RSS

Filter Mac-Address di Mikrotik

Allow mac-address
- ip firewall filter add action=accept chain=input in-interface=local src-mac-address=00:21:00:A3:45:50
- ip firewall filter add action=accept chain=forward in-interface=local src-mac-address=00:21:00:A3:45:50

Drop mac-address yg tidak diizinkan
- ip firewall filter add action=drop chain=input in-interface=local
- ip fire filter add action=drop chain=forward in-interface=local


  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

MANUAL INSTALASI MIKROTIK SEBAGAI GATEWAY MENGGUNAKAN 2 LANCARD

Booting dari CD Mikrotik, pilih semua paket yg ada, kemudian ketik “i” untuk mulai menginstall.

Set NAT
1.interface pr
2.interface set 0 name=public
3.interface set 1 name=local
4.interface pr

Setup ip add
5.ip address add address=192.168.10.3 netmask=255.255.255.0 interface=public
6.ip address add address=192.168.1.1 netmask=255.255.255.0 interface=local
7.ip address pr

Routing
1.ip route pr
2.ip route add gateway=192.168.10.1
3.ip dns set primary-dns=202.134.0.155 secondary-dns=202.134.1.10 allow-remote-request=yes
4.ip dns pr
5.ip firewall nat add chain=srcnat action=masquarade out-interface=public src-address=192.168.1.0/24
6.ip firewall nat pr

Set Proxy
7.ip web-proxy set enabled=yes max-cache-size=unlimited port=8080 tranparent-proxy=yes parent-proxy=192.168.10.1:0000
8.ip web-proxy pr
9.ip web-proxy monitor

Transparent Proxy
10.ip firewall nat add in-interface=local dst-port=80 protocol=tcp action=redirect to-ports=8080 chain=dstnat src-address=192.168.1.0/24
11.ip firewall nat pr

Set grafik jrgn
12.tool graphing interface add interface=public store-on-disc=yes
13.tool graphing interface add interface=local store-on-disc=yes

Kapasitas Komp
14.tool graphing resource add store-on-disk=yes

Setting DHCP server
15.ip pool add name=dhcp-pool ranges=192.168.1.100-192.168.0.200
16.ip dhcp-server network add address=192.168.1.0/24 gateway=192.168.1.1
17.ip dhcp-server add interface=local address-pool=dhcp-pool
18.ip dhcp-server
19.enable 0

Memblok situs yg tidak diinginkan
20.ip web-proxy access
add url=":sex" action=deny comment="" disabled=no
21.ip web-proxy access
add url=":bugil" action=deny comment="" disabled=no
22.ip web-proxy access
add url=":porn" action=deny comment="" disabled=no
23.ip web-proxy access
add url="lalatx.com" action=deny comment="" disabled=no

Terakhir
system reboot yes

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS