Membangun Mikrotik + Proxy Ubuntu Server 10.10

Membangun Mikrotik + Proxy Ubuntu Server 10.10

Membangun Mikrotik + Proxy Ubuntu Server 10.10

Membangun Mikrotik + Proxy Ubuntu Server 10.10

Pada Bagian ke 2 ini, kita akan membahas konfigurasi Mikrotik dan Ubuntu. Terlebih dahulu anda harus install
1.Putty : Untuk meremote Ubuntu dengan SSH
2. Winscp : Untuk meremote dan edit script
3. Winbox : untuk meremote Mikrotik.
Setelah 3 software remoter tersebut anda install ikuti langkah-langkah sebagai berikut :
Remote MIkrotik anda dan setting :
IP FIREWALL MANGLE :
0   ;;; PROXY-HIT
chain=prerouting action=mark-packet new-packet-mark=proxy-hit passthrough=no dscp=12
1   ;;; http-conn
chain=prerouting action=mark-connection new-connection-mark=http_conn passthrough=no protocol=tcp src-address=192.168.1.0/24 in-interface=ether2
2   chain=prerouting action=mark-packet new-packet-mark=http_conn passthrough=no connection-mark=http_conn
3   ;;; https-conn
chain=prerouting action=mark-connection new-connection-mark=https-conn passthrough=yes connection-state=new
protocol=tcp dst-port=443
4   chain=prerouting action=mark-routing new-routing-mark=https passthrough=no connection-mark=https-conn
5   ;;; DNS
chain=prerouting action=mark-connection new-connection-mark=DNS passthrough=yes protocol=udp dst-port=53
6   chain=prerouting action=mark-connection new-connection-mark=DNS passthrough=yes protocol=udp dst-port=53
7   chain=prerouting action=change-dscp new-dscp=12 connection-mark=DNS
8   ;;; DNS Paket
chain=prerouting action=mark-packet new-packet-mark=DNS_PACKET passthrough=no connection-mark=DNS
9   chain=prerouting action=mark-packet new-packet-mark=DNS_PACKET passthrough=yes
10   ;;; YM-Conn
chain=forward action=mark-connection new-connection-mark=YM passthrough=no protocol=tcp dst-port=5050,5100,5051
11   chain=prerouting action=mark-connection new-connection-mark=YM passthrough=yes connection-mark=YM
12   ;;; Winbox
chain=input action=mark-connection new-connection-mark=winbox passthrough=no protocol=tcp dst-port=8291
13   ;;; CHANGE MMS
chain=forward action=change-mss new-mss=1440 tcp-flags=syn protocol=tcp in-interface=ether1-gateway
tcp-mss=1441-65535
IP FIREWALL ADDRESS-LIST :
0   ;;; LocalNet
LocalNet                                  192.168.1.0/24 —-> IP network local sesuaikan dengan IP lokal anda
1   ;;; PROXY
ProxyNet                                  192.168.11.0/24  –> IP network Proxy
QUEUE TYPE:
0 name=”default” kind=pfifo pfifo-limit=50
1 name=”ethernet-default” kind=pfifo pfifo-limit=50
2 name=”wireless-default” kind=sfq sfq-perturb=5 sfq-allot=1514
3 name=”synchronous-default” kind=red red-limit=60 red-min-threshold=10
red-max-threshold=50 red-burst=20 red-avg-packet=1000
4 name=”hotspot-default” kind=sfq sfq-perturb=5 sfq-allot=1514
5 name=”downsteam-pcq” kind=pcq pcq-rate=0 pcq-limit=50
pcq-classifier=dst-address pcq-total-limit=20000
6 name=”upstream-pcq” kind=pcq pcq-rate=0 pcq-limit=50
pcq-classifier=src-address pcq-total-limit=20000
7 name=”PING” kind=pfifo pfifo-limit=64
8 name=”game_up” kind=pcq pcq-rate=0 pcq-limit=20
pcq-classifier=dst-address,dst-port pcq-total-limit=500
9 name=”game_dw” kind=pcq pcq-rate=0 pcq-limit=20
QUEUE TREE:
0   name=”TURBO-PROXY” parent=global-out packet-mark=proxy-hit limit-at=0
queue=downsteam-pcq priority=5 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0s
1   name=”DNS-UP” parent=global-in packet-mark=DNS_PACKET limit-at=0
queue=upstream-pcq priority=5 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0s
QUEUE SIMPLE :
0    name=”TRAFFICT SHAPPING” dst-address=0.0.0.0/0 interface=all parent=none
packet-marks=packet-intl direction=both priority=1
queue=upstream-pcq/downsteam-pcq limit-at=0/0 max-limit=0/0
burst-limit=0/0 burst-threshold=0/0 burst-time=5s/5s
total-queue=ethernet-default time=0s-1d,sun,mon,tue,wed,thu,fri,sat
1    name=”BW-MANAGEMENT” target-addresses=IP LOKAL ANDA dst-address=0.0.0.0/0
interface=all parent=TRAFFICT SHAPPING packet=DNS_PACKET direction=both
priority=1 queue=upstream-pcq/downsteam-pcq limit-at=0/0
max-limit=5M/5M burst-limit=5M/5M burst-threshold=5M/5M
burst-time=5s/5s total-queue=default
CATATAN: Setelah berhasil setting ini anda masukkan alokasi bandwith per client/per IP address client dengan parent BW-MANAGEMENT
IP FIREWALL NAT :
0   ;;; PROXY HIT
chain=dstnat action=dst-nat to-addresses=192.168.11.11 to-ports=3128 protocol=tcp src-address=!192.168.11.11
src-address-list=LocalNet dst-address-list=!ProxyNet dst-port=80,8080,3128
connection-mark=http-conn
1   ;;; Added by webbox
chain=srcnat action=masquerade out-interface=ether1-gateway
2   ;;; Proxy Out (Bisa anda disable juga)
chain=srcnat action=src-nat to-addresses=IP INTERNET ANDA/IP PUBLIC misalnya 125.124.123.122
src-address=IP LOKAL ANDA misalnya 192.168.1.254 (BUKAN IP NETWORK)
4   chain=dstnat action=dst-nat to-ports=53 protocol=udp dst-port=53
5   ;;; SSH
chain=dstnat action=dst-nat to-addresses=192.168.11.11 to-ports=22

protocol=tcp dst-address=IP INTERNET ANDA/IP PUBLIC dst-port=22,10000

Sumber : https://dunebuggyforsale.org/tales-rush-apk/