API tools faq
paste
Advertisement
rootplg3544

10 MB + GGC

rootplg3544
May 8th, 2018
366
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.93 KB | None | 0 0
raw download clone embed print report
  1. /ip firewall address-list
  2. add list="private-lokal" address=0.0.0.0/8
  3. add list="private-lokal" address=10.0.0.0/8
  4. add list="private-lokal" address=100.64.0.0/10
  5. add list="private-lokal" address=127.0.0.0/8
  6. add list="private-lokal" address=169.254.0.0/16
  7. add list="private-lokal" address=172.16.0.0/12
  8. add list="private-lokal" address=192.0.0.0/24
  9. add list="private-lokal" address=192.0.2.0/24
  10. add list="private-lokal" address=192.168.0.0/16
  11. add list="private-lokal" address=198.18.0.0/15
  12. add list="private-lokal" address=198.51.100.0/24
  13. add list="private-lokal" address=203.0.113.0/24
  14. add list="private-lokal" address=224.0.0.0/3
  15.  
  16.  
  17. /ip firewall address-list
  18. add address=garena.co.id list=games
  19. add address=gemscool.co.id list=games
  20. add address=lytogame.com list=games
  21. add address=megaxus.co.id list=games
  22. add address=steampowered.com list=games
  23. add address=118.98.0.0/17 list=ggc-telkom
  24. add address=118.97.0.0/16 list=ggc-telkom
  25.  
  26.  
  27. /ip firewall layer7-protocol
  28. add name=torrent regexp="^.+(Torrent|torrent)"
  29.  
  30.  
  31. /ip firewall filter
  32. add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
  33. add action=accept chain=input comment="defconf: accept ICMP" dst-port=8291-8299,8030-8039,2222,22,5900-5911,1701-1723,8123,1194,8012,8123 protocol=tcp
  34. add action=accept chain=input comment="defconf: accept ICMP" dst-port=8291-8299,8030-8039,2222,22,5900-5911,1701-1723,8123,1194,8012,8123 protocol=udp
  35. add action=accept chain=input comment="defconf: accept established,related" connection-state=established,related
  36. add action=drop chain=input comment="defconf: drop all from WAN" in-interface=ether1
  37. add action=accept chain=forward comment="defconf: accept established,related" connection-state=established,related
  38. add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
  39. add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface=ether1
  40.  
  41.  
  42. /ip firewall mangle
  43. add action=mark-connection chain=prerouting comment=private-lokal dst-address-list=private-lokal new-connection-mark=private-lokal passthrough=yes \
  44. src-address-list=private-lokal
  45. add action=accept chain=prerouting comment=private-lokal connection-mark=private-lokal dst-address-list=private-lokal src-address-list=private-lokal
  46. add action=mark-connection chain=prerouting comment=vip dst-address-list=!private-lokal new-connection-mark=vip passthrough=yes protocol=icmp \
  47. src-address-list=private-lokal
  48. add action=mark-connection chain=prerouting comment=dns dst-address-list=!private-lokal dst-port=53,5353,123,1194 new-connection-mark=vip passthrough=yes \
  49. protocol=tcp src-address-list=private-lokal
  50. add action=mark-connection chain=prerouting comment=dns dst-address-list=!private-lokal dst-port=53,5353,123,1194 new-connection-mark=vip passthrough=yes \
  51. protocol=udp src-address-list=private-lokal
  52. add action=accept chain=prerouting comment=vip connection-mark=vip
  53. add action=mark-connection chain=prerouting comment=jump1 dst-address-list=!private-lokal dst-port=\
  54. !21,22,23,80,81,88,5050,843,443,182,282,8777,1935,8000-8081 layer7-protocol=!torrent new-connection-mark=jump1 passthrough=yes protocol=tcp \
  55. src-address-list=private-lokal
  56. add action=mark-connection chain=prerouting comment=jump1 dst-address-list=!private-lokal dst-port=\
  57. !21,22,23,80,81,88,5050,843,443,182,282,8777,1935,8000-8081 layer7-protocol=!torrent new-connection-mark=jump1 passthrough=yes protocol=udp \
  58. src-address-list=private-lokal
  59. add action=mark-connection chain=prerouting comment=jump11 connection-mark=jump1 dst-address-list=!private-lokal dst-port=\
  60. !8030-8039,2222,5900-5911,1701-1723,8123,1194,8012,8123,8728 layer7-protocol=!torrent new-connection-mark=jump11 passthrough=yes protocol=tcp \
  61. src-address-list=private-lokal
  62. add action=mark-connection chain=prerouting comment=jump11 connection-mark=jump1 dst-address-list=!private-lokal dst-port=\
  63. !8030-8039,2222,5900-5911,1701-1723,8123,1194,8012,8123,8728 layer7-protocol=!torrent new-connection-mark=jump11 passthrough=yes protocol=udp \
  64. src-address-list=private-lokal
  65. add action=mark-connection chain=prerouting comment=games connection-mark=jump11 dst-address-list=!private-lokal dst-port=!53,5353,5938,8291,12671-12675 \
  66. layer7-protocol=!torrent new-connection-mark=games passthrough=yes protocol=tcp src-address-list=private-lokal
  67. add action=mark-connection chain=prerouting comment=games connection-mark=jump11 dst-address-list=!private-lokal dst-port=!53,5353,5938,8291,12671-12675 \
  68. layer7-protocol=!torrent new-connection-mark=games passthrough=yes protocol=udp src-address-list=private-lokal
  69. add action=add-dst-to-address-list address-list=games address-list-timeout=10m1s chain=prerouting comment=games connection-mark=games dst-address-list=\
  70. !private-lokal src-address-list=private-lokal
  71. add action=accept chain=prerouting comment=games connection-mark=games
  72. add action=mark-connection chain=prerouting comment=ggc-redirector content=googlevideo.com dst-address-list=ggc-telkom new-connection-mark=ggc-redirector \
  73. passthrough=yes src-address-list=private-lokal
  74. add action=mark-connection chain=prerouting comment=ggc-redirector content=youtube.com dst-address-list=ggc-telkom new-connection-mark=ggc-redirector \
  75. passthrough=yes src-address-list=private-lokal
  76. add action=mark-connection chain=prerouting comment=ggc-redirector content=gvt1.com dst-address-list=ggc-telkom new-connection-mark=ggc-redirector \
  77. passthrough=yes src-address-list=private-lokal
  78. add action=mark-connection chain=prerouting comment=ggc-redirector content=windows dst-address-list=ggc-telkom new-connection-mark=ggc-redirector \
  79. passthrough=yes src-address-list=private-lokal
  80. add action=mark-connection chain=prerouting comment=ggc-redirector content=cdn dst-address-list=ggc-telkom new-connection-mark=ggc-redirector passthrough=yes \
  81. src-address-list=private-lokal
  82. add action=accept chain=prerouting comment=ggc-redirector connection-mark=ggc-redirector
  83. add action=mark-connection chain=prerouting comment=all-trafik dst-address-list=!private-lokal new-connection-mark=all-trafik passthrough=yes \
  84. src-address-list=private-lokal
  85. add action=accept chain=prerouting comment=all-trafik connection-mark=all-trafik
  86. add action=jump chain=forward in-interface=ether1 jump-target=qos-down
  87. add action=mark-packet chain=qos-down comment=vip-down connection-mark=vip new-packet-mark=vip-down passthrough=no
  88. add action=mark-packet chain=qos-down comment=games-down connection-mark=games new-packet-mark=games-down passthrough=no
  89. add action=mark-packet chain=qos-down comment=patch-games-down connection-mark=all-trafik new-packet-mark=patch-games-down passthrough=no src-address-list=\
  90. games
  91. add action=mark-packet chain=qos-down comment=ggc-telkom-down connection-mark=ggc-redirector new-packet-mark=ggc-telkom-down passthrough=no
  92. add action=mark-packet chain=qos-down comment=browsing-down connection-bytes=0-1000000 connection-mark=all-trafik new-packet-mark=browsing-down passthrough=\
  93. no
  94. add action=mark-packet chain=qos-down comment=low-down connection-bytes=1000001-10000000 connection-mark=all-trafik new-packet-mark=low-down passthrough=no
  95. add action=mark-packet chain=qos-down comment=midle-down connection-bytes=10000001-50000000 connection-mark=all-trafik new-packet-mark=midle-down \
  96. passthrough=no
  97. add action=mark-packet chain=qos-down comment=high-down connection-bytes=50000001-0 connection-mark=all-trafik new-packet-mark=high-down passthrough=no
  98. add action=mark-packet chain=qos-down comment=unknown-down connection-mark=all-trafik new-packet-mark=unknown-down passthrough=no
  99. add action=mark-packet chain=qos-down comment=unknown-down new-packet-mark=unknown-down passthrough=no
  100. add action=return chain=qos-down
  101. add action=jump chain=forward jump-target=qos-up out-interface=ether1
  102. add action=mark-packet chain=qos-up comment=vip-up connection-mark=vip new-packet-mark=vip-up passthrough=no
  103. add action=mark-packet chain=qos-up comment=games-up connection-mark=games new-packet-mark=games-up passthrough=no
  104. add action=mark-packet chain=qos-up comment=patch-games-up connection-mark=all-trafik dst-address-list=games new-packet-mark=patch-games-up passthrough=no
  105. add action=mark-packet chain=qos-up comment=ggc-telkom-up connection-mark=ggc-redirector new-packet-mark=ggc-telkom-up passthrough=no
  106. add action=mark-packet chain=qos-up comment=browsing-up connection-bytes=0-1000000 connection-mark=all-trafik new-packet-mark=browsing-up passthrough=no
  107. add action=mark-packet chain=qos-up comment=low-up connection-bytes=1000001-10000000 connection-mark=all-trafik new-packet-mark=low-up passthrough=no
  108. add action=mark-packet chain=qos-up comment=midle-up connection-bytes=10000001-50000000 connection-mark=all-trafik new-packet-mark=midle-up passthrough=no
  109. add action=mark-packet chain=qos-up comment=high-up connection-bytes=50000001-0 connection-mark=all-trafik new-packet-mark=high-up passthrough=no
  110. add action=mark-packet chain=qos-up comment=unknown-up connection-mark=all-trafik new-packet-mark=unknown-up passthrough=no
  111. add action=mark-packet chain=qos-up comment=unknown-up new-packet-mark=unknown-up passthrough=no
  112. add action=return chain=qos-up
  113.  
