Showing posts with label Mikrotik. Show all posts
SETTING WAKTU :
/system ntp client set primary-ntp=203.160.128.6 secondary-ntp=202.169.224.16 \ mode=unicast enabled=yes;
CEK IP PUBLIK FACEBOOK, YOUTUBE, TWITTER
Via CMD
nslookup facebook.com
nslookup youtube.com
nslookup twitter.com
BLOKIR FACEBOOK PADA JAM TERTENTU
Blok Ip Address Facebook:
/ip firewall filter add chain=forward dst-address=31.13.79.7 src-address-list=!unrestricted action=drop comment=fb1
/ip firewall filter add chain=forward dst-address=125.56.130.110 src-address-list=!unrestricted action=drop comment=fb2
/ip firewall filter add chain=forward dst-address=69.171.235.16 src-address-list=!unrestricted action=drop comment=fb3
/ip firewall filter add chain=forward dst-address=31.13.79.8 src-address-list=!unrestricted action=drop comment=fb4
/ip firewall filter add chain=forward dst-address=118.215.111.139 src-address-list=!unrestricted action=drop comment=fb5
/ip firewall filter add chain=forward dst-address=96.6.242.110 src-address-list=!unrestricted action=drop comment=fb6
/ip firewall filter add chain=forward dst-address=69.171.246.16 src-address-list=!unrestricted action=drop comment=fb7
/ip firewall filter add chain=forward dst-address=173.252.110.27 src-address-list=!unrestricted action=drop comment=fb8
/ip firewall filter add chain=forward dst-address=69.171.241.10 src-address-list=!unrestricted action=drop comment=fb9
/ip firewall filter add chain=forward dst-address=66.220.151.99 src-address-list=!unrestricted action=drop comment=fb10
/ip firewall filter add chain=forward dst-address=31.13.79.24 src-address-list=!unrestricted action=drop comment=fb11
- Script buat mengijinkan pengguna melakukan akses ke facebook :
/system script add name=”fb-hidup” policy=write,read,policy,test,sniff source={/ip firewall filter set [/ip firewall filter find comment="fb1"] disabled=”yes”/ip firewall filter set [/ip firewall filter find comment="fb2"] disabled=”yes”/ip firewall filter set [/ip firewall filter find comment="fb3"] disabled=”yes”/ip firewall filter set [/ip firewall filter find comment="fb4"] disabled=”yes”, .......buat s/d fb11} - Source Izinkan Facebook:
/ip firewall filter disable [/ip firewall filter find comment="fb1"]/ip firewall filter disable [/ip firewall filter find comment="fb2"]/ip firewall filter disable [/ip firewall filter find comment="fb3"]/ip firewall filter disable [/ip firewall filter find comment="fb4" ........ buat s/d fb11] - Script tidak mengijinkan pengguna melakukan akses ke facebook :
/system script add name=”fb-mati” policy=write,read,policy,test,sniff source={/ip firewall filter set [/ip firewall filter find comment="fb1"] disable=”no”/ip firewall filter set [/ip firewall filter find comment="fb2"] disable=”no”/ip firewall filter set [/ip firewall filter find comment="fb3"] disable=”no”/ip firewall filter set [/ip firewall filter find comment="fb4"] disable=”no” .... buat s/d fb11} - Source Menolak Facebook :
/ip firewall filter enable [/ip firewall filter find comment="fb1"]/ip firewall filter enable [/ip firewall filter find comment="fb2"]/ip firewall filter enable [/ip firewall filter find comment="fb3"]/ip firewall filter enable [/ip firewall filter find comment="fb4" .... buat s/d fb11] - Source Izinkan Facebook Sabtu-Minggu :
/system script add name="fb-holiday" policy=write,read,policy,test,sniff source={:if ([/system scheduler get [/system scheduler find on-event="fb-mati"] disabled] = true) do [/system scheduler set [/system scheduler find on-event="fb-mati"] disabled=no] else [/system scheduler set [/system scheduler find on-event="fb-mati"] disabled=yes]} - Tidak mengijinkan FB pada pagi hari pukul 08.00
/system scheduler add name=”tutup-fb-pagi” start-date=aug/25/2013 start-time=08:00:00 interval=1d on-event=”fb-mati” - Mengijinkan FB pada Istirahat siang pukul 11.30
/system scheduler add name=”buka-fb-siang” start-date=aug/25/2013 start-time=11:30:00 interval=1d on-event=”fb-hidup”
- Tidak mengijinkan FB setelah istirahat siang hari pukul 13.30
