============================================================== == management bandwidth untuk kantor dengan mikrotik RB750G == ============================================================== layer7-protocol add name=big regexp="^.*get.+\.(0[0-9][1-9]|exe|msi|iso|flv|mkv|avi|mp[2-4]|3gp| 3gpp|rm|rmvb|flac|img|dat|mov|vob|vcd|wav|wmv|wma|m4a|m4v|m1v|mpa|mpe|mpeg|mpg|n rg|mdf|mds|div|DivX|uif|srt|bin|idx|cab|gz|avc|gem|mcs|klz|kdc).

*$" add name=idm regexp="get /.*(user-agent: mozilla/4.0|range: bytes=)" add name=mid regexp="^.*get.+\.(zip|rar|7z).*$" add name=torrent regexp="^.*get.+\.(torrent).*$" add name=video regexp="http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0 d -~]*(content-type: video)" add name=web-game regexp="^.+(playdom.com|ea.com|zynga.com|king.com|wooga.com|so cialpoint.es).*$" ip firewall address-list add list=ip-allowed address=10.30.5.2-10.30.5.6 comment="IP LAN" add list=ip-allowed address=10.30.5.8-10.30.5.11 add list=ip-allowed address=10.30.5.16 add list=ip-limit address=10.30.5.3-10.30.5.6 comment="Limit IP" add list=ip-limit address=10.30.5.9-10.30.5.11 add list=ip-limit address=10.30.5.16 add list=web-allowed address=103.7.87.106 comment=" add list=web-allowed address=117.102.252.235 .. filter add chain=forward src-address-list=ip-limit layer7-protocol=idm action=drop comm ent="1 Line IDM" add chain=forward protocol=tcp dst-port=80 src-address-list=ip-limit dst-address -list=!web-allowed layer7-protocol=big action=add-dst-to-address-list address-li st=download comment="Limit Extension" add chain=forward protocol=tcp dst-port=80 src-address-list=ip-limit dst-address -list=!web-allowed layer7-protocol=mid connection-bytes=10485761-4294967295 acti on=add-dst-to-address-list address-list=download add chain=forward p2p=all-p2p src-address-list=ip-limit action=drop comment="blo ck torrent" add chain=forward protocol=tcp dst-port=80 src-address-list=ip-limit layer7-prot ocol=torrent action=drop comment="block torrent file" add chain=forward in-interface=LAN-Office src-address-list=!ip-allowed action=ju mp jump-target=ip-blocked comment="block others IP LAN" add chain=ip-blocked action=log log-prefix="" add chain=ip-blocked action=drop add chain=forward src-address=!10.30.5.2 src-mac-address=10:78:D2:12:C8:86 actio n=drop add chain=forward src-address=!10.30.5.3 src-mac-address=00:25:22:F4:26:24 actio n=drop add chain=forward src-address=!10.30.5.4 src-mac-address=00:25:22:F4:E5:F7 actio n=drop add chain=forward src-address=!10.30.5.5 src-mac-address=00:25:22:F4:32:CC actio n=drop add chain=forward src-address=!10.30.5.6 src-mac-address=00:25:22:F4:26:25 actio n=drop add chain=forward src-address=!10.30.5.8 src-mac-address=00:25:22:F4:26:5A actio n=drop add chain=forward src-address=!10.30.5.9 src-mac-address=00:25:22:F4:26:47 actio n=drop add chain=forward src-address=!10.30.5.10 src-mac-address=00:25:22:F4:26:54 acti on=drop add chain=forward src-address=!10.30.5.11 src-mac-address=00:E0:B6:03:47:FC acti

on=drop add chain=forward src-address=!10.30.5.16 src-mac-address=00:E0:B6:03:47:FC acti on=drop .. mangle add chain=prerouting src-address-list=ip-limit dst-address-list=download action= mark-connection new-connection-mark=down-conn passthrough=yes add chain=prerouting connection-mark=down-conn action=mark-packet new-packet-mar k=down-pack passthrough=no add chain=prerouting protocol=tcp src-address-list=ip-limit dst-address-list=!we b-allowed layer7-protocol=video action=mark-connection new-connection-mark=strea m-conn passthrough=yes add chain=prerouting connection-mark=stream-conn action=mark-packet new-packet-m ark=stream-pack passthrough=no add chain=prerouting protocol=tcp src-address-list=ip-limit layer7-protocol=webgame action=mark-connection new-connection-mark=game-conn passthrough=yes add chain=prerouting connection-mark=game-conn action=mark-packet new-packet-mar k=game-pack passthrough=no .. .. .. queue type add name=pcq-stream kind=pcq pcq-rate=8000 pcq-limit=50 pcq-total-limit=2000 pcq -classifier=dst-address add name=pcq-game kind=pcq pcq-rate=8000 pcq-limit=50 pcq-total-limit=2000 pcq-c lassifier=dst-address add name=pcq-down kind=pcq pcq-rate=32000 pcq-limit=50 pcq-total-limit=2000 pcqclassifier=dst-address .. tree add name=traffics-light parent=LAN-Office priority=3 limit-at=1M max-limit=2M add name=streaming parent=traffics-light packet-mark=stream-pack queue=pcq-strea m priority=6 add name=game parent=traffics-light packet-mark=game-pack queue=pcq-game priorit y=7 add name=download parent=traffics-light packet-mark=down-pack queue=pcq-down pri ority=8 .. .. system script add name=script-download source=":foreach i in=[/ip firewall address-list find l ist=download dynamic=yes] do={:if([:len [/ip firewall connection find src-addres s=([/ip firewall address-list get $i address]. ":80")]]=0) do={/ip firewall addr ess-list remove $i}}" .. scheduler add name=scheduler-download on-event=script-download start-date=jan/01/1970 star t-time=00:00:00 interval=5 .. ..