Konfigurasi MikroTik dhcp hotspot firewall queue

Kerejakan

Internet Gateway

dhcp-server

dhcp pool 192.168.100.2-192.168.100.100

Proxy firewall memblokir website mikrotik.co.id

cache administrator : namasiswa@smkpgri-komam.sch.id

hotspot

limit speed internet dengan queues

blokir ping ip client 192.168.100.2-192.168.100.50

ip  address  add  address=192.168.137.X/24    interface=ether1 

X adalah nomer absen

ip  address  add  address=192.168.100.1/25  interface=ether2  

ip  route  add  gateway=192.168.137.1  

ip  dns  set  servers=8.8.8.8 allow-remote-requests=yes

ip  firewall  nat  add  action=masquerade  chain=srcnat                                                 

ip  dhcp-server  setup

Select interface to run DHCP server on

dhcp server interface: ether2

Select network for DHCP addresses

dhcp address space: 192.168.100.0/25

Select gateway for given network

gateway for dhcp network: 202.134.1.1

Select pool of  ip addresses given out by DHCP server

addresses to give out: 192.168.100.2-192.168.100.100

Select DNS servers

dns servers: 8.8.8.8

lease time: 3d

disisi mikrotik coba uji

ping 192.168.137.1

ping google.com

ctrl + c

disisi klien coba uji

ping 192.168.100.1

ping google.com

ctrl + c

ip  proxy  set  enabled=yes  port=3128  src-address=0.0.0.0  cache-administrator=rija@smkpgri-komam.sch.id 

ip  firewall  nat  add  chain=dstnat  protocol=tcp  src-address=0.0.0.0/0   dst-port=80  action=redirect  to-ports=3128

ip  proxy  access  add  src-address=0.0.0.0/0  dst-host=*mikrotik.co.id*  action=deny

ip proxy access add dst-port=80 path=*.mp3 action=deny

ip proxy access add dst-port=80 path=*.mkv action=deny

ip  proxy  access  add  src-address=0.0.0.0/0  dst-host=*bpkp.go.id*  action=deny

ip  proxy  access  add  src-address=0.0.0.0/0  dst-host=*pmb.uny.ac.id*  action=deny

ip  proxy  access  add  src-address=0.0.0.0/0  dst-host=*lionair.co.id*  action=deny

ip  proxy  access  add  src-address=0.0.0.0/0  dst-host=*indonesia.go.id*  action=deny

ip  proxy  access  add  src-address=0.0.0.0/0  dst-host=*adr.org*  action=deny

ip  proxy  access  print                                  [melihat  list rules dari proxy]

ip  proxy  access  disable  numbers=0          [mendisable  aturan  proxy  block  site  nomer  urut  0]

ip  proxy  access  enable   numbers=0          [mengenable  aturan  proxy  block  site nomer  urut  0]

/ip firewall filter add action=drop chain=input dst-address=192.168.100.1 protocol=icmp \ src-address=192.168.100.2-192.168.100.50

ip firewall raw add chain=prerouting content=detik.com action=drop

ip firewall raw print

ip firewall raw disable numbers=0

queue simple add max-limit=2M/2M name=pc1 target=192.168.100.100/32    ( 192.168.100.100/32 IP PC Klien)

ip  hotspot  setup

hotspot interface: ether2

local address of network : 192.168.100.1/25

masquerade network : yes

address pool of network : 192.168.100.2-192.168.100.50

select certificate : none         (rubah menjadi none)

ip address of smtp server : 0.0.0.0

dns servers : 8.8.8.8

dns name : rija.net

name of local hotspot user : rija

password for the user : rija

system reset-configuration no-defaults=yes

JIKA  INGIN  MENGUJI  PROXY  TANPA  KONEKSI  INTERNET,  MAKA  SETTING  MANUAL  PROXY  PADA  BROWSER  CLIENT  UNTUK  HTTP  PROXY  NYA  “IP  ETHER2  MIKROTIK”  DAN  “PORT”  NYA  ARAHKAN KE “3128”

UJI PADA PC / LAPTOP CLIENT YANG MENGGUNAKAN WINDOWS XP / 7

Buka Internet Explorer dan ketikan http://youtube.com

Jika muncul tampilan Error berarti situs youtube [http] nya berhasil di blok, jika mau belajar blok https silahkan cari di search engine google, banyak ko artikel yang membahas tentang bloking protocol https / port 443.