Scribd
Upload
200 views5 pages

Magle

The document contains firewall configuration settings that mark and classify network traffic based on port, protocol, interface, address, and packet characteristics. Traffic is assigned to various queues with bandwidth limits. Specific clients on the local network are given dedicated queues for downstream and upstream traffic through the hotspot.

Uploaded by

Billia Milkam Efendi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
200 views5 pages

Magle

The document contains firewall configuration settings that mark and classify network traffic based on port, protocol, interface, address, and packet characteristics. Traffic is assigned to various queues with bandwidth limits. Specific clients on the local network are given dedicated queues for downstream and upstream traffic through the hotspot.

Uploaded by

Billia Milkam Efendi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

/ip firewall mangle

add action=mark-connection chain=prerouting comment="PORT UMUM " dst-port=\


21,22,23,81,88,5050,843,182,8777,1935,53,8000-8081,443,80 in-interface=\
!WAN1 new-connection-mark="PORT UMUM" passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting dst-port=\
67,5228,35915,39397,110,5060,6666,3478,66,53 in-interface=!WAN1 \
new-connection-mark="PORT UMUM" passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting dst-port=\
67,5228,35915,39397,110,5060,6666,3478,66,53 in-interface=!WAN1 \
new-connection-mark="PORT UMUM" passthrough=yes protocol=udp
add action=mark-connection chain=prerouting dst-port=\
21,22,23,81,88,5050,843,182,8777,1935,53,8000-8081,443,80 in-interface=\
!WAN1 new-connection-mark="PORT UMUM" passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment=\
"PORT SELAIN PORT UMUM ( GAME )" connection-mark="!PORT UMUM" \
in-interface=!WAN1 new-connection-mark="PORT SELAIN PORT UMUM ( GAME )" \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting connection-mark="!PORT UMUM" \
in-interface=!WAN1 new-connection-mark="PORT SELAIN PORT UMUM ( GAME )" \
passthrough=yes protocol=udp
add action=mark-packet chain=forward comment=\
"PACKET UPLUAD SELAIN PORT UMUM(GAME)" connection-mark=\
"PORT SELAIN PORT UMUM ( GAME )" new-packet-mark=\
"PORT SELAIN PORT UMUM(GAME) UPLUAD" out-interface=WAN1 passthrough=yes
add action=mark-packet chain=forward comment=\
"PACKET DOWNLOAD SELAIN PORT UMUM(GAME)" connection-mark=\
"PORT SELAIN PORT UMUM ( GAME )" in-interface=WAN1 new-packet-mark=\
"PORT SELAIN PORT UMUM(GAME) DOWN" passthrough=yes
add action=add-dst-to-address-list address-list="IP BUKAN PORT UMUM" \
address-list-timeout=3m chain=prerouting comment=\
"KONEKSI SELAIN PORT UMUM (1MBPS+)" connection-mark="!PORT UMUM" \
connection-rate=1M-100M dst-address-list="!IP LOCAL" in-interface=!WAN1 \
protocol=tcp
add action=add-dst-to-address-list address-list="IP BUKAN PORT UMUM" \
address-list-timeout=3m chain=prerouting connection-mark="!PORT UMUM" \
connection-rate=1M-100M dst-address-list="!IP LOCAL" in-interface=!WAN1 \
protocol=udp
add action=mark-connection chain=prerouting dst-address-list=\
"IP BUKAN PORT UMUM" in-interface=!WAN1 new-connection-mark=\
"PORT SELAIN PORT UMUM ( KONEKSI BERAT )" passthrough=yes
add action=mark-packet chain=forward connection-mark=\
"PORT SELAIN PORT UMUM ( KONEKSI BERAT )" in-interface=WAN1 \
new-packet-mark="SELAIN PORT UMUM BERAT (DOWNLOAD)" passthrough=yes
add action=mark-packet chain=forward connection-mark=\
"PORT SELAIN PORT UMUM ( KONEKSI BERAT )" new-packet-mark=\
"SELAIN PORT UMUM BERAT (UPLUAD)" out-interface=WAN1 passthrough=yes
add action=mark-packet chain="HOTSPOT ALL DOWNLOAD" comment=\
"HOTSPOT ALL DOWNLOAD" connection-mark=\
"!PORT SELAIN PORT UMUM ( KONEKSI BERAT )" new-packet-mark=\
"HOTSPOT ALL DOWNLOAD" passthrough=yes
add action=mark-packet chain="HOTSPOT ALL DOWNLOAD" comment=\
"01. HOTSPOT ALL DOWNLOAD" connection-bytes=0-1000000 new-packet-mark=\
"01. HOTSPOT ALL DOWNLOAD" packet-mark="HOTSPOT ALL DOWNLOAD" \
passthrough=no
add action=mark-packet chain="HOTSPOT ALL DOWNLOAD" comment=\
"02. HOTSPOT ALL DOWNLOAD" connection-bytes=1000000-2000000 \
new-packet-mark="02. HOTSPOT ALL DOWNLOAD" packet-mark=\
"HOTSPOT ALL DOWNLOAD" passthrough=no
add action=mark-packet chain="HOTSPOT ALL DOWNLOAD" comment=\
"03. HOTSPOT ALL DOWNLOAD" connection-bytes=2000000-3000000 \
new-packet-mark="03. HOTSPOT ALL DOWNLOAD" packet-mark=\
"HOTSPOT ALL DOWNLOAD" passthrough=no
add action=mark-packet chain="HOTSPOT ALL DOWNLOAD" comment=\
"04. HOTSPOT ALL DOWNLOAD" connection-bytes=3000000-0 new-packet-mark=\
"04. HOTSPOT ALL DOWNLOAD" packet-mark="HOTSPOT ALL DOWNLOAD" \
passthrough=no
add action=jump chain=forward connection-mark=\
"!PORT SELAIN PORT UMUM ( GAME )" dst-address-list="IP HOTSPOT ALL" \
in-interface=WAN1 jump-target="HOTSPOT ALL DOWNLOAD"
add action=mark-packet chain="HOTSPOT ALL UPLUAD" comment=\
"HOTSPOT ALL UPLUAD" connection-mark=\
"!PORT SELAIN PORT UMUM ( KONEKSI BERAT )" new-packet-mark=\
"HOTSPOT ALL UPLUAD" passthrough=yes
add action=jump chain=forward connection-mark=\
"!PORT SELAIN PORT UMUM ( GAME )" jump-target="HOTSPOT ALL UPLUAD" \
out-interface=WAN1 src-address-list="IP HOTSPOT ALL"
add action=mark-packet chain=down-hotspot/clien-192.168.4.3 comment=\
down-hotspot/clien-192.168.4.3 connection-mark=\
"!PORT SELAIN PORT UMUM ( KONEKSI BERAT )" new-packet-mark=\
down-hotspot/clien-192.168.4.3 passthrough=yes
add action=jump chain=forward connection-mark=\
"!PORT SELAIN PORT UMUM ( GAME )" dst-address=192.168.4.3 in-interface=\
WAN1 jump-target=down-hotspot/clien-192.168.4.3
add action=mark-packet chain=up-hotspot/clien-192.168.4.3 comment=\
up-hotspot/clien-192.168.4.3 connection-mark=\
"!PORT SELAIN PORT UMUM ( KONEKSI BERAT )" new-packet-mark=\
up-hotspot/clien-192.168.4.3 passthrough=yes
add action=jump chain=forward connection-mark=\
"!PORT SELAIN PORT UMUM ( GAME )" jump-target=\
up-hotspot/clien-192.168.4.3 out-interface=WAN1 src-address=192.168.4.3
add action=mark-packet chain=down-hotspot/clien-192.168.4.4 comment=\
down-hotspot/clien-192.168.4.4 connection-mark=\
"!PORT SELAIN PORT UMUM ( KONEKSI BERAT )" new-packet-mark=\
down-hotspot/clien-192.168.4.4 passthrough=yes
add action=jump chain=forward connection-mark=\
"!PORT SELAIN PORT UMUM ( GAME )" dst-address=192.168.4.4 in-interface=\
WAN1 jump-target=down-hotspot/clien-192.168.4.4
add action=mark-packet chain=up-hotspot/clien-192.168.4.4 comment=\
up-hotspot/clien-192.168.4.4 connection-mark=\
"!PORT SELAIN PORT UMUM ( KONEKSI BERAT )" new-packet-mark=\
up-hotspot/clien-192.168.4.4 passthrough=yes
add action=jump chain=forward connection-mark=\
"!PORT SELAIN PORT UMUM ( GAME )" jump-target=\
up-hotspot/clien-192.168.4.4 out-interface=WAN1 src-address=192.168.4.4
add action=mark-packet chain=down-hotspot/clien-192.168.4.5 comment=\
down-hotspot/clien-192.168.4.5 connection-mark=\
"!PORT SELAIN PORT UMUM ( KONEKSI BERAT )" new-packet-mark=\
down-hotspot/clien-192.168.4.5 passthrough=yes
add action=jump chain=forward connection-mark=\
"!PORT SELAIN PORT UMUM ( GAME )" dst-address=192.168.4.5 in-interface=\
WAN1 jump-target=down-hotspot/clien-192.168.4.5
add action=mark-packet chain=up-hotspot/clien-192.168.4.5 comment=\
up-hotspot/clien-192.168.4.5 connection-mark=\
"!PORT SELAIN PORT UMUM ( KONEKSI BERAT )" new-packet-mark=\
up-hotspot/clien-192.168.4.5 passthrough=yes
add action=jump chain=forward connection-mark=\
"!PORT SELAIN PORT UMUM ( GAME )" jump-target=\
up-hotspot/clien-192.168.4.5 out-interface=WAN1 src-address=192.168.4.5
add action=mark-packet chain=down-hotspot/clien-192.168.4.6 comment=\
down-hotspot/clien-192.168.4.6 connection-mark=\
"!PORT SELAIN PORT UMUM ( KONEKSI BERAT )" new-packet-mark=\
down-hotspot/clien-192.168.4.6 passthrough=yes
add action=jump chain=forward connection-mark=\
"!PORT SELAIN PORT UMUM ( GAME )" dst-address=192.168.4.6 in-interface=\
WAN1 jump-target=down-hotspot/clien-192.168.4.6
add action=mark-packet chain=up-hotspot/clien-192.168.4.6 comment=\
up-hotspot/clien-192.168.4.6 connection-mark=\
"!PORT SELAIN PORT UMUM ( KONEKSI BERAT )" new-packet-mark=\
up-hotspot/clien-192.168.4.6 passthrough=yes
add action=jump chain=forward connection-mark=\
"!PORT SELAIN PORT UMUM ( GAME )" jump-target=\
up-hotspot/clien-192.168.4.6 out-interface=WAN1 src-address=192.168.4.6
add action=mark-packet chain=down-hotspot/clien-192.168.4.7 comment=\
down-hotspot/clien-192.168.4.7 connection-mark=\
"!PORT SELAIN PORT UMUM ( KONEKSI BERAT )" new-packet-mark=\
down-hotspot/clien-192.168.4.7 passthrough=yes
add action=jump chain=forward connection-mark=\
"!PORT SELAIN PORT UMUM ( GAME )" dst-address=192.168.4.7 in-interface=\
WAN1 jump-target=down-hotspot/clien-192.168.4.7
add action=mark-packet chain=up-hotspot/clien-192.168.4.7 comment=\
up-hotspot/clien-192.168.4.7 connection-mark=\
"!PORT SELAIN PORT UMUM ( KONEKSI BERAT )" new-packet-mark=\
up-hotspot/clien-192.168.4.7 passthrough=yes
add action=jump chain=forward connection-mark=\
"!PORT SELAIN PORT UMUM ( GAME )" jump-target=\
up-hotspot/clien-192.168.4.7 out-interface=WAN1 src-address=192.168.4.7