/system scheduler add name=”tutup-fb-siang” start-date=aug/25/2013 start-time=13:30:00 interval=1d on-event=”fb-mati” - Mengijinkan FB pada Sore hari pukul 16.00/system scheduler add name=”buka-fb-sore-sampai-pagi” start-date=aug/25/2013 start-time=16:00:00 interval=1d on-event=”fb-hidup”
- Mengijinkan FB pada Sabtu-Minggu
/system scheduler add name="fb-sabtu-minggu" start-date=aug/25/2013 start-time=00:00:00 interval=5d on-event="fb-holiday"
BLOKIR YOUTUBE PADA JAM TERTENTU
- Blok Ip Address Youtube:
/ip firewall filter add chain=forward dst-address= 173.194.38.128-173.194.38.137 src-address-list=!unrestricted action=drop comment=yb1/ip firewall filter add chain=forward dst-address= 173.194.38.142 src-address-list=!unrestricted action=drop comment=yb2/ip firewall filter add chain=forward dst-address= 173.194.38.160-173.194.38.169 src-address-list=!unrestricted action=drop comment=yb3/ip firewall filter add chain=forward dst-address= 173.194.38.174 src-address-list=!unrestricted action=drop comment=yb4 - Script buat mengijinkan pengguna melakukan akses ke youtube :
/system script add name=”yb-hidup” policy=write,read,policy,test,sniff source={/ip firewall filter set [/ip firewall filter find comment="yb1"] disabled=”yes”/ip firewall filter set [/ip firewall filter find comment="yb2"] disabled=”yes”/ip firewall filter set [/ip firewall filter find comment="yb3"] disabled=”yes”/ip firewall filter set [/ip firewall filter find comment="yb4"] disabled=”yes”} - Source Izinkan Youtube :
/ip firewall filter disable [/ip firewall filter find comment="yb1"]/ip firewall filter disable [/ip firewall filter find comment="yb2"]/ip firewall filter disable [/ip firewall filter find comment="yb3"]/ip firewall filter disable [/ip firewall filter find comment="yb4"]
- Script tidak mengijinkan pengguna melakukan akses ke youtube :
/system script add name=”yb-mati” policy=write,read,policy,test,sniff source={/ip firewall filter set [/ip firewall filter find comment="yb1"] disable=”no”/ip firewall filter set [/ip firewall filter find comment="yb2"] disable=”no”/ip firewall filter set [/ip firewall filter find comment="yb3"] disable=”no”/ip firewall filter set [/ip firewall filter find comment="yb4"] disable=”no”} - Source Menolak Youtube :
/ip firewall filter enable [/ip firewall filter find comment="yb1"]/ip firewall filter enable [/ip firewall filter find comment="yb2"]/ip firewall filter enable [/ip firewall filter find comment="yb3"]/ip firewall filter enable [/ip firewall filter find comment="yb4"] - Source Izinkan Youtube Sabtu-Minggu :/system script add name="yb-holiday" policy=write,read,policy,test,sniff source={:if ([/system scheduler get [/system scheduler find on-event="yb-mati"] disabled] = true) do [/system scheduler set [/system scheduler find on-event="yb-mati"] disabled=no] else [/system scheduler set [/system scheduler find on-event="yb-mati"] disabled=yes]}
- Tidak mengijinkan YB pada pagi hari pukul 08.00
/system scheduler add name=”tutup-yb-pagi” start-date=aug/25/2013 start-time=08:00:00 interval=1d on-event=”yb-mati” - Mengijinkan YB pada Istirahat siang pukul 11.30
/system scheduler add name=”buka-yb-siang” start-date=aug/25/2013 start-time=11:30:00 interval=1d on-event=”yb-hidup” - Tidak mengijinkan YB setelah istirahat siang hari pukul 13.30
/system scheduler add name=”tutup-yb-siang” start-date=aug/25/2013 start-time=13:30:00 interval=1d on-event=”yb-mati” - Mengijinkan YB pada Sore hari pukul 16.00
/system scheduler add name=”buka-yb-sore-sampai-pagi” start-date=aug/25/2013 start-time=16:00:00 interval=1d on-event=”yb-hidup” - Mengijinkan YB pada Sabtu-Minggu
/system scheduler add name="yb-sabtu-minggu" start-date=aug/25/2013 start-time=00:00:00 interval=5d on-event="yb-holiday"
BLOKIR TWITTER PADA JAM TERTENTU
- Blok Ip Address Twitter:
