Mangle Game Online


/system ntp client set enabled=yes mode=unicast primary-ntp=152.118.24.8 secondary-ntp=202.169.224.16
/system note set note=www.sastraamijaya.wordpress.com.setup.by.sastraamijaya show-at-login=yes

/ip firewall nat
add action=dst-nat chain=dstnat comment=”TRANSPARENT PROXY” disabled=no dst-port=80 in-interface=local protocol=tcp src-address=!192.168.254.0/24 to-addresses=192.168.254.2 to-ports=8000
add action=masquerade chain=srcnat comment=MASQUERADE disabled=no out-interface=public


/ip firewall layer7-protocol
add name=”YOUTUBE DOWNLOAD” regexp=”http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5][0-9][0-9][\\x09-\\x0d -~]*(content-type: video)”
add name=EXE regexp=”\\.(exe)”
add name=RAR regexp=”\\.(rar)”
add name=ZIP regexp=”\\.(zip)”
add name=7z regexp=”\\.(7z)”
add name=WMV regexp=”\\.(wmv)”
add name=MPG regexp=”\\.(mpg)”
add name=MPEG regexp=”\\.(mpeg)”
add name=AVI regexp=”\\.(avi)”
add name=FLV regexp=”\\.(flv)”
add name=WAV regexp=”\\.(wav)”
add name=MP3 regexp=”\\.(mp3)”
add name=MP4 regexp=”\\.(mp4)”
add name=ISO regexp=”\\.(iso)”
add name=3GP regexp=”\\.(3gp)”
add name=MOV regexp=”\\.(mov)”
add name=MKV regexp=”\\.(mkv)”
add name=”YOUTUBE STREAMING” regexp=youtube
add name=PORN regexp=porn
add name=TUBE regexp=tube
add name=VIDEO regexp=video
add name=MOVIE regexp=movie

/ip firewall filter
add action=accept chain=input disabled=no dst-port=8291 protocol=tcp
add action=drop chain=forward connection-state=invalid disabled=no
add action=drop chain=virus disabled=no dst-port=135-139 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1433-1434 protocol=tcp
add action=drop chain=virus disabled=no dst-port=445 protocol=tcp
add action=drop chain=virus disabled=no dst-port=445 protocol=udp
add action=drop chain=virus disabled=no dst-port=593 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1024-1030 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1080 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1214 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1363 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1364 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1368 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1373 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1377 protocol=tcp
add action=drop chain=virus disabled=no dst-port=2745 protocol=tcp
add action=drop chain=virus disabled=no dst-port=2283 protocol=tcp
add action=drop chain=virus disabled=no dst-port=2535 protocol=tcp
add action=drop chain=virus disabled=no dst-port=2745 protocol=tcp
add action=drop chain=virus disabled=no dst-port=3127 protocol=tcp
add action=drop chain=virus disabled=no dst-port=3410 protocol=tcp
add action=drop chain=virus disabled=no dst-port=4444 protocol=tcp
add action=drop chain=virus disabled=no dst-port=4444 protocol=udp
add action=drop chain=virus disabled=no dst-port=5554 protocol=tcp
add action=drop chain=virus disabled=no dst-port=8866 protocol=tcp
add action=drop chain=virus disabled=no dst-port=9898 protocol=tcp
add action=drop chain=virus disabled=no dst-port=10080 protocol=tcp
add action=drop chain=virus disabled=no dst-port=12345 protocol=tcp
add action=drop chain=virus disabled=no dst-port=17300 protocol=tcp
add action=drop chain=virus disabled=no dst-port=27374 protocol=tcp
add action=drop chain=virus disabled=no dst-port=65506 protocol=tcp
add action=jump chain=forward disabled=no jump-target=virus
add action=drop chain=input connection-state=invalid disabled=no
add action=accept chain=input disabled=no protocol=udp
add action=accept chain=input disabled=no limit=50/5s,2 protocol=icmp
add action=drop chain=input disabled=no protocol=icmp
add action=accept chain=input disabled=no dst-port=21 protocol=tcp
add action=accept chain=input disabled=no dst-port=22 protocol=tcp
add action=accept chain=input disabled=no dst-port=23 protocol=tcp
add action=accept chain=input disabled=no dst-port=80 protocol=tcp
add action=accept chain=input disabled=no dst-port=8291 protocol=tcp
add action=accept chain=input disabled=no dst-port=1723 protocol=tcp
add action=accept chain=input disabled=no dst-port=23 protocol=tcp
add action=accept chain=input disabled=no dst-port=80 protocol=tcp
add action=accept chain=input disabled=no dst-port=1723 protocol=tcp
add action=add-src-to-address-list address-list=DDOS address-list-timeout=15s chain=input disabled=no dst-port=1337 protocol=tcp
add action=add-src-to-address-list address-list=DDOS address-list-timeout=15m chain=input disabled=no dst-port=7331 protocol=tcp src-address-list=knock
add action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w chain=input comment=”Port scanners to list ” disabled=no protocol=tcp psd=21,3s,3,1
add action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w chain=input comment=”SYN/FIN scan” disabled=no protocol=tcp tcp-flags=fin,syn
add action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w chain=input comment=”SYN/RST scan” disabled=no protocol=tcp tcp-flags=syn,rst
add action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w chain=input comment=”FIN/PSH/URG scan” disabled=no protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
add action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w chain=input comment=”ALL/ALL scan” disabled=no protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg
add action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w chain=input comment=”NMAP NULL scan” disabled=no protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
add action=accept chain=input comment=”ANTI NETCUT” disabled=no dst-port=0-65535 protocol=tcp src-address=61.213.183.1-61.213.183.254
add action=accept chain=input comment=”ANTI NETCUT” disabled=no dst-port=0-65535 protocol=tcp src-address=67.195.134.1-67.195.134.254
add action=accept chain=input comment=”ANTI NETCUT” disabled=no dst-port=0-65535 protocol=tcp src-address=68.142.233.1-68.142.233.254
add action=accept chain=input comment=”ANTI NETCUT” disabled=no dst-port=0-65535 protocol=tcp src-address=68.180.217.1-68.180.217.254
add action=accept chain=input comment=”ANTI NETCUT” disabled=no dst-port=0-65535 protocol=tcp src-address=203.84.204.1-203.84.204.254
add action=accept chain=input comment=”ANTI NETCUT” disabled=no dst-port=0-65535 protocol=tcp src-address=69.63.176.1-69.63.176.254
add action=accept chain=input comment=”ANTI NETCUT” disabled=no dst-port=0-65535 protocol=tcp src-address=69.63.181.1-69.63.181.254
add action=accept chain=input comment=”ANTI NETCUT” disabled=no dst-port=0-65535 protocol=tcp src-address=63.245.209.1-63.245.209.254
add action=accept chain=input comment=”ANTI NETCUT” disabled=no dst-port=0-65535 protocol=tcp src-address=63.245.213.1-63.245.213.254
mangle
add action=mark-packet chain=postrouting comment=”SQUID PROXY HIT” disabled=no dscp=12 new-packet-mark=”www.sastraamijaya.wordpress.com sphp” passthrough=no
add action=mark-connection chain=prerouting comment=ICMP new-connection-mark=”www.sastraamijaya.wordpress.com ic” passthrough=yes protocol=icmp
add action=mark-packet chain=prerouting connection-mark=”www.sastraamijaya.wordpress.com ic” new-packet-mark=”www.sastraamijaya.wordpress.com ip” passthrough=yes
add action=change-dscp chain=prerouting new-dscp=1 packet-mark=”www.sastraamijaya.wordpress.com ip”
add action=mark-connection chain=prerouting new-connection-mark=”www.sastraamijaya.wordpress.com dc” comment=DNS dst-port=53 passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-port=53 new-connection-mark=”www.sastraamijaya.wordpress.com dc” passthrough=yes protocol=udp
add action=mark-packet chain=prerouting connection-mark=”www.sastraamijaya.wordpress.com dc” new-packet-mark=”www.sastraamijaya.wordpress.com dp” passthrough=yes
add action=change-dscp chain=prerouting disabled=no new-dscp=1 packet-mark=”www.sastraamijaya.wordpress.com dp”
add action=mark-connection chain=prerouting comment=HTTP dst-port=80 new-connection-mark=”www.sastraamijaya.wordpress.com hc” passthrough=yes protocol=tcp
add action=mark-packet chain=forward connection-mark=”www.sastraamijaya.wordpress.com hc” disabled=no dst-address=192.168.11.0/24 new-packet-mark=”www.sastraamijaya.wordpress.com hpd” passthrough=no
add action=mark-packet chain=forward connection-mark=”www.sastraamijaya.wordpress.com hc” disabled=no new-packet-mark=”www.sastraamijaya.wordpress.com hpu” passthrough=no src-address=192.168.11.0/24
add action=mark-connection chain=prerouting comment=”GAME ONLINE” dst-port=”1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6001,6000-6152,7777″ new-connection-mark=”www.sastraamijaya.wordpress.com goc” passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-port=”7341-7350,7451,8085,9600,9601-9602,9300,9400,9700,9376-9377,10001-10011,40000″ new-connection-mark=”www.sastraamijaya.wordpress.com goc” passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting dst-port=”10009,13008,16666,28012,11011-11041,10402,11031,12011,12110,13413,15000-15002,15001,15002″ new-connection-mark=”www.sastraamijaya.wordpress.com goc” passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-port=”16402-16502,18901-18909,19000,19101,22100,27780,29000,29200,39100,39110,39220,39190,49100″ new-connection-mark=”www.sastraamijaya.wordpress.com goc” passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting dst-port=14009-14010 new-connection-mark=”www.sastraamijaya.wordpress.com goc” passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting dst-port=”1293,1479,6100-6152,7777-7977,9401,9600-9602,12020-12080,30000,40000-40010″ new-connection-mark=”www.sastraamijaya.wordpress.com goc” passthrough=yes protocol=udp
add action=mark-connection chain=prerouting dst-port=42051-42052,11100-11125,11440-11460 new-connection-mark=”www.sastraamijaya.wordpress.com goc” passthrough=yes protocol=udp
add action=mark-connection chain=prerouting dst-port=14009-14010 new-connection-mark=”www.sastraamijaya.wordpress.com goc” passthrough=yes protocol=udp
add action=mark-packet chain=forward connection-mark=”www.sastraamijaya.wordpress.com goc” dst-address=192.168.11.0/24 new-packet-mark=”www.sastraamijaya.wordpress.com gopd” passthrough=no
add action=mark-packet chain=forward connection-mark=”www.sastraamijaya.wordpress.com goc” new-packet-mark=”www.sastraamijaya.wordpress.com gopu” passthrough=no src-address=192.168.11.0/24
add action=mark-connection chain=prerouting comment=”GAME FACEBOOK” dst-port=843,9339 new-connection-mark=”www.sastraamijaya.wordpress.com gfc” passthrough=yes protocol=tcp
add action=mark-packet chain=forward connection-mark=”www.sastraamijaya.wordpress.com gfc” disabled=no dst-address=192.168.11.0/24 new-packet-mark=”www.sastraamijaya.wordpress.com gfpd” passthrough=no
add action=mark-packet chain=forward connection-mark=”www.sastraamijaya.wordpress.com gfc” new-packet-mark=”www.sastraamijaya.wordpress.com gfpu” passthrough=no src-address=192.168.11.0/24
add action=mark-connection chain=prerouting comment=”MIVO TV” dst-port=1935 new-connection-mark=”www.sastraamijaya.wordpress.com mtc” passthrough=yes protocol=tcp
add action=mark-packet chain=forward connection-mark=”www.sastraamijaya.wordpress.com mtc” disabled=no new-packet-mark=”MIVO TV” passthrough=no
add action=mark-packet chain=forward comment=”LIMIT EXTENTION” disabled=no layer7-protocol=”YOUTUBE DOWNLOAD” new-packet-mark=”YOUTUBE DOWNLOAD” passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=”YOUTUBE STREAMING” new-packet-mark=”YOUTUBE STREAMING” passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=TUBE new-packet-mark=PORN1 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=PORN new-packet-mark=PORN2 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=VIDEO new-packet-mark=PORN3 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MOVIE new-packet-mark=PORN4 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MKV new-packet-mark=MKV passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MP3 new-packet-mark=MP3 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MP4 new-packet-mark=MP4 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=ZIP new-packet-mark=ZIP passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=EXE new-packet-mark=EXE passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=FLV new-packet-mark=FLV passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=ISO new-packet-mark=ISO passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MOV new-packet-mark=MOV passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MPEG new-packet-mark=MPEG passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MPG new-packet-mark=MPG passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=RAR new-packet-mark=RAR passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=WAV new-packet-mark=WAV passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=WMV new-packet-mark=WMV passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=ISO new-packet-mark=3GP passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=7z new-packet-mark=7z passthrough=no

