Scribd Logo
Carica

Benvenuto in Scribd!

  • Config RT RW Net

    Caricato da

    Arman Nthree
    77 visualizzazioni34 pagine

    Titolo originale

    Config Rt Rw Net

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formati disponibili

    DOCX, PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato DOCX, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    77 visualizzazioni34 pagine

    Config RT RW Net

    Caricato da

    Arman Nthree

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato DOCX, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 34

    CONFIG RT RW NET

    ===setting interface=== /interface ethernet set 0 comment="Speedy Interface" name=Speedy set 1 comment="Local Interface" name=Local set 2 comment="Proxy Interface" name=Proxy set 3 comment="Rtrwnet Interface" name=Rtrwnet set 4 comment="hotspot Interface" name=hotspotnet

    ===setting IP /ip address add address=192.168.1.2 netmask=255.255.255.0 inteface=Speedy comment=ke Speedy add address=192.168.10.254 netmask=255.255.255.0 inteface=Local comment=ke Local add address=192.168.100.1 netmask=255.255.255.0 inteface=Proxy comment=ke Proxy add address=192.168.11.1 netmask=255.255.255.0 inteface=Rtrwnet comment=ke Rtrwnet add address=10.10.10.1 netmask=255.255.255.0 inteface=hotspotnet comment=ke hotspot Internal

    ===setting DNS=== /ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=4096KiB \ max-udp-packet-size=512 servers="208.67.220.220,208.67.222.222"

    ===gateway modem=== /ip route add gateway=192.168.1.1 comment="" disabled=no

    ===port service=== /ip service set telnet address=0.0.0.0/0 disabled=yes port=23 set ftp address=0.0.0.0/0 disabled=yes port=21 set www address=0.0.0.0/0 disabled=no port=80 set ssh address=0.0.0.0/0 disabled=yes port=22 set www-ssl address=0.0.0.0/0 certificate=none disabled=yes port=443 set api address=0.0.0.0/0 disabled=yes port=8728 set winbox address=0.0.0.0/0 disabled=no port=9099

    ===zone time=== /system ntp client set enabled=yes mode=unicast primary-ntp=203.160.128.6 secondary-ntp=\ 202.169.224.16

    ===setting IP boleh Lewat=== /ip firewall address-list add address=192.168.100.1/24 comment="" disabled=no list=ProxyNET add address=192.168.10.1-192.168.10.254 comment="" disabled=no list=LocalNet add address=192.168.11.1-192.168.11.50 comment="" disabled=no list=RtrwnetNet add address=10.10.10.1-10.10.10.254 comment="" disabled=no list=hotspotNet

    ===setting firewall=== /ip firewall filter add action=drop chain=input comment="Drop Invalid connections" \ connection-state=invalid disabled=no

    add action=add-src-to-address-list address-list="port scanners" \ address-list-timeout=2w chain=input comment="Port scanners to list " \

    disabled=no protocol=tcp psd=21,3s,3,1

    add action=add-src-to-address-list address-list="port scanners" \ address-list-timeout=2w chain=input comment="NMAP FIN Stealth scan" \ disabled=no protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg

    add action=add-src-to-address-list address-list="port scanners" \ address-list-timeout=2w chain=input comment="SYN/FIN scan" disabled=no \ protocol=tcp tcp-flags=fin,syn

    add action=add-src-to-address-list address-list="port scanners" \ address-list-timeout=2w chain=input comment="SYN/RST scan" disabled=no \ protocol=tcp tcp-flags=syn,rst

    add action=add-src-to-address-list address-list="port scanners" \ address-list-timeout=2w chain=input comment="FIN/PSH/URG scan" disabled=\ no protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack

    add action=add-src-to-address-list address-list="port scanners" \ address-list-timeout=2w chain=input comment="ALL/ALL scan" disabled=no \ protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg

    add action=add-src-to-address-list address-list="port scanners" \ address-list-timeout=2w chain=input comment="NMAP NULL scan" disabled=no \ protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg

    add action=drop chain=input comment="Dropping port scanners" disabled=no \ src-address-list="port scanners"

    add chain=virus protocol=tcp action=drop dst-port=60000 comment="Deep Throat, Foreplay, Sockets des Troie" add chain=virus protocol=tcp action=drop dst-port=60001 comment="Trinity" add chain=virus protocol=tcp action=drop dst-port=60068 comment="Xzip 6000068" add chain=virus protocol=tcp action=drop dst-port=60411 comment="Connection" add chain=virus protocol=tcp action=drop dst-port=61348 comment="Bunker-Hill" add chain=virus protocol=tcp action=drop dst-port=61466 comment="TeleCommando" add chain=virus protocol=tcp action=drop dst-port=61603 comment="Bunker-Hill" add chain=virus protocol=tcp action=drop dst-port=63485 comment="Bunker-Hill" add chain=virus protocol=tcp action=drop dst-port=64101 comment="Taskman" add chain=virus protocol=tcp action=drop dst-port=65000 comment="Devil, Sockets des Troie, Stacheldraht" add chain=virus protocol=tcp action=drop dst-port=65390 comment="Eclypse" add chain=virus protocol=tcp action=drop dst-port=65421 comment="Jade" add chain=virus protocol=tcp action=drop dst-port=65432 comment="The Traitor th3tr41t0r" add chain=virus protocol=udp action=drop dst-port=65432 comment="The Traitor th3tr41t0r" add chain=virus protocol=tcp action=drop dst-port=65534 comment="sbin initd" add chain=virus protocol=tcp action=drop dst-port=65535 comment="RC1 trojan" add chain=forward action=jump jump-target=virus comment="jump to the virus chain"

    ===firewall filter=== /ip firewall filter add action=accept chain=input comment="Allow Established connections" \ connection-state=established disabled=no add action=accept chain=input comment="Allow Related connections" \ connection-state=related disabled=no add action=accept chain=input comment="Allow ICMP from Local Network" \ disabled=no protocol=icmp src-address-list=LocalNet add action=accept chain=input comment="Allow ICMP from PROXY Network" \

    disabled=no protocol=icmp src-address-list=ProxyNET add action=accept chain=input comment="Allow ICMP from RT RW NET Network" \ disabled=no protocol=icmp src-address-list=RtrwnetNet add action=accept chain=input comment="Allow ICMP from HOTSPOT Network" \ disabled=no protocol=icmp src-address-list=hotspotNet add action=accept chain=input comment="Allow Input from Local Network" \ disabled=no src-address-list=LocalNet add action=accept chain=input comment="Allow Input from PROXY Network" \ disabled=no src-address-list=ProxyNET add action=accept chain=input comment="Allow Input from RT RW NET Network" \ disabled=no src-address-list=RtrwnetNet add action=accept chain=input comment="Allow Input from HOTSPOT Network" \ disabled=no src-address-list=hotspotNet

    === port scanner=== /ip firewall filter add action=drop chain=input comment="Drop everything else" disabled=no add action=jump chain=forward comment="Bad packets filtering" disabled=no \ jump-target=tcp protocol=tcp add action=jump chain=forward comment="" disabled=no jump-target=udp \ protocol=udp add action=jump chain=forward comment="" disabled=no jump-target=icmp \ protocol=icmp add action=drop chain=tcp comment="deny SMTP" disabled=no dst-port=25 \ protocol=tcp add action=drop chain=tcp comment="deny TFTP" disabled=no dst-port=69 \ protocol=tcp add action=drop chain=tcp comment="deny RPC portmapper" disabled=no dst-port=\ 111 protocol=tcp

