Pilihlah paket – paket dibawah ini untuk install OS Microtik :
System, dhcp, Advance Tools, RouTing, Security, Web – Proxy
ganti nama system sesuai dengan selera anda :
[admin@microtik] > system identity set name=(beri nama semau anda)
Selanjutnya promt shell akan berubah menjadi :
Seperti yg anda inginkan :
[admin@warnet] >
Ubahlah Password OS microtik anda dengan cara :
[admin@warnet] >user set admin password=………………………………
aktivkan kedua Ethernet pada PC yang telah anda install OS Microtik :
[admin@warnet] >interface ethernet enable ether1
[admin@warnet] >interface ethernet enable ether2
Berikan nama pada kedua ethernet untuk memudahkan konfigurasi :
[admin@warnet] >interface Ethernet set ether1 name=inet =====è Ethernet yg utk Internet
[admin@warnet] >interface ethernet set ether2 name=lan ===è Ethernet yg untuk ke Switch
Masukan IP pada kedua landcard :
[admin@warnet] >ip address add interface=modem address= ( Diisi IP address dari ISP ) / netmask
[admin@warnet] >ip address add interface=lokal address= (isi ip lokal yg anda mau, misal: 192.168.0.1/255.255.255.0)
masukkan IP gateway yg di berikan dari ISP/ modem :
[admin@warnet] > ip route add gateway=(IP Modem / dari ISP)
SETTING DNS :
[admin@warnet] >ip dns set primary-dns=(IP DNS dari Provider)222.124.204.34 secondary-dns=202.134.0.155 (itu adalah DNS Speedy)
setelah itu coba ping semua IP yang telah di setting di atas.
KONFIGURASI FIREWALL DAN NETWORK
ip firewall nat add action=masquerade chain=srcnat
ip firewall filter add chain=input protocol=udp action=accept
ip firewall filter add chain=input protocol=icmp action=accept
ip firewall filter add chain=input in-interface=(ethernet card yg ke lan) action=accept
ip firewall filter add chain=input in-interface=(ethernet card yg ke internet) action=accept
ip firewall filter add chain=input action=drop
WEB PROXY
ip web-proxy set enabled=yes src-address=0.0.0.0. port=8080 hostname=”" FGS.com=yes parent-proxy=0.0.0.0:0 cache-administrator=”Hanapie” max-object-size=4096KiB cache-drive=system max-cache-size=unlimited max-ram-cache-size=unlimited
ip firewall nat add chain=dstnat protocol=tcp dst-port=80 action=redirect to-ports=3128
ip firewall nat add in-interface=inet
dst-port=80 protocol=tcp action=redirect
to-ports=3128 chain=dstnat dst-address=!192.168.0.0/24
yang 3128 semuanya di ganti 8080 : caranya :
ip web-proxy set enable=yes
ip web-proxy set port=3128
ip web-proxy set max-cache-size=3145728 ( 3 kali total ram )
ip web-proxy set hostname=”FGS proxy server”
ip web-proxy set allow-remote-requests=yes
ip web-proxy set cache-administrator: itsupport@fgs.com
FILTERING :
add chain=input connection-state=established action=accept comment=” Accept established connections”
add chain=input protocol=udp action=accept comment=”Allow UDP”
add chain=input protocol=icmp action=accept comment=”Allow ICMP”
add chain=input src-address=192.168.0.0/24 action=accept comment=”Allow access to router from known network”
add chain=input connection-state=related comment="Accept related connections"
add chain=input connection-state=invalid action=drop comment="Drop invalid connections"
add chain=input protocol=icmp limit=50/5s,2 comment="Allow limited pings"
add chain=input protocol=icmp action=drop comment="Drop excess pings"
add chain=input protocol=tcp dst-port=22 comment="SSH for secure shell"
add chain=input protocol=tcp dst-port=8291 comment="winbox"
add chain=input action=log log-prefix="DROP INPUT" comment="Log everything else"
add chain=input action=drop comment="Drop everything else"
add chain=forward protocol=icmp comment=”allow ping”
add chain=forward protocol=udp comment=”allow udp”
add chain=forward action=drop comment=”drop everything else”
ANTI VIRUS UTK MICROTIK :
add chain=forward connection-state=established comment=”allow established connections”
add chain=forward connection-state=related comment=”allow related connections”
add chain=forward connection-state=invalid action=drop comment=”drop invalid connections”
add chain=forward action=jump jump-target=virus comment=”jump to the virus chain”
add chain=virus protocol=tcp dst-port=135-139 action=drop comment=”Drop Blaster Worm”
add chain=virus protocol=udp dst-port=135-139 action=drop comment=”Drop Messenger Worm”
add chain=virus protocol=tcp dst-port=445 action=drop comment=”Drop Blaster Worm”
add chain=virus protocol=udp dst-port=445 action=drop comment=”Drop Blaster Worm”
add chain=virus protocol=tcp dst-port=593 action=drop comment=”________”
add chain=virus protocol=tcp dst-port=1024-1030 action=drop comment=”________”
add chain=virus protocol=tcp dst-port=1080 action=drop comment=”Drop MyDoom”
add chain=virus protocol=tcp dst-port=1214 action=drop comment=”________”
add chain=virus protocol=tcp dst-port=1363 action=drop comment=”ndm requester”
add chain=virus protocol=tcp dst-port=1364 action=drop comment=”ndm server”
add chain=virus protocol=tcp dst-port=1368 action=drop comment=”screen cast”
add chain=virus protocol=tcp dst-port=1373 action=drop comment=”hromgrafx”
add chain=virus protocol=tcp dst-port=1377 action=drop comment=”cichlid”
SECURITY ROUTER MICROTIK :
/ ip firewall filter
# Edit these rules to reflect your actual IP addresses! #
add chain=input src-address=159.148.172.192/28 comment=”From Mikrotikls network”
add chain=input src-address=10.0.0.0/8 comment=”From our private LAN”
# End of Edit #
Matikan Port yang Biasa di pakai Spam :
/ip firewall filter
add chain=forward dst-port=135-139 protocol=tcp action=drop DONE
add chain=forward dst-port=135-139 protocol=udp action=drop DONE
add chain=forward dst-port=445 protocol=tcp action=drop DONE
add chain=forward dst-port=445 protocol=udp action=drop DONE
add chain=forward dst-port=593 protocol=tcp action=drop DONE
add chain=forward dst-port=4444 protocol=tcp action=drop DONE
add chain=forward dst-port=5554 protocol=tcp action=drop DONE
add chain=forward dst-port=9996 protocol=tcp action=drop
add chain=forward dst-port=995-999 protocol=udp action=drop
add chain=forward dst-port=53 protocol=tcp action=drop
add chain=forward dst-port=55 protocol=tcp action=drop
How to Fix Android App Usage Access Required Issue
After upgrading my G Pro2 to Android Marshmallow Resurection remix, I've got some issue about App Usage Access for some of my installed ...
-
S.T.A.L.K.E.R.: Clear Sky cd-Key`s FK47-S4JT-576Q-GZTM 9T2Q-PN3B-5YHZ-D4VV 6GJC-9MS9-X4NE-6S6H ASF6-YT52-5LJ2-75X6 AXJ2-DVX4-VUX8-TXQA 2J3G-...
-
After upgrading my G Pro2 to Android Marshmallow Resurection remix, I've got some issue about App Usage Access for some of my installed ... -
Here i'd like to make a note about how to install RemixOS For PC by Jide. After Officially relased at 12 Januari 2016, its really inte...
No comments:
Post a Comment