SHOW:
|
|
- or go back to the newest paste.
| 1 | #indihome 10mbps, single wan/internet | |
| 2 | #ether1 adalah wan/sumber internet | |
| 3 | ||
| 4 | #firewall address list | |
| 5 | /ip firewall address-list | |
| 6 | add list="private-lokal" address=0.0.0.0/8 | |
| 7 | add list="private-lokal" address=10.0.0.0/8 | |
| 8 | add list="private-lokal" address=100.64.0.0/10 | |
| 9 | add list="private-lokal" address=127.0.0.0/8 | |
| 10 | add list="private-lokal" address=169.254.0.0/16 | |
| 11 | add list="private-lokal" address=172.16.0.0/12 | |
| 12 | add list="private-lokal" address=192.0.0.0/24 | |
| 13 | add list="private-lokal" address=192.0.2.0/24 | |
| 14 | add list="private-lokal" address=192.168.0.0/16 | |
| 15 | add list="private-lokal" address=198.18.0.0/15 | |
| 16 | add list="private-lokal" address=198.51.100.0/24 | |
| 17 | add list="private-lokal" address=203.0.113.0/24 | |
| 18 | add list="private-lokal" address=224.0.0.0/3 | |
| 19 | ||
| 20 | ||
| 21 | #firewall mangle | |
| 22 | /ip firewall mangle | |
| 23 | add action=mark-connection chain=input comment=private-lokal dst-address-list=private-lokal new-connection-mark=private-lokal passthrough=yes \ | |
| 24 | src-address-list=private-lokal | |
| 25 | add action=mark-connection chain=prerouting comment=private-lokal dst-address-list=private-lokal new-connection-mark=private-lokal passthrough=yes \ | |
| 26 | src-address-list=private-lokal | |
| 27 | add action=mark-connection chain=forward comment=private-lokal dst-address-list=private-lokal new-connection-mark=private-lokal passthrough=yes \ | |
| 28 | src-address-list=private-lokal | |
| 29 | add action=mark-connection chain=postrouting comment=private-lokal dst-address-list=private-lokal new-connection-mark=private-lokal passthrough=yes \ | |
| 30 | src-address-list=private-lokal | |
| 31 | add action=mark-connection chain=output comment=private-lokal dst-address-list=private-lokal new-connection-mark=private-lokal passthrough=yes \ | |
| 32 | src-address-list=private-lokal | |
| 33 | add action=mark-packet chain=input comment=private-lokal connection-mark=private-lokal new-packet-mark=private-lokal passthrough=no | |
| 34 | add action=mark-packet chain=prerouting comment=private-lokal connection-mark=private-lokal new-packet-mark=private-lokal passthrough=no | |
| 35 | add action=mark-packet chain=forward comment=private-lokal connection-mark=private-lokal new-packet-mark=private-lokal passthrough=no | |
| 36 | add action=mark-packet chain=postrouting comment=private-lokal connection-mark=private-lokal new-packet-mark=private-lokal passthrough=no | |
| 37 | add action=mark-packet chain=output comment=private-lokal connection-mark=private-lokal new-packet-mark=private-lokal passthrough=no | |
| 38 | add action=mark-connection chain=prerouting comment=vip new-connection-mark=vip passthrough=yes protocol=icmp | |
| 39 | add action=mark-connection chain=prerouting comment=vip new-connection-mark=vip passthrough=yes port=53,5353,123 protocol=tcp | |
| 40 | add action=mark-connection chain=prerouting comment=vip new-connection-mark=vip passthrough=yes port=53,5353,123 protocol=udp | |
| 41 | add action=mark-packet chain=prerouting comment=vip connection-mark=vip new-packet-mark=vip passthrough=no | |
| 42 | add action=jump chain=prerouting connection-rate=0-384k jump-target=jump1 port=!21,22,23,80,81,88,5050,843,443,182,282,8777,1935,8000-8081 protocol=tcp | |
| 43 | add action=jump chain=prerouting connection-rate=0-384k jump-target=jump1 port=!21,22,23,80,81,88,5050,843,443,182,282,8777,1935,8000-8081 protocol=udp | |
| 44 | add action=mark-connection chain=jump1 comment=games connection-rate=0-384k new-connection-mark=games passthrough=yes port=!53,5353,5938,8291,12671-12675,123 \ | |
| 45 | protocol=tcp | |
| 46 | add action=mark-connection chain=jump1 comment=games connection-rate=0-384k new-connection-mark=games passthrough=yes port=!53,5353,5938,8291,12671-12675,123 \ | |
| 47 | protocol=udp | |
| 48 | add action=return chain=jump1 | |
| 49 | add action=mark-packet chain=prerouting comment=games connection-mark=games new-packet-mark=games passthrough=no | |
| 50 | add action=mark-connection chain=prerouting comment=high connection-bytes=100000001-0 new-connection-mark=high passthrough=yes | |
| 51 | add action=mark-packet chain=prerouting comment=high connection-mark=high new-packet-mark=high passthrough=no | |
| 52 | add action=mark-connection chain=prerouting comment=midle connection-bytes=10000001-100000000 new-connection-mark=midle passthrough=yes | |
| 53 | add action=mark-packet chain=prerouting connection-mark=midle new-packet-mark=midle passthrough=no | |
| 54 | add action=mark-connection chain=prerouting comment=low connection-bytes=3000001-10000000 new-connection-mark=low passthrough=yes | |
| 55 | add action=mark-packet chain=prerouting comment=low connection-mark=low new-packet-mark=low passthrough=no | |
| 56 | add action=mark-connection chain=prerouting comment=lower connection-bytes=1000001-3000000 new-connection-mark=lower passthrough=yes | |
| 57 | add action=mark-packet chain=prerouting comment=lower connection-mark=lower new-packet-mark=lower passthrough=no | |
| 58 | add action=mark-connection chain=prerouting comment=lowest connection-bytes=0-1000000 new-connection-mark=lowest passthrough=yes | |
| 59 | add action=mark-packet chain=prerouting comment=lowest connection-mark=lowest new-packet-mark=lowest passthrough=no | |
| 60 | add action=mark-connection chain=prerouting comment=unknown new-connection-mark=unknown passthrough=yes | |
| 61 | add action=mark-packet chain=prerouting comment=unknown connection-mark=unknown new-packet-mark=unknown passthrough=no | |
| 62 | ||
| 63 | #queue tree | |
| 64 | /queue tree | |
| 65 | add max-limit=100M name=A.DOWN parent=global queue=default | |
| 66 | add limit-at=64k max-limit=100M name=A.01.VIP packet-mark=vip parent=A.DOWN priority=1 queue=default | |
| 67 | add limit-at=2M max-limit=100M name=A.02.GAMES-ONLINE packet-mark=games parent=A.DOWN priority=2 queue=default | |
| 68 | add limit-at=8M max-limit=8M name=A.03.BYTES-TRAFIK parent=A.DOWN queue=default | |
| 69 | add limit-at=1M max-limit=8M name=A.1.LOWES packet-mark=lowest parent=A.03.BYTES-TRAFIK priority=4 queue=pcq-download-default | |
| 70 | add limit-at=1M max-limit=8M name=A.2.LOWER packet-mark=lower parent=A.03.BYTES-TRAFIK priority=5 queue=pcq-download-default | |
| 71 | add limit-at=1M max-limit=8M name=A.3.LOW packet-mark=low parent=A.03.BYTES-TRAFIK priority=6 queue=pcq-download-default | |
| 72 | add limit-at=1M max-limit=8M name=A.4.MIDLE packet-mark=midle parent=A.03.BYTES-TRAFIK priority=7 queue=pcq-download-default | |
| 73 | add limit-at=1M max-limit=8M name=A.5.HIGH packet-mark=high parent=A.03.BYTES-TRAFIK queue=pcq-download-default | |
| 74 | add limit-at=1M max-limit=8M name=A.6.UNKNOWN packet-mark=unknown parent=A.03.BYTES-TRAFIK queue=pcq-download-default | |
| 75 | add max-limit=100M name=B.UP parent=ether1 queue=default | |
| 76 | add limit-at=64k max-limit=100M name=B.01.VIP packet-mark=vip parent=B.UP priority=1 queue=default | |
| 77 | add limit-at=1M max-limit=100M name=B.02.GAMES-ONLINE packet-mark=games parent=B.UP priority=2 queue=default | |
| 78 | add limit-at=1M max-limit=1M name=B.03.BYTES-TRAFIK parent=B.UP queue=default | |
| 79 | add limit-at=100k max-limit=1M name=B.1.LOWES packet-mark=lowest parent=B.03.BYTES-TRAFIK priority=4 queue=pcq-upload-default | |
| 80 | add limit-at=100k max-limit=1M name=B.2.LOWER packet-mark=lower parent=B.03.BYTES-TRAFIK priority=5 queue=pcq-upload-default | |
| 81 | add limit-at=100k max-limit=1M name=B.3.LOW packet-mark=low parent=B.03.BYTES-TRAFIK priority=6 queue=pcq-upload-default | |
| 82 | add limit-at=100k max-limit=1M name=B.4.MIDLE packet-mark=midle parent=B.03.BYTES-TRAFIK priority=7 queue=pcq-upload-default | |
| 83 | add limit-at=100k max-limit=1M name=B.5.HIGH packet-mark=high parent=B.03.BYTES-TRAFIK queue=pcq-upload-default | |
| 84 | add limit-at=100k max-limit=1M name=B.6.UNKNOWN packet-mark=unknown parent=B.03.BYTES-TRAFIK queue=pcq-upload-default |
