Limit Extensi

The document describes how to configure firewall rules and traffic shaping on a router to limit downloads of certain file extensions like EXE, RAR, ZIP and media file types. It involves adding layer 7 protocols, marking traffic with these protocols, creating queue types to classify traffic by source/destination address, and building a queue tree with priorities and limits to shape download and upload traffic.

Uploaded by

Waone Imperfect

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

45 views8 pages

Limit Extensi

Uploaded by

Waone Imperfect

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 8

MEMBUAT LIMIT EXTENSI

/ip firewall layer7-protocol

add name=EXE regexp="^.*get.+\\.exe.*\$"
add name=RAR regexp="^.*get.+\\.rar.*\$"
add name=ZIP regexp="^.*get.+\\.zip.*\$"
add name=7z regexp="^.*get.+\\.7z.*\$"
add name=WMV regexp="^.*get.+\\.wmv.*\$"
add name=MPG regexp="^.*get.+\\.mpg.*\$"
add name=MPEG regexp="^.*get.+\\.mpeg.*\$"
add name=AVI regexp="^.*get.+\\.avi.*\$"
add name=FLV regexp="^.*get.+\\.flv.*\$"
add name=WAV regexp="^.*get.+\\.wav.*\$"
add name=MP3 regexp="^.*get.+\\.mp3.*\$"
add name=MP4 regexp="^.*get.+\\.mp4.*\$"
add name=ISO regexp="^.*get.+\\.iso.*\$"
add name=3GP regexp="^.*get.+\\.3gp.*\$"
add name=MOV regexp="^.*get.+\\.mov.*\$"
add name=MKV regexp="^.*get.+\\.mkv.*\$"
add name=PDF regexp="^.*get.+\\.pdf.*\$"
add name=TAR regexp="^.*get.+\\.tar.*\$"
add name=APK regexp="^.*get.+\\.apk.*\$"
add name=DAT regexp="^.*get.+\\.dat.*\$"
add name=NRG regexp="^.*get.+\\.nrg.*\$"
add name=RAM regexp="^.*get.+\\.ram.*\$"
add name=RM regexp="^.*get.+\\.rm.*\$"
add name=RMVB regexp="^.*get.+\\.rmvb.*\$"
add name=WMA regexp="^.*get.+\\.wma.*\$"
add name=DAA regexp="^.*get.+\\.daa.*\$"
add name=VCD regexp="^.*get.+\\.vcd.*\$"
add name=CAB regexp="^.*get.+\\.cab.*\$"
add name=ASF regexp="^.*get.+\\.asf.*\$"
add name=BIN regexp="^.*get.+\\.bin.*\$"
add name=BROWSING regexp="http/(0.9|1.0|1.1)[x09-x0d ][1-5][0-9][0-9][x09-x0d -~]"
add name=YOUTUBE regexp="videoplayback"

INI ROUTING UNTUK EXTENSI

/ip firewall mangle

add comment=BROWSING action=mark-connection \
chain=prerouting layer7-protocol=BROWSING \
new-connection-mark=down-BROWSING

add action=mark-packet chain=postrouting \
connection-mark=down-BROWSING \
new-packet-mark=BROWSING passthrough=no

add comment=EXE action=mark-packet chain=postrouting \
disabled=no new-packet-mark=EXE \
connection-mark=down-EXE passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=EXE \
new-connection-mark=down-EXE

add comment=RAR action=mark-packet chain=postrouting \
disabled=no new-packet-mark=RAR \
connection-mark=down-RAR passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=RAR \
new-connection-mark=down-RAR

add comment=ZIP action=mark-packet chain=postrouting \
disabled=no new-packet-mark=ZIP \
connection-mark=down-ZIP passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=ZIP \
new-connection-mark=down-ZIP

add comment=7z action=mark-packet chain=postrouting \
disabled=no new-packet-mark=7z \
connection-mark=down-7z passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=7z \
new-connection-mark=down-7z

add comment=WMV action=mark-packet chain=postrouting \
disabled=no new-packet-mark=WMV \
connection-mark=down-WMV passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=WMV \
new-connection-mark=down-WMV

add comment=MPG action=mark-packet chain=postrouting \
disabled=no new-packet-mark=MPG \
connection-mark=down-MPG passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=MPG \
new-connection-mark=down-MPG

add comment=MPEG action=mark-packet chain=postrouting \
disabled=no new-packet-mark=MPEG \
connection-mark=down-MPEG passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=MPEG \
new-connection-mark=down-MPEG

add comment=AVI action=mark-packet chain=postrouting \
disabled=no new-packet-mark=AVI \
connection-mark=down-AVI passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=AVI \
new-connection-mark=down-AVI

add comment=FLV action=mark-packet chain=postrouting \
disabled=no new-packet-mark=FLV \
connection-mark=down-FLV passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=FLV \
new-connection-mark=down-FLV

add comment=WAV action=mark-packet chain=postrouting \
disabled=no new-packet-mark=WAV \
connection-mark=down-WAV passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=WAV \
new-connection-mark=down-WAV

add comment=MP3 action=mark-packet chain=postrouting \
disabled=no new-packet-mark=MP3 \
connection-mark=down-MP3 passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=MP3 \
new-connection-mark=down-MP3

add comment=MP4 action=mark-packet chain=postrouting \
disabled=no new-packet-mark=MP4 \
connection-mark=down-MP4 passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=MP4 \
new-connection-mark=down-MP4

add comment=ISO action=mark-packet chain=postrouting \
disabled=no new-packet-mark=ISO \
connection-mark=down-ISO passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=ISO \
new-connection-mark=down-ISO

add comment=3GP action=mark-packet chain=postrouting \
disabled=no new-packet-mark=3GP \
connection-mark=down-3GP passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=3GP \
new-connection-mark=down-3GP

add comment=MOV action=mark-packet chain=postrouting \
disabled=no new-packet-mark=MOV \
connection-mark=down-MOV passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=MOV \
new-connection-mark=down-MOV

add comment=MKV action=mark-packet chain=postrouting \
disabled=no new-packet-mark=MKV \
connection-mark=down-MKV passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=MKV \
new-connection-mark=down-MKV

add comment=PDF action=mark-packet chain=postrouting \
disabled=no new-packet-mark=PDF \
connection-mark=down-PDF passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=PDF \
new-connection-mark=down-PDF

add comment=TAR action=mark-packet chain=postrouting \
disabled=no new-packet-mark=TAR \
connection-mark=down-TAR passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=TAR \
new-connection-mark=down-TAR

add comment=APK action=mark-packet chain=postrouting \
disabled=no new-packet-mark=APK \
connection-mark=down-APK passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=APK \
new-connection-mark=down-APK

add comment=DAT action=mark-packet chain=postrouting \
disabled=no new-packet-mark=DAT \
connection-mark=down-DAT passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=DAT \
new-connection-mark=down-DAT

add comment=NRG action=mark-packet chain=postrouting \
disabled=no new-packet-mark=NRG \
connection-mark=down-NRG passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=NRG \
new-connection-mark=down-NRG

add comment=RAM action=mark-packet chain=postrouting \
disabled=no new-packet-mark=RAM \
connection-mark=down-RAM passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=RAM \
new-connection-mark=down-RAM

add comment=RM action=mark-packet chain=postrouting \
disabled=no new-packet-mark=RM \
connection-mark=down-RM passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=RM \
new-connection-mark=down-RM

add comment=RMVB action=mark-packet chain=postrouting \
disabled=no new-packet-mark=RMVB \
connection-mark=down-RMVB passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=RMVB \
new-connection-mark=down-RMVB

add comment=WMA action=mark-packet chain=postrouting \
disabled=no new-packet-mark=WMA \
connection-mark=down-WMA passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=WMA \
new-connection-mark=down-WMA

add comment=DAA action=mark-packet chain=postrouting \
disabled=no new-packet-mark=DAA \
connection-mark=down-DAA passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=DAA \
new-connection-mark=down-DAA

add comment=VCD action=mark-packet chain=postrouting \
disabled=no new-packet-mark=VCD \
connection-mark=down-VCD passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=VCD \
new-connection-mark=down-VCD

add comment=CAB action=mark-packet chain=postrouting \
disabled=no new-packet-mark=CAB \
connection-mark=down-CAB passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=CAB \
new-connection-mark=down-CAB

add comment=ASF action=mark-packet chain=postrouting \
disabled=no new-packet-mark=ASF \
connection-mark=down-ASF passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=ASF \
new-connection-mark=down-ASF

add comment=BIN action=mark-packet chain=postrouting \
disabled=no new-packet-mark=BIN \
connection-mark=down-BIN passthrough=no

add action=mark-connection chain=prerouting \
disable=no layer7-protocol=BIN \
new-connection-mark=down-BIN

MEMBUAT QUEUE TYPE DENGAN JENIS PCQ UNTUK PAKET YANG SUDAH DI TANDAI
MASING-MASING UNTUK SOURCE DAN DESTINATION

/queue type
add name=pct-DOWN kind=pcq \
pcq-classifier=dst-address

add name=pct-UP kind=pcq \
pcq-classifier=src-address

MEMBUAT QUEUE TREE UNTUK PAKET UPLOAD DAN DOWNLOAD

/queue tree

add name=Download parent=ether3 \
queue=pct-DOWN priority=1 max-limit=1M

add name=Browsing parent=Download \
queue=pct-DOWN priority=2 packet-mark=BROWSING

add name="Limit Extensi" parent=ether3 \
queue=pct-DOWN priority=2 max-limit=250k
add name=3GP parent="Limit Extensi" \
packet-mark=3GP queue=pct-DOWN priority=3

add name=7z parent="Limit Extensi" \
packet-mark=7z queue=pct-DOWN priority=3

add name=AVI parent="Limit Extensi" \
packet-mark=AVI queue=pct-DOWN priority=3

add name=EXE parent="Limit Extensi" \
packet-mark=EXE queue=pct-DOWN priority=3

add name=FLV parent="Limit Extensi" \
packet-mark=FLV queue=pct-DOWN priority=3

add name=ISO parent="Limit Extensi" \
packet-mark=ISO queue=pct-DOWN priority=3

add name=MKV parent="Limit Extensi" \
packet-mark=MKV queue=pct-DOWN priority=3

add name=MOV parent="Limit Extensi" \
packet-mark=MOV queue=pct-DOWN priority=3

add name=MP3 parent="Limit Extensi" \
packet-mark=MP3 queue=pct-DOWN priority=3

add name=MP4 parent="Limit Extensi" \
packet-mark=MP4 queue=pct-DOWN priority=3

add name=MPEG parent="Limit Extensi" \
packet-mark=MPEG queue=pct-DOWN priority=3

add name=MPG parent="Limit Extensi" \
packet-mark=MPG queue=pct-DOWN priority=3

add name=PDF parent="Limit Extensi" \
packet-mark=PDF queue=pct-DOWN priority=3

add name=RAR parent="Limit Extensi" \
packet-mark=RAR queue=pct-DOWN priority=3

add name=WAV parent="Limit Extensi" \
packet-mark=WAV queue=pct-DOWN priority=3

add name=WMV parent="Limit Extensi" \
packet-mark=WMV queue=pct-DOWN priority=3

add name=ZIP parent="Limit Extensi" \
packet-mark=ZIP queue=pct-DOWN priority=3

add name=APK parent="Limit Extensi" \
packet-mark=APK queue=pct-DOWN priority=3

add name=DAT parent="Limit Extensi" \
packet-mark=DAT queue=pct-DOWN priority=3

add name=TAR parent="Limit Extensi" \
packet-mark=TAR queue=pct-DOWN priority=3

add name=YOUTUBE parent="Limit Extensi" \
packet-mark=YOUTUBE queue=pct-DOWN priority=3

add name=NRG parent="Limit Extensi" \
packet-mark=NRG queue=pct-DOWN priority=3

add name=RAM parent="Limit Extensi" \
packet-mark=RAM queue=pct-DOWN priority=3

add name=RM parent="Limit Extensi" \
packet-mark=RM queue=pct-DOWN priority=3

add name=RMVB parent="Limit Extensi" \
packet-mark=RMVB queue=pct-DOWN priority=3

add name=WMA parent="Limit Extensi" \
packet-mark=WMA queue=pct-DOWN priority=3

add name=DAA parent="Limit Extensi" \
packet-mark=DAA queue=pct-DOWN priority=3

add name=VCD parent="Limit Extensi" \
packet-mark=VCD queue=pct-DOWN priority=3

add name=CAB parent="Limit Extensi" \
packet-mark=CAB queue=pct-DOWN priority=3
add name=ASF parent="Limit Extensi" \
packet-mark=ASF queue=pct-DOWN priority=3

add name=BIN parent="Limit Extensi" \
packet-mark=BIN queue=pct-DOWN priority=3

Bandwidth Management Config JulyNet
No ratings yet
Bandwidth Management Config JulyNet
26 pages
Tata Play Packs 20240904 - 0
No ratings yet
Tata Play Packs 20240904 - 0
243 pages
Hexgr3 L7, Mangle, Q3 Script
No ratings yet
Hexgr3 L7, Mangle, Q3 Script
3 pages
PaperCrafter - Issue 168, February 2022
100% (4)
PaperCrafter - Issue 168, February 2022
92 pages
Early Method of Detecting Deception
100% (2)
Early Method of Detecting Deception
6 pages
Eim Q3W8
No ratings yet
Eim Q3W8
47 pages
God of War Ghost of Sparta
100% (1)
God of War Ghost of Sparta
32 pages
Native Corn Recipes
100% (3)
Native Corn Recipes
115 pages
Spectroscopic Techniques
No ratings yet
Spectroscopic Techniques
38 pages
A Shani 2020
No ratings yet
A Shani 2020
9 pages
Differential Protection of A Potential Transformer
No ratings yet
Differential Protection of A Potential Transformer
24 pages
Art and Technology in Poland Ed. Agnieszka Jelewska
No ratings yet
Art and Technology in Poland Ed. Agnieszka Jelewska
258 pages
Ecmp 3wan Qos Ok
No ratings yet
Ecmp 3wan Qos Ok
7 pages
Anti LAG Script - Edited by Jose
100% (1)
Anti LAG Script - Edited by Jose
3 pages
4.5raw Layer7
No ratings yet
4.5raw Layer7
24 pages
EMD001 - Medical Companion
No ratings yet
EMD001 - Medical Companion
115 pages
Scripts Prueba
No ratings yet
Scripts Prueba
15 pages
Qos Indirecto
No ratings yet
Qos Indirecto
3 pages
Taxi Reimbursement Request Form 07.31.24 - 0
No ratings yet
Taxi Reimbursement Request Form 07.31.24 - 0
2 pages
A CMOS Self-Regulating VCO With Low Supply Sensitivity 4
No ratings yet
A CMOS Self-Regulating VCO With Low Supply Sensitivity 4
7 pages
Qos Indirecto
No ratings yet
Qos Indirecto
3 pages
Internship Report
No ratings yet
Internship Report
10 pages
Key To Corrections - LEVEL 2 MODULE 3
No ratings yet
Key To Corrections - LEVEL 2 MODULE 3
10 pages
Easy Love Spell
50% (2)
Easy Love Spell
2 pages
The Solar System Crossword Puzzle - Memo
No ratings yet
The Solar System Crossword Puzzle - Memo
2 pages
22222222
No ratings yet
22222222
4 pages
Copia RB 2011 Rita ... Mikrotik
No ratings yet
Copia RB 2011 Rita ... Mikrotik
9 pages
SC9b - Homework
No ratings yet
SC9b - Homework
6 pages
Ficha Técnica de Balatas-001 Noviembre 2011
No ratings yet
Ficha Técnica de Balatas-001 Noviembre 2011
4 pages
Set Mikrotik Game Online
No ratings yet
Set Mikrotik Game Online
17 pages
QOS BY Tecno - Net
No ratings yet
QOS BY Tecno - Net
5 pages
Antilag Vlan
No ratings yet
Antilag Vlan
2 pages
Configuracion Del Ultimo Laboratorio
No ratings yet
Configuracion Del Ultimo Laboratorio
7 pages
ip Firewall
No ratings yet
ip Firewall
2 pages
Ip Firewall Layer7
No ratings yet
Ip Firewall Layer7
6 pages
Antilag-Vlan 2
No ratings yet
Antilag-Vlan 2
2 pages
0812 0819BL
No ratings yet
0812 0819BL
15 pages
Qos Bien Estructurado
No ratings yet
Qos Bien Estructurado
4 pages
Configurar QoS en Mikrotik (1-2) - Mangle
No ratings yet
Configurar QoS en Mikrotik (1-2) - Mangle
4 pages
Qos Indirecto
No ratings yet
Qos Indirecto
3 pages
Qos 2020
No ratings yet
Qos 2020
5 pages
4 5raw+layer7
No ratings yet
4 5raw+layer7
24 pages
After Class - AVTC6 - Unit 6 - Pie Charts - K26
No ratings yet
After Class - AVTC6 - Unit 6 - Pie Charts - K26
3 pages
Case Study On Starbucks Coffee
No ratings yet
Case Study On Starbucks Coffee
14 pages
Limit Bandwith Using Layer 7-Protocol PDF
No ratings yet
Limit Bandwith Using Layer 7-Protocol PDF
5 pages
QoS + PCQ Mikrotik
100% (1)
QoS + PCQ Mikrotik
4 pages
Cambridge First B2, Test Book 1, Test 2, Speaking Script For Exam Practice.
No ratings yet
Cambridge First B2, Test Book 1, Test 2, Speaking Script For Exam Practice.
4 pages
Qos Confi
No ratings yet
Qos Confi
3 pages
Configurator Qos Script Commands
No ratings yet
Configurator Qos Script Commands
3 pages
Registration For JP Morgan Chase & Co Recruitment Drive For 2025 Graduating Batch
No ratings yet
Registration For JP Morgan Chase & Co Recruitment Drive For 2025 Graduating Batch
2 pages
Mikrotik Routeros Configuration Bandwidth Management For Games
100% (1)
Mikrotik Routeros Configuration Bandwidth Management For Games
26 pages
Pricing Policies That Protect Your Brand
No ratings yet
Pricing Policies That Protect Your Brand
7 pages
Qos Indirecto
No ratings yet
Qos Indirecto
3 pages
Script v0.4 - FINALIZED-3
No ratings yet
Script v0.4 - FINALIZED-3
16 pages
Duet GGC
No ratings yet
Duet GGC
6 pages
1
No ratings yet
1
2 pages
Message Analyzer FAQ and Known Issues
No ratings yet
Message Analyzer FAQ and Known Issues
11 pages
Priorityshaper RSC
No ratings yet
Priorityshaper RSC
8 pages
Mikrotik Warnet
No ratings yet
Mikrotik Warnet
43 pages
Fasttrack Firewall
No ratings yet
Fasttrack Firewall
4 pages
Random Details
No ratings yet
Random Details
2 pages
Cara Membatasi Download Di Mikrotik
No ratings yet
Cara Membatasi Download Di Mikrotik
9 pages
Priorização de Trafego
No ratings yet
Priorização de Trafego
4 pages
Qos Basico Evangit
No ratings yet
Qos Basico Evangit
2 pages
Qos Mikrotik
No ratings yet
Qos Mikrotik
4 pages
QOS
No ratings yet
QOS
2 pages
Reglas de Mikrotik
No ratings yet
Reglas de Mikrotik
3 pages
Mikrotik Firewall Rules
No ratings yet
Mikrotik Firewall Rules
1 page
01 - Assignment TX Line Solutions
100% (2)
01 - Assignment TX Line Solutions
4 pages
Qos Indirecto (CALIDAD DE SERVICIO)
0% (1)
Qos Indirecto (CALIDAD DE SERVICIO)
3 pages
Layer 7 Full
0% (2)
Layer 7 Full
5 pages
Limiting Download File Extensions On Mikrotik
No ratings yet
Limiting Download File Extensions On Mikrotik
10 pages
Grade 6 2nd Q Final
No ratings yet
Grade 6 2nd Q Final
5 pages
Queue Tree + Mangle
No ratings yet
Queue Tree + Mangle
2 pages
Ip Firewall Layer7
No ratings yet
Ip Firewall Layer7
6 pages
Bandwidth Management Config Mnaufalazkia
No ratings yet
Bandwidth Management Config Mnaufalazkia
26 pages
Mikrotik Game Online
No ratings yet
Mikrotik Game Online
6 pages
Reglas para Pcq+queue Tree+qos
No ratings yet
Reglas para Pcq+queue Tree+qos
2 pages
Script Ancho de Banda PCQ
No ratings yet
Script Ancho de Banda PCQ
1 page
Lease Forms Residential Lease Agreement
100% (4)
Lease Forms Residential Lease Agreement
6 pages
QoSCMW v6
No ratings yet
QoSCMW v6
3 pages
QoS No Mikrotik Esta É A Versão 6 Do RouterOS
No ratings yet
QoS No Mikrotik Esta É A Versão 6 Do RouterOS
6 pages
Limit Queue Tree Mikrotik
No ratings yet
Limit Queue Tree Mikrotik
4 pages
Ega Channel X Naufal Azkia Script
No ratings yet
Ega Channel X Naufal Azkia Script
3 pages
Queue Tree
No ratings yet
Queue Tree
4 pages
Script Configuracion rB2011
No ratings yet
Script Configuracion rB2011
5 pages
Priorización de Trafico QoS - Manual Guias Mikrotik Funcionando Ok
No ratings yet
Priorización de Trafico QoS - Manual Guias Mikrotik Funcionando Ok
3 pages
React Portfolio App Development: Increase your online presence and create your personal brand
From Everand
React Portfolio App Development: Increase your online presence and create your personal brand
Abdelfattah Ragab
No ratings yet
Configuration of a Simple Samba File Server, Quota and Schedule Backup
From Everand
Configuration of a Simple Samba File Server, Quota and Schedule Backup
Dr. Hedaya Alasooly
No ratings yet
Bash Command Line Pro Tips
From Everand
Bash Command Line Pro Tips
Jason Cannon
4.5/5 (8)

Limit Extensi

Uploaded by

Limit Extensi

Uploaded by

MEMBUAT LIMIT EXTENSI

/ip firewall layer7-protocol

You might also like