Limit Ekstensi dengan Layer 7 Mikrotik

on Wednesday, September 25, 2013

Merasa jengkel dengan user yg mendownload file secara besar dan menggunakan Download Manager pasti susah di atasi.

berikut cara limit ekstensi yang paling sering di download.
saya menggunakan mikroitk versi 4 running d RB 750G.

Pertama tandai ekstensi


1/ip firewall layer7-protocol
2add comment="" name=High regexp="^.*get.+\\.(exe|rar|iso|zip|7zip|0[0-9][1-9]|flv|mkv|avi|mp4|3gp|rmvb|mp3|img|dat|mov).*\$"
3add comment="" name=Mid regexp="^.*get.+\\.(zip|rar|7z).*\$"
4add comment="" name=End regexp="^.*get.+\\.(pdf|doc|docx|xlsx|xls|rtf|ppt|ppt).*\$"
5add comment="" name=Video regexp="http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5][0-9][0-9][\\x09-\\x0d -~]*(content-type: video)"

Menggunakan Regular Expersion silahkan googling untuk penjelasanya.
High = File yg biasa berukuran besar dan paling sering didownload
Mid = File bertype zip rar 7z berukuran hanya sampai 10 MB jika lebih akan dilimit
End = File yg tidak ingin di limit
Video = Stream Video

Kedua tandai mangle

1/ip firewall mangle
2add action=mark-packet chain=forward comment="High Eks" disabled=no dst-address-list=!Bypass layer7-protocol=High new-packet-mark=High-Ext passthrough=no protocol=tcp
3add action=mark-packet chain=forward comment="Mid Eks" connection-bytes=10485760-4294967295 disabled=no layer7-protocol=Mid new-packet-mark=Mid-Ext passthrough=no protocol=tcp
4add action=mark-packet chain=forward comment="Low Eks" disabled=no layer7-protocol=End new-packet-mark=End-Ext passthrough=no protocol=tcp
5add action=mark-packet chain=forward comment=Video disabled=no layer7-protocol=Video new-packet-mark=Video passthrough=no protocol=tcp src-address-list=!Bypass

Ketiga Buat PCQ dan Simple untuk limit/jepit ekstensi

1/queue type add kind=pcq name=PCQ_Limit_Video pcq-classifier=dst-address pcq-limit=50 pcq-rate=64000 pcq-total-limit=2000
2
3/queue simple
4add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment="" direction=both disabled=no dst-address=0.0.0.0/0 interface=all limit-at=0/0 max-limit=64k/64k name=High packet-marks=High-Ext parent=none priority=8 queue=default-small/default-small total-queue=default-small
5add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment="" direction=both disabled=no dst-address=0.0.0.0/0 interface=all limit-at=0/0 max-limit=128k/128k name=Mid packet-marks=Mid-Ext parent=none priority=5 queue=default-small/default-small total-queue=default-small
6add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment="" direction=both disabled=no dst-address=0.0.0.0/0 interface=all limit-at=0/0 max-limit=1M/1M name=End packet-marks=End-Ext parent=none priority=2 queue=default-small/default-small total-queue=default-small
7add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment="" direction=both disabled=no dst-address=0.0.0.0/0 interface=all limit-at=0/0 max-limit=64k/64k name=Video packet-marks=Video parent=none priority=8 queue=default-small/PCQ_Limit_Video total-queue=default-small
Untuk jatah limit / jepit sesuaikan dengan keinginan anda.

untuk script download disini

 http://merahputihsegoroasat.blogspot.com/2013/08/limit-ekstensi-dengan-layer-7-mikrotik.html

0 comments: