Tutorial Cegah Netcut pada jaringan Mikrotik (LAN) + Hotspot (Wifi)
Hide
1. UNTUK HOTSPOT - IKUTI ALUR GAMBAR DARI BAWAH KE ATAS
Gampang kok masa gk ngerti, ayo dong jangan mau disuapin aja.
ORWIN
Your RouterBoard's Wireless card is 10.140.1.30/26 (Public Network)
way) The Access Point you connect to is 10.140.1.1/26 (Public Network gat e
+----------+ +--------+ +---------------+
root:~# apt-get install bridge-utils iptables
root:~# brctl addif br0 eth1
root:~# ifconfig eth0 0
root:~# ifconfig eth1 0
/etc/network/interfaces
dan tambahkan konfigurasi seperlunya. Contoh file saya ada di bawah ini.address 10.11.12.3
netmask 255.255.255.0
network 10.11.12.0
broadcast 10.11.12.255
gateway 10.11.12.1
bridge_ports eth0 eth1
root:~# echo 1 > /proc/sys/net/ipv4/ip_forward
/etc/network/options
.syncookies=no
root:~# iptables -t Filter -A FORWARD -s 0.0.0.0 -d 10.11.12.0/24 -p udp --dport 161 -j DROP
/etc/init.d/aturanfirewall.sh
anda dapat menambahkan baris berikut di bawah entri br0.up command /etc/init.d/aturanfirewall.sh
address 10.11.12.3
netmask 255.255.255.0
network 10.11.12.0
broadcast 10.11.12.255
gateway 10.11.12.1
bridge_ports eth0 eth1
up command /etc/init.d/aturanfirewall.sh
iptables -nvL FORWARD
” anda dapat memantau aktifitas filtering seperti ini +-------------+---------------------+---------------------+
| | Traffic In | Traffic Out |
| Filter +----------+----------+----------+----------+
| | Byte | Packet | Byte | Packet |
+-------------+----------+----------+----------+----------+
| Ping Blaster| 0 | 0 | 23184 | 252 |
| udp 69 | 0 | 0 | 0 | 0 |
| udp 135 | 0 | 0 | 0 | 0 |
| udp 137 | 38298 | 491 | 9828 | 126 |
| udp 138 | 534 | 2 | 1343 | 5 |
| udp 445 | 0 | 0 | 0 | 0 |
| udp 161 | 3672 | 54 | 0 | 0 |
| tcp 23 | 912 | 19 | 0 | 0 |
| tcp 135 | 47520 | 990 | 1584 | 33 |
| tcp 445 | 1027K | 21402 | 15180 | 316 |
| tcp 593 | 0 | 0 | 0 | 0 |
| tcp 4444 | 528 | 12 | 864 | 18 |
+-------------+----------+----------+----------+----------+
#squid.conf #Every option in this file is very well documented in the original squid.conf file #and on http://www.visolve.com/squidman/Configuration%20Guide.html # #The ports our Squid will listen on http_port 8080 icp_port 3130 #cgi-bins will not be cached acl QUERY urlpath_regex cgi-bin ? no_cache deny QUERY #Memory the Squid will use. Well, Squid will use far more than that. cache_mem 16 MB #250 means that Squid will use 250 megabytes of disk space cache_dir ufs /proxy 250 16 256 redirect_rewrites_host_header off cache_replacement_policy GDSF acl localnet src 192.168.1.0/255.255.255.0 acl localhost src 127.0.0.1/255.255.255.255 acl Safe_ports port 80 443 210 119 70 21 1025-65535 acl CONNECT method CONNECT acl all src 0.0.0.0/0.0.0.0 http_access allow localnet http_access allow localhost http_access deny !Safe_ports http_access deny CONNECT http_access deny all maximum_object_size 3000 KB store_avg_object_size 50 KB #all our LAN users will be seen by external servers #as if they all use Mozilla on Linux anonymize_headers deny User-Agent fake_user_agent Mozilla/5.0 (X11; U; Linux 2.4.4 i686) #To make our connection even faster, we put a line similar #to the one below. Don't forget to change the server to your closest! #Measure pings, traceroutes and so on. #Make sure that http and icp ports are correct #cache_peer w3cache.icm.edu.pl parent 8080 3130 no-digest default #This is useful when we want to use the Cache Manager #copy cachemgr.cgi to cgi-bin of your www server cache_mgr your@email cachemgr_passwd secret_password all #This is a name of a user our Squid will work as cache_effective_user squid cache_effective_group squid log_icp_queries off buffered_logs on #####DELAY POOLS #This is the most important part for shaping incoming traffic with Squid #For detailed description see squid.conf file or docs at #http://www.squid-cache.org #We don't want to limit downloads on our local network acl magic_words1 url_regex -i 192.168 #We want to limit downloads of these type of files #Put this all in one line acl magic_words2 url_regex -i ftp .exe .mp3 .vqf .tar.gz .gz .rpm .zip .rar .avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav #We don't block .html, .gif, .jpg and similar files, because they #generally don't consume much bandwidth #We have two different delay_pools delay_pools 2 #First delay pool #W don't want to delay our local traffic #There are three pool classes; here we will deal only with the second delay_class 1 2 #-1/-1 mean that there are no limits delay_parameters 1 -1/-1 -1/-1 #magic_words1: 192.168 delay_access 1 allow magic_words1 #Second delay pool #we want to delay downloading files mentioned in magic_words2 delay_class 2 2 #The numbers here are values in bytes; #we must remember that Squid doesn't consider start/stop bits #6000/150000 are values for the whole network #5000/150000 are values for the single IP #after downloaded files exceed about 150000 bytes, #they will continue to download at about 5000 bytes/s delay_parameters 2 6000/150000 5000/150000 delay_access 2 allow magic_words2 #EOF |
If you like articles on this blog, please subscribe for free via email.
Asal SEO