Jumat, 30 Desember 2011
firewall filter dgn sejuta rule .... Preetttttt ....
kembali kita membahas konsep minimalis ala paidjo ......
kali ini paidjo akan mengulas filter ... manfaat dan mudarat-e koyo ngopo ......
menurut pemikiran ndeso paidjo ... filter adalah saringan ... ayak-an ... namun lbh dalam lagi jika di dalam sebuah sistem .... mengandung arti semacam memilah2 sesuai kategori .....
jadi ibarat ayakan gt : lubangnya yg banyak itu nutup-e sebagian2 , mblenjat2 tidak ada aturan pakem (sesuai karep-e admin) ....
coro bahasa kenthir-e lbh apik maneh ...:
mungkin ngene .... ibarat pintu masuk sebuah acara tertutup .... pengunjung sing nyata2 membawa karcis tadi masih di tanyai lagi oleh banyak petugas sing jejer2 akuuuuweh sing pertanyaan-e bedo2 .... : petugas1= lanang opo wedok ? (lek lanang terus lek wedok menggok kene) .... petugas2=wis duwe ktp opo drng? (lek uwis terus lek durung mengok kene) .... petugas3=wis mangan opo drng? (lek uwis terus lek drng menggok kene) .... petugas4=pakek lauk opo gak mangan-e? (lek pakek terus lek enggak menggok kene) ... petugas5=lawuh endog opo krupuk? (lek endok terus lek krupuk menggok kene) ... petugas6=krupuk-e goreng dewe opo tuku? (lek goreng dewe terus lek tuku menggok kene) ... dst ....
naahhh .... tuuhh ..... jibeg po gak .... untuk biso liwat pintu masuk ape ndelok orkes ndangdut wae sing njogo sakmunu keh-e gek angger petugas nakon-i .... trs kapan tekan enggon .... opo gak selak buyar orkes-e .... hahahahahhahaahh ....... kapok kowe ....
menurut paidjo ... tindakan ngunu kwi konyol .... "gak penting banget gitchu looohh" .....
nyrimpet2-i lakon ... athek sing neng alamat tujuan kono selak gak kanten ngenteni si "anu" maeng ndang tekan enggon-e dhek-e (alamat tujuan) ....
mosok paket rupo barisan bayi2 wae di takoni sing dhek-e lho drng karuan ngerti kudu jawab opo .....hahahhahah ....
umpamane paket2 maeng rupo wong dewasa .... misal-e selah urgen (perawat) ... mosok dadak di takoni : wis mangan durung?... numpak becak opo ngonthel? ... wis adus durung? ... sangu gak? .... pemehan-e ngomah wis di entasi po drng? .... wkakakakakkak
umpomo sing ape di rawat kwi presiden sekalipun kan g sampek di takoni ngunu .... nyapo akeh2 pertanyaan sing gak penting .... heeeee ???? !!!!! .....
ntuuuuuuhhhh .... menurut ngaji-ne paidjo neng madrasah biyen .... gusti alloh ki gak seneng hal sing berlebih2-an .... heheheheh ..... wis koyo ustadek opo drng aku .... xixixixixixiix
artinya ...... ora eneng ... lhawong paidjo mung omong klobot ... heehehheh ...
sing genah menurut pemikiran ndeso ngene .... hal2 sing sekirane mubadir kwi nyangopo di lakoni ...
trs indikasi-ne mubadir opo gak piye ?????
mubadir kwi jika wis di pasang pirang2 dino pancet nihil .... (0)
tekan kene wis jelas ....
ollleehhh ... masang fi sak thekruk .... nanging ojo sing sia2 di pasang ..... nggarahi mumet .... xixixixi
dadi filter ruler sing akeh kwi dudu di ge pamer2-an .... peh sing akeh kwi dikiro seting yg juosh ..... "taeeekkkk !!!!???? ..."
kembali ke konsep painah .... seting sing juosh kwi adalah seting sing sesuai dgn keadaan setempat .....
embuh kwi ndeso opo kutho .... montor setingan kutho di ge neng deso gunung (panggul) iso numplek neng jurang .... wekekekekekek .... mergo gak pas ambek medan-e ....
begitu juga sebalik-e ..... wis tha laaahhh ..... kecap oleh no1 ... tapi selera ttp masing2 ....
kebetulan neng ndeso pertanyaan bangsane kowe wis duwe bojo po drng , perawan po rondho , rondo ditinggal mati opo pegatan , wis tau di hehe opo drng dsb kuwi rodo prifasi ..... wuuiiihh ... paidjo ngerti prifasi barang .... wakakakakakak .... dadi yo rodo saru ape nakok-ne ....
dadi alangkah baik-e sing saru , mubadir , gak tept sasaran kwi maeng di disabel wae .... ngisin2-i .... ketok-e njaring tapi kok gak oleh iwak blasssss ...... hehehehehhe
sedangkan sing jaring-e oleh iwak ketika dipasang sekian hari ..... gpp ttp di pasang .....
arti-ne memang jaring kwi di butuh-ne ..... setuju gak dab ??????? ....
piss bro .... semoga bermanfaat
Kamis, 29 Desember 2011
Kenapa enggak DNS lokal saja .... ????
kali ini paidjo sing ndeso mo setengah memaksakan ide-nya .... entah ini benar opo salah harap maklum ... paidjo gak mangan sekolahan ..... hehehheh
ketika paidjo mengamati "iptraf" .... milik si ijo (clear-os) ....
paidjo jd berfikir begini :....
kenapa trafik publik jd di penuhi sirkulasi data yg sekedar saur-manuk dari klien menuju DNS telkom ... ini kan makan bandwit ..!!!!!????
mosok b/w kita yg kecil ini cuman di pakek untuk bertanya : ip-nya kasukus berapa .... ip-nya detik berapa ... ipnya tabloidnova brp .... memang-e gak ono sing lebih penting lagi tho .... ????? ...
coro audio-ne ngunu "berisik ... !!!!! ..." ..... ngebek2-i dalan wae .... ngunu kok di-perboleh-kan ber-sliwer-an ....
coba bayangkan sejenak ... andaikata semua pertanyaan yg kurang bermutu (maaf rd sengak) .... hanya sekedar menanyakan ip konfirmasi tsb dilarang lewat di publik / dilarang mengulang ... : ketika sebuah req domain-name pernah di tanyakan sebelumnya .... maka akan disimpan pada cache DNS lokal ....
nahhhh ... kenapa kita gak mengaktifkan DNS server lokal milik kita aja ... dgn tujuan : agar req yg sudah pernah lewat tidak lewat lagi untuk kedua kali-nya melewati jalan publik .... cukup berhenti pada server DNS lokal .... hasilnya pasti akan lbh cepat (krn lokal) dan lebih hemat b/w .....
mulai sekarang monggo .... paidjo ndeso pingin mengajak anda untuk gerakan hemat b/w dgn mengaktifkan DNS lokal ....
maksud-e .... dgn tidak mengulag pertanyaan menuju ke publik akan menghemat b/w publik kita .... krn sudah cukup di jawab di lokal ....
kalo dipikir pikir ... konsep jalan yg steril itu jauh lebih bermanfaat dr pada berlomba2 ngebek-i dalan ... dgn hal2 yg g penting termasuk sampah .... itu semua gak layak berada di jalan ..... jadi ...: justru yg perlu pemikiran sebenarnya adalah "itu" .... bagaimana bisa lancar jika ternyata di jalanan banyak sampah (hal2 yg gak seharusnya ada di jalan) berserakan ....
CMIIW .... :P
semoga bermanfaat .... pis bro ....
Selasa, 06 Desember 2011
rule bukan sekedar tangkap menangkap ....
hehehheheh .... jadi mesam-mesem dewe ketika di luar sana hampir mayoritas ternyata podo menceritakan perihal tangkap-menangkap ..... dan hal itu kok identik dgn sederet rule terutama mangle .... gek sing di tangkep ki lho opooooo ???? ..... bola kasti iye ?.... opo dolanan gatheng ....
sehingga saking serunya hingga seolah-olanh fungsi rule pada mangle itu sekedar untuk takep-menangkep spt si-polin pas lagi momen-an dan seolah-olah tangkep menangkep itu hanya milik si-polin (mangle) ... xixiixixix .... gak tau apa kalo di desa tangkep menangkep itu milik pak hansip ..... xixixixixii
dadi kelingan mbah dukun paidjo ngajat-ne .... " pisang setangkep puniko damel mengeti supados kemanten kekalih lancar nggonipun tangkep-tangkepan .... wakakakakakak "
OK ... kita lupakan intermeso diatas .....
di kampung paido si-polin ki gak peran .... momen yo g tau enek .... si-polin mana mau nganyer nyegati wong kampung budal neng tegalan / sawah .... wakakakakak .... gak enek critane melanggar lalu lintas .... gak penting kwi .... sing penting tandang gawe lancar ....
dan kampung paidjo itu adalah hotspot server ..... dimana disana mangle bukan penting banget .... ada dan tiadanya mangle ttp berjalan lancar .... :)
sedangkan rule itu kl di kampung ibarat anak tangga sing kudu urut menek-e ben lancar (coba bayangkan jika menek-e g urut ... bar 5 - 9 - 1 - 10 iso ta menek-e : ben lempoh dhewe ... amoh neng awak) ... heheheh
jadi ... rule itu adalah sekedar urutan langkah-langkah yg memiliki alur dan aturan sing berkelanjutan .... ojo maju mundur ... tapi maju mapan wae ... xixixiixixix
jadi jika rule-ne salah ... ahir-nya yo gak jadi .... seperti halnya urutan memasak jika dilanggar urutannya .... bar di dang trs di kum banyu 3hr trs di giling .... gak sido dadi thiwul .... kakakakkakakk
drng selesai ..... (pokok-e lek wis mari tulisan-e kudu ono semoga bermanfaat) .....
cara bikin tagihan yg muaaantab ....!!!! : (ala paidjo)
kadang kita menemukan clien yg rodo gak mbutuh-i tapi sbtlnya dia butuh banget tiap harinya .....
indikasinya dr mana .... gmpng .... suatu ketika dia sambat kok lemot .... namun diluar itu dia g perduli paket yg telah diambilnya .... bisa jadi dia kebiasaan ke warnetyg limit bw-nya tinggi2 trs pakek koneksi unlimited kita yg "murah-an" .... (menurut dia) .... tapi menurut kita .... dia itu maunya yg geratis2 aja tapi pakek embel2 segala macem .... coro jawane "koyo cangkem-e blantik .... ngejlok-e kene ngapikne dek-e" .... nahhhh ... yg semacam itu jgn di putus bgt saja ...
saatnya bikin mainan baru ke dia ..... ketika abunement telah berhir masa berlakunya dan gejala tidak berlanjut sudah jelas tampak dgn molornya pembayaran yg panjang tanpa respon anggap saja kelinci percobaab .... skrng kita coba ganti bikin jengkel dia ....
skenario kali ini adalah : ..... kita beri kesempatan dia login .... kemudian setelah dia berhasil login .... kita beri permainan baru .... yaitu 30 detik setelah login kita kirim halaman tagihan .... 30detik kemudian koneksi kita putus ..... jadi : waktu koneksi cuman di batasi selama 1mnt kemudian diskconnect ... dia wajib login lagi .... begtu seterusnya .... hingga dia jengkel / waleh ...
jadi .... seolah olah berhasil koneksi internet-nya hanya untuk melihat tagihan .... kemudian ke-tendang lagi setelah membaca-nya ... begitu seterusnya
efek yg kita harapkan dlm ksus ini adalah .... dia jd tau .... kelas kita bgmn .... kita tunjuk-kan kita bukan asal2-an ... hingga dia bisa bilang yg membuat kita gak enak makan ..... wong kita wis berusaha memberi-kan konnneksi terbaik pada-nya dgn harga sangat ter-jangkau dan mudah aksess-nya kok .... malah dia ba bi bu be bo ...... " bilang aja mo nyobak 1 bln trs minta gratis seikhlas-nya .... xixixixixi ......"jadi .... seolah olah berhasil koneksi internet-nya hanya untuk melihat tagihan .... kemudian ke-tendang lagi setelah membaca-nya ... begitu seterusnya
anggep saja dia belum saatnya konneksi internet .... blm saatnya butuh internet .... isih katrok ... blm pantes langganan internet .... blm saatnya punya laptop ..... xixixixixixi .....
walaupun kenyataannya tiap hari tiap saat dia selalu online ketika menjadi klien kita ...... xixixixix ... dikiranya kita g merhatikan-nya kali ya .....
langsung aja kita bahas caranya ....
begini : ........
1.) .... : kita harus terbiasa dulu 1 user 1 profile ... untuk lebih mudah pengidentifikasian yg lebih beragam ..... bukan hanaya mac / ip ... namun user profile juga sebuah identitas lho ....
2.) .... : kita percayakan kepada "si fulan1" yg bertugas untuk menghitung mundur 30 detik kemudian mengirim-kan berita yg berisi tagihan kepada target ..... dan si fulan1 ini adalah : ip hotspot user profile advertise ...
3.) ... : kita percayakan kepada "si fulan2" yg bertugas untuk menghitung mundur 60 detik kemudian mengahiri / memutus koneksi target ..... dan si fulan2 ini adalah : ip hotspot user profile general sesion-time
catatan : .... target disini adalah "profile" .....
jadi : ... maksudnya 1 user 1 profile salah satunya ya ini .... untuk pengidentifikasian user .... shg bisa memilih salah satu yg kita kehendaki pada system hotspot server ....
-------------- sik ......... kr tak sambi ya ....................
Minggu, 04 Desember 2011
Mikrotik : hdd besar (sys) itu "Penting" juga lho .....!
halaman : D O W N L O A D (blm jadi)
Alhamdulillah hari ini dpt ide dan ilmu baru .....
bahwa : hdd system yg di pakek routerOS itu juga tolong di jadikan prioritas dong ....
seperti kejadian yg paidjo alami .... yaitu kehabisan resource pada hdd system ...
awalnya begini ..... paidjo kan punya konsep "ndeso so so so so so so ..." .... dimana semua seperti konsep orng ndeso beneran .... yaitu sederhana dlm arti sesungguhnya ... (bukan minimalis ala kota yg ternyata mewah menurut paidjo : misal-e model rumah minimalis) ... tanpa suplement , tanpa , tanpa karbit , tanpa permipan , tanpa sogok-menyogok , bahkan tanpa lobi-lobian .... semuanya serba apa adanya , lugu , sopan santun & ramah (santun bukan karena ABS / cari muka pada bos) ... ala orng desa beneran .... dengan harapan lebih langgeng dan menghindari bertopeng spt butho ... hiiii .... giloooo ...
ketika konsep itu di-jalankan .... terutama keinginan paidjo untuk membuat clien lbh dimudahkan dgn adanya layanan homepage masal ... yaitu pada halaman download .... dimana di situ telah terpampang link2 untuk mengunduh semua kebutuhan clien hotspotnya .... baik itu plugin , tool , driver , applikasi bahkan data2 yg harusnya tersedia untuk di nikmati bersama (yg hrs ready / ON setiap saat) .... sehingga nanti , menurut pemikiran ndeso paidjo .... walopun tanpa koneksi sekalipun semua bisa mengunduh-nya ... asal sudah login hotspot pada masa lampau (masa kadaluarsa 3hr/1th) .... (dlm hal ini paidjo menerapkan homepage bersama ... shg ketika tanpa ada koneksi internet di "publik" mereka sudah pasti bisa masuk ke halaman tsb) ... maka paidjo-pun menguploadnya pada rootnya routerOS ....
hasilnya lumayan juga .... max bisa mencapai kecepatan 25mbps menuju hosting lokal mikrotik tsb ...
dan itu lebih dari cukup menurut wong ndeso spt paidjo .... (soale lek banter2 bingung sepet-e cpt habis .... kuatir nubruk trs sepeda-e paido amoh .... heheheh ...)
tapi .... apa boleh buat .... DOM paido yg jadul itu cuman berukuran sangat sangat sangat sangat keciiiiiiiillll .... ahirnya mimpi2 paidjo pung gak jadi dia gantung-kan setinggi langit .... cukup di gantung di pemehan saja asal gak di thuthul pitik .... heheheheh
inti-nya ... hdd system milik paidjo sudah gak muat lagi .... (coro jowone ngapret) ... wayah nglungsur-ne adhik-e ....
Dari kejadian itu ... maka paidjo mengambil kesimpulan .... "jere sopo hdd untuk mikrotik itu kecil saja ... kl besar mubadir" .... sopo sing muni ... tak senenan-e kene .... tak gaaawak-ne bedog ... (tak kon ngesak maksud-e ... heheheheh) ....
seandainya paidjo panen "ceplukan" dan bisa membeli SSD yg 40gb :) ... maka betapa mimpi2 paidjo akan berlanjut hingga sibuk sesibuk sibuk-nya hingga bbrp hari .... krn asyik melanjutkan konsep yg lama di timbun hingga mateng tsb ....
semua akan berahir dgn bahagia (coro pilem-e hepi ending) ... xixixixixi
piss brooo ....
semoga bermanfaat
Paidjo bikin PR sendiri ....
halaman H O M E
halaman M E N U : 1 (dlm pengerjaan)
halaman M E N U : 2 (dlm pengerjaan)
halaman M E N U : 3 (dlm pengerjaan)
halaman D O W N L O A D (dlm pengerjaan)
pada tahun baru 1 muharam ini .... paidjo punya ide untuk ganti hompage masal untuk semua klien dan sekaligus warga perumahan bangau putih permai (tempat paidjo tinggal) .....
konsepnya adalah .... teduh dan segar ... kebetulan cocok sekali ya : sama poto paidjo yg kebetulan di pajang oleh paidjo di kolom bawah itu (keren gak juragan paidjo ... ???? ...) .... xixixixixi
sampai tulisan ini di unggah .... PR ini masih dalam pengerjaan , walaupun sudah di upload pada hdd system mikrotik milik paidjo (coro jawane selak g kanten) ....
menurut penjelasan paidjo ... warna inilah : warna yg menjadi riwayat adanya perumahan ini dari masa kemasa .... warna2 ini telah menjadikan semarak kampung paidjo pada pasa2 lampau .... warna2 inilah yg dulunya di gunakan "sang penghias perumahan ini" pada setiap event yang selalu nampak segar , asri dan elegan .... yg kemudian di kenang paidjo dlm sebuah nuansa website yg menjadi homepage resmi INTERNET bangau putih permai ini .....
mudah2-an dari sini sampean2 kabeh bisa mendapat ide yg jauuuuh lebih bagus dan lebih cocok nuansanya di daerah (linkungan) sampean kabeh .....
semoga bermanfaat ....
Minggu, 27 November 2011
Siapakah calon klien hotspot kita ??? .....
Alhamdulillah ..... suatu nikmat yg luar biasa yg diberikan gusti alloh pada paidjo : masih bisa menghirup udara segar di pergantian tahun baru hijriah ini ... mudah2 tahun ini kita semua makin menemukan jalan dan kita di-beri kemudahan untuk bisa melewati jalan itu dan menikmatinya di sepanjang perjalanan kita tsb ....
disini paidjo hanya memberi sebuah semangat .... agar teman2 paidjo diluar sana makin terpacu semangatnya untuk terjun di dunia beginian RTRW-net
Konsep cara menikmati internet dgn cara gotong-royong ini .... adalah konsep yg sudah lama di gembor2-kan kang Onno W Purbo yg kemudian sempat marak luar biasa menggiurkan ....
Dari situlah kemudian berembang dan berkembang .... hingga kini dimana ketika gotong-royong yg mulai memudar itu berubah jadi makin itung2-an antara untung dan rugi yg klien ributkan ... maka konsep profesional akan makin tampak dan menjadi lahan bisnis spt skrng ini ..... dimana konsep-pun berubah ... dari sekedar iuran gotong royong menjadi jual beli .... maka hotspotpun berubah menjadi sebuah ISP kelas ndeso ... yg menyediakan koneksi internet pd sebuah area lingkungan kecil dgn jumlah masyarakat pengguna yg cukup memenuhi syarat dlm hal jumlah-nya ...
Lalu .... bagaimana peluang-nya sekarang ....?????
tidak dulu tidak sekarang tidak nanti .... peluangnya ttp sama ....
jika dulu tarif sebuah langganan hotspot-internet itu bisa mencapai 250rb (untuk ukuran kota kecil itu sdh sangat mahal) .... yg artinya ada margin laba yg menggiurkan ... menurut paidjo enggak juga .... dulu BW sangat mahal .... alat wifi sangat mahal .... mencari klien lbh sulit krn kebutuhan internet jg blm begitu tinggi ..... dan yg mengidap "penyakit masyarakat wifi" juga banyak ... dan itu jika di jumlahkan keseluruhan ketemunya juga sama saja dgn keadaan sekarang ....
sedangkan keadaan sekarang .... tarif hotspot-internet jadi terjun bebas .... margin laba menyusut ... namun disisi lain ... kebutuhan internet makin tinggi ... cari klien lebih mudah drpd jaman dulu ... alat wifi murah (estimasinya kl dulu hrg miniPCI compex 30db rp1.6jt-an (nasi pecel masih 1000-an) ... sedangkan sekarang cuman rp750rb-an (nasi pecel 2500-an) .... jika di hitung dari nilai nasi pecel akan ketemu sebuah perbandingan yg sangat drastis turun-nya .... yaitu 1600-bungkus nasi pecel vs 300-bungkus nasi pecel .... artinya 16/3 ....
jadi modal jg di keluarkan jaman dulu 5x lebih besar dibanding sekarang .... itu jika dihitung kurs nasi pecel bukan ngitung duit dlm angka2 ... (maklum paidjo wong ndeso ngitung-e nasi pecel ... xixixixi)
to the point .... bagaimana kita bisa mengukur berapa besar kemungkinan klien kita ...
gambar diatas adalah contoh-nya .... kita akan tahu setelah system hotspot itu dibangun .... dan berjalan sekian kurun waktu ....
kl kita lihat gmbr diatas adalah data yg paidjo ambil dr lingkungan paidjo .... dari sekian link dan repeater ... ada sejumlah 153 alat ber wifi yg telah berusaha connect ke jaringan hotspot paidjo (exp kita seting pd = 90d :00:00:00 / 3bulan .... jika disitu kita liat yg paling tua menunjuk-kan 70d , artinya dalam kurun waktu 20hari sejak system hotspot di on-kan terjaring 153 item alat yg berusaha connect) .....
dan yg seperti itu tidak terjadi di jaman dulu ....
dimana orng msh jarang punya laptop .... jarang ada orng yg nekat pengadaan alat wifi dgn antena yg cukup tinggi ... dll ... dll ... dll ....
monggo deeehhh ..... di resap-i lagi ....
lebih semangat lagi .... lebih inovasi lagi ... lebih kreatif lagi ... lebih bisa melihat peluang lagi ... lebih tanggap lagi ....
mudah2-an .... ini bisa menjadi sebuah pertimbangan ... untuk melanjutkan ... mengembangkan konsep kang Onno W Purbo .... agar kita bisa menikmati internet lebih merakyat ...
piss bro ... semoga bermanfaat ....
Rabu, 23 November 2011
Cara Mengintip Acount Hotspot .... (cara paling ndeso)
web-proxy memang tdk bisa dianggap remeh .... justru krn kesederhanaanya itulah yg jadi kelebihannya (menurut paidjo tetangganya si-paidjan)
kl kemaren2 kita telah bongkar bgmn menginceng isi web-proxy .... kl ini kita coba cara yg lebih ndeso lagi ....
kenapa lebih ndeso?? .....
krn cara ini sekedar memberi laporan bahwa : telah terjadi proses dr klien X menuju website X dgn mode X .... tanpa ada embel2 lain yg mengatakan secara detil spt menginceng web-proxy yg kemarin dulu kita bahas .... atau yg kemarinnya lagi
jadi disini cuman tahu "kemana kemana kemana ...... ku harus mencari kemana ..... xixixixiix koyo lagune ayu cring cring .... "
bagi yg hanya membutuhkan situs tujuan saja cocok sekali dgn cara spt ini .... ngirit resource bagi yg PC-routernya P1-100 spt milik paidjo ......
daannnn ..... sssttttt ... jgn bilang2 sama si-robet ya .... kl web-proxy itu banyak kelebihannya .... terutama dlm hal ndeso-ne .... hehehhehe ... (kebetulan neng kene robet jeneng-e kirik .... dadi di-omongnono yo gak bakal ngerti opomaneh percoyo .... xixixixi)
langsung saja di prekethek-kan .... :
/system logging action
add action=memory disabled=no prefix="" topics=account
dan jika pingin copas isinya bisa lewat new-terminal spt biasanya ......
(mosok lali)
yaitu dgn perintah : "log p"
piss gannnn .....
pesen-e kang paidjo .....
bikinlah hidup sampean menjadi berarti bg sesama selagi ada kesempatan ....
semoga bermanfaat bro ..... :)
Label:
bagaiman,
bagaimana . seting,
bikin,
cache,
koneksi,
mengetahui kondisi jaringan,
mengetahui sirkulasi data,
route,
setting,
tes jaringan,
test,
tool jaringan,
trafik data,
web proxy
Senin, 21 November 2011
Waspada-i kemampuan AP anda .....
marilah sodara2 .... kita renungkan sejenak .... jangan angah2 (angah2 boso indonesia-ne opo?) .... kita punya perangkat jaringan itu dgn kemampuan yg berbeda2 .... dan kita kudu tau batas maksimal-nya .... maksud paidjo yg bodoh ini hanya mengingatkan jangan terlalu mimpi yg seba muluk2 dulu .....
ilustrasinya begini saja .... biar lebih mudah menyampaikan-nya ..
misalkan sebuah AP ... yg kemudian di seting pada rate 11mbps (wifi klas B) .... artinya angka stb adalah kemampuan total di lewati data yg TX + RX total adalah 11mbps ....
jadi jgn minta ideal 11mbps FULL .... opo kerjanya cuman dengerkan thok ... yg lain kan juga pingin ngomong
nahhh ... karena ngomong dan mendengarkan itu adalah hak si klien .... apabila terjadi perbandingan TX vs RX 50% .... apa njur g mau perduli ... "lho kok ... ini 11mbps tapi genjot pol cuman segini ... ? "
disini-lah kita butuh pengertian .... "sekali2 ki yo openono bekakas sampean ....." di luar sana banyak yg sudah pakek G (54mbps) bahkan N (150/300mbps) .... semua itu dgn harapan bisa memperlebar jalannya si data yg lewat dlm satu kesempatan tsb ....
satu cerita dr teman ... yng mana dia telah menerapkan konsep layanan lokal pada hotspotnya ... dia sengaja membaypas access ke sesama lokalnya ... karena pingin dpt nilai + dari para klien ...
nah .... kemudian yag terjadi apa .... ketika access lokal dadi terexploitasi secara besar2-an .... yg terjadi hancurlah konsep utama jaringan nirkabel tsb (jama'ah internet yg merata) ... dan itu tidak bisa dirasakan kl bukan pd titik si klien ....
cara menggambarkannya g usah jauh2 deh .... misalkan kompi sampean di limit 200kbps trs sampean download secara membabi buta , trs bagaimana rasanya ketika saat itu juga pada tab yg lain sampean melakukan browsing ...pasti suweeeee polll juga tho ....