    add action=drop chain=tcp comment="deny RPC portmapper" disabled=no dst-port=\ 135 protocol=tcp add action=drop chain=tcp comment="deny NBT" disabled=no dst-port=137-139 \ protocol=tcp add action=drop chain=tcp comment="deny cifs" disabled=no dst-port=445 \ protocol=tcp add action=drop chain=tcp comment="deny NFS" disabled=no dst-port=2049 \ protocol=tcp add action=drop chain=tcp comment="deny NetBus" disabled=no dst-port=\ 12345-12346 protocol=tcp add action=drop chain=tcp comment="deny NetBus" disabled=no dst-port=20034 \ protocol=tcp add action=drop chain=tcp comment="deny BackOriffice" disabled=no dst-port=\ 3133 protocol=tcp add action=drop chain=tcp comment="deny DHCP" disabled=no dst-port=67-68 \ protocol=tcp add action=drop chain=tcp comment="deny P2P" disabled=no p2p=all-p2p add action=drop chain=udp comment="deny TFTP" disabled=no dst-port=69 \ protocol=udp add action=drop chain=udp comment="deny PRC portmapper" disabled=no dst-port=\ 111 protocol=udp add action=drop chain=udp comment="deny PRC portmapper" disabled=no dst-port=\ 135 protocol=udp add action=drop chain=udp comment="deny NBT" disabled=no dst-port=137-139 \ protocol=udp add action=drop chain=udp comment="deny NFS" disabled=no dst-port=2049 \ protocol=udp add action=drop chain=udp comment="deny BackOriffice" disabled=no dst-port=\ 3133 protocol=udp

    add action=accept chain=icmp comment="limit packets 5/secs" disabled=no \ icmp-options=0:0-255 limit=5,5 protocol=icmp add action=accept chain=icmp comment="limit packets 5/secs" disabled=no \ icmp-options=3:0 protocol=icmp add action=accept chain=icmp comment="limit packets 5/secs" disabled=no \ icmp-options=3:3 limit=5,5 protocol=icmp add action=accept chain=icmp comment="limit packets 5/secs" disabled=no \ icmp-options=3:4 limit=5,5 protocol=icmp add action=accept chain=icmp comment="limit packets 5/secs" disabled=no \ icmp-options=8:0-255 limit=5,5 protocol=icmp add action=accept chain=icmp comment="limit packets 5/secs" disabled=no \ icmp-options=11:0-255 limit=5,5 protocol=icmp add action=drop chain=icmp comment="Drop other icmp packets" disabled=no add action=accept chain=forward comment="Allow Established connections" \ connection-state=established disabled=no

    ===ijin lewat dari list address=== /ip firewall filter add action=accept chain=forward comment="Allow Forward from Local Network" \ disabled=no src-address-list=LocalNet add action=accept chain=forward comment="Allow Forward from PROXY Network" \ disabled=no src-address-list=ProxyNET add action=accept chain=forward comment="Allow Forward from RT RW NET Network" \ disabled=no src-address-list=RtrwnetNet add action=accept chain=forward comment="Allow Forward from HOTSPOT Network" \ disabled=no src-address-list=hotspotNet

    ===NAT=== /ip firewall nat add action=masquerade src-address-list=LocalNet chain=srcnat comment="NAT-Local" disabled=no \ out-interface=Speedy add action=masquerade src-address-list=ProxyNet chain=srcnat comment="NAT-PROXY" disabled=no \ out-interface=Speedy add action=masquerade disabled=no \ out-interface=Speedy add action=masquerade disabled=no \ out-interface=Speedy src-address-list=hotspotNet chain=srcnat comment="HOTSPOTnet" src-address-list=RtrwnetNet chain=srcnat comment="NAT-Rtrwnet"

    ===NAT to Proxy=== /ip firewall nat add action=dst-nat chain=dstnat comment="TRANSPARENT PROXY Local" disabled=no \ src-address=192.168.9.2-192.168.9.30 dst-port=80,8080,3128 in-interface=Local \ protocol=tcp to-addresses=192.168.3.3 to-ports=3128 add action=dst-nat chain=dstnat comment="TRANSPARENT PROXY Rtrwnet" disabled=no \ src-address=192.168.4.1-192.168.4.30 dst-port=80,8080,3128 in-interface=Local \ protocol=tcp to-addresses=192.168.3.3 to-ports=3128 add action=dst-nat chain=dstnat comment="TRANSPARENT PROXY HOTSPOT" disabled=no \ src-address=192.168.5.1-192.168.5.30 dst-port=80,8080,3128 in-interface=hotspot \ protocol=tcp to-addresses=192.168.3.3 to-ports=3128 add action=dst-nat chain=dstnat comment="TRANSPARENT DNS LOKAL" disabled=no \ dst-port=53 in-interface=local protocol=udp to-ports=53 add action=dst-nat chain=dstnat comment="" disabled=no dst-port=53 \ in-interface=local protocol=tcp to-ports=53 add action=dst-nat chain=dstnat comment="TRANSPARENT DNS Rtrwnet" disabled=no \

