D4n9k3l's Blog
Just another WordPress.com weblog

Setting PPPoE Speedy di Mikrotik Untuk Warnet

/interface ethernet set ether1 name=Speedy
/interface ethernet set ether2 name=Local

/ip address add address=192.168.1.2/24 interface=Speedy
/ip address add address=192.168.0.1/24 interface=Local

/interface pppoe-client add name=pppoe-user-speedy user=xxxxxxxxxxx@telkom.net password=xxxxxxxxx  interface=Speedy service-name=internet disabled=no
/ip route add gateway=118.96.0.1
/ip dns set primary-dns=203.130.196.5 allow-remote-request=yes
/ip dns set secondary-dns=203.130.208.18  allow-remote-request=yes
/ip firewall nat add chain=srcnat action=masquerade

/ip pool add name=dhcp-pool ranges=192.168.0.2-192.168.0.254
/ip dhcp-server network add address=192.168.0.0/24 gateway=192.168.0.1 dns-server=203.130.196.5,203.130.208.18
/ip dhcp-server add name=DHCP_LAN disabled=no interface=Local address-pool=dhcp-pool

Pengaturan IP Address List
http://www.mikrotik.co.id/getfile.php?nf=nice.rsc
C:>dir nice.*

Volume in drive C has no label.

Volume Serial Number is 5418-6EEF

Directory of C:

04/26/2007  06:42p              17,523 nice.rsc

1 File(s)         17,523 bytes

0 Dir(s)  47,038,779,392 bytes free

C:>ftp 192.168.0.1

Connected to 192.168.0.1.

220 R&D FTP server (MikroTik 2.9.39) ready

User (192.168.0.1:(none)): admin

331 Password required for admin

Password: ********

230 User admin logged in

ftp> ascii

200 Type set to A

ftp> put nice.rsc

200 PORT command successful

150 Opening ASCII mode data connection for ‘/nice.rsc’

226 ASCII transfer complete

ftp: 17523 bytes sent in 0.00Seconds 17523000.00Kbytes/sec.

ftp> bye

221 Closing

[admin@MikroTik] > import nice.rsc

Opening script file nice.rsc

Script file loaded and executed successfully

/tool fetch address=ixp.mikrotik.co.id src-path=/download/nice.rsc
/system sched add comment=”update-nice” disabled=no interval=1d name=”update-nice-rsc” on-event=”:if ([:len [/file find name=nice.rsc]] > 0) do={ /file remove nice.rsc };/tool fetch address=ixp.mikrotik.co.id src-path=/download/nice.rsc dst-path=/nice.rsc;/import nice.rsc” start-date=jan/01/1970 start-time=00:01:00
/system sched add comment=”update-nice” disabled=no interval=1d name=”update-nice-rsc” on-event=”:if ([:len [/file find name=nice.rsc]] > 0) do={ /file remove nice.rsc };/tool fetch address=ixp.mikrotik.co.id path=/download/nice.rsc;/import nice.rsc” start-date=jan/01/1970 start-time=00:12:00
MT3.10
/system sched add comment=”update-nice” disabled=no interval=1d name=”update-nice-rsc” on-event=”:if ([:len [/file find name=nice.rsc]] > 0) do={ /file remove nice.rsc }; /tool fetch address=ixp.mikrotik.co.id path=/download/nice.rsc;/import nice.rsc” start-date=jan/01/1970 start-time=00:18:00

/ip firewall mangle add chain=prerouting in-interface=Local dst-address-list=nice action=mark-connection new-connection-mark=conn-iix passthrough=yes
/ip firewall mangle add chain=prerouting connection-mark=conn-iix action=mark-packet new-packet-mark=packet-iix passthrough=no
/ip firewall mangle add chain=output connection-mark=conn-iix action=mark-packet new-packet-mark=packet-iix passthrough=no
/ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=packet-ix passthrough=no
/ip firewall mangle add chain=output action=mark-packet new-packet-mark=packet-ix passthrough=no

/queue simple add name=”SERV-iix” target-addresses=192.168.0.2/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small
/queue simple add name=”PC01-iix” target-addresses=192.168.0.3/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small
/queue simple add name=”PC02-iix” target-addresses=192.168.0.4/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small
/queue simple add name=”PC03-iix” target-addresses=192.168.0.5/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small
/queue simple add name=”PC04-iix” target-addresses=192.168.0.6/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small
/queue simple add name=”PC05-iix” target-addresses=192.168.0.7/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small
/queue simple add name=”PC06-iix” target-addresses=192.168.0.8/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small
/queue simple add name=”PC07-iix” target-addresses=192.168.0.9/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small
/queue simple add name=”PC08-iix” target-addresses=192.168.0.10/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-iix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/256000 total-queue=default-small

/queue simple add name=”SERV-ix” target-addresses=192.168.0.2/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small
/queue simple add name=”PC01-ix” target-addresses=192.168.0.3/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small
/queue simple add name=”PC02-ix” target-addresses=192.168.0.4/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small
/queue simple add name=”PC03-ix” target-addresses=192.168.0.5/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small
/queue simple add name=”PC04-ix” target-addresses=192.168.0.6/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small
/queue simple add name=”PC05-ix” target-addresses=192.168.0.7/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small
/queue simple add name=”PC06-ix” target-addresses=192.168.0.8/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small
/queue simple add name=”PC07-ix” target-addresses=192.168.0.9/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small
/queue simple add name=”PC08-ix” target-addresses=192.168.0.10/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=packet-ix direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-queue=default-small

/ip proxy set enabled=yes src-address=119.110.76.76 port=3128 hostname=”proxy1.indowebster.com” transparent-proxy=yes parent-proxy=0.0.0.0:0 \ cache-administrator=”admin@mesin.proxy.net” max-object-size=4096KiB cache-drive=system max-cache-size=unlimited \ max-ram-cache-size=unlimited
/ip proxy set always-from-cache=yes cache-administrator=webmaster cache-hit-dscp=4 cache-on-disk=yes enabled=yes max-cache-size=none max-client-connections=600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 parent-proxy-port=0 port=3128 serialize-connections=yes src-address=0.0.0.0
enabled: yes
/ip proxy se src-address=119.110.76.76 port=3128 parent-proxy=0.0.0.0 parent-proxy-port=0 cache-drive=system cache-administrator=”admin@mesin.proxy.net” max-cache-size=none cache-on-disk=yes max-client-connections=600 max-server-connections=600 max-fresh-time=3d serialize-connections=yes always-from-cache=yes cache-hit-dscp=4
/ip proxy set always-from-cache=yes cache-administrator=d4n9k3l@star.net cache-drive=system cache-hit-dscp=4 cache-on-disk=yes enabled=yes max-cache-size=unlimited \ max-client-connections=600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 parent-proxy-port=0 port=3128 serialize-connections=no \ src-address=0.0.0.0

/ip proxy access
add dst-port=23-25 action=deny comment=”block telnet & spam e-mail relaying” disabled=no
add dst-port=443-563 action=deny comment=”” disabled=no
add dst-port=21 action=deny comment=”” disabled=no
add dst-port=21 action=deny comment=”” disabled=no
add dst-port=1025-65535 action=deny comment=”” disabled=no
add dst-port=280,488,591,777 action=deny comment=”” disabled=no
add dst-port=81,82,10000 action=deny comment=”” disabled=no
add dst-port=8291 action=allow comment=”” disabled=no
add src-address=127.0.0.1/32 action=allow comment=”localhost” disabled=no
add src-address=10.40.93.0/24 action=allow comment=”” disabled=no
add src-address=192.168.0.0/24 action=allow comment=”local address” disabled=no
add action=deny comment=”” disabled=no

/ip web-proxy cache
add url=”:cgi-bin \\?” action=deny comment=”don’t cache dynamic http pages” disabled=no

/ip firewall nat
add chain=dstnat in-interface=Local protocol=tcp dst-port=80 src-address-list=iplan dst-address-list=192.168.0.0/24 action=redirect \ to-ports=3128 comment=”” disabled=no
add chain=dstnat in-interface=Local protocol=tcp dst-port=8080 src-address-list=iplan dst-address-list=192.168.0.0/24 \ action=redirect to-ports=3128 comment=”” disabled=no
add chain=dstnat protocol=tcp dst-port=80 action=accept comment=”” disabled=no
add chain=dstnat protocol=tcp dst-port=8080 action=accept comment=”” disabled=no

/ip firewall filter add chain=input in-interface=Speedy src-address=0.0.0.0 protocol=tcp dst-port=3128 action=drop comment=”” disabled=no

/ip firewall filter
add chain=forward protocol=tcp dst-port=25 src-address-list=spammer action=drop comment=”BLOCK SPAMMERS OR INFECTED USERS”
add chain=forward protocol=tcp dst-port=25 connection-limit=30,32 limit=50,5 action=add-src-to-address-list address-list=spammer address-list-timeout=1d comment=”Detect and add-list SMTP virus or spammers”

