Setting Mikrotik Warnet Game Online + Browsing
Beberapa hari yang lalu oleh klien meminta saya untuk di update routerboard mikrotik pada warnetnya, yang semula hanya berorientasi browsing saja, menjadi warnet game online + browsing. Dalam artikel kali ini saya akan membahas sedikit tentang melakukan setting mikrotik game online + browsing dimana dalam settingan kali ini hanya berlaku untuk 10 client dan koneksi internet menggunakan speedy dengan kapasitas 1Mbps/256Kbps.
Tanpa perlu berlama-lama berikut adalah konsep IP Address dan kode yang kita inputkan kedalam New Terminal mikrotik :
- Untuk interface lan card pada masing-masing perangkat :
- IP Modem : 192.168.1.1 (IP default modem)
- IP Mikrotik untuk ether1 : 192.168.1.2 (interface yang mengarah ke modem)
- IP Mikrotik untuk ether2 : 192.168.0.1 (interface yang mengarah ke lokal)
- Disini saya anggap settingan mikrotik sebagai router sudah selesai di konfigurasi.
- Berikut adalah routing untuk game online, tambahkan rule mangle:
/ip firewall
mangle add action=mark-connection chain=prerouting comment="GAME ONLINE"
dst-port="1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6001,6000-6152,7777"
new-connection-mark="mark1" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting disabled=no dst-port="7341-7350,7451,8085,9600,9601-9602,9300,9400,9700,9376-9377,10001-10011,40000" new-connection-mark="mark1" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting dst-port="10009,13008,16666,28012,11011-11041,10402,11031,12011,12110,13413,15000-15002,15001,15002" new-connection-mark="mark1" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting disabled=no dst-port="16402-16502,18901-18909,19000,19101,22100,27780,29000,29200,39100,39110,39220,39190,49100" new-connection-mark="mark1" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting dst-port=14009-14010 new-connection-mark="mark1" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting dst-port="1293,1479,6100-6152,7777-7977,9401,9600-9602,12020-12080,30000,40000-40010" new-connection-mark="mark1" passthrough=yes protocol=udp
/ip firewall mangle add action=mark-connection chain=prerouting dst-port=42051-42052,11100-11125,11440-11460 new-connection-mark="mark1" passthrough=yes protocol=udp
/ip firewall mangle add action=mark-connection chain=prerouting dst-port=14009-14010 new-connection-mark="mark1" passthrough=yes protocol=udp
/ip firewall mangle add action=mark-connection chain=prerouting disabled=no dst-port="7341-7350,7451,8085,9600,9601-9602,9300,9400,9700,9376-9377,10001-10011,40000" new-connection-mark="mark1" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting dst-port="10009,13008,16666,28012,11011-11041,10402,11031,12011,12110,13413,15000-15002,15001,15002" new-connection-mark="mark1" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting disabled=no dst-port="16402-16502,18901-18909,19000,19101,22100,27780,29000,29200,39100,39110,39220,39190,49100" new-connection-mark="mark1" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting dst-port=14009-14010 new-connection-mark="mark1" passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting dst-port="1293,1479,6100-6152,7777-7977,9401,9600-9602,12020-12080,30000,40000-40010" new-connection-mark="mark1" passthrough=yes protocol=udp
/ip firewall mangle add action=mark-connection chain=prerouting dst-port=42051-42052,11100-11125,11440-11460 new-connection-mark="mark1" passthrough=yes protocol=udp
/ip firewall mangle add action=mark-connection chain=prerouting dst-port=14009-14010 new-connection-mark="mark1" passthrough=yes protocol=udp
- Game Prerouting agar tidak berliku pada routerboard mikrotiknya :
/ip firewall mangle add action=mark-packet chain=prerouting connection-mark="zar-goc" new-packet-mark="mark2" passthrough=no
- Berikut adalah kode routing pada game di facebook :
/ip firewall
mangle add action=mark-connection chain=prerouting comment="GAME
FACEBOOK" dst-port=843,9339 new-connection-mark="mark3" passthrough=yes
protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward connection-mark="mark3" disabled=no dst-address=192.168.0.0/24 new-packet-mark="mark4" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward connection-mark="mark3" new-packet-mark="mark5" passthrough=no src-address=192.168.0.0/24
/ip firewall mangle add action=mark-packet chain=forward connection-mark="mark3" disabled=no dst-address=192.168.0.0/24 new-packet-mark="mark4" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward connection-mark="mark3" new-packet-mark="mark5" passthrough=no src-address=192.168.0.0/24
- Berikut adalah kode pcq untuk membagi quota sama rata :
/queue type add kind=pcq name=DOWN pcq-classifier=dst-address,dst-port
/queue type add kind=pcq name=UP pcq-classifier=src-address,src-port
/queue type add kind=pcq name=UP pcq-classifier=src-address,src-port
- Pada tahapan selanjutnya kita buat Queue untuk game online :
/queue tree add name="GAME DOWN" parent=global-out priority=2
/queue tree add name="GAME UPLOAD" parent=speedy priority=2
/queue tree add name="GAME ONLINE DOWN" packet-mark="mark2" parent="GAME DOWN" priority=2 queue=DOWN
/queue tree add max-limit=256000 name="GAME FACEBOOK DOWN" packet-mark="mark4" parent="GAME DOWN" priority=3 queue=DOWN
/queue tree add name="GAME ONLINE UPLOAD" packet-mark="mark2" parent="GAME UPLOAD" priority=2 queue=UP
/queue tree add limit-at=0 max-limit=128000 name="GAME FACEBOOK UPLOAD" packet-mark="mark5" parent="GAME UPLOAD" priority=3 queue=UP
/queue tree add name="GAME UPLOAD" parent=speedy priority=2
/queue tree add name="GAME ONLINE DOWN" packet-mark="mark2" parent="GAME DOWN" priority=2 queue=DOWN
/queue tree add max-limit=256000 name="GAME FACEBOOK DOWN" packet-mark="mark4" parent="GAME DOWN" priority=3 queue=DOWN
/queue tree add name="GAME ONLINE UPLOAD" packet-mark="mark2" parent="GAME UPLOAD" priority=2 queue=UP
/queue tree add limit-at=0 max-limit=128000 name="GAME FACEBOOK UPLOAD" packet-mark="mark5" parent="GAME UPLOAD" priority=3 queue=UP
- Supaya tidak lag pada saat bermain game online perlu diberi batasan pada beberapa extention file juga pada layer 7 protocol nya, berikut adalah kodenya :
/ip firewall
layer7-protocol add name="YOUTUBE DOWNLOAD"
regexp="http/(0\\.9|1\\.0|1\\.1) [\\x09-\\x0d ][1-5][0-9][0-9]
[\\x09-\\x0d -~]*(content-type: video)"
add name=EXE regexp="\\.(exe)"
add name=RAR regexp="\\.(rar)"
add name=ZIP regexp="\\.(zip)"
add name=7z regexp="\\.(7z)"
add name=WMV regexp="\\.(wmv)"
add name=MPG regexp="\\.(mpg)"
add name=MPEG regexp="\\.(mpeg)"
add name=AVI regexp="\\.(avi)"
add name=FLV regexp="\\.(flv)"
add name=WAV regexp="\\.(wav)"
add name=MP3 regexp="\\.(mp3)"
add name=MP4 regexp="\\.(mp4)"
add name=ISO regexp="\\.(iso)"
add name=3GP regexp="\\.(3gp)"
add name=MOV regexp="\\.(mov)"
add name=MKV regexp="\\.(mkv)"
add name="YOUTUBE STREAMING" regexp=youtube
add name=PORN regexp=porn
add name=TUBE regexp=tube
add name=VIDEO regexp=video
add name=MOVIE regexp=movie
add name=EXE regexp="\\.(exe)"
add name=RAR regexp="\\.(rar)"
add name=ZIP regexp="\\.(zip)"
add name=7z regexp="\\.(7z)"
add name=WMV regexp="\\.(wmv)"
add name=MPG regexp="\\.(mpg)"
add name=MPEG regexp="\\.(mpeg)"
add name=AVI regexp="\\.(avi)"
add name=FLV regexp="\\.(flv)"
add name=WAV regexp="\\.(wav)"
add name=MP3 regexp="\\.(mp3)"
add name=MP4 regexp="\\.(mp4)"
add name=ISO regexp="\\.(iso)"
add name=3GP regexp="\\.(3gp)"
add name=MOV regexp="\\.(mov)"
add name=MKV regexp="\\.(mkv)"
add name="YOUTUBE STREAMING" regexp=youtube
add name=PORN regexp=porn
add name=TUBE regexp=tube
add name=VIDEO regexp=video
add name=MOVIE regexp=movie
- Tahapan berikutnya kita buat firewall pada mangle rule untuk pembatasan pada file jenis extention tertentu seperti yang kita buat pada layer 7 protocol :
/ip firewall
mangle add action=mark-packet chain=forward comment="LIMIT EXTENTION"
disabled=no layer7-protocol="YOUTUBE DOWNLOAD" new-packet-mark="YOUTUBE
DOWNLOAD" passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=YOUTUBE STREAMING new-packet-mark="YOUTUBE STREAMING" passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=TUBE new-packet-mark=FILM1 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=PORN new-packet-mark=FILM2 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=VIDEO new-packet-mark=FILM3 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MOVIE new-packet-mark=FILM4 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MKV new-packet-mark=MKV passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MP3 new-packet-mark=MP3 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MP4 new-packet-mark=MP4 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=ZIP new-packet-mark=ZIP passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=EXE new-packet-mark=EXE passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=FLV new-packet-mark=FLV passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=ISO new-packet-mark=ISO passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MOV new-packet-mark=MOV passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MPEG new-packet-mark=MPEG passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MPG new-packet-mark=MPG passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=RAR new-packet-mark=RAR passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=WAV new-packet-mark=WAV passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=WMV new-packet-mark=WMV passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=ISO new-packet-mark=3GP passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=7z new-packet-mark=7z passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=YOUTUBE STREAMING new-packet-mark="YOUTUBE STREAMING" passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=TUBE new-packet-mark=FILM1 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=PORN new-packet-mark=FILM2 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=VIDEO new-packet-mark=FILM3 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MOVIE new-packet-mark=FILM4 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MKV new-packet-mark=MKV passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MP3 new-packet-mark=MP3 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MP4 new-packet-mark=MP4 passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=ZIP new-packet-mark=ZIP passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=EXE new-packet-mark=EXE passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=FLV new-packet-mark=FLV passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=ISO new-packet-mark=ISO passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MOV new-packet-mark=MOV passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MPEG new-packet-mark=MPEG passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=MPG new-packet-mark=MPG passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=RAR new-packet-mark=RAR passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=WAV new-packet-mark=WAV passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=WMV new-packet-mark=WMV passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=ISO new-packet-mark=3GP passthrough=no
add action=mark-packet chain=forward disabled=no layer7-protocol=7z new-packet-mark=7z passthrough=no
- Selanjutnya tambahkan pada Firewall mangle rule untuk browsing (upload/download) :
/ip firewall
mangle add action=mark-connection chain=prerouting comment=HTTP
dst-port=21,80 new-connection-mark="BROWSING" passthrough=yes
protocol=tcp
/ip firewall mangle add action=mark-packet chain=forward connection-mark="BROWSING" disabled=no dst-address=192.168.1.0/24 new-packet-mark="download" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward connection-mark="BROWSING" disabled=no new-packet-mark="upload" passthrough=no src-address=192.168.1.0/24
/ip firewall mangle add action=mark-packet chain=forward connection-mark="BROWSING" disabled=no dst-address=192.168.1.0/24 new-packet-mark="download" passthrough=no
/ip firewall mangle add action=mark-packet chain=forward connection-mark="BROWSING" disabled=no new-packet-mark="upload" passthrough=no src-address=192.168.1.0/24
- Tahap akhir kita akan buat Queue untuk browsing (upload/download) :
/queue tree add max-limit=128000 name="UPLOAD-BROWSING" packet-mark="upload" parent=speedy priority=4 queue=UP
/queue tree add max-limit=750000 name="HTTP-DOWN" parent=global-out priority=2
/queue tree add max-limit=750000 name="BROWSING DOWN" packet-mark="download" parent="HTTP-DOWN" priority=4 queue=DOWN
/queue tree add max-limit=512000 name="LIMIT EXTENTION" parent="HTTP-DOWN" priority=5
/queue tree add name=YOUTUBE parent="LIMIT EXTENTION" priority=5
add name="YOUTUBE STREAMING" packet-mark="YOUTUBE STREAMING" parent=YOUTUBE priority=5 queue=DOWN
add name=MKV packet-mark=MKV parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=MP3 packet-mark=MP3 parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=MP4 packet-mark=MP4 parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=ZIP packet-mark=ZIP parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=EXE packet-mark=EXE parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=ISO packet-mark=ISO parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=AVI packet-mark=AVI parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=MOV packet-mark=MOV parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=MPEG packet-mark=MPEG parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=MPG packet-mark=MPG parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=RAR packet-mark=RAR parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=WAV packet-mark=WAV parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=WMV packet-mark=WMV parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=3GP packet-mark=3GP parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=7z packet-mark=7z parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name="YOUTUBE DOWNLOAD" packet-mark="YOUTUBE DOWNLOAD" parent=YOUTUBE priority=5 queue=DOWN
add name=PORN parent="LIMIT EXTENTION" priority=5
add name=PORN1 packet-mark=FILM1 parent=PORN priority=5 queue=DOWN
add name=PORN2 packet-mark=FILM2 parent=PORN priority=5 queue=DOWN
add name=PORN3 packet-mark=FILM3 parent=PORN priority=5 queue=DOWN
add name="MIVO TV" packet-mark="MIVO TV" parent="1.4 LIMIT EXTENTION" priority=5 queue=DOWN
add name=PORN4 packet-mark=PORN4 parent=PORN priority=5 queue=DOWN
/queue tree add max-limit=750000 name="HTTP-DOWN" parent=global-out priority=2
/queue tree add max-limit=750000 name="BROWSING DOWN" packet-mark="download" parent="HTTP-DOWN" priority=4 queue=DOWN
/queue tree add max-limit=512000 name="LIMIT EXTENTION" parent="HTTP-DOWN" priority=5
/queue tree add name=YOUTUBE parent="LIMIT EXTENTION" priority=5
add name="YOUTUBE STREAMING" packet-mark="YOUTUBE STREAMING" parent=YOUTUBE priority=5 queue=DOWN
add name=MKV packet-mark=MKV parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=MP3 packet-mark=MP3 parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=MP4 packet-mark=MP4 parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=ZIP packet-mark=ZIP parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=EXE packet-mark=EXE parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=ISO packet-mark=ISO parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=AVI packet-mark=AVI parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=MOV packet-mark=MOV parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=MPEG packet-mark=MPEG parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=MPG packet-mark=MPG parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=RAR packet-mark=RAR parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=WAV packet-mark=WAV parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=WMV packet-mark=WMV parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=3GP packet-mark=3GP parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name=7z packet-mark=7z parent="LIMIT EXTENTION" priority=5 queue=DOWN
add name="YOUTUBE DOWNLOAD" packet-mark="YOUTUBE DOWNLOAD" parent=YOUTUBE priority=5 queue=DOWN
add name=PORN parent="LIMIT EXTENTION" priority=5
add name=PORN1 packet-mark=FILM1 parent=PORN priority=5 queue=DOWN
add name=PORN2 packet-mark=FILM2 parent=PORN priority=5 queue=DOWN
add name=PORN3 packet-mark=FILM3 parent=PORN priority=5 queue=DOWN
add name="MIVO TV" packet-mark="MIVO TV" parent="1.4 LIMIT EXTENTION" priority=5 queue=DOWN
add name=PORN4 packet-mark=PORN4 parent=PORN priority=5 queue=DOWN
Sebagai tambahan berikut beberapa port untuk game online :
- Ayo Dance : tcp 1801-1809
- SealOnline : tcp 1818
- PointBlank : tcp 39190,39100,39120.39110,39220,49100 udp 40000-40010
- Lineage2 : tcp 7777
- GhostOnline : tcp 19101
- RF-Elven : tcp 27780
- Perfect world : tcp 29000
- Rohan : tcp 22100
- Zeus RO : tcp 5121
- Dotta : tcp 6000-6152
- IdolStreet : tcp 2001
- CrazyKart : tcp 9601-9602
- WOW AMPM : tcp 8085
- DriftCity : tcp 11011-11041
- GetAmped : tcp 13413
- Yullgang : tcp 19000
- RAN Online : tcp 5105
- CrossFire : tcp 10009
- WarRock : tcp 5340-5352
- FastBlack : tcp 6000-6001
- Rose Online : tcp 29200
Beberapa port aplikasi :
- Browsing/http : tcp 80
- FTP : tcp 21
- Zynga Poker : tcp 9339
Sebagai catatan
tambahan untuk port zynga poker perlu diarahkan ke jalur tertentu/ tidak
di balance, untuk menghindari putus koneksi.
Sekian dahulu untuk settingannya, semoga artikel kali ini bermanfaat.
Tidak ada komentar:
Posting Komentar