Cara Membatasi Download Di Mikrotik

cara membatasi download di mikrotik
ketik di prompt jenis2 file yg akan di batasi:
/ip firewall layer7-protocol

add comment="" name="Extension \" .iso \"" regexp="\\.(iso)"
add comment="" name="Extension \" .zip \"" regexp="\\.(zip)"
add comment="" name="Extension \" .7z \"" regexp="\\.(7z)"
add comment="" name="Extension \" .cab \"" regexp="\\.(cab)"
add comment="" name="Extension \" .asf \"" regexp="\\.(asf)"
add comment="" name="Extension \" .mov \"" regexp="\\.(mov)"
add comment="" name="Extension \" .wmv \"" regexp="\\.(wmv)"
add comment="" name="Extension \" .mpg \"" regexp="\\.(mpg)"
add comment="" name="Extension \" .mpeg \"" regexp="\\.(mpeg)"
add comment="" name="Extension \" .mkv \"" regexp="\\.(mkv)"
add comment="" name="Extension \" .avi \"" regexp="\\.(avi)"
add comment="" name="Extension \" .flv \"" regexp="\\.(flv)"
add comment="" name="Extension \" .wav \"" regexp="\\.(wav)"
add comment="" name="Extension \" .rm \"" regexp="\\.(rm)"
add comment="" name="Extension \" .mp3 \"" regexp="\\.(mp3)"
add comment="" name="Extension \" .ram \"" regexp="\\.(ram)"
add comment="" name="Extension \" .rmvb \"" regexp="\\.(rmvb)"
add comment="" name="Extension \" .dat \"" regexp="\\.(dat)"
add comment="" name="Extension \" .daa \"" regexp="\\.(daa)"
add comment="" name="Extension \" .nrg \"" regexp="\\.(nrg)"
add comment="" name="Extension \" .bin \"" regexp="\\.(bin)"

add comment="" name="Extension \" .vcd \"" regexp="\\.(vcd)"
add comment="" name="Extension \" .3gp \"" regexp="\\.(3gp)"
add comment="" name="Extension \" .mpe \"" regexp="\\.(mpe)"
add comment="" name="Extension \" .qt \"" regexp="\\.(qt)"
add comment="" name="Extension \" .raw \"" regexp="\\.(raw)"
add comment="" name="Extension \" .wma \"" regexp="\\.(wma)"
add comment="" name="Extension \" .ogg \"" regexp="\\.(ogg)"
add comment="" name="Extension \" .exe \"" regexp="\\.(exe)"
tambahkan mark connection

/ip firewall mangle add action=mark-connection chain=prerouting comment="iso
DOWNS" disabled=no layer7-protocol="Extension \" .iso \"" new-connectionmark="iso DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="zip
DOWNS" disabled=no layer7-protocol="Extension \" .zip \"" new-connectionmark="zip DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="7z
DOWNS" disabled=no layer7-protocol="Extension \" .7z \"" new-connectionmark="7z DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="cab
DOWNS" disabled=no layer7-protocol="Extension \" .cab \"" new-connectionmark="cab DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="asf
DOWNS" disabled=no layer7-protocol="Extension \" .asf \"" new-connectionmark="asf DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="mov
DOWNS" disabled=no layer7-protocol="Extension \" .mov \"" new-connectionmark="mov DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="wmv

DOWNS" disabled=no layer7-protocol="Extension \" .wmv \"" new-connectionmark="wmv DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="mpg
DOWNS" disabled=no layer7-protocol="Extension \" .mpg \"" new-connectionmark="mpg DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="mpeg
DOWNS" disabled=no layer7-protocol="Extension \" .mpeg \"" new-connectionmark="mpeg DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="mkv
DOWNS" disabled=no layer7-protocol="Extension \" .mkv \"" new-connectionmark="mkv DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="avi
DOWNS" disabled=no layer7-protocol="Extension \" .avi \"" new-connectionmark="avi DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="flv
DOWNS" disabled=no layer7-protocol="Extension \" .flv \"" new-connectionmark="flv DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="wav
DOWNS" disabled=no layer7-protocol="Extension \" .wav \"" new-connectionmark="wav DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="rm
DOWNS" disabled=no layer7-protocol="Extension \" .rm \"" new-connectionmark="rm DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="mp3
DOWNS" disabled=no layer7-protocol="Extension \" .mp3 \"" new-connectionmark="mp3 DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="ram
DOWNS" disabled=no layer7-protocol="Extension \" .ram \"" new-connectionmark="ram DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="rmvb
DOWNS" disabled=no layer7-protocol="Extension \" .rmvb \"" new-connectionmark="rmvb DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="dat