  114.  
  115. /queue tree
  116. add max-limit=100M name=INCOMING parent=global queue=default
  117. add limit-at=10M max-limit=10M name=A.1.PAKET-TRAFIK parent=INCOMING queue=default
  118. add limit-at=64k max-limit=10M name=A.1.1.VIP packet-mark=vip-down parent=A.1.PAKET-TRAFIK priority=1 queue=default
  119. add limit-at=1M max-limit=10M name=A.1.2.GAMES-ONLINE packet-mark=games-down parent=A.1.PAKET-TRAFIK priority=2 queue=default
  120. add limit-at=500k max-limit=10M name=A.1.3.PATCH-GAMES packet-mark=patch-games-down parent=A.1.PAKET-TRAFIK priority=3 queue=pcq-download-default
  121. add limit-at=8M max-limit=8M name=A.1.4.NORMAL parent=A.1.PAKET-TRAFIK queue=default
  122. add limit-at=500k max-limit=8M name=A.1.4.1.BROWSING packet-mark=browsing-down parent=A.1.4.NORMAL priority=4 queue=pcq-download-default
  123. add limit-at=500k max-limit=8M name=A.1.4.2.LOW packet-mark=low-down parent=A.1.4.NORMAL priority=5 queue=pcq-download-default
  124. add limit-at=500k max-limit=8M name=A.1.4.3.MIDLE packet-mark=midle-down parent=A.1.4.NORMAL priority=6 queue=pcq-download-default
  125. add limit-at=500k max-limit=8M name=A.1.4.4.HIGH packet-mark=high-down parent=A.1.4.NORMAL priority=7 queue=pcq-download-default
  126. add limit-at=500k max-limit=8M name=A.1.4.5.UNKNWON packet-mark=unknown-down parent=A.1.4.NORMAL priority=7 queue=pcq-download-default
  127. add limit-at=8M max-limit=10M name=A.2.GGC-TELKOM packet-mark=ggc-telkom-down parent=INCOMING queue=pcq-download-default
  128. add max-limit=100M name=OUTGOING parent=global queue=default
  129. add limit-at=2M max-limit=2M name=B.1.PAKET-TRAFIK parent=OUTGOING queue=default
  130. add limit-at=64k max-limit=2M name=B.1.1.VIP packet-mark=vip-up parent=B.1.PAKET-TRAFIK priority=1 queue=default
  131. add limit-at=500k max-limit=2M name=B.1.2.GAMES-ONLINE packet-mark=games-up parent=B.1.PAKET-TRAFIK priority=2 queue=default
  132. add limit-at=250k max-limit=2M name=B.1.3.PATCH-GAMES packet-mark=patch-games-up parent=B.1.PAKET-TRAFIK priority=3 queue=pcq-upload-default
  133. add limit-at=1500k max-limit=1500k name=B.1.4.NORMAL parent=B.1.PAKET-TRAFIK queue=default
  134. add limit-at=200k max-limit=1500k name=B.1.4.1.BROWSING packet-mark=browsing-up parent=B.1.4.NORMAL priority=4 queue=pcq-upload-default
  135. add limit-at=200k max-limit=1500k name=B.1.4.2.LOW packet-mark=low-up parent=B.1.4.NORMAL priority=5 queue=pcq-upload-default
  136. add limit-at=200k max-limit=1500k name=B.1.4.3.MIDLE packet-mark=midle-up parent=B.1.4.NORMAL priority=6 queue=pcq-upload-default
  137. add limit-at=200k max-limit=1500k name=B.1.4.4.HIGH packet-mark=high-up parent=B.1.4.NORMAL priority=7 queue=pcq-upload-default
  138. add limit-at=200k max-limit=1500k name=B.1.4.5.UNKNWON packet-mark=unknown-up parent=B.1.4.NORMAL priority=7 queue=pcq-upload-default
  139. add limit-at=1M max-limit=1500k name=B.2.GGC-TELKOM packet-mark=ggc-telkom-up parent=OUTGOING queue=pcq-upload-default
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!