/ ip address
add address=10.0.128.14 network=10.0.128.0 broadcast=10.0.128.255 \
interface=IndosatM2 comment="" disabled=no
add address=192.178.10.62/26 network=192.178.10.0 broadcast=192.178.10.63 \
interface=HotSpot comment="" disabled=no
add address=192.168.1.2/29 network=192.168.1.0 broadcast=192.168.1.7 \
interface=Speedy comment="" disabled=no
/ ip firewall mangle
add chain=prerouting in-interface=HotSpot connection-state=new nth=1,0,0 action=mark-connection new-connection-mark=satu passthrough=yes comment="" disabled=no
add chain=prerouting in-interface=HotSpot connection-mark=satu action=mark-routing new-routing-mark=satu passthrough=no comment="" disabled=no
add chain=prerouting in-interface=HotSpot connection-state=new nth=1,0,1 action=mark-connection new-connection-mark=dua passthrough=yes comment="" disabled=no
add chain=prerouting in-interface=HotSpot connection-mark=dua action=mark-routing new-routing-mark=dua passthrough=no comment="" disabled=no
/ ip firewall nat
add chain=srcnat connection-mark=satu action=src-nat to-addresses=10.0.128.14 to-ports=0-65535 comment="" disabled=no
add chain=srcnat connection-mark=dua action=src-nat to-addresses=192.168.1.2 to-ports=0-65535 comment="" disabled=no
/ ip route
add dst-address=0.0.0.0/0 gateway=10.0.128.XX scope=255 target-scope=10 routing-mark=satu comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10 routing-mark=dua comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10 comment="ini default route ke speedy 1"
ip firewall connection tracking> pr
set enabled: yes
tcp-syn-sent-timeout: 1s
tcp-syn-received-timeout: 1s
tcp-established-timeout: 1d
tcp-fin-wait-timeout: 5s
tcp-close-wait-timeout: 5s
tcp-last-ack-timeout: 1s
tcp-time-wait-timeout: 1s
tcp-close-timeout: 1s
udp-timeout: 1s
udp-stream-timeout: 1m
icmp-timeout: 5s
generic-timeout: 5m
tcp-syncookie: no
0 comments:
Post a Comment