Minggu, 28 September 2014

Setting Mikrotik Warnet Game Online + Browsing

Setting Mikrotik Warnet Game Online + Browsing


Beberapa hari yang lalu oleh klien meminta saya untuk di update routerboard mikrotik pada warnetnya, yang semula hanya berorientasi browsing saja, menjadi warnet game online + browsing. Dalam artikel kali ini saya akan membahas sedikit tentang melakukan setting mikrotik game online + browsing dimana dalam settingan kali ini hanya berlaku untuk 10 client dan koneksi internet menggunakan speedy dengan kapasitas 1Mbps/256Kbps.

Tanpa perlu berlama-lama berikut adalah konsep IP Address dan kode yang kita inputkan kedalam New Terminal mikrotik :
  1. Untuk interface lan card pada masing-masing perangkat :
    • IP Modem : 192.168.1.1 (IP default modem)
    • IP Mikrotik untuk ether1 : 192.168.1.2 (interface yang mengarah ke modem)
    • IP Mikrotik untuk ether2 : 192.168.0.1 (interface yang mengarah ke lokal)
  2. Disini saya anggap settingan mikrotik sebagai router sudah selesai di konfigurasi.
  3. Berikut adalah routing untuk game online, tambahkan rule mangle:
/ip firewall mangle add action=mark-connection chain=prerouting comment="GAME ONLINE" dst-port="1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6001,6000-6152,7777" new-connection-mark="mark1" passthrough=yes protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting disabled=no dst-port="7341-7350,7451,8085,9600,9601-9602,9300,9400,9700,9376-9377,10001-10011,40000" new-connection-mark="mark1" passthrough=yes protocol=tcp 

/ip firewall mangle add action=mark-connection chain=prerouting dst-port="10009,13008,16666,28012,11011-11041,10402,11031,12011,12110,13413,15000-15002,15001,15002" new-connection-mark="mark1" passthrough=yes protocol=tcp 

/ip firewall mangle add action=mark-connection chain=prerouting disabled=no dst-port="16402-16502,18901-18909,19000,19101,22100,27780,29000,29200,39100,39110,39220,39190,49100" new-connection-mark="mark1" passthrough=yes protocol=tcp 

/ip firewall mangle add action=mark-connection chain=prerouting dst-port=14009-14010 new-connection-mark="mark1" passthrough=yes protocol=tcp 

/ip firewall mangle add action=mark-connection chain=prerouting dst-port="1293,1479,6100-6152,7777-7977,9401,9600-9602,12020-12080,30000,40000-40010" new-connection-mark="mark1" passthrough=yes protocol=udp 

/ip firewall mangle add action=mark-connection chain=prerouting dst-port=42051-42052,11100-11125,11440-11460 new-connection-mark="mark1" passthrough=yes protocol=udp 

/ip firewall mangle add action=mark-connection chain=prerouting dst-port=14009-14010 new-connection-mark="mark1" passthrough=yes protocol=udp
  1. Game Prerouting agar tidak berliku pada routerboard mikrotiknya :
/ip firewall mangle add action=mark-packet chain=prerouting connection-mark="zar-goc" new-packet-mark="mark2" passthrough=no
  1. Berikut adalah kode routing pada game di facebook :
/ip firewall mangle add action=mark-connection chain=prerouting comment="GAME FACEBOOK" dst-port=843,9339 new-connection-mark="mark3" passthrough=yes protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward connection-mark="mark3" disabled=no dst-address=192.168.0.0/24 new-packet-mark="mark4" passthrough=no 

/ip firewall mangle add action=mark-packet chain=forward connection-mark="mark3" new-packet-mark="mark5" passthrough=no src-address=192.168.0.0/24
  1. Berikut adalah kode pcq untuk membagi quota sama rata :
/queue type add kind=pcq name=DOWN pcq-classifier=dst-address,dst-port

/queue type add kind=pcq name=UP pcq-classifier=src-address,src-port
  1. Pada tahapan selanjutnya kita buat Queue untuk game online :
/queue tree add name="GAME DOWN" parent=global-out priority=2

/queue tree add name="GAME UPLOAD" parent=speedy priority=2 

/queue tree add name="GAME ONLINE DOWN" packet-mark="mark2" parent="GAME DOWN" priority=2 queue=DOWN 

/queue tree add max-limit=256000 name="GAME FACEBOOK DOWN" packet-mark="mark4" parent="GAME DOWN" priority=3 queue=DOWN 

/queue tree add name="GAME ONLINE UPLOAD" packet-mark="mark2" parent="GAME UPLOAD" priority=2 queue=UP 

/queue tree add limit-at=0 max-limit=128000 name="GAME FACEBOOK UPLOAD" packet-mark="mark5" parent="GAME UPLOAD" priority=3 queue=UP
  1. Supaya tidak lag pada saat bermain game online perlu diberi batasan pada beberapa extention file juga pada layer 7 protocol nya, berikut adalah kodenya :
/ip firewall layer7-protocol add name="YOUTUBE DOWNLOAD" regexp="http/(0\\.9|1\\.0|1\\.1) [\\x09-\\x0d ][1-5][0-9][0-9] [\\x09-\\x0d -~]*(content-type: video)"
add name=EXE regexp="\\.(exe)"
add name=RAR regexp="\\.(rar)"
add name=ZIP regexp="\\.(zip)"
add name=7z regexp="\\.(7z)"
add name=WMV regexp="\\.(wmv)"
add name=MPG regexp="\\.(mpg)"
add name=MPEG regexp="\\.(mpeg)"
add name=AVI regexp="\\.(avi)"
add name=FLV regexp="\\.(flv)"
add name=WAV regexp="\\.(wav)"
add name=MP3 regexp="\\.(mp3)"
add name=MP4 regexp="\\.(mp4)"
add name=ISO regexp="\\.(iso)"
add name=3GP regexp="\\.(3gp)"
add name=MOV regexp="\\.(mov)"
add name=MKV regexp="\\.(mkv)"
add name="YOUTUBE STREAMING" regexp=youtube
add name=PORN regexp=porn
add name=TUBE regexp=tube
add name=VIDEO regexp=video
add name=MOVIE regexp=movie
  1. Tahapan berikutnya kita buat firewall pada mangle rule untuk pembatasan pada file jenis extention tertentu seperti yang kita buat pada layer 7 protocol :
/ip firewall mangle add action=mark-packet chain=forward comment="LIMIT EXTENTION" disabled=no layer7-protocol="YOUTUBE DOWNLOAD" new-packet-mark="YOUTUBE DOWNLOAD" passthrough=no

add action=mark-packet chain=forward disabled=no layer7-protocol=YOUTUBE STREAMING new-packet-mark="YOUTUBE STREAMING" passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=TUBE new-packet-mark=FILM1 passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=PORN new-packet-mark=FILM2 passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=VIDEO new-packet-mark=FILM3 passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=MOVIE new-packet-mark=FILM4 passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=MKV new-packet-mark=MKV passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=MP3 new-packet-mark=MP3 passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=MP4 new-packet-mark=MP4 passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=ZIP new-packet-mark=ZIP passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=EXE new-packet-mark=EXE passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=FLV new-packet-mark=FLV passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=ISO new-packet-mark=ISO passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=MOV new-packet-mark=MOV passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=MPEG new-packet-mark=MPEG passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=MPG new-packet-mark=MPG passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=RAR new-packet-mark=RAR passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=WAV new-packet-mark=WAV passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=WMV new-packet-mark=WMV passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=ISO new-packet-mark=3GP passthrough=no 

add action=mark-packet chain=forward disabled=no layer7-protocol=7z new-packet-mark=7z passthrough=no
  1. Selanjutnya tambahkan pada Firewall mangle rule untuk browsing (upload/download) :
/ip firewall mangle add action=mark-connection chain=prerouting comment=HTTP dst-port=21,80 new-connection-mark="BROWSING" passthrough=yes protocol=tcp

/ip firewall mangle add action=mark-packet chain=forward connection-mark="BROWSING" disabled=no dst-address=192.168.1.0/24 new-packet-mark="download" passthrough=no 

/ip firewall mangle add action=mark-packet chain=forward connection-mark="BROWSING" disabled=no new-packet-mark="upload" passthrough=no src-address=192.168.1.0/24
  1. Tahap akhir kita akan buat Queue untuk browsing (upload/download) :
/queue tree add max-limit=128000 name="UPLOAD-BROWSING" packet-mark="upload" parent=speedy priority=4 queue=UP
/queue tree add max-limit=750000 name="HTTP-DOWN" parent=global-out priority=2
/queue tree add max-limit=750000 name="BROWSING DOWN" packet-mark="download" parent="HTTP-DOWN" priority=4 queue=DOWN
/queue tree add max-limit=512000 name="LIMIT EXTENTION" parent="HTTP-DOWN" priority=5
/queue tree add name=YOUTUBE parent="LIMIT EXTENTION" priority=5

add name="YOUTUBE STREAMING" packet-mark="YOUTUBE STREAMING" parent=YOUTUBE priority=5 queue=DOWN 
add name=MKV packet-mark=MKV parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=MP3 packet-mark=MP3 parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=MP4 packet-mark=MP4 parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=ZIP packet-mark=ZIP parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=EXE packet-mark=EXE parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=ISO packet-mark=ISO parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=AVI packet-mark=AVI parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=MOV packet-mark=MOV parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=MPEG packet-mark=MPEG parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=MPG packet-mark=MPG parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=RAR packet-mark=RAR parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=WAV packet-mark=WAV parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=WMV packet-mark=WMV parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=3GP packet-mark=3GP parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=7z packet-mark=7z parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name="YOUTUBE DOWNLOAD" packet-mark="YOUTUBE DOWNLOAD" parent=YOUTUBE priority=5 queue=DOWN
add name=PORN parent="LIMIT EXTENTION" priority=5
add name=PORN1 packet-mark=FILM1 parent=PORN priority=5 queue=DOWN
add name=PORN2 packet-mark=FILM2 parent=PORN priority=5 queue=DOWN
add name=PORN3 packet-mark=FILM3 parent=PORN priority=5 queue=DOWN
add name="MIVO TV" packet-mark="MIVO TV" parent="1.4 LIMIT EXTENTION" priority=5 queue=DOWN
add name=PORN4 packet-mark=PORN4 parent=PORN priority=5 queue=DOWN
Sebagai tambahan berikut beberapa port untuk game online :
  • Ayo Dance : tcp 1801-1809
  • SealOnline : tcp 1818
  • PointBlank : tcp 39190,39100,39120.39110,39220,49100 udp 40000-40010
  • Lineage2 : tcp 7777
  • GhostOnline : tcp 19101
  • RF-Elven : tcp 27780
  • Perfect world : tcp 29000
  • Rohan : tcp 22100
  • Zeus RO : tcp 5121
  • Dotta : tcp 6000-6152
  • IdolStreet : tcp 2001
  • CrazyKart : tcp 9601-9602
  • WOW AMPM : tcp 8085
  • DriftCity : tcp 11011-11041
  • GetAmped : tcp 13413
  • Yullgang : tcp 19000
  • RAN Online : tcp 5105
  • CrossFire : tcp 10009
  • WarRock : tcp 5340-5352
  • FastBlack : tcp 6000-6001
  • Rose Online : tcp 29200
Beberapa port aplikasi :
  • Browsing/http : tcp 80
  • FTP : tcp 21
  • Zynga Poker : tcp 9339
Sebagai catatan tambahan untuk port zynga poker perlu diarahkan ke jalur tertentu/ tidak di balance, untuk menghindari putus koneksi.
Sekian dahulu untuk settingannya, semoga artikel kali ini bermanfaat.
Diposting oleh di

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)