SHARE
TWEET

Mikrotik Management Bandwidth TPROXY

punces Sep 26th, 2016 1,547 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # ip mikrotik-->modem = 192.168.100.1 ---> ether1
  2. # ip mikrotik-->client = 192.168.1.254  ---> ether2
  3. # ip mikrotik-->proxy = 10.212.212.21 ---> ether3 ---> ip proxy = 10.212.212.212
  4. # ip list games dapat dilihat di http://pastebin.com/KDAuLHJJ
  5. ##### ip route :
  6. /ip route
  7. add check-gateway=ping comment=proxy distance=1 gateway=10.212.212.212 routing-mark=proxy
  8. add check-gateway=ping comment=default distance=1 gateway=192.168.1.254
  9.  
  10. # ip private lokal :
  11. /ip firewall address-list
  12. add address=10.0.0.0/8 comment="lokal-private" list=lokal-private
  13. add address=172.16.0.0/12 comment="lokal-private" list=lokal-private
  14. add address=192.168.0.0/16 comment="lokal-private" list=lokal-private
  15.  
  16. ################ layer7
  17. /ip firewall layer7-protocol
  18. add name=extension regexp="\\.(exe|rar|zip|7z|cab|asf|mov|wmv|mpg|mpeg|mkv|avi|flv|pdf|wav|rm|mp3|mp4|ram|rmvb|dat|daa|iso|nrg|bin|vcd|mp2|3gp|mpe|qt|raw|wma|ogg|doc|deb|tar|bzip|gzip|gzip2)"
  19. add name=bittorrent regexp="^(\13bittorrent protocol|azver1\$|get /scrape\\\\\?info_hash=)|d1:ad2:id20:|87P\\)[RP]"
  20. add name=torrentsites regexp="^.*(get|GET).+(torrent|thepiratebay|isohunt|entertane|demonoid|btjunkie|mininova|flixflux|torrentz|vertor|h33t|btscene|bitunity|bittoxic|thunderbytes|entertane|zoozle|vcdq|bi\
  21.     tnova|bitsoup|meganova|fulldls|btbot|flixflux|seedpeer|fenopy|gpirate|commonbits).*\$"
  22. add name=yt-video-audio regexp="r[0-9]+---[a-z]+-+[a-z0-9-]+\\.googlevideo\\.com"
  23. add name=idm regexp="get /.*(user-agent: mozilla/4.0|range: bytes=)"
  24. add name=layer7-bittorrent-exp regexp="^(\\x13bittorrent protocol|azver\\x01\$|get /scrape\\\?info_hash=get /announce\\\?info_hash=|get /client/bitcomet/|GET /data\\\?fid=)|d1:ad2:id20:|\\x08'7P\\)[RP]"
  25. add name=2-idm regexp="get /.*range: bytes"
  26. add name=streaming regexp="(porn|stream|video|movie)"
  27.  
  28. ###################### mangle
  29. /ip firewall mangle
  30. ### mangle tproxy
  31. add action=mark-connection chain=prerouting comment=proxy dst-address-list=!lokal-private dst-port=80,443,182,8080,8777,5050 new-connection-mark=proxy passthrough=yes protocol=tcp src-address=!10.212.212.212
  32. add action=mark-routing chain=prerouting comment=proxy connection-mark=proxy in-interface=!ether3 new-routing-mark=proxy passthrough=yes
  33.  
  34. #### QOS management
  35. add action=jump chain=prerouting in-interface=ether1 jump-target=qos
  36. add action=jump chain=postrouting jump-target=qos out-interface=ether1
  37. add action=mark-packet chain=qos comment=unknown new-packet-mark=unknown passthrough=yes
  38. add action=mark-packet chain=qos comment=browsing new-packet-mark=browsing passthrough=yes port=80,443,843 protocol=tcp
  39. add action=mark-packet chain=qos comment=browsing new-packet-mark=browsing passthrough=yes port=80,443,843 protocol=udp
  40. add action=mark-packet chain=qos comment=extension layer7-protocol=extension new-packet-mark=extension passthrough=yes
  41. add action=mark-packet chain=qos comment=extension connection-bytes=1000000-0 connection-rate=!256k-256k new-packet-mark=extension passthrough=yes protocol=tcp
  42. add action=mark-packet chain=qos comment=extension connection-bytes=1000000-0 connection-rate=!256k-256k new-packet-mark=extension passthrough=yes protocol=udp
  43. add action=mark-packet chain=qos comment=torrent layer7-protocol=bittorrent new-packet-mark=torrent passthrough=yes
  44. add action=mark-packet chain=qos comment=torrent layer7-protocol=torrentsites new-packet-mark=torrent passthrough=yes
  45. add action=mark-packet chain=qos comment=torrent layer7-protocol=layer7-bittorrent-exp new-packet-mark=torrent passthrough=yes
  46. add action=mark-packet chain=qos comment=torrent new-packet-mark=torrent p2p=all-p2p passthrough=yes
  47. add action=mark-packet chain=qos comment=ftp-ssh new-packet-mark=ftp-ssh passthrough=yes port=21,22 protocol=tcp
  48. add action=mark-packet chain=qos comment=streaming new-packet-mark=streaming passthrough=yes port=182,8777,1935 protocol=tcp
  49. add action=mark-packet chain=qos comment=streaming new-packet-mark=streaming passthrough=yes port=182,8777,1935 protocol=udp
  50. add action=mark-packet chain=qos comment=streaming layer7-protocol=streaming new-packet-mark=streaming passthrough=yes
  51. add action=mark-packet chain=qos comment=youtube layer7-protocol=yt-video-audio new-packet-mark=youtube passthrough=yes
  52. add action=mark-packet chain=qos comment=patch dst-address-list=games new-packet-mark=patch passthrough=yes port=80,443,843,8001 protocol=tcp
  53. add action=mark-packet chain=qos comment=patch new-packet-mark=patch passthrough=yes port=80,443,843,8001 protocol=tcp src-address-list=games
  54. add action=mark-packet chain=qos comment=patch dst-address-list=games new-packet-mark=patch passthrough=yes port=80,443,843,8001 protocol=udp
  55. add action=mark-packet chain=qos comment=patch new-packet-mark=patch passthrough=yes port=80,443,843,8001 protocol=udp src-address-list=games
  56. add action=mark-packet chain=qos comment=tv-winbox new-packet-mark=tv-winbox passthrough=yes port=5938,8291 protocol=tcp
  57. add action=mark-packet chain=qos comment=games dst-address-list=games new-packet-mark=games passthrough=yes port=!21,22,23,80,81,88,5050,843,443,182,8777,1935,8000-8081 protocol=tcp
  58. add action=mark-packet chain=qos comment=games new-packet-mark=games passthrough=yes port=!21,22,23,80,81,88,5050,843,443,182,8777,1935,8000-8081 protocol=tcp src-address-list=games
  59. add action=mark-packet chain=qos comment=games dst-address-list=games new-packet-mark=games passthrough=yes port=!21,22,23,80,81,88,5050,843,443,182,8777,1935,8000-8081 protocol=udp
  60. add action=mark-packet chain=qos comment=games new-packet-mark=games passthrough=yes port=!21,22,23,80,81,88,5050,843,443,182,8777,1935,8000-8081 protocol=udp src-address-list=games
  61. add action=mark-packet chain=qos comment=vip new-packet-mark=vip passthrough=yes port=53,5353 protocol=tcp
  62. add action=mark-packet chain=qos comment=vip new-packet-mark=vip passthrough=yes port=53,5353 protocol=udp
  63. add action=mark-packet chain=qos comment=vip new-packet-mark=vip passthrough=yes protocol=icmp
  64. add action=mark-packet chain=qos comment=vip new-packet-mark=vip passthrough=yes protocol=igmp
  65. add action=return chain=qos
  66.  
  67. ##############SIMPLE QUEUE
  68. /queue simple
  69. add dst=ether1 max-limit=20M/100M name=CLIENT queue=default/default target=0.0.0.0/0
  70. add dst=ether1 limit-at=1k/1k max-limit=20M/100M name=1.CYBERINDO parent=CLIENT priority=7/7 queue=default/default target=192.168.1.99/32
  71. add dst=ether1 limit-at=1k/1k max-limit=20M/100M name=2.CCTV parent=CLIENT priority=7/7 queue=default/default target=192.168.1.251/32
  72. add dst=ether1 limit-at=1k/1k max-limit=20M/100M name=3.FILE-SHARING parent=CLIENT priority=7/7 queue=default/default target=192.168.1.250/32
  73. add comment=Client dst=ether1 limit-at=1k/1k max-limit=384k/3M name=BILLING parent=CLIENT priority=7/7 queue=default/default target=192.168.1.253/32
  74. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-01 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.1/32
  75. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-02 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.2/32
  76. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-03 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.3/32
  77. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-04 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.4/32
  78. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-05 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.5/32
  79. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-06 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.6/32
  80. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-07 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.7/32
  81. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-08 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.8/32
  82. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-09 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.9/32
  83. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-10 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.10/32
  84. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-11 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.11/32
  85. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-12 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.12/32
  86. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-13 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.13/32
  87. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-14 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.14/32
  88. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-15 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.15/32
  89. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-16 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.16/32
  90. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-17 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.17/32
  91. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-18 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.18/32
  92. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-19 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.19/32
  93. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-20 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.20/32
  94. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-21 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.21/32
  95. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-22 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.22/32
  96. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-23 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.23/32
  97. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-24 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.24/32
  98. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-25 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.25/32
  99. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-26 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.26/32
  100. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-27 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.27/32
  101. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-28 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.28/32
  102. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-29 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.29/32
  103. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-30 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.30/32
  104. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-31 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.31/32
  105. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-32 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.32/32
  106. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-33 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.33/32
  107. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-34 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.34/32
  108. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-35 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.35/32
  109. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-36 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.36/32
  110. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-37 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.37/32
  111. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-38 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.38/32
  112. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-39 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.39/32
  113. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-40 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.40/32
  114. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-41 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.41/32
  115. add dst=ether1 limit-at=1k/1k max-limit=384k/3M name=PC-42 parent=CLIENT priority=7/7 queue=default/default target=192.168.1.42/32
  116. add dst=ether1 target=0.0.0.0/0 limit-at=1k/1k max-limit=384k/3M name=ZZZZZ parent=CLIENT priority=7/7 queue=default/default
  117.  
  118. ###############QUEUE TREE
  119. /queue tree
  120. add max-limit=100M name=INCOMING parent=global queue=default
  121. add limit-at=64k max-limit=100M name=I.VIP packet-mark=vip parent=INCOMING priority=1 queue=default
  122. add limit-at=5M max-limit=100M name=I.GAMES packet-mark=games parent=INCOMING priority=3 queue=default
  123. add limit-at=5M max-limit=100M name=I.PATCH-GAMES packet-mark=patch parent=INCOMING priority=4 queue=default
  124. add limit-at=5M max-limit=100M name=I.TV-WINBOX packet-mark=tv-winbox parent=INCOMING priority=5 queue=default
  125. add limit-at=5M max-limit=100M name=I.BROWSING packet-mark=browsing parent=INCOMING priority=6 queue=default
  126. add limit-at=5M max-limit=100M name=I.YOUTUBE packet-mark=youtube parent=INCOMING priority=6 queue=default
  127. add limit-at=2M max-limit=100M name=I.A.STREAMING packet-mark=streaming parent=INCOMING priority=7 queue=default
  128. add limit-at=2M max-limit=100M name=I.B.FTP-SSH packet-mark=ftp-ssh parent=INCOMING priority=7 queue=default
  129. add limit-at=2M max-limit=100M name=I.C.DOWNLOAD packet-mark=extension parent=INCOMING priority=7 queue=default
  130. add limit-at=2M max-limit=100M name=I.E.TORRENT packet-mark=torrent parent=INCOMING priority=7 queue=default
  131. add limit-at=2M max-limit=100M name=I.UNKNOWN packet-mark=unknown parent=INCOMING queue=default
  132. add max-limit=20M name=OUTGOING parent=pppoe-speedy queue=default
  133. add limit-at=64k max-limit=20M name=O.VIP packet-mark=vip parent=OUTGOING priority=1 queue=default
  134. add limit-at=1M max-limit=20M name=O.GAMES packet-mark=games parent=OUTGOING priority=3 queue=default
  135. add limit-at=512k max-limit=20M name=O.PATCH-GAMES packet-mark=patch parent=OUTGOING priority=4 queue=default
  136. add limit-at=512k max-limit=20M name=O.TV-WINBOX packet-mark=tv-winbox parent=OUTGOING priority=5 queue=default
  137. add limit-at=512k max-limit=20M name=O.BROWSING packet-mark=browsing parent=OUTGOING priority=6 queue=default
  138. add limit-at=512k max-limit=20M name=O.YOUTUBE packet-mark=youtube parent=OUTGOING priority=6 queue=default
  139. add limit-at=256k max-limit=20M name=O.A.STREAMING packet-mark=streaming parent=OUTGOING priority=7 queue=default
  140. add limit-at=256k max-limit=20M name=O.B.FTP-SSH packet-mark=ftp-ssh parent=OUTGOING priority=7 queue=default
  141. add limit-at=256k max-limit=20M name=O.C.UPLOAD packet-mark=extension parent=OUTGOING priority=7 queue=default
  142. add limit-at=256k max-limit=20M name=O.E.TORRENT packet-mark=torrent parent=OUTGOING priority=7 queue=default
  143. add limit-at=256k max-limit=20M name=O.UNKNOWN packet-mark=unknown parent=OUTGOING queue=default
  144.  
  145.  
  146. #######NOTES :
  147. # jumlah client dan ip client dan interface harap sesuaikan
  148. # Bandwidth limitasi harap disesuaikan
RAW Paste Data
Pastebin PRO Autumn Special!
Get 40% OFF on Pastebin PRO accounts!
Top