Ini adalah hasil export konfigurasi dari mikrotik routerku di Green@Berret UI Depok, mungkin bisa berguna bagi rekan-rekan lainnya. Firewall nya disadur dari Dmitry Firewall dengan sedikit perubahan dibeberapa bagian.
Konfigurasi ini telah mencakup nice address, port virus, firewall, queue, dsb. Copy beberapa bagian saja yang dianggap perlu, terutama di bagian Ip firewall. Salam Codet.
/ interface ethernet
set LAN name="LAN" mtu=1500 mac-address=00:A0:B0:02:E7:5C arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
set WAN name="WAN" mtu=1500 mac-address=00:02:2A:C6:B5:53 arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
/ interface wireless security-profiles
set (unknown) name="default" mode=none wpa-unicast-ciphers="" \
wpa-group-ciphers="" pre-shared-key="" static-algo-0=none static-key-0="" \
static-algo-1=none static-key-1="" static-algo-2=none static-key-2="" \
static-algo-3=none static-key-3="" static-transmit-key=key-0 \
static-sta-private-algo=none static-sta-private-key="" \
radius-mac-authentication=no group-key-update=5m
/ interface wireless align
set frame-size=300 active-mode=yes receive-all=no \
audio-monitor=00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 ssid-all=no \
frames-per-second=25 audio-min=-100 audio-max=-20
/ interface wireless snooper
set multiple-channels=yes channel-time=200ms receive-errors=no
/ interface wireless sniffer
set multiple-channels=no channel-time=200ms only-headers=no receive-errors=no \
memory-limit=10 file-name="" file-limit=10 streaming-enabled=no \
streaming-server=0.0.0.0 streaming-max-rate=0
/ interface bridge port
set LAN bridge=none priority=128 path-cost=10
set WAN bridge=none priority=128 path-cost=10
/ interface l2tp-server server
set enabled=no max-mtu=1460 max-mru=1460 \
authentication=pap,chap,mschap1,mschap2 default-profile=default-encryption
/ interface pptp-server server
set enabled=no max-mtu=1460 max-mru=1460 authentication=mschap1,mschap2 \
keepalive-timeout=30 default-profile=default
/ ip pool
add name="dhcp_pool1" ranges=192.168.10.1-192.168.10.253
/ ip telephony region
/ ip telephony gatekeeper
set gatekeeper=none remote-id="" remote-address=0.0.0.0
/ ip telephony aaa
set use-radius-accounting=no interim-update=0s
/ ip telephony codec
move G.711-uLaw-64k/sw
move G.711-ALaw-64k/sw
move G.729A-8k/sw
move G.729-8k/sw
move G.723.1-6.3k/sw
move GSM-06.10-13.2k/sw
move LPC-10-2.5k/sw
/ ip service
set telnet port=2524 address=0.0.0.0/0 disabled=no
set ftp port=2520 address=0.0.0.0/0 disabled=yes
set www port=2581 address=0.0.0.0/0 disabled=no
set ssh port=1921 address=0.0.0.0/0 disabled=yes
set www-ssl port=443 address=0.0.0.0/0 certificate=none disabled=yes
/ ip upnp
set enabled=no allow-disable-external-interface=yes show-dummy-rule=yes
/ ip arp
add address=192.168.10.5 mac-address=00:30:18:AD:75:49 interface=LAN \
comment="" disabled=no
add address=192.168.10.6 mac-address=00:30:18:AD:75:A2 interface=LAN \
comment="" disabled=no
add address=192.168.10.20 mac-address=00:30:18:A4:9F:FB interface=LAN \
comment="" disabled=no
add address=192.168.10.9 mac-address=00:18:38:02:02:72 interface=LAN \
comment="" disabled=no
add address=192.168.10.10 mac-address=00:50:8D:BE:77:8C interface=LAN \
comment="" disabled=no
add address=192.168.10.7 mac-address=00:30:18:AD:75:47 interface=LAN \
comment="" disabled=no
add address=192.168.10.4 mac-address=00:30:18:AD:75:48 interface=LAN \
comment="" disabled=no
add address=192.168.10.2 mac-address=00:30:18:AD:76:36 interface=LAN \
comment="" disabled=no
add address=192.168.10.1 mac-address=00:30:18:AD:75:55 interface=LAN \
comment="klient-warnet" disabled=no
add address=192.168.10.3 mac-address=00:30:18:AD:76:47 interface=LAN \
comment="" disabled=no
add address=192.168.10.8 mac-address=00:50:8D:BF:F1:C6 interface=LAN \
comment="" disabled=no
/ ip socks
set enabled=no port=1080 connection-idle-timeout=2m max-connections=200
/ ip dns
set primary-dns=203.153.216.216 secondary-dns=203.153.217.252 \
allow-remote-requests=yes cache-size=6048KiB cache-max-ttl=1w
/ ip traffic-flow
set enabled=no interfaces=all cache-entries=4k active-flow-timeout=30m \
inactive-flow-timeout=15s
/ ip address
add address=192.168.10.254/24 network=192.168.10.0 broadcast=192.168.10.255 \
interface=LAN comment="WARNET-SEGMENT" disabled=no
add address=203.153.217.242/30 network=203.153.217.240 \
broadcast=203.153.217.243 interface=WAN comment="" disabled=no
/ ip accounting
set enabled=no threshold=256
/ ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ ip proxy
set enabled=no port=8080 parent-proxy=0.0.0.0:0 maximal-client-connecions=1000 \
maximal-server-connectons=1000
/ ip proxy access
add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" \
disabled=no
/ ip proxy direct
add src-address=192.168.10.0/24 action=allow comment="" disabled=no
add src-address=203.153.216.212 action=allow comment="" disabled=no
/ ip neighbor discovery
set LAN discover=yes
set WAN discover=yes
/ ip route
add dst-address=0.0.0.0/0 gateway=203.153.217.241 scope=255 target-scope=10 \
comment="" disabled=no
/ ip firewall mangle
add chain=prerouting in-interface=WAN dst-address-list=nat-addr \
action=mark-packet new-packet-mark=nat-traversal comment="Detect NAT \
Traversal" disabled=no
add chain=prerouting src-address-list=nat-addr dst-address-list=nice \
action=mark-connection new-connection-mark=IIX comment="TOTAL" disabled=no
add chain=prerouting src-address-list=nat-addr dst-address-list=!nice \
action=mark-connection new-connection-mark=INT comment="" disabled=no
add chain=prerouting connection-mark=IIX action=mark-packet \
new-packet-mark=IIX-P comment="" disabled=no
add chain=prerouting connection-mark=INT action=mark-packet \
new-packet-mark=INT-P comment="" disabled=no
add chain=prerouting protocol=udp dst-port=40000-40010 \
src-address-list=nat-addr dst-address-list=IP-PB action=mark-connection \
new-connection-mark=PB comment="PB" disabled=no
add chain=prerouting connection-mark=PB action=mark-packet \
new-packet-mark=PB-P comment="" disabled=no
add chain=prerouting protocol=tcp dst-port=18901-18909 \
src-address-list=nat-addr dst-address-list=IP-DANCE action=mark-connection \
new-connection-mark=DANCE comment="DANCE" disabled=no
add chain=prerouting connection-mark=DANCE action=mark-packet \
new-packet-mark=DANCE-P comment="" disabled=no
add chain=prerouting protocol=tcp dst-port=6110-6130 src-address-list=nat-addr \
dst-address-list=IP-DOTA action=mark-connection new-connection-mark=DOTA \
comment="DOTA" disabled=no
add chain=prerouting protocol=tcp dst-port=6348 src-address-list=nat-addr \
dst-address-list=IP-DOTA action=mark-connection new-connection-mark=DOTA \
comment="" disabled=no
add chain=prerouting connection-mark=DOTA action=mark-packet \
new-packet-mark=DOTA-P comment="" disabled=no
add chain=prerouting protocol=udp dst-port=27000-27030 \
src-address-list=nat-addr dst-address-list=IP-CS action=mark-connection \
new-connection-mark=CS comment="CS" disabled=no
add chain=prerouting connection-mark=CS action=mark-packet \
new-packet-mark=CS-P comment="" disabled=no
add chain=prerouting src-address-list=nat-addr action=accept \
comment="enable-proxy" disabled=no
add chain=forward protocol=tcp dst-port=2 action=mark-connection \
new-connection-mark=drop comment="PORT VIRUS" disabled=no
add chain=forward protocol=udp dst-port=9 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=21 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=25 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=31 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=41 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=48-50 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=58-59 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=53 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=79 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=99 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=110 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=113 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=119 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=121 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=123 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=135-139 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=135-139 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=146 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=146 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=421 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=445 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=445 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=456 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=531 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=555 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=593 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=605 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=666 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=777 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=911 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=999 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1001 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1010-1012 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1015 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1020 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1024 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1027 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1029 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1030 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1032 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1033 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1042 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=1045 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=1050 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=1080 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=1082 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=1090 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=1095 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=1097-1099 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=1170 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=1200 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=1201 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1207 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1214 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1234 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1243 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1245 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1269 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1313 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=1349 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1363 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1364 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1368 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1373 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1377 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1433 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1434 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1492 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1509 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1600 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1807 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1969 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1981 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=1999-2005 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2115 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2140 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2155 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2283 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2300 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2535 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2600 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2745 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=2989 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=3127-3129 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=3150 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=3332 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=3410 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=3456 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=3459 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=3700 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=3801 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=4000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=4242 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=4321 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=4444 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=4444 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=4567 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=4590 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5001 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5011 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5031 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5321 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5400-5402 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5512 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5550 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5554-5557 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5569 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=5637-5638 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6272 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6400 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6667 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6669 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6674 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6711-6713 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6771 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6776 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6969 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=6970 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=7000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=7215 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=7300 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=7301 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=7306-7308 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=7789 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=8787 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=8866 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=8897 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=8989 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=9400 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=9872-9876 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=9878 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=9898 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=9989 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=10000 action=mark-connection \
new-connection-mark=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=10067 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=10080 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=10086 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=10101 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=10167 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=10452 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=10520 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=10607 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=10666 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=11000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=11050 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=11223 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12076 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12223 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12345 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12346 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12349 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12361 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12362 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=12623 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12631 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=12973-12975 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=13000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=16484 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=16772 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=16969 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=17300 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=17777 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=19864 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=20000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=20001 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=20034 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=20203 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=20331 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=21554 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=22222 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=23456 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=23476 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=23477 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=26274 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=27374 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=27573 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=29891 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=30029 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=30100-30103 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=30999 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=30303 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=31336 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=31337 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=31337 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=31338-31339 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=31338 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=31666 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=31780 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=31785 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=31787-31789 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=31791 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=31792 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=32418 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=33333 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=33911 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=34324 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=34555 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=35555 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=36794 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=40412 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=40421-40423 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=40425 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=40426 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=47262 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=50766 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=52317 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=53001 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=54283 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=54320 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=54321 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=57341 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=60000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=61348 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=61466 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=61603 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=63485 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=65000 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=65432 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=65432 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=65506 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=forward protocol=tcp dst-port=65535 action=mark-connection \
new-connection-mark=drop comment="" disabled=no
add chain=prerouting protocol=tcp connection-state=new action=jump \
jump-target=tcp-services comment="Protocol classifier" disabled=no
add chain=prerouting protocol=udp connection-state=new action=jump \
jump-target=udp-services comment="" disabled=no
add chain=prerouting connection-state=new action=jump \
jump-target=other-services comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=20-21 \
action=mark-connection new-connection-mark=ftp comment="tcp-services" \
disabled=no
add chain=tcp-services protocol=tcp src-port=513-65535 dst-port=22 \
action=mark-connection new-connection-mark=ssh comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=23 \
action=mark-connection new-connection-mark=telnet comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=25 \
action=mark-connection new-connection-mark=smtp comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=53 dst-port=53 \
action=mark-connection new-connection-mark=dns comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=53 \
action=mark-connection new-connection-mark=dns comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=80 \
action=mark-connection new-connection-mark=http comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=110 \
action=mark-connection new-connection-mark=pop3 comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=113 \
action=mark-connection new-connection-mark=auth comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=119 \
action=mark-connection new-connection-mark=nntp comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=143 \
action=mark-connection new-connection-mark=imap comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=161-162 \
action=mark-connection new-connection-mark=snmp comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=443 \
action=mark-connection new-connection-mark=https comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=465 \
action=mark-connection new-connection-mark=smtps comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=993 \
action=mark-connection new-connection-mark=imaps comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=995 \
action=mark-connection new-connection-mark=pop3s comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=1723 \
action=mark-connection new-connection-mark=pptp comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=2379 \
action=mark-connection new-connection-mark=kgs comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=3218 \
action=mark-connection new-connection-mark=proxy comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=3389 \
action=mark-connection new-connection-mark=win-ts comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=4242-4243 \
action=mark-connection new-connection-mark=emule comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=4661-4662 dst-port=1024-65535 \
action=mark-connection new-connection-mark=overnet comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=4711 dst-port=1024-65535 \
action=mark-connection new-connection-mark=emule comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=5900-5901 \
action=mark-connection new-connection-mark=vnc comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=6667-6669 \
action=mark-connection new-connection-mark=irc comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=6881-6889 \
action=mark-connection new-connection-mark=bittorrent comment="" \
disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=8080 \
action=mark-connection new-connection-mark=http comment="" disabled=no
add chain=tcp-services protocol=tcp src-port=1024-65535 dst-port=8291 \
action=mark-connection new-connection-mark=winbox comment="" disabled=no
add chain=tcp-services protocol=tcp action=mark-connection \
new-connection-mark=other-tcp comment="other-tcp" disabled=no
add chain=udp-services protocol=udp src-port=1024-65535 dst-port=53 \
action=mark-connection new-connection-mark=dns comment="udp-services" \
disabled=no
add chain=udp-services protocol=udp src-port=1024-65535 dst-port=123 \
action=mark-connection new-connection-mark=ntp comment="" disabled=no
add chain=udp-services protocol=udp src-port=1024-65535 dst-port=1701 \
action=mark-connection new-connection-mark=l2tp comment="" disabled=no
add chain=udp-services protocol=udp src-port=1024-65535 dst-port=4665 \
action=mark-connection new-connection-mark=emule comment="" disabled=no
add chain=udp-services protocol=udp src-port=1024-65535 dst-port=4672 \
action=mark-connection new-connection-mark=emule comment="" disabled=no
add chain=udp-services protocol=udp src-port=4672 dst-port=1024-65535 \
action=mark-connection new-connection-mark=emule comment="" disabled=no
add chain=udp-services protocol=udp src-port=1024-65535 dst-port=12053 \
action=mark-connection new-connection-mark=overnet comment="" disabled=no
add chain=udp-services protocol=udp src-port=12053 dst-port=1024-65535 \
action=mark-connection new-connection-mark=overnet comment="" disabled=no
add chain=udp-services protocol=udp src-port=36725 dst-port=1024-65535 \
action=mark-connection new-connection-mark=skype comment="" disabled=no
add chain=udp-services protocol=udp connection-state=new \
action=mark-connection new-connection-mark=other-udp comment="other-udp" \
disabled=no
add chain=other-services protocol=icmp icmp-options=8:0-255 \
action=mark-connection new-connection-mark=ping comment="other-services" \
disabled=no
add chain=other-services protocol=gre action=mark-connection \
new-connection-mark=gre comment="" disabled=no
add chain=other-services action=mark-connection new-connection-mark=other \
comment="" disabled=no
/ ip firewall nat
add chain=srcnat out-interface=WAN src-address-list=nat-addr action=masquerade \
comment="" disabled=no
add chain=dstnat protocol=tcp dst-port=53 action=redirect to-ports=53 \
comment="" disabled=no
add chain=dstnat protocol=udp dst-port=53 action=redirect to-ports=53 \
comment="" disabled=no
add chain=dstnat protocol=tcp dst-port=80 src-address-list=nat-addr \
dst-address-list=!nice action=redirect to-ports=3218 comment="" \
disabled=no
add chain=dstnat dst-address=203.153.217.242 protocol=tcp dst-port=50210 \
src-address-list="IP LADI" action=dst-nat to-addresses=192.168.10.20 \
to-ports=4112 comment="" disabled=no
/ ip firewall connection tracking
set enabled=yes tcp-syn-sent-timeout=2m tcp-syn-received-timeout=1m \
tcp-established-timeout=5d tcp-fin-wait-timeout=2m \
tcp-close-wait-timeout=1m tcp-last-ack-timeout=30s \
tcp-time-wait-timeout=2m tcp-close-timeout=10s udp-timeout=30s \
udp-stream-timeout=3m icmp-timeout=30s generic-timeout=10m
/ ip firewall filter
add chain=input in-interface=LAN dst-address=255.255.255.255 protocol=udp \
dst-port=5678 action=accept \
comment="Recovery Winbox" disabled=no
add chain=input protocol=tcp dst-port=8291 src-address-list="IP LADI" \
action=accept comment="" disabled=no
add chain=input protocol=tcp dst-port=8291 src-address-list="!IP LADI" \
action=jump jump-target=drop comment="" disabled=no
add chain=input protocol=tcp dst-port=2524 src-address-list="IP LADI" \
action=accept comment="Recovery Telnet" disabled=no
add chain=input protocol=tcp dst-port=2524 src-address-list="!IP LADI" \
action=jump jump-target=drop comment="" disabled=no
add chain=forward protocol=icmp icmp-options=11:0 action=jump jump-target=drop \
comment="Drop Traceroute" disabled=no
add chain=forward protocol=icmp icmp-options=3:3 action=jump jump-target=drop \
comment="" disabled=no
add chain=input protocol=tcp dst-port=1337 action=add-src-to-address-list \
address-list=knock address-list-timeout=15s \
comment="knock" disabled=no
add chain=input protocol=tcp dst-port=7331 src-address-list=knock \
action=add-src-to-address-list address-list=safe address-list-timeout=15m \
comment="" disabled=no
add chain=input src-address-list=safe action=accept comment="" disabled=no
add chain=input in-interface=WAN src-address=0.0.0.0/0 protocol=tcp \
dst-port=7777 action=log log-prefix="" \
comment="Log Knock" disabled=no
add chain=input in-interface=WAN src-address=0.0.0.0/0 protocol=tcp \
dst-port=7777 action=add-src-to-address-list address-list=ssh_ok \
address-list-timeout=2h \
comment="SSH Knock" disabled=no
add chain=input in-interface=WAN src-address=0.0.0.0/0 protocol=tcp action=log \
log-prefix="" comment="" disabled=yes
add chain=input in-interface=WAN src-address=0.0.0.0/0 protocol=tcp \
dst-port=80 action=add-src-to-address-list address-list=ssh_ok \
address-list-timeout=1h comment="" disabled=no
add chain=input in-interface=WAN src-address=0.0.0.0/0 protocol=tcp \
dst-port=22 src-address-list=ssh_ok action=accept comment="" disabled=no
add chain=input src-address=0.0.0.0/0 protocol=tcp dst-port=22 action=drop \
comment="" disabled=no
add chain=input protocol=tcp connection-limit=3,32 src-address-list=black_list \
action=tarpit comment="suppress DoS attack" disabled=no
add chain=input protocol=tcp connection-limit=10,32 \
src-address-list=!local-addr action=add-src-to-address-list \
address-list=black_list address-list-timeout=1d \
comment="detect DoS attack selain dari ip local dan neghborhut" \
disabled=no
add chain=forward dst-address-list=IP_BLOCKED action=jump \
jump-target=ip-blocked \
comment="Blok IP-BLOCKED" disabled=no
add chain=forward src-address-list=Per-IP action=jump jump-target=ip-blocked \
comment="" disabled=no
add chain=ip-blocked action=log log-prefix="" comment="" disabled=no
add chain=ip-blocked action=jump jump-target=drop comment="" disabled=no
add chain=forward connection-mark=drop action=jump jump-target=drop \
comment="virus port" disabled=no
add chain=forward protocol=tcp tcp-flags=syn connection-state=new action=jump \
jump-target=SYN-Protect \
comment="Flood protect" disabled=no
add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5 \
connection-state=new action=accept comment="" disabled=no
add chain=SYN-Protect protocol=tcp tcp-flags=syn connection-state=new \
action=jump jump-target=drop comment="" disabled=no
add chain=forward protocol=udp dst-port=40000-40010 src-address-list=nat-addr \
dst-address-list=!IP-PB action=add-dst-to-address-list address-list=IP-PB \
address-list-timeout=1d \
comment="Filter IP - PB" disabled=no
add chain=forward protocol=tcp dst-port=18901-18909 src-address-list=nat-addr \
dst-address-list=!IP-DANCE action=add-dst-to-address-list \
address-list=IP-DANCE address-list-timeout=1d \
comment="Filter IP - AyoDance" disabled=no
add chain=forward protocol=tcp dst-port=6110-6130 src-address-list=nat-addr \
dst-address-list=!IP-DOTA action=add-dst-to-address-list \
address-list=IP-DOTA address-list-timeout=1d \
comment="Filter IP - DOTA" disabled=no
add chain=forward protocol=tcp dst-port=6348 src-address-list=nat-addr \
dst-address-list=!IP-DOTA action=add-dst-to-address-list \
address-list=IP-DOTA address-list-timeout=1d comment="" disabled=no
add chain=forward protocol=udp dst-port=27000-27030 src-address-list=nat-addr \
dst-address-list=!IP-CS action=add-dst-to-address-list address-list=IP-CS \
address-list-timeout=1d \
comment="Filter IP - CS" disabled=no
add chain=forward action=jump jump-target=chk-fwd \
comment="//////////////////////////////////////////////////////////////////\
/////////////////////////////////// CHECK FORWARD" disabled=no
add chain=chk-fwd packet-mark=nat-traversal action=jump jump-target=drop \
comment="Deny illegal NAT traversal" disabled=no
add chain=chk-fwd protocol=icmp icmp-options=0:0-255 limit=5,5 action=accept \
comment="Limited Ping Flood" disabled=no
add chain=chk-fwd protocol=icmp icmp-options=3:3 limit=5,5 action=accept \
comment="" disabled=no
add chain=chk-fwd protocol=icmp icmp-options=3:4 limit=5,5 action=accept \
comment="" disabled=no
add chain=chk-fwd protocol=icmp icmp-options=8:0-255 limit=5,5 action=accept \
comment="" disabled=no
add chain=chk-fwd protocol=icmp icmp-options=11:0-255 limit=5,5 action=accept \
comment="" disabled=no
add chain=chk-fwd protocol=icmp action=jump jump-target=drop comment="" \
disabled=no
add chain=chk-fwd protocol=tcp psd=21,3s,3,1 action=jump jump-target=drop \
comment="Port scanners to list " disabled=no
add chain=chk-fwd protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg \
action=jump jump-target=drop comment="" disabled=no
add chain=chk-fwd protocol=tcp tcp-flags=fin,syn action=jump jump-target=drop \
comment="" disabled=no
add chain=chk-fwd protocol=tcp tcp-flags=syn,rst action=jump jump-target=drop \
comment="" disabled=no
add chain=chk-fwd protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack \
action=jump jump-target=drop comment="" disabled=no
add chain=chk-fwd protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=jump \
jump-target=drop comment="" disabled=no
add chain=chk-fwd protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg \
action=jump jump-target=drop comment="" disabled=no
add chain=chk-fwd connection-state=invalid action=jump jump-target=drop \
comment="triple connection" disabled=no
add chain=chk-fwd connection-state=established action=accept comment="" \
disabled=no
add chain=chk-fwd connection-state=related action=accept comment="" \
disabled=no
add chain=chk-fwd dst-address-type=broadcast,multicast action=jump \
jump-target=drop comment="Drop all traffic that goes to \
multicast or broadcast addresses" disabled=no
add chain=chk-fwd in-interface=LAN dst-address-type=!local \
dst-address-list=illegal-addr action=jump jump-target=drop \
comment="Drop illegal destination addresses" disabled=no
add chain=chk-fwd in-interface=LAN src-address-list=!local-addr action=jump \
jump-target=drop comment="Drop everything that goes from local \
interface but not from local address" disabled=no
add chain=chk-fwd in-interface=WAN src-address-list=illegal-addr action=jump \
jump-target=drop comment="Drop illegal source addresses" \
disabled=no
add chain=chk-fwd in-interface=WAN dst-address-list=!local-addr action=jump \
jump-target=drop comment="Drop everything that goes from public \
interface but not to local address" disabled=no
add chain=chk-fwd src-address-type=broadcast,multicast action=jump \
jump-target=drop comment="Drop all traffic that comes from \
multicast or broadcast addresses" disabled=no
add chain=forward protocol=tcp action=jump jump-target=restrict-tcp \
comment="//////////////////////////////////////////////////////////////////\
/////////////////////////////////// Application-specific filters" \
disabled=no
add chain=forward protocol=udp action=jump jump-target=restrict-udp comment="" \
disabled=no
add chain=forward action=jump jump-target=restrict-ip comment="" disabled=no
add chain=restrict-tcp connection-mark=auth action=reject \
reject-with=icmp-network-unreachable comment="" disabled=no
add chain=restrict-tcp connection-mark=smtp action=jump \
jump-target=smtp-first-drop \
comment="anti-spam policy" disabled=no
add chain=smtp-first-drop src-address-list=first-smtp \
action=add-src-to-address-list address-list=approved-smtp \
address-list-timeout=0s comment="" disabled=no
add chain=smtp-first-drop src-address-list=approved-smtp action=return \
comment="" disabled=no
add chain=smtp-first-drop action=add-src-to-address-list \
address-list=first-smtp address-list-timeout=0s comment="" disabled=no
add chain=smtp-first-drop action=reject reject-with=icmp-network-unreachable \
comment="" disabled=no
add chain=restrict-tcp connection-mark=other-tcp action=jump jump-target=drop \
comment="Restricting services" disabled=no
add chain=restrict-udp connection-mark=other-udp action=jump jump-target=drop \
comment="" disabled=no
add chain=restrict-ip connection-mark=other action=jump jump-target=drop \
comment="" disabled=no
add chain=input src-address-type=local dst-address-type=local action=accept \
comment="/////////////////// PROTECT ROUTER \
///////////////////////////////////////////////////////////// Allow local \
traffic \(between router applications\)" disabled=no
add chain=input action=jump jump-target=chk-fwd \
comment="//////////////////////////////////////////////////////////////////\
/////////////////////////////////// CHECK INPUT" disabled=no
add chain=input dst-address-type=!local action=jump jump-target=drop \
comment="Dropping packets not destined to the router itself, \
including all broadcast traffic" disabled=no
add chain=input in-interface=LAN action=jump jump-target=local-services \
comment="Allowing some services to be accessible from the local \
network" disabled=no
add chain=input in-interface=WAN action=jump jump-target=public-services \
comment="Allowing some services to be accessible from the \
Internet" disabled=no
add chain=input src-address-list=!local-addr action=jump jump-target=drop \
comment="DROP INPUT" disabled=no
add chain=local-services connection-mark=ssh action=jump jump-target=drop \
comment="LOCAL SERVICE" disabled=no
add chain=local-services protocol=tcp dst-port=8291 action=accept comment="" \
disabled=no
add chain=local-services protocol=tcp dst-port=3218 action=accept comment="" \
disabled=no
add chain=local-services action=log log-prefix="" comment="" disabled=yes
add chain=public-services connection-mark=ssh action=jump jump-target=drop \
comment="PUBLIC SERVICE" disabled=no
add chain=public-services src-address-list=!local-addr action=jump \
jump-target=drop comment="" disabled=no
add chain=drop action=drop \
comment="DROPPPER" disabled=no
/ ip firewall address-list
add list=local-addr address=192.168.10.0/24 comment="" disabled=no
add list=nat-addr address=192.168.10.0/24 comment="" disabled=no
add list="IP LADI" address=202.53.224.0/19 comment="Kantor LADI" disabled=no
add list="IP LADI" address=180.214.232.0/24 comment="Kantor LADI" disabled=no
add list=IP_BLOCKED address=203.99.131.107 comment="" disabled=no
add list=IP_BLOCKED address=207.218.233.210 comment="" disabled=no
add list=IP_BLOCKED address=66.154.28.62 comment="" disabled=no
add list=IP_BLOCKED address=88.208.252.193 comment="" disabled=no
add list=IP_BLOCKED address=206.217.208.151 comment="" disabled=no
add list=IP_BLOCKED address=66.154.73.68 comment="" disabled=no
add list="IP LADI" address=114.120.0.0/13 comment="IP matcodet" disabled=no
add list="IP LADI" address=182.0.0.0/12 comment="IP matcodet" disabled=no
add list="IP LADI" address=202.159.104.0/27 comment="Kantor LADI" disabled=no
add list="IP LADI" address=202.153.224.0/19 comment="Kantor LADI" disabled=no
add list=IP_BLOCKED address=111.68.113.26 comment="" disabled=no
add list=IP_BLOCKED address=218.100.27.80 comment="" disabled=no
add list=IP_BLOCKED address=203.99.131.13 comment="" disabled=no
add list=IP_BLOCKED address=111.68.116.155 comment="" disabled=no
add list=nice address=182.0.0.0/12 comment="" disabled=no
add list=nice address=114.120.0.0/13 comment="" disabled=no
add list=nice address=120.168.0.0/13 comment="" disabled=no
add list=nice address=114.56.0.0/14 comment="" disabled=no
add list=nice address=120.166.0.0/15 comment="" disabled=no
add list=nice address=125.162.0.0/16 comment="" disabled=no
add list=nice address=125.163.0.0/16 comment="" disabled=no
add list=nice address=125.160.0.0/16 comment="" disabled=no
add list=nice address=125.161.0.0/16 comment="" disabled=no
add list=nice address=125.166.0.0/16 comment="" disabled=no
add list=nice address=125.167.0.0/16 comment="" disabled=no
add list=nice address=125.164.0.0/16 comment="" disabled=no
add list=nice address=125.165.0.0/16 comment="" disabled=no
add list=nice address=223.164.0.0/16 comment="" disabled=no
add list=nice address=180.251.0.0/16 comment="" disabled=no
add list=nice address=180.250.0.0/16 comment="" disabled=no
add list=nice address=180.249.0.0/16 comment="" disabled=no
add list=nice address=180.248.0.0/16 comment="" disabled=no
add list=nice address=180.254.0.0/16 comment="" disabled=no
add list=nice address=180.253.0.0/16 comment="" disabled=no
add list=nice address=180.252.0.0/16 comment="" disabled=no
add list=nice address=120.163.0.0/16 comment="" disabled=no
add list=nice address=180.243.0.0/16 comment="" disabled=no
add list=nice address=120.162.0.0/16 comment="" disabled=no
add list=nice address=180.242.0.0/16 comment="" disabled=no
add list=nice address=120.161.0.0/16 comment="" disabled=no
add list=nice address=180.241.0.0/16 comment="" disabled=no
add list=nice address=120.160.0.0/16 comment="" disabled=no
add list=nice address=180.247.0.0/16 comment="" disabled=no
add list=nice address=180.246.0.0/16 comment="" disabled=no
add list=nice address=180.245.0.0/16 comment="" disabled=no
add list=nice address=180.244.0.0/16 comment="" disabled=no
add list=nice address=124.81.0.0/16 comment="" disabled=no
add list=nice address=222.124.0.0/16 comment="" disabled=no
add list=nice address=61.94.0.0/16 comment="" disabled=no
add list=nice address=118.96.0.0/16 comment="" disabled=no
add list=nice address=118.97.0.0/16 comment="" disabled=no
add list=nice address=167.205.0.0/16 comment="" disabled=no
add list=nice address=110.139.0.0/16 comment="" disabled=no
add list=nice address=110.138.0.0/16 comment="" disabled=no
add list=nice address=110.137.0.0/16 comment="" disabled=no
add list=nice address=110.136.0.0/16 comment="" disabled=no
add list=nice address=119.11.128.0/17 comment="" disabled=no
add list=nice address=124.195.0.0/17 comment="" disabled=no
add list=nice address=118.98.0.0/17 comment="" disabled=no
add list=nice address=61.5.0.0/17 comment="" disabled=no
add list=nice address=202.158.0.0/17 comment="" disabled=no
add list=nice address=180.240.128.0/17 comment="" disabled=no
add list=nice address=202.155.0.0/17 comment="" disabled=no
add list=nice address=120.165.0.0/17 comment="" disabled=no
add list=nice address=118.99.64.0/18 comment="" disabled=no
add list=nice address=117.102.64.0/18 comment="" disabled=no
add list=nice address=152.118.128.0/18 comment="" disabled=no
add list=nice address=152.118.192.0/18 comment="" disabled=no
add list=nice address=152.118.0.0/18 comment="" disabled=no
add list=nice address=152.118.64.0/18 comment="" disabled=no
add list=nice address=221.132.192.0/18 comment="" disabled=no
add list=nice address=125.208.128.0/18 comment="" disabled=no
add list=nice address=124.153.0.0/18 comment="" disabled=no
add list=nice address=222.165.192.0/18 comment="" disabled=no
add list=nice address=203.130.192.0/18 comment="" disabled=no
add list=nice address=210.210.128.0/18 comment="" disabled=no
add list=nice address=113.11.128.0/19 comment="" disabled=no
add list=nice address=202.173.64.0/19 comment="" disabled=no
add list=nice address=114.199.96.0/19 comment="" disabled=no
add list=nice address=202.171.0.0/19 comment="" disabled=no
add list=nice address=202.47.192.0/19 comment="" disabled=no
add list=nice address=202.169.32.0/19 comment="" disabled=no
add list=nice address=117.102.224.0/19 comment="" disabled=no
add list=nice address=202.149.128.0/19 comment="" disabled=no
add list=nice address=202.149.64.0/19 comment="" disabled=no
add list=nice address=202.146.224.0/19 comment="" disabled=no
add list=nice address=202.155.128.0/19 comment="" disabled=no
add list=nice address=118.82.0.0/19 comment="" disabled=no
add list=nice address=60.253.96.0/19 comment="" disabled=no
add list=nice address=61.247.0.0/19 comment="" disabled=no
add list=nice address=61.247.32.0/19 comment="" disabled=no
add list=nice address=111.94.0.0/19 comment="" disabled=no
add list=nice address=111.94.32.0/19 comment="" disabled=no
add list=nice address=111.94.64.0/19 comment="" disabled=no
add list=nice address=111.94.96.0/19 comment="" disabled=no
add list=nice address=111.94.192.0/19 comment="" disabled=no
add list=nice address=111.95.0.0/19 comment="" disabled=no
add list=nice address=111.95.32.0/19 comment="" disabled=no
add list=nice address=111.95.64.0/19 comment="" disabled=no
add list=nice address=111.95.96.0/19 comment="" disabled=no
add list=nice address=111.95.128.0/19 comment="" disabled=no
add list=nice address=112.78.128.0/19 comment="" disabled=no
add list=nice address=114.79.0.0/19 comment="" disabled=no
add list=nice address=114.79.32.0/19 comment="" disabled=no
add list=nice address=117.104.192.0/19 comment="" disabled=no
add list=nice address=118.136.0.0/19 comment="" disabled=no
add list=nice address=118.136.32.0/19 comment="" disabled=no
add list=nice address=118.136.64.0/19 comment="" disabled=no
add list=nice address=118.136.96.0/19 comment="" disabled=no
add list=nice address=118.136.128.0/19 comment="" disabled=no
add list=nice address=118.136.160.0/19 comment="" disabled=no
add list=nice address=118.136.192.0/19 comment="" disabled=no
add list=nice address=118.136.224.0/19 comment="" disabled=no
add list=nice address=118.137.0.0/19 comment="" disabled=no
add list=nice address=118.137.32.0/19 comment="" disabled=no
add list=nice address=118.137.64.0/19 comment="" disabled=no
add list=nice address=118.137.96.0/19 comment="" disabled=no
add list=nice address=118.137.128.0/19 comment="" disabled=no
add list=nice address=118.137.160.0/19 comment="" disabled=no
add list=nice address=118.137.192.0/19 comment="" disabled=no
add list=nice address=118.137.224.0/19 comment="" disabled=no
add list=nice address=120.164.0.0/19 comment="" disabled=no
add list=nice address=123.231.224.0/19 comment="" disabled=no
add list=nice address=202.43.160.0/19 comment="" disabled=no
add list=nice address=202.46.64.0/19 comment="" disabled=no
add list=nice address=202.53.224.0/19 comment="" disabled=no
add list=nice address=202.77.96.0/19 comment="" disabled=no
add list=nice address=202.137.0.0/19 comment="" disabled=no
add list=nice address=202.148.0.0/19 comment="" disabled=no
add list=nice address=202.150.64.0/19 comment="" disabled=no
add list=nice address=202.152.0.0/19 comment="" disabled=no
add list=nice address=202.152.32.0/19 comment="" disabled=no
add list=nice address=202.153.224.0/19 comment="" disabled=no
add list=nice address=202.154.0.0/19 comment="" disabled=no
add list=nice address=202.154.32.0/19 comment="" disabled=no
add list=nice address=202.159.0.0/19 comment="" disabled=no
add list=nice address=202.159.32.0/19 comment="" disabled=no
add list=nice address=202.159.64.0/19 comment="" disabled=no
add list=nice address=202.159.96.0/19 comment="" disabled=no
add list=nice address=202.162.192.0/19 comment="" disabled=no
add list=nice address=203.123.224.0/19 comment="" disabled=no
add list=nice address=203.128.64.0/19 comment="" disabled=no
add list=nice address=203.153.96.0/19 comment="" disabled=no
add list=nice address=219.83.0.0/19 comment="" disabled=no
add list=nice address=219.83.32.0/19 comment="" disabled=no
add list=nice address=27.50.16.0/20 comment="" disabled=no
add list=nice address=27.124.80.0/20 comment="" disabled=no
add list=nice address=61.8.64.0/20 comment="" disabled=no
add list=nice address=110.5.96.0/20 comment="" disabled=no
add list=nice address=111.68.112.0/20 comment="" disabled=no
add list=nice address=111.94.128.0/20 comment="" disabled=no
add list=nice address=111.94.160.0/20 comment="" disabled=no
add list=nice address=111.94.224.0/20 comment="" disabled=no
add list=nice address=113.212.112.0/20 comment="" disabled=no
add list=nice address=114.199.80.0/20 comment="" disabled=no
add list=nice address=115.124.64.0/20 comment="" disabled=no
add list=nice address=116.213.48.0/20 comment="" disabled=no
add list=nice address=117.20.48.0/20 comment="" disabled=no
add list=nice address=117.74.112.0/20 comment="" disabled=no
add list=nice address=119.2.80.0/20 comment="" disabled=no
add list=nice address=119.235.16.0/20 comment="" disabled=no
add list=nice address=119.235.208.0/20 comment="" disabled=no
add list=nice address=121.52.64.0/20 comment="" disabled=no
add list=nice address=121.100.16.0/20 comment="" disabled=no
add list=nice address=122.129.96.0/20 comment="" disabled=no
add list=nice address=122.129.192.0/20 comment="" disabled=no
add list=nice address=122.200.0.0/20 comment="" disabled=no
add list=nice address=122.248.32.0/20 comment="" disabled=no
add list=nice address=175.158.32.0/20 comment="" disabled=no
add list=nice address=180.178.96.0/20 comment="" disabled=no
add list=nice address=180.214.240.0/20 comment="" disabled=no
add list=nice address=182.16.240.0/20 comment="" disabled=no
add list=nice address=182.23.16.0/20 comment="" disabled=no
add list=nice address=182.23.160.0/20 comment="" disabled=no
add list=nice address=182.48.160.0/20 comment="" disabled=no
add list=nice address=183.91.64.0/20 comment="" disabled=no
add list=nice address=184.86.64.0/20 comment="" disabled=no
add list=nice address=202.3.208.0/20 comment="" disabled=no
add list=nice address=202.6.208.0/20 comment="" disabled=no
add list=nice address=202.6.224.0/20 comment="" disabled=no
add list=nice address=202.46.144.0/20 comment="" disabled=no
add list=nice address=202.47.64.0/20 comment="" disabled=no
add list=nice address=202.51.192.0/20 comment="" disabled=no
add list=nice address=202.51.224.0/20 comment="" disabled=no
add list=nice address=202.57.0.0/20 comment="" disabled=no
add list=nice address=202.58.64.0/20 comment="" disabled=no
add list=nice address=202.58.160.0/20 comment="" disabled=no
add list=nice address=202.58.192.0/20 comment="" disabled=no
add list=nice address=202.59.160.0/20 comment="" disabled=no
add list=nice address=202.62.16.0/20 comment="" disabled=no
add list=nice address=202.65.112.0/20 comment="" disabled=no
add list=nice address=202.67.32.0/20 comment="" disabled=no
add list=nice address=202.69.96.0/20 comment="" disabled=no
add list=nice address=202.70.48.0/20 comment="" disabled=no
add list=nice address=202.72.208.0/20 comment="" disabled=no
add list=nice address=202.73.112.0/20 comment="" disabled=no
add list=nice address=202.73.224.0/20 comment="" disabled=no
add list=nice address=202.75.96.0/20 comment="" disabled=no
add list=nice address=202.78.192.0/20 comment="" disabled=no
add list=nice address=202.80.112.0/20 comment="" disabled=no
add list=nice address=202.80.208.0/20 comment="" disabled=no
add list=nice address=202.81.48.0/20 comment="" disabled=no
add list=nice address=202.87.176.0/20 comment="" disabled=no
add list=nice address=202.89.208.0/20 comment="" disabled=no
add list=nice address=202.92.192.0/20 comment="" disabled=no
add list=nice address=202.93.16.0/20 comment="" disabled=no
add list=nice address=202.93.32.0/20 comment="" disabled=no
add list=nice address=202.93.128.0/20 comment="" disabled=no
add list=nice address=202.93.224.0/20 comment="" disabled=no
add list=nice address=202.95.128.0/20 comment="" disabled=no
add list=nice address=202.122.160.0/20 comment="" disabled=no
add list=nice address=202.123.224.0/20 comment="" disabled=no
add list=nice address=202.127.96.0/20 comment="" disabled=no
add list=nice address=202.138.224.0/20 comment="" disabled=no
add list=nice address=202.143.32.0/20 comment="" disabled=no
add list=nice address=202.145.0.0/20 comment="" disabled=no
add list=nice address=202.147.192.0/20 comment="" disabled=no
add list=nice address=202.150.128.0/20 comment="" disabled=no
add list=nice address=202.150.160.0/20 comment="" disabled=no
add list=nice address=202.152.160.0/20 comment="" disabled=no
add list=nice address=202.152.224.0/20 comment="" disabled=no
add list=nice address=202.153.16.0/20 comment="" disabled=no
add list=nice address=202.165.32.0/20 comment="" disabled=no
add list=nice address=202.182.48.0/20 comment="" disabled=no
add list=nice address=203.77.224.0/20 comment="" disabled=no
add list=nice address=203.78.112.0/20 comment="" disabled=no
add list=nice address=203.83.32.0/20 comment="" disabled=no
add list=nice address=203.142.64.0/20 comment="" disabled=no
add list=nice address=203.161.16.0/20 comment="" disabled=no
add list=nice address=203.166.192.0/20 comment="" disabled=no
add list=nice address=210.57.208.0/20 comment="" disabled=no
add list=nice address=210.79.208.0/20 comment="" disabled=no
add list=nice address=210.247.240.0/20 comment="" disabled=no
add list=nice address=219.83.80.0/20 comment="" disabled=no
add list=nice address=219.83.96.0/20 comment="" disabled=no
add list=nice address=220.157.96.0/20 comment="" disabled=no
add list=nice address=223.25.96.0/20 comment="" disabled=no
add list=nice address=223.27.144.0/20 comment="" disabled=no
add list=nice address=27.112.64.0/21 comment="" disabled=no
add list=nice address=27.121.80.0/21 comment="" disabled=no
add list=nice address=27.123.0.0/21 comment="" disabled=no
add list=nice address=27.131.0.0/21 comment="" disabled=no
add list=nice address=49.128.176.0/21 comment="" disabled=no
add list=nice address=49.156.56.0/21 comment="" disabled=no
add list=nice address=58.65.240.0/21 comment="" disabled=no
add list=nice address=110.35.80.0/21 comment="" disabled=no
add list=nice address=110.44.168.0/21 comment="" disabled=no
add list=nice address=110.50.80.0/21 comment="" disabled=no
add list=nice address=110.76.144.0/21 comment="" disabled=no
add list=nice address=111.68.24.0/21 comment="" disabled=no
add list=nice address=111.94.176.0/21 comment="" disabled=no
add list=nice address=112.78.40.0/21 comment="" disabled=no
add list=nice address=112.78.168.0/21 comment="" disabled=no
add list=nice address=112.78.176.0/21 comment="" disabled=no
add list=nice address=112.109.16.0/21 comment="" disabled=no
add list=nice address=113.59.232.0/21 comment="" disabled=no
add list=nice address=113.212.160.0/21 comment="" disabled=no
add list=nice address=114.31.240.0/21 comment="" disabled=no
add list=nice address=114.110.16.0/21 comment="" disabled=no
add list=nice address=114.134.72.0/21 comment="" disabled=no
add list=nice address=114.141.48.0/21 comment="" disabled=no
add list=nice address=114.141.88.0/21 comment="" disabled=no
add list=nice address=115.69.216.0/21 comment="" disabled=no
add list=nice address=115.85.64.0/21 comment="" disabled=no
add list=nice address=115.124.80.0/21 comment="" disabled=no
add list=nice address=115.178.48.0/21 comment="" disabled=no
add list=nice address=115.178.120.0/21 comment="" disabled=no
add list=nice address=116.0.0.0/21 comment="" disabled=no
add list=nice address=116.50.24.0/21 comment="" disabled=no
add list=nice address=116.66.200.0/21 comment="" disabled=no
add list=nice address=116.68.248.0/21 comment="" disabled=no
add list=nice address=116.90.208.0/21 comment="" disabled=no
add list=nice address=116.197.128.0/21 comment="" disabled=no
add list=nice address=116.212.72.0/21 comment="" disabled=no
add list=nice address=116.254.96.0/21 comment="" disabled=no
add list=nice address=117.102.160.0/21 comment="" disabled=no
add list=nice address=117.103.0.0/21 comment="" disabled=no
add list=nice address=117.103.32.0/21 comment="" disabled=no
add list=nice address=117.103.48.0/21 comment="" disabled=no
add list=nice address=117.103.168.0/21 comment="" disabled=no
add list=nice address=117.121.200.0/21 comment="" disabled=no
add list=nice address=119.2.40.0/21 comment="" disabled=no
add list=nice address=119.2.72.0/21 comment="" disabled=no
add list=nice address=119.10.176.0/21 comment="" disabled=no
add list=nice address=119.47.88.0/21 comment="" disabled=no
add list=nice address=119.82.224.0/21 comment="" disabled=no
add list=nice address=119.110.64.0/21 comment="" disabled=no
add list=nice address=119.110.80.0/21 comment="" disabled=no
add list=nice address=119.235.248.0/21 comment="" disabled=no
add list=nice address=119.252.104.0/21 comment="" disabled=no
add list=nice address=119.252.128.0/21 comment="" disabled=no
add list=nice address=119.252.160.0/21 comment="" disabled=no
add list=nice address=120.29.152.0/21 comment="" disabled=no
add list=nice address=120.136.16.0/21 comment="" disabled=no
add list=nice address=120.164.40.0/21 comment="" disabled=no
add list=nice address=121.50.32.0/21 comment="" disabled=no
add list=nice address=121.52.48.0/21 comment="" disabled=no
add list=nice address=121.52.136.0/21 comment="" disabled=no
add list=nice address=121.58.184.0/21 comment="" disabled=no
add list=nice address=121.101.128.0/21 comment="" disabled=no
add list=nice address=121.101.184.0/21 comment="" disabled=no
add list=nice address=122.49.224.0/21 comment="" disabled=no
add list=nice address=122.102.40.0/21 comment="" disabled=no
add list=nice address=122.129.112.0/21 comment="" disabled=no
add list=nice address=122.144.0.0/21 comment="" disabled=no
add list=nice address=122.200.48.0/21 comment="" disabled=no
add list=nice address=122.200.144.0/21 comment="" disabled=no
add list=nice address=123.108.8.0/21 comment="" disabled=no
add list=nice address=123.255.200.0/21 comment="" disabled=no
add list=nice address=124.6.32.0/21 comment="" disabled=no
add list=nice address=124.40.248.0/21 comment="" disabled=no
add list=nice address=124.66.160.0/21 comment="" disabled=no
add list=nice address=124.158.128.0/21 comment="" disabled=no
add list=nice address=175.45.184.0/21 comment="" disabled=no
add list=nice address=175.106.8.0/21 comment="" disabled=no
add list=nice address=175.106.16.0/21 comment="" disabled=no
add list=nice address=175.111.112.0/21 comment="" disabled=no
add list=nice address=175.176.160.0/21 comment="" disabled=no
add list=nice address=180.211.88.0/21 comment="" disabled=no
add list=nice address=182.23.8.0/21 comment="" disabled=no
add list=nice address=182.255.0.0/21 comment="" disabled=no
add list=nice address=183.91.80.0/21 comment="" disabled=no
add list=nice address=202.43.248.0/21 comment="" disabled=no
add list=nice address=202.46.0.0/21 comment="" disabled=no
add list=nice address=202.46.24.0/21 comment="" disabled=no
add list=nice address=202.51.16.0/21 comment="" disabled=no
add list=nice address=202.51.208.0/21 comment="" disabled=no
add list=nice address=202.57.24.0/21 comment="" disabled=no
add list=nice address=202.58.176.0/21 comment="" disabled=no
add list=nice address=202.59.200.0/21 comment="" disabled=no
add list=nice address=202.67.8.0/21 comment="" disabled=no
add list=nice address=202.73.104.0/21 comment="" disabled=no
add list=nice address=202.74.72.0/21 comment="" disabled=no
add list=nice address=202.75.24.0/21 comment="" disabled=no
add list=nice address=202.87.248.0/21 comment="" disabled=no
add list=nice address=202.91.8.0/21 comment="" disabled=no
add list=nice address=202.91.24.0/21 comment="" disabled=no
add list=nice address=202.93.240.0/21 comment="" disabled=no
add list=nice address=202.122.8.0/21 comment="" disabled=no
add list=nice address=202.129.184.0/21 comment="" disabled=no
add list=nice address=202.133.0.0/21 comment="" disabled=no
add list=nice address=202.134.0.0/21 comment="" disabled=no
add list=nice address=202.138.240.0/21 comment="" disabled=no
add list=nice address=202.146.128.0/21 comment="" disabled=no
add list=nice address=202.146.176.0/21 comment="" disabled=no
add list=nice address=202.147.248.0/21 comment="" disabled=no
add list=nice address=202.152.248.0/21 comment="" disabled=no