/queue tree
add max-limit=18M name="HOTSPOT-CLIEN ALL DOWNLOAD" parent=\
"1.GLOBAL DOWNLOAD ALL" queue=pcq-download-default
add max-limit=2M name="HOTSPOT-CLIEN ALL UPLUAD" parent="2.GLOBAL ALL
UPLUAD" \
queue=pcq-upload-default
add max-limit=2M name="SELAIN PORT UMUM RINGAN GAME ONLINE DOWN" packet-mark=\
"PORT SELAIN PORT UMUM(GAME) DOWN" parent="1.GLOBAL DOWNLOAD ALL" queue=\
pcq-download-default
add max-limit=9M name="SELAIN PORT UMUM BERAT" packet-mark=\
"SELAIN PORT UMUM BERAT (DOWNLOAD)" parent="HOTSPOT-CLIEN ALL DOWNLOAD" \
queue=pcq-download-default
add max-limit=2M name="SELAIN PORT UMUM BERAT UP" packet-mark=\
"SELAIN PORT UMUM BERAT (UPLUAD)" parent="HOTSPOT-CLIEN ALL UPLUAD" \
queue=pcq-upload-default
add max-limit=2M name="SELAIN PORT UMUM RINGAN GAME ONLINE UP" packet-mark=\
"PORT SELAIN PORT UMUM(GAME) UPLUAD" parent="2.GLOBAL ALL UPLUAD" queue=\
pcq-upload-default
add max-limit=9M name="CLIEN RUMAHAN DOWN" parent=\
"HOTSPOT-CLIEN ALL DOWNLOAD" queue=pcq-download-default
add max-limit=2M name="CLIEN RUMAHAN UPLUAD" parent=\
"HOTSPOT-CLIEN ALL UPLUAD" queue=pcq-upload-default
add max-limit=9M name="HOTSPOT ALL DOWNLOAD" packet-mark=\
"HOTSPOT ALL DOWNLOAD" parent="HOTSPOT-CLIEN ALL DOWNLOAD" queue=\
pcq-download-default
add max-limit=2M name="HOTSPOT ALL UPLUAD" packet-mark="HOTSPOT ALL UPLUAD" \
parent="HOTSPOT-CLIEN ALL UPLUAD" queue=pcq-upload-default
add limit-at=120k max-limit=2M name=\
"down-hotspot/clien-192.168.4.3-ITHA PPPOE" packet-mark=\
down-hotspot/clien-192.168.4.3 parent="CLIEN RUMAHAN DOWN" queue=\
pcq-download-default
add limit-at=156k max-limit=1M name=\
"up-hotspot/clien-192.168.4.3-ITHA PPPOE" packet-mark=\
up-hotspot/clien-192.168.4.3 parent="CLIEN RUMAHAN UPLUAD" queue=\
pcq-upload-default
add limit-at=100k max-limit=2M name=\
"down-hotspot/clien-192.168.4.4-ZAHRAA PPPOE" packet-mark=\
down-hotspot/clien-192.168.4.4 parent="CLIEN RUMAHAN DOWN" queue=\
pcq-download-default
add limit-at=156k max-limit=1M name=\
"up-hotspot/clien-192.168.4.4-ZAHRAA PPPOE" packet-mark=\
up-hotspot/clien-192.168.4.4 parent="CLIEN RUMAHAN UPLUAD" queue=\
pcq-upload-default
add limit-at=128k max-limit=2M name=\
"down-hotspot/clien-192.168.4.5-FIRAH PPPOE" packet-mark=\
down-hotspot/clien-192.168.4.5 parent="CLIEN RUMAHAN DOWN" queue=\
pcq-download-default
add limit-at=128k max-limit=1M name=\
"up-hotspot/clien-192.168.4.5-FIRAH PPPOE" packet-mark=\
up-hotspot/clien-192.168.4.5 parent="CLIEN RUMAHAN UPLUAD" queue=\
pcq-upload-default
add limit-at=100k max-limit=2M name=\
"down-hotspot/clien-192.168.4.6-KOKO PPPOE" packet-mark=\
down-hotspot/clien-192.168.4.6 parent="CLIEN RUMAHAN DOWN" queue=\
pcq-download-default
add limit-at=128k max-limit=1M name="up-hotspot/clien-192.168.4.6-KOKO
PPPOE" \
packet-mark=up-hotspot/clien-192.168.4.6 parent="CLIEN RUMAHAN UPLUAD" \
queue=pcq-upload-default
add limit-at=80k max-limit=2M name=\
"down-hotspot/clien-192.168.4.7-IRUL PPPOE" packet-mark=\
down-hotspot/clien-192.168.4.7 parent="CLIEN RUMAHAN DOWN" queue=\
pcq-download-default
add limit-at=90k max-limit=1M name="up-hotspot/clien-192.168.4.7-IRUL
PPPOE" \
packet-mark=up-hotspot/clien-192.168.4.7 parent="CLIEN RUMAHAN UPLUAD" \
queue=pcq-upload-default
add max-limit=9M name="01. HOTSPOT ALL DOWNLOAD" packet-mark=\
"01. HOTSPOT ALL DOWNLOAD" parent="HOTSPOT ALL DOWNLOAD" priority=1 \
queue=pcq-download-default
add max-limit=5M name="02. HOTSPOT ALL DOWNLOAD" packet-mark=\
"02. HOTSPOT ALL DOWNLOAD" parent="HOTSPOT ALL DOWNLOAD" priority=2 \
queue=pcq-download-default
add max-limit=3M name="03. HOTSPOT ALL DOWNLOAD" packet-mark=\
"03. HOTSPOT ALL DOWNLOAD" parent="HOTSPOT ALL DOWNLOAD" priority=3 \
queue=pcq-download-default
add max-limit=1M name="04. HOTSPOT ALL DOWNLOAD" packet-mark=\
"04. HOTSPOT ALL DOWNLOAD" parent="HOTSPOT ALL DOWNLOAD" priority=4 \
queue=pcq-download-default
/ip firewall mangle
add action=add-dst-to-address-list address-list="ip youtube" \
address-list-timeout=3m chain=prerouting comment=YOUTUBE.COM content=\
googlevideo.com in-interface=!WAN1
add action=mark-connection chain=prerouting dst-address-list="ip youtube" \
in-interface=!WAN1 new-connection-mark=YOUTUBE.COM \
passthrough=yes
add action=mark-packet chain=forward comment="YOUTUBE.COM DOWN" \
connection-mark=YOUTUBE.COM in-interface=WAN1 new-packet-mark=\
"YOUTUBE.COM DOWN" passthrough=yes
add action=mark-packet chain=forward comment="YOUTUBE.COM UPLUAD" \
connection-mark=YOUTUBE.COM new-packet-mark="YOUTUBE.COM UPLUAD" \
out-interface=WAN1 passthrough=yes

You might also like