BERITA PDRD

Edit Blockquote di Blogger

0 Comments

Home
Blogger
Edit Blockquote di Blogger
Bebas
Tukar Link
Aplikasi
Tool Kecil Untuk System XP --> matcodet ver. 2.1.0
Mikrotik
Dmitry on firewalling
Mikrotik
Block Port Virus
Forex
Dasar Hukum Perdagangan Forex
Tricky
Photoshop : Menambah Nilai Saturation Pada Image Yang Pucat
Mikrotik
Export Konfigurasi di Mikrotik Router GREEN@Net Univ. Ind.

Blockquote merupakan salah satu fasilitas yang ada di dalam blogger, bagi anda yang memiliki hobi surfing tentu tidak asing dengan blockquote, yaitu gunanya untuk mem-block suatu baris kalimat yang dianggap penting, biasanya digunakan untuk mem-block baris kode, link, dan lain sebagainya yang dianggap penting.

Seperti blockquote yang ada pada gambar dibawah ini :

Tulisan yang berada di dalam kotak adalah tulisan yang di blockquote.

Blockquote bisa diganti sesuai keinginan kita, masuk ke akun blogger anda, dan lakukan hal seperti biasa :

Menu Rancangan ---> Edit HTML ---> centang tanda "Expand Template Widget"

Kemudian cari kode seperti berikut :

blockquote {
...
...
...
}

Atau

.post-body blockquote {
...
...
...
}

Tulisan "titik-titik" tersebut ganti atau edit sesuai dengan keinginan anda, yang dalam hal ini saya ganti menjadi :

.post-body blockquote {
margin-top: 10px;
margin-bottom: 10px;
margin-left: 10px;
margin-right: 10px;
padding: 15px;
border: 3px solid #c0c0c0;
}

Maka hasil yang ditampilkan ketika kita meng-quote baris kalimat pada postingan tampak seperti gambar yang diatas.

Salam Codet.

Tukar Link

0 Comments

Home
Blogger
Edit Blockquote di Blogger
Bebas
Tukar Link
Aplikasi
Tool Kecil Untuk System XP --> matcodet ver. 2.1.0
Mikrotik
Dmitry on firewalling
Mikrotik
Block Port Virus
Forex
Dasar Hukum Perdagangan Forex
Tricky
Photoshop : Menambah Nilai Saturation Pada Image Yang Pucat
Mikrotik
Export Konfigurasi di Mikrotik Router GREEN@Net Univ. Ind.

Bagi yang berminat untuk saling bertukar link web / blog dengan blog ini dapat meninggalkan komen dibawah ini. Sebaiknya blog yang hendak ditukarkan link nya tidak mengandung unsur pornografi, ras, dan sara.

Tanpa ada unsur paksaan dan niat dari hati yang tulus kepada rekan-rekan sekalian, saya memberikan link blog ini yang bisa anda tambahkan di blog anda, dimana nantinya blog anda juga akan saya tambahkan di sidebar blog ini.

<a alt="MikroTik | tips trick | catatan online | Asadi Febriyan" href="http://asadi-febriyan.blogspot.com/" target="_blank" title="MikroTik | tips trick | catatan online | Asadi Febriyan">Asadi Febriyan</a>

Dengan media ini, semoga kita bisa menjadi teman dengan dapat menerima segala kerendahan dan kekurangan.

Salam Codet

Tool Kecil Untuk System XP --> matcodet ver. 2.1.0

0 Comments

Home
Blogger
Edit Blockquote di Blogger
Bebas
Tukar Link
Aplikasi
Tool Kecil Untuk System XP --> matcodet ver. 2.1.0
Mikrotik
Dmitry on firewalling
Mikrotik
Block Port Virus
Forex
Dasar Hukum Perdagangan Forex
Tricky
Photoshop : Menambah Nilai Saturation Pada Image Yang Pucat
Mikrotik
Export Konfigurasi di Mikrotik Router GREEN@Net Univ. Ind.

Tool kecil ini sangat ringkas dan ringan digunakan, berguna untuk utak-atik system di operating system microsoft XP. Secara garis besar tool ini mengedit registry, sehingga bagi anda yang sedikit lesu, lunglai, letih, dan lemas untuk membuka registry dan mengeditnya, tool ini sangat cocok untuk anda gunakan. Selain itu juga ukuran tool ini sangat kecil (632 kb) sehingga tidak memakan ruang di flasdhisk untuk anda simpan dan dibawa kemanapun.

Tool ini saya buat pada tahun 2008, ketika itu saya gunakan untuk setting registry di pc client pada suatu jaringan, sehingga dengan mudah untuk set system tanpa membuka registry. Bagi yang berminat silahkan download disini, sebelum menggunakannya os anda sebaiknya telah terinstall vbruntime, atau jika belum memilikinya anda bisa mendownloadnya di sini

Berikut ini saya tampilkan gambar dan feature yang ada di dalam tool ini

Ini adalah tampilan awal, yang mana terdapat tombol menu pemanggil beberapa aplikasi windows.

Pada halaman "proteksi" terdapat dua halaman, di dalamnya terdapat beberapa feature yang berhubungan dengan keamanan system os, walaupun tidak secara maksimal tetapi setidaknya telah mengurangi kemungkinan perusak / intruder untuk masuk dan merusak system milik kita.

Berikut feature yang terkandung di halaman ini "
- Set Removable Device (Enable / Disable)
- Set Dos Prompt (Enable / Disable)
- Set Win Script (Enable / Disable)
- LAN Connection (Sub Menu)
- Protect TCP / IP stack for Dos Attack
- Opsi keamanan system lainnya

Pada bagian menu "system" juga terdapat 2 halaman, dimana disetiap halaman ini terdapat beberapa menu yang bisa digunakan untuk edit system. Feature yang terdapat di halaman ini :

- View Serial Number OS
- View Processor name / type
- View Product ID OS
- Call DXDIAG
- Enable / Disable Directory Sys. Change
- Enable / Disable = Registry, Task Manager, Folder Option
- Block Aplikasi
- Edit Tip of The Day
- Hide Drive
- Edit Color Win
- Edit Logon Message
- Edit AM/PM Name
- Edit Dekstop (Sub Menu)
- Edit Patch Directory (Sub Menu)
- Set IE (Sub Menu)
- Set Dekstop (Sub Menu)
- Set Start Menu (Sub Menu)
- Set Keyboard (Sub Menu)
- Set Recycle Bin (Sub Menu)
- Set Icon Size
- Set Mouse (Sub Menu)
- Set Auto Login (Sub Menu)
- Set Printer (Sub Menu)
- Set Taskbar (Sub Menu)
- Set Notepad (Sub Menu)

Menu "explorer" juga terdapat dua halaman yang mana terdapat beberapa option centang yang bisa digunakan untuk setting explorer pada system anda.

Pada menu "Edit Reg" memungkinkan bagi anda untuk mensetting manual registry, bisa digunakan untuk add, edit, dan delete.

Pada halaman menu yang terakhir adalah "About" berisikan tentang profile ringkas si pembuat yaitu diriku sendiri, setidaknya memiliki pesan di dalamnya "Jangan Pernah Bunuh Namaku di Atas Karyaku".

Salam Codet.

Dmitry on firewalling

0 Comments

Home
Blogger
Edit Blockquote di Blogger
Bebas
Tukar Link
Aplikasi
Tool Kecil Untuk System XP --> matcodet ver. 2.1.0
Mikrotik
Dmitry on firewalling
Mikrotik
Block Port Virus
Forex
Dasar Hukum Perdagangan Forex
Tricky
Photoshop : Menambah Nilai Saturation Pada Image Yang Pucat
Mikrotik
Export Konfigurasi di Mikrotik Router GREEN@Net Univ. Ind.

Source Firewall ini diambil dari Mikrotik Wiki, saya juga menggunakan metoda dmitry dalam setting firewall di mikrotik, dengan sedikit perubahan disana-sini dengan tidak mengurangi maksud dan tujuannya.

Firewall Dmitry telah mencakup :
1 Components of the filter
2 Protocol classifier
3 Sanity-check (check traffick input / forward)
4 Application-specific filters
5 Restricting services
6 Protecting the router
7 Proxying everything
8 Enable Proxy servers

Bagi yang berminat, source asli dari dmitry ada dibagian bawah ini, silahkan co-pas dan sesuaikan dengan kondisi mikrotik anda (IP dan ethernet) :

Protocol classifier

/ ip firewall mangle
add chain=prerouting protocol=tcp connection-state=new action=jump \
jump-target=tcp-services
add chain=prerouting protocol=udp connection-state=new action=jump \
jump-target=udp-services
add chain=prerouting connection-state=new action=jump \
jump-target=other-services

add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=20-21 action=mark-connection new-connection-mark=ftp \
passthrough=no
add chain=tcp-services protocol=tcp src-port=513-65535 \
dst-port=22 action=mark-connection new-connection-mark=ssh \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=23 action=mark-connection new-connection-mark=telnet \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=25 action=mark-connection new-connection-mark=smtp \
passthrough=no
add chain=tcp-services protocol=tcp src-port=53 dst-port=53 \
action=mark-connection new-connection-mark=dns passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=53 action=mark-connection new-connection-mark=dns \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=80 action=mark-connection new-connection-mark=http \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=110 action=mark-connection new-connection-mark=pop3 \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=113 action=mark-connection new-connection-mark=auth \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=119 action=mark-connection new-connection-mark=nntp \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=143 action=mark-connection new-connection-mark=imap \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=161-162 action=mark-connection new-connection-mark=snmp \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=443 action=mark-connection new-connection-mark=https \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=465 action=mark-connection new-connection-mark=smtps \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=993 action=mark-connection new-connection-mark=imaps \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=995 action=mark-connection new-connection-mark=pop3s \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=1723 action=mark-connection new-connection-mark=pptp \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=2379 action=mark-connection new-connection-mark=kgs \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=3128 action=mark-connection new-connection-mark=proxy \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=3389 action=mark-connection new-connection-mark=win-ts \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=4242-4243 action=mark-connection new-connection-mark=emule \
passthrough=no
add chain=tcp-services protocol=tcp src-port=4661-4662 \
dst-port=1024-65535 action=mark-connection \
new-connection-mark=overnet passthrough=no
add chain=tcp-services protocol=tcp src-port=4711 \
dst-port=1024-65535 action=mark-connection new-connection-mark=emule \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=5900-5901 action=mark-connection new-connection-mark=vnc \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=6667-6669 action=mark-connection new-connection-mark=irc \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=6881-6889 action=mark-connection \
new-connection-mark=bittorrent passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=8080 action=mark-connection new-connection-mark=http \
passthrough=no
add chain=tcp-services protocol=tcp src-port=1024-65535 \
dst-port=8291 action=mark-connection new-connection-mark=winbox \
passthrough=no
add chain=tcp-services protocol=tcp action=mark-connection \
new-connection-mark=other-tcp passthrough=no

add chain=udp-services protocol=udp src-port=1024-65535 \
dst-port=53 action=mark-connection new-connection-mark=dns \
passthrough=no
add chain=udp-services protocol=udp src-port=1024-65535 \
dst-port=123 action=mark-connection new-connection-mark=ntp \
passthrough=no
add chain=udp-services protocol=udp src-port=1024-65535 \
dst-port=1701 action=mark-connection new-connection-mark=l2tp \
passthrough=no
add chain=udp-services protocol=udp src-port=1024-65535 \
dst-port=4665 action=mark-connection new-connection-mark=emule \
passthrough=no
add chain=udp-services protocol=udp src-port=1024-65535 \
dst-port=4672 action=mark-connection new-connection-mark=emule \
passthrough=no
add chain=udp-services protocol=udp src-port=4672 \
dst-port=1024-65535 action=mark-connection new-connection-mark=emule \
passthrough=no
add chain=udp-services protocol=udp src-port=1024-65535 \
dst-port=12053 action=mark-connection new-connection-mark=overnet \
passthrough=no
add chain=udp-services protocol=udp src-port=12053 \
dst-port=1024-65535 action=mark-connection \
new-connection-mark=overnet passthrough=no
add chain=udp-services protocol=udp src-port=36725 \
dst-port=1024-65535 action=mark-connection new-connection-mark=skype \
passthrough=no
add chain=udp-services protocol=udp connection-state=new \
action=mark-connection new-connection-mark=other-udp passthrough=no

add chain=other-services protocol=icmp icmp-options=8:0-255 \
action=mark-connection new-connection-mark=ping passthrough=no
add chain=other-services protocol=gre action=mark-connection \
new-connection-mark=gre passthrough=no
add chain=other-services action=mark-connection \
new-connection-mark=other passthrough=no

Sanity-check

/ip firewall mangle
add chain=prerouting in-interface=Public \
dst-address-list=nat-addr action=mark-packet \
new-packet-mark=nat-traversal \
passthrough=no comment="Detect NAT Traversal"

/ ip firewall filter
add chain=forward in-interface=Local \
out-interface=Local action=accept \
comment="Allow traffic between wired and wireless networks"
add chain=forward action=jump \
jump-target=sanity-check comment="Sanity Check Forward"
add chain=sanity-check packet-mark=nat-traversal \
action=jump jump-target=drop comment="Deny illegal NAT traversal"
add chain=sanity-check protocol=tcp \
psd=20,3s,3,1 action=add-src-to-address-list \
address-list=blocked-addr address-list-timeout=1d \

comment="Block port scans" disabled=yes

add chain=sanity-check protocol=tcp \
tcp-flags=fin,psh,urg,!syn,!rst,!ack \
action=add-src-to-address-list address-list=blocked-addr \
address-list-timeout=1d comment="Block TCP Null scan"
add chain=sanity-check protocol=tcp \
tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg \
action=add-src-to-address-list address-list=blocked-addr \
address-list-timeout=1d comment="Block TCP Xmas scan"
add chain=sanity-check protocol=tcp \
src-address-list=blocked-addr action=jump \
jump-target=drop
add chain=sanity-check protocol=tcp \
tcp-flags=rst action=jump jump-target=drop \
comment="Drop TCP RST"
add chain=sanity-check protocol=tcp \
tcp-flags=fin,syn action=jump jump-target=drop \
comment="Drop TCP SYN+FIN"
add chain=sanity-check connection-state=invalid \
action=jump jump-target=drop \
comment="Dropping invalid connections at once"
add chain=sanity-check connection-state=established \
action=accept \
comment="Accepting already established connections"
add chain=sanity-check \
connection-state=related action=accept \
comment="Also accepting related connections"
add chain=sanity-check \
dst-address-type=broadcast,multicast \
action=jump jump-target=drop \
comment="Drop all traffic that goes to multicast or \
broadcast addresses"
add chain=sanity-check in-interface=Local \
dst-address-list=illegal-addr dst-address-type=!local action=jump \
jump-target=drop comment="Drop illegal destination addresses"
add chain=sanity-check in-interface=Local \
src-address-list=!local-addr action=jump jump-target=drop \
comment="Drop everything that goes from local \
interface but not from local address"
add chain=sanity-check in-interface=Public \
src-address-list=illegal-addr action=jump \
jump-target=drop comment="Drop illegal source addresses"
add chain=sanity-check in-interface=Public \
dst-address-list=!local-addr action=jump \
jump-target=drop \

comment="Drop everything that goes from \
public interface but not to local address" disabled=yes

add chain=sanity-check src-address-type=broadcast,multicast \
action=jump jump-target=drop comment="Drop all traffic \
that comes from multicast or broadcast addresses"

List Address

/ ip firewall address-list
add list=illegal-addr address=0.0.0.0/8 \
comment="illegal addresses"
add list=illegal-addr address=127.0.0.0/8
add list=illegal-addr address=224.0.0.0/3
add list=illegal-addr address=10.0.0.0/8
add list=illegal-addr address=172.16.0.0/12
add list=illegal-addr address=192.168.0.0/16
add list=local-addr address=172.31.255.0/29 \
comment="my local network"
add list=nat-addr address=172.31.255.0/29 \
comment="my src-nated local network hosts"

illegal-addr = ip bogon yang di nantinya akan di drop

local-addr = ip lokal

nat-addr = ip neighborhood yang terhubung ke ip lokal

Application-specific filters

/ ip firewall filter
add chain=forward protocol=tcp action=jump \
jump-target=restrict-tcp
add chain=forward protocol=udp action=jump \
jump-target=restrict-udp
add chain=forward action=jump jump-target=restrict-ip
add chain=restrict-tcp connection-mark=auth \
action=reject
add chain=restrict-tcp connection-mark=smtp \
action=jump jump-target=smtp-first-drop \
comment="anti-spam policy"
add chain=smtp-first-drop src-address-list=first-smtp \
action=add-src-to-address-list address-list=approved-smtp
add chain=smtp-first-drop src-address-list=approved-smtp \
action=return
add chain=smtp-first-drop action=add-src-to-address-list \
address-list=first-smtp
add chain=smtp-first-drop action=reject \
reject-with=icmp-network-unreachable

Restricting services

/ ip firewall filter
add chain=restrict-tcp connection-mark=other-tcp \
action=jump jump-target=drop
add chain=restrict-udp connection-mark=other-udp \
action=jump jump-target=drop
add chain=restrict-ip connection-mark=other \
action=jump jump-target=drop

Protecting the router

/ ip firewall filter
add chain=input src-address-type=local \
dst-address-type=local action=accept \
comment="Allow local traffic (between router applications)"
add chain=input in-interface=Local protocol=udp \
src-port=68 dst-port=67 action=jump jump-target=dhcp \
comment="DHCP protocol would not pass sanity checking, \
so enabling it explicitly before other checks"
add chain=input action=jump jump-target=sanity-check \
comment="Sanity Check"
add chain=input dst-address-type=!local action=jump \
jump-target=drop comment="Dropping packets not \
destined to the router itself, including all broadcast traffic"
add chain=input connection-mark=ping limit=5,5 \
action=accept comment="Allow pings, but at a very \
limited rate (5 packets per sec)"
add chain=input in-interface=Local action=jump \
jump-target=local-services comment="Allowing some \
services to be accessible from the local network"
add chain=input in-interface=Public action=jump \
jump-target=public-services comment="Allowing some \
services to be accessible from the Internet"
add chain=input action=jump jump-target=drop
add chain=dhcp src-address=0.0.0.0 \
dst-address=255.255.255.255 action=accept
add chain=dhcp src-address=0.0.0.0 \
dst-address-type=local action=accept
add chain=dhcp src-address-list=local-addr \
dst-address-type=local action=accept
add chain=local-services connection-mark=ssh \
action=accept comment="SSH (22/TCP)"
add chain=local-services connection-mark=dns \
action=accept comment="DNS"
add chain=local-services connection-mark=proxy \
action=accept comment="HTTP Proxy (3128/TCP)"
add chain=local-services connection-mark=winbox \
action=accept comment="Winbox (8291/TCP)" disabled=no
add chain=local-services action=log \
comment="Log & Drop Other Local Services"
add chain=local-services action=drop \
disabled=yes

add chain=public-services connection-mark=ssh \
action=accept comment="SSH (22/TCP)"
add chain=public-services connection-mark=pptp \
action=accept comment="PPTP (1723/TCP)"
add chain=public-services connection-mark=winbox \
action=accept comment="Winbox (8291/TCP)" disabled=no
add chain=public-services connection-mark=gre \
action=accept comment="GRE for PPTP"
add chain=public-services action=log \
comment="Log & Drop Other Public Services"
add chain=public-services action=drop disabled=yes

Proxying everything

/ ip firewall nat
add chain=dstnat in-interface=Local connection-mark=dns \
action=redirect comment="Transparent DNS Cache"
add chain=dstnat in-interface=Local \
connection-mark=http protocol=tcp action=redirect \
to-ports=3128 comment="Transparent Web Cache"
add chain=dstnat in-interface=Local connection-mark=ntp\
 action=redirect comment="Transparent proxy for NTP requests"

Enable Proxy servers

/system ntp server
set enabled=yes broadcast=no multicast=no \
manycast=no

/system ntp client
set enabled=yes mode=unicast primary-ntp=xxx.xxx.xxx.xxx \
secondary-ntp=0.0.0.0

/ip proxy
set enabled=yes port=3128 parent-proxy=0.0.0.0:1 \
maximal-client-connections=1000 \
maximal-server-connections=1000

/ip dns
set primary-dns=yyy.yyy.yyy.yyy secondary-dns=0.0.0.0 \
allow-remote-requests=yes cache-size=2048KiB \
cache-max-ttl=1w

* xxx.xxx.xxx.xxx"> ip NTP server anda
* yyy.yyy.yyy.yyy"> ip dns server anda

Sumber : wiki.mikrotik.com

Salam Codet.

Block Port Virus

0 Comments

Home
Blogger
Edit Blockquote di Blogger
Bebas
Tukar Link
Aplikasi
Tool Kecil Untuk System XP --> matcodet ver. 2.1.0
Mikrotik
Dmitry on firewalling
Mikrotik
Block Port Virus
Forex
Dasar Hukum Perdagangan Forex
Tricky
Photoshop : Menambah Nilai Saturation Pada Image Yang Pucat
Mikrotik
Export Konfigurasi di Mikrotik Router GREEN@Net Univ. Ind.

Source berikut adalah source untuk memblockir port yang biasa dilalui oleh virus, sudah banyak web dan blogs yang menulis tentang source ini, tetapi disini saya hanya melengkapi sejumlah catatanku di blog ini.

Port yang biasa dilewati virus ini akan di block melalui jalur filter firewall di mikrotik, berikut list port yang bisa anda co-pas di terminal winbox. Sesuaikan dengan kondisi mikrotik anda, kemungkinan ada port yang terpakai untuk service anda.

/ip firewall filter
add chain=virus protocol=udp action=drop dst-port=1
add chain=virus protocol=tcp action=drop dst-port=2
add chain=virus protocol=tcp action=drop dst-port=20
add chain=virus protocol=tcp action=drop dst-port=21
add chain=virus protocol=tcp action=drop dst-port=22
add chain=virus protocol=tcp action=drop dst-port=23
add chain=virus protocol=tcp action=drop dst-port=25
add chain=virus protocol=tcp action=drop dst-port=30
add chain=virus protocol=tcp action=drop dst-port=31
add chain=virus protocol=tcp action=drop dst-port=41
add chain=virus protocol=tcp action=drop dst-port=48
add chain=virus protocol=tcp action=drop dst-port=50
add chain=virus protocol=tcp action=drop dst-port=58
add chain=virus protocol=tcp action=drop dst-port=59
add chain=virus protocol=tcp action=drop dst-port=79
add chain=virus protocol=tcp action=drop dst-port=81
add chain=virus protocol=tcp action=drop dst-port=99
add chain=virus protocol=tcp action=drop dst-port=110
add chain=virus protocol=tcp action=drop dst-port=113
add chain=virus protocol=tcp action=drop dst-port=119
add chain=virus protocol=tcp action=drop dst-port=121
add chain=virus protocol=tcp action=drop dst-port=123
add chain=virus protocol=tcp action=drop dst-port=133
add chain=virus protocol=tcp action=drop dst-port=135-139
add chain=virus protocol=udp action=drop dst-port=135-139
add chain=virus protocol=tcp action=drop dst-port=142
add chain=virus protocol=tcp action=drop dst-port=146
add chain=virus protocol=udp action=drop dst-port=146
add chain=virus protocol=tcp action=drop dst-port=170
add chain=virus protocol=tcp action=drop dst-port=334
add chain=virus protocol=tcp action=drop dst-port=411
add chain=virus protocol=tcp action=drop dst-port=420
add chain=virus protocol=tcp action=drop dst-port=421
add chain=virus protocol=tcp action=drop dst-port=445
add chain=virus protocol=udp action=drop dst-port=445
add chain=virus protocol=tcp action=drop dst-port=456
add chain=virus protocol=tcp action=drop dst-port=513
add chain=virus protocol=tcp action=drop dst-port=514
add chain=virus protocol=tcp action=drop dst-port=531
add chain=virus protocol=tcp action=drop dst-port=555
add chain=virus protocol=tcp action=drop dst-port=593
add chain=virus protocol=tcp action=drop dst-port=605
add chain=virus protocol=tcp action=drop dst-port=666
add chain=virus protocol=tcp action=drop dst-port=667
add chain=virus protocol=tcp action=drop dst-port=669
add chain=virus protocol=tcp action=drop dst-port=692
add chain=virus protocol=tcp action=drop dst-port=777
add chain=virus protocol=tcp action=drop dst-port=808
add chain=virus protocol=tcp action=drop dst-port=911
add chain=virus protocol=tcp action=drop dst-port=999
add chain=virus protocol=tcp action=drop dst-port=1000
add chain=virus protocol=tcp action=drop dst-port=1001
add chain=virus protocol=tcp action=drop dst-port=1010-1016
add chain=virus protocol=tcp action=drop dst-port=1020
add chain=virus protocol=tcp action=drop dst-port=1024-1030
add chain=virus protocol=udp action=drop dst-port=1025
add chain=virus protocol=tcp action=drop dst-port=1035
add chain=virus protocol=tcp action=drop dst-port=1042
add chain=virus protocol=tcp action=drop dst-port=1045
add chain=virus protocol=tcp action=drop dst-port=1049
add chain=virus protocol=tcp action=drop dst-port=1050
add chain=virus protocol=tcp action=drop dst-port=1053
add chain=virus protocol=tcp action=drop dst-port=1054
add chain=virus protocol=tcp action=drop dst-port=1080-1083
add chain=virus protocol=tcp action=drop dst-port=1090
add chain=virus protocol=tcp action=drop dst-port=1095-1098
add chain=virus protocol=tcp action=drop dst-port=1099
add chain=virus protocol=tcp action=drop dst-port=1150-1151
add chain=virus protocol=tcp action=drop dst-port=1170
add chain=virus protocol=udp action=drop dst-port=1200-1201
add chain=virus protocol=tcp action=drop dst-port=1207
add chain=virus protocol=tcp action=drop dst-port=1208
add chain=virus protocol=tcp action=drop dst-port=1212
add chain=virus protocol=tcp action=drop dst-port=1214
add chain=virus protocol=tcp action=drop dst-port=1234
add chain=virus protocol=tcp action=drop dst-port=1243
add chain=virus protocol=tcp action=drop dst-port=1245
add chain=virus protocol=tcp action=drop dst-port=1255
add chain=virus protocol=tcp action=drop dst-port=1256
add chain=virus protocol=tcp action=drop dst-port=1269
add chain=virus protocol=tcp action=drop dst-port=1272
add chain=virus protocol=tcp action=drop dst-port=1313
add chain=virus protocol=tcp action=drop dst-port=1338
add chain=virus protocol=tcp action=drop dst-port=1349
add chain=virus protocol=tcp action=drop dst-port=1363-1364
add chain=virus protocol=tcp action=drop dst-port=1368
add chain=virus protocol=tcp action=drop dst-port=1373
add chain=virus protocol=tcp action=drop dst-port=1377
add chain=virus protocol=tcp action=drop dst-port=1394
add chain=virus protocol=tcp action=drop dst-port=1433-1434
add chain=virus protocol=tcp action=drop dst-port=1441
add chain=virus protocol=tcp action=drop dst-port=1492
add chain=virus protocol=tcp action=drop dst-port=1524
add chain=virus protocol=tcp action=drop dst-port=1568
add chain=virus protocol=tcp action=drop dst-port=1600
add chain=virus protocol=tcp action=drop dst-port=1703
add chain=virus protocol=tcp action=drop dst-port=1777
add chain=virus protocol=tcp action=drop dst-port=1807
add chain=virus protocol=tcp action=drop dst-port=1966
add chain=virus protocol=tcp action=drop dst-port=1967
add chain=virus protocol=tcp action=drop dst-port=1969
add chain=virus protocol=tcp action=drop dst-port=1981
add chain=virus protocol=tcp action=drop dst-port=1999
add chain=virus protocol=tcp action=drop dst-port=2000
add chain=virus protocol=tcp action=drop dst-port=2001
add chain=virus protocol=tcp action=drop dst-port=2023
add chain=virus protocol=tcp action=drop dst-port=2080
add chain=virus protocol=tcp action=drop dst-port=2115
add chain=virus protocol=udp action=drop dst-port=2130
add chain=virus protocol=tcp action=drop dst-port=2140
add chain=virus protocol=udp action=drop dst-port=2140
add chain=virus protocol=tcp action=drop dst-port=2155
add chain=virus protocol=tcp action=drop dst-port=2255
add chain=virus protocol=tcp action=drop dst-port=2283
add chain=virus protocol=tcp action=drop dst-port=2300
add chain=virus protocol=tcp action=drop dst-port=2311
add chain=virus protocol=tcp action=drop dst-port=2330-2339
add chain=virus protocol=udp action=drop dst-port=2339
add chain=virus protocol=tcp action=drop dst-port=2345
add chain=virus protocol=tcp action=drop dst-port=2535
add chain=virus protocol=tcp action=drop dst-port=2565
add chain=virus protocol=tcp action=drop dst-port=2583
add chain=virus protocol=tcp action=drop dst-port=2600
add chain=virus protocol=tcp action=drop dst-port=2716
add chain=virus protocol=tcp action=drop dst-port=2745
add chain=virus protocol=tcp action=drop dst-port=2773-2774
add chain=virus protocol=tcp action=drop dst-port=2801
add chain=virus protocol=udp action=drop dst-port=2989
add chain=virus protocol=tcp action=drop dst-port=3000
add chain=virus protocol=tcp action=drop dst-port=3024
add chain=virus protocol=tcp action=drop dst-port=3031
add chain=virus protocol=tcp action=drop dst-port=3127-3129
add chain=virus protocol=tcp action=drop dst-port=3150
add chain=virus protocol=udp action=drop dst-port=3150
add chain=virus protocol=tcp action=drop dst-port=3410
add chain=virus protocol=tcp action=drop dst-port=3456
add chain=virus protocol=tcp action=drop dst-port=3459
add chain=virus protocol=tcp action=drop dst-port=3700
add chain=virus protocol=tcp action=drop dst-port=3777
add chain=virus protocol=tcp action=drop dst-port=3791-3801
add chain=virus protocol=tcp action=drop dst-port=4000
add chain=virus protocol=tcp action=drop dst-port=4092
add chain=virus protocol=tcp action=drop dst-port=4242
add chain=virus protocol=tcp action=drop dst-port=4321
add chain=virus protocol=tcp action=drop dst-port=4444
add chain=virus protocol=udp action=drop dst-port=4444
add chain=virus protocol=tcp action=drop dst-port=4567
add chain=virus protocol=tcp action=drop dst-port=4590
add chain=virus protocol=tcp action=drop dst-port=4950
add chain=virus protocol=tcp action=drop dst-port=5000
add chain=virus protocol=tcp action=drop dst-port=5001
add chain=virus protocol=tcp action=drop dst-port=5002
add chain=virus protocol=tcp action=drop dst-port=5010
add chain=virus protocol=tcp action=drop dst-port=5011
add chain=virus protocol=tcp action=drop dst-port=5025
add chain=virus protocol=tcp action=drop dst-port=5031-5032
add chain=virus protocol=tcp action=drop dst-port=5321
add chain=virus protocol=tcp action=drop dst-port=5333
add chain=virus protocol=tcp action=drop dst-port=5343
add chain=virus protocol=tcp action=drop dst-port=5400-5402
add chain=virus protocol=tcp action=drop dst-port=5512
add chain=virus protocol=tcp action=drop dst-port=5534
add chain=virus protocol=tcp action=drop dst-port=5550
add chain=virus protocol=tcp action=drop dst-port=5554-5555
add chain=virus protocol=tcp action=drop dst-port=5556-5557
add chain=virus protocol=tcp action=drop dst-port=5569
add chain=virus protocol=tcp action=drop dst-port=5637-5638
add chain=virus protocol=tcp action=drop dst-port=5742
add chain=virus protocol=tcp action=drop dst-port=5760
add chain=virus protocol=tcp action=drop dst-port=5880-5889
add chain=virus protocol=tcp action=drop dst-port=6000
add chain=virus protocol=tcp action=drop dst-port=6006
add chain=virus protocol=tcp action=drop dst-port=6272
add chain=virus protocol=tcp action=drop dst-port=6776
add chain=virus protocol=tcp action=drop dst-port=8866
add chain=virus protocol=tcp action=drop dst-port=9898
add chain=virus protocol=tcp action=drop dst-port=10080
add chain=virus protocol=tcp action=drop dst-port=10520
add chain=virus protocol=tcp action=drop dst-port=10666
add chain=virus protocol=tcp action=drop dst-port=12345
add chain=virus protocol=tcp action=drop dst-port=17300
add chain=virus protocol=tcp action=drop dst-port=27374
add chain=virus protocol=tcp action=drop dst-port=30029
add chain=virus protocol=tcp action=drop dst-port=31337-31338
add chain=virus protocol=tcp action=drop dst-port=32418
add chain=virus protocol=tcp action=drop dst-port=40421
add chain=virus protocol=tcp action=drop dst-port=52317
add chain=forward action=jump jump-target=virus comment="jump to the virus chain"

List tersebut di atas bisa anda tambahkan lagi untuk kelengkapan bagi anda. Jika ada aplikasi yang tidak berjalan dengan semestinya, kemungkinan aplikasi tersebut menggunakan port yang ter-block oleh source ini, cari dan disable/delete port yang dipakai tersebut pada list di atas. Sekali lagi sesuaikan dengan kondisi service mikrotik anda.

Salam Codet.

Dasar Hukum Perdagangan Forex

0 Comments

Home
Blogger
Edit Blockquote di Blogger
Bebas
Tukar Link
Aplikasi
Tool Kecil Untuk System XP --> matcodet ver. 2.1.0
Mikrotik
Dmitry on firewalling
Mikrotik
Block Port Virus
Forex
Dasar Hukum Perdagangan Forex
Tricky
Photoshop : Menambah Nilai Saturation Pada Image Yang Pucat
Mikrotik
Export Konfigurasi di Mikrotik Router GREEN@Net Univ. Ind.

DASAR HUKUM PERDAGANGAN FOREX

Oleh : Asadi Febriyan

Tulisan dasar hukum ini diambil dari eBook www.vibiznews.com, dengan tidak mengurangi maksud dan tujuan dari penulisan artikel tersebut, diambil dengan maksud memperkuat referensi ini.

Pertanyaan terpenting bagi investor forex, sebelum melakukan investasi adalah bagaimana legalitas perdagangan forex? Kemana harus melapor jika terjadi kesalahan perdagangan yang menyebabkan kerugian pada investor? Perdagangan forex masuk dalam perdagangan berjangka, di bawah pengawasan Departemen Perdagangan, dan diatur dalam bentuk undang-undang, yaitu UU No. 32 Tahun 1997. Ini dilakukan karena sifat bisnisnya yang kompleks, berisiko tinggi dan melibatkan banyak pihak di dalamnya. Dengan adanya, kepastian hukum maka masyarakat dapat terlindungi dari praktik-praktik perdagangan yang merugikan.

A. Pengaturan Perdagangan Berjangka

Ada dua lapis pengaturan di dalam perdagangan berjangka. Lapis pertama dilakukan oleh Bursa Berjangka dalam hal ini Bursa Berjangka Jakarta/BBJ dan lembaga kliring berjangka dalam hal ini Kliring Berjangka Indonesia/KBI melalui Self Regulation. Lapis kedua dilakukan oleh Badan Pengawas Perdagangan Berjangka Komoditi (Bappebti), yang mewakili pemerintah (Departemen Perdagangan). Ketiga lembaga itu bersama-sama mengatur perdagangan berjangka di Indonesia agar tercipta pasar berjangka yang adil dan jujur.

B. Pengaturan Perdagangan Forex

Karena termasuk dalam perdagangan berjangka maka perdagangan forex diatur dalam UU NO 32 tahun 1997, khususnya bab VII. Undang-undang ini mencakup ketentuan mengenai hal-hal yang bersifat umum, kelembagaan, perizinan, mekanisme perdagangan, pembukuan/pelaporan dan penerapan hukum.

Bab VII dari UU No. 32 Tahun 1997 mengatur pelaksanaan perdagangan berjangka yang antara lain membahas pedoman perilaku pialang berjangka, yaitu perusahaan yang diberi hak melaksanakan order jual dan beli nasabah atau investor. Pasal 51 dari Undang-undang perdagangan berjangka ini menjelaskan bahwa pialang berjangka sebelum me1aksanakan transaksi kontrak berjangka untuk nasabah, berkewajiban menarik margin dari nasabah untuk jaminan transaksi tersebut di mana margin tersebut dapat berupa uang dan/atau surat berharga tertentu. Pialang berjangka wajib memperlakukan margin milik nasabah termasuk tambahan dana hasil transaksi nasabah yang bersangkutan sebagai dana milik nasabah.

Dana milik nasabah ini wajib disimpan dalam rekening yang terpisah dari rekening pialang berjangka di bank yang disetujui oleh Bappebti. Dana simpanan itu hanya dapat ditarik dari rekening terpisah, untuk pembayaran komisi dan biaya lain sehubungan dengan transaksi kontrak berjangka dan/ atau untuk keperluan lain atas perintah tertulis dari nasabah yang bersangkutan.

Dengan jaminan pasal 51 UU no. 32 Tahun 1997 ini, investor tidak perlu khawatir dana yang disetornya ke perusahaan pialang akan disalahgunakan. Meski demikian, bukan berarti investor boleh memilih sembarang pialang, harus dicermati juga kapabilitas dan kredibilitasnya.

C. Badan Pengawas

Salah satu kelebihan dalam berinvestasi diperdagangan berjangka khususnya forex dengan adanya badan pengawas dari pemerintah. Di dalam UU No. 32 Tahun 1997 pemerintah Indonesia menetapkan bahwa Badan Pengawas perdagangan berjangka merupakan unit kerja yang berada di bawah dan bertanggung jawab kepada Menteri Perdagangan, yang bernama Badan Pengawas Perdagangan Berjangka Komoditi (Bappebti).

D. Tehnik Memilih Investasi

Modal.

Yang dimaksud dengan modal adalah berapa banyak dana yang kita perlukan untuk bisa melakukan investasi sampai kita dapat memperoleh keuntungan yang melebihi dari investasi yang kita keluarkan? Prinsipnya, semakin kecil modal yang diperlukan semakin baik bagi investor.

Tingkat PengembaIian.

Tingkat pengembalian adalah berapa persen keuntungan yang bisa diperoleh dari modal yang dikeluarkan dalam jangka waktu tertentu. Semakin tinggi tingkat pengembalian dan semakin cepat jangka waktunya semakin baik bagi investor.

Tingkat Risiko.

Risiko adalah berapa besar kemungkinan terjadinya kerugian yang dapat mengurangi jumlah modal kita dan bahkan menghabiskan modal kita. Semakin kecil tingkat risikonya, semakin baik bagi investor.

Arus Dana.

Terakhir adalah arus dana yang berupa seberapa cepat dana dalam bentuk uang kas secara fisik dapat kita tarik dari modal yang telah kita setor. Semakin cepat semakin baik bagi investor

E. Bursa Berjangka

Bursa berjangka adalah suatu organisasi berdasarkan keanggotaan, dan berfungsi menyediakan fasilitas bagi terselenggaranya serta terawasinya kegiatan perdagangan kontrak berjangka, agar sesuai dengan undang-undang dan peraturan-peraturan perdagangan berjangka yang berlaku.Bursa berjangka harus berbadan hukum perseroan terbatas (PT) dengan pemegang saham para perusahaan pialang berjangka. Pemegang saham ini minimum terdiri dari sebelas badan usaha yang tidak berafiliasi satu dengan yang lainnya. Meskipun berbadan hukum PT, Bursa berjangka berbeda dengan PT pada umumnya, karena membawa misi khusus, yaitu mengelola perdagangan berjangka yang mengutamakan pelayanan terbaik dan memberikan kemudahan bagi anggotanya dalam melakukan transaksi. Untuk menghindari kepemilikan Bursa berjangka oleh satu orang/kelompok, setiap pemegang saham hanya boleh memiliki satu saham. Jika kegiatan bursa mulai mengarah pada hal-hal yang merugikan masyarakat kegiatan bursa dapat dihentikan.

Di Indonesia, badan usaha pertama yang menjadi penyelenggara kegiatan perdagangan berjangka adalah BBJ atau Jakarta Futures Exchange (JFX).

F. Lembaga Kliring Berjangka

Lembaga kliring perjangka atau biasa disebut lembaga kliring adalah lembaga pelengkap dari bursa berjangka yang harus ada dalam sistem perdagangan berjangka. Berdasarkan UU No. 32 / 1997, lembaga kliring terpisah dari bursa berjangka dan merupakan institusi tersendiri.

Lembaga kliring berfungsi menyelesaikan dan menjamin kinerja semua transaksi yang dilakukan di bursa berjangka dan telah didaftarkan. Lembaga kliring akan bertindak sebagai penjual terhadap investor yang memiliki posisi beli yang masih terbuka belum dilikuidasi. Sebaliknya, juga sebagai pembeli terhadap investor yang memiliki posisi jual yang masih terbuka. Lembaga kliring juga bertindak sebagai penjamin atas dana nasabah, khususnya bila terjadi kepailitan pada pialang berjangka, di mana investor menyetor dananya sebagai modal.

G. Pialang Berjangka

Pialang berjangka merupakan unsur utama dan berada digaris terdepan dalam kegiatan perdagangan berjangka. Kegiatan utamanya adalah sebagai perantara bahasa sehari-harinya disebut makelar antara investor jual dan investor beli yang melakukan transaksi di perdagangan berjangka. Tindakan pialang berjangka ini untuk dan atas perintah/amanat dari pihak investor.

Jadi jelasnya, jika kita ingin membeli atau menjual forex di BBJ, kita tidak boleh langsung ke BBJ, melainkan harus meminta jasa pialang berjangka. Untuk perdagangan forex yang menganut sistem margin, pialang berjangka berhak menarik margin (uang jaminan) atas setiap transaksi sesuai dengan peraturan yang berlaku.

Pialang berjangka adalah satu-satunya badan usaha yang boleh menerima amanat (order) dari nasabah dan meneruskannya untuk ditransaksikan di bursa. Urusan nasabah dalam hubungannya dengan bursa dan lembaga kliring diwakili Pialang Berjangka ini. Oleh karena itu, syarat untuk menjadi pialang berjangka tidaklah mudah. Diperlukan kemampuan modal yang cukup dan keahlian yang memadai. Dan yang terpenting, memiliki integritas pribadi dan reputasi bisnis yang baik.

Pialang berjangka harus berbadan hukum perseroan terbatas (PT). Selain itu supaya legal, pialang berjangka harus mejadi anggota bursa dan mendapatkan izin usaha terlebih dahulu dari Bapebti sebelum beroperasi. Untuk melindungi investor, pialang berjangka diwajibkan miliki pedoman perilaku sebagaimana yang tertulis didalam pasal 49 s/d 56 dari UU No.32/1997.

Dalam hubungannya dengan lembaga kliring, pialang berjangka terbagi dalam dua kategori keanggotaan yaitu pialang berjangka yang merangkap sebagai anggota kliring dan pialang berjangka non anggota kliring. Hanya transaksi yang didaftarkan pialang berjangka berstatus anggota kliring yang memperoleh jaminan dari lembaga kliring. Oleh karena itu pialang berjangka anggota kliring harus memiliki kemampuan yang lebih besar dibandingkan dengan pialang non-anggota kliring.

Salam Codet.

Photoshop : Menambah Nilai Saturation Pada Image Yang Pucat

0 Comments

Home
Blogger
Edit Blockquote di Blogger
Bebas
Tukar Link
Aplikasi
Tool Kecil Untuk System XP --> matcodet ver. 2.1.0
Mikrotik
Dmitry on firewalling
Mikrotik
Block Port Virus
Forex
Dasar Hukum Perdagangan Forex
Tricky
Photoshop : Menambah Nilai Saturation Pada Image Yang Pucat
Mikrotik
Export Konfigurasi di Mikrotik Router GREEN@Net Univ. Ind.

Terkadang pada hasil kamera tidak selalu bagus hasilnya, dikarenakan kualitas kamera atau fotografer nya kurang menguasai medan ~_~. Disini kita akan mengganti warna yang pucat pada image dengan warna yang lebih terang dengan menggunakan saturation pada Photoshop.

Sebagai contoh, saya menggunakan image dengan kualitas warna yang pucat. Saya berada ditengah di dalam image ini ~_~. Buka dengan photoshop image yang hendak di edit.

Pada window Layer, klik kanan pada layer utama (background) dan pilih "duplicate layer..." maka akan muncul satu layer baru. Lihat gambar dibawah ini:

Sorot Layer yang paling atas, kemudian tekan tombol "Ctrl + U", atau pada menu toolbar pilih "Image" --> "Adjustment" --> "Hue/Saturation...". Pada dialog box saturation, isikan angka yang menurut anda sesuai dengan warna gambar yang ingin ditambahkan warnanya, dalam hal ini saya mengisi angka 60 untuk image ini. Lihat gambar dibawah ini:

Hasil yang didapat adalah, warna yang cerah dari sebelumnya tetapi memiliki kekurangan yaitu efek warna yang tajam dan tidak sesuai dengan lingkungannya.

Untuk memperbaikinya, kita bisa memperhalusnya dengan bantuan noise -> Median. Buka di Menubar pilih menu "Filter" --> "Noise" --> "Median...". Disini saya mengisinya dengan nilai 5, anda bisa mengisinya dengan nilai yang anda inginkan sampai warna yang berada di dalam image trsebut tidak tajam lagi.

Image yang ada warnanya sudah sedikit tumpul, tetapi masih tampak seperti warna film kartun, untuk mengalihkannya menjadi warna yang sesuai dengan image yang ada, kita akan mem-blur nya, agar warna yang ada dapat menyatu dengan image real. Buka menu "gaussian blur" pada menubar --> "Filter" --> "Blur" --> "Gaussian Blur..." dan sesuaikan efek blur terhadap warna yang real yang diinginkan. Disini saya mengisinya dengan nilai 2.0

Dan image yang dihasilkan tampak seperti ini :

Image yang kita edit, tampak hancur berantakan. Tetapi warna yang diinginkan tampil cerah dari sebelumnya. Untuk menyatukan image asli dengan warna yang kita edit, beralih ke window layer, klik kolom drop-down type layer yang hendak diset, dan pilih "Color"

Maka image akan berganti wujudnya kembali seperti asalnya tetapi dengan memiliki warna yang lebih cerah (tidak pucat) dari sebelumnya. Untuk Menyatukannya (Merge Down) tekan "ctrl + E" dan simpanlah dengan format yang anda inginkan.

Berikut image yang belum diedit:

Dan ini image setelah ditambahkan nilai saturationnya:

Salam Codet.

Export Konfigurasi di Mikrotik Router GREEN@Net Univ. Ind.

0 Comments

Home
Blogger
Edit Blockquote di Blogger
Bebas
Tukar Link
Aplikasi
Tool Kecil Untuk System XP --> matcodet ver. 2.1.0
Mikrotik
Dmitry on firewalling
Mikrotik
Block Port Virus
Forex
Dasar Hukum Perdagangan Forex
Tricky
Photoshop : Menambah Nilai Saturation Pada Image Yang Pucat
Mikrotik
Export Konfigurasi di Mikrotik Router GREEN@Net Univ. Ind.

Ini adalah hasil export konfigurasi dari mikrotik routerku di Green@Berret UI Depok, mungkin bisa berguna bagi rekan-rekan lainnya. Firewall nya disadur dari Dmitry Firewall dengan sedikit perubahan dibeberapa bagian.

Konfigurasi ini telah mencakup nice address, port virus, firewall, queue, dsb. Copy beberapa bagian saja yang dianggap perlu, terutama di bagian Ip firewall. Salam Codet.

/ interface ethernet
set LAN name="LAN" mtu=1500 mac-address=00:A0:B0:02:E7:5C arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
set WAN name="WAN" mtu=1500 mac-address=00:02:2A:C6:B5:53 arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no

/ interface wireless security-profiles
set (unknown) name="default" mode=none wpa-unicast-ciphers="" \
wpa-group-ciphers="" pre-shared-key="" static-algo-0=none static-key-0="" \
static-algo-1=none static-key-1="" static-algo-2=none static-key-2="" \
static-algo-3=none static-key-3="" static-transmit-key=key-0 \
static-sta-private-algo=none static-sta-private-key="" \
radius-mac-authentication=no group-key-update=5m

/ interface wireless align
set frame-size=300 active-mode=yes receive-all=no \
audio-monitor=00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 ssid-all=no \
frames-per-second=25 audio-min=-100 audio-max=-20

/ interface wireless snooper
set multiple-channels=yes channel-time=200ms receive-errors=no

/ interface wireless sniffer
set multiple-channels=no channel-time=200ms only-headers=no receive-errors=no \
memory-limit=10 file-name="" file-limit=10 streaming-enabled=no \
streaming-server=0.0.0.0 streaming-max-rate=0

/ interface bridge port
set LAN bridge=none priority=128 path-cost=10
set WAN bridge=none priority=128 path-cost=10

/ interface l2tp-server server
set enabled=no max-mtu=1460 max-mru=1460 \
authentication=pap,chap,mschap1,mschap2 default-profile=default-encryption

/ interface pptp-server server
set enabled=no max-mtu=1460 max-mru=1460 authentication=mschap1,mschap2 \
keepalive-timeout=30 default-profile=default

/ ip pool
add name="dhcp_pool1" ranges=192.168.10.1-192.168.10.253

/ ip telephony region
/ ip telephony gatekeeper
set gatekeeper=none remote-id="" remote-address=0.0.0.0

/ ip telephony aaa
set use-radius-accounting=no interim-update=0s

/ ip telephony codec
move G.711-uLaw-64k/sw
move G.711-ALaw-64k/sw
move G.729A-8k/sw
move G.729-8k/sw
move G.723.1-6.3k/sw
move GSM-06.10-13.2k/sw
move LPC-10-2.5k/sw

/ ip service
set telnet port=2524 address=0.0.0.0/0 disabled=no
set ftp port=2520 address=0.0.0.0/0 disabled=yes
set www port=2581 address=0.0.0.0/0 disabled=no
set ssh port=1921 address=0.0.0.0/0 disabled=yes
set www-ssl port=443 address=0.0.0.0/0 certificate=none disabled=yes

/ ip upnp
set enabled=no allow-disable-external-interface=yes show-dummy-rule=yes

/ ip arp
add address=192.168.10.5 mac-address=00:30:18:AD:75:49 interface=LAN \
comment="" disabled=no
add address=192.168.10.6 mac-address=00:30:18:AD:75:A2 interface=LAN \
comment="" disabled=no
add address=192.168.10.20 mac-address=00:30:18:A4:9F:FB interface=LAN \
comment="" disabled=no
add address=192.168.10.9 mac-address=00:18:38:02:02:72 interface=LAN \
comment="" disabled=no
add address=192.168.10.10 mac-address=00:50:8D:BE:77:8C interface=LAN \
comment="" disabled=no
add address=192.168.10.7 mac-address=00:30:18:AD:75:47 interface=LAN \
comment="" disabled=no
add address=192.168.10.4 mac-address=00:30:18:AD:75:48 interface=LAN \
comment="" disabled=no
add address=192.168.10.2 mac-address=00:30:18:AD:76:36 interface=LAN \
comment="" disabled=no
add address=192.168.10.1 mac-address=00:30:18:AD:75:55 interface=LAN \
comment="klient-warnet" disabled=no
add address=192.168.10.3 mac-address=00:30:18:AD:76:47 interface=LAN \
comment="" disabled=no
add address=192.168.10.8 mac-address=00:50:8D:BF:F1:C6 interface=LAN \
comment="" disabled=no

/ ip socks
set enabled=no port=1080 connection-idle-timeout=2m max-connections=200

/ ip dns
set primary-dns=203.153.216.216 secondary-dns=203.153.217.252 \
allow-remote-requests=yes cache-size=6048KiB cache-max-ttl=1w

/ ip traffic-flow
set enabled=no interfaces=all cache-entries=4k active-flow-timeout=30m \
inactive-flow-timeout=15s

/ ip address
add address=192.168.10.254/24 network=192.168.10.0 broadcast=192.168.10.255 \
interface=LAN comment="WARNET-SEGMENT" disabled=no
add address=203.153.217.242/30 network=203.153.217.240 \
broadcast=203.153.217.243 interface=WAN comment="" disabled=no

/ ip accounting
set enabled=no threshold=256

/ ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0

/ ip proxy
set enabled=no port=8080 parent-proxy=0.0.0.0:0 maximal-client-connecions=1000 \
maximal-server-connectons=1000

/ ip proxy access
add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" \
disabled=no

/ ip proxy direct
add src-address=192.168.10.0/24 action=allow comment="" disabled=no
add src-address=203.153.216.212 action=allow comment="" disabled=no

/ ip neighbor discovery
set LAN discover=yes
set WAN discover=yes

/ ip route
add dst-address=0.0.0.0/0 gateway=203.153.217.241 scope=255 target-scope=10 \
comment="" disabled=no

/ ip firewall mangle
add chain=prerouting in-interface=WAN dst-address-list=nat-addr \
action=mark-packet new-packet-mark=nat-traversal comment="Detect NAT \
Traversal" disabled=no
add chain=prerouting src-address-list=nat-addr dst-address-list=nice \
action=mark-connection new-connection-mark=IIX comment="TOTAL" disabled=no
add chain=prerouting src-address-list=nat-addr dst-address-list=!nice \
action=mark-connection new-connection-mark=INT comment="" disabled=no
add chain=prerouting connection-mark=IIX action=mark-packet \
new-packet-mark=IIX-P comment="" disabled=no
add chain=prerouting connection-mark=INT action=mark-packet \
new-packet-mark=INT-P comment="" disabled=no
add chain=prerouting protocol=udp dst-port=40000-40010 \
src-address-list=nat-addr dst-address-list=IP-PB action=mark-connection \
new-connection-mark=PB comment="PB" disabled=no
add chain=prerouting connection-mark=PB action=mark-packet \
new-packet-mark=PB-P comment="" disabled=no
add chain=prerouting protocol=tcp dst-port=18901-18909 \
src-address-list=nat-addr dst-address-list=IP-DANCE action=mark-connection \
new-connection-mark=DANCE comment="DANCE" disabled=no
add chain=prerouting connection-mark=DANCE action=mark-packet \
new-packet-mark=DANCE-P comment="" disabled=no
add chain=prerouting protocol=tcp dst-port=6110-6130 src-address-list=nat-addr \
dst-address-list=IP-DOTA action=mark-connection new-connection-mark=DOTA \
comment="DOTA" disabled=no
add chain=prerouting protocol=tcp dst-port=6348 src-address-list=nat-addr \
dst-address-list=IP-DOTA action=mark-connection new-connection-mark=DOTA \
comment="" disabled=no
add chain=prerouting connection-mark=DOTA action=mark-packet \
new-packet-mark=DOTA-P comment="" disabled=no
add chain=prerouting protocol=udp dst-port=27000-27030 \
src-address-list=nat-addr dst-address-list=IP-CS action=mark-connection \
new-connection-mark=CS comment="CS" disabled=no
add chain=prerouting connection-mark=CS action=mark-packet \
new-packet-mark=CS-P comment="" disabled=no
add chain=prerouting src-address-list=nat-addr action=accept \
comment="enable-proxy" disabled=no
add chain=forward protocol=tcp dst-port=2 action=mark-connection \
new-connection-mark=drop comment="PORT VIRUS" disabled=no
add chain=forward protocol=udp dst-port=9 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=21 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=25 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=31 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=41 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=48-50 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=58-59 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=53 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=79 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=99 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=110 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=113 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=119 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=121 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=123 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=135-139 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=135-139 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=146 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=146 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=421 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=445 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=445 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=456 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=531 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=555 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=593 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=605 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=666 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=777 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=911 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=999 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1001 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1010-1012 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1015 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1020 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1024 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1027 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1029 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1030 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1032 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1033 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1042 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=1045 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=1050 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=1080 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=1082 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=1090 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=1095 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=1097-1099 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=1170 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=1200 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=1201 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1207 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1214 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1234 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1243 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1245 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1269 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1313 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=1349 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1363 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1364 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1368 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1373 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1377 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1433 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1434 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1492 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1509 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1600 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1807 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1969 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1981 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1999-2005 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2115 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2140 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2155 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2283 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2300 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2535 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2600 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2745 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2989 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=3127-3129 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=3150 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=3332 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=3410 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=3456 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=3459 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=3700 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=3801 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=4000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=4242 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=4321 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=4444 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=4444 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=4567 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=4590 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5001 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5011 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5031 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5321 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5400-5402 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5512 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5550 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5554-5557 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5569 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5637-5638 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6272 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6400 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6667 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6669 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6674 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6711-6713 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6771 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6776 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6969 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6970 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=7000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=7215 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=7300 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=7301 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=7306-7308 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=7789 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=8787 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=8866 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=8897 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=8989 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=9400 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=9872-9876 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=9878 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=9898 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=9989 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=10000 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=10067 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=10080 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=10086 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=10101 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=10167 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=10452 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=10520 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=10607 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=10666 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=11000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=11050 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=11223 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12076 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12223 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12345 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12346 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12349 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12361 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12362 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=12623 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12631 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12973-12975 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=13000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=16484 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=16772 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=16969 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=17300 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=17777 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=19864 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=20000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=20001 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=20034 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=20203 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=20331 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=21554 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=22222 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=23456 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=23476 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=23477 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=26274 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=27374 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=27573 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=29891 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=30029 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=30100-30103 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=30999 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=30303 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=31336 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=31337 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=31337 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=31338-31339 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=31338 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=31666 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=31780 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=31785 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=31787-31789 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=31791 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=31792 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=32418 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=33333 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=33911 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=34324 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=34555 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=35555 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=36794 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=40412 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=40421-40423 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=40425 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=40426 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=47262 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=50766 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=52317 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=53001 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=54283 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=54320 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=54321 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=57341 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=60000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=61348 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=61466 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=61603 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=63485 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=65000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=65432 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=65432 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=65506 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=65535 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=prerouting protocol=tcp connection-state=new action=jump \
jump-target=tcp-services comment="Protocol classifier" disabled=no
add chain=prerouting protocol=udp connection-state=new action=jump \
jump-target=udp-services comment="" disabled=no
add chain=prerouting connection-state=new action=jump \
jump-target=other-services comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=20-21 \
action=mark-connection new-connection-mark=ftp comment="tcp-services" \
disabled=no
add chain=tcp-services protocol=tcp src-port=513-65535 dst-port=22 \
action=mark-connection new-connection-mark=ssh comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=23 \
action=mark-connection new-connection-mark=telnet comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=25 \
action=mark-connection new-connection-mark=smtp comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=53 dst-port=53 \
action=mark-connection new-connection-mark=dns comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=53 \
action=mark-connection new-connection-mark=dns comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=80 \
action=mark-connection new-connection-mark=http comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=110 \
action=mark-connection new-connection-mark=pop3 comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=113 \
action=mark-connection new-connection-mark=auth comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=119 \
action=mark-connection new-connection-mark=nntp comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=143 \
action=mark-connection new-connection-mark=imap comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=161-162 \
action=mark-connection new-connection-mark=snmp comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=443 \
action=mark-connection new-connection-mark=https comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=465 \
action=mark-connection new-connection-mark=smtps comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=993 \
action=mark-connection new-connection-mark=imaps comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=995 \
action=mark-connection new-connection-mark=pop3s comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=1723 \
action=mark-connection new-connection-mark=pptp comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=2379 \
action=mark-connection new-connection-mark=kgs comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=3218 \
action=mark-connection new-connection-mark=proxy comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=3389 \
action=mark-connection new-connection-mark=win-ts comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=4242-4243 \
action=mark-connection new-connection-mark=emule comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=4661-4662 dst-port=1024-65535 \
action=mark-connection new-connection-mark=overnet comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=4711 dst-port=1024-65535 \
action=mark-connection new-connection-mark=emule comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=5900-5901 \
action=mark-connection new-connection-mark=vnc comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=6667-6669 \
action=mark-connection new-connection-mark=irc comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=6881-6889 \
action=mark-connection new-connection-mark=bittorrent comment="" \
disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=8080 \
action=mark-connection new-connection-mark=http comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=8291 \
action=mark-connection new-connection-mark=winbox comment="" disabled=no
add chain=tcp-services protocol=tcp action=mark-connection \
new-connection-mark=other-tcp comment="other-tcp" disabled=no
add chain=udp-services protocol=udp src-port=1024-65535 dst-port=53 \
action=mark-connection new-connection-mark=dns comment="udp-services" \
disabled=no
add chain=udp-services protocol=udp src-port=1024-65535 dst-port=123 \
action=mark-connection new-connection-mark=ntp comment="" disabled=no
add chain=udp-services protocol=udp src-port=1024-65535 dst-port=1701 \
action=mark-connection new-connection-mark=l2tp comment="" disabled=no
add chain=udp-services protocol=udp src-port=1024-65535 dst-port=4665 \
action=mark-connection new-connection-mark=emule comment="" disabled=no
add chain=udp-services protocol=udp src-port=1024-65535 dst-port=4672 \
action=mark-connection new-connection-mark=emule comment="" disabled=no
add chain=udp-services protocol=udp src-port=4672 dst-port=1024-65535 \
action=mark-connection new-connection-mark=emule comment="" disabled=no
add chain=udp-services protocol=udp src-port=1024-65535 dst-port=12053 \
action=mark-connection new-connection-mark=overnet comment="" disabled=no
add chain=udp-services protocol=udp src-port=12053 dst-port=1024-65535 \
action=mark-connection new-connection-mark=overnet comment="" disabled=no
add chain=udp-services protocol=udp src-port=36725 dst-port=1024-65535 \
action=mark-connection new-connection-mark=skype comment="" disabled=no
add chain=udp-services protocol=udp connection-state=new \
action=mark-connection new-connection-mark=other-udp comment="other-udp" \
disabled=no
add chain=other-services protocol=icmp icmp-options=8:0-255 \
action=mark-connection new-connection-mark=ping comment="other-services" \
disabled=no
add chain=other-services protocol=gre action=mark-connection \
new-connection-mark=gre comment="" disabled=no
add chain=other-services action=mark-connection new-connection-mark=other \
comment="" disabled=no

/ ip firewall nat
add chain=srcnat out-interface=WAN src-address-list=nat-addr action=masquerade \
comment="" disabled=no
add chain=dstnat protocol=tcp dst-port=53 action=redirect to-ports=53 \
comment="" disabled=no
add chain=dstnat protocol=udp dst-port=53 action=redirect to-ports=53 \
comment="" disabled=no
add chain=dstnat protocol=tcp dst-port=80 src-address-list=nat-addr \
dst-address-list=!nice action=redirect to-ports=3218 comment="" \
disabled=no
add chain=dstnat dst-address=203.153.217.242 protocol=tcp dst-port=50210 \
src-address-list="IP LADI" action=dst-nat to-addresses=192.168.10.20 \
to-ports=4112 comment="" disabled=no
/ ip firewall connection tracking
set enabled=yes tcp-syn-sent-timeout=2m tcp-syn-received-timeout=1m \
tcp-established-timeout=5d tcp-fin-wait-timeout=2m \
tcp-close-wait-timeout=1m tcp-last-ack-timeout=30s \
tcp-time-wait-timeout=2m tcp-close-timeout=10s udp-timeout=30s \
udp-stream-timeout=3m icmp-timeout=30s generic-timeout=10m

/ ip firewall filter
add chain=input in-interface=LAN dst-address=255.255.255.255 protocol=udp \
dst-port=5678 action=accept \
comment="Recovery Winbox" disabled=no
add chain=input protocol=tcp dst-port=8291 src-address-list="IP LADI" \
action=accept comment="" disabled=no
add chain=input protocol=tcp dst-port=8291 src-address-list="!IP LADI" \
action=jump jump-target=drop comment="" disabled=no
add chain=input protocol=tcp dst-port=2524 src-address-list="IP LADI" \
action=accept comment="Recovery Telnet" disabled=no
add chain=input protocol=tcp dst-port=2524 src-address-list="!IP LADI" \
action=jump jump-target=drop comment="" disabled=no
add chain=forward protocol=icmp icmp-options=11:0 action=jump jump-target=drop \
comment="Drop Traceroute" disabled=no
add chain=forward protocol=icmp icmp-options=3:3 action=jump jump-target=drop \
comment="" disabled=no
add chain=input protocol=tcp dst-port=1337 action=add-src-to-address-list \
address-list=knock address-list-timeout=15s \
comment="knock" disabled=no
add chain=input protocol=tcp dst-port=7331 src-address-list=knock \
action=add-src-to-address-list address-list=safe address-list-timeout=15m \
comment="" disabled=no
add chain=input src-address-list=safe action=accept comment="" disabled=no
add chain=input in-interface=WAN src-address=0.0.0.0/0 protocol=tcp \
dst-port=7777 action=log log-prefix="" \
comment="Log Knock" disabled=no
add chain=input in-interface=WAN src-address=0.0.0.0/0 protocol=tcp \
dst-port=7777 action=add-src-to-address-list address-list=ssh_ok \
address-list-timeout=2h \
comment="SSH Knock" disabled=no
add chain=input in-interface=WAN src-address=0.0.0.0/0 protocol=tcp action=log \
log-prefix="" comment="" disabled=yes
add chain=input in-interface=WAN src-address=0.0.0.0/0 protocol=tcp \
dst-port=80 action=add-src-to-address-list address-list=ssh_ok \
address-list-timeout=1h comment="" disabled=no
add chain=input in-interface=WAN src-address=0.0.0.0/0 protocol=tcp \
dst-port=22 src-address-list=ssh_ok action=accept comment="" disabled=no
add chain=input src-address=0.0.0.0/0 protocol=tcp dst-port=22 action=drop \
comment="" disabled=no
add chain=input protocol=tcp connection-limit=3,32 src-address-list=black_list \
action=tarpit comment="suppress DoS attack" disabled=no
add chain=input protocol=tcp connection-limit=10,32 \
src-address-list=!local-addr action=add-src-to-address-list \
address-list=black_list address-list-timeout=1d \
comment="detect DoS attack selain dari ip local dan neghborhut" \
disabled=no
add chain=forward dst-address-list=IP_BLOCKED action=jump \
jump-target=ip-blocked \
comment="Blok IP-BLOCKED" disabled=no
add chain=forward src-address-list=Per-IP action=jump jump-target=ip-blocked \
comment="" disabled=no
add chain=ip-blocked action=log log-prefix="" comment="" disabled=no
add chain=ip-blocked action=jump jump-target=drop comment="" disabled=no
add chain=forward connection-mark=drop action=jump jump-target=drop \
comment="virus port" disabled=no
add chain=forward protocol=tcp tcp-flags=syn connection-state=new action=jump \
jump-target=SYN-Protect \
comment="Flood protect" disabled=no
add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5 \
connection-state=new action=accept comment="" disabled=no
add chain=SYN-Protect protocol=tcp tcp-flags=syn connection-state=new \
action=jump jump-target=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=40000-40010 src-address-list=nat-addr \
dst-address-list=!IP-PB action=add-dst-to-address-list address-list=IP-PB \
address-list-timeout=1d \
comment="Filter IP - PB" disabled=no
add chain=forward protocol=tcp dst-port=18901-18909 src-address-list=nat-addr \
dst-address-list=!IP-DANCE action=add-dst-to-address-list \
address-list=IP-DANCE address-list-timeout=1d \
comment="Filter IP - AyoDance" disabled=no
add chain=forward protocol=tcp dst-port=6110-6130 src-address-list=nat-addr \
dst-address-list=!IP-DOTA action=add-dst-to-address-list \
address-list=IP-DOTA address-list-timeout=1d \
comment="Filter IP - DOTA" disabled=no
add chain=forward protocol=tcp dst-port=6348 src-address-list=nat-addr \
dst-address-list=!IP-DOTA action=add-dst-to-address-list \
address-list=IP-DOTA address-list-timeout=1d comment="" disabled=no
add chain=forward protocol=udp dst-port=27000-27030 src-address-list=nat-addr \
dst-address-list=!IP-CS action=add-dst-to-address-list address-list=IP-CS \
address-list-timeout=1d \
comment="Filter IP - CS" disabled=no
add chain=forward action=jump jump-target=chk-fwd \
comment="//////////////////////////////////////////////////////////////////\
/////////////////////////////////// CHECK FORWARD" disabled=no
add chain=chk-fwd packet-mark=nat-traversal action=jump jump-target=drop \
comment="Deny illegal NAT traversal" disabled=no
add chain=chk-fwd protocol=icmp icmp-options=0:0-255 limit=5,5 action=accept \
comment="Limited Ping Flood" disabled=no
add chain=chk-fwd protocol=icmp icmp-options=3:3 limit=5,5 action=accept \
comment="" disabled=no
add chain=chk-fwd protocol=icmp icmp-options=3:4 limit=5,5 action=accept \
comment="" disabled=no
add chain=chk-fwd protocol=icmp icmp-options=8:0-255 limit=5,5 action=accept \
comment="" disabled=no
add chain=chk-fwd protocol=icmp icmp-options=11:0-255 limit=5,5 action=accept \
comment="" disabled=no
add chain=chk-fwd protocol=icmp action=jump jump-target=drop comment="" \
disabled=no
add chain=chk-fwd protocol=tcp psd=21,3s,3,1 action=jump jump-target=drop \
comment="Port scanners to list " disabled=no
add chain=chk-fwd protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg \
action=jump jump-target=drop comment="" disabled=no
add chain=chk-fwd protocol=tcp tcp-flags=fin,syn action=jump jump-target=drop \
comment="" disabled=no
add chain=chk-fwd protocol=tcp tcp-flags=syn,rst action=jump jump-target=drop \
comment="" disabled=no
add chain=chk-fwd protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack \
action=jump jump-target=drop comment="" disabled=no
add chain=chk-fwd protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=jump \
jump-target=drop comment="" disabled=no
add chain=chk-fwd protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg \
action=jump jump-target=drop comment="" disabled=no
add chain=chk-fwd connection-state=invalid action=jump jump-target=drop \
comment="triple connection" disabled=no
add chain=chk-fwd connection-state=established action=accept comment="" \
disabled=no
add chain=chk-fwd connection-state=related action=accept comment="" \
disabled=no
add chain=chk-fwd dst-address-type=broadcast,multicast action=jump \
jump-target=drop comment="Drop all traffic that goes to \
multicast or broadcast addresses" disabled=no
add chain=chk-fwd in-interface=LAN dst-address-type=!local \
dst-address-list=illegal-addr action=jump jump-target=drop \
comment="Drop illegal destination addresses" disabled=no
add chain=chk-fwd in-interface=LAN src-address-list=!local-addr action=jump \
jump-target=drop comment="Drop everything that goes from local \
interface but not from local address" disabled=no
add chain=chk-fwd in-interface=WAN src-address-list=illegal-addr action=jump \
jump-target=drop comment="Drop illegal source addresses" \
disabled=no
add chain=chk-fwd in-interface=WAN dst-address-list=!local-addr action=jump \
jump-target=drop comment="Drop everything that goes from public \
interface but not to local address" disabled=no
add chain=chk-fwd src-address-type=broadcast,multicast action=jump \
jump-target=drop comment="Drop all traffic that comes from \
multicast or broadcast addresses" disabled=no
add chain=forward protocol=tcp action=jump jump-target=restrict-tcp \
comment="//////////////////////////////////////////////////////////////////\
/////////////////////////////////// Application-specific filters" \
disabled=no
add chain=forward protocol=udp action=jump jump-target=restrict-udp comment="" \
disabled=no
add chain=forward action=jump jump-target=restrict-ip comment="" disabled=no
add chain=restrict-tcp connection-mark=auth action=reject \
reject-with=icmp-network-unreachable comment="" disabled=no
add chain=restrict-tcp connection-mark=smtp action=jump \
jump-target=smtp-first-drop \
comment="anti-spam policy" disabled=no
add chain=smtp-first-drop src-address-list=first-smtp \
action=add-src-to-address-list address-list=approved-smtp \
address-list-timeout=0s comment="" disabled=no
add chain=smtp-first-drop src-address-list=approved-smtp action=return \
comment="" disabled=no
add chain=smtp-first-drop action=add-src-to-address-list \
address-list=first-smtp address-list-timeout=0s comment="" disabled=no
add chain=smtp-first-drop action=reject reject-with=icmp-network-unreachable \
comment="" disabled=no
add chain=restrict-tcp connection-mark=other-tcp action=jump jump-target=drop \
comment="Restricting services" disabled=no
add chain=restrict-udp connection-mark=other-udp action=jump jump-target=drop \
comment="" disabled=no
add chain=restrict-ip connection-mark=other action=jump jump-target=drop \
comment="" disabled=no
add chain=input src-address-type=local dst-address-type=local action=accept \
comment="/////////////////// PROTECT ROUTER \
///////////////////////////////////////////////////////////// Allow local \
traffic $between router applications$" disabled=no
add chain=input action=jump jump-target=chk-fwd \
comment="//////////////////////////////////////////////////////////////////\
/////////////////////////////////// CHECK INPUT" disabled=no
add chain=input dst-address-type=!local action=jump jump-target=drop \
comment="Dropping packets not destined to the router itself, \
including all broadcast traffic" disabled=no
add chain=input in-interface=LAN action=jump jump-target=local-services \
comment="Allowing some services to be accessible from the local \
network" disabled=no
add chain=input in-interface=WAN action=jump jump-target=public-services \
comment="Allowing some services to be accessible from the \
Internet" disabled=no
add chain=input src-address-list=!local-addr action=jump jump-target=drop \
comment="DROP INPUT" disabled=no
add chain=local-services connection-mark=ssh action=jump jump-target=drop \
comment="LOCAL SERVICE" disabled=no
add chain=local-services protocol=tcp dst-port=8291 action=accept comment="" \
disabled=no
add chain=local-services protocol=tcp dst-port=3218 action=accept comment="" \
disabled=no
add chain=local-services action=log log-prefix="" comment="" disabled=yes
add chain=public-services connection-mark=ssh action=jump jump-target=drop \
comment="PUBLIC SERVICE" disabled=no
add chain=public-services src-address-list=!local-addr action=jump \
jump-target=drop comment="" disabled=no
add chain=drop action=drop \
comment="DROPPPER" disabled=no

/ ip firewall address-list
add list=local-addr address=192.168.10.0/24 comment="" disabled=no
add list=nat-addr address=192.168.10.0/24 comment="" disabled=no
add list="IP LADI" address=202.53.224.0/19 comment="Kantor LADI" disabled=no
add list="IP LADI" address=180.214.232.0/24 comment="Kantor LADI" disabled=no
add list=IP_BLOCKED address=203.99.131.107 comment="" disabled=no
add list=IP_BLOCKED address=207.218.233.210 comment="" disabled=no
add list=IP_BLOCKED address=66.154.28.62 comment="" disabled=no
add list=IP_BLOCKED address=88.208.252.193 comment="" disabled=no
add list=IP_BLOCKED address=206.217.208.151 comment="" disabled=no
add list=IP_BLOCKED address=66.154.73.68 comment="" disabled=no
add list="IP LADI" address=114.120.0.0/13 comment="IP matcodet" disabled=no
add list="IP LADI" address=182.0.0.0/12 comment="IP matcodet" disabled=no
add list="IP LADI" address=202.159.104.0/27 comment="Kantor LADI" disabled=no
add list="IP LADI" address=202.153.224.0/19 comment="Kantor LADI" disabled=no
add list=IP_BLOCKED address=111.68.113.26 comment="" disabled=no
add list=IP_BLOCKED address=218.100.27.80 comment="" disabled=no
add list=IP_BLOCKED address=203.99.131.13 comment="" disabled=no
add list=IP_BLOCKED address=111.68.116.155 comment="" disabled=no
add list=nice address=182.0.0.0/12 comment="" disabled=no
add list=nice address=114.120.0.0/13 comment="" disabled=no
add list=nice address=120.168.0.0/13 comment="" disabled=no
add list=nice address=114.56.0.0/14 comment="" disabled=no
add list=nice address=120.166.0.0/15 comment="" disabled=no
add list=nice address=125.162.0.0/16 comment="" disabled=no
add list=nice address=125.163.0.0/16 comment="" disabled=no
add list=nice address=125.160.0.0/16 comment="" disabled=no
add list=nice address=125.161.0.0/16 comment="" disabled=no
add list=nice address=125.166.0.0/16 comment="" disabled=no
add list=nice address=125.167.0.0/16 comment="" disabled=no
add list=nice address=125.164.0.0/16 comment="" disabled=no
add list=nice address=125.165.0.0/16 comment="" disabled=no
add list=nice address=223.164.0.0/16 comment="" disabled=no
add list=nice address=180.251.0.0/16 comment="" disabled=no
add list=nice address=180.250.0.0/16 comment="" disabled=no
add list=nice address=180.249.0.0/16 comment="" disabled=no
add list=nice address=180.248.0.0/16 comment="" disabled=no
add list=nice address=180.254.0.0/16 comment="" disabled=no
add list=nice address=180.253.0.0/16 comment="" disabled=no
add list=nice address=180.252.0.0/16 comment="" disabled=no
add list=nice address=120.163.0.0/16 comment="" disabled=no
add list=nice address=180.243.0.0/16 comment="" disabled=no
add list=nice address=120.162.0.0/16 comment="" disabled=no
add list=nice address=180.242.0.0/16 comment="" disabled=no
add list=nice address=120.161.0.0/16 comment="" disabled=no
add list=nice address=180.241.0.0/16 comment="" disabled=no
add list=nice address=120.160.0.0/16 comment="" disabled=no
add list=nice address=180.247.0.0/16 comment="" disabled=no
add list=nice address=180.246.0.0/16 comment="" disabled=no
add list=nice address=180.245.0.0/16 comment="" disabled=no
add list=nice address=180.244.0.0/16 comment="" disabled=no
add list=nice address=124.81.0.0/16 comment="" disabled=no
add list=nice address=222.124.0.0/16 comment="" disabled=no
add list=nice address=61.94.0.0/16 comment="" disabled=no
add list=nice address=118.96.0.0/16 comment="" disabled=no
add list=nice address=118.97.0.0/16 comment="" disabled=no
add list=nice address=167.205.0.0/16 comment="" disabled=no
add list=nice address=110.139.0.0/16 comment="" disabled=no
add list=nice address=110.138.0.0/16 comment="" disabled=no
add list=nice address=110.137.0.0/16 comment="" disabled=no
add list=nice address=110.136.0.0/16 comment="" disabled=no
add list=nice address=119.11.128.0/17 comment="" disabled=no
add list=nice address=124.195.0.0/17 comment="" disabled=no
add list=nice address=118.98.0.0/17 comment="" disabled=no
add list=nice address=61.5.0.0/17 comment="" disabled=no
add list=nice address=202.158.0.0/17 comment="" disabled=no
add list=nice address=180.240.128.0/17 comment="" disabled=no
add list=nice address=202.155.0.0/17 comment="" disabled=no
add list=nice address=120.165.0.0/17 comment="" disabled=no
add list=nice address=118.99.64.0/18 comment="" disabled=no
add list=nice address=117.102.64.0/18 comment="" disabled=no
add list=nice address=152.118.128.0/18 comment="" disabled=no
add list=nice address=152.118.192.0/18 comment="" disabled=no
add list=nice address=152.118.0.0/18 comment="" disabled=no
add list=nice address=152.118.64.0/18 comment="" disabled=no
add list=nice address=221.132.192.0/18 comment="" disabled=no
add list=nice address=125.208.128.0/18 comment="" disabled=no
add list=nice address=124.153.0.0/18 comment="" disabled=no
add list=nice address=222.165.192.0/18 comment="" disabled=no
add list=nice address=203.130.192.0/18 comment="" disabled=no
add list=nice address=210.210.128.0/18 comment="" disabled=no
add list=nice address=113.11.128.0/19 comment="" disabled=no
add list=nice address=202.173.64.0/19 comment="" disabled=no
add list=nice address=114.199.96.0/19 comment="" disabled=no
add list=nice address=202.171.0.0/19 comment="" disabled=no
add list=nice address=202.47.192.0/19 comment="" disabled=no
add list=nice address=202.169.32.0/19 comment="" disabled=no
add list=nice address=117.102.224.0/19 comment="" disabled=no
add list=nice address=202.149.128.0/19 comment="" disabled=no
add list=nice address=202.149.64.0/19 comment="" disabled=no
add list=nice address=202.146.224.0/19 comment="" disabled=no
add list=nice address=202.155.128.0/19 comment="" disabled=no
add list=nice address=118.82.0.0/19 comment="" disabled=no
add list=nice address=60.253.96.0/19 comment="" disabled=no
add list=nice address=61.247.0.0/19 comment="" disabled=no
add list=nice address=61.247.32.0/19 comment="" disabled=no
add list=nice address=111.94.0.0/19 comment="" disabled=no
add list=nice address=111.94.32.0/19 comment="" disabled=no
add list=nice address=111.94.64.0/19 comment="" disabled=no
add list=nice address=111.94.96.0/19 comment="" disabled=no
add list=nice address=111.94.192.0/19 comment="" disabled=no
add list=nice address=111.95.0.0/19 comment="" disabled=no
add list=nice address=111.95.32.0/19 comment="" disabled=no
add list=nice address=111.95.64.0/19 comment="" disabled=no
add list=nice address=111.95.96.0/19 comment="" disabled=no
add list=nice address=111.95.128.0/19 comment="" disabled=no
add list=nice address=112.78.128.0/19 comment="" disabled=no
add list=nice address=114.79.0.0/19 comment="" disabled=no
add list=nice address=114.79.32.0/19 comment="" disabled=no
add list=nice address=117.104.192.0/19 comment="" disabled=no
add list=nice address=118.136.0.0/19 comment="" disabled=no
add list=nice address=118.136.32.0/19 comment="" disabled=no
add list=nice address=118.136.64.0/19 comment="" disabled=no
add list=nice address=118.136.96.0/19 comment="" disabled=no
add list=nice address=118.136.128.0/19 comment="" disabled=no
add list=nice address=118.136.160.0/19 comment="" disabled=no
add list=nice address=118.136.192.0/19 comment="" disabled=no
add list=nice address=118.136.224.0/19 comment="" disabled=no
add list=nice address=118.137.0.0/19 comment="" disabled=no
add list=nice address=118.137.32.0/19 comment="" disabled=no
add list=nice address=118.137.64.0/19 comment="" disabled=no
add list=nice address=118.137.96.0/19 comment="" disabled=no
add list=nice address=118.137.128.0/19 comment="" disabled=no
add list=nice address=118.137.160.0/19 comment="" disabled=no
add list=nice address=118.137.192.0/19 comment="" disabled=no
add list=nice address=118.137.224.0/19 comment="" disabled=no
add list=nice address=120.164.0.0/19 comment="" disabled=no
add list=nice address=123.231.224.0/19 comment="" disabled=no
add list=nice address=202.43.160.0/19 comment="" disabled=no
add list=nice address=202.46.64.0/19 comment="" disabled=no
add list=nice address=202.53.224.0/19 comment="" disabled=no
add list=nice address=202.77.96.0/19 comment="" disabled=no
add list=nice address=202.137.0.0/19 comment="" disabled=no
add list=nice address=202.148.0.0/19 comment="" disabled=no
add list=nice address=202.150.64.0/19 comment="" disabled=no
add list=nice address=202.152.0.0/19 comment="" disabled=no
add list=nice address=202.152.32.0/19 comment="" disabled=no
add list=nice address=202.153.224.0/19 comment="" disabled=no
add list=nice address=202.154.0.0/19 comment="" disabled=no
add list=nice address=202.154.32.0/19 comment="" disabled=no
add list=nice address=202.159.0.0/19 comment="" disabled=no
add list=nice address=202.159.32.0/19 comment="" disabled=no
add list=nice address=202.159.64.0/19 comment="" disabled=no
add list=nice address=202.159.96.0/19 comment="" disabled=no
add list=nice address=202.162.192.0/19 comment="" disabled=no
add list=nice address=203.123.224.0/19 comment="" disabled=no
add list=nice address=203.128.64.0/19 comment="" disabled=no
add list=nice address=203.153.96.0/19 comment="" disabled=no
add list=nice address=219.83.0.0/19 comment="" disabled=no
add list=nice address=219.83.32.0/19 comment="" disabled=no
add list=nice address=27.50.16.0/20 comment="" disabled=no
add list=nice address=27.124.80.0/20 comment="" disabled=no
add list=nice address=61.8.64.0/20 comment="" disabled=no
add list=nice address=110.5.96.0/20 comment="" disabled=no
add list=nice address=111.68.112.0/20 comment="" disabled=no
add list=nice address=111.94.128.0/20 comment="" disabled=no
add list=nice address=111.94.160.0/20 comment="" disabled=no
add list=nice address=111.94.224.0/20 comment="" disabled=no
add list=nice address=113.212.112.0/20 comment="" disabled=no
add list=nice address=114.199.80.0/20 comment="" disabled=no
add list=nice address=115.124.64.0/20 comment="" disabled=no
add list=nice address=116.213.48.0/20 comment="" disabled=no
add list=nice address=117.20.48.0/20 comment="" disabled=no
add list=nice address=117.74.112.0/20 comment="" disabled=no
add list=nice address=119.2.80.0/20 comment="" disabled=no
add list=nice address=119.235.16.0/20 comment="" disabled=no
add list=nice address=119.235.208.0/20 comment="" disabled=no
add list=nice address=121.52.64.0/20 comment="" disabled=no
add list=nice address=121.100.16.0/20 comment="" disabled=no
add list=nice address=122.129.96.0/20 comment="" disabled=no
add list=nice address=122.129.192.0/20 comment="" disabled=no
add list=nice address=122.200.0.0/20 comment="" disabled=no
add list=nice address=122.248.32.0/20 comment="" disabled=no
add list=nice address=175.158.32.0/20 comment="" disabled=no
add list=nice address=180.178.96.0/20 comment="" disabled=no
add list=nice address=180.214.240.0/20 comment="" disabled=no
add list=nice address=182.16.240.0/20 comment="" disabled=no
add list=nice address=182.23.16.0/20 comment="" disabled=no
add list=nice address=182.23.160.0/20 comment="" disabled=no
add list=nice address=182.48.160.0/20 comment="" disabled=no
add list=nice address=183.91.64.0/20 comment="" disabled=no
add list=nice address=184.86.64.0/20 comment="" disabled=no
add list=nice address=202.3.208.0/20 comment="" disabled=no
add list=nice address=202.6.208.0/20 comment="" disabled=no
add list=nice address=202.6.224.0/20 comment="" disabled=no
add list=nice address=202.46.144.0/20 comment="" disabled=no
add list=nice address=202.47.64.0/20 comment="" disabled=no
add list=nice address=202.51.192.0/20 comment="" disabled=no
add list=nice address=202.51.224.0/20 comment="" disabled=no
add list=nice address=202.57.0.0/20 comment="" disabled=no
add list=nice address=202.58.64.0/20 comment="" disabled=no
add list=nice address=202.58.160.0/20 comment="" disabled=no
add list=nice address=202.58.192.0/20 comment="" disabled=no
add list=nice address=202.59.160.0/20 comment="" disabled=no
add list=nice address=202.62.16.0/20 comment="" disabled=no
add list=nice address=202.65.112.0/20 comment="" disabled=no
add list=nice address=202.67.32.0/20 comment="" disabled=no
add list=nice address=202.69.96.0/20 comment="" disabled=no
add list=nice address=202.70.48.0/20 comment="" disabled=no
add list=nice address=202.72.208.0/20 comment="" disabled=no
add list=nice address=202.73.112.0/20 comment="" disabled=no
add list=nice address=202.73.224.0/20 comment="" disabled=no
add list=nice address=202.75.96.0/20 comment="" disabled=no
add list=nice address=202.78.192.0/20 comment="" disabled=no
add list=nice address=202.80.112.0/20 comment="" disabled=no
add list=nice address=202.80.208.0/20 comment="" disabled=no
add list=nice address=202.81.48.0/20 comment="" disabled=no
add list=nice address=202.87.176.0/20 comment="" disabled=no
add list=nice address=202.89.208.0/20 comment="" disabled=no
add list=nice address=202.92.192.0/20 comment="" disabled=no
add list=nice address=202.93.16.0/20 comment="" disabled=no
add list=nice address=202.93.32.0/20 comment="" disabled=no
add list=nice address=202.93.128.0/20 comment="" disabled=no
add list=nice address=202.93.224.0/20 comment="" disabled=no
add list=nice address=202.95.128.0/20 comment="" disabled=no
add list=nice address=202.122.160.0/20 comment="" disabled=no
add list=nice address=202.123.224.0/20 comment="" disabled=no
add list=nice address=202.127.96.0/20 comment="" disabled=no
add list=nice address=202.138.224.0/20 comment="" disabled=no
add list=nice address=202.143.32.0/20 comment="" disabled=no
add list=nice address=202.145.0.0/20 comment="" disabled=no
add list=nice address=202.147.192.0/20 comment="" disabled=no
add list=nice address=202.150.128.0/20 comment="" disabled=no
add list=nice address=202.150.160.0/20 comment="" disabled=no
add list=nice address=202.152.160.0/20 comment="" disabled=no
add list=nice address=202.152.224.0/20 comment="" disabled=no
add list=nice address=202.153.16.0/20 comment="" disabled=no
add list=nice address=202.165.32.0/20 comment="" disabled=no
add list=nice address=202.182.48.0/20 comment="" disabled=no
add list=nice address=203.77.224.0/20 comment="" disabled=no
add list=nice address=203.78.112.0/20 comment="" disabled=no
add list=nice address=203.83.32.0/20 comment="" disabled=no
add list=nice address=203.142.64.0/20 comment="" disabled=no
add list=nice address=203.161.16.0/20 comment="" disabled=no
add list=nice address=203.166.192.0/20 comment="" disabled=no
add list=nice address=210.57.208.0/20 comment="" disabled=no
add list=nice address=210.79.208.0/20 comment="" disabled=no
add list=nice address=210.247.240.0/20 comment="" disabled=no
add list=nice address=219.83.80.0/20 comment="" disabled=no
add list=nice address=219.83.96.0/20 comment="" disabled=no
add list=nice address=220.157.96.0/20 comment="" disabled=no
add list=nice address=223.25.96.0/20 comment="" disabled=no
add list=nice address=223.27.144.0/20 comment="" disabled=no
add list=nice address=27.112.64.0/21 comment="" disabled=no
add list=nice address=27.121.80.0/21 comment="" disabled=no
add list=nice address=27.123.0.0/21 comment="" disabled=no
add list=nice address=27.131.0.0/21 comment="" disabled=no
add list=nice address=49.128.176.0/21 comment="" disabled=no
add list=nice address=49.156.56.0/21 comment="" disabled=no
add list=nice address=58.65.240.0/21 comment="" disabled=no
add list=nice address=110.35.80.0/21 comment="" disabled=no
add list=nice address=110.44.168.0/21 comment="" disabled=no
add list=nice address=110.50.80.0/21 comment="" disabled=no
add list=nice address=110.76.144.0/21 comment="" disabled=no
add list=nice address=111.68.24.0/21 comment="" disabled=no
add list=nice address=111.94.176.0/21 comment="" disabled=no
add list=nice address=112.78.40.0/21 comment="" disabled=no
add list=nice address=112.78.168.0/21 comment="" disabled=no
add list=nice address=112.78.176.0/21 comment="" disabled=no
add list=nice address=112.109.16.0/21 comment="" disabled=no
add list=nice address=113.59.232.0/21 comment="" disabled=no
add list=nice address=113.212.160.0/21 comment="" disabled=no
add list=nice address=114.31.240.0/21 comment="" disabled=no
add list=nice address=114.110.16.0/21 comment="" disabled=no
add list=nice address=114.134.72.0/21 comment="" disabled=no
add list=nice address=114.141.48.0/21 comment="" disabled=no
add list=nice address=114.141.88.0/21 comment="" disabled=no
add list=nice address=115.69.216.0/21 comment="" disabled=no
add list=nice address=115.85.64.0/21 comment="" disabled=no
add list=nice address=115.124.80.0/21 comment="" disabled=no
add list=nice address=115.178.48.0/21 comment="" disabled=no
add list=nice address=115.178.120.0/21 comment="" disabled=no
add list=nice address=116.0.0.0/21 comment="" disabled=no
add list=nice address=116.50.24.0/21 comment="" disabled=no
add list=nice address=116.66.200.0/21 comment="" disabled=no
add list=nice address=116.68.248.0/21 comment="" disabled=no
add list=nice address=116.90.208.0/21 comment="" disabled=no
add list=nice address=116.197.128.0/21 comment="" disabled=no
add list=nice address=116.212.72.0/21 comment="" disabled=no
add list=nice address=116.254.96.0/21 comment="" disabled=no
add list=nice address=117.102.160.0/21 comment="" disabled=no
add list=nice address=117.103.0.0/21 comment="" disabled=no
add list=nice address=117.103.32.0/21 comment="" disabled=no
add list=nice address=117.103.48.0/21 comment="" disabled=no
add list=nice address=117.103.168.0/21 comment="" disabled=no
add list=nice address=117.121.200.0/21 comment="" disabled=no
add list=nice address=119.2.40.0/21 comment="" disabled=no
add list=nice address=119.2.72.0/21 comment="" disabled=no
add list=nice address=119.10.176.0/21 comment="" disabled=no
add list=nice address=119.47.88.0/21 comment="" disabled=no
add list=nice address=119.82.224.0/21 comment="" disabled=no
add list=nice address=119.110.64.0/21 comment="" disabled=no
add list=nice address=119.110.80.0/21 comment="" disabled=no
add list=nice address=119.235.248.0/21 comment="" disabled=no
add list=nice address=119.252.104.0/21 comment="" disabled=no
add list=nice address=119.252.128.0/21 comment="" disabled=no
add list=nice address=119.252.160.0/21 comment="" disabled=no
add list=nice address=120.29.152.0/21 comment="" disabled=no
add list=nice address=120.136.16.0/21 comment="" disabled=no
add list=nice address=120.164.40.0/21 comment="" disabled=no
add list=nice address=121.50.32.0/21 comment="" disabled=no
add list=nice address=121.52.48.0/21 comment="" disabled=no
add list=nice address=121.52.136.0/21 comment="" disabled=no
add list=nice address=121.58.184.0/21 comment="" disabled=no
add list=nice address=121.101.128.0/21 comment="" disabled=no
add list=nice address=121.101.184.0/21 comment="" disabled=no
add list=nice address=122.49.224.0/21 comment="" disabled=no
add list=nice address=122.102.40.0/21 comment="" disabled=no
add list=nice address=122.129.112.0/21 comment="" disabled=no
add list=nice address=122.144.0.0/21 comment="" disabled=no
add list=nice address=122.200.48.0/21 comment="" disabled=no
add list=nice address=122.200.144.0/21 comment="" disabled=no
add list=nice address=123.108.8.0/21 comment="" disabled=no
add list=nice address=123.255.200.0/21 comment="" disabled=no
add list=nice address=124.6.32.0/21 comment="" disabled=no
add list=nice address=124.40.248.0/21 comment="" disabled=no
add list=nice address=124.66.160.0/21 comment="" disabled=no
add list=nice address=124.158.128.0/21 comment="" disabled=no
add list=nice address=175.45.184.0/21 comment="" disabled=no
add list=nice address=175.106.8.0/21 comment="" disabled=no
add list=nice address=175.106.16.0/21 comment="" disabled=no
add list=nice address=175.111.112.0/21 comment="" disabled=no
add list=nice address=175.176.160.0/21 comment="" disabled=no
add list=nice address=180.211.88.0/21 comment="" disabled=no
add list=nice address=182.23.8.0/21 comment="" disabled=no
add list=nice address=182.255.0.0/21 comment="" disabled=no
add list=nice address=183.91.80.0/21 comment="" disabled=no
add list=nice address=202.43.248.0/21 comment="" disabled=no
add list=nice address=202.46.0.0/21 comment="" disabled=no
add list=nice address=202.46.24.0/21 comment="" disabled=no
add list=nice address=202.51.16.0/21 comment="" disabled=no
add list=nice address=202.51.208.0/21 comment="" disabled=no
add list=nice address=202.57.24.0/21 comment="" disabled=no
add list=nice address=202.58.176.0/21 comment="" disabled=no
add list=nice address=202.59.200.0/21 comment="" disabled=no
add list=nice address=202.67.8.0/21 comment="" disabled=no
add list=nice address=202.73.104.0/21 comment="" disabled=no
add list=nice address=202.74.72.0/21 comment="" disabled=no
add list=nice address=202.75.24.0/21 comment="" disabled=no
add list=nice address=202.87.248.0/21 comment="" disabled=no
add list=nice address=202.91.8.0/21 comment="" disabled=no
add list=nice address=202.91.24.0/21 comment="" disabled=no
add list=nice address=202.93.240.0/21 comment="" disabled=no
add list=nice address=202.122.8.0/21 comment="" disabled=no
add list=nice address=202.129.184.0/21 comment="" disabled=no
add list=nice address=202.133.0.0/21 comment="" disabled=no
add list=nice address=202.134.0.0/21 comment="" disabled=no
add list=nice address=202.138.240.0/21 comment="" disabled=no
add list=nice address=202.146.128.0/21 comment="" disabled=no
add list=nice address=202.146.176.0/21 comment="" disabled=no
add list=nice address=202.147.248.0/21 comment="" disabled=no
add list=nice address=202.152.248.0/21 comment="" disabled=no
add list=nice address=202.153.128.0/21 comment="" disabled=no
add list=nice address=202.153.144.0/21 comment="" disabled=no
add list=nice address=202.158.136.0/21 comment="" disabled=no
add list=nice address=202.162.32.0/21 comment="" disabled=no
add list=nice address=202.164.216.0/21 comment="" disabled=no
add list=nice address=202.169.224.0/21 comment="" disabled=no
add list=nice address=202.169.240.0/21 comment="" disabled=no
add list=nice address=202.173.16.0/21 comment="" disabled=no
add list=nice address=202.179.184.0/21 comment="" disabled=no
add list=nice address=202.182.168.0/21 comment="" disabled=no
add list=nice address=203.80.8.0/21 comment="" disabled=no
add list=nice address=203.81.184.0/21 comment="" disabled=no
add list=nice address=203.83.24.0/21 comment="" disabled=no
add list=nice address=203.84.136.0/21 comment="" disabled=no
add list=nice address=203.84.152.0/21 comment="" disabled=no
add list=nice address=203.89.24.0/21 comment="" disabled=no
add list=nice address=203.135.176.0/21 comment="" disabled=no
add list=nice address=203.142.80.0/21 comment="" disabled=no
add list=nice address=203.153.24.0/21 comment="" disabled=no
add list=nice address=203.160.56.0/21 comment="" disabled=no
add list=nice address=203.174.8.0/21 comment="" disabled=no
add list=nice address=203.190.40.0/21 comment="" disabled=no
add list=nice address=203.190.112.0/21 comment="" disabled=no
add list=nice address=203.190.240.0/21 comment="" disabled=no
add list=nice address=203.191.40.0/21 comment="" disabled=no
add list=nice address=203.201.168.0/21 comment="" disabled=no
add list=nice address=210.23.64.0/21 comment="" disabled=no
add list=nice address=219.83.72.0/21 comment="" disabled=no
add list=nice address=219.83.112.0/21 comment="" disabled=no
add list=nice address=222.229.80.0/21 comment="" disabled=no
add list=nice address=14.102.152.0/22 comment="" disabled=no
add list=nice address=27.112.76.0/22 comment="" disabled=no
add list=nice address=49.0.4.0/22 comment="" disabled=no
add list=nice address=49.0.24.0/22 comment="" disabled=no
add list=nice address=49.50.4.0/22 comment="" disabled=no
add list=nice address=49.128.184.0/22 comment="" disabled=no
add list=nice address=49.156.20.0/22 comment="" disabled=no
add list=nice address=58.145.172.0/22 comment="" disabled=no
add list=nice address=79.140.192.0/22 comment="" disabled=no
add list=nice address=101.203.168.0/22 comment="" disabled=no
add list=nice address=110.92.72.0/22 comment="" disabled=no
add list=nice address=110.93.12.0/22 comment="" disabled=no
add list=nice address=110.232.72.0/22 comment="" disabled=no
add list=nice address=110.232.80.0/22 comment="" disabled=no
add list=nice address=111.67.64.0/22 comment="" disabled=no
add list=nice address=111.67.76.0/22 comment="" disabled=no
add list=nice address=111.92.168.0/22 comment="" disabled=no
add list=nice address=111.221.40.0/22 comment="" disabled=no
add list=nice address=111.223.252.0/22 comment="" disabled=no
add list=nice address=112.78.184.0/22 comment="" disabled=no
add list=nice address=113.20.28.0/22 comment="" disabled=no
add list=nice address=113.52.148.0/22 comment="" disabled=no
add list=nice address=113.208.64.0/22 comment="" disabled=no
add list=nice address=114.30.80.0/22 comment="" disabled=no
add list=nice address=115.124.92.0/22 comment="" disabled=no
add list=nice address=115.166.96.0/22 comment="" disabled=no
add list=nice address=115.166.108.0/22 comment="" disabled=no
add list=nice address=115.166.124.0/22 comment="" disabled=no
add list=nice address=116.12.44.0/22 comment="" disabled=no
add list=nice address=116.90.176.0/22 comment="" disabled=no
add list=nice address=116.193.188.0/22 comment="" disabled=no
add list=nice address=116.199.200.0/22 comment="" disabled=no
add list=nice address=116.212.96.0/22 comment="" disabled=no
add list=nice address=117.103.56.0/22 comment="" disabled=no
add list=nice address=118.98.232.0/22 comment="" disabled=no
add list=nice address=119.2.64.0/22 comment="" disabled=no
add list=nice address=119.82.232.0/22 comment="" disabled=no
add list=nice address=119.82.240.0/22 comment="" disabled=no
add list=nice address=121.52.80.0/22 comment="" disabled=no
add list=nice address=121.52.92.0/22 comment="" disabled=no
add list=nice address=121.52.132.0/22 comment="" disabled=no
add list=nice address=122.102.48.0/22 comment="" disabled=no
add list=nice address=123.176.120.0/22 comment="" disabled=no
add list=nice address=124.6.40.0/22 comment="" disabled=no
add list=nice address=124.158.136.0/22 comment="" disabled=no
add list=nice address=138.32.236.0/22 comment="" disabled=no
add list=nice address=175.103.32.0/22 comment="" disabled=no
add list=nice address=175.103.40.0/22 comment="" disabled=no
add list=nice address=175.103.52.0/22 comment="" disabled=no
add list=nice address=175.103.56.0/22 comment="" disabled=no
add list=nice address=175.111.88.0/22 comment="" disabled=no
add list=nice address=180.131.144.0/22 comment="" disabled=no
add list=nice address=180.178.92.0/22 comment="" disabled=no
add list=nice address=180.222.216.0/22 comment="" disabled=no
add list=nice address=180.235.148.0/22 comment="" disabled=no
add list=nice address=182.23.4.0/22 comment="" disabled=no
add list=nice address=182.23.32.0/22 comment="" disabled=no
add list=nice address=182.255.16.0/22 comment="" disabled=no
add list=nice address=183.182.92.0/22 comment="" disabled=no
add list=nice address=184.86.96.0/22 comment="" disabled=no
add list=nice address=202.10.32.0/22 comment="" disabled=no
add list=nice address=202.10.40.0/22 comment="" disabled=no
add list=nice address=202.43.72.0/22 comment="" disabled=no
add list=nice address=202.43.92.0/22 comment="" disabled=no
add list=nice address=202.43.112.0/22 comment="" disabled=no
add list=nice address=202.51.28.0/22 comment="" disabled=no
add list=nice address=202.51.56.0/22 comment="" disabled=no
add list=nice address=202.51.96.0/22 comment="" disabled=no
add list=nice address=202.51.104.0/22 comment="" disabled=no
add list=nice address=202.51.116.0/22 comment="" disabled=no
add list=nice address=202.51.124.0/22 comment="" disabled=no
add list=nice address=202.51.216.0/22 comment="" disabled=no
add list=nice address=202.51.252.0/22 comment="" disabled=no
add list=nice address=202.55.164.0/22 comment="" disabled=no
add list=nice address=202.55.168.0/22 comment="" disabled=no
add list=nice address=202.57.16.0/22 comment="" disabled=no
add list=nice address=202.62.8.0/22 comment="" disabled=no
add list=nice address=202.70.132.0/22 comment="" disabled=no
add list=nice address=202.72.192.0/22 comment="" disabled=no
add list=nice address=202.81.4.0/22 comment="" disabled=no
add list=nice address=202.87.240.0/22 comment="" disabled=no
add list=nice address=202.93.112.0/22 comment="" disabled=no
add list=nice address=202.95.148.0/22 comment="" disabled=no
add list=nice address=202.95.152.0/22 comment="" disabled=no
add list=nice address=202.129.224.0/22 comment="" disabled=no
add list=nice address=202.138.248.0/22 comment="" disabled=no
add list=nice address=202.146.0.0/22 comment="" disabled=no
add list=nice address=202.146.32.0/22 comment="" disabled=no
add list=nice address=202.146.136.0/22 comment="" disabled=no
add list=nice address=202.147.224.0/22 comment="" disabled=no
add list=nice address=202.147.244.0/22 comment="" disabled=no
add list=nice address=202.151.12.0/22 comment="" disabled=no
add list=nice address=202.152.200.0/22 comment="" disabled=no
add list=nice address=202.153.136.0/22 comment="" disabled=no
add list=nice address=202.158.132.0/22 comment="" disabled=no
add list=nice address=202.162.40.0/22 comment="" disabled=no
add list=nice address=202.180.0.0/22 comment="" disabled=no
add list=nice address=202.182.160.0/22 comment="" disabled=no
add list=nice address=203.77.208.0/22 comment="" disabled=no
add list=nice address=203.114.224.0/22 comment="" disabled=no
add list=nice address=203.123.60.0/22 comment="" disabled=no
add list=nice address=203.128.248.0/22 comment="" disabled=no
add list=nice address=203.153.212.0/22 comment="" disabled=no
add list=nice address=203.153.216.0/22 comment="" disabled=no
add list=nice address=203.190.52.0/22 comment="" disabled=no
add list=nice address=203.190.184.0/22 comment="" disabled=no
add list=nice address=203.201.160.0/22 comment="" disabled=no
add list=nice address=203.217.132.0/22 comment="" disabled=no
add list=nice address=203.217.188.0/22 comment="" disabled=no
add list=nice address=210.23.72.0/22 comment="" disabled=no
add list=nice address=219.83.120.0/22 comment="" disabled=no
add list=nice address=220.247.168.0/22 comment="" disabled=no
add list=nice address=223.165.4.0/22 comment="" disabled=no
add list=nice address=27.131.250.0/23 comment="" disabled=no
add list=nice address=32.114.24.0/23 comment="" disabled=no
add list=nice address=49.128.188.0/23 comment="" disabled=no
add list=nice address=58.145.170.0/23 comment="" disabled=no
add list=nice address=101.0.4.0/23 comment="" disabled=no
add list=nice address=101.50.16.0/23 comment="" disabled=no
add list=nice address=110.232.68.0/23 comment="" disabled=no
add list=nice address=110.232.76.0/23 comment="" disabled=no
add list=nice address=110.232.84.0/23 comment="" disabled=no
add list=nice address=111.67.68.0/23 comment="" disabled=no
add list=nice address=111.67.74.0/23 comment="" disabled=no
add list=nice address=111.67.86.0/23 comment="" disabled=no
add list=nice address=111.67.88.0/23 comment="" disabled=no
add list=nice address=111.92.160.0/23 comment="" disabled=no
add list=nice address=111.92.174.0/23 comment="" disabled=no
add list=nice address=112.78.96.0/23 comment="" disabled=no
add list=nice address=112.215.6.0/23 comment="" disabled=no
add list=nice address=112.215.10.0/23 comment="" disabled=no
add list=nice address=112.215.14.0/23 comment="" disabled=no
add list=nice address=112.215.18.0/23 comment="" disabled=no
add list=nice address=112.215.22.0/23 comment="" disabled=no
add list=nice address=112.215.40.0/23 comment="" disabled=no
add list=nice address=114.4.14.0/23 comment="" disabled=no
add list=nice address=114.4.40.0/23 comment="" disabled=no
add list=nice address=114.6.12.0/23 comment="" disabled=no
add list=nice address=114.30.84.0/23 comment="" disabled=no
add list=nice address=114.134.64.0/23 comment="" disabled=no
add list=nice address=115.124.88.0/23 comment="" disabled=no
add list=nice address=115.166.100.0/23 comment="" disabled=no
add list=nice address=115.166.104.0/23 comment="" disabled=no
add list=nice address=115.178.128.0/23 comment="" disabled=no
add list=nice address=116.68.224.0/23 comment="" disabled=no
add list=nice address=116.90.162.0/23 comment="" disabled=no
add list=nice address=116.90.166.0/23 comment="" disabled=no
add list=nice address=116.90.170.0/23 comment="" disabled=no
add list=nice address=116.90.172.0/23 comment="" disabled=no
add list=nice address=117.18.18.0/23 comment="" disabled=no
add list=nice address=117.103.8.0/23 comment="" disabled=no
add list=nice address=117.103.14.0/23 comment="" disabled=no
add list=nice address=117.103.60.0/23 comment="" disabled=no
add list=nice address=118.98.222.0/23 comment="" disabled=no
add list=nice address=118.98.226.0/23 comment="" disabled=no
add list=nice address=119.2.70.0/23 comment="" disabled=no
add list=nice address=119.82.244.0/23 comment="" disabled=no
add list=nice address=119.110.72.0/23 comment="" disabled=no
add list=nice address=119.110.76.0/23 comment="" disabled=no
add list=nice address=119.252.168.0/23 comment="" disabled=no
add list=nice address=119.252.172.0/23 comment="" disabled=no
add list=nice address=121.52.58.0/23 comment="" disabled=no
add list=nice address=121.52.60.0/23 comment="" disabled=no
add list=nice address=121.52.86.0/23 comment="" disabled=no
add list=nice address=121.52.88.0/23 comment="" disabled=no
add list=nice address=121.52.130.0/23 comment="" disabled=no
add list=nice address=122.128.16.0/23 comment="" disabled=no
add list=nice address=122.128.24.0/23 comment="" disabled=no
add list=nice address=124.158.150.0/23 comment="" disabled=no
add list=nice address=124.158.152.0/23 comment="" disabled=no
add list=nice address=175.103.44.0/23 comment="" disabled=no
add list=nice address=175.103.62.0/23 comment="" disabled=no
add list=nice address=180.214.232.0/23 comment="" disabled=no
add list=nice address=182.48.176.0/23 comment="" disabled=no
add list=nice address=184.26.164.0/23 comment="" disabled=no
add list=nice address=202.4.160.0/23 comment="" disabled=no
add list=nice address=202.4.170.0/23 comment="" disabled=no
add list=nice address=202.8.28.0/23 comment="" disabled=no
add list=nice address=202.9.72.0/23 comment="" disabled=no
add list=nice address=202.10.62.0/23 comment="" disabled=no
add list=nice address=202.20.106.0/23 comment="" disabled=no
add list=nice address=202.20.108.0/23 comment="" disabled=no
add list=nice address=202.43.64.0/23 comment="" disabled=no
add list=nice address=202.43.88.0/23 comment="" disabled=no
add list=nice address=202.43.116.0/23 comment="" disabled=no
add list=nice address=202.46.8.0/23 comment="" disabled=no
add list=nice address=202.46.14.0/23 comment="" disabled=no
add list=nice address=202.46.130.0/23 comment="" disabled=no
add list=nice address=202.46.240.0/23 comment="" disabled=no
add list=nice address=202.46.252.0/23 comment="" disabled=no
add list=nice address=202.47.90.0/23 comment="" disabled=no
add list=nice address=202.51.60.0/23 comment="" disabled=no
add list=nice address=202.51.102.0/23 comment="" disabled=no
add list=nice address=202.51.110.0/23 comment="" disabled=no
add list=nice address=202.51.122.0/23 comment="" disabled=no
add list=nice address=202.51.222.0/23 comment="" disabled=no
add list=nice address=202.52.48.0/23 comment="" disabled=no
add list=nice address=202.52.58.0/23 comment="" disabled=no
add list=nice address=202.55.160.0/23 comment="" disabled=no
add list=nice address=202.58.238.0/23 comment="" disabled=no
add list=nice address=202.58.242.0/23 comment="" disabled=no
add list=nice address=202.59.194.0/23 comment="" disabled=no
add list=nice address=202.59.196.0/23 comment="" disabled=no
add list=nice address=202.61.98.0/23 comment="" disabled=no
add list=nice address=202.61.100.0/23 comment="" disabled=no
add list=nice address=202.61.104.0/23 comment="" disabled=no
add list=nice address=202.61.112.0/23 comment="" disabled=no
add list=nice address=202.61.124.0/23 comment="" disabled=no
add list=nice address=202.73.98.0/23 comment="" disabled=no
add list=nice address=202.73.100.0/23 comment="" disabled=no
add list=nice address=202.75.18.0/23 comment="" disabled=no
add list=nice address=202.75.20.0/23 comment="" disabled=no
add list=nice address=202.87.246.0/23 comment="" disabled=no
add list=nice address=202.89.116.0/23 comment="" disabled=no
add list=nice address=202.90.194.0/23 comment="" disabled=no
add list=nice address=202.90.198.0/23 comment="" disabled=no
add list=nice address=202.93.120.0/23 comment="" disabled=no
add list=nice address=202.94.84.0/23 comment="" disabled=no
add list=nice address=202.124.196.0/23 comment="" disabled=no
add list=nice address=202.125.80.0/23 comment="" disabled=no
add list=nice address=202.125.88.0/23 comment="" disabled=no
add list=nice address=202.125.100.0/23 comment="" disabled=no
add list=nice address=202.129.216.0/23 comment="" disabled=no
add list=nice address=202.135.6.0/23 comment="" disabled=no
add list=nice address=202.138.252.0/23 comment="" disabled=no
add list=nice address=202.146.4.0/23 comment="" disabled=no
add list=nice address=202.146.36.0/23 comment="" disabled=no
add list=nice address=202.147.228.0/23 comment="" disabled=no
add list=nice address=202.147.232.0/23 comment="" disabled=no
add list=nice address=202.147.240.0/23 comment="" disabled=no
add list=nice address=202.152.194.0/23 comment="" disabled=no
add list=nice address=202.152.196.0/23 comment="" disabled=no
add list=nice address=202.152.206.0/23 comment="" disabled=no
add list=nice address=202.152.240.0/23 comment="" disabled=no
add list=nice address=202.154.176.0/23 comment="" disabled=no
add list=nice address=202.158.130.0/23 comment="" disabled=no
add list=nice address=202.162.46.0/23 comment="" disabled=no
add list=nice address=202.169.232.0/23 comment="" disabled=no
add list=nice address=202.169.238.0/23 comment="" disabled=no
add list=nice address=202.180.4.0/23 comment="" disabled=no
add list=nice address=202.180.8.0/23 comment="" disabled=no
add list=nice address=202.180.54.0/23 comment="" disabled=no
add list=nice address=202.182.164.0/23 comment="" disabled=no
add list=nice address=202.182.176.0/23 comment="" disabled=no
add list=nice address=202.182.182.0/23 comment="" disabled=no
add list=nice address=202.182.184.0/23 comment="" disabled=no
add list=nice address=202.191.2.0/23 comment="" disabled=no
add list=nice address=203.24.76.0/23 comment="" disabled=no
add list=nice address=203.29.26.0/23 comment="" disabled=no
add list=nice address=203.30.236.0/23 comment="" disabled=no
add list=nice address=203.30.254.0/23 comment="" disabled=no
add list=nice address=203.31.164.0/23 comment="" disabled=no
add list=nice address=203.34.118.0/23 comment="" disabled=no
add list=nice address=203.57.24.0/23 comment="" disabled=no
add list=nice address=203.77.214.0/23 comment="" disabled=no
add list=nice address=203.77.216.0/23 comment="" disabled=no
add list=nice address=203.77.240.0/23 comment="" disabled=no
add list=nice address=203.77.246.0/23 comment="" disabled=no
add list=nice address=203.79.26.0/23 comment="" disabled=no
add list=nice address=203.89.146.0/23 comment="" disabled=no
add list=nice address=203.89.148.0/23 comment="" disabled=no
add list=nice address=203.99.96.0/23 comment="" disabled=no
add list=nice address=203.99.102.0/23 comment="" disabled=no
add list=nice address=203.99.130.0/23 comment="" disabled=no
add list=nice address=203.134.232.0/23 comment="" disabled=no
add list=nice address=203.148.84.0/23 comment="" disabled=no
add list=nice address=203.153.60.0/23 comment="" disabled=no
add list=nice address=203.189.88.0/23 comment="" disabled=no
add list=nice address=203.189.120.0/23 comment="" disabled=no
add list=nice address=203.190.36.0/23 comment="" disabled=no
add list=nice address=203.190.48.0/23 comment="" disabled=no
add list=nice address=203.190.190.0/23 comment="" disabled=no
add list=nice address=203.194.70.0/23 comment="" disabled=no
add list=nice address=203.201.50.0/23 comment="" disabled=no
add list=nice address=203.201.166.0/23 comment="" disabled=no
add list=nice address=203.209.188.0/23 comment="" disabled=no
add list=nice address=203.210.80.0/23 comment="" disabled=no
add list=nice address=203.217.172.0/23 comment="" disabled=no
add list=nice address=203.223.90.0/23 comment="" disabled=no
add list=nice address=210.23.76.0/23 comment="" disabled=no
add list=nice address=219.83.124.0/23 comment="" disabled=no
add list=nice address=220.247.174.0/23 comment="" disabled=no
add list=nice address=223.255.224.0/23 comment="" disabled=no
add list=nice address=27.111.32.0/24 comment="" disabled=no
add list=nice address=27.111.36.0/24 comment="" disabled=no
add list=nice address=27.111.63.0/24 comment="" disabled=no
add list=nice address=27.131.249.0/24 comment="" disabled=no
add list=nice address=32.234.168.0/24 comment="" disabled=no
add list=nice address=32.234.170.0/24 comment="" disabled=no
add list=nice address=49.50.8.0/24 comment="" disabled=no
add list=nice address=49.128.191.0/24 comment="" disabled=no
add list=nice address=58.147.184.0/24 comment="" disabled=no
add list=nice address=58.147.188.0/24 comment="" disabled=no
add list=nice address=58.147.191.0/24 comment="" disabled=no
add list=nice address=101.0.6.0/24 comment="" disabled=no
add list=nice address=111.67.71.0/24 comment="" disabled=no
add list=nice address=111.67.73.0/24 comment="" disabled=no
add list=nice address=111.67.80.0/24 comment="" disabled=no
add list=nice address=111.67.83.0/24 comment="" disabled=no
add list=nice address=111.67.84.0/24 comment="" disabled=no
add list=nice address=111.67.91.0/24 comment="" disabled=no
add list=nice address=111.67.95.0/24 comment="" disabled=no
add list=nice address=111.92.164.0/24 comment="" disabled=no
add list=nice address=111.92.172.0/24 comment="" disabled=no
add list=nice address=112.78.39.0/24 comment="" disabled=no
add list=nice address=112.78.100.0/24 comment="" disabled=no
add list=nice address=112.78.188.0/24 comment="" disabled=no
add list=nice address=112.78.191.0/24 comment="" disabled=no
add list=nice address=112.215.5.0/24 comment="" disabled=no
add list=nice address=112.215.13.0/24 comment="" disabled=no
add list=nice address=112.215.16.0/24 comment="" disabled=no
add list=nice address=112.215.21.0/24 comment="" disabled=no
add list=nice address=112.215.27.0/24 comment="" disabled=no
add list=nice address=112.215.30.0/24 comment="" disabled=no
add list=nice address=112.215.33.0/24 comment="" disabled=no
add list=nice address=112.215.34.0/24 comment="" disabled=no
add list=nice address=112.215.37.0/24 comment="" disabled=no
add list=nice address=112.215.42.0/24 comment="" disabled=no
add list=nice address=112.215.46.0/24 comment="" disabled=no
add list=nice address=112.215.49.0/24 comment="" disabled=no
add list=nice address=114.1.3.0/24 comment="" disabled=no
add list=nice address=114.4.1.0/24 comment="" disabled=no
add list=nice address=114.4.5.0/24 comment="" disabled=no
add list=nice address=114.4.12.0/24 comment="" disabled=no
add list=nice address=114.4.16.0/24 comment="" disabled=no
add list=nice address=114.4.21.0/24 comment="" disabled=no
add list=nice address=114.4.35.0/24 comment="" disabled=no
add list=nice address=114.4.44.0/24 comment="" disabled=no
add list=nice address=114.4.47.0/24 comment="" disabled=no
add list=nice address=114.5.1.0/24 comment="" disabled=no
add list=nice address=114.5.5.0/24 comment="" disabled=no
add list=nice address=114.6.7.0/24 comment="" disabled=no
add list=nice address=114.6.8.0/24 comment="" disabled=no
add list=nice address=114.6.10.0/24 comment="" disabled=no
add list=nice address=114.6.14.0/24 comment="" disabled=no
add list=nice address=114.30.86.0/24 comment="" disabled=no
add list=nice address=114.129.18.0/24 comment="" disabled=no
add list=nice address=114.141.57.0/24 comment="" disabled=no
add list=nice address=114.141.60.0/24 comment="" disabled=no
add list=nice address=115.124.90.0/24 comment="" disabled=no
add list=nice address=115.166.123.0/24 comment="" disabled=no
add list=nice address=116.12.40.0/24 comment="" disabled=no
add list=nice address=116.12.43.0/24 comment="" disabled=no
add list=nice address=116.68.162.0/24 comment="" disabled=no
add list=nice address=116.68.165.0/24 comment="" disabled=no
add list=nice address=116.68.168.0/24 comment="" disabled=no
add list=nice address=116.68.230.0/24 comment="" disabled=no
add list=nice address=116.90.161.0/24 comment="" disabled=no
add list=nice address=116.90.165.0/24 comment="" disabled=no
add list=nice address=116.90.168.0/24 comment="" disabled=no
add list=nice address=116.199.205.0/24 comment="" disabled=no
add list=nice address=117.18.17.0/24 comment="" disabled=no
add list=nice address=117.18.20.0/24 comment="" disabled=no
add list=nice address=117.103.11.0/24 comment="" disabled=no
add list=nice address=118.91.128.0/24 comment="" disabled=no
add list=nice address=118.98.166.0/24 comment="" disabled=no
add list=nice address=118.98.221.0/24 comment="" disabled=no
add list=nice address=119.2.68.0/24 comment="" disabled=no
add list=nice address=119.18.156.0/24 comment="" disabled=no
add list=nice address=119.82.237.0/24 comment="" disabled=no
add list=nice address=119.82.239.0/24 comment="" disabled=no
add list=nice address=119.82.247.0/24 comment="" disabled=no
add list=nice address=119.110.74.0/24 comment="" disabled=no
add list=nice address=119.110.79.0/24 comment="" disabled=no
add list=nice address=119.252.171.0/24 comment="" disabled=no
add list=nice address=121.52.1.0/24 comment="" disabled=no
add list=nice address=121.52.25.0/24 comment="" disabled=no
add list=nice address=121.52.29.0/24 comment="" disabled=no
add list=nice address=121.52.35.0/24 comment="" disabled=no
add list=nice address=121.52.40.0/24 comment="" disabled=no
add list=nice address=121.52.42.0/24 comment="" disabled=no
add list=nice address=121.52.45.0/24 comment="" disabled=no
add list=nice address=121.52.62.0/24 comment="" disabled=no
add list=nice address=121.52.84.0/24 comment="" disabled=no
add list=nice address=121.52.91.0/24 comment="" disabled=no
add list=nice address=121.52.129.0/24 comment="" disabled=no
add list=nice address=122.102.52.0/24 comment="" disabled=no
add list=nice address=123.108.97.0/24 comment="" disabled=no
add list=nice address=123.176.124.0/24 comment="" disabled=no
add list=nice address=123.176.127.0/24 comment="" disabled=no
add list=nice address=124.158.141.0/24 comment="" disabled=no
add list=nice address=146.23.252.0/24 comment="" disabled=no
add list=nice address=146.23.254.0/24 comment="" disabled=no
add list=nice address=152.158.247.0/24 comment="" disabled=no
add list=nice address=175.103.36.0/24 comment="" disabled=no
add list=nice address=175.103.60.0/24 comment="" disabled=no
add list=nice address=175.184.248.0/24 comment="" disabled=no
add list=nice address=180.150.232.0/24 comment="" disabled=no
add list=nice address=180.150.244.0/24 comment="" disabled=no
add list=nice address=180.214.234.0/24 comment="" disabled=no
add list=nice address=180.233.119.0/24 comment="" disabled=no
add list=nice address=182.16.160.0/24 comment="" disabled=no
add list=nice address=182.23.40.0/24 comment="" disabled=no
add list=nice address=182.253.0.0/24 comment="" disabled=no
add list=nice address=192.5.5.0/24 comment="" disabled=no
add list=nice address=192.8.8.0/24 comment="" disabled=no
add list=nice address=192.23.186.0/24 comment="" disabled=no
add list=nice address=193.194.194.0/24 comment="" disabled=no
add list=nice address=194.0.1.0/24 comment="" disabled=no
add list=nice address=194.0.2.0/24 comment="" disabled=no
add list=nice address=202.1.236.0/24 comment="" disabled=no
add list=nice address=202.4.179.0/24 comment="" disabled=no
add list=nice address=202.4.185.0/24 comment="" disabled=no
add list=nice address=202.9.69.0/24 comment="" disabled=no
add list=nice address=202.9.85.0/24 comment="" disabled=no
add list=nice address=202.10.36.0/24 comment="" disabled=no
add list=nice address=202.10.39.0/24 comment="" disabled=no
add list=nice address=202.10.44.0/24 comment="" disabled=no
add list=nice address=202.10.61.0/24 comment="" disabled=no
add list=nice address=202.12.75.0/24 comment="" disabled=no
add list=nice address=202.14.255.0/24 comment="" disabled=no
add list=nice address=202.22.31.0/24 comment="" disabled=no
add list=nice address=202.37.120.0/24 comment="" disabled=no
add list=nice address=202.45.149.0/24 comment="" disabled=no
add list=nice address=202.46.11.0/24 comment="" disabled=no
add list=nice address=202.46.12.0/24 comment="" disabled=no
add list=nice address=202.46.129.0/24 comment="" disabled=no
add list=nice address=202.47.80.0/24 comment="" disabled=no
add list=nice address=202.47.88.0/24 comment="" disabled=no
add list=nice address=202.51.100.0/24 comment="" disabled=no
add list=nice address=202.51.108.0/24 comment="" disabled=no
add list=nice address=202.51.113.0/24 comment="" disabled=no
add list=nice address=202.51.115.0/24 comment="" disabled=no
add list=nice address=202.51.121.0/24 comment="" disabled=no
add list=nice address=202.51.220.0/24 comment="" disabled=no
add list=nice address=202.52.50.0/24 comment="" disabled=no
add list=nice address=202.52.52.0/24 comment="" disabled=no
add list=nice address=202.52.131.0/24 comment="" disabled=no
add list=nice address=202.52.132.0/24 comment="" disabled=no
add list=nice address=202.55.162.0/24 comment="" disabled=no
add list=nice address=202.55.172.0/24 comment="" disabled=no
add list=nice address=202.58.124.0/24 comment="" disabled=no
add list=nice address=202.59.192.0/24 comment="" disabled=no
add list=nice address=202.59.198.0/24 comment="" disabled=no
add list=nice address=202.59.255.0/24 comment="" disabled=no
add list=nice address=202.61.96.0/24 comment="" disabled=no
add list=nice address=202.61.126.0/24 comment="" disabled=no
add list=nice address=202.65.227.0/24 comment="" disabled=no
add list=nice address=202.70.136.0/24 comment="" disabled=no
add list=nice address=202.70.138.0/24 comment="" disabled=no
add list=nice address=202.72.196.0/24 comment="" disabled=no
add list=nice address=202.72.202.0/24 comment="" disabled=no
add list=nice address=202.72.206.0/24 comment="" disabled=no
add list=nice address=202.73.97.0/24 comment="" disabled=no
add list=nice address=202.74.43.0/24 comment="" disabled=no
add list=nice address=202.75.17.0/24 comment="" disabled=no
add list=nice address=202.75.22.0/24 comment="" disabled=no
add list=nice address=202.81.32.0/24 comment="" disabled=no
add list=nice address=202.87.245.0/24 comment="" disabled=no
add list=nice address=202.93.117.0/24 comment="" disabled=no
add list=nice address=202.93.119.0/24 comment="" disabled=no
add list=nice address=202.94.80.0/24 comment="" disabled=no
add list=nice address=202.94.83.0/24 comment="" disabled=no
add list=nice address=202.95.144.0/24 comment="" disabled=no
add list=nice address=202.95.147.0/24 comment="" disabled=no
add list=nice address=202.95.156.0/24 comment="" disabled=no
add list=nice address=202.124.203.0/24 comment="" disabled=no
add list=nice address=202.124.205.0/24 comment="" disabled=no
add list=nice address=202.135.5.0/24 comment="" disabled=no
add list=nice address=202.135.16.0/24 comment="" disabled=no
add list=nice address=202.135.23.0/24 comment="" disabled=no
add list=nice address=202.137.225.0/24 comment="" disabled=no
add list=nice address=202.137.230.0/24 comment="" disabled=no
add list=nice address=202.146.47.0/24 comment="" disabled=no
add list=nice address=202.146.142.0/24 comment="" disabled=no
add list=nice address=202.147.230.0/24 comment="" disabled=no
add list=nice address=202.147.234.0/24 comment="" disabled=no
add list=nice address=202.150.227.0/24 comment="" disabled=no
add list=nice address=202.151.8.0/24 comment="" disabled=no
add list=nice address=202.152.192.0/24 comment="" disabled=no
add list=nice address=202.152.199.0/24 comment="" disabled=no
add list=nice address=202.152.243.0/24 comment="" disabled=no
add list=nice address=202.152.244.0/24 comment="" disabled=no
add list=nice address=202.152.246.0/24 comment="" disabled=no
add list=nice address=202.153.159.0/24 comment="" disabled=no
add list=nice address=202.154.183.0/24 comment="" disabled=no
add list=nice address=202.154.185.0/24 comment="" disabled=no
add list=nice address=202.154.187.0/24 comment="" disabled=no
add list=nice address=202.158.129.0/24 comment="" disabled=no
add list=nice address=202.158.252.0/24 comment="" disabled=no
add list=nice address=202.160.254.0/24 comment="" disabled=no
add list=nice address=202.162.44.0/24 comment="" disabled=no
add list=nice address=202.167.97.0/24 comment="" disabled=no
add list=nice address=202.169.234.0/24 comment="" disabled=no
add list=nice address=202.169.236.0/24 comment="" disabled=no
add list=nice address=202.169.248.0/24 comment="" disabled=no
add list=nice address=202.171.233.0/24 comment="" disabled=no
add list=nice address=202.180.7.0/24 comment="" disabled=no
add list=nice address=202.180.10.0/24 comment="" disabled=no
add list=nice address=202.180.13.0/24 comment="" disabled=no
add list=nice address=202.180.14.0/24 comment="" disabled=no
add list=nice address=202.180.48.0/24 comment="" disabled=no
add list=nice address=202.180.51.0/24 comment="" disabled=no
add list=nice address=202.180.53.0/24 comment="" disabled=no
add list=nice address=202.182.166.0/24 comment="" disabled=no
add list=nice address=202.182.189.0/24 comment="" disabled=no
add list=nice address=203.14.176.0/24 comment="" disabled=no
add list=nice address=203.14.183.0/24 comment="" disabled=no
add list=nice address=203.19.4.0/24 comment="" disabled=no
add list=nice address=203.77.212.0/24 comment="" disabled=no
add list=nice address=203.77.220.0/24 comment="" disabled=no
add list=nice address=203.77.223.0/24 comment="" disabled=no
add list=nice address=203.77.255.0/24 comment="" disabled=no
add list=nice address=203.79.29.0/24 comment="" disabled=no
add list=nice address=203.99.98.0/24 comment="" disabled=no
add list=nice address=203.99.119.0/24 comment="" disabled=no
add list=nice address=203.99.120.0/24 comment="" disabled=no
add list=nice address=203.99.123.0/24 comment="" disabled=no
add list=nice address=203.99.127.0/24 comment="" disabled=no
add list=nice address=203.119.13.0/24 comment="" disabled=no
add list=nice address=203.119.17.0/24 comment="" disabled=no
add list=nice address=203.134.234.0/24 comment="" disabled=no
add list=nice address=203.134.238.0/24 comment="" disabled=no
add list=nice address=203.153.49.0/24 comment="" disabled=no
add list=nice address=203.160.128.0/24 comment="" disabled=no
add list=nice address=203.163.76.0/24 comment="" disabled=no
add list=nice address=203.163.81.0/24 comment="" disabled=no
add list=nice address=203.171.221.0/24 comment="" disabled=no
add list=nice address=203.173.89.0/24 comment="" disabled=no
add list=nice address=203.173.90.0/24 comment="" disabled=no
add list=nice address=203.174.5.0/24 comment="" disabled=no
add list=nice address=203.189.123.0/24 comment="" disabled=no
add list=nice address=203.190.51.0/24 comment="" disabled=no
add list=nice address=203.190.188.0/24 comment="" disabled=no
add list=nice address=203.194.90.0/24 comment="" disabled=no
add list=nice address=203.196.90.0/24 comment="" disabled=no
add list=nice address=203.207.52.0/24 comment="" disabled=no
add list=nice address=203.207.55.0/24 comment="" disabled=no
add list=nice address=203.207.59.0/24 comment="" disabled=no
add list=nice address=203.209.190.0/24 comment="" disabled=no
add list=nice address=203.210.83.0/24 comment="" disabled=no
add list=nice address=203.210.87.0/24 comment="" disabled=no
add list=nice address=203.215.48.0/24 comment="" disabled=no
add list=nice address=203.215.50.0/24 comment="" disabled=no
add list=nice address=203.217.140.0/24 comment="" disabled=no
add list=nice address=216.244.94.0/24 comment="" disabled=no
add list=nice address=218.100.70.0/24 comment="" disabled=no
add list=nice address=219.83.69.0/24 comment="" disabled=no
add list=nice address=219.83.70.0/24 comment="" disabled=no
add list=nice address=220.247.172.0/24 comment="" disabled=no
add list=nice address=119.110.118.0/24 comment="CONTENT-YOUTUBE" disabled=no
add list=nice address=192.168.10.0/24 comment="" disabled=no
add list="IP LADI" address=169.254.83.0/24 comment="IP Doel" disabled=no
add list=Per-IP address=192.168.10.11-192.168.10.19 comment="Range sisa IP \
yang tidak terpakai 11 - 19" disabled=no
add list=Per-IP address=192.168.10.133-192.168.10.253 comment="Range sisa IP \
yang tidak terpakai 133 - 253" disabled=no
add list=Per-IP address=192.168.10.21-192.168.10.100 comment="Range sisa IP \
yang tidak terpakai 21 - 100" disabled=no
add list=Per-IP address=192.168.10.101 comment="Kamar 01-a" disabled=no
add list=Per-IP address=192.168.10.102 comment="Kamar 01-b" disabled=no
add list=Per-IP address=192.168.10.103 comment="Kamar 02-a" disabled=yes
add list=Per-IP address=192.168.10.104 comment="Kamar 02-b" disabled=no
add list=Per-IP address=192.168.10.105 comment="Kamar 03-a" disabled=no
add list=Per-IP address=192.168.10.106 comment="Kamar 03-b" disabled=yes
add list=Per-IP address=192.168.10.107 comment="Kamar 04-a" disabled=no
add list=Per-IP address=192.168.10.109 comment="Kamar 05-a" disabled=no
add list=Per-IP address=192.168.10.108 comment="Kamar 04-b" disabled=no
add list=Per-IP address=192.168.10.110 comment="Kamar 05-b" disabled=no
add list=Per-IP address=192.168.10.111 comment="Kamar 06-a" disabled=no
add list=Per-IP address=192.168.10.112 comment="Kamar 06-b" disabled=no
add list=Per-IP address=192.168.10.113 comment="Kamar 07-a" disabled=no
add list=Per-IP address=192.168.10.114 comment="Kamar 07-b" disabled=yes
add list=Per-IP address=192.168.10.115 comment="Kamar 08-a" disabled=no
add list=Per-IP address=192.168.10.116 comment="Kamar 08-b" disabled=no
add list=Per-IP address=192.168.10.117 comment="Kamar 09-a" disabled=no
add list=Per-IP address=192.168.10.118 comment="Kamar 09-b" disabled=yes
add list=Per-IP address=192.168.10.119 comment="Kamar 10-a" disabled=no
add list=Per-IP address=192.168.10.120 comment="Kamar 10-b" disabled=no
add list=Per-IP address=192.168.10.121 comment="Kamar 11-a" disabled=no
add list=Per-IP address=192.168.10.122 comment="Kamar 11-b" disabled=no
add list=Per-IP address=192.168.10.123 comment="Kamar 12-a" disabled=no
add list=Per-IP address=192.168.10.124 comment="Kamar 12-b" disabled=no
add list=Per-IP address=192.168.10.125 comment="Kamar 13-a" disabled=no
add list=Per-IP address=192.168.10.126 comment="Kamar 13-b" disabled=no
add list=Per-IP address=192.168.10.127 comment="Kamar 14-a" disabled=no
add list=Per-IP address=192.168.10.128 comment="Kamar 14-b" disabled=no
add list=Per-IP address=192.168.10.129 comment="Kamar 15-a" disabled=no
add list=Per-IP address=192.168.10.130 comment="Kamar 15-b" disabled=no
add list=Per-IP address=192.168.10.131 comment="Kamar 16-a" disabled=yes
add list=Per-IP address=192.168.10.132 comment="Kamar 16-b" disabled=no
add list=IP_BLOCKED address=218.100.27.136 comment="" disabled=no
add list=IP_BLOCKED address=202.59.205.241 comment="" disabled=no
add list=nice address=180.233.152.0/24 comment="" disabled=yes
add list=illegal-addr address=0.0.0.0/8 comment="" disabled=no
add list=illegal-addr address=127.0.0.0/8 comment="" disabled=no
add list=illegal-addr address=224.0.0.0/4 comment="" disabled=no
add list=illegal-addr address=10.0.0.0/8 comment="" disabled=no
add list=illegal-addr address=172.16.0.0/12 comment="" disabled=no
add list=illegal-addr address=192.168.0.0/16 comment="" disabled=no
add list=illegal-addr address=192.0.0.0/24 comment="" disabled=no
add list=illegal-addr address=169.254.0.0/16 comment="" disabled=no
add list=illegal-addr address=192.0.2.0/24 comment="" disabled=no
add list=illegal-addr address=198.18.0.0/15 comment="" disabled=no
add list=illegal-addr address=198.51.100.0/24 comment="" disabled=no
add list=illegal-addr address=203.0.113.0/24 comment="" disabled=no
add list=Per-IP address=192.168.10.1 comment="client-net" disabled=yes
add list=Per-IP address=192.168.10.2 comment="" disabled=yes
add list=Per-IP address=192.168.10.3 comment="" disabled=yes
add list=Per-IP address=192.168.10.4 comment="" disabled=yes
add list=Per-IP address=192.168.10.5 comment="" disabled=yes
add list=Per-IP address=192.168.10.6 comment="" disabled=yes
add list=Per-IP address=192.168.10.7 comment="" disabled=yes
add list=Per-IP address=192.168.10.8 comment="" disabled=yes
add list=Per-IP address=192.168.10.9 comment="" disabled=yes
add list=Per-IP address=192.168.10.10 comment="" disabled=yes
add list=Per-IP address=192.168.10.20 comment="" disabled=yes
add list=traversal address=180.233.153.70 comment="" disabled=no
add list=traversal address=203.153.217.240/30 comment="" disabled=no
add list=traversal address=192.168.10.0/24 comment="" disabled=no
add list=local-addr address=203.153.217.240/30 comment="" disabled=no

/ ip firewall service-port
set ftp ports=21 disabled=yes
set tftp ports=69 disabled=yes
set irc ports=6667 disabled=yes
set h323 disabled=yes
set quake3 disabled=no
set mms disabled=no
set gre disabled=yes
set pptp disabled=yes

/ ip dhcp-server
add name="dhcp1" interface=LAN lease-time=1d address-pool=dhcp_pool1 \
bootp-support=static add-arp=yes disabled=yes
add name="dhcp2" interface=WAN lease-time=1h bootp-support=static disabled=yes

/ ip dhcp-server config
set store-leases-disk=5m

/ ip dhcp-server network
add address=122.129.102.64/27 gateway=122.129.102.84 comment="hotspot network"
add address=192.168.10.0/24 gateway=192.168.10.254 dns-server=0.0.0.0 \
comment=""

/ ip hotspot service-port
set ftp ports=21 disabled=no

/ ip hotspot profile
set maattt name="maattt" hotspot-address=0.0.0.0 dns-name="" \
html-directory=hotspot/tool rate-limit="" http-proxy=0.0.0.0:0 \
smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d \
split-user-domain=no use-radius=yes radius-accounting=yes \
radius-interim-update=received nas-port-type=wireless-802.11

/ ip hotspot user profile
set default name="default" idle-timeout=none keepalive-timeout=2m \
status-autorefresh=1m shared-users=1 transparent-proxy=yes \
open-status-page=always advertise=no

/ ip ipsec proposal
add name="default" auth-algorithms=sha1 enc-algorithms=3des lifetime=30m \
lifebytes=0 pfs-group=modp1024 disabled=no

/ ip web-proxy
set enabled=yes src-address=192.168.10.0 port=3218 hostname="GreenBerret" \
transparent-proxy=yes parent-proxy=???.???.???.???:8888 \
cache-administrator="matcodet@putra.indo.net.id" \
max-object-size=1000000KiB cache-drive=system max-cache-size=unlimited \
max-ram-cache-size=unlimited

/ ip web-proxy access
add src-address=192.168.10.0/24 url="path=*hackclient.exe" action=deny \
comment="" disabled=no
add src-address=192.168.10.0/24 url="path=*hackclient.zip" action=deny \
comment="" disabled=no
add src-address=192.168.10.0/24 url="path=*dd123.zip" action=deny comment="" \
disabled=no
add src-address=192.168.10.0/24 url="path=*dd123.exe" action=deny comment="" \
disabled=no
add src-address=192.168.10.0/24 url="*billingexplorer*" action=deny comment="" \
disabled=no
add src-address=192.168.10.0/24 url="*billingxp*" action=deny comment="" \
disabled=no
add url="loadadv.exe" action=deny comment="" disabled=no
add src-address=192.168.10.20/32 url="ytimg.com" action=deny comment="" \
disabled=yes
add src-address=192.168.0.20/32 url="facebook.com" action=deny comment="" \
disabled=yes
add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" \
disabled=no
add src-address=192.168.10.20/32 url="youtube.com" action=deny comment="" \
disabled=yes
add src-address=192.168.10.20/32 url="apps.facebook.com" action=deny \
comment="" disabled=yes
add src-address=192.168.10.20/32 url="indowebster.com" action=deny comment="" \
disabled=yes
add src-address=192.168.10.20/32 url="4shared.com" action=deny comment="" \
disabled=yes
add src-address=192.168.10.20/32 url="yahoo.com" action=deny comment="" \
disabled=yes
add src-address=192.168.10.20/32 url="google.co.id" action=deny comment="" \
disabled=yes
add src-address=192.168.10.20/32 url="google.com" action=deny comment="" \
disabled=yes

/ ip web-proxy cache
add src-address=192.168.10.0/24 action=allow comment="Local Allow" \
disabled=yes
add url="http*friendster*com" action=allow comment="Friendster" disabled=yes
add url="http*kaskus*us" action=allow comment="Kaskus" disabled=yes
add url="http*pu*go*id" action=allow comment="PU" disabled=yes
add url="http*detik*com" action=allow comment="Detik" disabled=yes
add url="http*detiksport*com" action=allow comment="Detik Sport" disabled=yes
add src-address=192.168.10.0/24 url="http*youtube*get_video*" action=allow \
comment="youtube" disabled=yes
add url="http*google*com" action=allow comment="Google" disabled=yes
add url="http*share*nigmae*net" action=allow comment="Nigmae" disabled=yes
add url="http*avaxhome*ru" action=allow comment="Avaxhome" disabled=yes
add url="http*yahoo*com" action=allow comment="Yahoo.com" disabled=yes
add url="http*nationalgeographic*" action=allow comment="NGM" disabled=yes
add url="http*primadonal*com" action=allow comment="Somebody" disabled=yes
add url="http*tribalwars*" action=allow comment="Tribalwars" disabled=yes
add url=":\\.flv\$ .jpg\$ .gif\$ .bmp\$ .tiff\$" action=allow comment="Cache \
File mp3, flv" disabled=yes
add url=":cgi-bin \\?" action=deny comment="don't cache dynamic http pages" \
disabled=yes

/ ip web-proxy direct
add dst-port=135 action=deny comment="" disabled=no
add dst-port=137 action=deny comment="" disabled=no
add dst-port=139 action=deny comment="" disabled=no
add dst-port=445 action=deny comment="" disabled=no
add dst-port=5933 action=deny comment="" disabled=no

/ system logging
add topics=info prefix="" action=memory disabled=no
add topics=error prefix="" action=memory disabled=no
add topics=warning prefix="" action=echo disabled=no
add topics=critical prefix="" action=echo disabled=no

/ system logging action
set memory name="memory" target=memory memory-lines=1000 \
memory-stop-on-full=no
set disk name="disk" target=disk disk-lines=10000 disk-stop-on-full=no
set echo name="echo" target=echo
set remote name="remote" target=remote remote=0.0.0.0:514

/ system script
add name="cacheflush" source="/ip dns cache flush" \
policy=ftp,reboot,read,write,policy,test,winbox,password
add name="restart" source="/system reboot" \
policy=ftp,reboot,read,write,policy,test,winbox,password

/ system upgrade mirror
set enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0 \
check-interval=1d user=""

/ system watchdog
set reboot-on-failure=yes watch-address=none watchdog-timer=yes \
no-ping-delay=5m automatic-supout=yes auto-send-supout=no

/ system console
add port=serial0 term="" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no

/ system console screen
set line-count=25

/ system identity
set name="Router_GreenNet"

/ system note
set show-at-login=yes note=""

/ system scheduler
add name="cache flush" on-event=cacheflush start-date=jan/01/1970 \
start-time=06:00:00 interval=3h comment="" disabled=no
add name="re-boot router" on-event=restart start-date=jan/01/1970 \
start-time=06:00:00 interval=1d comment="" disabled=no

/ system routerboard bios
set

/ system health
set state-after-reboot=enabled

/ system gps
set enabled=no set-system-time=no

/ system lcd
set enabled=no type=24x4 port=parallel contrast=0

/ system lcd page
set time display-time=5s disabled=yes
set resources display-time=5s disabled=yes
set uptime display-time=5s disabled=yes
set packets display-time=5s disabled=yes
set bits display-time=5s disabled=yes
set version display-time=5s disabled=yes
set LAN display-time=5s disabled=yes
set WAN display-time=5s disabled=yes

/ system ntp server
set enabled=no broadcast=no multicast=no manycast=yes

/ system ntp client
set enabled=no mode=unicast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0

/ port
set serial0 name="serial0" baud-rate=9600 data-bits=8 parity=none stop-bits=1 \
flow-control=hardware
set serial1 name="serial1" baud-rate=9600 data-bits=8 parity=none stop-bits=1 \
flow-control=hardware

/ ppp profile
set default name="default" use-compression=default use-vj-compression=default \
use-encryption=default only-one=default change-tcp-mss=default comment=""
set pppoe-client-default name="pppoe-client-default" use-compression=default \
use-vj-compression=default use-encryption=default only-one=default \
change-tcp-mss=default comment="added by setup"
add name="default-encryption" use-compression=default \
use-vj-compression=default use-encryption=yes only-one=default \
change-tcp-mss=default comment=""

/ ppp aaa
set use-radius=no accounting=yes interim-update=0s

/ queue type
set default name="default" kind=pfifo pfifo-limit=50
set ethernet-default name="ethernet-default" kind=pfifo pfifo-limit=50
set wireless-default name="wireless-default" kind=sfq sfq-perturb=5 \
sfq-allot=1514
set synchronous-default name="synchronous-default" kind=red red-limit=60 \
red-min-threshold=10 red-max-threshold=50 red-burst=20 red-avg-packet=1000
set hotspot-default name="hotspot-default" kind=sfq sfq-perturb=5 \
sfq-allot=1514

/ queue simple
add name="PB" target-addresses=0.0.0.0/0 dst-address=0.0.0.0/0 interface=all \
parent=none packet-marks=PB-P priority=1 queue=default/default \
limit-at=0/0 max-limit=0/0 total-queue=default disabled=no
add name="DANCE" target-addresses=0.0.0.0/0 dst-address=0.0.0.0/0 \
interface=all parent=none packet-marks=DANCE-P priority=1 \
queue=default/default limit-at=0/0 max-limit=0/0 total-queue=default \
disabled=no
add name="DOTA" target-addresses=0.0.0.0/0 dst-address=0.0.0.0/0 interface=all \
parent=none packet-marks=DOTA-P priority=1 queue=default/default \
limit-at=0/0 max-limit=0/0 total-queue=default disabled=no
add name="CS" target-addresses=0.0.0.0/0 dst-address=0.0.0.0/0 interface=all \
parent=none packet-marks=CS-P priority=1 queue=default/default \
limit-at=0/0 max-limit=0/0 total-queue=default disabled=no
add name="pc-01 All" target-addresses=192.168.10.1/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-02 All" target-addresses=192.168.10.2/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-03 All" target-addresses=192.168.10.3/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-04 All" target-addresses=192.168.10.4/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-05 All" target-addresses=192.168.10.5/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-06 All" target-addresses=192.168.10.6/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-07 All" target-addresses=192.168.10.7/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-08 All" target-addresses=192.168.10.8/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-09 All" target-addresses=192.168.10.9/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-10 All" target-addresses=192.168.10.10/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-20 All" target-addresses=192.168.10.20/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="02-a All" target-addresses=192.168.10.103/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="03-b All" target-addresses=192.168.10.106/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="07-b All" target-addresses=192.168.10.114/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="09-b All" target-addresses=192.168.10.118/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="16-a All" target-addresses=192.168.10.131/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no

/ queue tree
add name="DOWN" parent=WAN packet-mark="" limit-at=384000 queue=default \
priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 burst-time=0s \
disabled=yes
add name="UP" parent=WAN packet-mark="" limit-at=384000 queue=default \
priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 burst-time=0s \
disabled=yes
add name="20-int-d" parent=DOWN packet-mark=20-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="20-iix-u" parent=UP packet-mark=20-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="20-iix-d" parent=DOWN packet-mark=20-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="20-int-u" parent=UP packet-mark=20-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k16a-iix-d" parent=DOWN packet-mark=16a-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k16a-int-d" parent=DOWN packet-mark=16a-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k16a-iix-u" parent=UP packet-mark=16a-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k16a-int-u" parent=UP packet-mark=16a-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="06-iix-d" parent=DOWN packet-mark=06-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="06-int-d" parent=DOWN packet-mark=06-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="06-iix-u" parent=UP packet-mark=06-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="06-int-u" parent=UP packet-mark=06-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="05-iix-u" parent=UP packet-mark=05-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="05-int-u" parent=UP packet-mark=05-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="05-iix-d" parent=DOWN packet-mark=05-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="05-int-d" parent=DOWN packet-mark=05-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="04-iix-d" parent=DOWN packet-mark=04-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="01-iix-d" parent=DOWN packet-mark=01-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="02-iix-d" parent=DOWN packet-mark=02-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="03-iix-d" parent=DOWN packet-mark=03-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="01-int-d" parent=DOWN packet-mark=01-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="02-int-d" parent=DOWN packet-mark=02-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="03-int-d" parent=DOWN packet-mark=03-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="04-int-d" parent=DOWN packet-mark=04-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="07-iix-d" parent=DOWN packet-mark=07-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="08-iix-d" parent=DOWN packet-mark=08-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="09-iix-d" parent=DOWN packet-mark=09-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="10-iix-d" parent=DOWN packet-mark=10-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="07-int-d" parent=DOWN packet-mark=07-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="08-int-d" parent=DOWN packet-mark=08-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="09-int-d" parent=DOWN packet-mark=09-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="10-int-d" parent=DOWN packet-mark=10-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k09b-iix-d" parent=DOWN packet-mark=09b-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k02a-iix-d" parent=DOWN packet-mark=02a-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k03b-iix-d" parent=DOWN packet-mark=03b-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k02a-int-d" parent=DOWN packet-mark=02a-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k03b-int-d" parent=DOWN packet-mark=03b-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k09b-int-d" parent=DOWN packet-mark=09b-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="01-iix-u" parent=UP packet-mark=01-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="02-iix-u" parent=UP packet-mark=02-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="03-iix-u" parent=UP packet-mark=03-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="04-iix-u" parent=UP packet-mark=04-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="07-iix-u" parent=UP packet-mark=07-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="08-iix-u" parent=UP packet-mark=08-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="09-iix-u" parent=UP packet-mark=09-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="10-iix-u" parent=UP packet-mark=10-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="01-int-u" parent=UP packet-mark=01-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="02-int-u" parent=UP packet-mark=02-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="03-int-u" parent=UP packet-mark=03-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="04-int-u" parent=UP packet-mark=04-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="07-int-u" parent=UP packet-mark=07-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="08-int-u" parent=UP packet-mark=08-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="09-int-u" parent=UP packet-mark=09-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="10-int-u" parent=UP packet-mark=10-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k02a-iix-u" parent=UP packet-mark=02a-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k03b-iix-u" parent=UP packet-mark=03b-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k09b-iix-u" parent=UP packet-mark=09b-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k02a-int-u" parent=UP packet-mark=02a-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k03b-int-u" parent=UP packet-mark=03b-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k09b-int-u" parent=UP packet-mark=09b-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes

/ user
add name="admin" group=full address=0.0.0.0/0 comment="" disabled=no

/ user group
add name="read" policy=local,telnet,ssh,reboot,read,test,winbox,password,web,!f\
tp,!write,!policy
add name="write" policy=local,telnet,ssh,reboot,read,write,test,winbox,password\
,web,!ftp,!policy
add name="full" policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbo\
x,password,web

/ user aaa
set use-radius=no accounting=yes interim-update=0s default-group=read

/ radius incoming
set accept=no port=1700
/ driver
/ snmp
set enabled=no contact="aladi@indo.net.id" location="Beji Depok"

/ snmp community
set greenNet name="greenNet" address=0.0.0.0/0 read-access=yes

/ tool bandwidth-server
set enabled=yes authenticate=yes allocate-udp-ports-from=2000 max-sessions=10

/ tool mac-server ping
set enabled=yes

/ tool e-mail
set server=0.0.0.0 from="<>"

/ tool sniffer
set interface=all only-headers=no memory-limit=10 file-name="" file-limit=10 \
streaming-enabled=no streaming-server=0.0.0.0 filter-stream=yes \
filter-protocol=ip-only filter-address1=0.0.0.0/0:0-65535 \
filter-address2=0.0.0.0/0:0-65535

/ tool graphing
set store-every=5min

/ tool graphing interface
add interface=all allow-address=0.0.0.0/0 store-on-disk=yes disabled=no

/ tool netwatch
add host=???.???.???.??? timeout=1s interval=1m up-script="" down-script="" \
comment="Proxy aladi@indo.net.id" disabled=no
add host=192.168.10.1 timeout=1s interval=10m up-script="" down-script="" \
comment="Client" disabled=no
add host=192.168.10.2 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.3 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.4 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.5 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.6 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.7 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.8 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.9 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.10 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.20 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.103 timeout=1s interval=10m up-script="" down-script="" \
comment="kos-an" disabled=no
add host=192.168.10.114 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.131 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.118 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.106 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no

/ routing ospf
set router-id=0.0.0.0 distribute-default=never redistribute-connected=no \
redistribute-static=no redistribute-rip=no redistribute-bgp=no \
metric-default=1 metric-connected=20 metric-static=20 metric-rip=20 \
metric-bgp=20

/ routing ospf area
set backbone area-id=0.0.0.0 authentication=none prefix-list-import="" \
prefix-list-export="" disabled=no

/ routing bgp
set enabled=no as=1 router-id=0.0.0.0 redistribute-static=no \
redistribute-connected=no redistribute-rip=no redistribute-ospf=no

/ routing rip
set redistribute-static=no redistribute-connected=no redistribute-ospf=no \
redistribute-bgp=no metric-static=1 metric-connected=1 metric-ospf=1 \
metric-bgp=1 update-timer=30s timeout-timer=3m garbage-timer=2m

Mikrotik yang digunakan dengan script ini versi 2.9.7. Salam Codet.

BERITA PDRD

Laman

Daftar Blog Saya

Laman

Like ^_^

Statistik

Blog Archive

Entri Populer

Mengenai Saya

Edit Blockquote di Blogger

0 Comments

Tukar Link

0 Comments

Tool Kecil Untuk System XP --> matcodet ver. 2.1.0

0 Comments

Dmitry on firewalling

0 Comments

Block Port Virus

0 Comments

Dasar Hukum Perdagangan Forex

0 Comments

Photoshop : Menambah Nilai Saturation Pada Image Yang Pucat

0 Comments

Export Konfigurasi di Mikrotik Router GREEN@Net Univ. Ind.

0 Comments