/ip firewall layer7-protocol add name="http-video"
regexp="http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5][0-9][0-9][\\x09-\\x0d
-~]*(content-type: video)"
/ip firewall layer7-protocol add name="file-msi"
regexp="\\.(msi)"
/ip firewall layer7-protocol add name="file-exe"
regexp="\\.(exe)"
/ip firewall layer7-protocol add name="file-rar"
regexp="\\.(rar)"
/ip firewall layer7-protocol add name="file-zip"
regexp="\\.(zip)"
/ip firewall layer7-protocol add name="file-7z"
regexp="\\.(7z)"
/ip firewall layer7-protocol add name="file-cab"
regexp="\\.(cab)"
/ip firewall layer7-protocol add name="file-asf"
regexp="\\.(asf)"
/ip firewall layer7-protocol add name="file-mov"
regexp="\\.(mov)"
/ip firewall layer7-protocol add name="file-wmv"
regexp="\\.(wmv)"
/ip firewall layer7-protocol add name="file-mpg"
regexp="\\.(mpg)"
/ip firewall layer7-protocol add name="file-mpeg"
regexp="\\.(mpeg)"
/ip firewall layer7-protocol add name="file-mkv"
regexp="\\.(mkv)"
/ip firewall layer7-protocol add name="file-avi"
regexp="\\.(avi)"
/ip firewall layer7-protocol add name="file-flv"
regexp="\\.(flv)"
/ip firewall layer7-protocol add name="file-pdf"
regexp="\\.(pdf)"
/ip firewall layer7-protocol add name="file-wav"
regexp="\\.(wav)"
/ip firewall layer7-protocol add name="file-rm"
regexp="\\.(rm)"
/ip firewall layer7-protocol add name="file-mp3"
regexp="\\.(mp3)"
/ip firewall layer7-protocol add name="file-mp4"
regexp="\\.(mp4)"
/ip firewall layer7-protocol add name="file-ram"
regexp="\\.(ram)"
/ip firewall layer7-protocol add name="file-rmvb"
regexp="\\.(rmvb)"
/ip firewall layer7-protocol add name="file-dat"
regexp="\\.(dat)"
/ip firewall layer7-protocol add name="file-daa"
regexp="\\.(daa)"
/ip firewall layer7-protocol add name="file-iso"
regexp="\\.(iso)"
/ip firewall layer7-protocol add name="file-nrg"
regexp="\\.(nrg)"
/ip firewall layer7-protocol add name="file-bin"
regexp="\\.(bin)"
/ip firewall layer7-protocol add name="file-vcd"
regexp="\\.(vcd)"
/ip firewall layer7-protocol add name="file-mp2"
regexp="\\.(mp2)"
/ip firewall layer7-protocol add name="file-3gp"
regexp="\\.(3gp)"
/ip firewall layer7-protocol add name="file-mpe"
regexp="\\.(mpe)"
/ip firewall layer7-protocol add name="file-qt"
regexp="\\.(qt)"
/ip firewall layer7-protocol add name="file-raw"
regexp="\\.(raw)"
/ip firewall layer7-protocol add name="file-wma"
regexp="\\.(wma)"
/ip firewall layer7-protocol add name="file-ogg"
regexp="\\.(ogg)"
/ip firewall layer7-protocol add name="file-webm"
regexp="\\.(webm)"
/ip firewall layer7-protocol add name="file-gz"
regexp="\\.(gz)"
/ip firewall layer7-protocol add name="file-tar"
regexp="\\.(tar)"
/ip firewall layer7-protocol add name="file-rpm"
regexp="\\.(rpm)"
/ip firewall layer7-protocol add name="file-dmg"
regexp="\\.(dmg)"
Pada mikrotik yang sudah bisa bekerja berdasarkan address-list ada baik
nya di list kan ip yang anda gunakan di jaringan lokal ( hanya untuk
memudahkan ), misal:
/ip firewall address-list add address=192.168.0.2
list=client disabled=no
/ip firewall address-list add address=192.168.0.3
list=client disabled=no
/ip firewall address-list add address=192.168.0.4
list=client disabled=no
dan seterusnya. Isikan lah sesuai jumlah ip yang anda gunakan bisa juga menggunakan subnet. Kemudian lanjut pada mangle.
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=http-video dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-msi dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-exe dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-rar dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-zip dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-7z dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-cab dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-asf dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-mov dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-wmv dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-mpg dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-mpeg dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-mkv dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-avi dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-flv dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-pdf dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-wav dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-rm dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-mp3 dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-mp4 dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-ram dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-rmvb dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-dat dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-daa dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-iso dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-nrg dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-bin dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-vcd dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-mp2 dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-3gp dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-mpe dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-qt dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-raw dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-wma dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-ogg dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-webm dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-gz dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-tar dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-rpm dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
Untuk pembagian bandwidth pada queue tree tambahkan seperti ini, misal anda mengalokasi kan bandwidth 384k
/queue tree add name="total-download"
parent=to-client packet-mark=download limit-at=128k queue=default priority=8
max-limit=384k burst-limit=0 burst-threshold=0 burst-time=0s
Jika ingin pakai pcq, cara nya begini:
/queue type add kind=pcq name=pcq-download
pcq-classifier=dst-address
/queue tree add name="total-download"
parent=to-client packet-mark=download limit-at=128k queue=pcq-download
priority=8 max-limit=384k burst-limit=0 burst-threshold=0 burst-time=0s
Selamat mencoba…
No comments:
Post a Comment