200 ignore-no-cache ignore-auth
refresh_pattern -i \.(zip|gz|arj|lha|lzh)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth
refresh_pattern -i \.(rar|tgz|tar|exe|bin)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth
refresh_pattern -i \.(hqx|pdf|rtf|doc|swf)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth
refresh_pattern -i \.(inc|cab|ad|txt|dll)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth

# -- refresh pattern for specific sites -- #
refresh_pattern ^http://*.jobstreet.com.*/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache
refresh_pattern ^http://*.indowebster.com.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth
refresh_pattern ^http://*.21cineplex.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth
refresh_pattern ^http://*.atmajaya.*/.* 720 100% 10080 override-expire ignore-no-cache ignore-auth
refresh_pattern ^http://*.kompas.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.theinquirer.*/.* 720 100% 10080 override-expire ignore-no-cache ignore-auth
refresh_pattern ^http://*.blogspot.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.wordpress.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache
refresh_pattern ^http://*.photobucket.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.tinypic.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.imageshack.us/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.kaskus.*/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://www.kaskus.com/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.detik.*/.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.detiknews.*/*.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://video.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://static.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.friendster.com/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache ignore-auth
refresh_pattern ^http://*.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://apps.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://profile.ak.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://static.playspoon.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://cooking.game.playspoon.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern -i http://[^a-z\.]*onemanga\.com/? 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://media?.onemanga.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.yahoo.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.google.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.forummikrotik.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.linux.or.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth

#default option
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320

# ALLOWED ACCESS
acl localnet src 192.168.1.0/24 #IP lokal kamu
http_access allow localnet
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow localnet
icp_access allow localhost
icp_access deny all
always_direct deny all


cache_mgr admin@telkom.net.id
visible_hostname inilah-proxy-ku
cache_effective_user proxy
cache_effective_group proxy
coredump_dir /var/spool/squid
shutdown_lifetime 10 seconds
logfile_rotate 14

#-----------------------------------------------------------------#
#tcp_outgoing_tos 0x30 localnet
#-----------------------------------------------------------------#

zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136
 Kode di atas lebih baik copy dulu ke notepad.

6. Stop lagi squid-nya dengan perintah:
"squid stop" atau "/etc/init.d/squid stop" atau "service squid stop" jika tidak mau restart dulu PC-nya.
7. Memberikan permission, ketik pada putty:
chown -R proxy.proxy /cache
chown proxy.proxy /var/log/squid/access.log 
8. Membuat swap, ketik pada putty:
squid -f /etc/squid/squid.conf -z
atau
squid -z
 9. Restart squid-nya:
"squid restart" atau "service squid restart" atau "/etc/init.d/squid restart", jika tidak bisa restart PC-nya.
10. Buka www.whatismyip.com, jika berhasil akan tertera keterangan IP public dengan proxy detected squid 2.7 stable.

Semoga anda bisa dan berhasil. Selamat mencoba. 

Source :
http://bandungjarkom.blogspot.com


Sekian.
Semoga bermanfaat dan menambah pengetahuan kita.



Salam
Merah Putih Segoroasat
Thanks

MANAGEMENT BANDWIDTH QUEUE TREE MIKROTIK UNTUK WARNET (GAME, BROWSING, UPLOAD) & LIMIT FILE EXTENSI LAYER 7 MIKROTIK

Pada tutor kali ini saya coba uraikan settingan mikrotik untuk game online dicampur dengan kepentingan browsing (ngenet) agar berjalan serasi dan seimbang.
Note: 
  • Script di bawah hanya berjalan pada mikrotik versi 3.30 ke atas.
  • Bandwidth yang diimplementasikan 1Mbps/256Kbps (SPEEDY)

Langsung ke TKP..!!!

Code:

/interface
set 0 name=speedy ----------->(public)
set 1 name=lan ----------------> (local)

/ip address
add address=192.168.0.2/30 interface=speedy
add address=192.168.1.1/24 interface=lan

/ip route
add gateway=192.168.0.1 -------->(alamat modem ADSL)

/ip dns
set primary-dns=222.124.204.34
set secondary-dns=202.134.0.155
set allow-remote-requests=yes

/ip fi nat
add chain=srcnat action=masquerade out-interface=speedy


INI ROUTING UNTUK GAME ONLINE:

/ip firewall mangle \
add action=mark-connection chain=prerouting \
comment="GAME ONLINE" dst-port=\
"1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6001,6000-6152,7777" \
new-connection-mark="zar-goc" passthrough=yes protocol=tcp

/ip firewall mangle \
add action=mark-connection chain=prerouting \
disabled=no dst-port="7341-7350,7451,8085,9600,9601-9602,9300,9400,9700,93\
76-9377,10001-10011,40000" \
new-connection-mark="zar-goc" passthrough=yes protocol=tcp

/ip firewall mangle \
add action=mark-connection chain=prerouting \
dst-port="10009,13008,16666,28012,11011-11041,10402,11031,12011,12110,13413,15000-15002,15001,15002" \
new-connection-mark="zar-goc" \
passthrough=yes protocol=tcp

/ip firewall mangle \
add action=mark-connection chain=prerouting \
disabled=no dst-port="16402-16502,18901-18909,19000,19101,22100,27780,29000,29200,39100,39110,39220,39190,49100" \
new-connection-mark="zar-goc" passthrough=yes protocol=tcp

/ip firewall mangle \
add action=mark-connection chain=prerouting \
dst-port=14009-14010 new-connection-mark="zar-goc" \
passthrough=yes protocol=tcp

/ip firewall mangle \
add action=mark-connection chain=prerouting \
dst-port="1293,1479,6100-6152,7777-7977,9401,9600-9602,12020-12080,30000,40000-40010" \
new-connection-mark="zar-goc" passthrough=yes protocol=udp

/ip firewall mangle \
add action=mark-connection chain=prerouting \
dst-port=42051-42052,11100-11125,11440-11460 \
new-connection-mark="zar-goc" passthrough=yes protocol=udp

/ip firewall mangle \
add action=mark-connection chain=prerouting \
dst-port=14009-14010 new-connection-mark="zar-goc" \
passthrough=yes protocol=udp



GAME DIBUAT PREROUTING AGAR TIDAK BERLIKU DI TUBUH ROUTER

/ip firewall mangle \
add action=mark-packet chain=prerouting \
connection-mark="zar-goc"  \
new-packet-mark="zar-gopd" passthrough=no



INI ROUTING UNTUK GAME FACEBOOK

/ip firewall mangle \
add action=mark-connection chain=prerouting \
comment="GAME FACEBOOK" dst-port=843,9339 \
new-connection-mark="zar-gfc" passthrough=yes \
protocol=tcp

/ip firewall mangle \
add action=mark-packet chain=forward \
connection-mark="zar-gfc" disabled=no \
dst-address=192.168.1.0/24 new-packet-mark="zar-gfpd" \
passthrough=no

/ip firewall mangle \
add action=mark-packet chain=forward \
connection-mark="zar-gfc" new-packet-mark="zar-gfpu"\
passthrough=no src-address=192.168.1.0/24




INI PCQ UNTUK SPEED BAGI RATA

/queue type \

add kind=pcq name=DOWN \
pcq-classifier=dst-address,dst-port

/queue type \
add kind=pcq name=UP \
pcq-classifier=src-address,src-port




INI QUEUE UNTUK GAME ONLINE

/queue tree \
add name="2.GAME DOWN" \
parent=global-out priority=2


/queue tree \
add name="3.GAME UPLOAD" \
parent=speedy priority=2


/queue tree \
add name="1.GAME ONLINE DOWN" \
packet-mark="zar-gopd" \
parent="2.GAME DOWN" priority=2 queue=DOWN


/queue tree \
add max-limit=256000 \
name="2.GAME FACEBOOK DOWN" \
packet-mark="zar-gfpd" \
parent="2.GAME DOWN" priority=3 queue=DOWN


/queue tree \
add name="1.GAME ONLINE UPLOAD" \
packet-mark="zar-gopd" \
parent="3.GAME UPLOAD" priority=2 queue=UP


/queue tree \
add limit-at=0 max-limit=128000 \
name="2.GAME FACEBOOK UPLOAD" \
packet-mark="zar-gfpu" \
parent="3.GAME UPLOAD" priority=3 queue=UP




INI UNTUK LIMIT FILE EXTENSI, SEPERTI .EXE .RAR .YOUTUBE, DLL

/ip firewall layer7-protocol
add name="YOUTUBE DOWNLOAD" \
regexp="http/(0\\.9|1\\.0|1\\.1) \
[\\x09-\\x0d ][1-5][0-9][0-9] \
[\\x09-\\x0d -~]*(content-type: video)"
add name=EXE regexp="\\.(exe)"
add name=RAR regexp="\\.(rar)"
add name=ZIP regexp="\\.(zip)"
add name=7z regexp="\\.(7z)"
add name=WMV regexp="\\.(wmv)"
add name=MPG regexp="\\.(mpg)"
add name=MPEG regexp="\\.(mpeg)"
add name=AVI regexp="\\.(avi)"
add name=FLV regexp="\\.(flv)"
add name=WAV regexp="\\.(wav)"
add name=MP3 regexp="\\.(mp3)"
add name=MP4 regexp="\\.(mp4)"
add name=ISO regexp="\\.(iso)"
add name=3GP regexp="\\.(3gp)"
add name=MOV regexp="\\.(mov)"
add name=MKV regexp="\\.(mkv)"
add name="YOUTUBE STREAMING" regexp=youtube
add name=PORN regexp=porn
add name=TUBE regexp=tube
add name=VIDEO regexp=video
add name=MOVIE regexp=movie



INI ROUTING UNTUK EXTENSI

/ip firewall mangle
add action=mark-packet chain=forward \
comment="LIMIT EXTENTION" disabled=no \
layer7-protocol="YOUTUBE DOWNLOAD" \
new-packet-mark="YOUTUBE DOWNLOAD" \
passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol="YOUTUBE STREAMING" \
new-packet-mark="YOUTUBE STREAMING" \
passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=TUBE \
new-packet-mark=PORN1 passthrough=no
add action=mark-packet chain=forward disabled=no \
layer7-protocol=PORN \
new-packet-mark=PORN2 passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=VIDEO \
new-packet-mark=PORN3 passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MOVIE \
new-packet-mark=PORN4 passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MKV \
new-packet-mark=MKV passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MP3 \
new-packet-mark=MP3 passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MP4 \
new-packet-mark=MP4 passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=ZIP \
new-packet-mark=ZIP passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=EXE \
new-packet-mark=EXE passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=FLV \
new-packet-mark=FLV passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=ISO \
new-packet-mark=ISO passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MOV \
new-packet-mark=MOV passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MPEG \
new-packet-mark=MPEG passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MPG \
new-packet-mark=MPG passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=RAR \
new-packet-mark=RAR passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=WAV \
new-packet-mark=WAV passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=WMV \
new-packet-mark=WMV passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=ISO \
new-packet-mark=3GP passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=7z \
new-packet-mark=7z passthrough=no



INI ROUTING UNTUK BROWSING (DOWNLOAD/UPLOAD)

/ip firewall mangle \
add action=mark-connection chain=prerouting \
comment=HTTP  dst-port=21,80 \
new-connection-mark="browsing-con" passthrough=yes protocol=tcp

/ip firewall mangle \
add action=mark-packet chain=forward \
connection-mark="browsing-con" disabled=no \
dst-address=192.168.1.0/24 \
new-packet-mark="download" passthrough=no

