Blok IDM

ONE 8 ;;; Download File
add chain=forward action=mark-connection new-connection-mark=koneksi idm pa ssthrough=yes in-interface=local content=.mp3 9 add chain=forward action=mark-connection new-connection-mark=koneksi idm pa ssthrough=yes in-interface=local content=.zip 10 add chain=forward action=mark-connection new-connection-mark=koneksi idm pa ssthrough=yes in-interface=local content=.rar 11 add chain=forward action=mark-connection new-connection-mark=koneksi idm pa ssthrough=yes in-interface=local content=.rar 12 add chain=forward action=mark-connection new-connection-mark=koneksi idm pa ssthrough=yes in-interface=local content=.flv 13 add chain=forward action=mark-connection new-connection-mark=koneksi idm pa ssthrough=yes in-interface=local content=.mp4 14 add chain=forward action=mark-connection new-connection-mark=koneksi idm pa ssthrough=yes in-interface=local content=.exe 15 add chain=forward action=mark-connection new-connection-mark=koneksi idm pa ssthrough=yes in-interface=local content=.iso 16 add chain=forward action=mark-connection new-connection-mark=koneksi idm pa ssthrough=yes in-interface=local content=.nrg 17 add chain=forward action=mark-connection new-connection-mark=koneksi idm pa ssthrough=yes in-interface=local content=.avi 18 add chain=forward action=mark-connection new-connection-mark=koneksi idm pa ssthrough=yes in-interface=local content=.3gp 19 add chain=forward action=mark-connection new-connection-mark=koneksi idm pa ssthrough=yes in-interface=local content=.mov 20 add chain=forward action=mark-connection new-connection-mark=koneksi idm pa ssthrough=yes in-interface=local content=.mpeg 21 add chain=forward action=mark-connection new-connection-mark=koneksi idm pa ssthrough=yes in-interface=local content=.mpg 22 add chain=forward action=mark-connection new-connection-mark=koneksi idm pa ssthrough=yes in-interface=local content=.wav 23 add chain=forward action=mark-connection new-connection-mark=koneksi idm pa ssthrough=yes in-interface=local content=.aac 85 ;;; Block IDM chain=forward action=drop protocol=tcp src-address-list=Sesuaikan IP Anda c onnection-mark=koneksi idm connection-limit=2,32
192.168.10.64/27 = ip wifi client 192.168.10.34 = ip proxy Extda 10.8.4.54 = ip router Regex content Layer7 /ip add add add add add add add add add add add add add add add add add add add add add add add add add add add add add add add add add add firewall layer7-protocol comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension comment="" name="Extension \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" \" .exe \"" regexp="\\.(exe)" .rar \"" regexp="\\.(rar)" .zip \"" regexp="\\.(zip)" .7z \"" regexp="\\.(7z)" .cab \"" regexp="\\.(cab)" .asf \"" regexp="\\.(asf)" .mov \"" regexp="\\.(mov)" .wmv \"" regexp="\\.(wmv)" .mpg \"" regexp="\\.(mpg)" .mpeg \"" regexp="\\.(mpeg)" .mkv \"" regexp="\\.(mkv)" .avi \"" regexp="\\.(avi)" .flv \"" regexp="\\.(flv)" .pdf \"" regexp="\\.(pdf)" .wav \"" regexp="\\.(wav)" .rm \"" regexp="\\.(rm)" .mp3 \"" regexp="\\.(mp3)" .mp4 \"" regexp="\\.(mp4)" .ram \"" regexp="\\.(ram)" .rmvb \"" regexp="\\.(rmvb)" .dat \"" regexp="\\.(dat)" .daa \"" regexp="\\.(daa)" .iso \"" regexp="\\.(iso)" .nrg \"" regexp="\\.(nrg)" .bin \"" regexp="\\.(bin)" .vcd \"" regexp="\\.(vcd)" .mp2 \"" regexp="\\.(mp2)" .3gp \"" regexp="\\.(3gp)" .mpe \"" regexp="\\.(mpe)" .qt \"" regexp="\\.(qt)" .raw \"" regexp="\\.(raw)" .wma \"" regexp="\\.(wma)" .ogg \"" regexp="\\.(ogg)" .doc \"" regexp="\\.(doc)"
bisa coba kayak gini .... Code: /ip firewall layer7-protocol add comment="" name=Extension regexp="^.*get.+\\.(exe|rar|zip|7z|7zip|cab|3gp|as f|mov|wmv|mpe|mpg|mpeg|mkv|avi|flv|swf|pdf|wav|mp2|mp3|mp4|rm|ram|rmvb|vcd|wav|d at|daa|qt|raw|iso|nrg|bin|\vcd|doc|gho|00|01|02).*\$" jadi yg di filter cuman file yang di get aja .... untuk upload bisa pake set
buat dulu ip di address_list buat pisahin agar tidak ketangkap oleh rule difilte r dan mangle Code: /ip add add add add add firewall address-list address=10.8.4.53 comment="" disabled=no list=bypass address=192.168.10.34 comment="" disabled=no list=bypass address=192.168.10.34 comment="" disabled=no list=skip_content_download address=192.168.10.64/27 comment="" disabled=no list=skip_content_download address=192.168.10.96/27 comment="" disabled=no list=skip_content_download
filter buat nangkap ip content L7 /ip firewall filter add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="Filter Layer7" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .mp3 \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .avi \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .flv \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .iso \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .pdf \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .mpeg \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .exe \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .rar \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .zip \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .mp4 \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .mp2 \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .3gp \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .mov \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .mpe \"" protocol=tcp
add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .mpg \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .qt \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .ram \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .rm \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .raw \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .wav \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .wmv \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .wma \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .ogg \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .doc \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .7z \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .asf \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .bin \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .cab \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .daa \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .dat \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .mkv \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .nrg \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .rmvb \"" protocol=tcp add action=add-dst-to-address-list address-list=content_download address-list-ti meout=5s chain=forward comment="" disabled=no dst-address-list=\ !skip_content_download layer7-protocol="Extension \" .vcd \"" protocol=tcp
Kita buat manglenya buat nandain koneksi download pake connbyte digabungin dgn i p_content L7 yg kita tangkap tadi + nandain koneksi browsing /ip firewall mangle add action=mark-connection chain=prerouting comment=Content_download disabled=no dst-address-list=content_download new-connection-mark=\ Bw_Download passthrough=yes protocol=tcp add action=mark-connection chain=prerouting comment="" connection-bytes=262146-4 294967295 disabled=no dst-address-list=!bypass new-connection-mark=\ Bw_Download passthrough=yes protocol=!icmp add action=mark-packet chain=prerouting comment="" connection-mark=Bw_Download d isabled=no dst-address-list=!bypass new-packet-mark=Paket_Download \ passthrough=no add action=mark-connection chain=prerouting comment=Content_browsing disabled=no dst-address-list=!bypass new-connection-mark=Bw_Browsing passthrough=yes \ protocol=!icmp add action=mark-packet chain=prerouting comment="" connection-mark=Bw_Browsing d isabled=no dst-address-list=!bypass new-packet-mark=Paket_Browsing \ passthrough=no setelah itu kita buat queue buat batasin downloadnya terserah mau pake simple or tree, disini sy memakai quetree dan sy mengalokasikan BW untuk Download 256kbps aja, silahkan sesuaikan dngn kondisi BW anda que_typenya Code: /queue type add kind=pcq name=pcq-down pcq-classifier=dst-address pcq-limit=50 pcq-rate=6400 0 pcq-total-limit=2000 add kind=pcq name=Pcq_Browsing_Down pcq-classifier=dst-address pcq-limit=50 pcqrate=0 pcq-total-limit=2000 Que_Treenya Code: /queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-lim it=0 name=DOWNL parent=local priority=8 add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-lim it=0 name=DOWNW parent=wifi priority=8 add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-lim it=0 name=Browsing_DownL packet-mark=Paket_Browsing parent=DOWNL priority=5 \ queue=Pcq_Browsing_Down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-lim it=0 name=Browsing_DownW packet-mark=Paket_Browsing parent=DOWNW priority=5 \ queue=Pcq_Browsing_Down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no max-limit=256k nam e=Regular_DownL packet-mark=Paket_Download parent=DOWNL \ priority=8 queue=pcq-down add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no max-limit=256k nam e=Regular_DownW packet-mark=Paket_Download parent=DOWNW \
priority=8 queue=pcq-down
Nah... masalah limit download udah selesai sampai disini, skarang tinggal rule u ntuk Drop koneksi IDM (tetap nangkapnya memakai content L7) Langsung Filter aja pake conn_limit trus di Drop (perhatikan in-interfacenya ses uaikan dgn nama interface yg menuju Local client anda /ip firewall filter add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .exe \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .3gp \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .7z \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .asf \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .avi \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .bin \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .cab \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .daa \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .dat \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .doc \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .flv \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .iso \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .mkv \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .mov \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .mp2 \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .mp3 \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .mp4 \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .mpe \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .mpeg \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .mpg \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .nrg \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .ogg \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .pdf \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .qt \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no in-in in-in in-in in-in in-in in-in in-in in-in in-in in-in in-in in-in in-in in-in in-in in-in in-in in-in in-in in-in in-in in-in in-in in-in in-in
terface=wifi layer7-protocol="Extension \" .ram \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .rar \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .raw \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .rm \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .rmvb \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .vcd \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .wav \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .wma \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .wmv \"" protocol=tcp add action=drop chain=forward comment="" connection-limit=1,32 disabled=no terface=wifi layer7-protocol="Extension \" .zip \"" protocol=tcp THREE
in-in in-in in-in in-in in-in in-in in-in in-in in-in
/ip firewall layer7-protocol add comment="" name="Kabinet" regexp="\\.(exe)|\\.(rar)|\\.(zip)|\\.(cab)|\\.(7z ip)|\\.( bin)|\\.(iso)|\\.(vcd)|\\.(nrg)" add comment="" name="Dokumen" regexp="\\.(doc)|\\.(pdf)|\\.(xls)|\\.(docx)|\\.(x lsx)|\\. (daa)" add comment="" name="Pilem" regexp="\\.(asf)|\\.(mov)|\\.(wmv)|\\.(mpg)|\\.(mpeg )|\\.( avi)|\\.(mkv)|\\.(rm)|\\.(dat)" add comment="" name="Lagu" regexp="\\.(wav)|\\.(mp3)|\\.(mp4)|\\.(ram)|\\.(rmbv) |\\.( flv)" /ip firewall mangle add action=mark-connection chain=prerouting comment="DOWNLOAD LIMIT" disabled=no layer7-protocol=Kabinet new-connection-mark=download_conn passthrough=yes proto col=tcp add action=mark-connection chain=prerouting comment="" disabled=no layer7-protoc ol=Lagu new-connection-mark=download_conn passthrough=yes protocol=tcp add action=mark-connection chain=prerouting comment="" disabled=no layer7-protoc ol=Pilem new-connection-mark=download_conn passthrough=yes protocol=tcp add action=mark-connection chain=prerouting comment="" disabled=no layer7-protoc ol=Dokumen new-connection-mark=download_conn passthrough=yes protocol=tcp add action=mark-packet chain=postrouting comment="" connection-mark=download_con n disabled=no new-packet-mark=download_packet passthrough=no protocol=tcp /queue type add name="pcq_dl" kind=pcq pcq-rate=0 pcq-limit=200 pcq-classifier=dst-address p cq-total-limit=8000 /que tre add name="DOWNLOAD LIMIT" parent=global-out packet-mark=download_packet limit-at =32k priority=8 queue=pcq_dl\ max-limit=64k burst-limit=0 burst-threshold=0 burst-time=0s add action=drop chain=forward comment= DROP IDM connection-limit=1,32 disabled=no i n-interface=wifi layer7-protocol= Extension \ .exe \ protocol=tcp
HINT: Sebelum memfilter sebaiknya di masukan dulu rule yang meng-accept content - content dan protokol - protokolnya, kemudian baru di bikin rule untuk idm... ane malah berhasil pake campuran filter content,conn bytes ama conn limit.. /usr/sbin freebsd-update install Detect dan shapping download dengan connetion byte Sehubungan dengan banyaknya pertanyaan mengenai cara membatasi download akti fity, berikut ada trik lain selain "delaypool rasa mikrotik". Adapun trik ini adalah dengan memanfaatkan fasilitas "connection bytes" pada mangle. Mengenai fungsi connection bytes kalo tidak salah adalah : mendeteksi jumlah bytes yang telah tertransfer dalam satu koneksi antar dua pihak. Sebagai contoh : ip 192.168.10.12 melakukan koneksi ke 202.1.2.xx. Nah selama koneksi ini ter jadi, connection bytes akan mencatat trafic bandwitdh yang terjadi dalam koneksi ini. dari 0 byte sampai tak terhingga. dan penghitungan akan dihentikan setelah koneksi terputus. Dan untuk connection bytes ini akan mumpuni jika dilakukan pada queue tree. untuk queue simple saya belum pernah mencoba. Baik sekarang dimulai: Sebagai ilustrasi, saya akan membatasi client dengan ip 192.168.10.12. Jika melakukan koneksi pada satu web dengan jumlah bytes masih antara 0-128 KB, maka koneksi ini diberi prioritas 1, dan diberi jatah bandwith 128kbps. namu n setelah bytes lebih dari 128KB pada koneksi itu, maka priority akan diturunkan menjadi prio 8 dan bandwith akan dicekek ke 32kbps. Mangle : Pertama lakukan mark connection pada setiap aktifitas LAN ke luar chain=postrouting out-interface=ether1 dst-address=192.168.10.0/24 protocol= tcp src-port=80 action=mark-connection new-connection-mark=http_conn passthrough =yes Selanjutnya menangkap bytes yang tertransfer dari suatu web ke ip 192.168.10 .12. dimana pada mangle pertama mendeteksi hanya pada transfer antara 0-128KB. j ika lebih dari itu maka akan ditangani oleh mangle kedua. chain=postrouting out-interface=ether1 dst-address=192.168.10.12 connectionmark=http_conn connection-bytes=0-131072 action=mark-packet new-packet-mark=clie nt12_browsing passthrough=no chain=postrouting out-interface=ether1 dst-address=192.168.10.12 connectionmark=http_conn connection-bytes=131073-4294967295 action=mark-packet new-packetmark=client12_download passthrough=no Selesai dimangle sekarang kita lakukan shaping pada kedua mangle tersebut de ngan queue tree. Pada queue tree ini kita memanfaatkan queue type pcq, dan untuk byte antara 0-128KB kita beri rate 128kbps, sementara jika lebih dari 128KB mak a akan diberi rate 32kbps. queue type : name="browsing" kind=pcq pcq-rate=128000 pcq-limit=50 pcq-classifier=dst-add ress pcq-total-limit=2000 name="download" kind=pcq pcq-rate=32000 pcq-limit=50 pcq-classifier=dst-addr ess pcq-total-limit=2000 Selanjutnya masuk ke queue tree: queue tree : Pertama bikin parent queue name="choi" parent=ether1 packet-mark="" limit-at=1024000 queue=default prio rity=3 max-limit=1024000 burst-limit=0 burst-threshold=0 burst-time=0s Selanjutnya bikin child queue khusus untuk ip 192.168.10.12 tersebut dimangl e diatas
name="client12_browsing" parent=choi packet-mark="client12_browsing" limit-a t=0 queue=browsing priority=1 max-limit=0 burst-limit=0 burst-threshold=0 name="client12_download" parent=choi packet-mark="client12_download" limit-a t=0 queue=download priority=8 max-limit=0 burst-limit=0 burst-threshold=0

Blok IDM

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Blok IDM

Încărcat de

Drepturi de autor:

Formate disponibile

ONE 8 ;;; Download File

in-in in-in in-in in-in in-in in-in in-in in-in in-in

S-ar putea să vă placă și