add list=nice address=202.153.128.0/21 comment="" disabled=no
add list=nice address=202.153.144.0/21 comment="" disabled=no
add list=nice address=202.158.136.0/21 comment="" disabled=no
add list=nice address=202.162.32.0/21 comment="" disabled=no
add list=nice address=202.164.216.0/21 comment="" disabled=no
add list=nice address=202.169.224.0/21 comment="" disabled=no
add list=nice address=202.169.240.0/21 comment="" disabled=no
add list=nice address=202.173.16.0/21 comment="" disabled=no
add list=nice address=202.179.184.0/21 comment="" disabled=no
add list=nice address=202.182.168.0/21 comment="" disabled=no
add list=nice address=203.80.8.0/21 comment="" disabled=no
add list=nice address=203.81.184.0/21 comment="" disabled=no
add list=nice address=203.83.24.0/21 comment="" disabled=no
add list=nice address=203.84.136.0/21 comment="" disabled=no
add list=nice address=203.84.152.0/21 comment="" disabled=no
add list=nice address=203.89.24.0/21 comment="" disabled=no
add list=nice address=203.135.176.0/21 comment="" disabled=no
add list=nice address=203.142.80.0/21 comment="" disabled=no
add list=nice address=203.153.24.0/21 comment="" disabled=no
add list=nice address=203.160.56.0/21 comment="" disabled=no
add list=nice address=203.174.8.0/21 comment="" disabled=no
add list=nice address=203.190.40.0/21 comment="" disabled=no
add list=nice address=203.190.112.0/21 comment="" disabled=no
add list=nice address=203.190.240.0/21 comment="" disabled=no
add list=nice address=203.191.40.0/21 comment="" disabled=no
add list=nice address=203.201.168.0/21 comment="" disabled=no
add list=nice address=210.23.64.0/21 comment="" disabled=no
add list=nice address=219.83.72.0/21 comment="" disabled=no
add list=nice address=219.83.112.0/21 comment="" disabled=no
add list=nice address=222.229.80.0/21 comment="" disabled=no
add list=nice address=14.102.152.0/22 comment="" disabled=no
add list=nice address=27.112.76.0/22 comment="" disabled=no
add list=nice address=49.0.4.0/22 comment="" disabled=no
add list=nice address=49.0.24.0/22 comment="" disabled=no
add list=nice address=49.50.4.0/22 comment="" disabled=no
add list=nice address=49.128.184.0/22 comment="" disabled=no
add list=nice address=49.156.20.0/22 comment="" disabled=no
add list=nice address=58.145.172.0/22 comment="" disabled=no
add list=nice address=79.140.192.0/22 comment="" disabled=no
add list=nice address=101.203.168.0/22 comment="" disabled=no
add list=nice address=110.92.72.0/22 comment="" disabled=no
add list=nice address=110.93.12.0/22 comment="" disabled=no
add list=nice address=110.232.72.0/22 comment="" disabled=no
add list=nice address=110.232.80.0/22 comment="" disabled=no
add list=nice address=111.67.64.0/22 comment="" disabled=no
add list=nice address=111.67.76.0/22 comment="" disabled=no
add list=nice address=111.92.168.0/22 comment="" disabled=no
add list=nice address=111.221.40.0/22 comment="" disabled=no
add list=nice address=111.223.252.0/22 comment="" disabled=no
add list=nice address=112.78.184.0/22 comment="" disabled=no
add list=nice address=113.20.28.0/22 comment="" disabled=no
add list=nice address=113.52.148.0/22 comment="" disabled=no
add list=nice address=113.208.64.0/22 comment="" disabled=no
add list=nice address=114.30.80.0/22 comment="" disabled=no
add list=nice address=115.124.92.0/22 comment="" disabled=no
add list=nice address=115.166.96.0/22 comment="" disabled=no
add list=nice address=115.166.108.0/22 comment="" disabled=no
add list=nice address=115.166.124.0/22 comment="" disabled=no
add list=nice address=116.12.44.0/22 comment="" disabled=no
add list=nice address=116.90.176.0/22 comment="" disabled=no
add list=nice address=116.193.188.0/22 comment="" disabled=no
add list=nice address=116.199.200.0/22 comment="" disabled=no
add list=nice address=116.212.96.0/22 comment="" disabled=no
add list=nice address=117.103.56.0/22 comment="" disabled=no
add list=nice address=118.98.232.0/22 comment="" disabled=no
add list=nice address=119.2.64.0/22 comment="" disabled=no
add list=nice address=119.82.232.0/22 comment="" disabled=no
add list=nice address=119.82.240.0/22 comment="" disabled=no
add list=nice address=121.52.80.0/22 comment="" disabled=no
add list=nice address=121.52.92.0/22 comment="" disabled=no
add list=nice address=121.52.132.0/22 comment="" disabled=no
add list=nice address=122.102.48.0/22 comment="" disabled=no
add list=nice address=123.176.120.0/22 comment="" disabled=no
add list=nice address=124.6.40.0/22 comment="" disabled=no
add list=nice address=124.158.136.0/22 comment="" disabled=no
add list=nice address=138.32.236.0/22 comment="" disabled=no
add list=nice address=175.103.32.0/22 comment="" disabled=no
add list=nice address=175.103.40.0/22 comment="" disabled=no
add list=nice address=175.103.52.0/22 comment="" disabled=no
add list=nice address=175.103.56.0/22 comment="" disabled=no
add list=nice address=175.111.88.0/22 comment="" disabled=no
add list=nice address=180.131.144.0/22 comment="" disabled=no
add list=nice address=180.178.92.0/22 comment="" disabled=no
add list=nice address=180.222.216.0/22 comment="" disabled=no
add list=nice address=180.235.148.0/22 comment="" disabled=no
add list=nice address=182.23.4.0/22 comment="" disabled=no
add list=nice address=182.23.32.0/22 comment="" disabled=no
add list=nice address=182.255.16.0/22 comment="" disabled=no
add list=nice address=183.182.92.0/22 comment="" disabled=no
add list=nice address=184.86.96.0/22 comment="" disabled=no
add list=nice address=202.10.32.0/22 comment="" disabled=no
add list=nice address=202.10.40.0/22 comment="" disabled=no
add list=nice address=202.43.72.0/22 comment="" disabled=no
add list=nice address=202.43.92.0/22 comment="" disabled=no
add list=nice address=202.43.112.0/22 comment="" disabled=no
add list=nice address=202.51.28.0/22 comment="" disabled=no
add list=nice address=202.51.56.0/22 comment="" disabled=no
add list=nice address=202.51.96.0/22 comment="" disabled=no
add list=nice address=202.51.104.0/22 comment="" disabled=no
add list=nice address=202.51.116.0/22 comment="" disabled=no
add list=nice address=202.51.124.0/22 comment="" disabled=no
add list=nice address=202.51.216.0/22 comment="" disabled=no
add list=nice address=202.51.252.0/22 comment="" disabled=no
add list=nice address=202.55.164.0/22 comment="" disabled=no
add list=nice address=202.55.168.0/22 comment="" disabled=no
add list=nice address=202.57.16.0/22 comment="" disabled=no
add list=nice address=202.62.8.0/22 comment="" disabled=no
add list=nice address=202.70.132.0/22 comment="" disabled=no
add list=nice address=202.72.192.0/22 comment="" disabled=no
add list=nice address=202.81.4.0/22 comment="" disabled=no
add list=nice address=202.87.240.0/22 comment="" disabled=no
add list=nice address=202.93.112.0/22 comment="" disabled=no
add list=nice address=202.95.148.0/22 comment="" disabled=no
add list=nice address=202.95.152.0/22 comment="" disabled=no
add list=nice address=202.129.224.0/22 comment="" disabled=no
add list=nice address=202.138.248.0/22 comment="" disabled=no
add list=nice address=202.146.0.0/22 comment="" disabled=no
add list=nice address=202.146.32.0/22 comment="" disabled=no
add list=nice address=202.146.136.0/22 comment="" disabled=no
add list=nice address=202.147.224.0/22 comment="" disabled=no
add list=nice address=202.147.244.0/22 comment="" disabled=no
add list=nice address=202.151.12.0/22 comment="" disabled=no
add list=nice address=202.152.200.0/22 comment="" disabled=no
add list=nice address=202.153.136.0/22 comment="" disabled=no
add list=nice address=202.158.132.0/22 comment="" disabled=no
add list=nice address=202.162.40.0/22 comment="" disabled=no
add list=nice address=202.180.0.0/22 comment="" disabled=no
add list=nice address=202.182.160.0/22 comment="" disabled=no
add list=nice address=203.77.208.0/22 comment="" disabled=no
add list=nice address=203.114.224.0/22 comment="" disabled=no
add list=nice address=203.123.60.0/22 comment="" disabled=no
add list=nice address=203.128.248.0/22 comment="" disabled=no
add list=nice address=203.153.212.0/22 comment="" disabled=no
add list=nice address=203.153.216.0/22 comment="" disabled=no
add list=nice address=203.190.52.0/22 comment="" disabled=no
add list=nice address=203.190.184.0/22 comment="" disabled=no
add list=nice address=203.201.160.0/22 comment="" disabled=no
add list=nice address=203.217.132.0/22 comment="" disabled=no
add list=nice address=203.217.188.0/22 comment="" disabled=no
add list=nice address=210.23.72.0/22 comment="" disabled=no
add list=nice address=219.83.120.0/22 comment="" disabled=no
add list=nice address=220.247.168.0/22 comment="" disabled=no
add list=nice address=223.165.4.0/22 comment="" disabled=no
add list=nice address=27.131.250.0/23 comment="" disabled=no
add list=nice address=32.114.24.0/23 comment="" disabled=no
add list=nice address=49.128.188.0/23 comment="" disabled=no
add list=nice address=58.145.170.0/23 comment="" disabled=no
add list=nice address=101.0.4.0/23 comment="" disabled=no
add list=nice address=101.50.16.0/23 comment="" disabled=no
add list=nice address=110.232.68.0/23 comment="" disabled=no
add list=nice address=110.232.76.0/23 comment="" disabled=no
add list=nice address=110.232.84.0/23 comment="" disabled=no
add list=nice address=111.67.68.0/23 comment="" disabled=no
add list=nice address=111.67.74.0/23 comment="" disabled=no
add list=nice address=111.67.86.0/23 comment="" disabled=no
add list=nice address=111.67.88.0/23 comment="" disabled=no
add list=nice address=111.92.160.0/23 comment="" disabled=no
add list=nice address=111.92.174.0/23 comment="" disabled=no
add list=nice address=112.78.96.0/23 comment="" disabled=no
add list=nice address=112.215.6.0/23 comment="" disabled=no
add list=nice address=112.215.10.0/23 comment="" disabled=no
add list=nice address=112.215.14.0/23 comment="" disabled=no
add list=nice address=112.215.18.0/23 comment="" disabled=no
add list=nice address=112.215.22.0/23 comment="" disabled=no
add list=nice address=112.215.40.0/23 comment="" disabled=no
add list=nice address=114.4.14.0/23 comment="" disabled=no
add list=nice address=114.4.40.0/23 comment="" disabled=no
add list=nice address=114.6.12.0/23 comment="" disabled=no
add list=nice address=114.30.84.0/23 comment="" disabled=no
add list=nice address=114.134.64.0/23 comment="" disabled=no
add list=nice address=115.124.88.0/23 comment="" disabled=no
add list=nice address=115.166.100.0/23 comment="" disabled=no
add list=nice address=115.166.104.0/23 comment="" disabled=no
add list=nice address=115.178.128.0/23 comment="" disabled=no
add list=nice address=116.68.224.0/23 comment="" disabled=no
add list=nice address=116.90.162.0/23 comment="" disabled=no
add list=nice address=116.90.166.0/23 comment="" disabled=no
add list=nice address=116.90.170.0/23 comment="" disabled=no
add list=nice address=116.90.172.0/23 comment="" disabled=no
add list=nice address=117.18.18.0/23 comment="" disabled=no
add list=nice address=117.103.8.0/23 comment="" disabled=no
add list=nice address=117.103.14.0/23 comment="" disabled=no
add list=nice address=117.103.60.0/23 comment="" disabled=no
add list=nice address=118.98.222.0/23 comment="" disabled=no
add list=nice address=118.98.226.0/23 comment="" disabled=no
add list=nice address=119.2.70.0/23 comment="" disabled=no
add list=nice address=119.82.244.0/23 comment="" disabled=no
add list=nice address=119.110.72.0/23 comment="" disabled=no
add list=nice address=119.110.76.0/23 comment="" disabled=no
add list=nice address=119.252.168.0/23 comment="" disabled=no
add list=nice address=119.252.172.0/23 comment="" disabled=no
add list=nice address=121.52.58.0/23 comment="" disabled=no
add list=nice address=121.52.60.0/23 comment="" disabled=no
add list=nice address=121.52.86.0/23 comment="" disabled=no
add list=nice address=121.52.88.0/23 comment="" disabled=no
add list=nice address=121.52.130.0/23 comment="" disabled=no
add list=nice address=122.128.16.0/23 comment="" disabled=no
add list=nice address=122.128.24.0/23 comment="" disabled=no
add list=nice address=124.158.150.0/23 comment="" disabled=no
add list=nice address=124.158.152.0/23 comment="" disabled=no
add list=nice address=175.103.44.0/23 comment="" disabled=no
add list=nice address=175.103.62.0/23 comment="" disabled=no
add list=nice address=180.214.232.0/23 comment="" disabled=no
add list=nice address=182.48.176.0/23 comment="" disabled=no
add list=nice address=184.26.164.0/23 comment="" disabled=no
add list=nice address=202.4.160.0/23 comment="" disabled=no
add list=nice address=202.4.170.0/23 comment="" disabled=no
add list=nice address=202.8.28.0/23 comment="" disabled=no
add list=nice address=202.9.72.0/23 comment="" disabled=no
add list=nice address=202.10.62.0/23 comment="" disabled=no
add list=nice address=202.20.106.0/23 comment="" disabled=no
add list=nice address=202.20.108.0/23 comment="" disabled=no
add list=nice address=202.43.64.0/23 comment="" disabled=no
add list=nice address=202.43.88.0/23 comment="" disabled=no
add list=nice address=202.43.116.0/23 comment="" disabled=no
add list=nice address=202.46.8.0/23 comment="" disabled=no
add list=nice address=202.46.14.0/23 comment="" disabled=no
add list=nice address=202.46.130.0/23 comment="" disabled=no
add list=nice address=202.46.240.0/23 comment="" disabled=no
add list=nice address=202.46.252.0/23 comment="" disabled=no
add list=nice address=202.47.90.0/23 comment="" disabled=no
add list=nice address=202.51.60.0/23 comment="" disabled=no
add list=nice address=202.51.102.0/23 comment="" disabled=no
add list=nice address=202.51.110.0/23 comment="" disabled=no
add list=nice address=202.51.122.0/23 comment="" disabled=no
add list=nice address=202.51.222.0/23 comment="" disabled=no
add list=nice address=202.52.48.0/23 comment="" disabled=no
add list=nice address=202.52.58.0/23 comment="" disabled=no
add list=nice address=202.55.160.0/23 comment="" disabled=no
add list=nice address=202.58.238.0/23 comment="" disabled=no
add list=nice address=202.58.242.0/23 comment="" disabled=no
add list=nice address=202.59.194.0/23 comment="" disabled=no
add list=nice address=202.59.196.0/23 comment="" disabled=no
add list=nice address=202.61.98.0/23 comment="" disabled=no
add list=nice address=202.61.100.0/23 comment="" disabled=no
add list=nice address=202.61.104.0/23 comment="" disabled=no
add list=nice address=202.61.112.0/23 comment="" disabled=no
add list=nice address=202.61.124.0/23 comment="" disabled=no
add list=nice address=202.73.98.0/23 comment="" disabled=no
add list=nice address=202.73.100.0/23 comment="" disabled=no
add list=nice address=202.75.18.0/23 comment="" disabled=no
add list=nice address=202.75.20.0/23 comment="" disabled=no
add list=nice address=202.87.246.0/23 comment="" disabled=no
add list=nice address=202.89.116.0/23 comment="" disabled=no
add list=nice address=202.90.194.0/23 comment="" disabled=no
add list=nice address=202.90.198.0/23 comment="" disabled=no
add list=nice address=202.93.120.0/23 comment="" disabled=no
add list=nice address=202.94.84.0/23 comment="" disabled=no
add list=nice address=202.124.196.0/23 comment="" disabled=no
add list=nice address=202.125.80.0/23 comment="" disabled=no
add list=nice address=202.125.88.0/23 comment="" disabled=no
add list=nice address=202.125.100.0/23 comment="" disabled=no
add list=nice address=202.129.216.0/23 comment="" disabled=no
add list=nice address=202.135.6.0/23 comment="" disabled=no
add list=nice address=202.138.252.0/23 comment="" disabled=no
add list=nice address=202.146.4.0/23 comment="" disabled=no
add list=nice address=202.146.36.0/23 comment="" disabled=no
add list=nice address=202.147.228.0/23 comment="" disabled=no
add list=nice address=202.147.232.0/23 comment="" disabled=no
add list=nice address=202.147.240.0/23 comment="" disabled=no
add list=nice address=202.152.194.0/23 comment="" disabled=no
add list=nice address=202.152.196.0/23 comment="" disabled=no
add list=nice address=202.152.206.0/23 comment="" disabled=no
add list=nice address=202.152.240.0/23 comment="" disabled=no
add list=nice address=202.154.176.0/23 comment="" disabled=no
add list=nice address=202.158.130.0/23 comment="" disabled=no
add list=nice address=202.162.46.0/23 comment="" disabled=no
add list=nice address=202.169.232.0/23 comment="" disabled=no
add list=nice address=202.169.238.0/23 comment="" disabled=no
add list=nice address=202.180.4.0/23 comment="" disabled=no
add list=nice address=202.180.8.0/23 comment="" disabled=no
add list=nice address=202.180.54.0/23 comment="" disabled=no
add list=nice address=202.182.164.0/23 comment="" disabled=no
add list=nice address=202.182.176.0/23 comment="" disabled=no
add list=nice address=202.182.182.0/23 comment="" disabled=no
add list=nice address=202.182.184.0/23 comment="" disabled=no
add list=nice address=202.191.2.0/23 comment="" disabled=no
add list=nice address=203.24.76.0/23 comment="" disabled=no
add list=nice address=203.29.26.0/23 comment="" disabled=no
add list=nice address=203.30.236.0/23 comment="" disabled=no
add list=nice address=203.30.254.0/23 comment="" disabled=no
add list=nice address=203.31.164.0/23 comment="" disabled=no
add list=nice address=203.34.118.0/23 comment="" disabled=no
add list=nice address=203.57.24.0/23 comment="" disabled=no
add list=nice address=203.77.214.0/23 comment="" disabled=no
add list=nice address=203.77.216.0/23 comment="" disabled=no
add list=nice address=203.77.240.0/23 comment="" disabled=no
add list=nice address=203.77.246.0/23 comment="" disabled=no
add list=nice address=203.79.26.0/23 comment="" disabled=no
add list=nice address=203.89.146.0/23 comment="" disabled=no
add list=nice address=203.89.148.0/23 comment="" disabled=no
add list=nice address=203.99.96.0/23 comment="" disabled=no
add list=nice address=203.99.102.0/23 comment="" disabled=no
add list=nice address=203.99.130.0/23 comment="" disabled=no
add list=nice address=203.134.232.0/23 comment="" disabled=no
add list=nice address=203.148.84.0/23 comment="" disabled=no
add list=nice address=203.153.60.0/23 comment="" disabled=no
add list=nice address=203.189.88.0/23 comment="" disabled=no
add list=nice address=203.189.120.0/23 comment="" disabled=no
add list=nice address=203.190.36.0/23 comment="" disabled=no
add list=nice address=203.190.48.0/23 comment="" disabled=no
add list=nice address=203.190.190.0/23 comment="" disabled=no
add list=nice address=203.194.70.0/23 comment="" disabled=no
add list=nice address=203.201.50.0/23 comment="" disabled=no
add list=nice address=203.201.166.0/23 comment="" disabled=no
add list=nice address=203.209.188.0/23 comment="" disabled=no
add list=nice address=203.210.80.0/23 comment="" disabled=no
add list=nice address=203.217.172.0/23 comment="" disabled=no
add list=nice address=203.223.90.0/23 comment="" disabled=no
add list=nice address=210.23.76.0/23 comment="" disabled=no
add list=nice address=219.83.124.0/23 comment="" disabled=no
add list=nice address=220.247.174.0/23 comment="" disabled=no
add list=nice address=223.255.224.0/23 comment="" disabled=no
add list=nice address=27.111.32.0/24 comment="" disabled=no
add list=nice address=27.111.36.0/24 comment="" disabled=no
add list=nice address=27.111.63.0/24 comment="" disabled=no
add list=nice address=27.131.249.0/24 comment="" disabled=no
add list=nice address=32.234.168.0/24 comment="" disabled=no
add list=nice address=32.234.170.0/24 comment="" disabled=no
add list=nice address=49.50.8.0/24 comment="" disabled=no
add list=nice address=49.128.191.0/24 comment="" disabled=no
add list=nice address=58.147.184.0/24 comment="" disabled=no
add list=nice address=58.147.188.0/24 comment="" disabled=no
add list=nice address=58.147.191.0/24 comment="" disabled=no
add list=nice address=101.0.6.0/24 comment="" disabled=no
add list=nice address=111.67.71.0/24 comment="" disabled=no
add list=nice address=111.67.73.0/24 comment="" disabled=no
add list=nice address=111.67.80.0/24 comment="" disabled=no
add list=nice address=111.67.83.0/24 comment="" disabled=no
add list=nice address=111.67.84.0/24 comment="" disabled=no
add list=nice address=111.67.91.0/24 comment="" disabled=no
add list=nice address=111.67.95.0/24 comment="" disabled=no
add list=nice address=111.92.164.0/24 comment="" disabled=no
add list=nice address=111.92.172.0/24 comment="" disabled=no
add list=nice address=112.78.39.0/24 comment="" disabled=no
add list=nice address=112.78.100.0/24 comment="" disabled=no
add list=nice address=112.78.188.0/24 comment="" disabled=no
add list=nice address=112.78.191.0/24 comment="" disabled=no
add list=nice address=112.215.5.0/24 comment="" disabled=no
add list=nice address=112.215.13.0/24 comment="" disabled=no
add list=nice address=112.215.16.0/24 comment="" disabled=no
add list=nice address=112.215.21.0/24 comment="" disabled=no
add list=nice address=112.215.27.0/24 comment="" disabled=no
add list=nice address=112.215.30.0/24 comment="" disabled=no
add list=nice address=112.215.33.0/24 comment="" disabled=no
add list=nice address=112.215.34.0/24 comment="" disabled=no
add list=nice address=112.215.37.0/24 comment="" disabled=no
add list=nice address=112.215.42.0/24 comment="" disabled=no
add list=nice address=112.215.46.0/24 comment="" disabled=no
add list=nice address=112.215.49.0/24 comment="" disabled=no
add list=nice address=114.1.3.0/24 comment="" disabled=no
add list=nice address=114.4.1.0/24 comment="" disabled=no
add list=nice address=114.4.5.0/24 comment="" disabled=no
add list=nice address=114.4.12.0/24 comment="" disabled=no
add list=nice address=114.4.16.0/24 comment="" disabled=no
add list=nice address=114.4.21.0/24 comment="" disabled=no
add list=nice address=114.4.35.0/24 comment="" disabled=no
add list=nice address=114.4.44.0/24 comment="" disabled=no
add list=nice address=114.4.47.0/24 comment="" disabled=no
add list=nice address=114.5.1.0/24 comment="" disabled=no
add list=nice address=114.5.5.0/24 comment="" disabled=no
add list=nice address=114.6.7.0/24 comment="" disabled=no
add list=nice address=114.6.8.0/24 comment="" disabled=no
add list=nice address=114.6.10.0/24 comment="" disabled=no
add list=nice address=114.6.14.0/24 comment="" disabled=no
add list=nice address=114.30.86.0/24 comment="" disabled=no
add list=nice address=114.129.18.0/24 comment="" disabled=no
add list=nice address=114.141.57.0/24 comment="" disabled=no
add list=nice address=114.141.60.0/24 comment="" disabled=no
add list=nice address=115.124.90.0/24 comment="" disabled=no
add list=nice address=115.166.123.0/24 comment="" disabled=no
add list=nice address=116.12.40.0/24 comment="" disabled=no
add list=nice address=116.12.43.0/24 comment="" disabled=no
add list=nice address=116.68.162.0/24 comment="" disabled=no
add list=nice address=116.68.165.0/24 comment="" disabled=no
add list=nice address=116.68.168.0/24 comment="" disabled=no
add list=nice address=116.68.230.0/24 comment="" disabled=no
add list=nice address=116.90.161.0/24 comment="" disabled=no
add list=nice address=116.90.165.0/24 comment="" disabled=no
add list=nice address=116.90.168.0/24 comment="" disabled=no
add list=nice address=116.199.205.0/24 comment="" disabled=no
add list=nice address=117.18.17.0/24 comment="" disabled=no
add list=nice address=117.18.20.0/24 comment="" disabled=no
add list=nice address=117.103.11.0/24 comment="" disabled=no
add list=nice address=118.91.128.0/24 comment="" disabled=no
add list=nice address=118.98.166.0/24 comment="" disabled=no
add list=nice address=118.98.221.0/24 comment="" disabled=no
add list=nice address=119.2.68.0/24 comment="" disabled=no
add list=nice address=119.18.156.0/24 comment="" disabled=no
add list=nice address=119.82.237.0/24 comment="" disabled=no
add list=nice address=119.82.239.0/24 comment="" disabled=no
add list=nice address=119.82.247.0/24 comment="" disabled=no
add list=nice address=119.110.74.0/24 comment="" disabled=no
add list=nice address=119.110.79.0/24 comment="" disabled=no
add list=nice address=119.252.171.0/24 comment="" disabled=no
add list=nice address=121.52.1.0/24 comment="" disabled=no
add list=nice address=121.52.25.0/24 comment="" disabled=no
add list=nice address=121.52.29.0/24 comment="" disabled=no
add list=nice address=121.52.35.0/24 comment="" disabled=no
add list=nice address=121.52.40.0/24 comment="" disabled=no
add list=nice address=121.52.42.0/24 comment="" disabled=no
add list=nice address=121.52.45.0/24 comment="" disabled=no
add list=nice address=121.52.62.0/24 comment="" disabled=no
add list=nice address=121.52.84.0/24 comment="" disabled=no
add list=nice address=121.52.91.0/24 comment="" disabled=no
add list=nice address=121.52.129.0/24 comment="" disabled=no
add list=nice address=122.102.52.0/24 comment="" disabled=no
add list=nice address=123.108.97.0/24 comment="" disabled=no
add list=nice address=123.176.124.0/24 comment="" disabled=no
add list=nice address=123.176.127.0/24 comment="" disabled=no
add list=nice address=124.158.141.0/24 comment="" disabled=no
add list=nice address=146.23.252.0/24 comment="" disabled=no
add list=nice address=146.23.254.0/24 comment="" disabled=no
add list=nice address=152.158.247.0/24 comment="" disabled=no
add list=nice address=175.103.36.0/24 comment="" disabled=no
add list=nice address=175.103.60.0/24 comment="" disabled=no
add list=nice address=175.184.248.0/24 comment="" disabled=no
add list=nice address=180.150.232.0/24 comment="" disabled=no
add list=nice address=180.150.244.0/24 comment="" disabled=no
add list=nice address=180.214.234.0/24 comment="" disabled=no
add list=nice address=180.233.119.0/24 comment="" disabled=no
add list=nice address=182.16.160.0/24 comment="" disabled=no
add list=nice address=182.23.40.0/24 comment="" disabled=no
add list=nice address=182.253.0.0/24 comment="" disabled=no
add list=nice address=192.5.5.0/24 comment="" disabled=no
add list=nice address=192.8.8.0/24 comment="" disabled=no
add list=nice address=192.23.186.0/24 comment="" disabled=no
add list=nice address=193.194.194.0/24 comment="" disabled=no
add list=nice address=194.0.1.0/24 comment="" disabled=no
add list=nice address=194.0.2.0/24 comment="" disabled=no
add list=nice address=202.1.236.0/24 comment="" disabled=no
add list=nice address=202.4.179.0/24 comment="" disabled=no
add list=nice address=202.4.185.0/24 comment="" disabled=no
add list=nice address=202.9.69.0/24 comment="" disabled=no
add list=nice address=202.9.85.0/24 comment="" disabled=no
add list=nice address=202.10.36.0/24 comment="" disabled=no
add list=nice address=202.10.39.0/24 comment="" disabled=no
add list=nice address=202.10.44.0/24 comment="" disabled=no
add list=nice address=202.10.61.0/24 comment="" disabled=no
add list=nice address=202.12.75.0/24 comment="" disabled=no
add list=nice address=202.14.255.0/24 comment="" disabled=no
add list=nice address=202.22.31.0/24 comment="" disabled=no
add list=nice address=202.37.120.0/24 comment="" disabled=no
add list=nice address=202.45.149.0/24 comment="" disabled=no
add list=nice address=202.46.11.0/24 comment="" disabled=no
add list=nice address=202.46.12.0/24 comment="" disabled=no
add list=nice address=202.46.129.0/24 comment="" disabled=no
add list=nice address=202.47.80.0/24 comment="" disabled=no
add list=nice address=202.47.88.0/24 comment="" disabled=no
add list=nice address=202.51.100.0/24 comment="" disabled=no
add list=nice address=202.51.108.0/24 comment="" disabled=no
add list=nice address=202.51.113.0/24 comment="" disabled=no
add list=nice address=202.51.115.0/24 comment="" disabled=no
add list=nice address=202.51.121.0/24 comment="" disabled=no
add list=nice address=202.51.220.0/24 comment="" disabled=no
add list=nice address=202.52.50.0/24 comment="" disabled=no
add list=nice address=202.52.52.0/24 comment="" disabled=no
add list=nice address=202.52.131.0/24 comment="" disabled=no
add list=nice address=202.52.132.0/24 comment="" disabled=no
add list=nice address=202.55.162.0/24 comment="" disabled=no
add list=nice address=202.55.172.0/24 comment="" disabled=no
add list=nice address=202.58.124.0/24 comment="" disabled=no
add list=nice address=202.59.192.0/24 comment="" disabled=no
add list=nice address=202.59.198.0/24 comment="" disabled=no
add list=nice address=202.59.255.0/24 comment="" disabled=no
add list=nice address=202.61.96.0/24 comment="" disabled=no
add list=nice address=202.61.126.0/24 comment="" disabled=no
add list=nice address=202.65.227.0/24 comment="" disabled=no
add list=nice address=202.70.136.0/24 comment="" disabled=no
add list=nice address=202.70.138.0/24 comment="" disabled=no
add list=nice address=202.72.196.0/24 comment="" disabled=no
add list=nice address=202.72.202.0/24 comment="" disabled=no
add list=nice address=202.72.206.0/24 comment="" disabled=no
add list=nice address=202.73.97.0/24 comment="" disabled=no
add list=nice address=202.74.43.0/24 comment="" disabled=no
add list=nice address=202.75.17.0/24 comment="" disabled=no
add list=nice address=202.75.22.0/24 comment="" disabled=no
add list=nice address=202.81.32.0/24 comment="" disabled=no
add list=nice address=202.87.245.0/24 comment="" disabled=no
add list=nice address=202.93.117.0/24 comment="" disabled=no
add list=nice address=202.93.119.0/24 comment="" disabled=no
add list=nice address=202.94.80.0/24 comment="" disabled=no
add list=nice address=202.94.83.0/24 comment="" disabled=no
add list=nice address=202.95.144.0/24 comment="" disabled=no
add list=nice address=202.95.147.0/24 comment="" disabled=no
add list=nice address=202.95.156.0/24 comment="" disabled=no
add list=nice address=202.124.203.0/24 comment="" disabled=no
add list=nice address=202.124.205.0/24 comment="" disabled=no