    dst-port=53 in-interface=hotspot protocol=udp to-ports=53 add action=dst-nat chain=dstnat comment="" disabled=no dst-port=53 \ in-interface=hotspot protocol=tcp to-ports=53 add action=dst-nat chain=dstnat comment="TRANSPARENT DNS HOTSPOT" disabled=no \ dst-port=53 in-interface=hotspot2 protocol=udp to-ports=53 add action=dst-nat chain=dstnat comment="" disabled=no dst-port=53 \ in-interface=hotspot2 protocol=tcp to-ports=53 add action=dst-nat chain=dstnat comment="" disabled=no dst-port=53 \ in-interface=proxy protocol=udp to-ports=53 add action=dst-nat chain=dstnat comment="" disabled=no dst-port=53 \ in-interface=proxy protocol=tcp to-ports=53

    ===mangle=== /ip firewall mangle add action=mark-packet chain=forward comment="PROXY-HIT-DSCP 12" disabled=no \ dscp=12 new-packet-mark=proxy-hit passthrough=no add action=change-dscp chain=postrouting comment=CRITICAL disabled=no \ new-dscp=1 protocol=icmp add action=change-dscp chain=postrouting comment="" disabled=no dst-port=53 \ new-dscp=1 protocol=udp add action=change-dscp chain=postrouting comment="" disabled=no dst-port=53 \ new-dscp=1 protocol=tcp add action=mark-connection chain=postrouting comment="" disabled=no dscp=1 \ new-connection-mark=critical_conn passthrough=yes add action=mark-packet chain=postrouting comment="" connection-mark=\ critical_conn disabled=no new-packet-mark=critical_pkt passthrough=no add action=mark-connection chain=prerouting comment=MARK-ALL-CONN disabled=no \ dst-address-list=!LocalNet in-interface=Local new-connection-mark=\ all.pre_conn passthrough=yes

    add action=mark-connection chain=prerouting comment=MARK-ALL-CONN disabled=no \ dst-address-list=!RtrwnetNet in-interface=Rtrwnet new-connection-mark=\ all.pre_conn passthrough=yes add action=mark-connection chain=prerouting comment=MARK-ALL-CONN disabled=no \ dst-address-list=!hotspotNet in-interface=hotspot new-connection-mark=\ all.pre_conn passthrough=yes add action=mark-connection chain=forward comment="Local" disabled=no \ new-connection-mark=all.post_conn out-interface=Local passthrough=yes \ src-address-list=!LocalNet add action=mark-connection chain=forward comment="RT RW NET" disabled=no \ new-connection-mark=all.post_conn out-interface=Rtrwnet passthrough=yes \ src-address-list=!RtrwnetNet add action=mark-connection chain=forward comment="HOTSPOT" disabled=no \ new-connection-mark=all.post_conn out-interface=hotspot passthrough=yes \ src-address-list=!hotspotNet add action=mark-packet chain=prerouting comment="" connection-mark=\ all.pre_conn disabled=no new-packet-mark=all.pre_pkt passthrough=yes add action=mark-packet chain=forward comment="" connection-mark=all.post_conn \ disabled=no new-packet-mark=all.post_pkt passthrough=yes add action=mark-connection chain=prerouting comment=GAMES connection-mark=\ all.pre_conn disabled=no dst-port=9339,843 new-connection-mark=games_conn \ passthrough=yes protocol=tcp add action=mark-connection chain=prerouting comment="" connection-mark=\ all.pre_conn disabled=no dst-port=40000-40010 new-connection-mark=\ games_conn passthrough=yes protocol=udp add action=mark-packet chain=forward comment="" connection-mark=games_conn \ disabled=no new-packet-mark=games_pkt passthrough=no add action=mark-connection chain=prerouting comment=HTTP-CLIENT \ connection-mark=all.pre_conn disabled=no new-connection-mark=\

    browsing_conn packet-size=0-64 passthrough=yes protocol=tcp tcp-flags=ack add action=mark-connection chain=prerouting comment="" connection-mark=\ all.pre_conn disabled=no dst-port=80,443 new-connection-mark=\ browsing_conn passthrough=yes protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=0-131072 \ connection-mark=browsing_conn disabled=no new-packet-mark=browsing_pkt \ passthrough=no protocol=tcp add action=mark-connection chain=prerouting comment=HTTP-PROXY disabled=no \ dst-address-list=!LocalNet dst-port=80,443 new-connection-mark=proxy_conn \ passthrough=yes protocol=tcp src-address-list=ProxyNET add action=mark-connection chain=prerouting comment=HTTP-PROXY disabled=no \ dst-address-list=!RtrwnetNet dst-port=80,443 new-connection-mark=proxy_conn \ passthrough=yes protocol=tcp src-address-list=ProxyNET add action=mark-connection chain=prerouting comment=HTTP-PROXY disabled=no \ dst-address-list=!hotspotNet dst-port=80,443 new-connection-mark=proxy_conn \ passthrough=yes protocol=tcp src-address-list=ProxyNET add action=mark-packet chain=forward comment="" connection-mark=proxy_conn \ disabled=no new-packet-mark=proxy_pkt passthrough=no add action=mark-connection chain=prerouting comment=REALTIME connection-mark=\ all.pre_conn disabled=no dst-port=22,179,110,161,8291 \ new-connection-mark=realtime_conn passthrough=yes protocol=tcp add action=mark-connection chain=prerouting comment="" connection-mark=\ all.pre_conn disabled=no dst-port=123 new-connection-mark=realtime_conn \ passthrough=yes protocol=udp add action=mark-packet chain=forward comment="" connection-mark=realtime_conn \ disabled=no new-packet-mark=realtime_pkt passthrough=no add action=mark-connection chain=prerouting comment=FILETRANSER \ connection-mark=all.pre_conn disabled=no dst-port=20,21,23 \ new-connection-mark=communication_conn passthrough=yes protocol=tcp

    add action=mark-packet chain=forward comment="" connection-mark=\ communication_conn disabled=no new-packet-mark=communication_pkt \ passthrough=no add action=mark-connection chain=prerouting comment=NORMAL connection-mark=\ all.pre_conn disabled=no dst-address-list=!ProxyNET new-connection-mark=\ normal_conn passthrough=yes add action=mark-packet chain=forward comment="" connection-mark=normal_conn \ disabled=no new-packet-mark=normal_pkt passthrough=no

    ===mangle jaringan local=== /ip firewall mangle add action=mark-packet chain=forward comment=DOWNLOAD connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.1 new-packet-mark=Billing passthrough=no protocol=tcp add action=mark-packet chain=forward comment=DOWNLOAD connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.2 new-packet-mark=client1 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.3 new-packet-mark=client2 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.4 new-packet-mark=client3 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.6 new-packet-mark=client5 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.7 new-packet-mark=client6 passthrough=no protocol=tcp

    add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.8 new-packet-mark=client7 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.9 new-packet-mark=client8 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.10 new-packet-mark=client9 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.11 new-packet-mark=client10 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.12 new-packet-mark=client11 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.13 new-packet-mark=client12 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.14 new-packet-mark=client13 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.15 new-packet-mark=client14 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.16 new-packet-mark=client15 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\

    192.168.9.17 new-packet-mark=client16 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.18 new-packet-mark=client17 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.19 new-packet-mark=client18 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.20 new-packet-mark=client19 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.21 new-packet-mark=client20 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.22 new-packet-mark=client21 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.23 new-packet-mark=client22 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.24 new-packet-mark=client23 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.25 new-packet-mark=client24 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.26 new-packet-mark=client25 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\

    131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.27 new-packet-mark=client26 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.28 new-packet-mark=client27 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.29 new-packet-mark=client28 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.9.30 new-packet-mark=client29 passthrough=no protocol=tcp

    ===mangle RT/RW net=== /ip firewall mangle add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.2 new-packet-mark=Rtrwnet2 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.3 new-packet-mark=Rtrwnet3 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.4 new-packet-mark=Rtrwnet4 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.5 new-packet-mark=Rtrwnet5 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.6 new-packet-mark=Rtrwnet6 passthrough=no protocol=tcp

    add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.7 new-packet-mark=Rtrwnet7 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.8 new-packet-mark=Rtrwnet8 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.9 new-packet-mark=Rtrwnet9 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.10 new-packet-mark=Rtrwnet10 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.11 new-packet-mark=Rtrwnet11 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.12 new-packet-mark=Rtrwnet12 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.13 new-packet-mark=Rtrwnet13 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.14 new-packet-mark=Rtrwnet14 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.15 new-packet-mark=Rtrwnet15 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\

    192.168.4.16 new-packet-mark=Rtrwnet16 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.17 new-packet-mark=Rtrwnet17 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.18 new-packet-mark=Rtrwnet18 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.19 new-packet-mark=Rtrwnet19 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.20 new-packet-mark=Rtrwnet20 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.21 new-packet-mark=Rtrwnet21 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.22 new-packet-mark=Rtrwnet22 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.23 new-packet-mark=Rtrwnet23 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.24 new-packet-mark=Rtrwnet24 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.25 new-packet-mark=Rtrwnet25 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\

    131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.26 new-packet-mark=Rtrwnet26 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.27 new-packet-mark=Rtrwnet27 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.28 new-packet-mark=Rtrwnet28 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.29 new-packet-mark=Rtrwnet29 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.30 new-packet-mark=Rtrwnet30 passthrough=no protocol=tcp

    ===mangle hotspot internal=== /ip firewall mangle add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.2 new-packet-mark=hotspot2 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.3 new-packet-mark=hotspot3 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.4 new-packet-mark=hotspot4 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.5 new-packet-mark=hotspot5 passthrough=no protocol=tcp

    add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.6 new-packet-mark=hotspot6 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.7 new-packet-mark=hotspot7 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.8 new-packet-mark=hotspot8 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.9 new-packet-mark=hotspot9 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.10 new-packet-mark=hotspot10 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.11 new-packet-mark=hotspot11 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.12 new-packet-mark=hotspot12 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.13 new-packet-mark=hotspot13 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.14 new-packet-mark=hotspot14 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\

    192.168.5.15 new-packet-mark=hotspot15 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.16 new-packet-mark=hotspot16 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.17 new-packet-mark=hotspot17 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.18 new-packet-mark=hotspot18 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.19 new-packet-mark=hotspot19 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.20 new-packet-mark=hotspot20 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.21 new-packet-mark=hotspot21 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.22 new-packet-mark=hotspot22 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.23 new-packet-mark=hotspot23 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.24 new-packet-mark=hotspot24 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\

    131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.25 new-packet-mark=hotspot25 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.26 new-packet-mark=hotspot26 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.27 new-packet-mark=hotspot27 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.28 new-packet-mark=hotspot28 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.29 new-packet-mark=hotspot29 passthrough=no protocol=tcp add action=mark-packet chain=forward comment="" connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.5.30 new-packet-mark=hotspot30 passthrough=no protocol=tcp

    ===bandwidth limit=== /queue type add kind=pcq name=pcq_up pcq-classifier=src-address pcq-limit=200 pcq-rate=0 \ pcq-total-limit=8000 add kind=pcq name=pcq_down pcq-classifier=dst-address pcq-limit=200 pcq-rate=\ 0 pcq-total-limit=8000 add kind=pfifo name=pfifo-critical pfifo-limit=10 add kind=pcq name=pcq_critical.up pcq-classifier=src-address,src-port \ pcq-limit=20 pcq-rate=0 pcq-total-limit=500 add kind=pcq name=pcq_critical.down pcq-classifier=dst-address,dst-port \ pcq-limit=20 pcq-rate=0 pcq-total-limit=500

    /queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="A. PROXY HIT Local" packet-mark=proxy-hit parent=Local \ priority=1 queue=default add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="E. PROXY HIT RTRWNET" packet-mark=proxy-hit parent=Rtrwnet \ priority=1 queue=default add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="F. PROXY HIT HOTSPOT" packet-mark=proxy-hit parent=hotspot \ priority=1 queue=default add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="B. CRITICAL" packet-mark=critical_pkt parent=Speedy \ priority=1 queue=pfifo-critical add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="C. INBOUND" packet-mark=all.post_pkt parent=global-out \ priority=8 add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="D. OUTBOUND" packet-mark=all.pre_pkt parent=Speedy \ priority=8 add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="A. GAMES" packet-mark=games_pkt parent="C. INBOUND" \ priority=2 queue=pcq_critical.down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="B. HTTP" packet-mark=browsing_pkt parent="C. INBOUND" \ priority=3 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=64k \ max-limit=128k name="C. REALTIME" packet-mark=realtime_pkt parent=\ "C. INBOUND" priority=4 queue=pcq_critical.down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=64k \

    max-limit=128k name="D. FILETRANS" packet-mark=communication_pkt parent=\ "C. INBOUND" priority=5 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=64k \ max-limit=128k name="E. NORMAL" packet-mark=normal_pkt parent=\ "C. INBOUND" priority=6 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=1024k name="F. DOWNCLIENT 1M" parent="C. INBOUND" priority=8

    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=1024k name="F. DOWNRTRW 1M" parent="C. INBOUND" priority=8

    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=1024k name="F. DOWNHOTSPOT 1M" parent="C. INBOUND" priority=8

    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="G. DOWN 2M" parent="C. INBOUND" priority=8

    ===limit jaringan local=== /queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Billing packet-mark=Billing parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client1 packet-mark=client1 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client2 packet-mark=client2 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \

    max-limit=256k name=Client3 packet-mark=client3 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client4 packet-mark=client4 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client5 packet-mark=client5 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client6 packet-mark=client6 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client7 packet-mark=client7 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client8 packet-mark=client8 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client9 packet-mark=client9 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client10 packet-mark=client10 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client11 packet-mark=client11 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client12 packet-mark=client12 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down

    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client13 packet-mark=client13 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client14 packet-mark=client14 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client15 packet-mark=client15 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client16 packet-mark=client16 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client17 packet-mark=client17 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client18 packet-mark=client18 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client19 packet-mark=client19 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client20 packet-mark=client20 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client21 packet-mark=client21 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client22 packet-mark=client22 parent=\

    "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client23 packet-mark=client23 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client24 packet-mark=client24 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client25 packet-mark=client25 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client26 packet-mark=client26 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client27 packet-mark=client27 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client28 packet-mark=client28 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client29 packet-mark=client29 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Client30 packet-mark=client30 parent=\ "F. DOWNCLIENT 1M" priority=8 queue=pcq_down

    ===limit jariangan RT/RW net=== /queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \

    max-limit=256k name=Rtrwnet1 packet-mark=Rtrwnet1 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet2 packet-mark=Rtrwnet2 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet3 packet-mark=Rtrwnet3 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet4 packet-mark=Rtrwnet4 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet5 packet-mark=Rtrwnet5 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet6 packet-mark=Rtrwnet6 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet7 packet-mark=Rtrwnet7 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet8 packet-mark=Rtrwnet8 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet9 packet-mark=Rtrwnet9 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet10 packet-mark=Rtrwnet10 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down

    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet11 packet-mark=Rtrwnet11 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet12 packet-mark=Rtrwnet12 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet13 packet-mark=Rtrwnet13 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet14 packet-mark=Rtrwnet14 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet15 packet-mark=Rtrwnet15 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet16 packet-mark=Rtrwnet16 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet17 packet-mark=Rtrwnet17 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet18 packet-mark=Rtrwnet18 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet19 packet-mark=Rtrwnet19 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet20 packet-mark=Rtrwnet20 parent=\

