D4n9k3l's Blog
Just another WordPress.com weblog

Setting PPPoE Speedy di Mikrotik Untuk Warnet

/interface ethernet set ether1 name=Speedy
/interface ethernet set ether2 name=Local

/ip address add address=192.168.1.2/24 interface=Speedy
/ip address add address=192.168.0.1/24 interface=Local

/interface pppoe-client add name=pppoe-user-speedy user=xxxxxxxxxxx@telkom.net password=xxxxxxxxx  interface=Speedy service-name=internet disabled=no
/ip route add gateway=118.96.0.1
/ip dns set primary-dns=203.130.196.5 allow-remote-request=yes
/ip dns set secondary-dns=203.130.208.18  allow-remote-request=yes
/ip firewall nat add chain=srcnat action=masquerade

/ip pool add name=dhcp-pool ranges=192.168.0.2-192.168.0.254
/ip dhcp-server network add address=192.168.0.0/24 gateway=192.168.0.1 dns-server=203.130.196.5,203.130.208.18
/ip dhcp-server add name=DHCP_LAN disabled=no interface=Local address-pool=dhcp-pool

Pengaturan IP Address List

http://www.mikrotik.co.id/getfile.php?nf=nice.rsc

C:>dir nice.*

Volume in drive C has no label.

Volume Serial Number is 5418-6EEF

Directory of C:

04/26/2007  06:42p              17,523 nice.rsc

1 File(s)         17,523 bytes

0 Dir(s)  47,038,779,392 bytes free

C:>ftp 192.168.0.1

Connected to 192.168.0.1.

220 R&D FTP server (MikroTik 2.9.39) ready

User (192.168.0.1:(none)): admin

331 Password required for admin

Password: ********

230 User admin logged in

ftp> ascii

200 Type set to A

ftp> put nice.rsc

200 PORT command successful

150 Opening ASCII mode data connection for ‘/nice.rsc’

226 ASCII transfer complete

ftp: 17523 bytes sent in 0.00Seconds 17523000.00Kbytes/sec.

ftp> bye

221 Closing

[admin@MikroTik] > import nice.rsc

Opening script file nice.rsc

Script file loaded and executed successfully

/tool fetch address=ixp.mikrotik.co.id src-path=/download/nice.rsc
/system sched add comment=”update-nice” disabled=no interval=1d name=”update-nice-rsc” on-event=”:if ([:len [/file find name=nice.rsc]] > 0) do={ /file remove nice.rsc };/tool fetch address=ixp.mikrotik.co.id src-path=/download/nice.rsc dst-path=/nice.rsc;/import nice.rsc” start-date=jan/01/1970 start-time=00:01:00
/system sched add comment=”update-nice” disabled=no interval=1d name=”update-nice-rsc” on-event=”:if ([:len [/file find name=nice.rsc]] > 0) do={ /file remove nice.rsc };/tool fetch address=ixp.mikrotik.co.id path=/download/nice.rsc;/import nice.rsc” start-date=jan/01/1970 start-time=00:12:00
MT3.10
/system sched add comment=”update-nice” disabled=no interval=1d name=”update-nice-rsc” on-event=”:if ([:len [/file find name=nice.rsc]] > 0) do={ /file remove nice.rsc }; /tool fetch address=ixp.mikrotik.co.id path=/download/nice.rsc;/import nice.rsc” start-date=jan/01/1970 start-time=00:18:00

/ip firewall mangle add chain=prerouting in-interface=Local dst-address-list=nice action=mark-connection new-connection-mark=conn-iix passthrough=yes
/ip firewall mangle add chain=prerouting connection-mark=conn-iix action=mark-packet new-packet-mark=packet-iix passthrough=no
/ip firewall mangle add chain=output connection-mark=conn-iix action=mark-packet new-packet-mark=packet-iix passthrough=no
/ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=packet-ix passthrough=no
/ip firewall mangle add chain=output action=mark-packet new-packet-mark=packet-ix passthrough=no

/queue simple add name=”SERV-iix” target-addresses=192.168.0.2/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small
/queue simple add name=”PC01-iix” target-addresses=192.168.0.3/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small
/queue simple add name=”PC02-iix” target-addresses=192.168.0.4/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small
/queue simple add name=”PC03-iix” target-addresses=192.168.0.5/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small
/queue simple add name=”PC04-iix” target-addresses=192.168.0.6/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small
/queue simple add name=”PC05-iix” target-addresses=192.168.0.7/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small
/queue simple add name=”PC06-iix” target-addresses=192.168.0.8/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small
/queue simple add name=”PC07-iix” target-addresses=192.168.0.9/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small
/queue simple add name=”PC08-iix” target-addresses=192.168.0.10/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small

/queue simple add name=”SERV-ix” target-addresses=192.168.0.2/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small
/queue simple add name=”PC01-ix” target-addresses=192.168.0.3/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small
/queue simple add name=”PC02-ix” target-addresses=192.168.0.4/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small
/queue simple add name=”PC03-ix” target-addresses=192.168.0.5/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small
/queue simple add name=”PC04-ix” target-addresses=192.168.0.6/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small
/queue simple add name=”PC05-ix” target-addresses=192.168.0.7/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small
/queue simple add name=”PC06-ix” target-addresses=192.168.0.8/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small
/queue simple add name=”PC07-ix” target-addresses=192.168.0.9/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small
/queue simple add name=”PC08-ix” target-addresses=192.168.0.10/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small

/ip proxy set enabled=yes src-address=119.110.76.76 port=3128 hostname=”proxy1.indowebster.com” transparent-proxy=yes parent-proxy=0.0.0.0:0 \ cache-administrator=”admin@mesin.proxy.net” max-object-size=4096KiB cache-drive=system max-cache-size=unlimited \ max-ram-cache-size=unlimited
/ip proxy set always-from-cache=yes cache-administrator=webmaster cache-hit-dscp=4 cache-on-disk=yes enabled=yes max-cache-size=none max-client-connections=600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 parent-proxy-port=0 port=3128 serialize-connections=yes src-address=0.0.0.0
enabled: yes
/ip proxy se src-address=119.110.76.76 port=3128 parent-proxy=0.0.0.0 parent-proxy-port=0 cache-drive=system cache-administrator=”admin@mesin.proxy.net” max-cache-size=none cache-on-disk=yes max-client-connections=600 max-server-connections=600 max-fresh-time=3d serialize-connections=yes always-from-cache=yes cache-hit-dscp=4
/ip proxy set always-from-cache=yes cache-administrator=d4n9k3l@star.net cache-drive=system cache-hit-dscp=4 cache-on-disk=yes enabled=yes max-cache-size=unlimited \ max-client-connections=600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 parent-proxy-port=0 port=3128 serialize-connections=no \ src-address=0.0.0.0

/ip proxy access
add dst-port=23-25 action=deny comment=”block telnet & spam e-mail relaying” disabled=no
add dst-port=443-563 action=deny comment=”” disabled=no
add dst-port=21 action=deny comment=”” disabled=no
add dst-port=21 action=deny comment=”” disabled=no
add dst-port=1025-65535 action=deny comment=”” disabled=no
add dst-port=280,488,591,777 action=deny comment=”” disabled=no
add dst-port=81,82,10000 action=deny comment=”” disabled=no
add dst-port=8291 action=allow comment=”” disabled=no
add src-address=127.0.0.1/32 action=allow comment=”localhost” disabled=no
add src-address=10.40.93.0/24 action=allow comment=”” disabled=no
add src-address=192.168.0.0/24 action=allow comment=”local address” disabled=no
add action=deny comment=”” disabled=no

/ip web-proxy cache
add url=”:cgi-bin \\?” action=deny comment=”don’t cache dynamic http pages” disabled=no

/ip firewall nat
add chain=dstnat in-interface=Local protocol=tcp dst-port=80 src-address-list=iplan dst-address-list=192.168.0.0/24 action=redirect \ to-ports=3128 comment=”” disabled=no
add chain=dstnat in-interface=Local protocol=tcp dst-port=8080 src-address-list=iplan dst-address-list=192.168.0.0/24 \ action=redirect to-ports=3128 comment=”” disabled=no
add chain=dstnat protocol=tcp dst-port=80 action=accept comment=”” disabled=no
add chain=dstnat protocol=tcp dst-port=8080 action=accept comment=”” disabled=no

/ip firewall filter add chain=input in-interface=Speedy src-address=0.0.0.0 protocol=tcp dst-port=3128 action=drop comment=”” disabled=no

/ip firewall filter
add chain=forward protocol=tcp dst-port=25 src-address-list=spammer action=drop comment=”BLOCK SPAMMERS OR INFECTED USERS”
add chain=forward protocol=tcp dst-port=25 connection-limit=30,32 limit=50,5 action=add-src-to-address-list address-list=spammer address-list-timeout=1d comment=”Detect and add-list SMTP virus or spammers”

/system script add name=”spammers” source=”:log error \”———-Users detected like \ SPAMMERS ————-\”; \n: foreach i in \ [/ip firewall address-list find \ list=spammer \ ] do={:set usser \ [/ip firewall address-list get \$i \ address\ ]; \n:foreach j in=\ [/ip hotspot active find address=\$usser \ ] \ do={:set ip \ [/ip hotspot active get \$j user \ ]; \n:log error \$ip; \n:log \ error \$usser} };” policy=ftp,read,write,policy,test,winbox

/ip firewall filter
add chain=forward connection-state=established comment=”allow established connections”
add chain=forward connection-state=related comment=”allow related connections”
add chain=forward connection-state=invalid action=drop comment=”drop invalid connections”
add chain=virus protocol=tcp dst-port=135-139 action=drop comment=”Drop Blaster Worm”
add chain=virus protocol=udp dst-port=135-139 action=drop comment=”Drop Messenger Worm”
add chain=virus protocol=tcp dst-port=445 action=drop comment=”Drop Blaster Worm”
add chain=virus protocol=udp dst-port=445 action=drop comment=”Drop Blaster Worm”
add chain=virus protocol=tcp dst-port=593 action=drop comment=”________”
add chain=virus protocol=tcp dst-port=1024-1030 action=drop comment=”________”
add chain=virus protocol=tcp dst-port=1080 action=drop comment=”Drop MyDoom”
add chain=virus protocol=tcp dst-port=1214 action=drop comment=”________”
add chain=virus protocol=tcp dst-port=1363 action=drop comment=”ndm requester”
add chain=virus protocol=tcp dst-port=1364 action=drop comment=”ndm server”
add chain=virus protocol=tcp dst-port=1368 action=drop comment=”screen cast”
add chain=virus protocol=tcp dst-port=1373 action=drop comment=”hromgrafx”
add chain=virus protocol=tcp dst-port=1377 action=drop comment=”cichlid”
add chain=virus protocol=tcp dst-port=1433-1434 action=drop comment=”Worm”
add chain=virus protocol=tcp dst-port=2745 action=drop comment=”Bagle Virus”
add chain=virus protocol=tcp dst-port=2283 action=drop comment=”Drop Dumaru.Y”
add chain=virus protocol=tcp dst-port=2535 action=drop comment=”Drop Beagle”
add chain=virus protocol=tcp dst-port=2745 action=drop comment=”Drop Beagle.C-K”
add chain=virus protocol=tcp dst-port=3127-3128 action=drop comment=”Drop MyDoom”
add chain=virus protocol=tcp dst-port=3410 action=drop comment=”Drop Backdoor OptixPro”
add chain=virus protocol=tcp dst-port=4444 action=drop comment=”Worm”
add chain=virus protocol=udp dst-port=4444 action=drop comment=”Worm”
add chain=virus protocol=tcp dst-port=5554 action=drop comment=”Drop Sasser”
add chain=virus protocol=tcp dst-port=8866 action=drop comment=”Drop Beagle.B”
add chain=virus protocol=tcp dst-port=9898 action=drop comment=”Drop Dabber.A-B”
add chain=virus protocol=tcp dst-port=10000 action=drop comment=”Drop Dumaru.Y”
add chain=virus protocol=tcp dst-port=10080 action=drop comment=”Drop MyDoom.B”
add chain=virus protocol=tcp dst-port=12345 action=drop comment=”Drop NetBus”
add chain=virus protocol=tcp dst-port=17300 action=drop comment=”Drop Kuang2″
add chain=virus protocol=tcp dst-port=27374 action=drop comment=”Drop SubSeven”
add chain=virus protocol=tcp dst-port=65506 action=drop comment=”Drop PhatBot, Agobot, Gaobot”
add chain=forward action=jump jump-target=virus comment=”jump to the virus chain”
add chain=forward action=accept protocol=tcp dst-port=80 comment=”Allow HTTP”
add chain=forward action=accept protocol=tcp dst-port=25 comment=”Allow SMTP”
add chain=forward protocol=tcp comment=”allow TCP”
add chain=forward protocol=icmp comment=”allow ping”
add chain=forward protocol=udp comment=”allow udp”
add chain=forward action=drop comment=”drop everything else”

/ ip firewall filter
add chain=input in-interface=”pppoe-user-speedy” src-address=0.0.0.0 protocol=tcp dst-port=”3128″ action=drop comment=”” disabled=no

semoga membantu :P

Skrip By IzY a.K.a d4n9k3l

About these ads

Belum Ada Tanggapan to “Setting PPPoE Speedy di Mikrotik Untuk Warnet”

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Logout / Ubah )

Twitter picture

You are commenting using your Twitter account. Logout / Ubah )

Facebook photo

You are commenting using your Facebook account. Logout / Ubah )

Google+ photo

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s

Ikuti

Get every new post delivered to your Inbox.

%d bloggers like this: