Bagan Network
Konfigurasi Mikrotik
[admin@MikroTik] > interface print | |||||
# | NAME | TYPE | MTU | L2MTU | |
0 | ether1 | ether | 1500 | 1526 | |
1 | R | eth2-LAN | ether | 1500 | 1522 |
2 | R | eth3-SPEEDY1 | ether | 1500 | 1522 |
3 | R | eth4-PROXY | ether | 1500 | 1522 |
4 | ether5 | ether | 1500 | 1522 |
[admin@MikroTik] > ip address print | ||||
# | ADDRESS | NETWORK | BROADCAST | INTERFACE |
0 | 192.168.10.30/24 | 192.168.10.0 | 192.168.10.255 | eth2-LAN |
1 | 192.168.1.30/24 | 192.168.1.0 | 192.168.1.255 | eth3-SPEEDY1 |
2 | 192.168.3.30/24 | 192.168.3.0 | 192.168.3.255 | eth4-PROXY |
3 | 192.168.1.28/32 | 192.168.1.28 | 192.168.1.28 | eth3-SPEEDY1 |
4 | 192.168.1.31/32 | 192.168.1.31 | 192.168.1.31 | eth3-SPEEDY1 |
5 | 192.168.1.32/32 | 192.168.1.32 | 192.168.1.32 | eth3-SPEEDY1 |
6 | 192.168.1.33/32 | 192.168.1.33 | 192.168.1.33 | eth3-SPEEDY1 |
[admin@MikroTik] > ip route print | |||||
# | DST-ADDRESS | PREF-SRC | GATEWAY | DISTANCE | |
0 | A S | 0.0.0.0/0 | 192.168.1.1 | 1 | |
1 | ADC | 192.168.1.0/24 | 192.168.1.30 | eth3-SPEEDY1 | 0 |
2 | ADC | 192.168.1.28/32 | 192.168.1.28 | eth3-SPEEDY1 | 0 |
3 | ADC | 192.168.1.31/32 | 192.168.1.31 | eth3-SPEEDY1 | 0 |
4 | ADC | 192.168.1.32/32 | 192.168.1.32 | eth3-SPEEDY1 | 0 |
5 | ADC | 192.168.1.33/32 | 192.168.1.33 | eth3-SPEEDY1 | 0 |
6 | ADC | 192.168.3.0/24 | 192.168.3.30 | eth4-PROXY | 0 |
7 | ADC | 192.168.10.0/24 | 192.168.10.30 | eth2-LAN | 0 |
[admin@MikroTik] > ip firewall address-list print | |||
0 | compatas | 192.168.10.15 | |
1 | compatas | 192.168.10.16 | |
2 | compatas | 192.168.10.17 | |
3 | compatas | 192.168.10.18 | |
4 | compatas | 192.168.10.19 | |
5 | compatas | 192.168.10.21 | |
6 | compatas | 192.168.10.22 | |
7 | compatas | 192.168.10.23 | |
8 | compatas | 192.168.10.24 | |
9 | compatas | 192.168.10.25 | |
10 | compatas | 192.168.10.26 | |
11 | compatas | 192.168.10.29 | |
12 | compatas | 192.168.10.31 | |
13 | compatas | 192.168.10.32 | |
14 | compbawah | 192.168.10.1 | |
15 | compbawah | 192.168.10.2 | |
16 | compbawah | 192.168.10.3 | |
17 | compbawah | 192.168.10.4 | |
18 | compbawah | 192.168.10.5 | |
19 | compbawah | 192.168.10.6 | |
20 | compbawah | 192.168.10.7 | |
21 | compbawah | 192.168.10.8 | |
22 | compbawah | 192.168.10.9 | |
23 | compbawah | 192.168.10.10 | |
24 | compbawah | 192.168.10.11 | |
25 | op | 192.168.10.20 | |
26 | op | 192.168.10.28 | |
27 | ipsecure | 1xx.2xx.0.0/16 | |
28 | ipsecure | 1xx.9x.xx.0/24 | |
29 | ipsecure | 1xx.1xx.0.0/16 | |
30 | conipterbatas | 11x.11x.7x.0/24 | |
31 | conipterbatas | 7x.1xx.1x.0/24 | |
32 | conipterbatas | 5.3x.2xx.0/24 |
[admin@MikroTik] > ip dns print | |
servers: | 192.168.1.1,202.134.1.10,8.8.8.8 |
allow-remote-requests: | yes |
max-udp-packet-size: | 512 |
cache-size: | 2048KiB |
cache-max-ttl: | 1w |
cache-used: | 390KiB |
[admin@MikroTik] > ip firewall filter print | |
0 | chain=input action=accept protocol=tcp src-address-list=ipsecure in-interface=eth3-SPEEDY1 dst-port=22,8291,23 |
1 | chain=input action=drop protocol=tcp in-interface=eth3-SPEEDY1 dst-port=22,23,8291 |
2 | ;;; allow established connections |
chain=forward action=accept connection-state=established | |
3 | ;;; allow related connections |
chain=forward action=accept connection-state=related | |
4 | ;;; drop invalid connections |
chain=forward action=drop connection-state=invalid | |
5 | ;;; ________ |
chain=virus action=drop protocol=tcp dst-port=1024-1030 | |
6 | ;;; ________ |
chain=virus action=drop protocol=tcp dst-port=1214 | |
7 | ;;; hromgrafx |
chain=virus action=drop protocol=tcp dst-port=1373 | |
8 | ;;; cichlid |
chain=virus action=drop protocol=tcp dst-port=1377 | |
9 | ;;; Worm |
chain=virus action=drop protocol=tcp dst-port=1433-1434 | |
10 | ;;; Worm |
chain=virus action=drop protocol=tcp dst-port=4444 | |
11 | ;;; Worm |
chain=virus action=drop protocol=udp dst-port=4444 | |
12 | ;;; Drop Blaster Worm |
chain=virus action=drop protocol=tcp dst-port=135-139 | |
13 | ;;; Drop Messenger Worm |
chain=virus action=drop protocol=udp dst-port=135-139 | |
14 | ;;; Drop Blaster Worm |
chain=virus action=drop protocol=tcp dst-port=445 | |
15 | ;;; Drop Conficker Worm |
chain=virus action=drop protocol=udp dst-port=445 | |
16 | ;;; Drop Kido Worm |
chain=virus action=drop protocol=tcp dst-port=593 | |
17 | ;;; ________ |
chain=virus action=drop protocol=tcp dst-port=1024-1030 | |
18 | ;;; Drop MyDoom |
chain=virus action=drop protocol=tcp dst-port=1080 | |
19 | ;;; ________ |
chain=virus action=drop protocol=tcp dst-port=1214 | |
20 | ;;; ndm requester |
chain=virus action=drop protocol=tcp dst-port=1363 | |
21 | ;;; ndm server |
chain=virus action=drop protocol=tcp dst-port=1364 | |
22 | ;;; screen cast |
chain=virus action=drop protocol=tcp dst-port=1368 | |
23 | ;;; hromgrafx |
chain=virus action=drop protocol=tcp dst-port=1373 | |
24 | ;;; cichlid |
chain=virus action=drop protocol=tcp dst-port=1377 | |
25 | ;;; Worm |
chain=virus action=drop protocol=tcp dst-port=1433-1434 | |
26 | ;;; Bagle Virus |
chain=virus action=drop protocol=tcp dst-port=2745 | |
27 | ;;; Drop Dumaru.Y |
chain=virus action=drop protocol=tcp dst-port=2283 | |
28 | ;;; Drop Beagle |
chain=virus action=drop protocol=tcp dst-port=2535 | |
29 | ;;; Drop Beagle.C-K |
chain=virus action=drop protocol=tcp dst-port=2745 | |
30 X | ;;; Drop MyDoom |
chain=virus action=drop protocol=tcp dst-port=3127-3128 | |
31 | ;;; Drop Backdoor OptixPro |
chain=virus action=drop protocol=tcp dst-port=3410 | |
32 | ;;; Worm |
chain=virus action=drop protocol=tcp dst-port=4444 | |
33 | ;;; Worm |
chain=virus action=drop protocol=udp dst-port=4444 | |
34 | ;;; Drop Sasser |
chain=virus action=drop protocol=tcp dst-port=5554 | |
35 | ;;; Drop Beagle.B |
chain=virus action=drop protocol=tcp dst-port=8866 | |
36 | ;;; Drop Dabber.A-B |
chain=virus action=drop protocol=tcp dst-port=9898 | |
37 | ;;; Drop Dumaru.Y |
chain=virus action=drop protocol=tcp dst-port=10000 | |
38 | ;;; Drop MyDoom.B |
chain=virus action=drop protocol=tcp dst-port=10080 | |
39 | ;;; Drop NetBus |
chain=virus action=drop protocol=tcp dst-port=12345 | |
40 | chain=virus action=drop protocol=tcp dst-port=17300 |
41 | ;;; Drop SubSeven |
chain=virus action=drop protocol=tcp dst-port=27374 | |
42 | ;;; Drop PhatBot, Agobot, Gaobot |
chain=virus action=drop protocol=tcp dst-port=65506 | |
43 | ;;; Drop Kuang2 |
chain=virus action=drop protocol=tcp dst-port=17300 | |
44 | chain=forward action=jump jump-target=virus |
[admin@MikroTik] > ip firewall nat print | |
Flags | : X - disabled, I - invalid, D - dynamic |
0 | ;;; Computer Atas |
chain=srcnat action=masquerade src-address-list=compatas | |
1 | ;;; Computer Bawah |
chain=srcnat action=masquerade src-address-list=compbawah | |
2 | ;;; Computer OP |
chain=srcnat action=masquerade src-address-list=op | |
3 | ;;; Proxy |
chain=srcnat action=masquerade src-address=192.168.3.1 out-interface=eth3-SPEEDY1 | |
4 | chain=dstnat action=dst-nat to-addresses=192.168.3.1 to-ports=3127 protocol=tcp src-address-list=compbawah dst-port=80,8080,3128 |
5 | chain=dstnat action=dst-nat to-addresses=192.168.3.1 to-ports=3127 protocol=tcp src-address-list=compatas dst-port=80,8080,3128 |
6 | chain=dstnat action=dst-nat to-addresses=192.168.3.1 to-ports=3127 protocol=tcp src-address-list=op dst-port=80,8080,3128 |
7 | chain=dstnat action=dst-nat to-addresses=192.168.10.28 to-ports=5900 protocol=tcp dst-address=192.168.1.28 src-address-list=ipsecure dst-port=5903 |
8 | chain=dstnat action=dst-nat to-addresses=192.168.10.32 to-ports=80 protocol=tcp dst-address=192.168.1.32 src-address-list=ipsecure dst-port=82 |
9 | chain=dstnat action=dst-nat to-addresses=192.168.10.31 to-ports=80 protocol=tcp dst-address=192.168.1.31 src-address-list=ipsecure dst-port=81 |
10 | chain=dstnat action=dst-nat to-addresses=192.168.3.1 to-ports=22 protocol=tcp dst-address=192.168.1.33 dst-port=23 |
11 | chain=dstnat action=dst-nat to-addresses=192.168.3.1 to-ports=22 protocol=tcp dst-address=192.168.1.33 src-address-list=ipsecure dst-port=222 |
[admin@MikroTik] > ip firewall mangle print | |
0 | chain=prerouting action=mark-connection new-connection-mark=con-terbatas passthrough=yes protocol=tcp dst-address-list=conipterbatas dst-port=80,8080,3128 |
1 | chain=prerouting action=mark-packet new-packet-mark=mark-con-terbatas passthrough=yes connection-mark=con-terbatas |
2 | chain=prerouting action=mark-connection new-connection-mark=dns-con passthrough=yes protocol=tcp src-address=192.168.10.0/24 dst-port=53,5353 |
3 | chain=prerouting action=mark-connection new-connection-mark=dns-con passthrough=yes protocol=udp src-address=192.168.10.0/24 dst-port=53,5353 |
4 | chain=prerouting action=mark-connection new-connection-mark=icmp-con passthrough=yes protocol=icmp src-address=192.168.10.0/24 |
5 | chain=prerouting action=mark-packet new-packet-mark=dns-mark passthrough=yes connection-mark=dns-con |
6 | chain=prerouting action=mark-packet new-packet-mark=dns-mark passthrough=yes connection-mark=icmp-con |
7 | chain=prerouting action=change-dscp new-dscp=0 packet-mark=dns-mark |
8 | ;;; GAME ONLINE |
chain=prerouting action=mark-connection new-connection-mark=GAME ONLINE passthrough=yes protocol=tcp src-address=192.168.10.0/24 | |
dst-port=1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6152,6675,7777 | |
9 | chain=prerouting action=mark-connection new-connection-mark=GAME ONLINE passthrough=yes protocol=tcp src-address=192.168.10.0/24 |
dst-port=7341-7350,7451,8085,9600,9601-9602,9300,9376-9377,9400,9700,10001-10011,10424 | |
10 | chain=prerouting action=mark-connection new-connection-mark=GAME ONLINE passthrough=yes protocol=tcp src-address=192.168.10.0/24 |
dst-port=19101,22100,27780,28012,29000,29200,39100,39110,39220,39190,40000,49100 | |
11 | chain=prerouting action=mark-connection new-connection-mark=GAME ONLINE passthrough=yes protocol=tcp src-address=192.168.10.0/24 |
dst-port=14009-14010,12683,5222,5223,9015,6203,6210,6217,6320,10360 | |
12 | chain=prerouting action=mark-connection new-connection-mark=GAME ONLINE passthrough=yes protocol=tcp src-address=192.168.10.0/24 |
dst-port=47611,8401-8408,8000-8010,36456,36567,36570,37466 | |
13 | chain=prerouting action=mark-connection new-connection-mark=GAME ONLINE passthrough=yes protocol=tcp src-address=192.168.10.0/24 |
dst-port=14300,14400-14406,14500-14600,10009,30001-30003,10089 | |
14 | chain=prerouting action=mark-connection new-connection-mark=GAME ONLINE passthrough=yes protocol=udp src-address=192.168.10.0/24 |
dst-port=13933,14001-14999,31928,31929,5222,5223,10074,28941 | |
15 | chain=prerouting action=mark-connection new-connection-mark=GAME ONLINE passthrough=yes protocol=udp src-address=192.168.10.0/24 |
dst-port=1151,1293,1479,6100-6152,7777-7977,9401,9600-9602,12020-12080,30000,40000-40010 | |
16 | chain=prerouting action=mark-connection new-connection-mark=GAME ONLINE passthrough=yes protocol=udp src-address=192.168.10.0/24 |
dst-port=42001-42052,10112,10201-10210,10294-10295,11100-11125,11440-11460,16400-16410,18061,19223 | |
17 | chain=prerouting action=mark-connection new-connection-mark=GAME ONLINE passthrough=yes protocol=udp src-address=192.168.10.0/24 |
dst-port=8001-8010,40100-42000,12060-12070,27005-27015,31929,9647,42406-42441 | |
18 | chain=prerouting action=mark-connection new-connection-mark=GAME ONLINE passthrough=yes protocol=udp src-address=192.168.10.0/24 |
dst-port=15100-15200,9001-9099,39030-39040,42106,42423,17327,17565 | |
19 | ;;; GAME FACEBOOK |
chain=prerouting action=mark-connection new-connection-mark=GAME FACEBOOK passthrough=yes protocol=tcp src-address=192.168.10.0/24 dst-port=9339,843,8890 | |
20 | chain=prerouting action=mark-connection new-connection-mark=GAME ONLINE passthrough=yes protocol=tcp src-address=192.168.10.0/24 |
dst-port=10402,11011-11041,12011,12110,13008,13413,15000-15002,16402-16502,16666,18901-18909,19000 | |
21 | ;;; SEMUA GAME DIPAKETKAN |
chain=forward action=mark-packet new-packet-mark=GAME PAKET passthrough=yes connection-mark=GAME ONLINE | |
22 | ;;; SEMUA GAME DIPAKETKAN |
chain=forward action=mark-packet new-packet-mark=GAME PAKET passthrough=yes connection-mark=GAME FACEBOOK | |
23 | chain=postrouting action=mark-packet new-packet-mark=proxy-hit passthrough=no dscp=12 |
24 | chain=prerouting action=mark-packet new-packet-mark=proxy-hit passthrough=no dscp=12 |
[admin@MikroTik] > system ntp client print | |
enabled: | yes |
mode: | unicast |
primary-ntp: | 152.118.24.8 |
secondary-ntp: | 202.169.224.16 |
poll-interval: | 15m |
active-server: | 202.169.224.16 |
last-update-from: | 202.169.224.16 |
last-update-before: | 11m25s240ms |
last-adjustment: | 1ms191us |
No comments:
Post a Comment