/system script add name=”spammers” source=”:log error \”———-Users detected like \ SPAMMERS ————-\”; \n: foreach i in \ [/ip firewall address-list find \ list=spammer \ ] do={:set usser \ [/ip firewall address-list get \$i \ address\ ]; \n:foreach j in=\ [/ip hotspot active find address=\$usser \ ] \ do={:set ip \ [/ip hotspot active get \$j user \ ]; \n:log error \$ip; \n:log \ error \$usser} };” policy=ftp,read,write,policy,test,winbox

/ip firewall filter
add chain=forward connection-state=established comment=”allow established connections”
add chain=forward connection-state=related comment=”allow related connections”
add chain=forward connection-state=invalid action=drop comment=”drop invalid connections”
add chain=virus protocol=tcp dst-port=135-139 action=drop comment=”Drop Blaster Worm”
add chain=virus protocol=udp dst-port=135-139 action=drop comment=”Drop Messenger Worm”
add chain=virus protocol=tcp dst-port=445 action=drop comment=”Drop Blaster Worm”
add chain=virus protocol=udp dst-port=445 action=drop comment=”Drop Blaster Worm”
add chain=virus protocol=tcp dst-port=593 action=drop comment=”________”
add chain=virus protocol=tcp dst-port=1024-1030 action=drop comment=”________”
add chain=virus protocol=tcp dst-port=1080 action=drop comment=”Drop MyDoom”
add chain=virus protocol=tcp dst-port=1214 action=drop comment=”________”
add chain=virus protocol=tcp dst-port=1363 action=drop comment=”ndm requester”
add chain=virus protocol=tcp dst-port=1364 action=drop comment=”ndm server”
add chain=virus protocol=tcp dst-port=1368 action=drop comment=”screen cast”
add chain=virus protocol=tcp dst-port=1373 action=drop comment=”hromgrafx”
add chain=virus protocol=tcp dst-port=1377 action=drop comment=”cichlid”
add chain=virus protocol=tcp dst-port=1433-1434 action=drop comment=”Worm”
add chain=virus protocol=tcp dst-port=2745 action=drop comment=”Bagle Virus”
add chain=virus protocol=tcp dst-port=2283 action=drop comment=”Drop Dumaru.Y”
add chain=virus protocol=tcp dst-port=2535 action=drop comment=”Drop Beagle”
add chain=virus protocol=tcp dst-port=2745 action=drop comment=”Drop Beagle.C-K”
add chain=virus protocol=tcp dst-port=3127-3128 action=drop comment=”Drop MyDoom”
add chain=virus protocol=tcp dst-port=3410 action=drop comment=”Drop Backdoor OptixPro”
add chain=virus protocol=tcp dst-port=4444 action=drop comment=”Worm”
add chain=virus protocol=udp dst-port=4444 action=drop comment=”Worm”
add chain=virus protocol=tcp dst-port=5554 action=drop comment=”Drop Sasser”
add chain=virus protocol=tcp dst-port=8866 action=drop comment=”Drop Beagle.B”
add chain=virus protocol=tcp dst-port=9898 action=drop comment=”Drop Dabber.A-B”
add chain=virus protocol=tcp dst-port=10000 action=drop comment=”Drop Dumaru.Y”
add chain=virus protocol=tcp dst-port=10080 action=drop comment=”Drop MyDoom.B”
add chain=virus protocol=tcp dst-port=12345 action=drop comment=”Drop NetBus”
add chain=virus protocol=tcp dst-port=17300 action=drop comment=”Drop Kuang2″
add chain=virus protocol=tcp dst-port=27374 action=drop comment=”Drop SubSeven”
add chain=virus protocol=tcp dst-port=65506 action=drop comment=”Drop PhatBot, Agobot, Gaobot”
add chain=forward action=jump jump-target=virus comment=”jump to the virus chain”
add chain=forward action=accept protocol=tcp dst-port=80 comment=”Allow HTTP”
add chain=forward action=accept protocol=tcp dst-port=25 comment=”Allow SMTP”
add chain=forward protocol=tcp comment=”allow TCP”
add chain=forward protocol=icmp comment=”allow ping”
add chain=forward protocol=udp comment=”allow udp”
add chain=forward action=drop comment=”drop everything else”

/ ip firewall filter
add chain=input in-interface=”pppoe-user-speedy” src-address=0.0.0.0 protocol=tcp dst-port=”3128″ action=drop comment=”” disabled=no

semoga membantu :P

Skrip By IzY a.K.a d4n9k3l

Belum Ada Tanggapan to “Setting PPPoE Speedy di Mikrotik Untuk Warnet”

Berikan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s

Ikuti

Kirimkan setiap pos baru ke Kotak Masuk Anda.

%d blogger menyukai ini: