Versi Lite 2isp

# CLEAR SETTING
/queue simple remove [find];

/queue tree remove [find];
/queue type remove [find kind=pcq];
/ip firewall filter remove [find];
/ip firewall mangle remove [find];
/ip firewall raw remove [find];
/ip firewall address-list remove [find];
/ip firewall layer7 remove [find];
/
# IP ROUTES
/ip route add check-gateway=ping distance=1 gateway=192.168.8.1
/ip route add check-gateway=ping distance=1 gateway=192.168.9.1 routing-mark=ICMP
/ip route add check-gateway=ping distance=1 gateway=192.168.9.1 routing-
mark=Routing-Game
/
# ADDRESS LIST
/ip firewall address-list add address=192.168.0.0/16 list=LOKAL
/ip firewall address-list add address=192.168.3.254 comment="IP Yang diperbolehkan
untuk mengakses Modem atau Access Point" list=IP-ADMIN
/
# DHCP CLIENT, DNS, SNTP & SCHEDULER

/ip dhcp-client add disabled=no interface=ether1
/ip dhcp-client add add-default-route=no disabled=no interface=ether2
/ip dns set servers=9.9.9.9,1.1.1.1,203.130.196.6,222.124.204.34
/ip dns set allow-remote-requests=yes cache-max-ttl=1d
/system ntp client set enabled=yes primary-ntp=202.65.114.202 secondary-
ntp=212.26.18.41 server-dns-names=asia.pool.ntp.org
/system scheduler add interval=1m name=autoremovehs on-event="/queue simple remove
[ find name ~\"hs-<\" ]\r\
\n/queue simple move [find name=\"-> GLOBAL CONNECTION\"] [:pick [find] 0]"
policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-
date=feb/21/1993 start-time=10:43:00
/system scheduler add name=datetime-startup on-event="/sys scr run datetime"
time=startup
/system scheduler add interval=5m name=datetime on-event=":local date [/sys clock
get date]; \r\
\n:local time [/sys clock get time]; \r\
\n/sys scr set source=\"/sys clock set date=\$date time=\$time\" [find where
name=datetime];"
/system scheduler add interval=3h name=FlushDNSCache on-event="/ip dns cache flush"
/system script add dont-require-permissions=no name=datetime owner=admin
policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon
source="/sys clock set date=jan/24/2021 time=05:19:58"
/
# INTERFACE, NAT, FILTER

/interface list add name=WAN
/interface list add name=LAN
/interface list member add interface=ether1 list=WAN
/interface list member add interface=ether2 list=WAN
/interface list member add interface=ether5 list=LAN
/interface list member add interface=bridge list=LAN
/ip firewall nat add action=masquerade chain=srcnat out-interface-list=WAN
/ip firewall nat add action=masquerade chain=srcnat out-interface=ether1
/ip firewall nat add action=masquerade chain=srcnat out-interface=ether2
/ip firewall nat add action=masquerade chain=srcnat src-address-list=LOKAL
/ip firewall filter add action=reject chain=input comment="Anti Winbox Exploit"
content=user.dat reject-with=icmp-network-unreachable
/ip firewall filter add action=drop chain=input content=user.dat
/ip firewall filter add action=drop chain=forward comment="Block Akses Client Ke
Modem (Kecuali IP-ADMIN yang ada di Firewall -> Address Lists)" dst-address-
list=LOKAL dst-port=80 protocol=tcp src-address-list=!IP-ADMIN
/ip firewall filter add action=accept chain=input comment="Allow Established,
Related Connections" connection-state=established,related
/ip firewall filter add action=accept chain=forward connection-
state=established,related
/ip firewall filter add action=drop chain=input comment="Drop Invalid Connections"
connection-state=invalid
/ip firewall filter add action=drop chain=forward connection-state=invalid
/
# MANGLE
/ip firewall mangle add action=accept chain=prerouting comment="[ Copyright \A9 2
ISP Game Lite Script Proudly Presents for Pejuang GSM ]" dst-address-list=LOKAL
src-address-list=LOKAL
/ip firewall mangle add action=accept chain=postrouting dst-address-list=LOKAL src-
address-list=LOKAL
/ip firewall mangle add action=accept chain=forward dst-address-list=LOKAL src-
address-list=LOKAL
/ip firewall mangle add action=accept chain=input dst-address-list=LOKAL src-
address-list=LOKAL
/ip firewall mangle add action=accept chain=output dst-address-list=LOKAL src-
address-list=LOKAL
/ip firewall mangle add action=change-ttl chain=prerouting comment=TTL in-
interface-list=WAN new-ttl=set:128 passthrough=yes
/ip firewall mangle add action=change-ttl chain=postrouting new-ttl=set:1 out-
interface-list=LAN passthrough=yes
/ip firewall mangle add action=mark-connection chain=prerouting comment=DNS dst-
port=53,5353,853,5938,6568,7070,2112,8291 new-connection-mark="KONEKSI DNS"
passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting dst-
port=53,5353,853,5938,6568,7070,2112,8291 new-connection-mark="KONEKSI DNS"
passthrough=yes protocol=udp
/ip firewall mangle add action=mark-packet chain=prerouting connection-
mark="KONEKSI DNS" new-packet-mark="DNS DOWNLOAD" passthrough=no
/ip firewall mangle add action=mark-packet chain=postrouting connection-
mark="KONEKSI DNS" new-packet-mark="DNS UPLOAD" passthrough=no
/ip firewall mangle add action=mark-connection chain=forward comment=ICMP new-
connection-mark="KONEKSI ICMP" passthrough=yes protocol=icmp
/ip firewall mangle add action=change-dscp chain=forward connection-mark="KONEKSI
ICMP" new-dscp=16 passthrough=yes
/ip firewall mangle add action=mark-packet chain=forward connection-mark="KONEKSI
ICMP" dst-address-list=LOKAL in-interface-list=WAN new-packet-mark="ICMP DOWNLOAD"
passthrough=yes src-address-list=!LOKAL
ICMP" dst-address-list=!LOKAL new-packet-mark="ICMP UPLOAD" out-interface-list=WAN
passthrough=yes src-address-list=LOKAL
/ip firewall mangle add action=add-dst-to-address-list address-list=IP-GAME
address-list-timeout=1m chain=forward comment=RANDOM connection-mark="!KONEKSI
UMUM" dst-address-list=!IP-CHAT dst-port=!0-1023,1194,1723,1935,2083,3478,5050-
5061,6666,8777,8000-8081,35915,39397 protocol=tcp src-address-list=LOKAL
/ip firewall mangle add action=add-dst-to-address-list address-list=IP-GAME
address-list-timeout=1m chain=forward connection-mark="!KONEKSI UMUM" dst-address-
list=!IP-CHAT dst-port=!0-1023,1701,1900,3478,5060,5061,5222,5288,5353 protocol=udp
src-address-list=LOKAL
/ip firewall mangle add action=mark-connection chain=forward comment=GAME dst-
address-list=IP-GAME new-connection-mark="KONEKSI GAME" passthrough=yes src-
address-list=LOKAL
GAME" dst-address-list=LOKAL in-interface-list=WAN new-packet-mark="GAME DOWNLOAD"
passthrough=yes src-address-list=IP-GAME
GAME" dst-address-list=IP-GAME new-packet-mark="GAME UPLOAD" out-interface-list=WAN
passthrough=yes src-address-list=LOKAL
/ip firewall mangle add action=mark-connection chain=forward comment=HIGH
connection-bytes=500000-0 connection-mark="KONEKSI GAME" connection-rate=250k-1G
new-connection-mark="KONEKSI HIGH" passthrough=yes
/ip firewall mangle add action=mark-connection chain=forward connection-
mark="KONEKSI HIGH" connection-rate=0-250k new-connection-mark="KONEKSI GAME"
passthrough=yes
HIGH" in-interface-list=WAN new-packet-mark="HIGH DOWNLOAD" passthrough=yes
HIGH" new-packet-mark="HIGH UPLOAD" out-interface-list=WAN passthrough=yes
/ip firewall mangle add action=add-dst-to-address-list address-list=IP-UMUM
address-list-timeout=40s chain=forward connection-bytes=500000-0 connection-
mark="KONEKSI HIGH" connection-rate=1M-1G dst-address-list=!LOKAL src-address-
list=LOKAL
/ip firewall mangle add action=mark-connection chain=forward comment=UMUM
connection-mark="!KONEKSI GAME" dst-address-list=!IP-GAME new-connection-
mark="KONEKSI UMUM" passthrough=yes protocol=!icmp src-address-list=LOKAL
UMUM" dst-address-list=LOKAL in-interface-list=WAN new-packet-mark="UMUM DOWNLOAD"
passthrough=yes src-address-list=!IP-GAME
UMUM" dst-address-list=!IP-GAME new-packet-mark="UMUM UPLOAD" out-interface-
list=WAN passthrough=yes src-address-list=LOKAL
/ip firewall mangle add action=mark-routing chain=prerouting comment=ROUTING dst-
address-list=!LOKAL new-routing-mark=ICMP passthrough=yes protocol=icmp src-
address-list=LOKAL
/ip firewall mangle add action=mark-routing chain=prerouting dst-address-list=IP-
GAME new-routing-mark=Routing-Game passthrough=yes src-address-list=LOKAL
/ip firewall mangle add action=mark-routing chain=prerouting dst-address-list=IP-
UMUM new-routing-mark=main passthrough=yes src-address-list=LOKAL
/
# SIMPLE QUEUE
/queue type add kind=pcq name=pcq-download-big pcq-classifier=dst-address pcq-dst-
address6-mask=64 pcq-limit=512KiB pcq-src-address6-mask=64 pcq-total-
limit=256000KiB
/queue type add kind=pcq name=pcq-upload-big pcq-classifier=src-address pcq-dst-
limit=256000KiB
/queue type add kind=pcq name=pcq-download-small pcq-classifier=dst-address pcq-
dst-address6-mask=64 pcq-limit=256KiB pcq-src-address6-mask=64 pcq-total-
limit=128000KiB
/queue type add kind=pcq name=pcq-upload-small pcq-classifier=src-address pcq-dst-
limit=128000KiB
/queue simple add comment="[ Copyright \A9 2 ISP Game Lite Script Proudly Presents
for Pejuang GSM ]" name="-> GLOBAL CONNECTION" queue=default/default
target=192.168.2.0/24,192.168.3.0/24,192.168.4.0/24
/queue simple add name="1. GAME" packet-marks="GAME UPLOAD,GAME DOWNLOAD,DNS
UPLOAD,DNS DOWNLOAD,ICMP UPLOAD,ICMP DOWNLOAD" parent="-> GLOBAL CONNECTION"
priority=1/1 queue=pcq-upload-small/pcq-download-small
target=192.168.2.0/24,192.168.3.0/24,192.168.4.0/24
/queue simple add name="2. ALL CONNECTION" parent="-> GLOBAL CONNECTION"
queue=default/default target=192.168.2.0/24,192.168.3.0/24,192.168.4.0/24
/queue simple add name="CLIENT DHCP" parent="2. ALL CONNECTION"
queue=default/default target=192.168.2.0/24
/queue simple add name="CLIENT HOTSPOT" parent="2. ALL CONNECTION"
/queue simple add name="CLIENT RUMAHAN & PPPOE" parent="2. ALL CONNECTION"
/queue simple add name="PC Pribadi" parent="CLIENT DHCP" queue=default/default
target=192.168.2.254/32
/ip hotspot user profile { set [find] parent="CLIENT HOTSPOT" transparent-proxy=no
insert-queue-before=bottom }
/ppp profile { set [find] parent="CLIENT RUMAHAN & PPPOE" insert-queue-
before=bottom }
/
# QUEUE TREE
/queue tree add comment="[ Copyright \A9 1 ISP Lite Script Proudly Presents for
Pejuang GSM ]" name="-> GLOBAL CONNECTION" parent=global queue=default
/queue tree add name="INBOUND PACKET" parent="-> GLOBAL CONNECTION" queue=default
/queue tree add name="OUTBOND PACKET" parent="-> GLOBAL CONNECTION" queue=default
/queue tree add max-limit=5M name="1. Game Download" packet-mark="GAME DOWNLOAD"
parent="INBOUND PACKET" priority=1 queue=pcq-download-small
/queue tree add max-limit=5M name="1. Game Upload" packet-mark="GAME UPLOAD"
parent="OUTBOND PACKET" priority=1 queue=pcq-upload-small
/queue tree add name="2. DNS [53] Download" packet-mark="DNS DOWNLOAD"
/queue tree add name="2. DNS [53] Upload" packet-mark="DNS UPLOAD" parent="OUTBOND
PACKET" priority=1 queue=pcq-upload-small
/queue tree add name="3. ICMP [ping] Download" packet-mark="ICMP DOWNLOAD"
/queue tree add name="3. ICMP [ping] Upload" packet-mark="ICMP UPLOAD"
parent="OUTBOND PACKET" priority=1 queue=pcq-upload-small
/queue tree add name="4. All Download" parent="INBOUND PACKET" queue=default
/queue tree add name="4. All Upload" parent="OUTBOND PACKET" queue=default
/queue tree add name="1. Umum Download" packet-mark="UMUM DOWNLOAD" parent="4. All
Download" priority=3 queue=pcq-download-big
/queue tree add name="1. Umum Upload" packet-mark="UMUM UPLOAD" parent="4. All
Upload" priority=3 queue=pcq-upload-big
/queue tree add name="2. High Download" packet-mark="HIGH DOWNLOAD" parent="4. All
Download" priority=6 queue=pcq-download-big
/queue tree add name="2. High Upload" packet-mark="HIGH UPLOAD" parent="4. All
Upload" priority=6 queue=pcq-upload-big
/

Versi Lite 2isp

Uploaded by

Copyright:

Available Formats

You might also like

Versi Lite 2isp

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Versi Lite 2isp

Uploaded by

Copyright:

Available Formats

# CLEAR SETTING

/queue simple remove [find];

# DHCP CLIENT, DNS, SNTP & SCHEDULER

# INTERFACE, NAT, FILTER

You might also like