Ciri-Ciri Komputer/ Laptop Yang Baterai CMOS Habis

Baterai CMOS berfungsi untuk menyuplai tenaga bagi BIOS untuk melakukan settingan terhadap sebuah mainboard.

Bios merupakan sebuah aplikasi bawaan dari mainboard untuk dapat melakukan pengontrolan dan pendeteksian terhadap komponen-kompenen lain yang terhubung ke mainboard.

Melalui BIOS, anda dapat melakukan pengaturan terhadap kinerja serta fungsi-fungsi mainboard. BIOS memiliki chipset tersendiri dalam sebuah mainboard, dengan ukuran yang cukup kecil. Didekat chipset BIOS ituah terletak baterai CMOS. Selain fungsi utama tersebut, BIOS berfungsi untuk mengatur waktu dikomputer anda. Pada BIOS anda dapat melakukan pengaturan seperti konfigurasi BOOT Device, Video Share, CPU Speed, dll


Dan jika baterai CMOS sudah habis, maka mainboard tidak dapat berfungsi secara maksimal, misalkan tidak dapat mengenal hardware baru yang terpasang, settingan waktu kembali ke default (bukan waktu sekarang), dan masih banyak lainnya

Tanda tanda jika baterai CMOS sudah habis :

1. BIOS masih dapat bekerja dengan settingan lama tanpa bisa diubah-ubah. Jadi, BIOS sudah tidak dapat lagi melakukan tugasnya secara normal

2. Ketika anda melakukan perubahan terhadap settingan BIOS seperti perubahan pada bootable device, maka setelah anda restart komputer tersebut settingan akan kembali pada settingan semula. Biasanya akan muncul tampilan pada screen bahwa setting BIOS eror, dan anda tidak dapat langsung membooting sistem operasi, biasanya menekan tombol F1 atau F2 untuk melanjutkan booting
3. Settingan jam sistem tidak benar, tidak mengikuti jam saat ini
4. Biasanya jika sebelum masuk loading OS akan muncul informasi setup ulang pada BIOS, dan anda harus menekan tombol yang ditentukan pada informasi tersebut untuk mensetup BIOS atau melanjutkan loading OS dengan kondisi BIOS masih dalam keadaan default
5. Jika BIOS sudah tersetting dan anda mematikan komputer dan didiamkan selama beberapa menit dan mencabut kabel power sehingga tidak dialiri listrik. Maka saat dinyalakan kembali komputernya settingan jam sistem berubah lagi seperti semula

Cara Mengganti Baterai CMOS Laptop

Baterai CMOS (Complementary metal–oxide–semiconductor) disebut juga CMOS RAM atau hanya CMOS adalah sebuah baterai yang digunakan oleh BIOS untuk tetap aktif meski tanpa aliran listrik. Salah satu kegunaannya untuk mengaktifkan dan menjalankan fungsi jam, serta menyimpan setting BIOS, dan umumnya memakai baterai kancing (Baterai bulat yang pipih, diameter dan ketebalannya bervariasi).

OK deh, singkat saja penjelasanya mengenai CMOS. Perlu saya beritahu sebelumnya, Laptop yang saya ganti baterai CMOS-nya ini adalah Compaq Presario CQ40. Lansung saja ini dia cara mengganti baterai CMOS pada laptop :

1. Cabut semua aliran listrik yang masih mengalir ke laptop termasuk lepas baterai laptop...

2. Buka penutup baterai CMOS pada bagian bawah laptop tepatnya disamping tempat baterai. (setiap laptop memiliki tempat yang berbeda-beda, ada yang harus sampai bongkar body laptop seperti Axioo, baru bisa melepas baterainya.)

3. Jika sudah terbuka, maka akan terlihat baterai CMOS laptop yang terbungkus plastik hitam dengan kabel merah hitam.

4. Cabut kabel baterai dari konektonya sehingga terlepas seperti gambar dibawah ini.

5. Untuk langkah ini ada 2 opsi yang ada. Pertama beli paketan baterai CMOS yang sudah terbungkus seperti pada gambar, atau yang kedua membeli isi baterai nya dan mengganti sendiri.


6. Jika Sobat memilih opsi yang pertama, maka anda tinggal membeli paket baterainya di HP center dan tutorial berhenti disini. Perlu saya informasikan harganya adalah Rp150.000,00. Tinggal colokan baterai yang baru tanpa harus susah mengganti isi baterai, tapi dengan harga baterai yang relatif sangat mahal..

7. Tapi jika anda memilih opsi kedua, maka tutorial ini akan berlanjut. Dan langkah selanjutnya adalah membuka pembungkus plastik baterai untuk mengambil baterainya seperti gambar dibawah ini.
Isi baterai CMOS di pasaran hanya Rp 2.000,00 saja. Ingat, sebaiknya baterai baru yang digunakan sama seri dan dayanya dengan baterai yang sebelumnya, yaitu CR2032.

8. Cara melepas baterainya dari besi pengait itu adalah dengan cara di blower / dipanaskan dulu baru bisa lepas.

9. Setelah lepas. Pasang baterai yang baru dan Blow lagi untuk merekatkan.

10. Bungkus baterai yang sudah diganti tadi dengan isolasi hitam untuk merapikanya.

11. Setelah terbungkus rapi, colokan kembali pada slot baterai CMOS pada laptop Sobat.. Tutup kembali body laptop, dan nyalakan seperti biasa.

12. Cara sederhana untuk mengecek baterai berfungsi atau tidak adalah dengan mengecek waktu dan  penanggalan yang telah di atur lagi. Apakah kembali ke waktu yang lama atau waktunya berlanjut, setelah komputer dimatikan beberapa saat.


Demikian informasi dari saya tentang Cara Mengganti Baterai CMOS pada Laptop. Semoga bisa bermanfaat dan selamat mencoba...Good Luck...

sumber : http://widanarta.blogspot.co.id/2013/03/cara-mengganti-baterai-cmos-laptop.html

Reset Battery CMOS di Motherboard

Postingan kali ini akan membahas tentang cara atau langkah dalam melakukan reset baterai CMOS yang ada di motherboard atau mainboard. Mungkin sobat blogger bertanya, buat apa reset baterai CMOS motherboard itu? Kegunaan reset atau meng-clear baterai CMOS antara lain:

• Komputer sobat ga mau booting, tampilan layar gelap ga mau masuk windows.

• Sistem timer komputer sobat kacau, misal kejadian pengalaman saya sendiri, saat masuk komputer jam windowsnya misal menunjuk jam 7, lalu saya matikan komputer, 2 jam kemudian saya hidupkan komputer lagi, dan ternyata jam di windowsnya masih menunjukan jam 7, yang seharusnya sudah jam 9. 

Nah, jika sobat merasa menemui gejala-gejala diatas, mungkin disebabkan oleh masalah yang terbilang sepele yaitu clear atau reset baterai CMOS, maka segera lakukan clear baterai CMOS atau reset baterai CMOS. Buka casing komputer sobat, dan cari benda yang namanya baterai CMOS, bentuknya seperti gambar di bawah ini.

Kalau di motherboard, salah satu contoh letaknya ditunjukkan di gambar berikut (lihat tanda anak panah).

Lalu bagamaina caranya mereset baterai CMOS tersebut? ada 2 cara yaitu

• Melepas langsung Battery CMOS. Cara ini merupakan cara yang paling gampang. Pastikan komputer dalam keadaan mati, lalu sobat tinggal lepas baterai CMOSnya dari wadahnya, bisa menggunakan pinset atau obeng minus kecil untuk mencukilnya. Setelah dilepas tunggu sekitar 10 menit, baru dipasang lagi.

• Menggunakan jumper di dekat sekitar battery CMOS. Jumper CMOS letaknya masih di sekitar baterai CMOS. Lihat yang dilingkari merah di gambar berikut

Saya kasih 2 gambar diatas, itu hanya contoh saja ya. Di gambar pertama terlihat ada 3 pin untuk keperluan jumper, disitu jumper-nya men-short kaki tengah dan kiri. Untuk mereset batterai CMOS (tanpa melepas baterai-nya) caranya adalah matikan dulu komputer sobat lalu jumpernya dipindah sehingga jumper itu men-short atau menghubungkan kaki tengah dan sebelah kanan. Tunggu sampai 10 menit baru dipindah lagi di posisi semula yaitu men-short pin tengah dan pin kiri. Jika masih ga ngefek, coba hidupkan komputer sekitar 10 menit saat posisi jumper men-short pin tengah dan kanan, setelah 10 menit matikan lagi komputernya, lalu kembalikan posisi jumper men-short pin tengah dan kiri. Mungkin tiap motherboard beda-beda posisi awal jumper, jika posisi awal jumpernya menshort kaki tengah dan kanan, maka reset CMOS nya adalah menshort kaki tengan dan kiri, seperti itulah prinsipnya. Untuk gambar 2 prinsipnya sama saja, hanya disitu cuma ada 2 pin karena tiap motherboard memang beda-beda, ada yg 3 pin ada yg 2 pin. Untuk yg 2 pin seperti gambar 2 diatas, maka sobat harus sediakan jumper sendiri untuk menshort 2 pin tersebut selama 10 menit. Kalau tidak ada jumper bisa dengan obeng pipih atau pinset untuk sekedar menghubungkan 2 pin tersebut.

Sobat mungkin bertanya, kapan battery CMOS itu saatnya diganti? Baterai CMOS sebaiknya kita ganti jika sudah ada gejala-gejala seperti jam di windows berjalan melambat dari seharusnya walaupun sudah dicocok-kan berkali-kali, sama prinsipnya kek jam dinding kalau melambat biasanya yg diganti pasti batterai-nya. Sobat bisa beli baterai CMOS di toko komputer, toko elektronika, atau toko alat-alat tulis kantor biasanya juga ada, sobat tinggal bawa saja contohnya ke toko tsb.

Sumber : http://kompi-on.blogspot.co.id/2014/01/cara-reset-battery-cmos-di-motherboard.html

Tutorial Lengkap Seting Mikrotik Untuk Warnet, Hotspot Internal Dan Rt/Rw-Net External Proxy

Disini settingan masing-masing  saya  batasi Cuma 30 client untuk tambahan bisa ditambahi sendiri.
Setting ini dilengkapi firewall untuk memproteksi keamanan Jaringan dari berbagai gangguan dari internet (virus, hacker), maupun dari orang jahil yang hendak mencuri hotspot (Anti netcut, mac clonning, port scanner dll), membagi bandwith untuk tiap-tiap client.
Semoga Bermanfaat..
Dan untuk Para Master-master mohon koreksinya jika ada kekurangan..
Hardware :

Mikrotik RB 751U 2HND
Warnet / Jaringan Lokal
Hotspot internal untuk dalam gedung (30 Client)
PC Server
Server Virtualisasi Proxmox
Proxy Ubuntu
Bullet 2HP Sebagai sebagai AP Bridge (untuk 30 Client)
TOPOLOGINYA :


Oke Deh Kita Mulai Skripnya tinggal Copas Saja Di terminal :
Setting Interface :

/interface ethernet
set 0 comment="Speedy Interface" name=Speedy
set 1 comment="Local Interface" name=Local
set 2 comment="Proxy Interface" name=Proxy  
set 3 comment="Rtrwnet Interface" name=Rtrwnet  
set 4 comment="hotspot Interface" name=hotspotnet


Setting IP

/ip address
add address=192.168.1.2 netmask=255.255.255.0 inteface=Speedy comment=”ke Speedy”
add address=192.168.9.254 netmask=255.255.255.0 inteface=Local comment=”ke Local”
add address=192.168.3.1 netmask=255.255.255.0 inteface=Proxy comment=”ke Proxy”
add address=192.168.4.1 netmask=255.255.255.0 inteface=Rtrwnet comment=”ke Rtrwnet”
add address=192.168.5.1 netmask=255.255.255.0 inteface=Proxy comment=”ke hotspot Internal”


Setting DNS

/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=4096KiB \
max-udp-packet-size=512 servers="176.9.26.139,180.131.144.144"


Setting gateway Dari Modem :

/ip route
add gateway=192.168.1.1 comment="" disabled=no


Setting Port Service

/ip service
set telnet address=0.0.0.0/0 disabled=yes port=23
set ftp address=0.0.0.0/0 disabled=yes port=21
set www address=0.0.0.0/0 disabled=no port=80
set ssh address=0.0.0.0/0 disabled=yes port=22
set www-ssl address=0.0.0.0/0 certificate=none disabled=yes port=443
set api address=0.0.0.0/0 disabled=yes port=8728
set winbox address=0.0.0.0/0 disabled=no port=8291


Setting Zona Waktu

/system ntp client
set enabled=yes mode=unicast primary-ntp=203.160.128.6 secondary-ntp=\
202.169.224.16


IP yang boleh lewat

/ip firewall address-list
add address=192.168.3.1/24 comment="" disabled=no list=ProxyNET
add address=192.168.9.1-192.168.9.254 comment="" disabled=no list=LocalNet
add address=192.168.4.1-192.168.4.30 comment="" disabled=no list=RtrwnetNet
add address=192.168.5.1-192.168.5.30 comment="" disabled=no list=hotspotNet


Firewallnya :

/ip firewall filter
add action=drop chain=input comment="Drop Invalid connections" \
connection-state=invalid disabled=no

add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="Port scanners to list " \
disabled=no protocol=tcp psd=21,3s,3,1

add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="NMAP FIN Stealth scan" \
disabled=no protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg

add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="SYN/FIN scan" disabled=no \
protocol=tcp tcp-flags=fin,syn

add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="SYN/RST scan" disabled=no \
protocol=tcp tcp-flags=syn,rst

add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="FIN/PSH/URG scan" disabled=\
no protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack

add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="ALL/ALL scan" disabled=no \
protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg

add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="NMAP NULL scan" disabled=no \
protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg

add action=drop chain=input comment="Dropping port scanners" disabled=no \
src-address-list="port scanners"




/ip firewall filter
add chain=virus protocol=udp action=drop dst-port=1 comment="Sockets des Troie"
add chain=virus protocol=tcp action=drop dst-port=2 comment="Death"
add chain=virus protocol=tcp action=drop dst-port=20 comment="Senna Spy FTP server"
add chain=virus protocol=tcp action=drop dst-port=21 comment="Back Construction, \
Blade Runner, Cattivik FTP Server, CC Invader, Dark FTP, Doly Trojan, Fore, Invisible \
FTP, Juggernaut 42, Larva, MotIv FTP, Net Administrator, Ramen, Senna Spy FTP server, \
The Flu, Traitor 21, WebEx, WinCrash"
add chain=virus protocol=tcp action=drop dst-port=23 comment="Fire HacKer, \
Tiny Telnet Server TTS, Truva Atl"
add chain=virus protocol=tcp action=drop dst-port=25 comment="Ajan, Antigen, Barok, \
Email Password Sender EPS, EPS II, Gip, Gris, Happy99, Hpteam mail, Hybris, I love you, \
Kuang2, Magic Horse, MBT Mail Bombing Trojan, Moscow Email trojan, Naebi, NewApt worm, \
ProMail trojan, Shtirlitz, Stealth, Tapiras, Terminator, WinPC, WinSpy"
add chain=virus protocol=tcp action=drop dst-port=30 comment="Agent 40421"
add chain=virus protocol=tcp action=drop dst-port=31 comment="Agent 31, Hackers Paradise, Masters Paradise"
add chain=virus protocol=tcp action=drop dst-port=41 comment="Deep Throat, Foreplay"
add chain=virus protocol=tcp action=drop dst-port=48 comment="DRAT"
add chain=virus protocol=tcp action=drop dst-port=50 comment="DRAT"
add chain=virus protocol=tcp action=drop dst-port=58 comment="DMSetup"
add chain=virus protocol=tcp action=drop dst-port=59 comment="DMSetup"
add chain=virus protocol=tcp action=drop dst-port=79 comment="CDK, Firehotcker"
add chain=virus protocol=tcp action=drop dst-port=80 comment="711 trojan, Seven Eleven, AckCmd, \
Back End, Back Orifice 2000 Plug-Ins, Cafeini, CGI Backdoor, Executor, God Message, God Message Creator, \
Hooker, IISworm, MTX, NCX, Reverse WWW Tunnel Backdoor, RingZero, Seeker, WAN Remote, Web Server CT, \
WebDownloader"
add chain=virus protocol=tcp action=drop dst-port=81 comment="RemoConChubo"
add chain=virus protocol=tcp action=drop dst-port=99 comment="Hidden Port, NCX"
add chain=virus protocol=tcp action=drop dst-port=110 comment="ProMail trojan"
add chain=virus protocol=tcp action=drop dst-port=113 comment="Invisible Identd Deamon, Kazimas"
add chain=virus protocol=tcp action=drop dst-port=119 comment="Happy99"
add chain=virus protocol=tcp action=drop dst-port=121 comment="Attack Bot, God Message, JammerKillah"
add chain=virus protocol=tcp action=drop dst-port=123 comment="Net Controller"
add chain=virus protocol=tcp action=drop dst-port=133 comment="Farnaz"
add chain=virus protocol=tcp action=drop dst-port=135-139 comment="Blaster worm"
add chain=virus protocol=udp action=drop dst-port=135-139 comment="messenger worm
add chain=virus protocol=tcp action=drop dst-port=142 comment="NetTaxi"
add chain=virus protocol=tcp action=drop dst-port=146 comment="Infector"
add chain=virus protocol=udp action=drop dst-port=146 comment="Infector"
add chain=virus protocol=tcp action=drop dst-port=170 comment="A-trojan"
add chain=virus protocol=tcp action=drop dst-port=334 comment="Backage"
add chain=virus protocol=tcp action=drop dst-port=411 comment="Backage"
add chain=virus protocol=tcp action=drop dst-port=420 comment="Breach, Incognito"
add chain=virus protocol=tcp action=drop dst-port=421 comment="TCP Wrappers trojan"
add chain=virus protocol=tcp action=drop dst-port=445 comment="Blaster worm
add chain=virus protocol=udp action=drop dst-port=445 comment="Blaster worm
add chain=virus protocol=tcp action=drop dst-port=455 comment="Fatal Connections"
add chain=virus protocol=tcp action=drop dst-port=456 comment="Hackers Paradise"
add chain=virus protocol=tcp action=drop dst-port=513 comment="Grlogin"
add chain=virus protocol=tcp action=drop dst-port=514 comment="RPC Backdoor"
add chain=virus protocol=tcp action=drop dst-port=531 comment="Net666, Rasmin"
add chain=virus protocol=tcp action=drop dst-port=555 comment="711 trojan, Seven Eleven, \
Ini-Killer, Net Administrator, Phase Zero, Phase-0, Stealth Spy"
add chain=virus protocol=tcp action=drop dst-port=605 comment="Secret Service"
add chain=virus protocol=tcp action=drop dst-port=666 comment="Attack FTP, Back Construction, \
BLA trojan, Cain & Abel, NokNok, Satans Back Door SBD, ServU, Shadow Phyre, th3r1pp3rz Therippers"
add chain=virus protocol=tcp action=drop dst-port=667 comment="SniperNet"
add chain=virus protocol=tcp action=drop dst-port=669 comment="DP trojan"
add chain=virus protocol=tcp action=drop dst-port=692 comment="GayOL"
add chain=virus protocol=tcp action=drop dst-port=777 comment="AimSpy, Undetected"
add chain=virus protocol=tcp action=drop dst-port=808 comment="WinHole"
add chain=virus protocol=tcp action=drop dst-port=911 comment="Dark Shadow"
add chain=virus protocol=tcp action=drop dst-port=999 comment="Deep Throat, Foreplay, WinSatan"
add chain=virus protocol=tcp action=drop dst-port=1000 comment="Der Spaeher, Direct Connection"
add chain=virus protocol=tcp action=drop dst-port=1001 comment="Der Spaeher, Le Guardien, Silencer, WebEx"
add chain=virus protocol=tcp action=drop dst-port=1010-1016 comment="Doly Trojan"
add chain=virus protocol=tcp action=drop dst-port=1020 comment="Vampire"
add chain=virus protocol=tcp action=drop dst-port=1024 comment="Jade, Latinus, NetSpy"
add chain=virus protocol=tcp action=drop dst-port=1025 comment="Remote Storm"
add chain=virus protocol=udp action=drop dst-port=1025 comment="Remote Storm"
add chain=virus protocol=tcp action=drop dst-port=1035 comment="Multidropper"
add chain=virus protocol=tcp action=drop dst-port=1042 comment="BLA trojan"
add chain=virus protocol=tcp action=drop dst-port=1045 comment="Rasmin"
add chain=virus protocol=tcp action=drop dst-port=1049 comment="sbin initd"
add chain=virus protocol=tcp action=drop dst-port=1050 comment="MiniCommand"
add chain=virus protocol=tcp action=drop dst-port=1053 comment="The Thief"
add chain=virus protocol=tcp action=drop dst-port=1054 comment="AckCmd"
add chain=virus protocol=tcp action=drop dst-port=1080-1083 comment="WinHole"
add chain=virus protocol=tcp action=drop dst-port=1090 comment="Xtreme"
add chain=virus protocol=tcp action=drop dst-port=1095-1098 comment="Remote Administration Tool RAT"
add chain=virus protocol=tcp action=drop dst-port=1099 comment="Blood Fest Evolution, Remote Administration Tool RAT"
add chain=virus protocol=tcp action=drop dst-port=1150-1151 comment="Orion"
add chain=virus protocol=tcp action=drop dst-port=1170 comment="Psyber Stream Server PSS, Streaming Audio Server, Voice"
add chain=virus protocol=udp action=drop dst-port=1200-1201 comment="NoBackO"
add chain=virus protocol=tcp action=drop dst-port=1207 comment="SoftWAR"
add chain=virus protocol=tcp action=drop dst-port=1208 comment="Infector"
add chain=virus protocol=tcp action=drop dst-port=1212 comment="Kaos"
add chain=virus protocol=tcp action=drop dst-port=1234 comment="SubSeven Java client, Ultors Trojan"
add chain=virus protocol=tcp action=drop dst-port=1243 comment="BackDoor-G, SubSeven, SubSeven Apocalypse, Tiles"
add chain=virus protocol=tcp action=drop dst-port=1245 comment="VooDoo Doll"
add chain=virus protocol=tcp action=drop dst-port=1255 comment="Scarab"
add chain=virus protocol=tcp action=drop dst-port=1256 comment="Project nEXT"
add chain=virus protocol=tcp action=drop dst-port=1269 comment="Matrix"
add chain=virus protocol=tcp action=drop dst-port=1272 comment="The Matrix"
add chain=virus protocol=tcp action=drop dst-port=1313 comment="NETrojan"
add chain=virus protocol=tcp action=drop dst-port=1338 comment="Millenium Worm"
add chain=virus protocol=tcp action=drop dst-port=1349 comment="Bo dll"
add chain=virus protocol=tcp action=drop dst-port=1394 comment="GoFriller, Backdoor G-1"
add chain=virus protocol=tcp action=drop dst-port=1441 comment="Remote Storm"
add chain=virus protocol=tcp action=drop dst-port=1492 comment="FTP99CMP"
add chain=virus protocol=tcp action=drop dst-port=1524 comment="Trinoo"
add chain=virus protocol=tcp action=drop dst-port=1568 comment="Remote Hack"
add chain=virus protocol=tcp action=drop dst-port=1600 comment="Direct Connection, Shivka-Burka"
add chain=virus protocol=tcp action=drop dst-port=1703 comment="Exploiter"
add chain=virus protocol=tcp action=drop dst-port=1777 comment="Scarab"
add chain=virus protocol=tcp action=drop dst-port=1807 comment="SpySender"
add chain=virus protocol=tcp action=drop dst-port=1966 comment="Fake FTP"
add chain=virus protocol=tcp action=drop dst-port=1967 comment="WM FTP Server"
add chain=virus protocol=tcp action=drop dst-port=1969 comment="OpC BO"
add chain=virus protocol=tcp action=drop dst-port=1981 comment="Bowl, Shockrave"
add chain=virus protocol=tcp action=drop dst-port=1999 comment="Back Door, SubSeven, TransScout"
add chain=virus protocol=tcp action=drop dst-port=2000 comment="Der Spaeher, Insane Network, \
Last 2000, Remote Explorer 2000, Senna Spy Trojan Generator"
add chain=virus protocol=tcp action=drop dst-port=2001 comment="Der Spaeher, Trojan Cow"
add chain=virus protocol=tcp action=drop dst-port=2023 comment="Ripper Pro"
add chain=virus protocol=tcp action=drop dst-port=2080 comment="WinHole"
add chain=virus protocol=tcp action=drop dst-port=2115 comment="Bugs"
add chain=virus protocol=udp action=drop dst-port=2130 comment="Mini Backlash"
add chain=virus protocol=tcp action=drop dst-port=2140 comment="The Invasor"
add chain=virus protocol=udp action=drop dst-port=2140 comment="Deep Throat, Foreplay"
add chain=virus protocol=tcp action=drop dst-port=2155 comment="Illusion Mailer"
add chain=virus protocol=tcp action=drop dst-port=2255 comment="Nirvana"
add chain=virus protocol=tcp action=drop dst-port=2283 comment="Hvl RAT"
add chain=virus protocol=tcp action=drop dst-port=2300 comment="Xplorer"
add chain=virus protocol=tcp action=drop dst-port=2311 comment="Studio 54"
add chain=virus protocol=tcp action=drop dst-port=2330-2339 comment="Contact"
add chain=virus protocol=udp action=drop dst-port=2339 comment="Voice Spy"
add chain=virus protocol=tcp action=drop dst-port=2345 comment="Doly Trojan"
add chain=virus protocol=tcp action=drop dst-port=2565 comment="Striker trojan"
add chain=virus protocol=tcp action=drop dst-port=2583 comment="WinCrash"
add chain=virus protocol=tcp action=drop dst-port=2600 comment="Digital RootBeer"
add chain=virus protocol=tcp action=drop dst-port=2716 comment="The Prayer"
add chain=virus protocol=tcp action=drop dst-port=2773-2774 comment="SubSeven, SubSeven 2.1 Gold"
add chain=virus protocol=tcp action=drop dst-port=2801 comment="Phineas Phucker"
add chain=virus protocol=udp action=drop dst-port=2989 comment="Remote Administration Tool RAT"
add chain=virus protocol=tcp action=drop dst-port=3000 comment="Remote Shut"
add chain=virus protocol=tcp action=drop dst-port=3024 comment="WinCrash"
add chain=virus protocol=tcp action=drop dst-port=3031 comment="Microspy"
add chain=virus protocol=tcp action=drop dst-port=3128 comment="Reverse WWW Tunnel Backdoor, RingZero"
add chain=virus protocol=tcp action=drop dst-port=3129 comment="Masters Paradise"
add chain=virus protocol=tcp action=drop dst-port=3150 comment="The Invasor"
add chain=virus protocol=udp action=drop dst-port=3150 comment="Deep Throat, Foreplay, Mini Backlash"
add chain=virus protocol=tcp action=drop dst-port=3456 comment="Terror trojan"
add chain=virus protocol=tcp action=drop dst-port=3459 comment="Eclipse 2000, Sanctuary"
add chain=virus protocol=tcp action=drop dst-port=3700 comment="Portal of Doom"
add chain=virus protocol=tcp action=drop dst-port=3777 comment="PsychWard"
add chain=virus protocol=tcp action=drop dst-port=3791-3801 comment="Total Solar Eclypse"
add chain=virus protocol=tcp action=drop dst-port=4000 comment="SkyDance"
add chain=virus protocol=tcp action=drop dst-port=4092 comment="WinCrash"
add chain=virus protocol=tcp action=drop dst-port=4242 comment="Virtual Hacking Machine VHM"
add chain=virus protocol=tcp action=drop dst-port=4321 comment="BoBo"
add chain=virus protocol=tcp action=drop dst-port=4444 comment="Prosiak, Swift Remote"
add chain=virus protocol=tcp action=drop dst-port=4567 comment="File Nail"
add chain=virus protocol=tcp action=drop dst-port=4590 comment="ICQ Trojan"
add chain=virus protocol=tcp action=drop dst-port=4950 comment="ICQ Trogen Lm"
add chain=virus protocol=tcp action=drop dst-port=5000 comment="Back Door Setup, Blazer5, \
Bubbel, ICKiller, Ra1d, Sockets des Troie"
add chain=virus protocol=tcp action=drop dst-port=5001 comment="Back Door Setup, Sockets des Troie"
add chain=virus protocol=tcp action=drop dst-port=5002 comment="cd00r, Shaft"
add chain=virus protocol=tcp action=drop dst-port=5010 comment="Solo"
add chain=virus protocol=tcp action=drop dst-port=5011 comment="One of the Last Trojans OOTLT, \
One of the Last Trojans OOTLT, modified"
add chain=virus protocol=tcp action=drop dst-port=5025 comment="WM Remote KeyLogger"
add chain=virus protocol=tcp action=drop dst-port=5031-5032 comment="Net Metropolitan"
add chain=virus protocol=tcp action=drop dst-port=5321 comment="Firehotcker"
add chain=virus protocol=tcp action=drop dst-port=5333 comment="Backage, NetDemon"
add chain=virus protocol=tcp action=drop dst-port=5343 comment="wCrat WC Remote Administration Tool"
add chain=virus protocol=tcp action=drop dst-port=5400-5402 comment="Back Construction, Blade Runner"
add chain=virus protocol=tcp action=drop dst-port=5512 comment="Illusion Mailer"
add chain=virus protocol=tcp action=drop dst-port=5534 comment="The Flu"
add chain=virus protocol=tcp action=drop dst-port=5550 comment="Xtcp"
add chain=virus protocol=tcp action=drop dst-port=5555 comment="ServeMe"
add chain=virus protocol=tcp action=drop dst-port=5556-5557 comment="BO Facil"
add chain=virus protocol=tcp action=drop dst-port=5569 comment="Robo-Hack"
add chain=virus protocol=tcp action=drop dst-port=5637-5638 comment="PC Crasher"
add chain=virus protocol=tcp action=drop dst-port=5742 comment="WinCrash"
add chain=virus protocol=tcp action=drop dst-port=5760 comment="Portmap Remote Root Linux Exploit"
add chain=virus protocol=tcp action=drop dst-port=5880-5889 comment="Y3K RAT"
add chain=virus protocol=tcp action=drop dst-port=6000 comment="The Thing"
add chain=virus protocol=tcp action=drop dst-port=6006 comment="Bad Blood"
add chain=virus protocol=tcp action=drop dst-port=6272 comment="Secret Service"
add chain=virus protocol=tcp action=drop dst-port=6400 comment="The Thing"
add chain=virus protocol=tcp action=drop dst-port=6661 comment="TEMan, Weia-Meia"
add chain=virus protocol=tcp action=drop dst-port=6666 comment="Dark Connection Inside, NetBus worm"
add chain=virus protocol=tcp action=drop dst-port=6667 comment="Dark FTP, ScheduleAgent, \
SubSeven, Subseven 2.1.4 DefCon 8, Trinity, WinSatan"
add chain=virus protocol=tcp action=drop dst-port=6669 comment="Host Control, Vampire"
add chain=virus protocol=tcp action=drop dst-port=6670 comment="BackWeb Server, Deep Throat, \
Foreplay, WinNuke eXtreame"
add chain=virus protocol=tcp action=drop dst-port=6711 comment="BackDoor-G, SubSeven, VP Killer"
add chain=virus protocol=tcp action=drop dst-port=6712 comment="Funny trojan, SubSeven"
add chain=virus protocol=tcp action=drop dst-port=6713 comment="SubSeven"
add chain=virus protocol=tcp action=drop dst-port=6723 comment="Mstream"
add chain=virus protocol=tcp action=drop dst-port=6771 comment="Deep Throat, Foreplay"
add chain=virus protocol=tcp action=drop dst-port=6776 comment="2000 Cracks, BackDoor-G, SubSeven, VP Killer"
add chain=virus protocol=udp action=drop dst-port=6838 comment="Mstream"
add chain=virus protocol=tcp action=drop dst-port=6883 comment="Delta Source DarkStar"
add chain=virus protocol=tcp action=drop dst-port=6912 comment="Shit Heep"
add chain=virus protocol=tcp action=drop dst-port=6939 comment="Indoctrination"
add chain=virus protocol=tcp action=drop dst-port=6969-6970 comment="GateCrasher, IRC 3, \
Net Controller, Priority"
add chain=virus protocol=tcp action=drop dst-port=7000 comment="Exploit Translation Server, \
Kazimas, Remote Grab, SubSeven, SubSeven 2.1 Gold"
add chain=virus protocol=tcp action=drop dst-port=7001 comment="Freak88, Freak2k"
add chain=virus protocol=tcp action=drop dst-port=7215 comment="SubSeven, SubSeven 2.1 Gold"
add chain=virus protocol=tcp action=drop dst-port=7300-7308 comment="NetMonitor"
add chain=virus protocol=tcp action=drop dst-port=7424 comment="Host Control"
add chain=virus protocol=udp action=drop dst-port=7424 comment="Host Control"
add chain=virus protocol=tcp action=drop dst-port=7597 comment="Qaz"
add chain=virus protocol=tcp action=drop dst-port=7626 comment="Glacier"
add chain=virus protocol=tcp action=drop dst-port=7777 comment="God Message, Tini"
add chain=virus protocol=tcp action=drop dst-port=7789 comment="Back Door Setup, ICKiller"
add chain=virus protocol=tcp action=drop dst-port=7891 comment="The ReVeNgEr"
add chain=virus protocol=tcp action=drop dst-port=7983 comment="Mstream"
add chain=virus protocol=tcp action=drop dst-port=8787 comment="Back Orifice 2000"
add chain=virus protocol=tcp action=drop dst-port=8988 comment="BacHack"
add chain=virus protocol=tcp action=drop dst-port=8989 comment="Rcon, Recon, Xcon"
add chain=virus protocol=tcp action=drop dst-port=9000 comment="Netministrator"
add chain=virus protocol=udp action=drop dst-port=9325 comment="Mstream"
add chain=virus protocol=tcp action=drop dst-port=9400 comment="InCommand"
add chain=virus protocol=tcp action=drop dst-port=9872-9875 comment="Portal of Doom"
add chain=virus protocol=tcp action=drop dst-port=9876 comment="Cyber Attacker, Rux"
add chain=virus protocol=tcp action=drop dst-port=9878 comment="TransScout"
add chain=virus protocol=tcp action=drop dst-port=9989 comment="Ini-Killer"
add chain=virus protocol=tcp action=drop dst-port=9999 comment="The Prayer"
add chain=virus protocol=tcp action=drop dst-port=10000-10005 comment="OpwinTRojan"
add chain=virus protocol=udp action=drop dst-port=10067 comment="Portal of Doom"
add chain=virus protocol=tcp action=drop dst-port=10085-10086 comment="Syphillis"
add chain=virus protocol=tcp action=drop dst-port=10100 comment="Control Total, Gift trojan"
add chain=virus protocol=tcp action=drop dst-port=10101 comment="BrainSpy, Silencer"
add chain=virus protocol=udp action=drop dst-port=10167 comment="Portal of Doom"
add chain=virus protocol=tcp action=drop dst-port=10520 comment="Acid Shivers"
add chain=virus protocol=tcp action=drop dst-port=10528 comment="Host Control"
add chain=virus protocol=tcp action=drop dst-port=10607 comment="Coma"
add chain=virus protocol=udp action=drop dst-port=10666 comment="Ambush"
add chain=virus protocol=tcp action=drop dst-port=11000 comment="Senna Spy Trojan Generator"
add chain=virus protocol=tcp action=drop dst-port=11050-11051 comment="Host Control"
add chain=virus protocol=tcp action=drop dst-port=11223 comment="Progenic trojan, Secret Agent"
add chain=virus protocol=tcp action=drop dst-port=12076 comment="Gjamer"
add chain=virus protocol=tcp action=drop dst-port=12223 comment="Hack´99 KeyLogger"
add chain=virus protocol=tcp action=drop dst-port=12345 comment="Ashley, cron crontab, \
Fat Bitch trojan, GabanBus, icmp_client.c, icmp_pipe.c, Mypic, NetBus, NetBus Toy, \
NetBus worm, Pie Bill Gates, Whack Job, X-bill"
add chain=virus protocol=tcp action=drop dst-port=12346 comment="Fat Bitch trojan, GabanBus, NetBus, X-bill"
add chain=virus protocol=tcp action=drop dst-port=12349 comment="BioNet"
add chain=virus protocol=tcp action=drop dst-port=12361-12363 comment="Whack-a-mole"
add chain=virus protocol=udp action=drop dst-port=12623 comment="DUN Control"
add chain=virus protocol=tcp action=drop dst-port=12624 comment="ButtMan"
add chain=virus protocol=tcp action=drop dst-port=12631 comment="Whack Job"
add chain=virus protocol=tcp action=drop dst-port=12754 comment="Mstream"
add chain=virus protocol=tcp action=drop dst-port=13000 comment="Senna Spy Trojan Generator, \
Senna Spy Trojan Generator"
add chain=virus protocol=tcp action=drop dst-port=13010 comment="Hacker Brasil HBR"
add chain=virus protocol=tcp action=drop dst-port=13013-13014 comment="PsychWard"
add chain=virus protocol=tcp action=drop dst-port=13223 comment="Hack´99 KeyLogger"
add chain=virus protocol=tcp action=drop dst-port=13473 comment="Chupacabra"
add chain=virus protocol=tcp action=drop dst-port=14500-14503 comment="PC Invader"
add chain=virus protocol=tcp action=drop dst-port=15000 comment="NetDemon"
add chain=virus protocol=tcp action=drop dst-port=15092 comment="Host Control"
add chain=virus protocol=tcp action=drop dst-port=15104 comment="Mstream"
add chain=virus protocol=tcp action=drop dst-port=15382 comment="SubZero"
add chain=virus protocol=tcp action=drop dst-port=15858 comment="CDK"
add chain=virus protocol=tcp action=drop dst-port=16484 comment="Mosucker"
add chain=virus protocol=tcp action=drop dst-port=16660 comment="Stacheldraht"
add chain=virus protocol=tcp action=drop dst-port=16772 comment="ICQ Revenge"
add chain=virus protocol=tcp action=drop dst-port=16959 comment="SubSeven, Subseven 2.1.4 DefCon 8"
add chain=virus protocol=tcp action=drop dst-port=16969 comment="Priority"
add chain=virus protocol=tcp action=drop dst-port=17166 comment="Mosaic"
add chain=virus protocol=tcp action=drop dst-port=17300 comment="Kuang2 the virus"
add chain=virus protocol=tcp action=drop dst-port=17449 comment="Kid Terror"
add chain=virus protocol=tcp action=drop dst-port=17499-17500 comment="CrazzyNet"
add chain=virus protocol=tcp action=drop dst-port=17569 comment="Infector"
add chain=virus protocol=tcp action=drop dst-port=17593 comment="Audiodoor"
add chain=virus protocol=tcp action=drop dst-port=17777 comment="Nephron"
add chain=virus protocol=udp action=drop dst-port=18753 comment="Shaft"
add chain=virus protocol=tcp action=drop dst-port=19864 comment="ICQ Revenge"
add chain=virus protocol=tcp action=drop dst-port=20000 comment="Millenium"
add chain=virus protocol=tcp action=drop dst-port=20001 comment="Millenium, Millenium Lm"
add chain=virus protocol=tcp action=drop dst-port=20002 comment="AcidkoR"
add chain=virus protocol=tcp action=drop dst-port=20005 comment="Mosucker"
add chain=virus protocol=tcp action=drop dst-port=20023 comment="VP Killer"
add chain=virus protocol=tcp action=drop dst-port=20034 comment="NetBus 2.0 Pro, \
NetBus 2.0 Pro Hidden, NetRex, Whack Job"
add chain=virus protocol=tcp action=drop dst-port=20203 comment="Chupacabra"
add chain=virus protocol=tcp action=drop dst-port=20331 comment="BLA trojan"
add chain=virus protocol=tcp action=drop dst-port=20432 comment="Shaft"
add chain=virus protocol=udp action=drop dst-port=20433 comment="Shaft"
add chain=virus protocol=tcp action=drop dst-port=21544 comment="GirlFriend, Kid Terror"
add chain=virus protocol=tcp action=drop dst-port=21554 comment="Exploiter, \
Kid Terror, Schwindler, Winsp00fer"
add chain=virus protocol=tcp action=drop dst-port=22222 comment="Donald Dick, \
Prosiak, Ruler, RUX The TIc.K"
add chain=virus protocol=tcp action=drop dst-port=23005-23006 comment="NetTrash"
add chain=virus protocol=tcp action=drop dst-port=23023 comment="Logged"
add chain=virus protocol=tcp action=drop dst-port=23032 comment="Amanda"
add chain=virus protocol=tcp action=drop dst-port=23432 comment="Asylum"
add chain=virus protocol=tcp action=drop dst-port=23456 comment="Evil FTP, Ugly FTP, Whack Job"
add chain=virus protocol=tcp action=drop dst-port=23476 comment="Donald Dick"
add chain=virus protocol=udp action=drop dst-port=23476 comment="Donald Dick"
add chain=virus protocol=tcp action=drop dst-port=23477 comment="Donald Dick"
add chain=virus protocol=tcp action=drop dst-port=23777 comment="InetSpy"
add chain=virus protocol=tcp action=drop dst-port=24000 comment="Infector"
add chain=virus protocol=tcp action=drop dst-port=25685-25982 comment="Moonpie"
add chain=virus protocol=udp action=drop dst-port=26274 comment="Delta Source"
add chain=virus protocol=tcp action=drop dst-port=26681 comment="Voice Spy"
add chain=virus protocol=tcp action=drop dst-port=27374 comment="Bad Blood, Ramen, Seeker, \
SubSeven, SubSeven 2.1 Gold, Subseven 2.1.4 DefCon 8, SubSeven Muie, Ttfloader"
add chain=virus protocol=udp action=drop dst-port=27444 comment="Trinoo"
add chain=virus protocol=tcp action=drop dst-port=27573 comment="SubSeven"
add chain=virus protocol=tcp action=drop dst-port=27665 comment="Trinoo"
add chain=virus protocol=tcp action=drop dst-port=28678 comment="Exploit"er
add chain=virus protocol=tcp action=drop dst-port=29104 comment="NetTrojan"
add chain=virus protocol=tcp action=drop dst-port=29369 comment="ovasOn"
add chain=virus protocol=tcp action=drop dst-port=29891 comment="The Unexplained"
add chain=virus protocol=tcp action=drop dst-port=30000 comment="Infector"
add chain=virus protocol=tcp action=drop dst-port=30001 comment="ErrOr32"
add chain=virus protocol=tcp action=drop dst-port=30003 comment="Lamers Death"
add chain=virus protocol=tcp action=drop dst-port=30029 comment="AOL trojan"
add chain=virus protocol=tcp action=drop dst-port=30100-30133 comment="NetSphere"
add chain=virus protocol=udp action=drop dst-port=30103 comment="NetSphere"
add chain=virus protocol=tcp action=drop dst-port=30303 comment="Sockets des Troie"
add chain=virus protocol=tcp action=drop dst-port=30947 comment="Intruse"
add chain=virus protocol=tcp action=drop dst-port=30999 comment="Kuang2"
add chain=virus protocol=tcp action=drop dst-port=31335 comment="Trinoo"
add chain=virus protocol=tcp action=drop dst-port=31336 comment="Bo Whack, Butt Funnel"
add chain=virus protocol=tcp action=drop dst-port=31337 comment="Back Fire, Back Orifice 1.20 patches, \
Back Orifice Lm, Back Orifice russian, Baron Night, Beeone, BO client, BO Facil, BO spy, BO2, \
cron crontab, Freak88, Freak2k, icmp_pipe.c, Sockdmini"
add chain=virus protocol=udp action=drop dst-port=31337 comment="Back Orifice, Deep BO"
add chain=virus protocol=tcp action=drop dst-port=31338 comment="Back Orifice, Butt Funnel, NetSpy DK"
add chain=virus protocol=udp action=drop dst-port=31338 comment="Deep BO"
add chain=virus protocol=tcp action=drop dst-port=31339 comment="NetSpy DK"
add chain=virus protocol=tcp action=drop dst-port=31666 comment="BOWhack"
add chain=virus protocol=tcp action=drop dst-port=31785-31792 comment="Hack a Tack"
add chain=virus protocol=udp action=drop dst-port=31791-31792 comment="Hack a Tack"
add chain=virus protocol=tcp action=drop dst-port=32001 comment="Donald Dick"
add chain=virus protocol=tcp action=drop dst-port=32100 comment="Peanut Brittle, Project nEXT"
add chain=virus protocol=tcp action=drop dst-port=32418 comment="Acid Battery"
add chain=virus protocol=tcp action=drop dst-port=33270 comment="Trinity"
add chain=virus protocol=tcp action=drop dst-port=33333 comment="Blakharaz, Prosiak"
add chain=virus protocol=tcp action=drop dst-port=33577-33777 comment="Son of PsychWard"
add chain=virus protocol=tcp action=drop dst-port=33911 comment="Spirit 2000, Spirit 2001"
add chain=virus protocol=tcp action=drop dst-port=34324 comment="Big Gluck, TN"
add chain=virus protocol=tcp action=drop dst-port=34444 comment="Donald Dick"
add chain=virus protocol=udp action=drop dst-port=34555-35555 comment="Trinoo for Windows"
add chain=virus protocol=tcp action=drop dst-port=37237 comment="Mantis"
add chain=virus protocol=tcp action=drop dst-port=37651 comment="Yet Another Trojan YAT"
add chain=virus protocol=tcp action=drop dst-port=40412 comment="The Spy"
add chain=virus protocol=tcp action=drop dst-port=40421 comment="Agent 40421, Masters Paradise"
add chain=virus protocol=tcp action=drop dst-port=40422-40426 comment="Masters Paradise"
add chain=virus protocol=tcp action=drop dst-port=41337 comment="Storm"
add chain=virus protocol=tcp action=drop dst-port=41666 comment="Remote Boot Tool RBT, Remote Boot Tool RBT"
add chain=virus protocol=tcp action=drop dst-port=44444 comment="Prosiak"
add chain=virus protocol=tcp action=drop dst-port=44575 comment="Exploiter"
add chain=virus protocol=udp action=drop dst-port=47262 comment="Delta Source"
add chain=virus protocol=tcp action=drop dst-port=49301 comment="OnLine KeyLogger"
add chain=virus protocol=tcp action=drop dst-port=50130 comment="Enterprise"
add chain=virus protocol=tcp action=drop dst-port=50505 comment="Sockets des Troie"
add chain=virus protocol=tcp action=drop dst-port=50766 comment="Fore, Schwindler"
add chain=virus protocol=tcp action=drop dst-port=51966 comment="Cafeini"
add chain=virus protocol=tcp action=drop dst-port=52317 comment="Acid Battery 2000"
add chain=virus protocol=tcp action=drop dst-port=53001 comment="Remote Windows Shutdown RWS"
add chain=virus protocol=tcp action=drop dst-port=54283 comment="SubSeven, SubSeven 2.1 Gold"
add chain=virus protocol=tcp action=drop dst-port=54320 comment="Back Orifice 2000"
add chain=virus protocol=tcp action=drop dst-port=54321 comment="Back Orifice 2000, School Bus"
add chain=virus protocol=tcp action=drop dst-port=55165 comment="File Manager trojan, \
File Manager trojan, WM Trojan Generator"
add chain=virus protocol=tcp action=drop dst-port=55166 comment="WM Trojan Generator"
add chain=virus protocol=tcp action=drop dst-port=57341 comment="NetRaider"
add chain=virus protocol=tcp action=drop dst-port=58339 comment="Butt Funnel"
add chain=virus protocol=tcp action=drop dst-port=60000 comment="Deep Throat, Foreplay, Sockets des Troie"
add chain=virus protocol=tcp action=drop dst-port=60001 comment="Trinity"
add chain=virus protocol=tcp action=drop dst-port=60068 comment="Xzip 6000068"
add chain=virus protocol=tcp action=drop dst-port=60411 comment="Connection"
add chain=virus protocol=tcp action=drop dst-port=61348 comment="Bunker-Hill"
add chain=virus protocol=tcp action=drop dst-port=61466 comment="TeleCommando"
add chain=virus protocol=tcp action=drop dst-port=61603 comment="Bunker-Hill"
add chain=virus protocol=tcp action=drop dst-port=63485 comment="Bunker-Hill"
add chain=virus protocol=tcp action=drop dst-port=64101 comment="Taskman"
add chain=virus protocol=tcp action=drop dst-port=65000 comment="Devil, Sockets des Troie, Stacheldraht"
add chain=virus protocol=tcp action=drop dst-port=65390 comment="Eclypse"
add chain=virus protocol=tcp action=drop dst-port=65421 comment="Jade"
add chain=virus protocol=tcp action=drop dst-port=65432 comment="The Traitor th3tr41t0r"
add chain=virus protocol=udp action=drop dst-port=65432 comment="The Traitor th3tr41t0r"
add chain=virus protocol=tcp action=drop dst-port=65534 comment="sbin initd"
add chain=virus protocol=tcp action=drop dst-port=65535 comment="RC1 trojan"
add chain=forward action=jump jump-target=virus comment="jump to the virus chain"


Firewall Filter

/ip firewall filter
add action=accept chain=input comment="Allow Established connections" \
connection-state=established disabled=no
add action=accept chain=input comment="Allow Related connections" \
connection-state=related disabled=no
add action=accept chain=input comment="Allow ICMP from Local Network" \
disabled=no protocol=icmp src-address-list=LocalNet
add action=accept chain=input comment="Allow ICMP from PROXY Network" \
disabled=no protocol=icmp src-address-list=ProxyNET
add action=accept chain=input comment="Allow ICMP from RT RW NET Network" \
disabled=no protocol=icmp src-address-list=RtrwnetNet
add action=accept chain=input comment="Allow ICMP from HOTSPOT Network" \
disabled=no protocol=icmp src-address-list=hotspotNet
add action=accept chain=input comment="Allow Input from Local Network" \
disabled=no src-address-list=LocalNet
add action=accept chain=input comment="Allow Input from PROXY Network" \
disabled=no src-address-list=ProxyNET
add action=accept chain=input comment="Allow Input from RT RW NET Network" \
disabled=no src-address-list=RtrwnetNet
add action=accept chain=input comment="Allow Input from HOTSPOT Network" \
disabled=no src-address-list=hotspotNet


Port Scanner

/ip firewall filter
add action=drop chain=input comment="Drop everything else" disabled=no
add action=jump chain=forward comment="Bad packets filtering" disabled=no \
jump-target=tcp protocol=tcp
add action=jump chain=forward comment="" disabled=no jump-target=udp \
protocol=udp
add action=jump chain=forward comment="" disabled=no jump-target=icmp \
protocol=icmp
add action=drop chain=tcp comment="deny SMTP" disabled=no dst-port=25 \
protocol=tcp
add action=drop chain=tcp comment="deny TFTP" disabled=no dst-port=69 \
protocol=tcp
add action=drop chain=tcp comment="deny RPC portmapper" disabled=no dst-port=\
111 protocol=tcp
add action=drop chain=tcp comment="deny RPC portmapper" disabled=no dst-port=\
135 protocol=tcp
add action=drop chain=tcp comment="deny NBT" disabled=no dst-port=137-139 \
protocol=tcp
add action=drop chain=tcp comment="deny cifs" disabled=no dst-port=445 \
protocol=tcp
add action=drop chain=tcp comment="deny NFS" disabled=no dst-port=2049 \
protocol=tcp
add action=drop chain=tcp comment="deny NetBus" disabled=no dst-port=\
12345-12346 protocol=tcp
add action=drop chain=tcp comment="deny NetBus" disabled=no dst-port=20034 \
protocol=tcp
add action=drop chain=tcp comment="deny BackOriffice" disabled=no dst-port=\
3133 protocol=tcp
add action=drop chain=tcp comment="deny DHCP" disabled=no dst-port=67-68 \
protocol=tcp
add action=drop chain=tcp comment="deny P2P" disabled=no p2p=all-p2p
add action=drop chain=udp comment="deny TFTP" disabled=no dst-port=69 \
protocol=udp
add action=drop chain=udp comment="deny PRC portmapper" disabled=no dst-port=\
111 protocol=udp
add action=drop chain=udp comment="deny PRC portmapper" disabled=no dst-port=\
135 protocol=udp
add action=drop chain=udp comment="deny NBT" disabled=no dst-port=137-139 \
protocol=udp
add action=drop chain=udp comment="deny NFS" disabled=no dst-port=2049 \
protocol=udp
add action=drop chain=udp comment="deny BackOriffice" disabled=no dst-port=\
3133 protocol=udp
add action=accept chain=icmp comment="limit packets 5/secs" disabled=no \
icmp-options=0:0-255 limit=5,5 protocol=icmp
add action=accept chain=icmp comment="limit packets 5/secs" disabled=no \
icmp-options=3:0 protocol=icmp
add action=accept chain=icmp comment="limit packets 5/secs" disabled=no \
icmp-options=3:3 limit=5,5 protocol=icmp
add action=accept chain=icmp comment="limit packets 5/secs" disabled=no \
icmp-options=3:4 limit=5,5 protocol=icmp
add action=accept chain=icmp comment="limit packets 5/secs" disabled=no \
icmp-options=8:0-255 limit=5,5 protocol=icmp
add action=accept chain=icmp comment="limit packets 5/secs" disabled=no \
icmp-options=11:0-255 limit=5,5 protocol=icmp
add action=drop chain=icmp comment="Drop other icmp packets" disabled=no
add action=accept chain=forward comment="Allow Established connections" \
connection-state=established disabled=no


Persilahkan lewat dari address list

/ip firewall filter
add action=accept chain=forward comment="Allow Forward from Local Network" \
disabled=no src-address-list=LocalNet
add action=accept chain=forward comment="Allow Forward from PROXY Network" \
disabled=no src-address-list=ProxyNET
add action=accept chain=forward comment="Allow Forward from RT RW NET Network" \
disabled=no src-address-list=RtrwnetNet
add action=accept chain=forward comment="Allow Forward from HOTSPOT Network" \
disabled=no src-address-list=hotspotNet


Setting NAT

/ip firewall nat
add action=masquerade src-address-list=LocalNet chain=srcnat comment="NAT-Local" disabled=no \
out-interface=Speedy
add action=masquerade src-address-list=ProxyNet chain=srcnat comment="NAT-PROXY" disabled=no \
out-interface=Speedy
add action=masquerade src-address-list=RtrwnetNet chain=srcnat comment="NAT-Rtrwnet" disabled=no \
out-interface=Speedy
add action=masquerade src-address-list=hotspotNet chain=srcnat comment="HOTSPOTnet" disabled=no \
out-interface=Speedy


NAT Ke Proxy

/ip firewall nat
add action=dst-nat chain=dstnat comment="TRANSPARENT PROXY Local" disabled=no \
src-address=192.168.9.2-192.168.9.30 dst-port=80,8080,3128 in-interface=Local \
protocol=tcp to-addresses=192.168.3.3 to-ports=3128
add action=dst-nat chain=dstnat comment="TRANSPARENT PROXY Rtrwnet" disabled=no \
src-address=192.168.4.1-192.168.4.30 dst-port=80,8080,3128 in-interface=Local \
protocol=tcp to-addresses=192.168.3.3 to-ports=3128
add action=dst-nat chain=dstnat comment="TRANSPARENT PROXY HOTSPOT" disabled=no \
src-address=192.168.5.1-192.168.5.30 dst-port=80,8080,3128 in-interface=hotspot \
protocol=tcp to-addresses=192.168.3.3 to-ports=3128
add action=dst-nat chain=dstnat comment="TRANSPARENT DNS LOKAL" disabled=no \
dst-port=53 in-interface=Local protocol=udp to-ports=53
add action=dst-nat chain=dstnat comment="" disabled=no dst-port=53 \
in-interface=Local protocol=tcp to-ports=53
add action=dst-nat chain=dstnat comment="TRANSPARENT DNS Rtrwnet" disabled=no \
dst-port=53 in-interface=Rtrwnet protocol=udp to-ports=53
add action=dst-nat chain=dstnat comment="" disabled=no dst-port=53 \
in-interface=Rtrwnet protocol=tcp to-ports=53
add action=dst-nat chain=dstnat comment="TRANSPARENT DNS HOTSPOT" disabled=no \
dst-port=53 in-interface=hotspot protocol=udp to-ports=53
add action=dst-nat chain=dstnat comment="" disabled=no dst-port=53 \
in-interface=hotspot protocol=tcp to-ports=53
add action=dst-nat chain=dstnat comment="" disabled=no dst-port=53 \
in-interface=Proxy protocol=udp to-ports=53
add action=dst-nat chain=dstnat comment="" disabled=no dst-port=53 \
in-interface=Proxy protocol=tcp to-ports=53


Mangle :

/ip firewall mangle
add action=mark-packet chain=forward comment="PROXY-HIT-DSCP 12" disabled=no \
dscp=12 new-packet-mark=proxy-hit passthrough=no
add action=change-dscp chain=postrouting comment=CRITICAL disabled=no \
new-dscp=1 protocol=icmp
add action=change-dscp chain=postrouting comment="" disabled=no dst-port=53 \
new-dscp=1 protocol=udp
add action=change-dscp chain=postrouting comment="" disabled=no dst-port=53 \
new-dscp=1 protocol=tcp
add action=mark-connection chain=postrouting comment="" disabled=no dscp=1 \
new-connection-mark=critical_conn passthrough=yes
add action=mark-packet chain=postrouting comment="" connection-mark=\
critical_conn disabled=no new-packet-mark=critical_pkt passthrough=no
add action=mark-connection chain=prerouting comment=MARK-ALL-CONN disabled=no \
dst-address-list=!LocalNet in-interface=Local new-connection-mark=\
all.pre_conn passthrough=yes
add action=mark-connection chain=prerouting comment=MARK-ALL-CONN disabled=no \
dst-address-list=!RtrwnetNet in-interface=Rtrwnet new-connection-mark=\
all.pre_conn passthrough=yes
add action=mark-connection chain=prerouting comment=MARK-ALL-CONN disabled=no \
dst-address-list=!hotspotNet in-interface=hotspot new-connection-mark=\
all.pre_conn passthrough=yes
add action=mark-connection chain=forward comment="Local" disabled=no \
new-connection-mark=all.post_conn out-interface=Local passthrough=yes \
src-address-list=!LocalNet
add action=mark-connection chain=forward comment="RT RW NET" disabled=no \
new-connection-mark=all.post_conn out-interface=Rtrwnet passthrough=yes \
src-address-list=!RtrwnetNet
add action=mark-connection chain=forward comment="HOTSPOT" disabled=no \
new-connection-mark=all.post_conn out-interface=hotspot passthrough=yes \
src-address-list=!hotspotNet
add action=mark-packet chain=prerouting comment="" connection-mark=\
all.pre_conn disabled=no new-packet-mark=all.pre_pkt passthrough=yes
add action=mark-packet chain=forward comment="" connection-mark=all.post_conn \
disabled=no new-packet-mark=all.post_pkt passthrough=yes
add action=mark-connection chain=prerouting comment=GAMES connection-mark=\
all.pre_conn disabled=no dst-port=9339,843 new-connection-mark=games_conn \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" connection-mark=\
all.pre_conn disabled=no dst-port=40000-40010 new-connection-mark=\
games_conn passthrough=yes protocol=udp
add action=mark-packet chain=forward comment="" connection-mark=games_conn \
disabled=no new-packet-mark=games_pkt passthrough=no
add action=mark-connection chain=prerouting comment=HTTP-CLIENT \
connection-mark=all.pre_conn disabled=no new-connection-mark=\
browsing_conn packet-size=0-64 passthrough=yes protocol=tcp tcp-flags=ack
add action=mark-connection chain=prerouting comment="" connection-mark=\
all.pre_conn disabled=no dst-port=80,443 new-connection-mark=\
browsing_conn passthrough=yes protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=0-131072 \
connection-mark=browsing_conn disabled=no new-packet-mark=browsing_pkt \
passthrough=no protocol=tcp
add action=mark-connection chain=prerouting comment=HTTP-PROXY disabled=no \
dst-address-list=!LocalNet dst-port=80,443 new-connection-mark=proxy_conn \
passthrough=yes protocol=tcp src-address-list=ProxyNET
add action=mark-connection chain=prerouting comment=HTTP-PROXY disabled=no \
dst-address-list=!RtrwnetNet dst-port=80,443 new-connection-mark=proxy_conn \
passthrough=yes protocol=tcp src-address-list=ProxyNET
add action=mark-connection chain=prerouting comment=HTTP-PROXY disabled=no \
dst-address-list=!hotspotNet dst-port=80,443 new-connection-mark=proxy_conn \
passthrough=yes protocol=tcp src-address-list=ProxyNET
add action=mark-packet chain=forward comment="" connection-mark=proxy_conn \
disabled=no new-packet-mark=proxy_pkt passthrough=no
add action=mark-connection chain=prerouting comment=REALTIME connection-mark=\
all.pre_conn disabled=no dst-port=22,179,110,161,8291 \
new-connection-mark=realtime_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" connection-mark=\
all.pre_conn disabled=no dst-port=123 new-connection-mark=realtime_conn \
passthrough=yes protocol=udp
add action=mark-packet chain=forward comment="" connection-mark=realtime_conn \
disabled=no new-packet-mark=realtime_pkt passthrough=no
add action=mark-connection chain=prerouting comment=FILETRANSER \
connection-mark=all.pre_conn disabled=no dst-port=20,21,23 \
new-connection-mark=communication_conn passthrough=yes protocol=tcp
add action=mark-packet chain=forward comment="" connection-mark=\
communication_conn disabled=no new-packet-mark=communication_pkt \
passthrough=no
add action=mark-connection chain=prerouting comment=NORMAL connection-mark=\
all.pre_conn disabled=no dst-address-list=!ProxyNET new-connection-mark=\
normal_conn passthrough=yes
add action=mark-packet chain=forward comment="" connection-mark=normal_conn \
disabled=no new-packet-mark=normal_pkt passthrough=no


Mangle Jaringan Lokal

/ip firewall mangle
add action=mark-packet chain=forward comment=DOWNLOAD connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.1 new-packet-mark=Billing passthrough=no protocol=tcp
add action=mark-packet chain=forward comment=DOWNLOAD connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.2 new-packet-mark=client1 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.3 new-packet-mark=client2 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.4 new-packet-mark=client3 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.6 new-packet-mark=client5 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.7 new-packet-mark=client6 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.8 new-packet-mark=client7 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.9 new-packet-mark=client8 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.10 new-packet-mark=client9 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.11 new-packet-mark=client10 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.12 new-packet-mark=client11 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.13 new-packet-mark=client12 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.14 new-packet-mark=client13 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.15 new-packet-mark=client14 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.16 new-packet-mark=client15 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.17 new-packet-mark=client16 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.18 new-packet-mark=client17 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.19 new-packet-mark=client18 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.20 new-packet-mark=client19 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.21 new-packet-mark=client20 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.22 new-packet-mark=client21 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.23 new-packet-mark=client22 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.24 new-packet-mark=client23 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.25 new-packet-mark=client24 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.26 new-packet-mark=client25 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.27 new-packet-mark=client26 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.28 new-packet-mark=client27 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.29 new-packet-mark=client28 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.9.30 new-packet-mark=client29 passthrough=no protocol=tcp


Mangle Jaringan RT/RW Net

/ip firewall mangle
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.2 new-packet-mark=Rtrwnet2 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.3 new-packet-mark=Rtrwnet3 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.4 new-packet-mark=Rtrwnet4 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.5 new-packet-mark=Rtrwnet5 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.6 new-packet-mark=Rtrwnet6 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.7 new-packet-mark=Rtrwnet7 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.8 new-packet-mark=Rtrwnet8 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.9 new-packet-mark=Rtrwnet9 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.10 new-packet-mark=Rtrwnet10 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.11 new-packet-mark=Rtrwnet11 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.12 new-packet-mark=Rtrwnet12 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.13 new-packet-mark=Rtrwnet13 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.14 new-packet-mark=Rtrwnet14 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.15 new-packet-mark=Rtrwnet15 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.16 new-packet-mark=Rtrwnet16 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.17 new-packet-mark=Rtrwnet17 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.18 new-packet-mark=Rtrwnet18 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.19 new-packet-mark=Rtrwnet19 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.20 new-packet-mark=Rtrwnet20 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.21 new-packet-mark=Rtrwnet21 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.22 new-packet-mark=Rtrwnet22 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.23 new-packet-mark=Rtrwnet23 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.24 new-packet-mark=Rtrwnet24 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.25 new-packet-mark=Rtrwnet25 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.26 new-packet-mark=Rtrwnet26 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.27 new-packet-mark=Rtrwnet27 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.28 new-packet-mark=Rtrwnet28 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.29 new-packet-mark=Rtrwnet29 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.30 new-packet-mark=Rtrwnet30 passthrough=no protocol=tcp


Mangle Jaringan Hotspot Internal

/ip firewall mangle
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.2 new-packet-mark=hotspot2 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.3 new-packet-mark=hotspot3 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.4 new-packet-mark=hotspot4 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.5 new-packet-mark=hotspot5 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.6 new-packet-mark=hotspot6 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.7 new-packet-mark=hotspot7 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.8 new-packet-mark=hotspot8 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.9 new-packet-mark=hotspot9 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.10 new-packet-mark=hotspot10 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.11 new-packet-mark=hotspot11 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.12 new-packet-mark=hotspot12 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.13 new-packet-mark=hotspot13 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.14 new-packet-mark=hotspot14 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.15 new-packet-mark=hotspot15 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.16 new-packet-mark=hotspot16 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.17 new-packet-mark=hotspot17 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.18 new-packet-mark=hotspot18 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.19 new-packet-mark=hotspot19 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.20 new-packet-mark=hotspot20 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.21 new-packet-mark=hotspot21 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.22 new-packet-mark=hotspot22 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.23 new-packet-mark=hotspot23 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.24 new-packet-mark=hotspot24 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.25 new-packet-mark=hotspot25 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.26 new-packet-mark=hotspot26 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.27 new-packet-mark=hotspot27 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.28 new-packet-mark=hotspot28 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.29 new-packet-mark=hotspot29 passthrough=no protocol=tcp
add action=mark-packet chain=forward comment="" connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.5.30 new-packet-mark=hotspot30 passthrough=no protocol=tcp



Bandwidth Limiter

/queue type
add kind=pcq name=pcq_up pcq-classifier=src-address pcq-limit=200 pcq-rate=0 \
pcq-total-limit=8000
add kind=pcq name=pcq_down pcq-classifier=dst-address pcq-limit=200 pcq-rate=\
0 pcq-total-limit=8000
add kind=pfifo name=pfifo-critical pfifo-limit=10
add kind=pcq name=pcq_critical.up pcq-classifier=src-address,src-port \
pcq-limit=20 pcq-rate=0 pcq-total-limit=500
add kind=pcq name=pcq_critical.down pcq-classifier=dst-address,dst-port \
pcq-limit=20 pcq-rate=0 pcq-total-limit=500




/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name="A. PROXY HIT Local" packet-mark=proxy-hit parent=Local \
priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name="E. PROXY HIT RTRWNET" packet-mark=proxy-hit parent=Rtrwnet \
priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name="F. PROXY HIT HOTSPOT" packet-mark=proxy-hit parent=hotspot \
priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name="B. CRITICAL" packet-mark=critical_pkt parent=Speedy \
priority=1 queue=pfifo-critical
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name="C. INBOUND" packet-mark=all.post_pkt parent=global-out \
priority=8
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name="D. OUTBOUND" packet-mark=all.pre_pkt parent=Speedy \
priority=8
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name="A. GAMES" packet-mark=games_pkt parent="C. INBOUND" \
priority=2 queue=pcq_critical.down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name="B. HTTP" packet-mark=browsing_pkt parent="C. INBOUND" \
priority=3 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=64k \
max-limit=128k name="C. REALTIME" packet-mark=realtime_pkt parent=\
"C. INBOUND" priority=4 queue=pcq_critical.down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=64k \
max-limit=128k name="D. FILETRANS" packet-mark=communication_pkt parent=\
"C. INBOUND" priority=5 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=64k \
max-limit=128k name="E. NORMAL" packet-mark=normal_pkt parent=\
"C. INBOUND" priority=6 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=1024k name="F. DOWNCLIENT 1M" parent="C. INBOUND" priority=8

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=1024k name="F. DOWNRTRW 1M" parent="C. INBOUND" priority=8

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=1024k name="F. DOWNHOTSPOT 1M" parent="C. INBOUND" priority=8

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name="G. DOWN 2M" parent="C. INBOUND" priority=8


Limit Jaringan Lokal

/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Billing packet-mark=Billing parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client1 packet-mark=client1 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client2 packet-mark=client2 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client3 packet-mark=client3 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client4 packet-mark=client4 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client5 packet-mark=client5 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client6 packet-mark=client6 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client7 packet-mark=client7 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client8 packet-mark=client8 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client9 packet-mark=client9 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client10 packet-mark=client10 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client11 packet-mark=client11 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client12 packet-mark=client12 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client13 packet-mark=client13 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client14 packet-mark=client14 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client15 packet-mark=client15 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client16 packet-mark=client16 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client17 packet-mark=client17 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client18 packet-mark=client18 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client19 packet-mark=client19 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client20 packet-mark=client20 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client21 packet-mark=client21 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client22 packet-mark=client22 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client23 packet-mark=client23 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client24 packet-mark=client24 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client25 packet-mark=client25 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client26 packet-mark=client26 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client27 packet-mark=client27 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client28 packet-mark=client28 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client29 packet-mark=client29 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Client30 packet-mark=client30 parent=\
"F. DOWNCLIENT 1M" priority=8 queue=pcq_down


Limit Jaringan RT/RW Net

/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet1 packet-mark=Rtrwnet1 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet2 packet-mark=Rtrwnet2 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet3 packet-mark=Rtrwnet3 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet4 packet-mark=Rtrwnet4 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet5 packet-mark=Rtrwnet5 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet6 packet-mark=Rtrwnet6 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet7 packet-mark=Rtrwnet7 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet8 packet-mark=Rtrwnet8 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet9 packet-mark=Rtrwnet9 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet10 packet-mark=Rtrwnet10 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet11 packet-mark=Rtrwnet11 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet12 packet-mark=Rtrwnet12 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet13 packet-mark=Rtrwnet13 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet14 packet-mark=Rtrwnet14 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet15 packet-mark=Rtrwnet15 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet16 packet-mark=Rtrwnet16 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet17 packet-mark=Rtrwnet17 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet18 packet-mark=Rtrwnet18 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet19 packet-mark=Rtrwnet19 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet20 packet-mark=Rtrwnet20 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet21 packet-mark=Rtrwnet21 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet22 packet-mark=Rtrwnet22 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet23 packet-mark=Rtrwnet23 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet24 packet-mark=Rtrwnet24 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet25 packet-mark=Rtrwnet25 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet26 packet-mark=Rtrwnet26 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet27 packet-mark=Rtrwnet27 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet28 packet-mark=Rtrwnet28 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet29 packet-mark=Rtrwnet29 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=Rtrwnet30 packet-mark=Rtrwnet30 parent=\
"F. DOWNRTRW 1M" priority=8 queue=pcq_down


Limit Jaringan Hotspot Internal

/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot1 packet-mark=hotspot1 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot2 packet-mark=hotspot2 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot3 packet-mark=hotspot3 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot4 packet-mark=hotspot4 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot5 packet-mark=hotspot5 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot6 packet-mark=hotspot6 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot7 packet-mark=hotspot7 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot8 packet-mark=hotspot8 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot9 packet-mark=hotspot9 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot10 packet-mark=hotspot10 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot11 packet-mark=hotspot11 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot12 packet-mark=hotspot12 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot13 packet-mark=hotspot13 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot14 packet-mark=hotspot14 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot15 packet-mark=hotspot15 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot16 packet-mark=hotspot16 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot17 packet-mark=hotspot17 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot18 packet-mark=hotspot18 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot19 packet-mark=hotspot19 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot20 packet-mark=hotspot20 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot21 packet-mark=hotspot21 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot22 packet-mark=hotspot22 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot23 packet-mark=hotspot23 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot24 packet-mark=hotspot24 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot25 packet-mark=hotspot25 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot26 packet-mark=hotspot26 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot27 packet-mark=hotspot27 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot28 packet-mark=hotspot28 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot29 packet-mark=hotspot29 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=256k name=hotspot30 packet-mark=hotspot30 parent=\
"F. DOWNHOTSPOT 1M" priority=8 queue=pcq_down




/ip firewall mangle
add action=mark-packet chain=forward comment=DOWNLOAD-NO-LIMIT connection-bytes=\
131072-4294967295 connection-mark=all.post_conn disabled=no dst-address=\
192.168.4.30 new-packet-mark=APbescomnet passthrough=no protocol=tcp



/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=APbescomnet packet-mark=client16 parent=\
"G. DOWN 2M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=billing packet-mark=client17 parent=\
"G. DOWN 2M" priority=8 queue=pcq_down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name="A. GAMES UP" packet-mark=games_pkt parent="D. OUTBOUND" \
priority=2 queue=pcq_critical.up
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=64k \
max-limit=128k name="B. HTTP UP" packet-mark=proxy_pkt parent=\
"D. OUTBOUND" priority=3 queue=pcq_up
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=32k \
max-limit=64k name="C. REALTIME UP" packet-mark=realtime_pkt parent=\
"D. OUTBOUND" priority=4 queue=pcq_critical.up
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=64k \
max-limit=128k name="D. FILETRANS UP" packet-mark=communication_pkt \
parent="D. OUTBOUND" priority=5 queue=pcq_up
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=64k \
max-limit=128k name="E. NORMAL UP" packet-mark=normal_pkt parent=\
"D. OUTBOUND" priority=6 queue=pcq_up


Anti Cloning Macaddress Buat Bullet2hp

/ip
 firewall filter
add chain=forward src-address=192.168.4.30
src-mac-address=!00:27:19:E8:xx:xx action=drop comment="kunci
192.168.9.30 ke 00:27:22:E8:xx:xx"
add chain=forward src-address=!192.168.4.30
src-mac-address=00:27:19:E8:xx:xx action=drop comment="kunci
192.168.9.30 ke 00:27:22:E8:xx:xx"

Selesai Deh tinggal setting Hotspot : IP > Hotspot >Servers >Hotspot Setup
192.168.4.1-192.168.4.29 ip pool RtrwnetNet
192.168.5.1-192.168.5.30 ip pool Hotspot



Sumber : http://flazhkita.blogspot.co.id/2013/03/tutorial-lengkap-seting-mikrotik-untuk.html