DOWNS" disabled=no layer7-protocol="Extension \" .dat \"" new-connectionmark="dat DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="daa
DOWNS" disabled=no layer7-protocol="Extension \" .daa \"" new-connectionmark="daa DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="nrg
DOWNS" disabled=no layer7-protocol="Extension \" .nrg \"" new-connectionmark="nrg DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="bin
DOWNS" disabled=no layer7-protocol="Extension \" .bin \"" new-connectionmark="bin DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="vcd
DOWNS" disabled=no layer7-protocol="Extension \" .vcd \"" new-connectionmark="vcd DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="3gp
DOWNS" disabled=no layer7-protocol="Extension \" .3gp \"" new-connectionmark="3gp DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="mpe
DOWNS" disabled=no layer7-protocol="Extension \" .mpe \"" new-connectionmark="mpe DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="qt
DOWNS" disabled=no layer7-protocol="Extension \" .qt \"" new-connectionmark="qt DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="raw
DOWNS" disabled=no layer7-protocol="Extension \" .raw \"" new-connectionmark="raw DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="wma
DOWNS" disabled=no layer7-protocol="Extension \" .wma \"" new-connectionmark="wma DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="ogg
DOWNS" disabled=no layer7-protocol="Extension \" .ogg \"" new-connectionmark="ogg DOWNS" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="exe

DOWNS" disabled=no layer7-protocol="Extension \" .exe \"" new-connectionmark="exe DOWNS" passthrough=yes protocol=tcp
tambahkan juga mark paket pada extention yang sudah di registrasikan pada
mangel
/ip firewall mangle add action=mark-packet chain=postrouting comment=""
connection-mark="iso DOWNS" disabled=no new-packet-mark=iso passthrough=no
protocol=tcp
connection-mark="zip DOWNS" disabled=no new-packet-mark=zip passthrough=no
protocol=tcp
connection-mark="7z DOWNS" disabled=no new-packet-mark=7z passthrough=no
protocol=tcp
connection-mark="cab DOWNS" disabled=no new-packet-mark=cab
passthrough=no protocol=tcp
connection-mark="asf DOWNS" disabled=no new-packet-mark=asf passthrough=no
protocol=tcp
connection-mark="mov DOWNS" disabled=no new-packet-mark=mov
connection-mark="wmv DOWNS" disabled=no new-packet-mark=wmv
connection-mark="mpg DOWNS" disabled=no new-packet-mark=mpg
connection-mark="mpeg DOWNS" disabled=no new-packet-mark=mpeg

connection-mark="mkv DOWNS" disabled=no new-packet-mark=mkv
connection-mark="avi DOWNS" disabled=no new-packet-mark=avi passthrough=no
protocol=tcp
connection-mark="flv DOWNS" disabled=no new-packet-mark=flv passthrough=no
protocol=tcp
connection-mark="wav DOWNS" disabled=no new-packet-mark=wav
connection-mark="rm DOWNS" disabled=no new-packet-mark=rm passthrough=no
protocol=tcp
connection-mark="mp3 DOWNS" disabled=no new-packet-mark=mp3
connection-mark="ram DOWNS" disabled=no new-packet-mark=ram
connection-mark="rmvb DOWNS" disabled=no new-packet-mark=rmvb
connection-mark="dat DOWNS" disabled=no new-packet-mark=dat
connection-mark="daa DOWNS" disabled=no new-packet-mark=daa
connection-mark="nrg DOWNS" disabled=no new-packet-mark=nrg

connection-mark="bin DOWNS" disabled=no new-packet-mark=bin
connection-mark="vcd DOWNS" disabled=no new-packet-mark=vcd
connection-mark="3gp DOWNS" disabled=no new-packet-mark=3gp
connection-mark="mpe DOWNS" disabled=no new-packet-mark=mpe
connection-mark="qt DOWNS" disabled=no new-packet-mark=qt passthrough=no
protocol=tcp
connection-mark="raw DOWNS" disabled=no new-packet-mark=raw
connection-mark="wma DOWNS" disabled=no new-packet-mark=wma
connection-mark="ogg DOWNS" disabled=no new-packet-mark=ogg
connection-mark="exe DOWNS" disabled=no new-packet-mark=exe
lalu tambahkan limit bandwith yang ditetapkan
/queue tree add name="iso" parent=ether2 packet-mark=iso limit-at=384k

queue=default priority=8 max-limit=384k burst-limit=0 burst-threshold=0 bursttime=0s
/queue tree add name="zip" parent=ether5-lan2 packet-mark=zip limit-at=384k
/queue tree add name="7z" parent=ether5-lan2 packet-mark=7z limit-at=384k
/queue tree add name="cab" parent=ether5-lan2 packet-mark=cab limit-at=384k
/queue tree add name="asf" parent=ether5-lan2 packet-mark=asf limit-at=384k
/queue tree add name="mov" parent=ether5-lan2 packet-mark=mov limit-at=384k
/queue tree add name="wmv" parent=ether5-lan2 packet-mark=wmv limitat=384k queue=default priority=8 max-limit=384k burst-limit=0 burst-threshold=0
burst-time=0s
/queue tree add name="mpg" parent=ether5-lan2 packet-mark=mpg limit-at=384k
/queue tree add name="mpeg" parent=ether5-lan2 packet-mark=mpeg limitat=384k queue=default priority=8 max-limit=384k burst-limit=0 burst-threshold=0
burst-time=0s
/queue tree add name="mkv" parent=ether5-lan2 packet-mark=mkv limit-at=384k
/queue tree add name="avi" parent=ether5-lan2 packet-mark=avi limit-at=384k
/queue tree add name="flv" parent=ether5-lan2 packet-mark=flv limit-at=384k
/queue tree add name="wav" parent=ether5-lan2 packet-mark=wav limit-at=384k

/queue tree add name="rm" parent=ether5-lan2 packet-mark=rm limit-at=384k
/queue tree add name="mp3" parent=ether5-lan2 packet-mark=mp3 limit-at=384k
/queue tree add name="ram" parent=ether5-lan2 packet-mark=ram limit-at=384k
/queue tree add name="rmvb" parent=ether5-lan2 packet-mark=rmvb limitat=384k queue=default priority=8 max-limit=384k burst-limit=0 burst-threshold=0
burst-time=0s
/queue tree add name="dat" parent=ether5-lan2 packet-mark=dat limit-at=384k
/queue tree add name="daa" parent=ether5-lan2 packet-mark=daa limit-at=384k
/queue tree add name="nrg" parent=ether5-lan2 packet-mark=nrg limit-at=384k
/queue tree add name="bin" parent=ether5-lan2 packet-mark=bin limit-at=384k
/queue tree add name="vcd" parent=ether5-lan2 packet-mark=vcd limit-at=384k
/queue tree add name="3gp" parent=ether5-lan2 packet-mark=3gp limit-at=384k

/queue tree add name="mpe" parent=ether5-lan2 packet-mark=mpe limit-at=384k
/queue tree add name="qt" parent=ether5-lan2 packet-mark=qt limit-at=384k
/queue tree add name="raw" parent=ether5-lan2 packet-mark=raw limit-at=384k
/queue tree add name="wma" parent=ether5-lan2 packet-mark=wma limitat=384k queue=default priority=8 max-limit=384k burst-limit=0 burst-threshold=0
burst-time=0s
/queue tree add name="ogg" parent=ether5-lan2 packet-mark=ogg limit-at=384k
/queue tree add name="exe" parent=ether5-lan2 packet-mark=exe limit-at=384k

Cara Membatasi Download Di Mikrotik

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cara Membatasi Download Di Mikrotik

Uploaded by

Copyright:

Available Formats

cara membatasi download di mikrotik

ketik di prompt jenis2 file yg akan di batasi:

/ip firewall layer7-protocol

add comment="" name="Extension \" .bin \"" regexp="\\.(bin)"

tambahkan mark connection

/ip firewall mangle add action=mark-connection chain=prerouting comment="wmv

/ip firewall mangle add action=mark-connection chain=prerouting comment="dat

/ip firewall mangle add action=mark-connection chain=prerouting comment="exe

/ip firewall mangle add action=mark-packet chain=postrouting comment=""

/ip firewall mangle add action=mark-packet chain=postrouting comment=""

lalu tambahkan limit bandwith yang ditetapkan

/queue tree add name="iso" parent=ether2 packet-mark=iso limit-at=384k

/queue tree add name="wav" parent=ether5-lan2 packet-mark=wav limit-at=384k

/queue tree add name="3gp" parent=ether5-lan2 packet-mark=3gp limit-at=384k

You might also like