Minggu, 10 Januari 2016
konfig ini sangat mudah dipahami karena anda tinggal kopas saja di terminal mikrotik :)
tapi anda harus inggat jangan asal copas saja karena harus di sesuaikan dengan topologi dan ip pada jaringan anda :)
#### 2 line isp + proxy external ####
#### adalah dengan cara yg agak berbeda, dimana modem game dijadikan sebagai default route ####
#### dan semua yang bukan-game akan di routing ke modem bukan-game ####
# ip address
# modem game = 1mb = 192.168.10.1 (default route)
# modem bukan-game = 3mb = 192.168.20.1 (routing bukan-game)
# proxy ip = 192.168.21.21
# user/client = 192.168.1.0/24
/ip route
add check-gateway=ping comment=modem-game disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.10.1 scope=30 target-scope=10
add check-gateway=ping comment=modem-bukan-game disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.20.1 routing-mark=bukan-game scope=30 target-scope=10
add check-gateway=ping comment=modem-bukan-game disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.21.21 routing-mark=proxy scope=30 target-scope=10
/ip firewall mangle
######################## connection-mark = port tcp and udp for game/special ####################################
add action=mark-connection chain=prerouting comment=game disabled=no dst-port=53,22,222,445,81,8291,5938 new-connection-mark=game passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment=game disabled=no dst-port=\
1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6001,6000-6152,7777 new-connection-mark=game passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment=game disabled=no dst-port=\
7341-7350,7451,8085,9600,9601-9602,9300,9400,9700,9376-9377,10001-10011,40000 new-connection-mark=game passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment=game disabled=no dst-port=\
10009,13008,16666,28012,11011-11041,10402,11031,12011,12110,13413,15000-15002,15001,15002 new-connection-mark=game passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment=game disabled=no dst-port=\
16402-16502,18901-18909,19000,19101,22100,27780,29000,29200,39100,39110,39220,39190,49100 new-connection-mark=game passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment=game disabled=no dst-port=\
14009-14010,27000-27100,843,9339,8890,8000,8001,8012,28901-28925 new-connection-mark=game passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment=game disabled=no dst-port=53 new-connection-mark=game passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment=game disabled=no dst-port=\
1293,1479,6100-6152,7777-7977,9401,9600-9602,12020-12080,30000,40000-40010 new-connection-mark=game passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment=game disabled=no dst-port=42051-42052,11100-11125,11440-11460 new-connection-mark=game passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment=game disabled=no dst-port=14009-14010 new-connection-mark=game passthrough=yes protocol=udp
######################### connection-mark = bukan-game #########################################################
add action=mark-connection chain=prerouting comment=bukan-game disabled=no connection-mark=!game new-connection-mark=bukan-game passthrough=yes
############################ http (tcp port 80) from user-ip, redirect to proxy address #####################
add action=mark-routing chain=prerouting comment=routing-proxy connection-mark=bukan-game disabled=no \
src-address=192.168.1.0/24 in-interface=ether2-client protocol=tcp dst-port=80 new-routing-mark=proxy passthrough=yes
############################### routing from ip proxy to modem bukan-game ##########################
add action=mark-routing chain=prerouting comment=routing-bukan-game connection-mark=bukan-game disabled=no \
src-address=192.168.21.21 in-interface=ether5-proxy protocol=tcp dst-port=80 new-routing-mark=bukan-game passthrough=yes
############################### routing not game port from ip client to modem bukan-game ##########################
add action=mark-routing chain=prerouting comment=routing-bukan-game connection-mark=bukan-game disabled=no \
src-address=192.168.1.0/24 in-interface=ether2-client protocol=tcp dst-port=!80 new-routing-mark=bukan-game passthrough=yes
add action=mark-routing chain=prerouting comment=routing-bukan-game connection-mark=bukan-game disabled=no \
src-address=192.168.1.0/24 in-interface=ether2-client protocol=udp new-routing-mark=bukan-game passthrough=yes
Script diatas mohon jangan asal copy paste saja , harus anda sesuaikan dengan jaringan yang anda gunakan sekarang :)
Semoga dengan postingan saya ini bisa membantu anda semua dan bagi anda masih ada yang kurang paham bisa komentar di bawah ini :)
Good Luck :)
Di Kutip Dari http://pastebin.com/pVTFCT17