Kumpulan Mikrotik Scripts Terbaru Dan Terlengkap
Mikrotik Scripts adalah fitur yang sangat berguna untuk otomatisasi tugas, mengatasi masalah jaringan, dan memfasilitasi konfigurasi jaringan yang kompleks. Dalam artikel ini, akan dibahas tentang kumpulan Mikrotik Script yang dapat membantu administrator jaringan dalam mempercepat dan memudahkan manajemen jaringan.
Apa itu Mikrotik Scripts?
Mikrotik Scripts adalah kumpulan syntax-syntax mikrotik console yang memiliki tujuan tertentu seperti memblokir, membatasi trafick tertentu pada router mikrotik, dengan menggunakan mikrotik scripts proses konfigurasi atau setting router mikrotik menjadi lebih mudah dan cepat
Apa Saja Manfaat Mikrotik Script?
Berikut adalah beberapa manfaat utama dari Mikrotik Script:
- Otomatisasi tugas: Dengan menggunakan Mikrotik Script, administrator jaringan dapat mengotomatisasi tugas-tugas yang repetitif dan memakan waktu, seperti backup konfigurasi, update firmware, dan lain sebagainya.
- Mengatasi masalah: Mikrotik Script memungkinkan administrator jaringan untuk membuat skrip yang dapat menyelesaikan masalah jaringan secara otomatis, seperti restart otomatis pada interface yang terputus.
- Konfigurasi jaringan yang kompleks: Dalam konfigurasi jaringan yang kompleks, Mikrotik Script dapat membantu administrator jaringan dalam membuat skrip yang dapat mengatur konfigurasi jaringan secara efisien dan konsisten.
- Manajemen jaringan yang lebih baik: Dengan menggunakan Mikrotik Script, administrator jaringan dapat membuat skrip yang membantu dalam manajemen jaringan yang lebih baik, seperti monitoring jaringan dan memberikan notifikasi jika terjadi masalah.
- Fleksibilitas: Mikrotik Script memberikan fleksibilitas kepada administrator jaringan untuk membuat skrip yang disesuaikan dengan kebutuhan spesifik jaringan dan bisnis.
Coba Gratis: Mikrotik Script Generator Tool Powered by AI
Domain Content
Domain Content Facebook
Berikut Daftar Domain Content Facebook
.facebook.com
.facebook.net
.fbcdn.net
.fbsbx.com
fb.com
fb.gg
fbwat.ch
messenger.com
m.me
Script Lengkap Untuk Raw Content Facebook:
/ip firewall raw
add action=add-dst-to-address-list address-list=FACEBOOK \
address-list-timeout=1d chain=prerouting comment=FACEBOOK content=\
.facebook.com dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=FACEBOOK \
address-list-timeout=1d chain=prerouting content=.facebook.net \
dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=FACEBOOK \
address-list-timeout=1d chain=prerouting content=.fbcdn.net \
dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=FACEBOOK \
address-list-timeout=1d chain=prerouting content=.fbsbx.com \
dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=FACEBOOK \
address-list-timeout=1d chain=prerouting content=fb.com dst-address-list=\
!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=FACEBOOK \
address-list-timeout=1d chain=prerouting content=fb.gg dst-address-list=\
!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=FACEBOOK \
address-list-timeout=1d chain=prerouting content=fbwat.ch \
dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=FACEBOOK \
address-list-timeout=1d chain=prerouting content=messenger.com \
dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=FACEBOOK \
address-list-timeout=1d chain=prerouting content=m.me dst-address-list=\
!lokal src-address-list=lokal
Domain Content Instagram
.instagram.com
.cdninstagram.com
/ip firewall raw
add action=add-dst-to-address-list address-list=INSTAGRAM \
address-list-timeout=1d chain=prerouting comment=INSTAGRAM content=\
.instagram.com dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=INSTAGRAM \
address-list-timeout=1d chain=prerouting content=.cdninstagram.com \
dst-address-list=!lokal src-address-list=lokal
Baca Juga : Daftar lengkap Address List Mikrotik Terbaru
Domain Content Marketplace
tokopedia.com
tokopedia.net
shopee.co.id
bukalapak.com
lazada.co.id
blibli.com
olx.co.id
Script Lengkap Untuk Raw Content Marketplace atau toko online:
/ip firewall raw
add action=add-dst-to-address-list address-list=MARKETPLACE \
address-list-timeout=1d chain=prerouting comment=MARKETPLACE content=\
tokopedia.com dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=MARKETPLACE \
address-list-timeout=1d chain=prerouting content=tokopedia.net \
dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=MARKETPLACE \
address-list-timeout=1d chain=prerouting content=shopee.co.id \
dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=MARKETPLACE \
address-list-timeout=1d chain=prerouting content=bukalapak.com \
dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=MARKETPLACE \
address-list-timeout=1d chain=prerouting content=lazada.co.id \
dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=MARKETPLACE \
address-list-timeout=1d chain=prerouting content=blibli.com \
dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=MARKETPLACE \
address-list-timeout=1d chain=prerouting content=olx.co.id \
dst-address-list=!lokal src-address-list=lokal
Domain Content Snack Video
.snackvideo.com
.myqcloud.com
.snackvideo.in
/ip firewall raw
add action=add-dst-to-address-list address-list=SNACKVIDEO \
address-list-timeout=1d chain=prerouting comment=SNACKVIDEO content=\
.snackvideo.com dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=SNACKVIDEO \
address-list-timeout=1d chain=prerouting content=.myqcloud.com \
dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=SNACKVIDEO \
address-list-timeout=1d chain=prerouting content=.snackvideo.in \
dst-address-list=!lokal src-address-list=lokal
Domain Content Bank Mandiri
.bankmandiri.co.id
/ip firewall raw
add action=add-dst-to-address-list address-list=BANK-MANDIRI address-list-timeout=\
1d chain=prerouting comment=BANK MANDIRI content=.bankmandiri.co.id dst-address-list=\
!lokal src-address-list=lokal
Domain Content Tiktok
.tiktok.com
.tiktokv.com
.tiktokcdn.com
.byteoversea.com
.ibyteimg.com
.ibytedtos.com
.myqcloud.com
/ip firewall raw
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
1d chain=prerouting comment=TIKTOK content=.tiktok.com dst-address-list=\
!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
1d chain=prerouting content=.tiktokv.com dst-address-list=!lokal \
src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
1d chain=prerouting content=.tiktokcdn.com dst-address-list=!lokal \
src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
1d chain=prerouting content=.byteoversea.com dst-address-list=!lokal \
src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
1d chain=prerouting content=.ibyteimg.com dst-address-list=!lokal \
src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
1d chain=prerouting content=.ibytedtos.com dst-address-list=!lokal \
src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
1d chain=prerouting content=.myqcloud.com dst-address-list=!lokal \
src-address-list=lokal
Domain Content CAPCUT
.capcut.com
.byteoversea.com
.byteimg.com
.bytevcloudapi.com
/ip firewall raw
add action=add-dst-to-address-list address-list=CAPCUT address-list-timeout=\
1d chain=prerouting comment=CAPCUT content=.capcut.com dst-address-list=\
!IP-LOKAL src-address-list=IP-LOKAL
add action=add-dst-to-address-list address-list=CAPCUT address-list-timeout=\
1d chain=prerouting content=.byteoversea.com dst-address-list=!IP-LOKAL \
src-address-list=IP-LOKAL
add action=add-dst-to-address-list address-list=CAPCUT address-list-timeout=\
1d chain=prerouting content=.byteimg.com dst-address-list=!IP-LOKAL \
src-address-list=IP-LOKAL
add action=add-dst-to-address-list address-list=CAPCUT address-list-timeout=\
1d chain=prerouting content=.bytevcloudapi.com dst-address-list=!IP-LOKAL \
src-address-list=IP-LOKAL
Domain Content Kapwing
.kapwing.com
/ip firewall raw
add action=add-dst-to-address-list address-list=KAPWING address-list-timeout=\
1d chain=prerouting comment=KAPWING content=.kapwing.com \
dst-address-list=!IP-LOKAL src-address-list=IP-LOKAL
Domain Content Canva
.canva.com
/ip firewall raw
add action=add-dst-to-address-list address-list=CANVA address-list-timeout=\
1d chain=prerouting comment=CANVA content=.canva.com \
dst-address-list=!IP-LOKAL src-address-list=IP-LOKAL
Domain Content Titan Mail
.flockmail.com
.titan.email
/ip firewall raw
add action=add-dst-to-address-list address-list=TITAN-MAIL address-list-timeout=\
1d chain=prerouting comment=TITAN-MAIL content=.flockmail.com \
dst-address-list=!IP-LOKAL src-address-list=IP-LOKAL
add action=add-dst-to-address-list address-list=TITAN-MAIL address-list-timeout=\
1d chain=prerouting comment=TITAN-MAIL content=.titan.email \
dst-address-list=!IP-LOKAL src-address-list=IP-LOKAL
Domain Content Twitter
.twitter.com
.twimg.com
t.co
/ip firewall raw
add action=add-dst-to-address-list address-list=TWITTER address-list-timeout=\
1d chain=prerouting comment=TWITTER content=.twitter.com \
dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=TWITTER address-list-timeout=\
1d chain=prerouting content=.twimg.com dst-address-list=!lokal \
src-address-list=lokal
add action=add-dst-to-address-list address-list=TWITTER address-list-timeout=\
1d chain=prerouting content=t.co dst-address-list=!lokal \
src-address-list=lokal
Domain Content Youtube
.youtube.com
.ytimg.com
.googlevideo.com
youtu.be
yt3.ggpht.com
youtubei.googleapis.com
/ip firewall raw
add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
1d chain=prerouting comment=YOUTUBE content=.youtube.com \
dst-address-list=!lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
1d chain=prerouting content=.ytimg.com dst-address-list=!lokal \
src-address-list=lokal
add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
1d chain=prerouting content=.googlevideo.com dst-address-list=!lokal \
src-address-list=lokal
add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
1d chain=prerouting content=youtu.be dst-address-list=!lokal \
src-address-list=lokal
add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
1d chain=prerouting content=yt3.ggpht.com dst-address-list=!lokal \
src-address-list=lokal
add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
1d chain=prerouting content=youtubei.googleapis.com dst-address-list=\
!lokal src-address-list=lokal
Script Install Mikrotik CHR di VPS
berikut adalah script untuk menginstall mikrotik chr di vps
wget https://download.mikrotik.com/routeros/6.46.5/chr-6.46.5.img.zip -O chr.img.zip && \
gunzip -c chr.img.zip > chr.img && \
echo u > /proc/sysrq-trigger && \
dd if=chr.img bs=1024 of=/dev/sda
Yang Perlu di ganti adalah partisi di barisi terakhir /dev/sda silahkan sesuaikan dengan partisi vps anda, untuk cara cek partisi di vps gunakan perintah
sudo fdisk -l
Untuk lebih lengkap cara tutorial mikrotik chr silahkan baca disini
Mengirim Notifikasi Mikrotik Ke Bot Telegram
berikut ini adalah script untuk mengirimkan notifikasi ke bot telegram, silahkan sobat masukkan script ini di tool > netwatch
Contoh Script Notifikasi Ketika Dapat Terkoneksi Ke DNS Google
/tool fetch url="https://api.telegram.org/bot5708391154:AAFKJviidwIHiMicz-3RBLJS7Zp-FK9m7ww/sendMessage?chat_id=1666322534&text='DNS Google Connect Coy'" keep-result=no
Contoh Script Notifikasi Ketika Gagal Terkoneksi Ke DNS Google
/tool fetch url="https://api.telegram.org/bot5708391154:AAFKJviidwIHiMicz-3RBLJS7Zp-FK9m7ww/sendMessage?chat_id=1666322534&text='Gagal Terhubung Ke DNS Google'" keep-result=no
bot token = bot5708391154:AAFKJviidwIHiMicz-3RBLJS7Zp-FK9m7ww
Chat ID : 1666322534
Silahkan sobat ganti bot token dan chat id script mikrotik di atas dengan bot token dan chat id bot telegram yang sobat miliki
Tonton Juga Video : Cara Membuat Notifikasi Mikrotik Dengan BOT Telegram Cocok Untuk Pemula
Script Untuk Monitoring Trafick Router Mikrotik Ke BOT Telegram
di bawah ini adalah contoh script untuk mengirimkan notifikasi untuk memonitoring trafick download dan upload pada mikrotik router
Script untuk mendapatkan tanggal saat ini
:local CurDate [/system clock get date]
Script untuk mendapatkan jam saat ini
:local CurTime [/system clock get time]
Script untuk menampilkan Informasi Log
#Log
:log info "Kecepatan Download Lebih Dari 8 Mbps"
Script untuk mengirimkan notifikasi trafick monitoring dari mikrotik ke bot telegram
/tool fetch url="https://api.telegram.org/bot5708391154:AAFKJviidwIHiMicz-3RBLJS7Zp-FK9m7ww/sendMessage?chat_id=1666322534&text='Traffick Internet Di $CurDate $CurTime Sudah Lebih Dari 8 Mbps Gan" keep-result=no
Tonton Juga Video : Cara Monitoring Trafick Download Dan Upload Mikrotik Menggunakan Bot Telegram
Load Balance PCC
Load Balance PCC 2 ISP
Load Balance PCC 2 ISP adalah metode penyimbangan dua koneksi atau lebih internet gateway
#=====================================================
# https://midteknologi.com
#=====================================================
/interface
set ether1 comment=Modem-1
set ether2 comment=Modem-2
set ether3 comment=Lan
/ip firewall address-list
add address=192.168.0.0/16 list=IP-LOKAL
add address=172.16.0.0/12 list=IP-LOKAL
add address=10.0.0.0/8 list=IP-LOKAL
/ ip address
add address=192.168.9.9/24 network=192.168.9.0 broadcast=192.168.9.255 interface=ether1
add address=192.168.8.2/24 network=192.168.8.0 broadcast=192.168.8.255 interface=ether2
add address=192.168.10.1/24 network=192.168.10.0 broadcast=192.168.10.255 interface=ether3
/ip route
add check-gateway=ping distance=1 gateway="192.168.9.1" routing-mark="to-ether1"
add check-gateway=ping distance=1 gateway="192.168.8.1" routing-mark="to-ether2"
add check-gateway=ping distance=1 gateway="192.168.9.1"
add check-gateway=ping distance=2 gateway="192.168.8.1"
/ip dns set cache-max-ttl=1d cache-size=2048KiB servers=8.8.8.8,8.8.4.4
/ip firewall nat
add chain=srcnat out-interface="ether1" action=masquerade
add chain=srcnat out-interface="ether2" action=masquerade
/ip firewall mangle
add action=mark-connection chain=input in-interface="ether1" new-connection-mark="cm-ether1" passthrough=yes
add action=mark-connection chain=input in-interface="ether2" new-connection-mark="cm-ether2" passthrough=yes
add action=mark-routing chain=output connection-mark="cm-ether1" new-routing-mark="to-ether1" passthrough=yes
add action=mark-routing chain=output connection-mark="cm-ether2" new-routing-mark="to-ether2" passthrough=yes
add action=mark-connection chain=prerouting dst-address-list=!IP-LOKAL dst-address-type=!local new-connection-mark="cm-ether1" passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0 src-address-list=IP-LOKAL
add action=mark-connection chain=prerouting dst-address-list=!IP-LOKAL dst-address-type=!local new-connection-mark="cm-ether2" passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 src-address-list=IP-LOKAL
add action=mark-routing chain=prerouting connection-mark="cm-ether1" dst-address-list=!IP-LOKAL new-routing-mark="to-ether1" passthrough=yes src-address-list=IP-LOKAL
add action=mark-routing chain=prerouting connection-mark="cm-ether2" dst-address-list=!IP-LOKAL new-routing-mark="to-ether2" passthrough=yes src-address-list=IP-LOKAL
Load Balance PCC 3 ISP
Load Balance PCC 3 ISP adalah metode penyimbangan dua koneksi atau lebih internet gateway
#=====================================================
# https://midteknologi.com
#=====================================================
/interface
set ether1 comment=Modem-1
set ether2 comment=Modem-2
set ether3 comment=Modem-3
set ether4 comment=Lan
/ip firewall address-list
add address=192.168.0.0/16 list=IP-LOKAL
add address=172.16.0.0/12 list=IP-LOKAL
add address=10.0.0.0/8 list=IP-LOKAL
/ ip address
add address=192.168.9.9/24 network=192.168.9.0 broadcast=192.168.9.255 interface=ether1
add address=192.168.8.2/24 network=192.168.8.0 broadcast=192.168.8.255 interface=ether2
add address=192.168.10.2/24 network=192.168.10.0 broadcast=192.168.8.255 interface=ether3
add address=192.168.11.1/24 network=192.168.11.0 broadcast=192.168.10.255 interface=ether4
/ip route
add check-gateway=ping distance=1 gateway="192.168.9.1" routing-mark="to-ether1"
add check-gateway=ping distance=1 gateway="192.168.8.1" routing-mark="to-ether2"
add check-gateway=ping distance=1 gateway="192.168.10.1" routing-mark="to-ether3"
add check-gateway=ping distance=1 gateway="192.168.9.1"
add check-gateway=ping distance=2 gateway="192.168.8.1"
add check-gateway=ping distance=3 gateway="192.168.10.1"
/ip dns set cache-max-ttl=1d cache-size=2048KiB servers=8.8.8.8,8.8.4.4
/ip firewall nat
add chain=srcnat out-interface="ether1" action=masquerade
add chain=srcnat out-interface="ether2" action=masquerade
add chain=srcnat out-interface="ether3" action=masquerade
/ip firewall mangle
add action=mark-connection chain=input in-interface="ether1" new-connection-mark="cm-ether1" passthrough=yes
add action=mark-connection chain=input in-interface="ether2" new-connection-mark="cm-ether2" passthrough=yes
add action=mark-connection chain=input in-interface="ether3" new-connection-mark="cm-ether3" passthrough=yes
add action=mark-routing chain=output connection-mark="cm-ether1" new-routing-mark="to-ether1" passthrough=yes
add action=mark-routing chain=output connection-mark="cm-ether2" new-routing-mark="to-ether2" passthrough=yes
add action=mark-routing chain=output connection-mark="cm-ether3" new-routing-mark="to-ether3" passthrough=yes
add action=mark-connection chain=prerouting dst-address-list=!IP-LOKAL dst-address-type=!local new-connection-mark="cm-ether1" passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0 src-address-list=IP-LOKAL
add action=mark-connection chain=prerouting dst-address-list=!IP-LOKAL dst-address-type=!local new-connection-mark="cm-ether2" passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 src-address-list=IP-LOKAL
add action=mark-connection chain=prerouting dst-address-list=!IP-LOKAL dst-address-type=!local new-connection-mark="cm-ether3" passthrough=yes per-connection-classifier=both-addresses-and-ports:2/2 src-address-list=IP-LOKAL
add action=mark-routing chain=prerouting connection-mark="cm-ether1" dst-address-list=!IP-LOKAL new-routing-mark="to-ether1" passthrough=yes src-address-list=IP-LOKAL
add action=mark-routing chain=prerouting connection-mark="cm-ether2" dst-address-list=!IP-LOKAL new-routing-mark="to-ether2" passthrough=yes src-address-list=IP-LOKAL
add action=mark-routing chain=prerouting connection-mark="cm-ether3" dst-address-list=!IP-LOKAL new-routing-mark="to-ether3" passthrough=yes src-address-list=IP-LOKAL
Script Mikrotik Redirect DNS Client Ke DNS Mikrotik
Script ini berfungsi untuk mengarahkan client mikrotik untuk menggunakan DNS yang sama dengan dns yang di setting pada router mikrotik
/ip dns
set allow-remote-requests=yes cache-max-ttl=3h cache-size=10240KiB servers=8.8.8.8,8.8.4.4
/ip firewall nat
add action=redirect chain=dstnat dst-port=53 protocol=udp to-ports=53
add action=redirect chain=dstnat dst-port=53 protocol=tcp to-ports=53
Script Menambahkan Dynamic IP Route ( Modem IP DHCP)
Script ini sangat berfungsi ketika kita melakukan konfigurasi load balance di mikrotik ketika Modem dari ISP tersebut menggunakan IP DHCP dan tidak bisa di set static kasus seperti ini akan anda temui ketika menggunakan jaringan internet dari ICON + atau Iconnet, dimana kita tidak dapat merubah konfigurasi IP Addressnya menjadi static
berikut ini scriptnya :
:if ($bound=1) do={
/ip route add distance=1 gateway=$"gateway-address" routing-mark=to-ether2 comment="ISP2"
} else={
/ip route remove [/ip route find comment="ISP2"]
}
Script diatas teman-teman tambahkan di menu IP > DHCP Client Lalu Klik Tambah Dan Pada tab Advanced Masukkan Script Diatas
penjelasan script diatas : ketika kita mendapatkan ip dari modem maka script otomatis akan menambahkan router baru dengan routing mark to ether-2 dengan komentar ISP2 , namun ketika modem ISP mengalami masalah dan kita tidak mendapatkan IP dari modem maka script diatas akan otomatis menghapus route dengan komentar ISP2
Tonton Juga : Solusi Load Balance Dengan IP Modem DHCP
Mikrotik Script Untuk Blokir Situs
Blokir Facebook Menggunakan Address Lists Mikrotik
/ip firewall filter
add action=drop chain=forward dst-address-list=Facebook src-address=192.168.17.0/24 comment="Blokir Facebook Menggunakan Address-Lists"
/ip firewall address-list
add address=146.88.59.0/24 list=Facebook
add address=74.119.76.0/22 list=Facebook
add address=45.64.40.0/22 list=Facebook
add address=69.63.176.0/20 list=Facebook
add address=31.13.64.0/18 list=Facebook
add address=66.220.144.0/20 list=Facebook
add address=69.171.224.0/19 list=Facebook
add address=103.4.96.0/22 list=Facebook
add address=173.252.64.0/19 list=Facebook
add address=173.252.96.0/19 list=Facebook
add address=179.60.192.0/22 list=Facebook
add address=204.15.20.0/22 list=Facebook
add address=31.13.24.0/21 list=Facebook
add address=199.201.64.0/22 list=Facebook
add address=185.60.216.0/22 list=Facebook
add address=157.240.0.0/16 list=Facebook
add address=129.205.94.0/23 list=Facebook
Blokir Facebook Menggunakan Mikrotik
/ip firewall filter
add action=drop chain=forward dst-address-list=Facebook src-address=192.168.17.0/24 comment="Blokir Facebook Menggunakan TLS Host"
/ip firewall mangle
add action=add-dst-to-address-list address-list=Facebook address-list-timeout=4w2d chain=prerouting dst-port=443 protocol=tcp tls-host=*.facebook.com comment="Detecting IP Addresses Facebook"
Blokir Twitter Menggunakan Address Lists Mikrotik
/ip firewall filter
add action=drop chain=forward dst-address-list=Twitter src-address=192.168.17.0/24 comment="Blocking Twitter Menggunakan Address Lists"
/ip firewall address-list add list=Twitter address=8.25.196.0/23
/ip firewall address-list add list=Twitter address=8.25.194.0/23
/ip firewall address-list add list=Twitter address=69.195.188.0/24
/ip firewall address-list add list=Twitter address=69.195.187.0/24
/ip firewall address-list add list=Twitter address=69.195.186.0/24
/ip firewall address-list add list=Twitter address=69.195.185.0/24
/ip firewall address-list add list=Twitter address=69.195.182.0/24
/ip firewall address-list add list=Twitter address=69.195.181.0/24
/ip firewall address-list add list=Twitter address=69.195.180.0/24
/ip firewall address-list add list=Twitter address=69.195.179.0/24
/ip firewall address-list add list=Twitter address=69.195.178.0/24
/ip firewall address-list add list=Twitter address=69.195.177.0/24
/ip firewall address-list add list=Twitter address=69.195.176.0/24
/ip firewall address-list add list=Twitter address=69.195.175.0/24
/ip firewall address-list add list=Twitter address=69.195.174.0/24
/ip firewall address-list add list=Twitter address=69.195.171.0/24
/ip firewall address-list add list=Twitter address=69.195.169.0/24
/ip firewall address-list add list=Twitter address=69.195.168.0/24
/ip firewall address-list add list=Twitter address=69.195.166.0/24
/ip firewall address-list add list=Twitter address=69.195.165.0/24
/ip firewall address-list add list=Twitter address=69.195.164.0/24
/ip firewall address-list add list=Twitter address=69.195.163.0/24
/ip firewall address-list add list=Twitter address=69.195.162.0/24
/ip firewall address-list add list=Twitter address=69.195.160.0/24
/ip firewall address-list add list=Twitter address=69.12.63.0/24
/ip firewall address-list add list=Twitter address=69.12.62.0/24
/ip firewall address-list add list=Twitter address=69.12.61.0/24
/ip firewall address-list add list=Twitter address=69.12.56.0/21
/ip firewall address-list add list=Twitter address=64.63.33.0/24
/ip firewall address-list add list=Twitter address=64.63.0.0/18
/ip firewall address-list add list=Twitter address=209.237.221.0/24
/ip firewall address-list add list=Twitter address=209.237.220.0/24
/ip firewall address-list add list=Twitter address=209.237.218.0/24
/ip firewall address-list add list=Twitter address=209.237.217.0/24
/ip firewall address-list add list=Twitter address=209.237.216.0/24
/ip firewall address-list add list=Twitter address=209.237.215.0/24
/ip firewall address-list add list=Twitter address=209.237.214.0/24
/ip firewall address-list add list=Twitter address=209.237.213.0/24
/ip firewall address-list add list=Twitter address=209.237.210.0/24
/ip firewall address-list add list=Twitter address=209.237.209.0/24
/ip firewall address-list add list=Twitter address=209.237.201.0/24
/ip firewall address-list add list=Twitter address=209.237.200.0/24
/ip firewall address-list add list=Twitter address=209.237.199.0/24
/ip firewall address-list add list=Twitter address=209.237.198.0/24
/ip firewall address-list add list=Twitter address=209.237.197.0/24
/ip firewall address-list add list=Twitter address=209.237.196.0/24
/ip firewall address-list add list=Twitter address=209.237.195.0/24
/ip firewall address-list add list=Twitter address=209.237.194.0/24
/ip firewall address-list add list=Twitter address=209.237.193.0/24
/ip firewall address-list add list=Twitter address=209.237.192.0/24
/ip firewall address-list add list=Twitter address=202.160.131.0/24
/ip firewall address-list add list=Twitter address=202.160.130.0/24
/ip firewall address-list add list=Twitter address=202.160.129.0/24
/ip firewall address-list add list=Twitter address=202.160.128.0/24
/ip firewall address-list add list=Twitter address=199.96.62.0/23
/ip firewall address-list add list=Twitter address=199.96.61.0/24
/ip firewall address-list add list=Twitter address=199.96.60.0/24
/ip firewall address-list add list=Twitter address=199.96.60.0/23
/ip firewall address-list add list=Twitter address=199.96.58.0/23
/ip firewall address-list add list=Twitter address=199.96.57.0/24
/ip firewall address-list add list=Twitter address=199.96.56.0/24
/ip firewall address-list add list=Twitter address=199.96.56.0/23
/ip firewall address-list add list=Twitter address=199.59.148.0/22
/ip firewall address-list add list=Twitter address=199.16.156.0/23
/ip firewall address-list add list=Twitter address=199.16.156.0/22
/ip firewall address-list add list=Twitter address=192.48.237.0/24
/ip firewall address-list add list=Twitter address=192.48.236.0/24
/ip firewall address-list add list=Twitter address=192.48.236.0/23
/ip firewall address-list add list=Twitter address=192.133.78.0/23
/ip firewall address-list add list=Twitter address=192.133.76.0/23
/ip firewall address-list add list=Twitter address=192.133.76.0/22
/ip firewall address-list add list=Twitter address=188.64.224.0/21
/ip firewall address-list add list=Twitter address=185.45.6.0/23
/ip firewall address-list add list=Twitter address=185.45.5.0/24
/ip firewall address-list add list=Twitter address=185.45.4.0/24
/ip firewall address-list add list=Twitter address=185.45.4.0/23
/ip firewall address-list add list=Twitter address=104.244.47.0/24
/ip firewall address-list add list=Twitter address=104.244.46.0/24
/ip firewall address-list add list=Twitter address=104.244.45.0/24
/ip firewall address-list add list=Twitter address=104.244.44.0/24
/ip firewall address-list add list=Twitter address=104.244.43.0/24
/ip firewall address-list add list=Twitter address=104.244.42.0/24
/ip firewall address-list add list=Twitter address=104.244.41.0/24
/ip firewall address-list add list=Twitter address=104.244.40.0/24
Blokir Twitter Di Mikrotik
/ip firewall filter
add action=drop chain=forward dst-address-list=Twitter src-address=192.168.17.0/24 comment="Blokir Twitter Menggunakan TLS Host"
/ip firewall mangle
add action=add-dst-to-address-list address-list=Twitter address-list-timeout=4w2d chain=prerouting dst-port=443 protocol=tcp tls-host=*.twitter.com comment="Detecting IP Addresses Twitter"
Blokir Tiktok Di Mikrotik
/ip firewall filter
add action=drop chain=forward dst-address-list=TikTok src-address=192.168.17.0/24 comment="Blocking TikTok Di Router Mikrotik"
/ip firewall mangle
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.tiktok.com src-address=192.168.17.0/24 comment="Blokir TikTok Menggunakan Mikrotik"
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.tiktokv.com src-address=192.168.17.0/24
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.tiktokcdn.com src-address=192.168.17.0/24
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.byteoversea.com src-address=192.168.17.0/24
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.ibyteimg.com src-address=192.168.17.0/24
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.ibytedtos.com src-address=192.168.17.0/24
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.myqcloud.com src-address=192.168.17.0/24
Blokir Netflix Di Mikrotik
/ip firewall filter
add action=drop chain=forward dst-address-list=Netflix src-address=192.168.17.0/24 comment="Blocking Netflix Menggunakan TLS Hosts"
/ip firewall mangle
add action=add-dst-to-address-list address-list=Netflix address-list-timeout=4w2d chain=prerouting content=nflxvideo.net src-address=192.168.17.0/24 comment="Deteksi Alamat IP Address Netflix"
Blokir Steam Menggunakan Address Lists Mikrotik
/ip firewall filter
add action=drop chain=forward dst-address-list=Steam src-address=192.168.17.0/24 comment="Blocking Steam Menggunakan Address Lists"
/ip firewall address-list
add address=45.121.184.0/23 list=Steam
add address=45.121.186.0/23 list=Steam
add address=103.10.124.0/24 list=Steam
add address=103.10.125.0/24 list=Steam
add address=103.28.54.0/23 list=Steam
add address=146.66.152.0/23 list=Steam
add address=146.66.154.0/24 list=Steam
add address=146.66.155.0/24 list=Steam
add address=146.66.156.0/23 list=Steam
add address=146.66.158.0/23 list=Steam
add address=153.254.86.0/24 list=Steam
add address=155.133.224.0/23 list=Steam
add address=155.133.227.0/24 list=Steam
add address=155.133.228.0/23 list=Steam
add address=155.133.230.0/23 list=Steam
add address=155.133.232.0/24 list=Steam
add address=155.133.233.0/24 list=Steam
add address=155.133.234.0/24 list=Steam
add address=155.133.235.0/24 list=Steam
add address=155.133.236.0/23 list=Steam
add address=155.133.238.0/24 list=Steam
add address=155.133.239.0/24 list=Steam
add address=155.133.240.0/23 list=Steam
add address=155.133.242.0/23 list=Steam
add address=155.133.244.0/24 list=Steam
add address=155.133.245.0/24 list=Steam
add address=155.133.246.0/23 list=Steam
add address=155.133.248.0/24 list=Steam
add address=155.133.249.0/24 list=Steam
add address=155.133.250.0/24 list=Steam
add address=155.133.252.0/24 list=Steam
add address=155.133.253.0/24 list=Steam
add address=155.133.254.0/24 list=Steam
add address=155.133.255.0/24 list=Steam
add address=162.254.192.0/24 list=Steam
add address=162.254.193.0/24 list=Steam
add address=162.254.194.0/23 list=Steam
add address=162.254.196.0/24 list=Steam
add address=162.254.197.0/24 list=Steam
add address=162.254.198.0/24 list=Steam
add address=162.254.199.0/24 list=Steam
add address=185.25.180.0/23 list=Steam
add address=185.25.182.0/24 list=Steam
add address=185.25.183.0/24 list=Steam
add address=190.216.121.0/24 list=Steam
add address=190.217.33.0/24 list=Steam
add address=192.69.96.0/23 list=Steam
add address=205.185.194.0/24 list=Steam
add address=205.196.6.0/24 list=Steam
add address=208.64.200.0/24 list=Steam
add address=208.64.201.0/24 list=Steam
add address=208.64.202.0/24 list=Steam
add address=208.64.203.0/24 list=Steam
add address=208.78.164.0/23 list=Steam
add address=208.78.166.0/24 list=Steam
add address=208.78.167.0/24 list=Steam
Blokir Garena ROV Di Mikrotik
/ip firewall filter
add action=drop chain=forward dst-address-list=RoV src-address=192.168.17.0/24 comment="Blocking Garena RoV traffic Menggunakan Mikrotik"
/ip firewall mangle
add action=add-dst-to-address-list address-list=RoV address-list-timeout=4d chain=prerouting dst-port=20000 protocol=tcp comment="Mendeteksi Alamat IP Garena RoV"
Penjelasan Script : IP 192.168.17.0/24 adalah Network ID Dari IP Lokal Anda
Blokir Akses Internet Menggunakan Macc Address
/ip firewall filter
add action=accept chain=forward comment=MID_TEKNOLOGI src-mac-address=\
80:1F:02:6D:24:14
//global blokir ketika terhubung di semua interface
add action=drop chain=forward comment="Block WIFI"
//spesifik diterapkan untuk interface wlan1
add action=drop chain=forward comment="Block WIFI" in-interface=wlan1
Penjelasan Script : Pada script diatas kita melakukan blokir akses internet dengan macc address “80:1F:02:8D:54:C4”
Mikrotik Scripts Untuk Keamanan Jaringan Router Mikrotik
Mencegah Port Scanner
/ip firewall filter
add action=add-src-to-address-list address-list="Port Scan" address-list-timeout=4w2d chain=forward comment="Mencegah port scanner" protocol=tcp psd=21,3s,3,1
add action=add-src-to-address-list address-list="Port Scan" address-list-timeout=4w2d chain=input protocol=tcp psd=21,3s,3,1
add action=drop chain=forward src-address-list="Port Scan"
add action=drop chain=input src-address-list="Port Scan"
Mencegah UDP Flood Attack
/ip firewall raw
add action=drop chain=prerouting comment="Mencegah UDP Flood Attack" dst-port=53 in-interface=pppoe-out1 protocol=udp
add action=accept chain=prerouting dst-port=53 in-interface=!pppoe-out1 limit=100,5:packet protocol=udp
add action=drop chain=prerouting dst-port=53 in-interface=!pppoe-out1 protocol=udp
jangan Lupa Set Allow Remote Request di IP > DNS
Mencegah TCP Syn Attack
/ip firewall filter add chain=input protocol=tcp connection-limit=32,1 action=add-src-to-address-list address-list=blocked-addr address-list-timeout=1d
/ip firewall filter add chain=input protocol=tcp src-address-list=blocked-addr connection-limit=3,32 action=tarpit
/ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-state=new action=jump jump-target=SYN-Protect comment="SYN Flood protect" disabled=no
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5 connection-state=new action=accept comment="" disabled=no
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn connection-state=new action=drop comment="" disabled=no
/ip settings set tcp-syncookies=yes
Mencegah ICMP Smurf Attack
/ip firewall raw
add action=drop chain=prerouting comment="Mencegah ICMP Smurf Attack" dst-address-type=broadcast protocol=icmp
/ip firewall filter
add action=drop chain=input comment="Block Ping dari interface WAN" in-interface=LAN-1 protocol=icmp
Mencegah Brute Force
/ip firewall filter
add action=drop chain=input comment="Drop anyone in Black List (SSH)" src-address-list="Black List (SSH)"
add action=jump chain=input comment="Jump to Black List (SSH) Chain" dst-port=22 jump-target="Black List (SSH) Chain" protocol=tcp
add action=add-src-to-address-list address-list="Black List (SSH)" address-list-timeout=4w2d chain="Black List (SSH) Chain" comment="Transfer repeated attempts from Black List (SSH) Stage 3 to Black List (SSH)" connection-state=new src-address-list="Black List (SSH) Stage 3"
add action=add-src-to-address-list address-list="Black List (SSH) Stage 3" address-list-timeout=1m chain="Black List (SSH) Chain" comment="Add Successive attempts to Black List (SSH) Stage 3" connection-state=new src-address-list="Black List (SSH) Stage 2"
add action=add-src-to-address-list address-list="Black List (SSH) Stage 2" address-list-timeout=1m chain="Black List (SSH) Chain" comment="Add Successive attempts to Black List (SSH) Stage 2" connection-state=new src-address-list="Black List (SSH) Stage 1"
add action=add-src-to-address-list address-list="Black List (SSH) Stage 1" address-list-timeout=1m chain="Black List (SSH) Chain" comment="Add initial attempt to Black List (SSH) Stage 1" connection-state=new
add action=return chain="Black List (SSH) Chain" comment="Return from Black List (SSH) chain"
Set Prioritas Bandwith Untuk Zoom
/ip firewall mangle
add action=mark-connection chain=prerouting comment="Mark Zoom Application Connections" dst-address-list=Zoom dst-port=3478,3479,5090,5091,8801-8810 new-connection-mark=Zoom-Connection passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting dst-address-list=Zoom dst-port=3478,3479,5090,5091,8801-8810 new-connection-mark=Zoom-Connection passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="Mark Zoom Web App Connections" dst-address-list=Zoom dst-port=80,443 new-connection-mark=Zoom-Connection passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="Mark All Zoom Packets" connection-mark=Zoom-Connection new-packet-mark=Zoom-Packet passthrough=no
/queue simple
add comment="Internet Package (Upload Speed: 300 Mbps, Download Speed: 300 Mbps)" max-limit=300M/300M name=Parent_Queue target=192.168.17.0/24
add comment="Share Speed to Zoom (Upload Speed: 20Mbps, Download Speed: 20Mbps)" max-limit=20M/20M name=Queue_Zoom packet-marks=Zoom-Packet parent=Parent_Queue priority=1/1 target=192.168.17.0/24
add comment="Share Speed For General Working (Upload Speed: 280 Mbps, Download Speed: 280Mbps)" max-limit=280M/280M name=Queue_Other packet-marks=no-mark parent=Parent_Queue target=192.168.17.0/24
/ip firewall address-list
add address=3.7.35.0/25 list=Zoom
add address=3.21.137.128/25 list=Zoom
add address=3.22.11.0/24 list=Zoom
add address=3.23.93.0/24 list=Zoom
add address=3.25.41.128/25 list=Zoom
add address=3.25.42.0/25 list=Zoom
add address=3.25.49.0/24 list=Zoom
add address=3.80.20.128/25 list=Zoom
add address=3.96.19.0/24 list=Zoom
add address=3.101.32.128/25 list=Zoom
add address=3.101.52.0/25 list=Zoom
add address=3.104.34.128/25 list=Zoom
add address=3.120.121.0/25 list=Zoom
add address=3.127.194.128/25 list=Zoom
add address=3.208.72.0/25 list=Zoom
add address=3.211.241.0/25 list=Zoom
add address=3.235.69.0/25 list=Zoom
add address=3.235.82.0/23 list=Zoom
add address=3.235.71.128/25 list=Zoom
add address=3.235.72.128/25 list=Zoom
add address=3.235.73.0/25 list=Zoom
add address=3.235.96.0/23 list=Zoom
add address=4.34.125.128/25 list=Zoom
add address=4.35.64.128/25 list=Zoom
add address=8.5.128.0/23 list=Zoom
add address=13.52.6.128/25 list=Zoom
add address=13.52.146.0/25 list=Zoom
add address=18.157.88.0/24 list=Zoom
add address=18.205.93.128/25 list=Zoom
add address=20.203.158.80/28 list=Zoom
add address=20.203.190.192/26 list=Zoom
add address=50.239.202.0/23 list=Zoom
add address=50.239.204.0/24 list=Zoom
add address=52.61.100.128/25 list=Zoom
add address=52.202.62.192/26 list=Zoom
add address=52.215.168.0/25 list=Zoom
add address=64.125.62.0/24 list=Zoom
add address=64.211.144.0/24 list=Zoom
add address=64.224.32.0/19 list=Zoom
add address=65.39.152.0/24 list=Zoom
add address=69.174.57.0/24 list=Zoom
add address=69.174.108.0/22 list=Zoom
add address=99.79.20.0/25 list=Zoom
add address=101.36.167.0/24 list=Zoom
add address=103.122.166.0/23 list=Zoom
add address=111.33.115.0/25 list=Zoom
add address=111.33.181.0/25 list=Zoom
add address=115.110.154.192/26 list=Zoom
add address=115.114.56.192/26 list=Zoom
add address=115.114.115.0/26 list=Zoom
add address=115.114.131.0/26 list=Zoom
add address=120.29.148.0/24 list=Zoom
add address=129.151.0.0/19 list=Zoom
add address=129.151.40.0/22 list=Zoom
add address=129.151.48.0/20 list=Zoom
add address=129.159.0.0/20 list=Zoom
add address=129.159.160.0/19 list=Zoom
add address=129.159.208.0/20 list=Zoom
add address=130.61.164.0/22 list=Zoom
add address=134.224.0.0/16 list=Zoom
add address=140.238.128.0/24 list=Zoom
add address=140.238.232.0/22 list=Zoom
add address=144.195.0.0/16 list=Zoom
add address=147.124.96.0/19 list=Zoom
add address=149.137.0.0/17 list=Zoom
add address=150.230.224.0/21 list=Zoom
add address=152.67.20.0/24 list=Zoom
add address=152.67.118.0/24 list=Zoom
add address=152.67.168.0/22 list=Zoom
add address=152.67.180.0/24 list=Zoom
add address=152.67.184.0/22 list=Zoom
add address=152.67.240.0/21 list=Zoom
add address=152.70.224.0/21 list=Zoom
add address=156.45.0.0/17 list=Zoom
add address=158.101.64.0/24 list=Zoom
add address=158.101.184.0/22 list=Zoom
add address=160.1.56.128/25 list=Zoom
add address=161.199.136.0/22 list=Zoom
add address=162.12.232.0/22 list=Zoom
add address=162.255.36.0/22 list=Zoom
add address=165.254.88.0/23 list=Zoom
add address=166.108.64.0/18 list=Zoom
add address=168.138.16.0/22 list=Zoom
add address=168.138.48.0/24 list=Zoom
add address=168.138.56.0/21 list=Zoom
add address=168.138.72.0/24 list=Zoom
add address=168.138.74.0/25 list=Zoom
add address=168.138.80.0/21 list=Zoom
add address=168.138.96.0/22 list=Zoom
add address=168.138.116.0/22 list=Zoom
add address=168.138.244.0/24 list=Zoom
add address=170.114.0.0/16 list=Zoom
add address=173.231.80.0/20 list=Zoom
add address=192.204.12.0/22 list=Zoom
add address=193.122.16.0/20 list=Zoom
add address=193.122.32.0/20 list=Zoom
add address=193.122.208.0/20 list=Zoom
add address=193.122.224.0/20 list=Zoom
add address=193.122.240.0/20 list=Zoom
add address=193.123.0.0/19 list=Zoom
add address=193.123.40.0/21 list=Zoom
add address=193.123.128.0/19 list=Zoom
add address=193.123.168.0/21 list=Zoom
add address=193.123.192.0/19 list=Zoom
add address=198.251.128.0/17 list=Zoom
add address=202.177.207.128/27 list=Zoom
add address=204.80.104.0/21 list=Zoom
add address=204.141.28.0/22 list=Zoom
add address=206.247.0.0/16 list=Zoom
add address=207.226.132.0/24 list=Zoom
add address=209.9.211.0/24 list=Zoom
add address=209.9.215.0/24 list=Zoom
add address=213.19.144.0/24 list=Zoom
add address=213.19.153.0/24 list=Zoom
add address=213.244.140.0/24 list=Zoom
add address=221.122.88.64/27 list=Zoom
add address=221.122.88.128/25 list=Zoom
add address=221.122.89.128/25 list=Zoom
add address=221.123.139.192/27 list=Zoom
Set Prioritas Bandwith Untuk Aplikasi Mircrosoft Teams
/ip firewall mangle
add action=mark-connection chain=prerouting comment="Mark MicrosoftTeams Application Connection" dst-address-list=MicrosoftTeams dst-port=3478,3479,3480,3481 new-connection-mark=MicrosoftTeams-Connection passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting dst-address-list=MicrosoftTeams dst-port=3478,3479,3480,3481 new-connection-mark=MicrosoftTeams-Connection passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="Mark MicrosoftTeams Web App Connections" dst-address-list=MicrosoftTeams dst-port=80,443 new-connection-mark=MicrosoftTeams-Connection passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="Mark All MicrosoftTeams Packets" connection-mark=MicrosoftTeams-Connection new-packet-mark=MicrosoftTeams-Packet passthrough=no
/queue simple
add comment="Internet Package (Upload Speed: 300 Mbps, Download Speed: 300 Mbps)" max-limit=300M/300M name=Parent_Queue target=192.168.17.0/24
add comment="Share Speed to MicrosoftTeams (Upload Speed: 20Mbps, Download Speed: 20Mbps)" max-limit=20M/20M name=Queue_MicrosoftTeams packet-marks=MicrosoftTeams-Packet parent=Parent_Queue priority=1/1 target=192.168.17.0/24
add comment="Share Speed For General Working (Upload Speed: 280 Mbps, Download Speed: 280Mbps)" max-limit=280M/280M name=Queue_Other packet-marks=no-mark parent=Parent_Queue target=192.168.17.0/24
/ip firewall address-list
add address=13.107.64.0/18 list=MicrosoftTeams
add address=52.112.0.0/14 list=MicrosoftTeams
add address=52.120.0.0/14 list=MicrosoftTeams
add address=52.238.119.141/32 list=MicrosoftTeams
add address=52.244.160.207/32 list=MicrosoftTeams
Bypass IP Lokal Agar Tidak Terlimit
# tambahkan address lists ip lokal di mikrotik
/ip firewall address-list
add address=0.0.0.0/8 list=IP_LOKAL
add address=10.0.0.0/8 list=IP_LOKAL
add address=100.64.0.0/10 list=IP_LOKAL
add address=127.0.0.0/8 list=IP_LOKAL
add address=169.254.0.0/16 list=IP_LOKAL
add address=172.16.0.0/12 list=IP_LOKAL
add address=192.0.0.0/24 list=IP_LOKAL
add address=192.0.2.0/24 list=IP_LOKAL
add address=192.168.0.0/16 list=IP_LOKAL
add address=198.18.0.0/15 list=IP_LOKAL
add address=198.51.100.0/24 list=IP_LOKAL
add address=203.0.113.0/24 list=IP_LOKAL
add address=224.0.0.0/4 list=IP_LOKAL
add address=240.0.0.0/4 list=IP_LOKAL
# letakkan script ini di bagian paling atas pada mangle rules
/ip firewall mangle
add action=accept chain=prerouting dst-address-list=IP_LOKAL src-address-list=IP_LOKAL
add action=accept chain=postrouting dst-address-list=IP_LOKAL src-address-list=IP_LOKAL
add action=accept chain=forward dst-address-list=IP_LOKAL src-address-list=IP_LOKAL
add action=accept chain=input dst-address-list=IP_LOKAL src-address-list=IP_LOKAL
add action=accept chain=output dst-address-list=IP_LOKAL src-address-list=IP_LOKAL
Konversi Dynamic Address List Ke Static
:local list
:local address
:log info "Dynamic to static conversion started"
/ip firewall address-list
:foreach a in=[find where dynamic=yes] do={
:set list [get $a list]
:set address [get $a address]
remove $a
add list=$list address=$address disabled=no
}
:log info "Dynamic to static conversion finished"
Tidak ada komentar:
Posting Komentar