Senin, 05 Mei 2008

Mikrotik untuk Filter Firewall


add chain=input protocol=tcp src-port=1025 action=drop
add chain=input protocol=tcp src-port=12754-13159 action=drop
add chain=input protocol=tcp src-port=1366 action=drop
add chain=input protocol=tcp src-port=1381 action=drop
add chain=input protocol=tcp src-port=1416 action=drop
add chain=input protocol=tcp src-port=1434 action=drop
add chain=input protocol=tcp src-port=1512 action=drop
add chain=input protocol=tcp src-port=201-209 action=drop
add chain=input protocol=tcp src-port=3031 action=drop
add chain=input protocol=tcp src-port=396 action=drop
add chain=input protocol=tcp src-port=445 action=drop
add chain=input protocol=tcp src-port=513 action=drop
add chain=input protocol=tcp src-port=525 action=drop
add chain=input protocol=tcp src-port=545 action=drop
add chain=input protocol=tcp src-port=568 action=drop
add chain=input protocol=tcp src-port=569 action=drop
add chain=input protocol=tcp dst-port=1025 action=drop
add chain=input protocol=tcp dst-port=12754-13159 action=drop
add chain=input protocol=tcp dst-port=135-139 action=drop
add chain=input protocol=tcp dst-port=1366 action=drop
add chain=input protocol=tcp dst-port=1381 action=drop
add chain=input protocol=tcp dst-port=1416 action=drop
add chain=input protocol=tcp dst-port=1434 action=drop
add chain=input protocol=tcp dst-port=1512 action=drop
add chain=input protocol=tcp dst-port=201-209 action=drop
add chain=input protocol=tcp dst-port=3031 action=drop
add chain=input protocol=tcp dst-port=396 action=drop
add chain=input protocol=tcp dst-port=445 action=drop
add chain=input protocol=tcp dst-port=513 action=drop
add chain=input protocol=tcp dst-port=525 action=drop
add chain=input protocol=tcp dst-port=545 action=drop
add chain=input protocol=tcp dst-port=568 action=drop
add chain=input protocol=tcp dst-port=569 action=drop
add chain=input protocol=udp src-port=1025 action=drop
add chain=input protocol=udp src-port=12754-13159 action=drop
add chain=input protocol=udp src-port=135-139 action=drop
add chain=input protocol=udp src-port=1366 action=drop
add chain=input protocol=udp src-port=1381 action=drop
add chain=input protocol=udp src-port=1416 action=drop
add chain=input protocol=udp src-port=1434 action=drop
add chain=input protocol=udp src-port=1512 action=drop
add chain=input protocol=udp src-port=201-209 action=drop
add chain=input protocol=udp src-port=3031 action=drop
add chain=input protocol=udp src-port=396 action=drop
add chain=input protocol=udp src-port=445 action=drop
add chain=input protocol=udp src-port=513 action=drop
add chain=input protocol=udp src-port=525 action=drop
add chain=input protocol=udp src-port=545 action=drop
add chain=input protocol=udp src-port=568 action=drop
add chain=input protocol=udp src-port=569 action=drop
add chain=input protocol=udp dst-port=1025 action=drop
add chain=input protocol=udp dst-port=12754-13159 action=drop
add chain=input protocol=udp dst-port=135-139 action=drop
add chain=input protocol=udp dst-port=1366 action=drop
add chain=input protocol=udp dst-port=1381 action=drop
add chain=input protocol=udp dst-port=1416 action=drop
add chain=input protocol=udp dst-port=1434 action=drop
add chain=input protocol=udp dst-port=1512 action=drop
add chain=input protocol=udp dst-port=201-209 action=drop
add chain=input protocol=udp dst-port=3031 action=drop
add chain=input protocol=udp dst-port=396 action=drop
add chain=input protocol=udp dst-port=445 action=drop
add chain=input protocol=udp dst-port=513 action=drop
add chain=input protocol=udp dst-port=525 action=drop
add chain=input protocol=udp dst-port=545 action=drop
add chain=input protocol=udp dst-port=568 action=drop
add chain=input protocol=udp dst-port=569 action=drop
add chain=forward src-address=192.168.145.136/30 action=accept comment=charles

firewall mangle
add chain=prerouting p2p=all-p2p action=mark-packet new-packet-mark=P2P_Packet passthrough=yes

add chain=prerouting p2p=all-p2p action=mark-connection new-connection-mark=P2P_Conect passthrough=yes


queue simple
add name="charles" target-addresses=192.169.80.1/29 dst-address=0.0.0.0/0 interface=all parent=none direction=both priority=5 queue=ethernet-default/ethernet-default limit-at=409000/409000 max-limit=512000/512000 total-queue=default

Queue tree
add name="QoS_P2P" parent=global-total packet-mark=P2P_Packet limit-at=1000000 queue=ethernet-default priority=5 max-limit=1000000 burst-limit=0 burst-threshold=0 burst-time=0s

add name="P2P_Conect" parent=QoS_P2P packet-mark=P2P_Packet limit-at=0 queue=ethernet-default priority=5 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s

Related Post :



0 comments:

R