API tools faq
paste
rootplg3544

Pemisahan Bandwidth browsing dan download dan limit download

rootplg3544
Dec 28th, 2018
490
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.65 KB | None | 0 0
raw download clone embed print report
  1. coba pake langkah2 ini:
  2. 1. buat L7 filtering untuk mengenali tipe mime dari http requests,
  3.  
  4. /ip firewall layer7-protocol
  5. add comment="" name="download" regexp="\\.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|og (x|v|a|g) |rm|r(a|p)m|vob|flv|x-flv|3gp|amr|klv|wav|DivX|mov|wmv|rmvb|aac|zip|rar| iso|exe)"
  6.  
  7. 2. setelah itu, bikin mangle rulenya
  8.  
  9. /ip firewall mangle
  10. add action=mark-connection chain=prerouting protocol=tcp dst-port=53 new-connection-mark=c-dns passthrough=yes comment="Mark DNS"
  11. add action=mark-connection chain=prerouting protocol=udp dst-port=53 new-connection-mark=c-dns passthrough=yes
  12. add action=mark-packet chain= prerouting connection-mark=c-dns new-packet-mark=p-dns passthrough=no
  13.  
  14. add action=mark-connection chain=prerouting protocol=icmp new-connection-mark=c-icmp passthrough=yes comment="Mark ICMP"
  15. add action=mark-packet chain=forward connection-mark=c-icmp new-packet-mark=p-icmp passthrough=no
  16.  
  17. add action=mark-connection chain=postrouting protocol=tcp dst-port=80,8080,3128,8888 new-connection-mark=c-http passthrough=yes comment="Mark HTTP"
  18. add action=mark-packet chain=postrouting connection-mark=c-http new-packet-mark=p-http passthrough=no
  19.  
  20. add action=mark-connection chain=postrouting protocol=tcp dst-port=443 new-connection-mark=c-https passthrough=yes comment="Mark HTTPS"
  21. add action=mark-packet chain=postrouting connection-mark=c-https new-packet-mark=p-https passthrough=no
  22.  
  23. add action=mark-packet chain=postrouting layer7-protocol=download new-packet-mark=pl7-download passthrough=no comment="Mark File DOWNLOAD"
  24.  
  25. 3. Setelah itu buat Queue Treenya
  26.  
  27. /queue tree
  28. add name=”1. Proteksi DNS” parent=global-out packet-mark=p-dns limit-at=32k max-limit=64k queue=default priority=1
  29. add name=”1. Proteksi ICMP” parent= global-out packet-mark=p-icmp limit-at=32k max-limit=64k queue=default priority=1
  30.  
  31. add name=”2. QoS Downstream” parent=global-out max-limit=1M queue=default priority=3
  32. add name=”1. HTTPS” parent="2. QoS Downstream" packet-mark=p-https limit-at=256k max-limit=512k queue=default priority=1
  33. add name=”2. HTTP” parent="2. QoS Downstream" packet-mark=p-http limit-at=256k max-limit=512k queue=default priority=3
  34.  
  35. add name=Download parent="2. QoS Downstream" packet-mark=pl7-download limit-at=256k max-limit=512k queue=default priority=8
  36.  
  37. 4. Selesai, logikanya sih begini, tuh rule bakan prioritas DNS dulu, terus memastikan ICMP packet dapet bandwidth, jadi ping harusnye ga bakal kriting, kemudian baru prioritas browsing, dimana protokol https lebih diutamakan dari pada protokol http, baru download ditaruh paling belakang.
  38.  
  39. nih script belum ane belum sempat coba langsung, tapi harusnya jalan, moga2 berguna.
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!