    "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet21 packet-mark=Rtrwnet21 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet22 packet-mark=Rtrwnet22 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet23 packet-mark=Rtrwnet23 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet24 packet-mark=Rtrwnet24 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet25 packet-mark=Rtrwnet25 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet26 packet-mark=Rtrwnet26 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet27 packet-mark=Rtrwnet27 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet28 packet-mark=Rtrwnet28 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=Rtrwnet29 packet-mark=Rtrwnet29 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \

    max-limit=256k name=Rtrwnet30 packet-mark=Rtrwnet30 parent=\ "F. DOWNRTRW 1M" priority=8 queue=pcq_down

    ===limit hotspot internal=== /queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot1 packet-mark=hotspot1 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot2 packet-mark=hotspot2 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot3 packet-mark=hotspot3 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot4 packet-mark=hotspot4 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot5 packet-mark=hotspot5 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot6 packet-mark=hotspot6 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot7 packet-mark=hotspot7 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot8 packet-mark=hotspot8 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down

    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot9 packet-mark=hotspot9 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot10 packet-mark=hotspot10 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot11 packet-mark=hotspot11 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot12 packet-mark=hotspot12 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot13 packet-mark=hotspot13 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot14 packet-mark=hotspot14 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot15 packet-mark=hotspot15 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot16 packet-mark=hotspot16 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot17 packet-mark=hotspot17 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot18 packet-mark=hotspot18 parent=\

    "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot19 packet-mark=hotspot19 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot20 packet-mark=hotspot20 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot21 packet-mark=hotspot21 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot22 packet-mark=hotspot22 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot23 packet-mark=hotspot23 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot24 packet-mark=hotspot24 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot25 packet-mark=hotspot25 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot26 packet-mark=hotspot26 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot27 packet-mark=hotspot27 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \

    max-limit=256k name=hotspot28 packet-mark=hotspot28 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot29 packet-mark=hotspot29 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=256k name=hotspot30 packet-mark=hotspot30 parent=\ "F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down

    /ip firewall mangle add action=mark-packet chain=forward comment=DOWNLOAD-NO-LIMIT connection-bytes=\ 131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\ 192.168.4.30 new-packet-mark=APbescomnet passthrough=no protocol=tcp

    /queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=APbescomnet packet-mark=client16 parent=\ "G. DOWN 2M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=billing packet-mark=client17 parent=\ "G. DOWN 2M" priority=8 queue=pcq_down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="A. GAMES UP" packet-mark=games_pkt parent="D. OUTBOUND" \ priority=2 queue=pcq_critical.up add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=64k \ max-limit=128k name="B. HTTP UP" packet-mark=proxy_pkt parent=\ "D. OUTBOUND" priority=3 queue=pcq_up add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=32k \

    max-limit=64k name="C. REALTIME UP" packet-mark=realtime_pkt parent=\ "D. OUTBOUND" priority=4 queue=pcq_critical.up add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=64k \ max-limit=128k name="D. FILETRANS UP" packet-mark=communication_pkt \ parent="D. OUTBOUND" priority=5 queue=pcq_up add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=64k \ max-limit=128k name="E. NORMAL UP" packet-mark=normal_pkt parent=\ "D. OUTBOUND" priority=6 queue=pcq_up

    ===anti cloning ubnt=== /ip firewall filter add chain=forward src-address=10.10.10.12 src-mac-address=!DC:9F:DB:54:D7:6E comment="kunci 10.10.10.12 ke DC:9F:DB:54:D7:6E" add chain=forward src-address=10.10.10.14 src-mac-address=!DC:9F:DB:54:D7:E5 comment="kunci 10.10.10.14 ke DC:9F:DB:54:D7:E5" add chain=forward src-address=10.10.10.15 src-mac-address=!DC:9F:DB:54:D6:CE comment="kunci 10.10.10.15 ke DC:9F:DB:54:D6:CE" add chain=forward src-address=10.10.10.17 src-mac-address=!DC:9F:DB:0C:B3:E6 comment="kunci 10.10.10.17 ke DC:9F:DB:0C:B3:E6" action=drop action=drop action=drop action=drop

    Potrebbero piacerti anche