/ip firewall filter add chain=forward dst-address= 199.59.148.82 src-address-list=!unrestricted action=drop comment=tw1/ip firewall filter add chain=forward dst-address= 199.59.149.230 src-address-list=!unrestricted action=drop comment=tw2/ip firewall filter add chain=forward dst-address= 199.59.150.7 src-address-list=!unrestricted action=drop comment=tw3/ip firewall filter add chain=forward dst-address= 199.59.149.198 src-address-list=!unrestricted action=drop comment=tw4/ip firewall filter add chain=forward dst-address= 199.59.150.39 src-address-list=!unrestricted action=drop comment=tw5 - Script buat mengijinkan pengguna melakukan akses ke Twitter :
/system script add name=”tw-hidup” policy=write,read,policy,test,sniff source={/ip firewall filter set [/ip firewall filter find comment="tw1"] disabled=”yes”/ip firewall filter set [/ip firewall filter find comment="tw2"] disabled=”yes”/ip firewall filter set [/ip firewall filter find comment="tw3"] disabled=”yes”/ip firewall filter set [/ip firewall filter find comment="tw4"] disabled=”yes”/ip firewall filter set [/ip firewall filter find comment="tw5"] disabled=”yes”} - Source Izinkan Twitter :/ip firewall filter disable [/ip firewall filter find comment="tw1"]/ip firewall filter disable [/ip firewall filter find comment="tw2"]/ip firewall filter disable [/ip firewall filter find comment="tw3"]/ip firewall filter disable [/ip firewall filter find comment="tw4"]/ip firewall filter disable [/ip firewall filter find comment="tw5"]
- Script tidak mengijinkan pengguna melakukan akses ke Twitter :
/system script add name=”tw-mati” policy=write,read,policy,test,sniff source={/ip firewall filter set [/ip firewall filter find comment="tw1"] disable=”no”/ip firewall filter set [/ip firewall filter find comment="tw2"] disable=”no”/ip firewall filter set [/ip firewall filter find comment="tw3"] disable=”no”/ip firewall filter set [/ip firewall filter find comment="tw4"] disable=”no”/ip firewall filter set [/ip firewall filter find comment="tw5"] disable=”no”} - Source Menolak Twitter :/ip firewall filter enable [/ip firewall filter find comment="tw1"]/ip firewall filter enable [/ip firewall filter find comment="tw2"]/ip firewall filter enable [/ip firewall filter find comment="tw3"]/ip firewall filter enable [/ip firewall filter find comment="tw4"]/ip firewall filter enable [/ip firewall filter find comment="tw4"]
- Source Izinkan Twitter Sabtu-Minggu :/system script add name="tw-holiday" policy=write,read,policy,test,sniff source={:if ([/system scheduler get [/system scheduler find on-event="tw-mati"] disabled] = true) do [/system scheduler set [/system scheduler find on-event="tw-mati"] disabled=no] else [/system scheduler set [/system scheduler find on-event="tw-mati"] disabled=yes]}
- Tidak mengijinkan TW pada pagi hari pukul 08.00
/system scheduler add name=”tutup-tw-pagi” start-date=aug/25/2013 start-time=08:00:00 interval=1d on-event=”tw-mati” - Mengijinkan TW pada Istirahat siang pukul 11.30
/system scheduler add name=”buka-tw-siang” start-date=aug/25/2013 start-time=11:30:00 interval=1d on-event=”tw-hidup” - Tidak mengijinkan TW setelah istirahat siang hari pukul 13.30
/system scheduler add name=”tutup-tw-siang” start-date=aug/25/2013 start-time=13:30:00 interval=1d on-event=”tw-mati” - Mengijinkan TW pada Sore hari pukul 16.00
/system scheduler add name=”buka-tw-sore-sampai-pagi” start-date=aug/25/2013 start-time=16:00:00 interval=1d on-event=”tw-hidup” - Mengijinkan TW pada Sabtu-Minggu
/system scheduler add name="tw-sabtu-minggu" start-date=aug/25/2013 start-time=00:00:00 interval=5d on-event="tw-holiday"
RESTART MIKROTIK
System-Reboot
Semoga Bermanfaat...
Cara Blokir (HTTP,HTTPS) Facebook, Youtube, Twitter Pada Jam Tertentu
Ekstensi file yang dilimit antara lain .exe, .iso, .flv, .mp3, .mp4, . zip, .rar, .avi. Untuk limit download per IP client, ekstensi tersebut akan dibuat dua group saja yaitu penting dan tidak penting. Yang tidak penting termasuk : .iso, .flv, .mp3, .mp4, .avi, .exe yang penting : .zip & .rar selain itu dianggap browsing. Jadi nantinya per IP ada 3 queue. BW yang disediakan 512k. Ada 4 IP client misalnya 192.168.200.101, 192.168.200.103, 192.168.200.105, 192.168. 10.0/24.
1. Buat di layer 7 nya dahulu
/ip firewall layer7-protocol
add name=pentingL7 regexp="\\.(zip|rar)"
add name=gapentingL7 regexp="\\.(iso|flv|mp3|mp4|avi|exe)"
2. Buat mangle untuk tiap IP client
/ip firewall mangle
add action=mark-connection chain=forward new-connection-mark=pc1_cm src-address=192.168.200.101
add action=mark-packet chain=forward connection-mark=pc1_cm layer7-protocol=pentingL7 new-packet-mark=pc1_pentingL7_pm passthrough=no
add action=mark-packet chain=forward connection-mark=pc1_cm layer7-protocol=gapentingL7 new-packet-mark=pc1_gapentingL7_pm passthrough=no
add action=mark-packet chain=forward connection-mark=pc1_cm new-packet-mark=pc1_browsing_pm passthrough=no
add action=mark-connection chain=forward new-connection-mark=pc2_cm src-address=192.168.200.103
add action=mark-packet chain=forward connection-mark=pc2_cm layer7-protocol=pentingL7 new-packet-mark=pc2_pentingL7_pm passthrough=no
add action=mark-packet chain=forward connection-mark=pc2_cm layer7-protocol=gapentingL7 new-packet-mark=pc2_gapentingL7_pm passthrough=no
add action=mark-packet chain=forward connection-mark=pc2_cm new-packet-mark=pc2_browsing_pm passthrough=no
add action=mark-connection chain=forward new-connection-mark=pc3_cm src-address=192.168.200.105
add action=mark-packet chain=forward connection-mark=pc3_cm layer7-protocol=pentingL7 new-packet-mark=pc3_pentingL7_pm passthrough=no
add action=mark-packet chain=forward connection-mark=pc3_cm layer7-protocol=gapentingL7 new-packet-mark=pc3_gapentingL7_pm passthrough=no
add action=mark-packet chain=forward connection-mark=pc3_cm new-packet-mark=pc3_browsing_pm passthrough=no
add action=mark-connection chain=forward new-connection-mark=pc4_cm src-address=192.168.10.0/24
add action=mark-packet chain=forward connection-mark=pc4_cm layer7-protocol=pentingL7 new-packet-mark=pc4_pentingL7_pm passthrough=no
add action=mark-packet chain=forward connection-mark=pc4_cm layer7-protocol=gapentingL7 new-packet-mark=pc4_gapentingL7_pm passthrough=no
add action=mark-packet chain=forward connection-mark=pc4_cm new-packet-mark=pc4_browsing_pm passthrough=no
3. Buat Queue tree setiap IP client
/queue tree
add name=QueueUtama parent=global-out queue=default
add name=PC1 parent=QueueUtama queue=default
add name=1.1.queue-penting packet-mark=pc1_pentingL7_pm parent=PC1 queue=default
add name=1.2.queue-tidak-penting packet-mark=pc1_gapentingL7_pm parent=PC1 queue=default
add name=1.3.queue-browsing packet-mark=pc1_browsing_pm parent=PC1 queue=default
add name=PC2 parent=QueueUtama queue=default
add name=2.1.queue-penting packet-mark=pc2_pentingL7_pm parent=PC2 queue=default
add name=2.2.queue-tidak-penting packet-mark=pc2_gapentingL7_pm parent=PC2 queue=default
add name=2.3.queue-browsing packet-mark=pc2_browsing_pm parent=PC2 queue=default
add name=PC3 parent=QueueUtama queue=default
add name=3.1.queue-penting packet-mark=pc3_pentingL7_pm parent=PC3 queue=default
add name=3.2.queue-tidak-penting packet-mark=pc3_gapentingL7_pm parent=PC3 queue=default
add name=3.3.queue-browsing packet-mark=pc3_browsing_pm parent=PC3 queue=default
add name=PC4 parent=QueueUtama queue=default
add name=4.1.queue-penting packet-mark=pc4_pentingL7_pm parent=PC4 queue=default
add name=4.2.queue-tidak-penting packet-mark=pc4_gapentingL7_pm parent=PC4 queue=default
add name=4.3.queue-browsing packet-mark=pc4_browsing_pm parent=PC4 queue=default
Semoga Bermanfaat