Posted by : secret.missery
Ekstensi file yang dilimit antara lain .exe, .iso, .flv, .mp3, .mp4, . zip, .rar, .avi. Untuk limit download per IP client, ekstensi tersebut akan dibuat dua group saja yaitu penting dan tidak penting. Yang tidak penting termasuk : .iso, .flv, .mp3, .mp4, .avi, .exe yang penting : .zip & .rar selain itu dianggap browsing. Jadi nantinya per IP ada 3 queue. BW yang disediakan 512k. Ada 4 IP client misalnya 192.168.200.101, 192.168.200.103, 192.168.200.105, 192.168. 10.0/24.
1. Buat di layer 7 nya dahulu
/ip firewall layer7-protocol
add name=pentingL7 regexp="\\.(zip|rar)"
add name=gapentingL7 regexp="\\.(iso|flv|mp3|mp4|avi|exe)"
2. Buat mangle untuk tiap IP client
/ip firewall mangle
add action=mark-connection chain=forward new-connection-mark=pc1_cm src-address=192.168.200.101
add action=mark-packet chain=forward connection-mark=pc1_cm layer7-protocol=pentingL7 new-packet-mark=pc1_pentingL7_pm passthrough=no
add action=mark-packet chain=forward connection-mark=pc1_cm layer7-protocol=gapentingL7 new-packet-mark=pc1_gapentingL7_pm passthrough=no
add action=mark-packet chain=forward connection-mark=pc1_cm new-packet-mark=pc1_browsing_pm passthrough=no
add action=mark-connection chain=forward new-connection-mark=pc2_cm src-address=192.168.200.103
add action=mark-packet chain=forward connection-mark=pc2_cm layer7-protocol=pentingL7 new-packet-mark=pc2_pentingL7_pm passthrough=no
add action=mark-packet chain=forward connection-mark=pc2_cm layer7-protocol=gapentingL7 new-packet-mark=pc2_gapentingL7_pm passthrough=no
add action=mark-packet chain=forward connection-mark=pc2_cm new-packet-mark=pc2_browsing_pm passthrough=no
add action=mark-connection chain=forward new-connection-mark=pc3_cm src-address=192.168.200.105
add action=mark-packet chain=forward connection-mark=pc3_cm layer7-protocol=pentingL7 new-packet-mark=pc3_pentingL7_pm passthrough=no
add action=mark-packet chain=forward connection-mark=pc3_cm layer7-protocol=gapentingL7 new-packet-mark=pc3_gapentingL7_pm passthrough=no
add action=mark-packet chain=forward connection-mark=pc3_cm new-packet-mark=pc3_browsing_pm passthrough=no
add action=mark-connection chain=forward new-connection-mark=pc4_cm src-address=192.168.10.0/24
add action=mark-packet chain=forward connection-mark=pc4_cm layer7-protocol=pentingL7 new-packet-mark=pc4_pentingL7_pm passthrough=no
add action=mark-packet chain=forward connection-mark=pc4_cm layer7-protocol=gapentingL7 new-packet-mark=pc4_gapentingL7_pm passthrough=no
add action=mark-packet chain=forward connection-mark=pc4_cm new-packet-mark=pc4_browsing_pm passthrough=no
3. Buat Queue tree setiap IP client
/queue tree
add name=QueueUtama parent=global-out queue=default
add name=PC1 parent=QueueUtama queue=default
add name=1.1.queue-penting packet-mark=pc1_pentingL7_pm parent=PC1 queue=default
add name=1.2.queue-tidak-penting packet-mark=pc1_gapentingL7_pm parent=PC1 queue=default
add name=1.3.queue-browsing packet-mark=pc1_browsing_pm parent=PC1 queue=default
add name=PC2 parent=QueueUtama queue=default
add name=2.1.queue-penting packet-mark=pc2_pentingL7_pm parent=PC2 queue=default
add name=2.2.queue-tidak-penting packet-mark=pc2_gapentingL7_pm parent=PC2 queue=default
add name=2.3.queue-browsing packet-mark=pc2_browsing_pm parent=PC2 queue=default
add name=PC3 parent=QueueUtama queue=default
add name=3.1.queue-penting packet-mark=pc3_pentingL7_pm parent=PC3 queue=default
add name=3.2.queue-tidak-penting packet-mark=pc3_gapentingL7_pm parent=PC3 queue=default
add name=3.3.queue-browsing packet-mark=pc3_browsing_pm parent=PC3 queue=default
add name=PC4 parent=QueueUtama queue=default
add name=4.1.queue-penting packet-mark=pc4_pentingL7_pm parent=PC4 queue=default
add name=4.2.queue-tidak-penting packet-mark=pc4_gapentingL7_pm parent=PC4 queue=default
add name=4.3.queue-browsing packet-mark=pc4_browsing_pm parent=PC4 queue=default
Semoga Bermanfaat