/ip firewall mangle \
add action=mark-packet chain=forward \
connection-mark="browsing-con" disabled=no \
new-packet-mark="upload" \
passthrough=no src-address=192.168.1.0/24

INI QUEUE UNTUK KEGIATAN  BROWSING-DOWNLOAD-UPLOAD

/queue tree \
add max-limit=128000 \
name="UPLOAD-BROWSING" \
packet-mark="upload" parent=speedy \
priority=4 queue=UP

/queue tree \
add max-limit=750000 \
name="1.2 HTTP-DOWN" \
parent=global-out priority=2

/queue tree \
add max-limit=750000 \
name="1.3 BROWSING DOWN" \
packet-mark="download" \
parent="1.2 HTTP-DOWN" \
priority=4 queue=DOWN

/queue tree \
add max-limit=512000 \
name="1.4 LIMIT EXTENTION" \
parent="1.2 HTTP-DOWN" priority=5

/queue tree
add name=YOUTUBE \
parent="1.4 LIMIT EXTENTION" priority=5
add name="YOUTUBE STREAMING" \
packet-mark="YOUTUBE STREAMING" \
parent=YOUTUBE priority=5 queue=DOWN
add name=MKV packet-mark=MKV \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=MP3 packet-mark=MP3 \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=MP4 packet-mark=MP4 \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=ZIP packet-mark=ZIP \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=EXE packet-mark=EXE \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=ISO packet-mark=ISO \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=AVI packet-mark=AVI \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=MOV packet-mark=MOV \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=MPEG packet-mark=MPEG \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=MPG packet-mark=MPG \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=RAR packet-mark=RAR \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=WAV packet-mark=WAV \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=WMV packet-mark=WMV \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=3GP packet-mark=3GP \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=7z packet-mark=7z \
parent="1.4 LIMIT EXTENTION" priority=5 \
queue=DOWN
add name="YOUTUBE DOWNLOAD" \
packet-mark="YOUTUBE DOWNLOAD" \
parent=YOUTUBE priority=5 queue=DOWN
add name=PORN \
parent="1.4 LIMIT EXTENTION" priority=5
add name=PORN1 \
packet-mark=PORN1 parent=PORN \
priority=5 queue=DOWN
add name=PORN2 packet-mark=PORN2 \
parent=PORN priority=5 queue=DOWN
add name=PORN3 packet-mark=PORN3 \
parent=PORN priority=5 queue=DOWN
add name="MIVO TV" \
packet-mark="MIVO TV" parent=\
"1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=PORN4 packet-mark=PORN4 \
parent=PORN priority=5 queue=DOWN

Kesimpulan:
1. Game online dirouting langsung ke alamat port game online dan menggunakan bandwith maksimal (unlimited) karena tidak terlalu memakan bandwith sekalipun game PB hanya butuh koneksi dengan trafic yang mulus.
2. Browsing dirouting pada port 80 dan 21 dan diberikan bandwith maksimal 750Kbps untuk download dan   128Kbps untuk upload dan tidak boleh melebihi dari itu atau game online akan nge-lag.
3. Limit Extensi dirouting berdasarkan layer 7 protocol dan diberikan maksimal bandwidth 512Kbps dan tidak boleh lebih dari itu atau browsing dan game online akan terganggu.


CATATAN PENTING :
  • Tutorial di atas untuk 10 PC saja dengan Bandwidthnya 1Mbps,.
  • Jika PC lebih dari 10 dan BW tetap 1 MBPS, maka pada queue tree download menjadi 512Kbps dan limit extensi menjadi 256Kbps.
  • Jika mempunyai BW 2Mbps ke atas, silahkan 2x lipatkan saja pada queue tree-nya atau gunakan logika anda sendiri.

Source : 
http://bandungjarkom.blogspot.com


Sekian.
Semoga menambah pengetahuan dan bermanfaat.


Salam 
MerahPutihSegoroasat
Thanks