add list=nice address=202.135.5.0/24 comment="" disabled=no
add list=nice address=202.135.16.0/24 comment="" disabled=no
add list=nice address=202.135.23.0/24 comment="" disabled=no
add list=nice address=202.137.225.0/24 comment="" disabled=no
add list=nice address=202.137.230.0/24 comment="" disabled=no
add list=nice address=202.146.47.0/24 comment="" disabled=no
add list=nice address=202.146.142.0/24 comment="" disabled=no
add list=nice address=202.147.230.0/24 comment="" disabled=no
add list=nice address=202.147.234.0/24 comment="" disabled=no
add list=nice address=202.150.227.0/24 comment="" disabled=no
add list=nice address=202.151.8.0/24 comment="" disabled=no
add list=nice address=202.152.192.0/24 comment="" disabled=no
add list=nice address=202.152.199.0/24 comment="" disabled=no
add list=nice address=202.152.243.0/24 comment="" disabled=no
add list=nice address=202.152.244.0/24 comment="" disabled=no
add list=nice address=202.152.246.0/24 comment="" disabled=no
add list=nice address=202.153.159.0/24 comment="" disabled=no
add list=nice address=202.154.183.0/24 comment="" disabled=no
add list=nice address=202.154.185.0/24 comment="" disabled=no
add list=nice address=202.154.187.0/24 comment="" disabled=no
add list=nice address=202.158.129.0/24 comment="" disabled=no
add list=nice address=202.158.252.0/24 comment="" disabled=no
add list=nice address=202.160.254.0/24 comment="" disabled=no
add list=nice address=202.162.44.0/24 comment="" disabled=no
add list=nice address=202.167.97.0/24 comment="" disabled=no
add list=nice address=202.169.234.0/24 comment="" disabled=no
add list=nice address=202.169.236.0/24 comment="" disabled=no
add list=nice address=202.169.248.0/24 comment="" disabled=no
add list=nice address=202.171.233.0/24 comment="" disabled=no
add list=nice address=202.180.7.0/24 comment="" disabled=no
add list=nice address=202.180.10.0/24 comment="" disabled=no
add list=nice address=202.180.13.0/24 comment="" disabled=no
add list=nice address=202.180.14.0/24 comment="" disabled=no
add list=nice address=202.180.48.0/24 comment="" disabled=no
add list=nice address=202.180.51.0/24 comment="" disabled=no
add list=nice address=202.180.53.0/24 comment="" disabled=no
add list=nice address=202.182.166.0/24 comment="" disabled=no
add list=nice address=202.182.189.0/24 comment="" disabled=no
add list=nice address=203.14.176.0/24 comment="" disabled=no
add list=nice address=203.14.183.0/24 comment="" disabled=no
add list=nice address=203.19.4.0/24 comment="" disabled=no
add list=nice address=203.77.212.0/24 comment="" disabled=no
add list=nice address=203.77.220.0/24 comment="" disabled=no
add list=nice address=203.77.223.0/24 comment="" disabled=no
add list=nice address=203.77.255.0/24 comment="" disabled=no
add list=nice address=203.79.29.0/24 comment="" disabled=no
add list=nice address=203.99.98.0/24 comment="" disabled=no
add list=nice address=203.99.119.0/24 comment="" disabled=no
add list=nice address=203.99.120.0/24 comment="" disabled=no
add list=nice address=203.99.123.0/24 comment="" disabled=no
add list=nice address=203.99.127.0/24 comment="" disabled=no
add list=nice address=203.119.13.0/24 comment="" disabled=no
add list=nice address=203.119.17.0/24 comment="" disabled=no
add list=nice address=203.134.234.0/24 comment="" disabled=no
add list=nice address=203.134.238.0/24 comment="" disabled=no
add list=nice address=203.153.49.0/24 comment="" disabled=no
add list=nice address=203.160.128.0/24 comment="" disabled=no
add list=nice address=203.163.76.0/24 comment="" disabled=no
add list=nice address=203.163.81.0/24 comment="" disabled=no
add list=nice address=203.171.221.0/24 comment="" disabled=no
add list=nice address=203.173.89.0/24 comment="" disabled=no
add list=nice address=203.173.90.0/24 comment="" disabled=no
add list=nice address=203.174.5.0/24 comment="" disabled=no
add list=nice address=203.189.123.0/24 comment="" disabled=no
add list=nice address=203.190.51.0/24 comment="" disabled=no
add list=nice address=203.190.188.0/24 comment="" disabled=no
add list=nice address=203.194.90.0/24 comment="" disabled=no
add list=nice address=203.196.90.0/24 comment="" disabled=no
add list=nice address=203.207.52.0/24 comment="" disabled=no
add list=nice address=203.207.55.0/24 comment="" disabled=no
add list=nice address=203.207.59.0/24 comment="" disabled=no
add list=nice address=203.209.190.0/24 comment="" disabled=no
add list=nice address=203.210.83.0/24 comment="" disabled=no
add list=nice address=203.210.87.0/24 comment="" disabled=no
add list=nice address=203.215.48.0/24 comment="" disabled=no
add list=nice address=203.215.50.0/24 comment="" disabled=no
add list=nice address=203.217.140.0/24 comment="" disabled=no
add list=nice address=216.244.94.0/24 comment="" disabled=no
add list=nice address=218.100.70.0/24 comment="" disabled=no
add list=nice address=219.83.69.0/24 comment="" disabled=no
add list=nice address=219.83.70.0/24 comment="" disabled=no
add list=nice address=220.247.172.0/24 comment="" disabled=no
add list=nice address=119.110.118.0/24 comment="CONTENT-YOUTUBE" disabled=no
add list=nice address=192.168.10.0/24 comment="" disabled=no
add list="IP LADI" address=169.254.83.0/24 comment="IP Doel" disabled=no
add list=Per-IP address=192.168.10.11-192.168.10.19 comment="Range sisa IP \
yang tidak terpakai 11 - 19" disabled=no
add list=Per-IP address=192.168.10.133-192.168.10.253 comment="Range sisa IP \
yang tidak terpakai 133 - 253" disabled=no
add list=Per-IP address=192.168.10.21-192.168.10.100 comment="Range sisa IP \
yang tidak terpakai 21 - 100" disabled=no
add list=Per-IP address=192.168.10.101 comment="Kamar 01-a" disabled=no
add list=Per-IP address=192.168.10.102 comment="Kamar 01-b" disabled=no
add list=Per-IP address=192.168.10.103 comment="Kamar 02-a" disabled=yes
add list=Per-IP address=192.168.10.104 comment="Kamar 02-b" disabled=no
add list=Per-IP address=192.168.10.105 comment="Kamar 03-a" disabled=no
add list=Per-IP address=192.168.10.106 comment="Kamar 03-b" disabled=yes
add list=Per-IP address=192.168.10.107 comment="Kamar 04-a" disabled=no
add list=Per-IP address=192.168.10.109 comment="Kamar 05-a" disabled=no
add list=Per-IP address=192.168.10.108 comment="Kamar 04-b" disabled=no
add list=Per-IP address=192.168.10.110 comment="Kamar 05-b" disabled=no
add list=Per-IP address=192.168.10.111 comment="Kamar 06-a" disabled=no
add list=Per-IP address=192.168.10.112 comment="Kamar 06-b" disabled=no
add list=Per-IP address=192.168.10.113 comment="Kamar 07-a" disabled=no
add list=Per-IP address=192.168.10.114 comment="Kamar 07-b" disabled=yes
add list=Per-IP address=192.168.10.115 comment="Kamar 08-a" disabled=no
add list=Per-IP address=192.168.10.116 comment="Kamar 08-b" disabled=no
add list=Per-IP address=192.168.10.117 comment="Kamar 09-a" disabled=no
add list=Per-IP address=192.168.10.118 comment="Kamar 09-b" disabled=yes
add list=Per-IP address=192.168.10.119 comment="Kamar 10-a" disabled=no
add list=Per-IP address=192.168.10.120 comment="Kamar 10-b" disabled=no
add list=Per-IP address=192.168.10.121 comment="Kamar 11-a" disabled=no
add list=Per-IP address=192.168.10.122 comment="Kamar 11-b" disabled=no
add list=Per-IP address=192.168.10.123 comment="Kamar 12-a" disabled=no
add list=Per-IP address=192.168.10.124 comment="Kamar 12-b" disabled=no
add list=Per-IP address=192.168.10.125 comment="Kamar 13-a" disabled=no
add list=Per-IP address=192.168.10.126 comment="Kamar 13-b" disabled=no
add list=Per-IP address=192.168.10.127 comment="Kamar 14-a" disabled=no
add list=Per-IP address=192.168.10.128 comment="Kamar 14-b" disabled=no
add list=Per-IP address=192.168.10.129 comment="Kamar 15-a" disabled=no
add list=Per-IP address=192.168.10.130 comment="Kamar 15-b" disabled=no
add list=Per-IP address=192.168.10.131 comment="Kamar 16-a" disabled=yes
add list=Per-IP address=192.168.10.132 comment="Kamar 16-b" disabled=no
add list=IP_BLOCKED address=218.100.27.136 comment="" disabled=no
add list=IP_BLOCKED address=202.59.205.241 comment="" disabled=no
add list=nice address=180.233.152.0/24 comment="" disabled=yes
add list=illegal-addr address=0.0.0.0/8 comment="" disabled=no
add list=illegal-addr address=127.0.0.0/8 comment="" disabled=no
add list=illegal-addr address=224.0.0.0/4 comment="" disabled=no
add list=illegal-addr address=10.0.0.0/8 comment="" disabled=no
add list=illegal-addr address=172.16.0.0/12 comment="" disabled=no
add list=illegal-addr address=192.168.0.0/16 comment="" disabled=no
add list=illegal-addr address=192.0.0.0/24 comment="" disabled=no
add list=illegal-addr address=169.254.0.0/16 comment="" disabled=no
add list=illegal-addr address=192.0.2.0/24 comment="" disabled=no
add list=illegal-addr address=198.18.0.0/15 comment="" disabled=no
add list=illegal-addr address=198.51.100.0/24 comment="" disabled=no
add list=illegal-addr address=203.0.113.0/24 comment="" disabled=no
add list=Per-IP address=192.168.10.1 comment="client-net" disabled=yes
add list=Per-IP address=192.168.10.2 comment="" disabled=yes
add list=Per-IP address=192.168.10.3 comment="" disabled=yes
add list=Per-IP address=192.168.10.4 comment="" disabled=yes
add list=Per-IP address=192.168.10.5 comment="" disabled=yes
add list=Per-IP address=192.168.10.6 comment="" disabled=yes
add list=Per-IP address=192.168.10.7 comment="" disabled=yes
add list=Per-IP address=192.168.10.8 comment="" disabled=yes
add list=Per-IP address=192.168.10.9 comment="" disabled=yes
add list=Per-IP address=192.168.10.10 comment="" disabled=yes
add list=Per-IP address=192.168.10.20 comment="" disabled=yes
add list=traversal address=180.233.153.70 comment="" disabled=no
add list=traversal address=203.153.217.240/30 comment="" disabled=no
add list=traversal address=192.168.10.0/24 comment="" disabled=no
add list=local-addr address=203.153.217.240/30 comment="" disabled=no
/ ip firewall service-port
set ftp ports=21 disabled=yes
set tftp ports=69 disabled=yes
set irc ports=6667 disabled=yes
set h323 disabled=yes
set quake3 disabled=no
set mms disabled=no
set gre disabled=yes
set pptp disabled=yes
/ ip dhcp-server
add name="dhcp1" interface=LAN lease-time=1d address-pool=dhcp_pool1 \
bootp-support=static add-arp=yes disabled=yes
add name="dhcp2" interface=WAN lease-time=1h bootp-support=static disabled=yes
/ ip dhcp-server config
set store-leases-disk=5m
/ ip dhcp-server network
add address=122.129.102.64/27 gateway=122.129.102.84 comment="hotspot network"
add address=192.168.10.0/24 gateway=192.168.10.254 dns-server=0.0.0.0 \
comment=""
/ ip hotspot service-port
set ftp ports=21 disabled=no
/ ip hotspot profile
set maattt name="maattt" hotspot-address=0.0.0.0 dns-name="" \
html-directory=hotspot/tool rate-limit="" http-proxy=0.0.0.0:0 \
smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d \
split-user-domain=no use-radius=yes radius-accounting=yes \
radius-interim-update=received nas-port-type=wireless-802.11
/ ip hotspot user profile
set default name="default" idle-timeout=none keepalive-timeout=2m \
status-autorefresh=1m shared-users=1 transparent-proxy=yes \
open-status-page=always advertise=no
/ ip ipsec proposal
add name="default" auth-algorithms=sha1 enc-algorithms=3des lifetime=30m \
lifebytes=0 pfs-group=modp1024 disabled=no
/ ip web-proxy
set enabled=yes src-address=192.168.10.0 port=3218 hostname="GreenBerret" \
transparent-proxy=yes parent-proxy=???.???.???.???:8888 \
cache-administrator="matcodet@putra.indo.net.id" \
max-object-size=1000000KiB cache-drive=system max-cache-size=unlimited \
max-ram-cache-size=unlimited
/ ip web-proxy access
add src-address=192.168.10.0/24 url="path=*hackclient.exe" action=deny \
comment="" disabled=no
add src-address=192.168.10.0/24 url="path=*hackclient.zip" action=deny \
comment="" disabled=no
add src-address=192.168.10.0/24 url="path=*dd123.zip" action=deny comment="" \
disabled=no
add src-address=192.168.10.0/24 url="path=*dd123.exe" action=deny comment="" \
disabled=no
add src-address=192.168.10.0/24 url="*billingexplorer*" action=deny comment="" \
disabled=no
add src-address=192.168.10.0/24 url="*billingxp*" action=deny comment="" \
disabled=no
add url="loadadv.exe" action=deny comment="" disabled=no
add src-address=192.168.10.20/32 url="ytimg.com" action=deny comment="" \
disabled=yes
add src-address=192.168.0.20/32 url="facebook.com" action=deny comment="" \
disabled=yes
add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" \
disabled=no
add src-address=192.168.10.20/32 url="youtube.com" action=deny comment="" \
disabled=yes
add src-address=192.168.10.20/32 url="apps.facebook.com" action=deny \
comment="" disabled=yes
add src-address=192.168.10.20/32 url="indowebster.com" action=deny comment="" \
disabled=yes
add src-address=192.168.10.20/32 url="4shared.com" action=deny comment="" \
disabled=yes
add src-address=192.168.10.20/32 url="yahoo.com" action=deny comment="" \
disabled=yes
add src-address=192.168.10.20/32 url="google.co.id" action=deny comment="" \
disabled=yes
add src-address=192.168.10.20/32 url="google.com" action=deny comment="" \
disabled=yes
/ ip web-proxy cache
add src-address=192.168.10.0/24 action=allow comment="Local Allow" \
disabled=yes
add url="http*friendster*com" action=allow comment="Friendster" disabled=yes
add url="http*kaskus*us" action=allow comment="Kaskus" disabled=yes
add url="http*pu*go*id" action=allow comment="PU" disabled=yes
add url="http*detik*com" action=allow comment="Detik" disabled=yes
add url="http*detiksport*com" action=allow comment="Detik Sport" disabled=yes
add src-address=192.168.10.0/24 url="http*youtube*get_video*" action=allow \
comment="youtube" disabled=yes
add url="http*google*com" action=allow comment="Google" disabled=yes
add url="http*share*nigmae*net" action=allow comment="Nigmae" disabled=yes
add url="http*avaxhome*ru" action=allow comment="Avaxhome" disabled=yes
add url="http*yahoo*com" action=allow comment="Yahoo.com" disabled=yes
add url="http*nationalgeographic*" action=allow comment="NGM" disabled=yes
add url="http*primadonal*com" action=allow comment="Somebody" disabled=yes
add url="http*tribalwars*" action=allow comment="Tribalwars" disabled=yes
add url=":\\.flv\$ .jpg\$ .gif\$ .bmp\$ .tiff\$" action=allow comment="Cache \
File mp3, flv" disabled=yes
add url=":cgi-bin \\?" action=deny comment="don't cache dynamic http pages" \
disabled=yes
/ ip web-proxy direct
add dst-port=135 action=deny comment="" disabled=no
add dst-port=137 action=deny comment="" disabled=no
add dst-port=139 action=deny comment="" disabled=no
add dst-port=445 action=deny comment="" disabled=no
add dst-port=5933 action=deny comment="" disabled=no
/ system logging
add topics=info prefix="" action=memory disabled=no
add topics=error prefix="" action=memory disabled=no
add topics=warning prefix="" action=echo disabled=no
add topics=critical prefix="" action=echo disabled=no
/ system logging action
set memory name="memory" target=memory memory-lines=1000 \
memory-stop-on-full=no
set disk name="disk" target=disk disk-lines=10000 disk-stop-on-full=no
set echo name="echo" target=echo
set remote name="remote" target=remote remote=0.0.0.0:514
/ system script
add name="cacheflush" source="/ip dns cache flush" \
policy=ftp,reboot,read,write,policy,test,winbox,password
add name="restart" source="/system reboot" \
policy=ftp,reboot,read,write,policy,test,winbox,password
/ system upgrade mirror
set enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0 \
check-interval=1d user=""
/ system watchdog
set reboot-on-failure=yes watch-address=none watchdog-timer=yes \
no-ping-delay=5m automatic-supout=yes auto-send-supout=no
/ system console
add port=serial0 term="" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
/ system console screen
set line-count=25
/ system identity
set name="Router_GreenNet"
/ system note
set show-at-login=yes note=""
/ system scheduler
add name="cache flush" on-event=cacheflush start-date=jan/01/1970 \
start-time=06:00:00 interval=3h comment="" disabled=no
add name="re-boot router" on-event=restart start-date=jan/01/1970 \
start-time=06:00:00 interval=1d comment="" disabled=no
/ system routerboard bios
set
/ system health
set state-after-reboot=enabled
/ system gps
set enabled=no set-system-time=no
/ system lcd
set enabled=no type=24x4 port=parallel contrast=0
/ system lcd page
set time display-time=5s disabled=yes
set resources display-time=5s disabled=yes
set uptime display-time=5s disabled=yes
set packets display-time=5s disabled=yes
set bits display-time=5s disabled=yes
set version display-time=5s disabled=yes
set LAN display-time=5s disabled=yes
set WAN display-time=5s disabled=yes
/ system ntp server
set enabled=no broadcast=no multicast=no manycast=yes
/ system ntp client
set enabled=no mode=unicast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/ port
set serial0 name="serial0" baud-rate=9600 data-bits=8 parity=none stop-bits=1 \
flow-control=hardware
set serial1 name="serial1" baud-rate=9600 data-bits=8 parity=none stop-bits=1 \
flow-control=hardware
/ ppp profile
set default name="default" use-compression=default use-vj-compression=default \
use-encryption=default only-one=default change-tcp-mss=default comment=""
set pppoe-client-default name="pppoe-client-default" use-compression=default \
use-vj-compression=default use-encryption=default only-one=default \
change-tcp-mss=default comment="added by setup"
add name="default-encryption" use-compression=default \
use-vj-compression=default use-encryption=yes only-one=default \
change-tcp-mss=default comment=""
/ ppp aaa
set use-radius=no accounting=yes interim-update=0s
/ queue type
set default name="default" kind=pfifo pfifo-limit=50
set ethernet-default name="ethernet-default" kind=pfifo pfifo-limit=50
set wireless-default name="wireless-default" kind=sfq sfq-perturb=5 \
sfq-allot=1514
set synchronous-default name="synchronous-default" kind=red red-limit=60 \
red-min-threshold=10 red-max-threshold=50 red-burst=20 red-avg-packet=1000
set hotspot-default name="hotspot-default" kind=sfq sfq-perturb=5 \
sfq-allot=1514
/ queue simple
add name="PB" target-addresses=0.0.0.0/0 dst-address=0.0.0.0/0 interface=all \
parent=none packet-marks=PB-P priority=1 queue=default/default \
limit-at=0/0 max-limit=0/0 total-queue=default disabled=no
add name="DANCE" target-addresses=0.0.0.0/0 dst-address=0.0.0.0/0 \
interface=all parent=none packet-marks=DANCE-P priority=1 \
queue=default/default limit-at=0/0 max-limit=0/0 total-queue=default \
disabled=no
add name="DOTA" target-addresses=0.0.0.0/0 dst-address=0.0.0.0/0 interface=all \
parent=none packet-marks=DOTA-P priority=1 queue=default/default \
limit-at=0/0 max-limit=0/0 total-queue=default disabled=no
add name="CS" target-addresses=0.0.0.0/0 dst-address=0.0.0.0/0 interface=all \
parent=none packet-marks=CS-P priority=1 queue=default/default \
limit-at=0/0 max-limit=0/0 total-queue=default disabled=no
add name="pc-01 All" target-addresses=192.168.10.1/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-02 All" target-addresses=192.168.10.2/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-03 All" target-addresses=192.168.10.3/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-04 All" target-addresses=192.168.10.4/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-05 All" target-addresses=192.168.10.5/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-06 All" target-addresses=192.168.10.6/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-07 All" target-addresses=192.168.10.7/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-08 All" target-addresses=192.168.10.8/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-09 All" target-addresses=192.168.10.9/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-10 All" target-addresses=192.168.10.10/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="pc-20 All" target-addresses=192.168.10.20/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="02-a All" target-addresses=192.168.10.103/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="03-b All" target-addresses=192.168.10.106/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="07-b All" target-addresses=192.168.10.114/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="09-b All" target-addresses=192.168.10.118/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
add name="16-a All" target-addresses=192.168.10.131/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=384000/384000 max-limit=384000/384000 total-queue=default \
disabled=no
/ queue tree
add name="DOWN" parent=WAN packet-mark="" limit-at=384000 queue=default \
priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 burst-time=0s \
disabled=yes
add name="UP" parent=WAN packet-mark="" limit-at=384000 queue=default \
priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 burst-time=0s \
disabled=yes
add name="20-int-d" parent=DOWN packet-mark=20-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="20-iix-u" parent=UP packet-mark=20-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="20-iix-d" parent=DOWN packet-mark=20-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="20-int-u" parent=UP packet-mark=20-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k16a-iix-d" parent=DOWN packet-mark=16a-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k16a-int-d" parent=DOWN packet-mark=16a-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k16a-iix-u" parent=UP packet-mark=16a-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k16a-int-u" parent=UP packet-mark=16a-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="06-iix-d" parent=DOWN packet-mark=06-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="06-int-d" parent=DOWN packet-mark=06-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="06-iix-u" parent=UP packet-mark=06-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="06-int-u" parent=UP packet-mark=06-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="05-iix-u" parent=UP packet-mark=05-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="05-int-u" parent=UP packet-mark=05-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="05-iix-d" parent=DOWN packet-mark=05-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="05-int-d" parent=DOWN packet-mark=05-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="04-iix-d" parent=DOWN packet-mark=04-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="01-iix-d" parent=DOWN packet-mark=01-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="02-iix-d" parent=DOWN packet-mark=02-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="03-iix-d" parent=DOWN packet-mark=03-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="01-int-d" parent=DOWN packet-mark=01-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="02-int-d" parent=DOWN packet-mark=02-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="03-int-d" parent=DOWN packet-mark=03-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="04-int-d" parent=DOWN packet-mark=04-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="07-iix-d" parent=DOWN packet-mark=07-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="08-iix-d" parent=DOWN packet-mark=08-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="09-iix-d" parent=DOWN packet-mark=09-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="10-iix-d" parent=DOWN packet-mark=10-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="07-int-d" parent=DOWN packet-mark=07-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="08-int-d" parent=DOWN packet-mark=08-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="09-int-d" parent=DOWN packet-mark=09-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="10-int-d" parent=DOWN packet-mark=10-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k09b-iix-d" parent=DOWN packet-mark=09b-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k02a-iix-d" parent=DOWN packet-mark=02a-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k03b-iix-d" parent=DOWN packet-mark=03b-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k02a-int-d" parent=DOWN packet-mark=02a-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k03b-int-d" parent=DOWN packet-mark=03b-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k09b-int-d" parent=DOWN packet-mark=09b-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="01-iix-u" parent=UP packet-mark=01-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="02-iix-u" parent=UP packet-mark=02-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="03-iix-u" parent=UP packet-mark=03-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="04-iix-u" parent=UP packet-mark=04-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="07-iix-u" parent=UP packet-mark=07-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="08-iix-u" parent=UP packet-mark=08-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="09-iix-u" parent=UP packet-mark=09-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="10-iix-u" parent=UP packet-mark=10-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="01-int-u" parent=UP packet-mark=01-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="02-int-u" parent=UP packet-mark=02-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="03-int-u" parent=UP packet-mark=03-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="04-int-u" parent=UP packet-mark=04-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="07-int-u" parent=UP packet-mark=07-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="08-int-u" parent=UP packet-mark=08-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="09-int-u" parent=UP packet-mark=09-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="10-int-u" parent=UP packet-mark=10-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k02a-iix-u" parent=UP packet-mark=02a-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k03b-iix-u" parent=UP packet-mark=03b-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k09b-iix-u" parent=UP packet-mark=09b-iix-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k02a-int-u" parent=UP packet-mark=02a-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k03b-int-u" parent=UP packet-mark=03b-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
add name="k09b-int-u" parent=UP packet-mark=09b-int-p limit-at=384000 \
queue=default priority=8 max-limit=384000 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=yes
/ user
add name="admin" group=full address=0.0.0.0/0 comment="" disabled=no
/ user group
add name="read" policy=local,telnet,ssh,reboot,read,test,winbox,password,web,!f\
tp,!write,!policy
add name="write" policy=local,telnet,ssh,reboot,read,write,test,winbox,password\
,web,!ftp,!policy
add name="full" policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbo\
x,password,web
/ user aaa
set use-radius=no accounting=yes interim-update=0s default-group=read
/ radius incoming
set accept=no port=1700
/ driver
/ snmp
set enabled=no contact="aladi@indo.net.id" location="Beji Depok"
/ snmp community
set greenNet name="greenNet" address=0.0.0.0/0 read-access=yes
/ tool bandwidth-server
set enabled=yes authenticate=yes allocate-udp-ports-from=2000 max-sessions=10
/ tool mac-server ping
set enabled=yes
/ tool e-mail
set server=0.0.0.0 from="<>"
/ tool sniffer
set interface=all only-headers=no memory-limit=10 file-name="" file-limit=10 \
streaming-enabled=no streaming-server=0.0.0.0 filter-stream=yes \
filter-protocol=ip-only filter-address1=0.0.0.0/0:0-65535 \
filter-address2=0.0.0.0/0:0-65535
/ tool graphing
set store-every=5min
/ tool graphing interface
add interface=all allow-address=0.0.0.0/0 store-on-disk=yes disabled=no
/ tool netwatch
add host=???.???.???.??? timeout=1s interval=1m up-script="" down-script="" \
comment="Proxy aladi@indo.net.id" disabled=no
add host=192.168.10.1 timeout=1s interval=10m up-script="" down-script="" \
comment="Client" disabled=no
add host=192.168.10.2 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.3 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.4 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.5 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.6 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.7 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.8 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.9 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.10 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.20 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.103 timeout=1s interval=10m up-script="" down-script="" \
comment="kos-an" disabled=no
add host=192.168.10.114 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.131 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.118 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
add host=192.168.10.106 timeout=1s interval=10m up-script="" down-script="" \
comment="" disabled=no
/ routing ospf
set router-id=0.0.0.0 distribute-default=never redistribute-connected=no \
redistribute-static=no redistribute-rip=no redistribute-bgp=no \
metric-default=1 metric-connected=20 metric-static=20 metric-rip=20 \
metric-bgp=20
/ routing ospf area
set backbone area-id=0.0.0.0 authentication=none prefix-list-import="" \
prefix-list-export="" disabled=no
/ routing bgp
set enabled=no as=1 router-id=0.0.0.0 redistribute-static=no \
redistribute-connected=no redistribute-rip=no redistribute-ospf=no
/ routing ripMikrotik yang digunakan dengan script ini versi 2.9.7. Salam Codet.
set redistribute-static=no redistribute-connected=no redistribute-ospf=no \
redistribute-bgp=no metric-static=1 metric-connected=1 metric-ospf=1 \
metric-bgp=1 update-timer=30s timeout-timer=3m garbage-timer=2m
Tidak ada komentar:
Posting Komentar