/queue type
add kind=pcq name=”PROXY DOWN” pcq-classifier=dst-address
add kind=pcq name=DOWN pcq-classifier=dst-address,dst-port
add kind=pcq name=UP pcq-classifier=src-address,src-port
add kind=pfifo name=PING pfifo-limit=64
/queue tree \
add max-limit=80000000 name=”1.PROXY HIT” packet-mark=”www.sastraamijaya.wordpress.com sphp” parent=local priority=2 queue=”PROXY DOWN”
add name=”2.GAME DOWN” parent=global-out priority=2
add max-limit=2000000 name=”3.GAME UPLOAD” parent=public priority=2
add max-limit=300000 name=”4.BROWSING UPLOAD” packet-mark=”www.sastraamijaya.wordpress.com hpu” parent=proxy priority=4 queue=UP
add max-limit=1800000 name=”5.ALL HTTP DOWN” parent=global-out priority=2
add limit-at=8000 max-limit=30000 name=6.PING1 packet-mark=”www.sastraamijaya.wordpress.com ip” parent=global-out priority=1 queue=PING
add limit-at=8000 max-limit=30000 name=7.PING2 packet-mark=”www.sastraamijaya.wordpress.com ip” parent=public priority=1 queue=PING
add limit-at=8000 max-limit=30000 name=8.DNS1 packet-mark=”www.sastraamijaya.wordpress.com dp” parent=global-out priority=1 queue=PING
add limit-at=8000 max-limit=30000 name=9.DNS2 packet-mark=”www.sastraamijaya.wordpress.com dp” parent=public priority=1 queue=PING
add limit-at=512000 max-limit=2000000 name=”1.GAME ONLINE DOWN” packet-mark=”www.sastraamijaya.wordpress.com gopd” parent=”2.GAME DOWN” priority=2 queue=DOWN
add max-limit=512000 name=”2.GAME FACEBOOK DOWN” packet-mark=”www.sastraamijaya.wordpress.com gfpd” parent=”2.GAME DOWN” priority=3 queue=DOWN
add limit-at=512000 max-limit=2000000 name=”1.GAME ONLINE UPLOAD” packet-mark=”www.sastraamijaya.wordpress.com gopu” parent=”3.GAME UPLOAD” priority=2 queue=UP
add limit-at=0 max-limit=256000 name=”2.GAME FACEBOOK UPLOAD” packet-mark=”www.sastraamijaya.wordpress.com gfpu” parent=”3.GAME UPLOAD” priority=3 queue=UP
add max-limit=1800000 name=”1.BROWSING DOWN” packet-mark=”www.sastraamijaya.wordpress.com hpd” parent=”5.ALL HTTP DOWN” priority=3 queue=DOWN
add max-limit=1000000 name=”4.LIMIT EXTENTION” parent=”5.ALL HTTP DOWN” priority=5
add name=YOUTUBE parent=”4.LIMIT EXTENTION” priority=5
add name=”YOUTUBE STREAMING” packet-mark=”YOUTUBE STREAMING” parent=YOUTUBE priority=5 queue=DOWN
add name=MKV packet-mark=MKV parent=”4.LIMIT EXTENTION” priority=5 queue=DOWN
add name=MP3 packet-mark=MP3 parent=”4.LIMIT EXTENTION” priority=5 queue=DOWN
add name=MP4 packet-mark=MP4 parent=”4.LIMIT EXTENTION” priority=5 queue=DOWN
add name=ZIP packet-mark=ZIP parent=”4.LIMIT EXTENTION” priority=5 queue=DOWN
add name=EXE packet-mark=EXE parent=”4.LIMIT EXTENTION” priority=5 queue=DOWN
add name=ISO packet-mark=ISO parent=”4.LIMIT EXTENTION” priority=5 queue=DOWN
add name=AVI packet-mark=AVI parent=”4.LIMIT EXTENTION” priority=5 queue=DOWN
add name=MOV packet-mark=MOV parent=”4.LIMIT EXTENTION” priority=5 queue=DOWN
add name=MPEG packet-mark=MPEG parent=”4.LIMIT EXTENTION” priority=5 queue=DOWN
add name=MPG packet-mark=MPG parent=”4.LIMIT EXTENTION” priority=5 queue=DOWN
add name=RAR packet-mark=RAR parent=”4.LIMIT EXTENTION” priority=5 queue=DOWN
add name=WAV packet-mark=WAV parent=”4.LIMIT EXTENTION” priority=5 queue=DOWN
add name=WMV packet-mark=WMV parent=”4.LIMIT EXTENTION” priority=5 queue=DOWN
add name=3GP packet-mark=3GP parent=”4.LIMIT EXTENTION” priority=5 queue=DOWN
add name=7z packet-mark=7z parent=”4.LIMIT EXTENTION” priority=5 queue=DOWN
add name=”YOUTUBE DOWNLOAD” packet-mark=”YOUTUBE DOWNLOAD” parent=YOUTUBE priority=5 queue=DOWN
add name=PORN parent=”4.LIMIT EXTENTION” priority=5
add name=PORN1 packet-mark=PORN1 parent=PORN priority=5 queue=DOWN
add name=PORN2 packet-mark=PORN2 parent=PORN priority=5 queue=DOWN
add name=PORN3 packet-mark=PORN3 parent=PORN priority=5 queue=DOWN
add name=”MIVO TV” packet-mark=”MIVO TV” parent=”4.LIMIT EXTENTION” priority=5 queue=DOWN
add name=PORN4 packet-mark=PORN4 parent=PORN priority=5 queue=DOWN

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s