ini mudah di pahami dgn filsafat moderen "1+1=2" ... artine kl total-nya sudah memenuhi kuota berikutnya akan kehabisan kuota ... yg terjadi kemudian adalah antrian antrian dan antrian yg puaaanjang ... dan apabila terlalu puanjang yg terjadi kemudian bingung , jibeg , mabuk dsb.... naahhh ... saat mabuk inilah yg buang2 waktu , energi dll yg serba rendah dlm hal efisiensi ....
sampean bayangkan ketika kompi/lepi yg booting blm selesai trs sampean dgn entengnya buka dan buka browser misalkan .... kan yg terjadi sebenarnya kita rugi waktu ... krn g buka2 luaaaaammmmaa bgt .... lebih lama dibanding waktu yg dibutuhkan jika kompi sampean sdh dlm keadaan segar (sudah selesai booting dgn sempurna) ..... mohon maaf sebelumnya paidjo tidak bisa menjelaskan teorinya ... paidjo hanya bisa mengukur total waktu yg dibutuhkan dan merasakan-nya .... (bukan kapasitas paidjo untuk menjelaskan ini)
melanjutkan cerita teman .... : kemudian yg terjadi banyak sekali sirkulasi data lokal antar klien / klien-server ... entah itu voip , IPcam , loud ke cache dll .... nah yg terahir ini sering terlena .... hahahahah
saat buanyak req ke cache yg sering di pamer2-an tmn bisa mencapai angka 20-200mbps itu ..... whalah .... ujung2nya ttp resiko pada penuhnya jalan hanya untuk kepentingan itu .... dan yg lainnya mo lewat jalan mana ?..... opo dalan-e embah-e ...???? kok di entekne dewe ...... sing ape nggawe akeh dooolll !!!!
disitulah awal kehancuran itu .... dimana jalan yg secara nyata g seideal kabel itu di bebani trafik sedemikian tinggi , pasti ccq akan turun ... terutama yg dpt signal jelek senajan g selalu bgt ....
inilah efek exploitasi trafik ..... yg resikonya pasti saja trafik akan penuh sebelum penggunaan-nya maksimal (klien blm banyak wis lelet) ... wayah-e dalan sing ombone 10mtr kwi iso memenuhi hajat wong akeh dadak di-gawe reno2 barang ... tambah macet ... bukan hanya penuh dgn pengguna jalan .... tapi juga polisi sing nganyer yo bth menempati jln , bakul2 malih rame pingin dodolan neng kemacetan , pengamen juga , copet juga ... sembarang kalir wis .... podo memanfaatkan kemacetan mau ... heheheheh ...
ilmu yg di dapat dari perenungan ini adalah ..... tidak ada .... soale ujung2-e pasti ngengkel dgn konsep-nya sendiri2 .... dan sekali lagi gak ada konsep dewa ... konsep yg terbaik itu konsep yg sesuai dgn lingkungan setempat ....
sing jelass ... macet lek pengguna-e akeh sik sumbut .... drpd sing gawe kuwi2 thok wis macet .... liyane trs opo g oleh beraktifitas .... liane opo gak misuh2 .... diiiiannnncuuukkkk !!!!
piiss broooo .... semoga bermanfaat ....
Label:
amankan system,
bagaiman,
bagaimana . seting,
bikin,
mengetahui sirkulasi data,
seting AP,
seting link,
seting repeater,
trafik data
Minggu, 20 November 2011
Mencari setting router kw-1 ... yg mana tho ?......
hahahahahahahah ........ paidjo mo tertawa dulu .....
bukanya apa .... di-luarsana ternyata konsep orng pintar minter-i yg bodoh itu kenthel sekali .... untung paidjo yg bodoh (riilnya gt siihh ...) gak sampek terpengaruh oleh paket2 bahkan promosi2 yg mengatakan mampu "setting mikrotik cap dewa" ... xixixixi (nyontek bahasa-ne begawan londho) .....
bak promomosi kecap atau apalah namanya .... disitu di sebutkan ... ba bi bu be bo ....... preeeeetttt ....
ibarat juru masak .... waloupun kebetulan sudah di cap koki no-1 tingkat nasional ... suruh masak tempe goreng vs anak2 panti asuhan yg kebetulan isone masak yo tempe goreng .... itu-pun krn gak pernah ada bahan selain itu di panti .... paling rasa-ne juga sama ato bahkan mungkin anak2 tmn panti asuhan akan lbh seneng masakan temannya krn ngerti btul kebiasaan dlm rasa dll yg intinya lebih dekat dgn keadaan panti tsb .... kwi sik musuh panti ....
coba kita bandingkan lagi vs yg lebih pro dikit misal-e bakul bakso "ARYA" misal-e ... akan terlihat jelas ... hasil masakan bakso si koki tsb akan kalah di lidah orng2 tulungagung sini (cuman menggambarkan lho : tanpa ada maksud lain2) ....
dari 2 perumpamaan itu kita ambil ilmunya ....
bahwa tiap orng / lingkungan memiliki kebiasaan dan citarasa yg berbeda2 menurut keadaan lingkungan setempat .... (contohnya paidjo sing kadung kebiasaan makan "sego pecel" di beri "pitza" ... yo gak tepat .... paling cuman ge tombo penasaran thok .... ) ...
dan untuk kesekian kalinya paidjo ingatkan .... mbako enak di campur bakso enak hasilnya .... xixixixix ... gak passss ....wahahahahah ...
laluuuuu ... setting dewa itu yg bagaimana tho sebenarnya ..... ?????????/
jawabannya adalah setting yg sesuai keadaan dan kebutuhan lingkungan setempat .... (contekan resep pitza no-1-pun mungkin akan dibiarkan berserakan oleh paidjo krn dia g butuh itu ... dan justru resep kue klepon bisa jadi di simpan rapi bahkan di laminating bak piagam penghargaan ... xixixixixi )
bisa juga dibilang ...." resep setting dewa itu nafsi-nafsi / relative ".... ukurannya hanya berhasil / tidak ... jadi / enggak .... sukses / gagal ....
dan contoh yg biasa2 saja asal normal jalannya ya spt ini :....
/interface ethernet
set 0 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes \
mac-address=00:C0:26:8C:45:73 mtu=1500 name="h-spot" speed=100Mbps
set 1 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes \
mac-address=00:04:75:8E:0A:79 mtu=1500 name="w-net" speed=100Mbps
set 2 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes \
mac-address=00:04:75:D0:E7:9A mtu=1500 name="- F/O" speed=100Mbps
set 3 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes \
mac-address=00:04:75:C1:1B:71 mtu=1500 name="x-link" speed=100Mbps
set 4 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes \
mac-address=00:90:27:9C:09:52 mtu=1500 name="c-20" speed=100Mbps
/ip pool
add name="w-net" ranges=192.168.20.1-192.168.20.253
add name="h-spot" ranges=192.168.10.40-192.168.10.239
add name="c-20" ranges=192.168.0.1-192.168.0.253
add name="x-link" ranges=192.168.200.1-192.168.200.239
/port
set 0 baud-rate=9600 data-bits=8 flow-control=hardware name="serial0" \
parity=none stop-bits=1
set 1 baud-rate=9600 data-bits=8 flow-control=hardware name="serial1" \
parity=none stop-bits=1
/queue type
set default kind=pfifo name="default" pfifo-limit=50
set ethernet-default kind=pfifo name="ethernet-default" pfifo-limit=50
set wireless-default kind=sfq name="wireless-default" sfq-allot=1514 \
sfq-perturb=5
set synchronous-default kind=red name="synchronous-default" \
red-avg-packet=1000 red-burst=20 red-limit=60 red-max-threshold=50 \
red-min-threshold=10
set hotspot-default kind=sfq name="hotspot-default" sfq-allot=1514 \
sfq-perturb=5
set default-small kind=pfifo name="default-small" pfifo-limit=10
/snmp
set contact="" enabled=no engine-boots=0 engine-id="" location="" \
time-window=15 trap-community=public trap-sink=0.0.0.0 trap-version=1
/snmp community
add address=0.0.0.0/0 authentication-password="" authentication-protocol=MD5 \
encryption-password="" encryption-protocol=DES name="public" \
read-access=yes security=none
/system logging action
set memory memory-lines=100 memory-stop-on-full=no name="memory" target=memory
set disk disk-lines=1000 disk-stop-on-full=no name="disk" target=disk
set echo name="echo" remember=yes target=echo
set remote name="remote" remote=192.168.8.102:514 target=remote
/user group
add name="read" policy=local,telnet,ssh,reboot,read,test,winbox,password,web,sn\
iff,!ftp,!write,!policy
add name="write" policy=local,telnet,ssh,reboot,read,write,test,winbox,password\
,web,sniff,!ftp,!policy
add name="full" policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbo\
x,password,web,sniff
/ip hotspot profile
set default dns-name="hotspot.ta" hotspot-address=0.0.0.0 \
html-directory=hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 \
login-by=cookie,http-chap name="default" rate-limit="" smtp-server=0.0.0.0 \
split-user-domain=no use-radius=no
add dns-name="halloudin.ta" hotspot-address=192.168.0.254 \
html-directory=hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:8080 \
login-by=cookie,http-chap name="c-20" rate-limit="" \
smtp-server=192.168.0.254 split-user-domain=no use-radius=no
add dns-name="bangauputih.ta" hotspot-address=192.168.10.254 \
html-directory=hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:8080 \
login-by=cookie,http-chap name="h-spot" rate-limit="200k/1000k" \
smtp-server=192.168.10.254 split-user-domain=no use-radius=no
add dns-name="warnet.ta" hotspot-address=192.168.20.254 html-directory=warnet \
http-cookie-lifetime=3d http-proxy=0.0.0.0:8080 login-by=cookie,http-chap \
name="w-net" rate-limit="" smtp-server=192.168.20.254 split-user-domain=no \
use-radius=no
add dns-name="sumbergempol.ta" hotspot-address=192.168.200.254 \
html-directory=hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:8080 \
login-by=cookie,http-chap name="x-link" rate-limit="200k/1000k" \
smtp-server=192.168.200.254 split-user-domain=no use-radius=no
/ip hotspot user profile
set default address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=sites.google.com/site/halloudin/tagihan \
idle-timeout=none keepalive-timeout=2m name="default" \
open-status-page=always rate-limit="60k/300k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="h-spot = coba" open-status-page=always rate-limit="40k/200k 40k/400k \
20k/100k 5/5 7 40k/100k" shared-users=3 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=w-net advertise=no idle-timeout=none keepalive-timeout=2m \
name="w-net = coba" open-status-page=always shared-users=3 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Yoyok 'C (10)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Resta 'C (10)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=http://192.168.10.254/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="60rb Bayu 'C (10)" \
open-status-page=always rate-limit="40k/200k 40k/400k 20k/100k 5/5 7 \
40k/100k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=5m \
advertise-timeout=3m advertise-url=192.168.10.254/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="60rb Brina 'Rngn7 (10)" \
open-status-page=always rate-limit="40k/200k" session-timeout=1h \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Enid (10)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=bangauputih.ta/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="60rb Fathoni 'J (15)" \
open-status-page=always rate-limit="40k/200k 40k/400k 20k/100k 5/5 7 \
40k/100k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Aziz 'C (10)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Shes 'B (10)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="z-hotspot" open-status-page=always rate-limit="100k/1000k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=w-net advertise=no idle-timeout=none keepalive-timeout=2m \
name="Warnet = 600" open-status-page=always rate-limit="80k/400k 80k/800k \
80k/200k 5/5 7 80k/400k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=w-net advertise=no idle-timeout=none keepalive-timeout=2m \
name="Warnet = 500" open-status-page=always rate-limit="80k/400k 80k/800k \
80k/200k 5/5 7 80k/400k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=bangauputih.ta/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="60rb Idasuko 'B (10)" \
open-status-page=always rate-limit="40k/200k 40k/400k 20k/100k 5/5 7 \
40k/100k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="SAMSUNG" open-status-page=always rate-limit="500k/500k 500k/1000k \
500k/300k 10/10 7 500k/300k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=2m \
advertise-timeout=1m advertise-url=http://192.168.10.254/tagihan.html \
idle-timeout=none keepalive-timeout=2m name="40rb AA 'E (25)" \
open-status-page=always rate-limit="20k/100k 20k/200k 20k/50k 5/5 7 \
20k/50k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="h-spot = udin" open-status-page=always rate-limit="100k/1000k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Danis 'H (10)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Afif 'H (15)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=w-net advertise=no idle-timeout=none keepalive-timeout=2m \
name="ADMIN" open-status-page=always rate-limit="500k/500k 500k/1000k \
500k/300k 10/10 7 500k/300k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb Hana 'G (10)" open-status-page=always rate-limit="40k/200k" \
session-timeout=1h shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="h-spot = paket 10rb" open-status-page=always rate-limit="60k/300k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="PAKET kB/s" open-status-page=always rate-limit="100k/1000k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="PAKET JAM (2)" open-status-page=always rate-limit="60k/300k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Nafis 'E (15)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="40rb Basid 'J (15)" open-status-page=always rate-limit="20k/100k \
20k/200k 20k/50k 5/5 7 20k/50k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=bangauputih.ta/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="60rb Rahmat 'I (10)" \
open-status-page=always rate-limit="40k/200k 40k/400k 20k/100k 5/5 7 \
40k/100k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Irwan 'H (15)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="25rb Yopi (20)" open-status-page=always rate-limit="12k/60k 12k/120k \
12k/30k 5/5 7 12k/30k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=bangauputih.ta/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="60rb Timbul 'E (10)" \
open-status-page=always rate-limit="40k/200k 40k/400k 20k/100k 5/5 7 \
40k/100k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no keepalive-timeout=2m name="60rb Uun \
'Link" open-status-page=always rate-limit="60k/300k 60k/600k 60k/150k 5/5 \
7 60k/150k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Nofal 'C (18)" open-status-page=always rate-limit="40k/200k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Tara 'C (20)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Zainal 'B (20)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Yeremia 'H (10)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="40rb Yeyen 'A (10)" open-status-page=always rate-limit="20k/100k \
20k/200k 20k/50k 5/5 7 20k/50k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Bogi 'I (10)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb kepri (free)" open-status-page=always rate-limit="50k/250k \
50k/500k 50k/125k 5/5 7 50k/125k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="h-spot = promo" open-status-page=always rate-limit="500k/500k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=none keepalive-timeout=2m \
name="admin = x-link" open-status-page=always rate-limit="500k/500k \
500k/1000k 500k/300k 10/10 7 500k/300k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=immediately advertise-url=bangauputih.ta/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="60rb Hafi 'J (22)" \
open-status-page=always rate-limit="40k/200k 40k/400k 20k/100k 5/5 7 \
40k/100k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=30s \
advertise-timeout=immediately \
advertise-url=http://192.168.10.254/tagihan.html idle-timeout=1h \
keepalive-timeout=1m name="100rb juweni" open-status-page=always \
rate-limit="20k/200k" session-timeout=1m shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=w-net advertise=no idle-timeout=none keepalive-timeout=2m \
name="Warnet = 700" open-status-page=always rate-limit="80k/400k 80k/800k \
80k/200k 5/5 7 80k/400k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=1h keepalive-timeout=30m \
name="60rb agus (21)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=x-link advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=192.168.200.254/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="25rb anissa (24)" \
open-status-page=always rate-limit="6k/60k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=1h keepalive-timeout=2m \
name="100rb nanang (21)" open-status-page=always rate-limit="60k/300k \
60k/600k 60k/150k 5/5 7 60k/150k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=w-net advertise=no idle-timeout=none keepalive-timeout=2m \
name="warnet laptop" open-status-page=always rate-limit="20k/200k" \
shared-users=2 status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb elfatoni (4)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb rina (5)" open-status-page=always rate-limit="40k/200k 40k/400k \
20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=bangauputih.ta/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="40rb Bambang 'B (5)" \
open-status-page=always rate-limit="20k/100k 20k/200k 20k/50k 5/5 7 \
20k/50k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb Hilmy 'F (12)" open-status-page=always rate-limit="40k/200k" \
session-timeout=1h shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="40rb Tentami 'E (10)" open-status-page=always rate-limit="20k/100k \
20k/200k 20k/50k 5/5 7 20k/50k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=c-20 advertise=no idle-timeout=none keepalive-timeout=2m \
name="Hallo.Udin - FULL" open-status-page=always shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=none keepalive-timeout=2m \
name="trial = X-link" open-status-page=always rate-limit="60k/300k \
60k/500k 20k/100k 5/5 7 40k/100k" shared-users=3 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="trial-hotspot" open-status-page=always rate-limit="20k/200k" \
shared-users=6 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=sites.google.com/site/halloudin/tagihan \
idle-timeout=1h keepalive-timeout=2m name="40rb Rendra (10)" \
open-status-page=always rate-limit="20k/100k" session-timeout=1h \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="PAKET JAM (1)" open-status-page=always rate-limit="60k/300k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="40rb ike (30)" open-status-page=always rate-limit="20k/100k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Uun 'Hspot" open-status-page=always rate-limit="60k/300k \
60k/600k 60k/150k 5/5 7 60k/150k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb Purbo (23)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Fuad (03)" open-status-page=always rate-limit="40k/200k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=5m \
advertise-timeout=3m advertise-url=192.168.10.254/tagihan.html \
idle-timeout=none keepalive-timeout=2m name="60rb Ratri (05)" \
open-status-page=always rate-limit="40k/200k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Yhudi (11)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Budi-sp (11)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=bangauputih.ta/tagihan.html \
idle-timeout=none keepalive-timeout=2m name="60rb Jack (16)" \
open-status-page=always rate-limit="40k/200k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb yos (10)" open-status-page=always rate-limit="40k/200k 40k/400k \
20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10s \
advertise-timeout=immediately \
advertise-url=http://192.168.10.254/tagihan.html idle-timeout=1h \
keepalive-timeout=1m name="60rb Fikrul (16)" open-status-page=always \
rate-limit="40k/200k 40k/400k 20k/100k 5/5 7 40k/100k" session-timeout=30s \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb laily (27)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb rini (24)" open-status-page=always rate-limit="40k/200k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb indah (1)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=c-20 advertise=no idle-timeout=none keepalive-timeout=2m \
name="Hallo.Udin -1 (c-20)" open-status-page=always rate-limit="500k/500k \
500k/1000k 500k/300k 10/10 7 500k/300k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=w-net advertise=no idle-timeout=none keepalive-timeout=2m \
name="warnet = c3" open-status-page=always rate-limit="400k/200k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="40rb Dayu 10" open-status-page=always rate-limit="20k/100k 20k/200k \
20k/50k 5/5 7 20k/50k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=c-20 advertise=no idle-timeout=none keepalive-timeout=2m \
name="Hallo.Udin -2 (c-20)" open-status-page=always \
rate-limit="1000k/1000k 1000k/2000k 1000k/500k 10/10 7 1000k/500k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb hariyanto 12" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb Nuraji (12)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb Ali (18)" open-status-page=always rate-limit="40k/200k 40k/400k \
20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
/ip dhcp-server
add add-arp=yes address-pool=w-net always-broadcast=yes \
authoritative=after-2sec-delay bootp-support=static disabled=no \
interface=w-net lease-time=4w2d name="w-net" src-address=192.168.20.254
add add-arp=yes address-pool=h-spot always-broadcast=yes \
authoritative=after-2sec-delay bootp-support=static disabled=no \
interface=h-spot lease-time=12w6d name="h-spot" src-address=192.168.10.254
add add-arp=yes address-pool=c-20 always-broadcast=yes \
authoritative=after-2sec-delay bootp-support=static disabled=no \
interface=c-20 lease-time=4w2d name="c20" src-address=192.168.10.254
add add-arp=yes address-pool=x-link always-broadcast=yes \
authoritative=after-2sec-delay bootp-support=static disabled=no \
interface=x-link lease-time=12w6d name="xl-ink" \
src-address=192.168.200.254
/interface bridge port
add comment="" disabled=no edge=auto external-fdb=auto horizon=none \
interface="- F/O" path-cost=10 point-to-point=auto priority=0x80
add comment="" disabled=no edge=auto external-fdb=auto horizon=none \
interface=c-20 path-cost=10 point-to-point=auto priority=0x80
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-vlan=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=10.0.0.1/32
/ip address
add address=192.168.4.250/24 broadcast=192.168.4.255 comment="" disabled=no \
interface="- F/O" network=192.168.4.0
add address=192.168.10.254/24 broadcast=192.168.10.255 comment="" disabled=no \
interface=h-spot network=192.168.10.0
add address=192.168.20.254/24 broadcast=192.168.20.255 comment="" disabled=no \
interface=w-net network=192.168.20.0
add address=192.168.200.254/24 broadcast=192.168.200.255 comment="" \
disabled=no interface=x-link network=192.168.200.0
add address=192.168.0.254/24 broadcast=192.168.0.255 comment="" disabled=no \
interface=c-20 network=192.168.0.0
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=20480KiB \
max-udp-packet-size=512 primary-dns=192.168.4.253 \
secondary-dns=202.134.1.10
/ip dns static
add address=192.168.10.20 disabled=no name="ap-utama.net" ttl=1d
add address=192.168.200.249 disabled=no name="waras.in" ttl=1d
add address=192.168.200.247 disabled=no name="waras.out" ttl=1d
add address=192.168.200.248 disabled=no name="waras.link" ttl=1d
add address=192.168.0.250 disabled=no name="home.net" ttl=1d
add address=192.168.20.250 disabled=no name="linux.net" ttl=1d
add address=192.168.10.11 disabled=no name="repeater-b.net" ttl=1d
add address=192.168.10.12 disabled=no name="repeater-c.net" ttl=1d
add address=192.168.10.13 disabled=no name="repeater-h.net" ttl=1d
add address=192.168.10.16 disabled=no name="repeater-j.net" ttl=1d
add address=192.168.10.18 disabled=no name="repeater-a.net" ttl=1d
add address=192.168.10.21 disabled=no name="repeater-senggol.net" ttl=1d
add address=192.168.10.26 disabled=no name="repeater-g.net" ttl=1d
add address=192.168.10.27 disabled=no name="repeater-h2.net" ttl=1d
add address=192.168.10.25 disabled=no name="repeater-a2" ttl=1d
add address=192.168.200.241 disabled=no name="repeater-selojeneng.net" ttl=1d
add address=192.168.200.242 disabled=no name="repeater-selojeneng2.net" ttl=1d
add address=192.168.10.5 disabled=no name="cctv-pintu-utama.net" ttl=1d
add address=192.168.10.6 disabled=no name="cctv-pintu-a.net" ttl=1d
add address=192.168.10.7 disabled=no name="cctv-pintu-b.net" ttl=1d
add address=192.168.10.8 disabled=no name="cctv-pintu-i.net" ttl=1d
add address=192.168.10.9 disabled=no name="cctv-pintu-k1.net" ttl=1d
add address=192.168.10.10 disabled=no name="cctv-pintu-k2.net" ttl=1d
add address=192.168.0.250 disabled=no name="router741.net" ttl=1d
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=yes \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment="place hotspot rules \
here" disabled=yes
add action=drop chain=input comment="===== close proxy =====" disabled=no \
dst-port=8080 in-interface="- F/O" protocol=tcp
add action=accept chain=forward comment="allow established connections" \
connection-state=established disabled=no
add action=accept chain=forward comment="allow related connections" \
connection-state=related disabled=no
add action=drop chain=forward comment="drop invalid connections" \
connection-state=invalid disabled=no
add action=drop chain=virus comment="drop blaster worm" disabled=no \
dst-port=135-139 protocol=tcp
add action=drop chain=virus comment="drop messeger worm" disabled=no \
dst-port=135-139 protocol=udp
add action=drop chain=virus comment="drop blaster worm" disabled=no \
dst-port=455 protocol=tcp
add action=drop chain=virus comment="drop blaster worm" disabled=no \
dst-port=455 protocol=udp
add action=drop chain=virus comment="_________" disabled=no dst-port=593 \
protocol=tcp
add action=drop chain=virus comment="___________" disabled=no \
dst-port=1024-1030 protocol=tcp
add action=drop chain=virus comment="drop my-doom" disabled=no dst-port=1080 \
protocol=tcp
add action=drop chain=virus comment="_________" disabled=no dst-port=1224 \
protocol=tcp
add action=drop chain=virus comment="ndm requester" disabled=no dst-port=1363 \
protocol=tcp
add action=drop chain=virus comment="ndm server" disabled=no dst-port=1364 \
protocol=tcp
add action=drop chain=virus comment="screen cast" disabled=no dst-port=1368 \
protocol=tcp
add action=drop chain=virus comment="hromgrafx" disabled=no dst-port=1373 \
protocol=tcp
add action=drop chain=virus comment="dcichild" disabled=no dst-port=1377 \
protocol=tcp
add action=drop chain=virus comment="worm" disabled=no dst-port=1433-1434 \
protocol=tcp
add action=drop chain=virus comment="dumaru.y" disabled=no dst-port=2283 \
protocol=tcp
add action=drop chain=virus comment="drop bangle" disabled=no dst-port=2535 \
protocol=tcp
add action=drop chain=virus comment="bangle virus" disabled=no dst-port=2745 \
protocol=tcp
add action=drop chain=virus comment="drop my-doom" disabled=no \
dst-port=3127-3128 protocol=tcp
add action=drop chain=virus comment="drop back-door optic-pro" disabled=no \
dst-port=3410 protocol=tcp
add action=drop chain=virus comment="worm" disabled=no dst-port=4444 \
protocol=tcp
add action=drop chain=virus comment="worm" disabled=no dst-port=4444 \
protocol=udp
add action=drop chain=virus comment="drop sasser" disabled=no dst-port=5554 \
protocol=tcp
add action=drop chain=virus comment="drop bangle.b" disabled=no dst-port=8866 \
protocol=tcp
add action=drop chain=virus comment="drop darbber.a-b" disabled=no \
dst-port=9898 protocol=tcp
add action=drop chain=virus comment="drop damaru.y" disabled=no dst-port=10000 \
protocol=tcp
add action=drop chain=virus comment="drop my-doom.b" disabled=no \
dst-port=10080 protocol=tcp
add action=drop chain=virus comment="drop netbus" disabled=no dst-port=12345 \
protocol=tcp
add action=drop chain=virus comment="drop kuang2" disabled=no dst-port=17300 \
protocol=tcp
add action=drop chain=virus comment="drop subseven" disabled=no dst-port=27374 \
protocol=tcp
add action=drop chain=virus comment="drop pathbot,agobot,gaobot" disabled=no \
dst-port=65506 protocol=tcp
add action=jump chain=forward comment="jump to the virus chaint" disabled=no \
jump-target=virus
add action=accept chain=forward comment="allow ping" disabled=no protocol=icmp
add action=accept chain=forward comment="allow udp" disabled=no protocol=udp
/ip firewall mangle
add action=mark-packet chain=prerouting comment="up traffic (c-20)" \
disabled=no in-interface=c-20 new-packet-mark="test-up (c-20)" \
passthrough=no src-address=192.168.0.0/24
add action=mark-packet chain=prerouting comment="up traffic (h-spot)" \
disabled=no in-interface=h-spot new-packet-mark="test-up (h-spot)" \
passthrough=no src-address=192.168.10.0/24
add action=mark-packet chain=prerouting comment="up traffic (w-net)" \
disabled=no in-interface=w-net new-packet-mark="test-up (w-net)" \
passthrough=no src-address=192.168.20.0/24
add action=mark-packet chain=prerouting comment="up traffic (x-link)" \
disabled=no in-interface=x-link new-packet-mark="test-up (x-link)" \
passthrough=no src-address=192.168.200.0/24
add action=mark-connection chain=forward comment="conn-mark c-20) \
---------------------------------------------------------------------------\
------------" disabled=no new-connection-mark="tes-conn (c-20)" \
passthrough=yes src-address=192.168.0.0/24
add action=mark-connection chain=forward comment="conn-mark (h-spot)" \
disabled=no new-connection-mark="tes-conn (h-spot)" passthrough=yes \
src-address=192.168.10.0/24
add action=mark-connection chain=forward comment="conn-mark (w-net)" \
disabled=no new-connection-mark="tes-conn (w-net)" passthrough=yes \
src-address=192.168.20.0/24
add action=mark-connection chain=forward comment="conn-mark (x-link)" \
disabled=no new-connection-mark="tes-conn (x-link)" passthrough=yes \
src-address=192.168.200.0/24
add action=mark-packet chain=forward comment="down-direct (c-20) \
---------------------------------------------------------------------------\
---------" disabled=no in-interface="- F/O" new-packet-mark="test-down \
(c-20)" packet-mark="test-up (c-20)" passthrough=no \
src-address=192.168.0.0/24
add action=mark-packet chain=forward comment="down-direct (h-spot)" \
disabled=no in-interface="- F/O" new-packet-mark="test-down (h-spot)" \
packet-mark="test-up (h-spot)" passthrough=no src-address=192.168.10.0/24
add action=mark-packet chain=forward comment="down-direct (w-net)" disabled=no \
in-interface="- F/O" new-packet-mark="test-down (w-net)" \
packet-mark="test-up (w-net)" passthrough=no src-address=192.168.20.0/24
add action=mark-packet chain=forward comment="down-direct (x-link)" \
disabled=no in-interface="- F/O" new-packet-mark="test-down (x-link)" \
packet-mark="test-up (x-link)" passthrough=no src-address=192.168.200.0/24
add action=mark-packet chain=output comment="proxy-down (c-20) \
---------------------------------------------------------------------------\
----------" disabled=no new-packet-mark="proxy-down (c-20)" passthrough=no \
src-address=192.168.0.0/24
add action=mark-packet chain=output comment="proxy-down (h-spot)" disabled=no \
new-packet-mark="proxy-down (h-spot)" passthrough=no \
src-address=192.168.10.0/24
add action=mark-packet chain=output comment="proxy-down (w-net)" disabled=no \
new-packet-mark="proxy-down (w-net)" passthrough=no \
src-address=192.168.20.0/24
add action=mark-packet chain=output comment="proxy-down (x-link)" disabled=no \
new-packet-mark="proxy-down (x-link)" passthrough=no \
src-address=192.168.200.0/24
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment="place hotspot rules \
here" disabled=yes
add action=redirect chain=dstnat comment="Web-Proxy" disabled=no dst-port=80 \
protocol=tcp to-ports=8080
add action=masquerade chain=srcnat comment="masquerade hotspot (c-20)" \
disabled=no src-address=192.168.0.0/24
add action=masquerade chain=srcnat comment="masquerade hotspot (h-spot)" \
disabled=no src-address=192.168.10.0/24
add action=masquerade chain=srcnat comment="masquerade hotspot (w-net)" \
disabled=no src-address=192.168.20.0/24
add action=masquerade chain=srcnat comment="masquerade hotspot (x-link)" \
disabled=no src-address=192.168.200.0/24
add action=redirect chain=dstnat comment="" disabled=no dst-port=53 \
protocol=tcp to-ports=53
add action=redirect chain=dstnat comment="" disabled=no dst-port=53 \
protocol=udp to-ports=53
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
/ip neighbor discovery
set h-spot discover=yes
set w-net discover=yes
set "- F/O" discover=yes
set x-link discover=yes
set c-20 discover=yes
/ip proxy
set always-from-cache=yes cache-administrator="Server dlm Perawatan" \
cache-drive=secondary-master cache-hit-dscp=4 cache-on-disk=yes \
enabled=yes max-cache-size=unlimited max-client-connections=600 \
max-fresh-time=8w4d max-server-connections=600 parent-proxy=0.0.0.0 \
parent-proxy-port=8080 port=8080 serialize-connections=yes \
src-address=0.0.0.0
/ip proxy access
add action=deny comment="block telnet & spam e-mail relaying" disabled=no \
dst-port=23-25
add action=allow comment="" disabled=no \
dst-host=http://blocked.telkom.net.id/stop.php
add action=allow comment="" disabled=no dst-host=www.google.co.id
add action=allow comment="" disabled=no dst-host=id.yahoo.com
add action=allow comment="" disabled=no dst-host=www.kaskus.us
add action=allow comment="" disabled=no dst-host=www.youtube.com
add action=allow comment="" disabled=no dst-host=www.didigames.com
add action=allow comment="" disabled=no dst-host=www.games.co.id
add action=allow comment="" disabled=no dst-host=www.facebook.com \
redirect-to="blocked.telkom.net.id/stop.php"
add action=deny comment="" disabled=yes dst-host=www.yahoo.com \
redirect-to="id.yahoo.com"
add action=deny comment="" disabled=yes dst-host=www.freewebproxy.net \
redirect-to="blocked.telkom.net.id/stop.php"
add action=deny comment="" disabled=yes dst-host=www.proxy4free.com \
redirect-to="blocked.telkom.net.id/stop.php"
add action=deny comment="" disabled=yes dst-host=www.freeproxy.ca \
redirect-to="blocked.telkom.net.id/stop.php"
add action=deny comment="" disabled=yes dst-host=www.freeproxysite.com \
redirect-to="blocked.telkom.net.id/stop.php"
add action=deny comment="" disabled=yes path=*.exe \
redirect-to="blocked.telkom.net.id/stop.php"
add action=deny comment="" disabled=yes dst-port=80 path=*porn* \
redirect-to="192.168.4.250/graphs/"
add action=deny comment="" disabled=yes dst-host=:download path="" \
redirect-to="www.google.co.id"
add action=allow comment="" disabled=no dst-host=www.tabloidpulsa.co.id
add action=allow comment="" disabled=no dst-host=www.tabloidnova.com/
add action=allow comment="" disabled=no dst-host=id.wikipedia.org
add action=allow comment="" disabled=no dst-host=www.instructables.com
add action=allow comment="" disabled=no dst-host=tv.liputan6.com
add action=allow comment="" disabled=no dst-host=www.kapanlagi.com
add action=allow comment="" disabled=no dst-host=htwitter.com
add action=allow comment="" disabled=no dst-host=www.isekolah.org
/ip proxy cache
add action=allow comment="" disabled=no dst-host=www.facebook.com
add action=allow comment="" disabled=no dst-host=www.indonesiancupid.com
add action=allow comment="" disabled=no dst-host=www.youtube.com
add action=allow comment="" disabled=no dst-host=www.games.co.id
add action=allow comment="" disabled=no dst-host=www.tabloidnova.com
add action=allow comment="" disabled=no dst-host=www.kaskus.us
add action=allow comment="" disabled=no dst-host=twitter.com
add action=allow comment="" disabled=no dst-host=id.yahoo.com
add action=allow comment="" disabled=no dst-host=www.didigames.com
add action=allow comment="" disabled=no dst-host=id.wikipedia.org
add action=allow comment="" disabled=no dst-host=www.alnect.net
add action=allow comment="" disabled=no dst-host=www.kapanlagi.com
add action=allow comment="" disabled=no \
dst-host="http://wikimapia.org/#lat=-8.050062&lon=111.9321281&z=18&l=0&m=b"\
add action=allow comment="" disabled=no dst-host=www.tabloidpulsa.co.id/
add action=allow comment="" disabled=no dst-host=www.instructables.com
add action=allow comment="" disabled=no dst-host=tv.liputan6.com
add action=allow comment="" disabled=no dst-host=www.isekolah.org
add action=allow comment="" disabled=no dst-host=www.google.co.id
/ip proxy direct
add action=allow comment="" disabled=no dst-host=http://www.google.co.id/
/ip route
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 \
gateway="192.168.4.253,- F/O" scope=30 target-scope=10
/ip service
set telnet address=0.0.0.0/0 disabled=no port=23
set ftp address=0.0.0.0/0 disabled=no port=21
set www address=0.0.0.0/0 disabled=no port=80
set www-ssl address=0.0.0.0/0 certificate=none disabled=no port=443
set api address=0.0.0.0/0 disabled=no port=8728
set winbox address=0.0.0.0/0 disabled=no port=8291
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=512k enabled=yes \
inactive-flow-timeout=15s interfaces=all
/ip traffic-flow target
add address=0.0.0.0:1234 disabled=no v9-template-refresh=20 \
v9-template-timeout=30m version=9
/ip upnp
set allow-disable-external-interface=yes enabled=yes show-dummy-rule=yes
/ip upnp interfaces
add disabled=no interface="- F/O" type=external
add disabled=no type=internal
add disabled=no interface=h-spot type=internal
add disabled=no interface=w-net type=internal
add disabled=no interface=x-link type=internal
/queue interface
set h-spot queue=ethernet-default
set w-net queue=ethernet-default
set "- F/O" queue=ethernet-default
set x-link queue=ethernet-default
set c-20 queue=ethernet-default
/radius incoming
set accept=no port=3799
/snmp
set contact="" enabled=no engine-boots=0 engine-id="" location="" \
time-window=15 trap-community=public trap-sink=0.0.0.0 trap-version=1
/system clock manual
set dst-delta=+07:00 dst-end="jul/02/2011 01:50:00" dst-start="jul/02/2011 \
01:50:00" time-zone=+07:00
/system console
add disabled=no port=serial0 term="vt102"
set [ find vcno=1 ] disabled=no term="linux"
set [ find vcno=2 ] disabled=no term="linux"
set [ find vcno=3 ] disabled=no term="linux"
set [ find vcno=4 ] disabled=no term="linux"
set [ find vcno=5 ] disabled=no term="linux"
set [ find vcno=6 ] disabled=no term="linux"
set [ find vcno=7 ] disabled=no term="linux"
set [ find vcno=8 ] disabled=no term="linux"
/system console screen
set line-count=25
/system hardware
set multi-cpu=no
/system health
set state-after-reboot=enabled
/system identity
set name="= Bangau-Putih ="
/system logging
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical
add action=memory disabled=yes prefix="" topics=web-proxy
add action=remote disabled=yes prefix="" topics=web-proxy
/system note
set note="" show-at-login=yes
/system ntp client
set enabled=yes mode=unicast primary-ntp=202.134.1.10 secondary-ntp=0.0.0.0
/system scheduler
add comment="" disabled=no interval=6h name="remove-ARP" on-event=arp \
start-date=aug/23/2011 start-time=05:00:00
add comment="" disabled=yes interval=1d name="reboot" on-event=reboot \
start-date=jan/01/2009 start-time=04:00:00
/system script
add name="arp" policy="ftp,reboot,read,write,policy,test,winbox,password,sniff,\
(unknown)" source="/ip arp remove [find]"
add name="reboot" policy=ftp,reboot,read,write,policy,test,winbox,password,snif\
f source="/system reboot"
add name="bussy-dell" \
policy="ftp,reboot,read,write,policy,test,winbox,password,sniff,(unknown)" \
source=":foreach i in=[/ip dhcp-server lease find \
status=\"busy\"]\\\r\ndo={\r\n:log error (\"Busy status detected: \" . \
[/ip dhcp-server lease get \$i address]);\r\n/ip dhcp-server lease \
check-status \$i;\r\n/ip dhcp-server lease disable \$i;\r\n/ip dhcp-server \
lease enable \$i;\r\n}"
add name="drop-percec-bitpersec" \
policy="ftp,reboot,read,write,policy,test,winbox,password,sniff,(unknown)" \
source="/interface ethernet {\r\n :foreach i in=[find] do={\r\n \
:local infName [get \$i name]\r\n :local sysName [/system identity \
get name]\r\n /interface monitor-traffic \$infName once do={\r\n \
:log info \
(\"Interface,\$sysName,\$infName,\$\"rx-packets-per-second\",\$\"rx-drops-p\
er-second\",\$\"rx-bits-per-second\",\$\"tx-packets-per-second\",\$\"tx-dro\
ps-per-second\",\$\"tx-bits-per-second\"\");\r\n }\r\n }\r\n}"
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 \
secondary-server=0.0.0.0 user=""
/system watchdog
set auto-send-supout=no automatic-supout=no no-ping-delay=5m \
watch-address=none watchdog-timer=no
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=100
/tool e-mail
set from="<>" server=0.0.0.0
/tool graphing
set store-every=5min
/tool graphing interface
add allow-address=0.0.0.0/0 disabled=no interface=all store-on-disk=yes
/tool graphing queue
add allow-address=0.0.0.0/0 allow-target=yes disabled=no simple-queue=all \
store-on-disk=yes
/tool graphing resource
add allow-address=0.0.0.0/0 disabled=no store-on-disk=yes
/tool mac-server
add disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool sniffer
set file-limit=10 file-name="" filter-address1=0.0.0.0/0:0-65535 \
filter-address2=0.0.0.0/0:0-65535 filter-protocol=ip-only \
filter-stream=yes interface=all memory-limit=10 only-headers=no \
streaming-enabled=no streaming-server=0.0.0.0
/user
add address=0.0.0.0/0 comment="system default user" disabled=no group=full \
name="admin"
add address=0.0.0.0/0 comment="" disabled=no group=full name="ext"
/user aaa
set accounting=yes default-group=read interim-update=0s use-radius=no
/ip hotspot
add address-pool=c-20 addresses-per-mac=10 disabled=no idle-timeout=10m \
interface=c-20 keepalive-timeout=none name="c-20" profile=c-20
add address-pool=h-spot disabled=no idle-timeout=10m interface=h-spot \
keepalive-timeout=none name="h-spot" profile=h-spot
add address-pool=w-net addresses-per-mac=4 disabled=no idle-timeout=10m \
interface=w-net keepalive-timeout=none name="w-net" profile=w-net
add address-pool=x-link disabled=no idle-timeout=10m interface=x-link \
keepalive-timeout=none name="x-link" profile=x-link
/ip hotspot ip-binding ......... (tidk di tampilkan)
-
-
-
-
/ip hotspot service-port
set ftp disabled=no ports=21
/ip hotspot user ...... (tidak ditampilkan)
-
-
-
-
/ip dhcp-server network
add address=192.168.0.0/24 comment="c-20" gateway=192.168.0.254
add address=192.168.10.0/24 comment="h-spot" gateway=192.168.10.254
add address=192.168.20.0/24 comment="w-net" gateway=192.168.20.254
add address=192.168.200.0/24 comment="x-link" gateway=192.168.200.254
---------------------------- bersambung -----------------------------
bukanya apa .... di-luarsana ternyata konsep orng pintar minter-i yg bodoh itu kenthel sekali .... untung paidjo yg bodoh (riilnya gt siihh ...) gak sampek terpengaruh oleh paket2 bahkan promosi2 yg mengatakan mampu "setting mikrotik cap dewa" ... xixixixi (nyontek bahasa-ne begawan londho) .....
bak promomosi kecap atau apalah namanya .... disitu di sebutkan ... ba bi bu be bo ....... preeeeetttt ....
ibarat juru masak .... waloupun kebetulan sudah di cap koki no-1 tingkat nasional ... suruh masak tempe goreng vs anak2 panti asuhan yg kebetulan isone masak yo tempe goreng .... itu-pun krn gak pernah ada bahan selain itu di panti .... paling rasa-ne juga sama ato bahkan mungkin anak2 tmn panti asuhan akan lbh seneng masakan temannya krn ngerti btul kebiasaan dlm rasa dll yg intinya lebih dekat dgn keadaan panti tsb .... kwi sik musuh panti ....
coba kita bandingkan lagi vs yg lebih pro dikit misal-e bakul bakso "ARYA" misal-e ... akan terlihat jelas ... hasil masakan bakso si koki tsb akan kalah di lidah orng2 tulungagung sini (cuman menggambarkan lho : tanpa ada maksud lain2) ....
dari 2 perumpamaan itu kita ambil ilmunya ....
bahwa tiap orng / lingkungan memiliki kebiasaan dan citarasa yg berbeda2 menurut keadaan lingkungan setempat .... (contohnya paidjo sing kadung kebiasaan makan "sego pecel" di beri "pitza" ... yo gak tepat .... paling cuman ge tombo penasaran thok .... ) ...
dan untuk kesekian kalinya paidjo ingatkan .... mbako enak di campur bakso enak hasilnya .... xixixixix ... gak passss ....wahahahahah ...
laluuuuu ... setting dewa itu yg bagaimana tho sebenarnya ..... ?????????/
jawabannya adalah setting yg sesuai keadaan dan kebutuhan lingkungan setempat .... (contekan resep pitza no-1-pun mungkin akan dibiarkan berserakan oleh paidjo krn dia g butuh itu ... dan justru resep kue klepon bisa jadi di simpan rapi bahkan di laminating bak piagam penghargaan ... xixixixixi )
bisa juga dibilang ...." resep setting dewa itu nafsi-nafsi / relative ".... ukurannya hanya berhasil / tidak ... jadi / enggak .... sukses / gagal ....
dan contoh yg biasa2 saja asal normal jalannya ya spt ini :....
/interface ethernet
set 0 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes \
mac-address=00:C0:26:8C:45:73 mtu=1500 name="h-spot" speed=100Mbps
set 1 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes \
mac-address=00:04:75:8E:0A:79 mtu=1500 name="w-net" speed=100Mbps
set 2 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes \
mac-address=00:04:75:D0:E7:9A mtu=1500 name="- F/O" speed=100Mbps
set 3 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes \
mac-address=00:04:75:C1:1B:71 mtu=1500 name="x-link" speed=100Mbps
set 4 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes \
mac-address=00:90:27:9C:09:52 mtu=1500 name="c-20" speed=100Mbps
/ip pool
add name="w-net" ranges=192.168.20.1-192.168.20.253
add name="h-spot" ranges=192.168.10.40-192.168.10.239
add name="c-20" ranges=192.168.0.1-192.168.0.253
add name="x-link" ranges=192.168.200.1-192.168.200.239
/port
set 0 baud-rate=9600 data-bits=8 flow-control=hardware name="serial0" \
parity=none stop-bits=1
set 1 baud-rate=9600 data-bits=8 flow-control=hardware name="serial1" \
parity=none stop-bits=1
/queue type
set default kind=pfifo name="default" pfifo-limit=50
set ethernet-default kind=pfifo name="ethernet-default" pfifo-limit=50
set wireless-default kind=sfq name="wireless-default" sfq-allot=1514 \
sfq-perturb=5
set synchronous-default kind=red name="synchronous-default" \
red-avg-packet=1000 red-burst=20 red-limit=60 red-max-threshold=50 \
red-min-threshold=10
set hotspot-default kind=sfq name="hotspot-default" sfq-allot=1514 \
sfq-perturb=5
set default-small kind=pfifo name="default-small" pfifo-limit=10
/snmp
set contact="" enabled=no engine-boots=0 engine-id="" location="" \
time-window=15 trap-community=public trap-sink=0.0.0.0 trap-version=1
/snmp community
add address=0.0.0.0/0 authentication-password="" authentication-protocol=MD5 \
encryption-password="" encryption-protocol=DES name="public" \
read-access=yes security=none
/system logging action
set memory memory-lines=100 memory-stop-on-full=no name="memory" target=memory
set disk disk-lines=1000 disk-stop-on-full=no name="disk" target=disk
set echo name="echo" remember=yes target=echo
set remote name="remote" remote=192.168.8.102:514 target=remote
/user group
add name="read" policy=local,telnet,ssh,reboot,read,test,winbox,password,web,sn\
iff,!ftp,!write,!policy
add name="write" policy=local,telnet,ssh,reboot,read,write,test,winbox,password\
,web,sniff,!ftp,!policy
add name="full" policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbo\
x,password,web,sniff
/ip hotspot profile
set default dns-name="hotspot.ta" hotspot-address=0.0.0.0 \
html-directory=hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 \
login-by=cookie,http-chap name="default" rate-limit="" smtp-server=0.0.0.0 \
split-user-domain=no use-radius=no
add dns-name="halloudin.ta" hotspot-address=192.168.0.254 \
html-directory=hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:8080 \
login-by=cookie,http-chap name="c-20" rate-limit="" \
smtp-server=192.168.0.254 split-user-domain=no use-radius=no
add dns-name="bangauputih.ta" hotspot-address=192.168.10.254 \
html-directory=hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:8080 \
login-by=cookie,http-chap name="h-spot" rate-limit="200k/1000k" \
smtp-server=192.168.10.254 split-user-domain=no use-radius=no
add dns-name="warnet.ta" hotspot-address=192.168.20.254 html-directory=warnet \
http-cookie-lifetime=3d http-proxy=0.0.0.0:8080 login-by=cookie,http-chap \
name="w-net" rate-limit="" smtp-server=192.168.20.254 split-user-domain=no \
use-radius=no
add dns-name="sumbergempol.ta" hotspot-address=192.168.200.254 \
html-directory=hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:8080 \
login-by=cookie,http-chap name="x-link" rate-limit="200k/1000k" \
smtp-server=192.168.200.254 split-user-domain=no use-radius=no
/ip hotspot user profile
set default address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=sites.google.com/site/halloudin/tagihan \
idle-timeout=none keepalive-timeout=2m name="default" \
open-status-page=always rate-limit="60k/300k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="h-spot = coba" open-status-page=always rate-limit="40k/200k 40k/400k \
20k/100k 5/5 7 40k/100k" shared-users=3 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=w-net advertise=no idle-timeout=none keepalive-timeout=2m \
name="w-net = coba" open-status-page=always shared-users=3 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Yoyok 'C (10)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Resta 'C (10)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=http://192.168.10.254/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="60rb Bayu 'C (10)" \
open-status-page=always rate-limit="40k/200k 40k/400k 20k/100k 5/5 7 \
40k/100k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=5m \
advertise-timeout=3m advertise-url=192.168.10.254/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="60rb Brina 'Rngn7 (10)" \
open-status-page=always rate-limit="40k/200k" session-timeout=1h \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Enid (10)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=bangauputih.ta/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="60rb Fathoni 'J (15)" \
open-status-page=always rate-limit="40k/200k 40k/400k 20k/100k 5/5 7 \
40k/100k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Aziz 'C (10)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Shes 'B (10)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="z-hotspot" open-status-page=always rate-limit="100k/1000k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=w-net advertise=no idle-timeout=none keepalive-timeout=2m \
name="Warnet = 600" open-status-page=always rate-limit="80k/400k 80k/800k \
80k/200k 5/5 7 80k/400k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=w-net advertise=no idle-timeout=none keepalive-timeout=2m \
name="Warnet = 500" open-status-page=always rate-limit="80k/400k 80k/800k \
80k/200k 5/5 7 80k/400k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=bangauputih.ta/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="60rb Idasuko 'B (10)" \
open-status-page=always rate-limit="40k/200k 40k/400k 20k/100k 5/5 7 \
40k/100k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="SAMSUNG" open-status-page=always rate-limit="500k/500k 500k/1000k \
500k/300k 10/10 7 500k/300k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=2m \
advertise-timeout=1m advertise-url=http://192.168.10.254/tagihan.html \
idle-timeout=none keepalive-timeout=2m name="40rb AA 'E (25)" \
open-status-page=always rate-limit="20k/100k 20k/200k 20k/50k 5/5 7 \
20k/50k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="h-spot = udin" open-status-page=always rate-limit="100k/1000k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Danis 'H (10)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Afif 'H (15)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=w-net advertise=no idle-timeout=none keepalive-timeout=2m \
name="ADMIN" open-status-page=always rate-limit="500k/500k 500k/1000k \
500k/300k 10/10 7 500k/300k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb Hana 'G (10)" open-status-page=always rate-limit="40k/200k" \
session-timeout=1h shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="h-spot = paket 10rb" open-status-page=always rate-limit="60k/300k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="PAKET kB/s" open-status-page=always rate-limit="100k/1000k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="PAKET JAM (2)" open-status-page=always rate-limit="60k/300k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Nafis 'E (15)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="40rb Basid 'J (15)" open-status-page=always rate-limit="20k/100k \
20k/200k 20k/50k 5/5 7 20k/50k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=bangauputih.ta/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="60rb Rahmat 'I (10)" \
open-status-page=always rate-limit="40k/200k 40k/400k 20k/100k 5/5 7 \
40k/100k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Irwan 'H (15)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="25rb Yopi (20)" open-status-page=always rate-limit="12k/60k 12k/120k \
12k/30k 5/5 7 12k/30k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=bangauputih.ta/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="60rb Timbul 'E (10)" \
open-status-page=always rate-limit="40k/200k 40k/400k 20k/100k 5/5 7 \
40k/100k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no keepalive-timeout=2m name="60rb Uun \
'Link" open-status-page=always rate-limit="60k/300k 60k/600k 60k/150k 5/5 \
7 60k/150k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Nofal 'C (18)" open-status-page=always rate-limit="40k/200k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Tara 'C (20)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Zainal 'B (20)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Yeremia 'H (10)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="40rb Yeyen 'A (10)" open-status-page=always rate-limit="20k/100k \
20k/200k 20k/50k 5/5 7 20k/50k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Bogi 'I (10)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb kepri (free)" open-status-page=always rate-limit="50k/250k \
50k/500k 50k/125k 5/5 7 50k/125k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="h-spot = promo" open-status-page=always rate-limit="500k/500k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=none keepalive-timeout=2m \
name="admin = x-link" open-status-page=always rate-limit="500k/500k \
500k/1000k 500k/300k 10/10 7 500k/300k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=immediately advertise-url=bangauputih.ta/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="60rb Hafi 'J (22)" \
open-status-page=always rate-limit="40k/200k 40k/400k 20k/100k 5/5 7 \
40k/100k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=30s \
advertise-timeout=immediately \
advertise-url=http://192.168.10.254/tagihan.html idle-timeout=1h \
keepalive-timeout=1m name="100rb juweni" open-status-page=always \
rate-limit="20k/200k" session-timeout=1m shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=w-net advertise=no idle-timeout=none keepalive-timeout=2m \
name="Warnet = 700" open-status-page=always rate-limit="80k/400k 80k/800k \
80k/200k 5/5 7 80k/400k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=1h keepalive-timeout=30m \
name="60rb agus (21)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=x-link advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=192.168.200.254/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="25rb anissa (24)" \
open-status-page=always rate-limit="6k/60k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=1h keepalive-timeout=2m \
name="100rb nanang (21)" open-status-page=always rate-limit="60k/300k \
60k/600k 60k/150k 5/5 7 60k/150k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=w-net advertise=no idle-timeout=none keepalive-timeout=2m \
name="warnet laptop" open-status-page=always rate-limit="20k/200k" \
shared-users=2 status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb elfatoni (4)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb rina (5)" open-status-page=always rate-limit="40k/200k 40k/400k \
20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=bangauputih.ta/tagihan.html \
idle-timeout=1h keepalive-timeout=2m name="40rb Bambang 'B (5)" \
open-status-page=always rate-limit="20k/100k 20k/200k 20k/50k 5/5 7 \
20k/50k" shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb Hilmy 'F (12)" open-status-page=always rate-limit="40k/200k" \
session-timeout=1h shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="40rb Tentami 'E (10)" open-status-page=always rate-limit="20k/100k \
20k/200k 20k/50k 5/5 7 20k/50k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=c-20 advertise=no idle-timeout=none keepalive-timeout=2m \
name="Hallo.Udin - FULL" open-status-page=always shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=none keepalive-timeout=2m \
name="trial = X-link" open-status-page=always rate-limit="60k/300k \
60k/500k 20k/100k 5/5 7 40k/100k" shared-users=3 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="trial-hotspot" open-status-page=always rate-limit="20k/200k" \
shared-users=6 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=sites.google.com/site/halloudin/tagihan \
idle-timeout=1h keepalive-timeout=2m name="40rb Rendra (10)" \
open-status-page=always rate-limit="20k/100k" session-timeout=1h \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="PAKET JAM (1)" open-status-page=always rate-limit="60k/300k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="40rb ike (30)" open-status-page=always rate-limit="20k/100k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Uun 'Hspot" open-status-page=always rate-limit="60k/300k \
60k/600k 60k/150k 5/5 7 60k/150k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb Purbo (23)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Fuad (03)" open-status-page=always rate-limit="40k/200k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=5m \
advertise-timeout=3m advertise-url=192.168.10.254/tagihan.html \
idle-timeout=none keepalive-timeout=2m name="60rb Ratri (05)" \
open-status-page=always rate-limit="40k/200k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Yhudi (11)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb Budi-sp (11)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10m \
advertise-timeout=1m advertise-url=bangauputih.ta/tagihan.html \
idle-timeout=none keepalive-timeout=2m name="60rb Jack (16)" \
open-status-page=always rate-limit="40k/200k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb yos (10)" open-status-page=always rate-limit="40k/200k 40k/400k \
20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=yes advertise-interval=10s \
advertise-timeout=immediately \
advertise-url=http://192.168.10.254/tagihan.html idle-timeout=1h \
keepalive-timeout=1m name="60rb Fikrul (16)" open-status-page=always \
rate-limit="40k/200k 40k/400k 20k/100k 5/5 7 40k/100k" session-timeout=30s \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb laily (27)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb rini (24)" open-status-page=always rate-limit="40k/200k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=1h keepalive-timeout=2m \
name="60rb indah (1)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=c-20 advertise=no idle-timeout=none keepalive-timeout=2m \
name="Hallo.Udin -1 (c-20)" open-status-page=always rate-limit="500k/500k \
500k/1000k 500k/300k 10/10 7 500k/300k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add address-pool=w-net advertise=no idle-timeout=none keepalive-timeout=2m \
name="warnet = c3" open-status-page=always rate-limit="400k/200k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=1h keepalive-timeout=2m \
name="40rb Dayu 10" open-status-page=always rate-limit="20k/100k 20k/200k \
20k/50k 5/5 7 20k/50k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=c-20 advertise=no idle-timeout=none keepalive-timeout=2m \
name="Hallo.Udin -2 (c-20)" open-status-page=always \
rate-limit="1000k/1000k 1000k/2000k 1000k/500k 10/10 7 1000k/500k" \
shared-users=1 status-autorefresh=1m transparent-proxy=yes
add address-pool=x-link advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb hariyanto 12" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb Nuraji (12)" open-status-page=always rate-limit="40k/200k \
40k/400k 20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
add address-pool=h-spot advertise=no idle-timeout=none keepalive-timeout=2m \
name="60rb Ali (18)" open-status-page=always rate-limit="40k/200k 40k/400k \
20k/100k 5/5 7 40k/100k" shared-users=1 status-autorefresh=1m \
transparent-proxy=yes
/ip dhcp-server
add add-arp=yes address-pool=w-net always-broadcast=yes \
authoritative=after-2sec-delay bootp-support=static disabled=no \
interface=w-net lease-time=4w2d name="w-net" src-address=192.168.20.254
add add-arp=yes address-pool=h-spot always-broadcast=yes \
authoritative=after-2sec-delay bootp-support=static disabled=no \
interface=h-spot lease-time=12w6d name="h-spot" src-address=192.168.10.254
add add-arp=yes address-pool=c-20 always-broadcast=yes \
authoritative=after-2sec-delay bootp-support=static disabled=no \
interface=c-20 lease-time=4w2d name="c20" src-address=192.168.10.254
add add-arp=yes address-pool=x-link always-broadcast=yes \
authoritative=after-2sec-delay bootp-support=static disabled=no \
interface=x-link lease-time=12w6d name="xl-ink" \
src-address=192.168.200.254
/interface bridge port
add comment="" disabled=no edge=auto external-fdb=auto horizon=none \
interface="- F/O" path-cost=10 point-to-point=auto priority=0x80
add comment="" disabled=no edge=auto external-fdb=auto horizon=none \
interface=c-20 path-cost=10 point-to-point=auto priority=0x80
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-vlan=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=10.0.0.1/32
/ip address
add address=192.168.4.250/24 broadcast=192.168.4.255 comment="" disabled=no \
interface="- F/O" network=192.168.4.0
add address=192.168.10.254/24 broadcast=192.168.10.255 comment="" disabled=no \
interface=h-spot network=192.168.10.0
add address=192.168.20.254/24 broadcast=192.168.20.255 comment="" disabled=no \
interface=w-net network=192.168.20.0
add address=192.168.200.254/24 broadcast=192.168.200.255 comment="" \
disabled=no interface=x-link network=192.168.200.0
add address=192.168.0.254/24 broadcast=192.168.0.255 comment="" disabled=no \
interface=c-20 network=192.168.0.0
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=20480KiB \
max-udp-packet-size=512 primary-dns=192.168.4.253 \
secondary-dns=202.134.1.10
/ip dns static
add address=192.168.10.20 disabled=no name="ap-utama.net" ttl=1d
add address=192.168.200.249 disabled=no name="waras.in" ttl=1d
add address=192.168.200.247 disabled=no name="waras.out" ttl=1d
add address=192.168.200.248 disabled=no name="waras.link" ttl=1d
add address=192.168.0.250 disabled=no name="home.net" ttl=1d
add address=192.168.20.250 disabled=no name="linux.net" ttl=1d
add address=192.168.10.11 disabled=no name="repeater-b.net" ttl=1d
add address=192.168.10.12 disabled=no name="repeater-c.net" ttl=1d
add address=192.168.10.13 disabled=no name="repeater-h.net" ttl=1d
add address=192.168.10.16 disabled=no name="repeater-j.net" ttl=1d
add address=192.168.10.18 disabled=no name="repeater-a.net" ttl=1d
add address=192.168.10.21 disabled=no name="repeater-senggol.net" ttl=1d
add address=192.168.10.26 disabled=no name="repeater-g.net" ttl=1d
add address=192.168.10.27 disabled=no name="repeater-h2.net" ttl=1d
add address=192.168.10.25 disabled=no name="repeater-a2" ttl=1d
add address=192.168.200.241 disabled=no name="repeater-selojeneng.net" ttl=1d
add address=192.168.200.242 disabled=no name="repeater-selojeneng2.net" ttl=1d
add address=192.168.10.5 disabled=no name="cctv-pintu-utama.net" ttl=1d
add address=192.168.10.6 disabled=no name="cctv-pintu-a.net" ttl=1d
add address=192.168.10.7 disabled=no name="cctv-pintu-b.net" ttl=1d
add address=192.168.10.8 disabled=no name="cctv-pintu-i.net" ttl=1d
add address=192.168.10.9 disabled=no name="cctv-pintu-k1.net" ttl=1d
add address=192.168.10.10 disabled=no name="cctv-pintu-k2.net" ttl=1d
add address=192.168.0.250 disabled=no name="router741.net" ttl=1d
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=yes \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment="place hotspot rules \
here" disabled=yes
add action=drop chain=input comment="===== close proxy =====" disabled=no \
dst-port=8080 in-interface="- F/O" protocol=tcp
add action=accept chain=forward comment="allow established connections" \
connection-state=established disabled=no
add action=accept chain=forward comment="allow related connections" \
connection-state=related disabled=no
add action=drop chain=forward comment="drop invalid connections" \
connection-state=invalid disabled=no
add action=drop chain=virus comment="drop blaster worm" disabled=no \
dst-port=135-139 protocol=tcp
add action=drop chain=virus comment="drop messeger worm" disabled=no \
dst-port=135-139 protocol=udp
add action=drop chain=virus comment="drop blaster worm" disabled=no \
dst-port=455 protocol=tcp
add action=drop chain=virus comment="drop blaster worm" disabled=no \
dst-port=455 protocol=udp
add action=drop chain=virus comment="_________" disabled=no dst-port=593 \
protocol=tcp
add action=drop chain=virus comment="___________" disabled=no \
dst-port=1024-1030 protocol=tcp
add action=drop chain=virus comment="drop my-doom" disabled=no dst-port=1080 \
protocol=tcp
add action=drop chain=virus comment="_________" disabled=no dst-port=1224 \
protocol=tcp
add action=drop chain=virus comment="ndm requester" disabled=no dst-port=1363 \
protocol=tcp
add action=drop chain=virus comment="ndm server" disabled=no dst-port=1364 \
protocol=tcp
add action=drop chain=virus comment="screen cast" disabled=no dst-port=1368 \
protocol=tcp
add action=drop chain=virus comment="hromgrafx" disabled=no dst-port=1373 \
protocol=tcp
add action=drop chain=virus comment="dcichild" disabled=no dst-port=1377 \
protocol=tcp
add action=drop chain=virus comment="worm" disabled=no dst-port=1433-1434 \
protocol=tcp
add action=drop chain=virus comment="dumaru.y" disabled=no dst-port=2283 \
protocol=tcp
add action=drop chain=virus comment="drop bangle" disabled=no dst-port=2535 \
protocol=tcp
add action=drop chain=virus comment="bangle virus" disabled=no dst-port=2745 \
protocol=tcp
add action=drop chain=virus comment="drop my-doom" disabled=no \
dst-port=3127-3128 protocol=tcp
add action=drop chain=virus comment="drop back-door optic-pro" disabled=no \
dst-port=3410 protocol=tcp
add action=drop chain=virus comment="worm" disabled=no dst-port=4444 \
protocol=tcp
add action=drop chain=virus comment="worm" disabled=no dst-port=4444 \
protocol=udp
add action=drop chain=virus comment="drop sasser" disabled=no dst-port=5554 \
protocol=tcp
add action=drop chain=virus comment="drop bangle.b" disabled=no dst-port=8866 \
protocol=tcp
add action=drop chain=virus comment="drop darbber.a-b" disabled=no \
dst-port=9898 protocol=tcp
add action=drop chain=virus comment="drop damaru.y" disabled=no dst-port=10000 \
protocol=tcp
add action=drop chain=virus comment="drop my-doom.b" disabled=no \
dst-port=10080 protocol=tcp
add action=drop chain=virus comment="drop netbus" disabled=no dst-port=12345 \
protocol=tcp
add action=drop chain=virus comment="drop kuang2" disabled=no dst-port=17300 \
protocol=tcp
add action=drop chain=virus comment="drop subseven" disabled=no dst-port=27374 \
protocol=tcp
add action=drop chain=virus comment="drop pathbot,agobot,gaobot" disabled=no \
dst-port=65506 protocol=tcp
add action=jump chain=forward comment="jump to the virus chaint" disabled=no \
jump-target=virus
add action=accept chain=forward comment="allow ping" disabled=no protocol=icmp
add action=accept chain=forward comment="allow udp" disabled=no protocol=udp
/ip firewall mangle
add action=mark-packet chain=prerouting comment="up traffic (c-20)" \
disabled=no in-interface=c-20 new-packet-mark="test-up (c-20)" \
passthrough=no src-address=192.168.0.0/24
add action=mark-packet chain=prerouting comment="up traffic (h-spot)" \
disabled=no in-interface=h-spot new-packet-mark="test-up (h-spot)" \
passthrough=no src-address=192.168.10.0/24
add action=mark-packet chain=prerouting comment="up traffic (w-net)" \
disabled=no in-interface=w-net new-packet-mark="test-up (w-net)" \
passthrough=no src-address=192.168.20.0/24
add action=mark-packet chain=prerouting comment="up traffic (x-link)" \
disabled=no in-interface=x-link new-packet-mark="test-up (x-link)" \
passthrough=no src-address=192.168.200.0/24
add action=mark-connection chain=forward comment="conn-mark c-20) \
---------------------------------------------------------------------------\
------------" disabled=no new-connection-mark="tes-conn (c-20)" \
passthrough=yes src-address=192.168.0.0/24
add action=mark-connection chain=forward comment="conn-mark (h-spot)" \
disabled=no new-connection-mark="tes-conn (h-spot)" passthrough=yes \
src-address=192.168.10.0/24
add action=mark-connection chain=forward comment="conn-mark (w-net)" \
disabled=no new-connection-mark="tes-conn (w-net)" passthrough=yes \
src-address=192.168.20.0/24
add action=mark-connection chain=forward comment="conn-mark (x-link)" \
disabled=no new-connection-mark="tes-conn (x-link)" passthrough=yes \
src-address=192.168.200.0/24
add action=mark-packet chain=forward comment="down-direct (c-20) \
---------------------------------------------------------------------------\
---------" disabled=no in-interface="- F/O" new-packet-mark="test-down \
(c-20)" packet-mark="test-up (c-20)" passthrough=no \
src-address=192.168.0.0/24
add action=mark-packet chain=forward comment="down-direct (h-spot)" \
disabled=no in-interface="- F/O" new-packet-mark="test-down (h-spot)" \
packet-mark="test-up (h-spot)" passthrough=no src-address=192.168.10.0/24
add action=mark-packet chain=forward comment="down-direct (w-net)" disabled=no \
in-interface="- F/O" new-packet-mark="test-down (w-net)" \
packet-mark="test-up (w-net)" passthrough=no src-address=192.168.20.0/24
add action=mark-packet chain=forward comment="down-direct (x-link)" \
disabled=no in-interface="- F/O" new-packet-mark="test-down (x-link)" \
packet-mark="test-up (x-link)" passthrough=no src-address=192.168.200.0/24
add action=mark-packet chain=output comment="proxy-down (c-20) \
---------------------------------------------------------------------------\
----------" disabled=no new-packet-mark="proxy-down (c-20)" passthrough=no \
src-address=192.168.0.0/24
add action=mark-packet chain=output comment="proxy-down (h-spot)" disabled=no \
new-packet-mark="proxy-down (h-spot)" passthrough=no \
src-address=192.168.10.0/24
add action=mark-packet chain=output comment="proxy-down (w-net)" disabled=no \
new-packet-mark="proxy-down (w-net)" passthrough=no \
src-address=192.168.20.0/24
add action=mark-packet chain=output comment="proxy-down (x-link)" disabled=no \
new-packet-mark="proxy-down (x-link)" passthrough=no \
src-address=192.168.200.0/24
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment="place hotspot rules \
here" disabled=yes
add action=redirect chain=dstnat comment="Web-Proxy" disabled=no dst-port=80 \
protocol=tcp to-ports=8080
add action=masquerade chain=srcnat comment="masquerade hotspot (c-20)" \
disabled=no src-address=192.168.0.0/24
add action=masquerade chain=srcnat comment="masquerade hotspot (h-spot)" \
disabled=no src-address=192.168.10.0/24
add action=masquerade chain=srcnat comment="masquerade hotspot (w-net)" \
disabled=no src-address=192.168.20.0/24
add action=masquerade chain=srcnat comment="masquerade hotspot (x-link)" \
disabled=no src-address=192.168.200.0/24
add action=redirect chain=dstnat comment="" disabled=no dst-port=53 \
protocol=tcp to-ports=53
add action=redirect chain=dstnat comment="" disabled=no dst-port=53 \
protocol=udp to-ports=53
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
/ip neighbor discovery
set h-spot discover=yes
set w-net discover=yes
set "- F/O" discover=yes
set x-link discover=yes
set c-20 discover=yes
/ip proxy
set always-from-cache=yes cache-administrator="Server dlm Perawatan" \
cache-drive=secondary-master cache-hit-dscp=4 cache-on-disk=yes \
enabled=yes max-cache-size=unlimited max-client-connections=600 \
max-fresh-time=8w4d max-server-connections=600 parent-proxy=0.0.0.0 \
parent-proxy-port=8080 port=8080 serialize-connections=yes \
src-address=0.0.0.0
/ip proxy access
add action=deny comment="block telnet & spam e-mail relaying" disabled=no \
dst-port=23-25
add action=allow comment="" disabled=no \
dst-host=http://blocked.telkom.net.id/stop.php
add action=allow comment="" disabled=no dst-host=www.google.co.id
add action=allow comment="" disabled=no dst-host=id.yahoo.com
add action=allow comment="" disabled=no dst-host=www.kaskus.us
add action=allow comment="" disabled=no dst-host=www.youtube.com
add action=allow comment="" disabled=no dst-host=www.didigames.com
add action=allow comment="" disabled=no dst-host=www.games.co.id
add action=allow comment="" disabled=no dst-host=www.facebook.com \
redirect-to="blocked.telkom.net.id/stop.php"
add action=deny comment="" disabled=yes dst-host=www.yahoo.com \
redirect-to="id.yahoo.com"
add action=deny comment="" disabled=yes dst-host=www.freewebproxy.net \
redirect-to="blocked.telkom.net.id/stop.php"
add action=deny comment="" disabled=yes dst-host=www.proxy4free.com \
redirect-to="blocked.telkom.net.id/stop.php"
add action=deny comment="" disabled=yes dst-host=www.freeproxy.ca \
redirect-to="blocked.telkom.net.id/stop.php"
add action=deny comment="" disabled=yes dst-host=www.freeproxysite.com \
redirect-to="blocked.telkom.net.id/stop.php"
add action=deny comment="" disabled=yes path=*.exe \
redirect-to="blocked.telkom.net.id/stop.php"
add action=deny comment="" disabled=yes dst-port=80 path=*porn* \
redirect-to="192.168.4.250/graphs/"
add action=deny comment="" disabled=yes dst-host=:download path="" \
redirect-to="www.google.co.id"
add action=allow comment="" disabled=no dst-host=www.tabloidpulsa.co.id
add action=allow comment="" disabled=no dst-host=www.tabloidnova.com/
add action=allow comment="" disabled=no dst-host=id.wikipedia.org
add action=allow comment="" disabled=no dst-host=www.instructables.com
add action=allow comment="" disabled=no dst-host=tv.liputan6.com
add action=allow comment="" disabled=no dst-host=www.kapanlagi.com
add action=allow comment="" disabled=no dst-host=htwitter.com
add action=allow comment="" disabled=no dst-host=www.isekolah.org
/ip proxy cache
add action=allow comment="" disabled=no dst-host=www.facebook.com
add action=allow comment="" disabled=no dst-host=www.indonesiancupid.com
add action=allow comment="" disabled=no dst-host=www.youtube.com
add action=allow comment="" disabled=no dst-host=www.games.co.id
add action=allow comment="" disabled=no dst-host=www.tabloidnova.com
add action=allow comment="" disabled=no dst-host=www.kaskus.us
add action=allow comment="" disabled=no dst-host=twitter.com
add action=allow comment="" disabled=no dst-host=id.yahoo.com
add action=allow comment="" disabled=no dst-host=www.didigames.com
add action=allow comment="" disabled=no dst-host=id.wikipedia.org
add action=allow comment="" disabled=no dst-host=www.alnect.net
add action=allow comment="" disabled=no dst-host=www.kapanlagi.com
add action=allow comment="" disabled=no \
dst-host="http://wikimapia.org/#lat=-8.050062&lon=111.9321281&z=18&l=0&m=b"\
add action=allow comment="" disabled=no dst-host=www.tabloidpulsa.co.id/
add action=allow comment="" disabled=no dst-host=www.instructables.com
add action=allow comment="" disabled=no dst-host=tv.liputan6.com
add action=allow comment="" disabled=no dst-host=www.isekolah.org
add action=allow comment="" disabled=no dst-host=www.google.co.id
/ip proxy direct
add action=allow comment="" disabled=no dst-host=http://www.google.co.id/
/ip route
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 \
gateway="192.168.4.253,- F/O" scope=30 target-scope=10
/ip service
set telnet address=0.0.0.0/0 disabled=no port=23
set ftp address=0.0.0.0/0 disabled=no port=21
set www address=0.0.0.0/0 disabled=no port=80
set www-ssl address=0.0.0.0/0 certificate=none disabled=no port=443
set api address=0.0.0.0/0 disabled=no port=8728
set winbox address=0.0.0.0/0 disabled=no port=8291
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=512k enabled=yes \
inactive-flow-timeout=15s interfaces=all
/ip traffic-flow target
add address=0.0.0.0:1234 disabled=no v9-template-refresh=20 \
v9-template-timeout=30m version=9
/ip upnp
set allow-disable-external-interface=yes enabled=yes show-dummy-rule=yes
/ip upnp interfaces
add disabled=no interface="- F/O" type=external
add disabled=no type=internal
add disabled=no interface=h-spot type=internal
add disabled=no interface=w-net type=internal
add disabled=no interface=x-link type=internal
/queue interface
set h-spot queue=ethernet-default
set w-net queue=ethernet-default
set "- F/O" queue=ethernet-default
set x-link queue=ethernet-default
set c-20 queue=ethernet-default
/radius incoming
set accept=no port=3799
/snmp
set contact="" enabled=no engine-boots=0 engine-id="" location="" \
time-window=15 trap-community=public trap-sink=0.0.0.0 trap-version=1
/system clock manual
set dst-delta=+07:00 dst-end="jul/02/2011 01:50:00" dst-start="jul/02/2011 \
01:50:00" time-zone=+07:00
/system console
add disabled=no port=serial0 term="vt102"
set [ find vcno=1 ] disabled=no term="linux"
set [ find vcno=2 ] disabled=no term="linux"
set [ find vcno=3 ] disabled=no term="linux"
set [ find vcno=4 ] disabled=no term="linux"
set [ find vcno=5 ] disabled=no term="linux"
set [ find vcno=6 ] disabled=no term="linux"
set [ find vcno=7 ] disabled=no term="linux"
set [ find vcno=8 ] disabled=no term="linux"
/system console screen
set line-count=25
/system hardware
set multi-cpu=no
/system health
set state-after-reboot=enabled
/system identity
set name="= Bangau-Putih ="
/system logging
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical
add action=memory disabled=yes prefix="" topics=web-proxy
add action=remote disabled=yes prefix="" topics=web-proxy
/system note
set note="" show-at-login=yes
/system ntp client
set enabled=yes mode=unicast primary-ntp=202.134.1.10 secondary-ntp=0.0.0.0
/system scheduler
add comment="" disabled=no interval=6h name="remove-ARP" on-event=arp \
start-date=aug/23/2011 start-time=05:00:00
add comment="" disabled=yes interval=1d name="reboot" on-event=reboot \
start-date=jan/01/2009 start-time=04:00:00
/system script
add name="arp" policy="ftp,reboot,read,write,policy,test,winbox,password,sniff,\
(unknown)" source="/ip arp remove [find]"
add name="reboot" policy=ftp,reboot,read,write,policy,test,winbox,password,snif\
f source="/system reboot"
add name="bussy-dell" \
policy="ftp,reboot,read,write,policy,test,winbox,password,sniff,(unknown)" \
source=":foreach i in=[/ip dhcp-server lease find \
status=\"busy\"]\\\r\ndo={\r\n:log error (\"Busy status detected: \" . \
[/ip dhcp-server lease get \$i address]);\r\n/ip dhcp-server lease \
check-status \$i;\r\n/ip dhcp-server lease disable \$i;\r\n/ip dhcp-server \
lease enable \$i;\r\n}"
add name="drop-percec-bitpersec" \
policy="ftp,reboot,read,write,policy,test,winbox,password,sniff,(unknown)" \
source="/interface ethernet {\r\n :foreach i in=[find] do={\r\n \
:local infName [get \$i name]\r\n :local sysName [/system identity \
get name]\r\n /interface monitor-traffic \$infName once do={\r\n \
:log info \
(\"Interface,\$sysName,\$infName,\$\"rx-packets-per-second\",\$\"rx-drops-p\
er-second\",\$\"rx-bits-per-second\",\$\"tx-packets-per-second\",\$\"tx-dro\
ps-per-second\",\$\"tx-bits-per-second\"\");\r\n }\r\n }\r\n}"
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 \
secondary-server=0.0.0.0 user=""
/system watchdog
set auto-send-supout=no automatic-supout=no no-ping-delay=5m \
watch-address=none watchdog-timer=no
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=100
/tool e-mail
set from="<>" server=0.0.0.0
/tool graphing
set store-every=5min
/tool graphing interface
add allow-address=0.0.0.0/0 disabled=no interface=all store-on-disk=yes
/tool graphing queue
add allow-address=0.0.0.0/0 allow-target=yes disabled=no simple-queue=all \
store-on-disk=yes
/tool graphing resource
add allow-address=0.0.0.0/0 disabled=no store-on-disk=yes
/tool mac-server
add disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool sniffer
set file-limit=10 file-name="" filter-address1=0.0.0.0/0:0-65535 \
filter-address2=0.0.0.0/0:0-65535 filter-protocol=ip-only \
filter-stream=yes interface=all memory-limit=10 only-headers=no \
streaming-enabled=no streaming-server=0.0.0.0
/user
add address=0.0.0.0/0 comment="system default user" disabled=no group=full \
name="admin"
add address=0.0.0.0/0 comment="" disabled=no group=full name="ext"
/user aaa
set accounting=yes default-group=read interim-update=0s use-radius=no
/ip hotspot
add address-pool=c-20 addresses-per-mac=10 disabled=no idle-timeout=10m \
interface=c-20 keepalive-timeout=none name="c-20" profile=c-20
add address-pool=h-spot disabled=no idle-timeout=10m interface=h-spot \
keepalive-timeout=none name="h-spot" profile=h-spot
add address-pool=w-net addresses-per-mac=4 disabled=no idle-timeout=10m \
interface=w-net keepalive-timeout=none name="w-net" profile=w-net
add address-pool=x-link disabled=no idle-timeout=10m interface=x-link \
keepalive-timeout=none name="x-link" profile=x-link
/ip hotspot ip-binding ......... (tidk di tampilkan)
-
-
-
-
/ip hotspot service-port
set ftp disabled=no ports=21
/ip hotspot user ...... (tidak ditampilkan)
-
-
-
-
/ip dhcp-server network
add address=192.168.0.0/24 comment="c-20" gateway=192.168.0.254
add address=192.168.10.0/24 comment="h-spot" gateway=192.168.10.254
add address=192.168.20.0/24 comment="w-net" gateway=192.168.20.254
add address=192.168.200.0/24 comment="x-link" gateway=192.168.200.254
---------------------------- bersambung -----------------------------
Langganan:
Postingan (Atom)