Scribd Logo
Upload

Welcome to Scribd!

  • Duet GGC

    Uploaded by

    Yakob Kasim
    38 views6 pages
    DUET

    Original Title

    DUET GGC

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    DUET

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    38 views6 pages

    Duet GGC

    Uploaded by

    Yakob Kasim
    DUET

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    By CACHE BOY

    /ip firewall address-list


    add address=192.168.0.0/16 list=private_IPv4
    add address=172.16.0.0/12 list=private_IPv4
    add address=10.0.0.0/8 list=private_IPv4
    /ip firewall layer7-protocol
    add name=EXE regexp="\\x4d\\x5a(\\x90\\x03|\\x50\\x02)\\x04"
    add name=ZIP regexp="pk\\x03\\x04\\x14"
    add name=MP4 regexp="\\x18\\x66\\x74\\x79\\x70"
    add name=RAR regexp="Rar\\x21\\x1a\\x07"
    add name=youtube regexp="r[0-9]+---[a-z]+-+[a-z0-9-]+\\.googlevideo\\.com"
    /ip firewall mangle
    add action=accept chain=prerouting comment="Bypass Local Traffic" dst-address-
    list=private_IPv4 src-address-list=private_IPv4
    add action=accept chain=forward dst-address-list=private_IPv4 src-address-
    list=private_IPv4
    add action=mark-connection chain=forward comment="Games Traffic" dst-port=39190-
    39200 new-connection-mark=games passthrough=yes protocol=tcp src-address-
    list=private_IPv4
    add action=mark-connection chain=forward dst-port=40000-40010 new-connection-
    mark=games passthrough=yes protocol=udp src-address-list=private_IPv4
    add action=mark-packet chain=forward connection-mark=games in-interface="ether1 -
    Wan" new-packet-mark=games_down passthrough=no
    add action=mark-packet chain=forward connection-mark=games in-interface="ether4 -
    Lan" new-packet-mark=games_up passthrough=no
    add action=mark-connection chain=forward comment="ICMP Traffic" new-connection-
    mark=icmp passthrough=yes protocol=icmp src-address-list=private_IPv4
    add action=mark-packet chain=forward connection-mark=icmp in-interface="ether1 -
    Wan" new-packet-mark=icmp_down passthrough=no protocol=icmp
    add action=mark-packet chain=forward connection-mark=icmp in-interface="ether4 -
    Lan" new-packet-mark=icmp_up passthrough=no protocol=icmp
    add action=mark-connection chain=forward comment="DNS Traffic" dst-port=53 new-
    connection-mark=dns passthrough=yes protocol=udp src-address-list=private_IPv4
    add action=mark-packet chain=forward connection-mark=dns in-interface="ether1 -
    Wan" new-packet-mark=dns_down passthrough=no protocol=udp
    add action=mark-packet chain=forward connection-mark=dns in-interface="ether4 -
    Lan" new-packet-mark=dns_up passthrough=no protocol=udp
    add action=mark-connection chain=forward comment="Remote Traffic" dst-
    port=22,23,8291,5938,4899 new-connection-mark=remote passthrough=yes protocol=tcp
    src-address-list=private_IPv4
    add action=mark-packet chain=forward connection-mark=remote in-interface="ether1 -
    Wan" new-packet-mark=remote_down passthrough=no
    add action=mark-packet chain=forward connection-mark=remote in-interface="ether4 -
    Lan" new-packet-mark=remote_up passthrough=no
    add action=mark-connection chain=forward comment="YouTube Traffic" layer7-
    protocol=youtube new-connection-mark=youtube passthrough=yes src-address-
    list=private_IPv4
    add action=mark-packet chain=forward connection-mark=youtube in-interface="ether1 -
    Wan" new-packet-mark=youtube_down passthrough=no
    add action=mark-packet chain=forward connection-mark=youtube in-interface="ether4 -
    Lan" new-packet-mark=youtube_up passthrough=no
    add action=mark-connection chain=forward comment="Extension Layer7" layer7-
    protocol=EXE new-connection-mark=extensi passthrough=yes
    add action=mark-connection chain=forward layer7-protocol=ZIP new-connection-
    mark=extensi passthrough=yes
    add action=mark-connection chain=forward layer7-protocol=MP3 new-connection-
    mark=extensi passthrough=yes
    add action=mark-connection chain=forward layer7-protocol=RAR new-connection-
    mark=extensi passthrough=yes
    add action=mark-packet chain=forward connection-mark=extensi in-interface="ether1 -
    Wan" new-packet-mark=extensi_down passthrough=no
    add action=mark-packet chain=forward connection-mark=extensi in-interface="ether4 -
    Lan" new-packet-mark=extensi_up passthrough=no
    add action=mark-connection chain=forward comment="Browsing Traffic" connection-
    mark=!heavy_traffic new-connection-mark=browsing passthrough=yes src-address-
    list=private_IPv4
    add action=mark-connection chain=forward comment="Heavy Traffic" connection-
    bytes=1024000-0 connection-mark=browsing connection-rate=256k-102400k new-
    connection-mark=heavy_traffic passthrough=yes protocol=tcp
    add action=mark-connection chain=forward connection-bytes=1024000-0 connection-
    mark=browsing connection-rate=256k-102400k new-connection-mark=heavy_traffic
    passthrough=yes protocol=udp
    add action=mark-packet chain=forward connection-mark=heavy_traffic in-
    interface="ether1 - Wan" new-packet-mark=heavy_browsing_down passthrough=no
    add action=mark-packet chain=forward connection-mark=heavy_traffic in-
    interface="ether4 - Lan" new-packet-mark=heavy_browsing_up passthrough=no
    add action=mark-packet chain=forward connection-mark=browsing in-interface="ether1
    - Wan" new-packet-mark=small_browsing_down passthrough=no
    add action=mark-packet chain=forward connection-mark=browsing in-interface="ether4
    - Lan" new-packet-mark=small_browsing_up passthrough=no

    /queue type
    add kind=pcq name=down_pcq pcq-classifier=dst-address pcq-dst-address6-mask=64 pcq-
    src-address6-mask=64
    add kind=pcq name=up_pcq pcq-classifier=src-address pcq-dst-address6-mask=64 pcq-
    src-address6-mask=64
    /queue tree
    add name="Global Traffic" parent=global queue=default
    add max-limit=50M name=Download parent="Global Traffic" queue=default
    add max-limit=10M name=Upload parent="Global Traffic"
    add limit-at=1024k max-limit=50M name="1. Game" packet-mark=games_down
    parent=Download priority=1 queue=down_pcq
    add limit-at=512k max-limit=50M name="2. Icmp" packet-mark=icmp_down
    parent=Download priority=1 queue=down_pcq
    add limit-at=512k max-limit=50M name="3. Dns" packet-mark=dns_down parent=Download
    priority=1 queue=down_pcq
    add max-limit=50M name="5. Download Traffic" parent=Download queue=default
    add max-limit=50M name="1. Small Browsing" packet-mark=small_browsing_down
    parent="5. Download Traffic" priority=5 queue=down_pcq
    add max-limit=50M name="2. Heavy Browsing" packet-mark=heavy_browsing_down
    parent="5. Download Traffic" priority=7 queue=down_pcq
    add limit-at=1024k max-limit=50M name="4. Remote" packet-mark=remote_down
    parent=Download priority=3 queue=down_pcq
    add max-limit=50M name="3. YouTube" packet-mark=youtube_down parent="5. Download
    Traffic" priority=7 queue=down_pcq
    add max-limit=50M name="4. Extensi" packet-mark=extensi_down parent="5. Download
    Traffic" queue=down_pcq
    add limit-at=1024k max-limit=10M name="1. game" packet-mark=games_up parent=Upload
    priority=1 queue=up_pcq
    add limit-at=512k max-limit=10M name="2. icmp" packet-mark=icmp_up parent=Upload
    priority=1 queue=up_pcq
    add limit-at=512k max-limit=10M name="3. dns" packet-mark=dns_up parent=Upload
    priority=1 queue=up_pcq
    add limit-at=512k max-limit=10M name="4. remote" packet-mark=remote_up
    parent=Upload priority=3 queue=up_pcq
    add max-limit=10M name="5. Upload Traffic" parent=Upload queue=default
    add max-limit=10M name="1. small browsing" packet-mark=small_browsing_up parent="5.
    Upload Traffic" priority=5 queue=up_pcq
    add max-limit=10M name="2. heavy browsing" packet-mark=heavy_browsing_up parent="5.
    Upload Traffic" priority=7 queue=up_pcq
    add max-limit=10M name="3. youtube" packet-mark=youtube_up parent="5. Upload
    Traffic" priority=7 queue=up_pcq
    add max-limit=10M name="4. extensi" packet-mark=extensi_up parent="5. Upload
    Traffic" queue=up_pcq

    By : Agung Cespun Setiawan

    #1 wan (sumber internet) = ehter1 = indihome 10mbps

    /ip firewall address-list


    add list="private-lokal" address=0.0.0.0/8
    add list="private-lokal" address=10.0.0.0/8
    add list="private-lokal" address=100.64.0.0/10
    add list="private-lokal" address=127.0.0.0/8
    add list="private-lokal" address=169.254.0.0/16
    add list="private-lokal" address=172.16.0.0/12
    add list="private-lokal" address=192.0.0.0/24
    add list="private-lokal" address=192.0.2.0/24
    add list="private-lokal" address=192.168.0.0/16
    add list="private-lokal" address=198.18.0.0/15
    add list="private-lokal" address=198.51.100.0/24
    add list="private-lokal" address=203.0.113.0/24
    add list="private-lokal" address=224.0.0.0/3

    #ip firewall mangle


    /ip firewall mangle
    add action=mark-connection chain=input comment=private-lokal dst-address-
    list=private-lokal new-connection-mark=private-lokal passthrough=no \
    src-address-list=private-lokal
    add action=accept chain=input comment=private-lokal connection-mark=private-lokal
    add action=mark-connection chain=prerouting comment=private-lokal dst-address-
    list=private-lokal new-connection-mark=private-lokal passthrough=no \
    src-address-list=private-lokal
    add action=accept chain=prerouting comment=private-lokal connection-mark=private-
    lokal
    add action=mark-connection chain=forward comment=private-lokal dst-address-
    list=private-lokal new-connection-mark=private-lokal passthrough=no \
    src-address-list=private-lokal
    add action=accept chain=forward comment=private-lokal connection-mark=private-lokal
    add action=mark-connection chain=postrouting comment=private-lokal dst-address-
    list=private-lokal new-connection-mark=private-lokal passthrough=no \
    src-address-list=private-lokal
    add action=accept chain=postrouting comment=private-lokal connection-mark=private-
    lokal
    add action=mark-connection chain=output comment=private-lokal dst-address-
    list=private-lokal new-connection-mark=private-lokal passthrough=no \
    src-address-list=private-lokal
    add action=accept chain=output comment=private-lokal connection-mark=private-lokal
    add action=mark-connection chain=prerouting comment=vip new-connection-mark=vip
    passthrough=no protocol=icmp
    add action=mark-connection chain=prerouting comment=vip new-connection-mark=vip
    passthrough=no port=53,5353,123,8291,1194 protocol=tcp
    add action=mark-connection chain=prerouting comment=vip new-connection-mark=vip
    passthrough=no port=53,5353,123,8291,1194 protocol=udp
    add action=accept chain=prerouting comment=vip connection-mark=vip
    add action=mark-packet chain=forward comment=vip-down connection-mark=vip in-
    interface=ether1 new-packet-mark=vip-down passthrough=no
    add action=mark-packet chain=forward comment=vip-up connection-mark=vip new-packet-
    mark=vip-up out-interface=ether1 passthrough=no
    add action=mark-connection chain=prerouting comment=jump1 connection-rate=0-384k
    dst-address-list=!private-lokal dst-port=\
    !21,22,23,80,81,88,5050,843,443,182,282,8777,1935,8000-8081 layer7-protocol=!
    torrent new-connection-mark=jump1 passthrough=yes protocol=tcp \
    src-address-list=private-lokal
    add action=mark-connection chain=prerouting comment=jump1 connection-rate=0-384k
    dst-address-list=!private-lokal dst-port=\
    !21,22,23,80,81,88,5050,843,443,182,282,8777,1935,8000-8081 layer7-protocol=!
    torrent new-connection-mark=jump2 passthrough=yes protocol=udp \
    src-address-list=private-lokal
    add action=mark-connection chain=prerouting comment=games connection-mark=jump1
    connection-rate=0-384k dst-address-list=!private-lokal dst-port=\
    !53,5353,5938,8291,12671-12675,123 layer7-protocol=!torrent new-connection-
    mark=games passthrough=no protocol=tcp src-address-list=private-lokal
    add action=mark-connection chain=prerouting comment=games connection-mark=jump2
    connection-rate=0-384k dst-address-list=!private-lokal dst-port=\
    !53,5353,5938,8291,12671-12675,123 layer7-protocol=!torrent new-connection-
    mark=games passthrough=no protocol=udp src-address-list=private-lokal
    add action=accept chain=prerouting comment=games-ip connection-mark=games
    add action=add-dst-to-address-list address-list=games address-list-timeout=0s
    chain=forward comment=games-ip connection-mark=games dst-address-list=\
    !private-lokal src-address-list=private-lokal
    add action=mark-packet chain=forward comment=games-down connection-mark=games in-
    interface=ether1 new-packet-mark=games-down passthrough=no
    add action=mark-packet chain=forward comment=games-up connection-mark=games new-
    packet-mark=games-up out-interface=ether1 passthrough=no
    add action=mark-connection chain=prerouting comment=googlevideo
    content=googlevideo.com dst-address-list=!private-lokal new-connection-
    mark=googlevideo \
    passthrough=no src-address-list=private-lokal
    add action=accept chain=prerouting comment=googlevideo connection-mark=googlevideo
    add action=mark-packet chain=forward comment=googlevideo-down connection-
    mark=googlevideo in-interface=ether1 new-packet-mark=googlevideo-down
    passthrough=no
    add action=mark-packet chain=forward comment=googlevideo-up connection-
    mark=googlevideo new-packet-mark=googlevideo-up out-interface=ether1 passthrough=no
    add action=mark-connection chain=prerouting comment=high connection-
    bytes=100000001-0 dst-address-list=!private-lokal new-connection-mark=high
    passthrough=no \
    src-address-list=private-lokal
    add action=accept chain=prerouting comment=high connection-mark=high
    add action=mark-packet chain=forward comment=high-down connection-mark=high in-
    interface=ether1 new-packet-mark=high-down passthrough=no
    add action=mark-packet chain=forward comment=high-up connection-mark=high new-
    packet-mark=high-up out-interface=ether1 passthrough=no
    add action=mark-connection chain=prerouting comment=midle connection-
    bytes=10000001-100000000 dst-address-list=!private-lokal new-connection-
    mark=midle \
    passthrough=no src-address-list=private-lokal
    add action=accept chain=prerouting comment=midle connection-mark=midle
    add action=mark-packet chain=forward comment=midle-down connection-mark=midle in-
    interface=ether1 new-packet-mark=midle-down passthrough=no
    add action=mark-packet chain=forward comment=midle-up connection-mark=midle new-
    packet-mark=midle-up out-interface=ether1 passthrough=no
    add action=mark-connection chain=prerouting comment=low connection-bytes=3000001-
    10000000 dst-address-list=!private-lokal new-connection-mark=low \
    passthrough=no src-address-list=private-lokal
    add action=accept chain=prerouting comment=low connection-mark=low
    add action=mark-packet chain=forward comment=low-down connection-mark=low in-
    interface=ether1 new-packet-mark=low-down passthrough=no
    add action=mark-packet chain=forward comment=low-up connection-mark=low new-packet-
    mark=low-up out-interface=ether1 passthrough=no
    add action=mark-connection chain=prerouting comment=lower connection-bytes=1000001-
    3000000 dst-address-list=!private-lokal new-connection-mark=lower \
    passthrough=no src-address-list=private-lokal
    add action=accept chain=prerouting comment=lower connection-mark=lower
    add action=mark-packet chain=forward comment=lower-down connection-mark=lower in-
    interface=ether1 new-packet-mark=lower-down passthrough=no
    add action=mark-packet chain=forward comment=lower-up connection-mark=lower new-
    packet-mark=lower-up out-interface=ether1 passthrough=no
    add action=mark-connection chain=prerouting comment=lowest connection-bytes=0-
    1000000 dst-address-list=!private-lokal new-connection-mark=lowest passthrough=\
    no src-address-list=private-lokal
    add action=accept chain=prerouting comment=lowest connection-mark=lowest
    add action=mark-packet chain=forward comment=lowest-down connection-mark=lowest in-
    interface=ether1 new-packet-mark=lowest-down passthrough=no
    add action=mark-packet chain=forward comment=lowest-up connection-mark=lowest new-
    packet-mark=lowest-up out-interface=ether1 passthrough=no
    add action=mark-connection chain=prerouting comment=unknown connection-mark=no-mark
    dst-address-list=!private-lokal new-connection-mark=unknown passthrough=\
    no src-address-list=private-lokal
    add action=mark-connection chain=prerouting comment=unknown new-connection-
    mark=unknown passthrough=no
    add action=accept chain=prerouting comment=unknown connection-mark=unknown
    add action=mark-packet chain=forward comment=unknown-down connection-mark=unknown
    in-interface=ether1 new-packet-mark=unknown-down passthrough=no
    add action=mark-packet chain=forward comment=unknown-up connection-mark=unknown
    new-packet-mark=unknown-up out-interface=ether1 passthrough=no

    #queue tree
    /queue tree
    add max-limit=100M name=A.DOWN parent=global queue=default
    add limit-at=64k max-limit=100M name=A.01.VIP packet-mark=vip-down parent=A.DOWN
    priority=1 queue=default
    add limit-at=2M max-limit=100M name=A.02.GAMES-ONLINE packet-mark=games-down
    parent=A.DOWN priority=2 queue=default
    add limit-at=15M max-limit=15M name=A.03.NORMAL parent=A.DOWN queue=default
    add limit-at=5M max-limit=10M name=A.03.1.GOOGLEVIDEO packet-mark=googlevideo-down
    parent=A.03.NORMAL priority=3 queue=pcq-download-default
    add limit-at=8M max-limit=8M name=A.03.2.BYTES-TRAFIK parent=A.03.NORMAL
    queue=default
    add limit-at=1M max-limit=8M name=A.1.LOWES packet-mark=lowest-down
    parent=A.03.2.BYTES-TRAFIK priority=4 queue=pcq-download-default
    add limit-at=1M max-limit=8M name=A.2.LOWER packet-mark=lower-down
    parent=A.03.2.BYTES-TRAFIK priority=5 queue=pcq-download-default
    add limit-at=1M max-limit=8M name=A.3.LOW packet-mark=low-down parent=A.03.2.BYTES-
    TRAFIK priority=6 queue=pcq-download-default
    add limit-at=1M max-limit=8M name=A.4.MIDLE packet-mark=midle-down
    parent=A.03.2.BYTES-TRAFIK priority=7 queue=pcq-download-default
    add limit-at=1M max-limit=8M name=A.5.HIGH packet-mark=high-down
    parent=A.03.2.BYTES-TRAFIK queue=pcq-download-default
    add limit-at=1M max-limit=8M name=A.6.UNKNOWN packet-mark=unknown-down
    parent=A.03.2.BYTES-TRAFIK queue=pcq-download-default
    add max-limit=100M name=B.UP parent=global queue=default
    add limit-at=64k max-limit=100M name=B.01.VIP packet-mark=vip-up parent=B.UP
    priority=1 queue=default
    add limit-at=1M max-limit=100M name=B.02.GAMES-ONLINE packet-mark=games-up
    parent=B.UP priority=2 queue=default
    add limit-at=2M max-limit=2M name=B.03.NORMAL parent=B.UP queue=default
    add limit-at=1M max-limit=2M name=B.03.1.GOOGLEVIDEO packet-mark=googlevideo-up
    parent=B.03.NORMAL priority=3 queue=pcq-upload-default
    add limit-at=1M max-limit=1M name=B.03.2.BYTES-TRAFIK parent=B.03.NORMAL
    queue=default
    add limit-at=100k max-limit=1M name=B.1.LOWES packet-mark=lowest-up
    parent=B.03.2.BYTES-TRAFIK priority=4 queue=pcq-upload-default
    add limit-at=100k max-limit=1M name=B.2.LOWER packet-mark=lower-up
    parent=B.03.2.BYTES-TRAFIK priority=5 queue=pcq-upload-default
    add limit-at=100k max-limit=1M name=B.3.LOW packet-mark=low-up parent=B.03.2.BYTES-
    TRAFIK priority=6 queue=pcq-upload-default
    add limit-at=100k max-limit=1M name=B.4.MIDLE packet-mark=midle-up
    parent=B.03.2.BYTES-TRAFIK priority=7 queue=pcq-upload-default
    add limit-at=100k max-limit=1M name=B.5.HIGH packet-mark=high-up
    parent=B.03.2.BYTES-TRAFIK queue=pcq-upload-default
    add limit-at=100k max-limit=1M name=B.6.UNKNOWN packet-mark=unknown-up
    parent=B.03.2.BYTES-TRAFIK queue=pcq-upload-default

    You might also like