Sebelum mencoba ada baiknya kita membaca bismillah terlebih dahulu agar semuanya berjalan lancar :D
Baiklah saya akan mencoba menjelaskan bagaimana cara menandai paket-paket download di mikrotik dengan layer 7. Fungsinya tersebut agar dapat membatasi kecepatan download.
Pertama tandai paket untuk video di Layer7 dengan cara memasukan perintah di bawah ini ke Terminal :
/ip firewall layer7-protocol add name="http-video"
regexp="http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5][0-9][0-9][\\x09-\\x0d
-~]*(content-type: video)"
Contohnya seperti di bawah ini
Kemudian tandai paket-paket di Layer7 dengan extensi di bawah ini :
/ip firewall layer7-protocol add
name="file-msi" regexp="\\.(msi)"
/ip firewall layer7-protocol add
name="file-exe" regexp="\\.(exe)"
/ip firewall layer7-protocol add
name="file-rar" regexp="\\.(rar)"
/ip firewall layer7-protocol add
name="file-zip" regexp="\\.(zip)"
/ip firewall layer7-protocol add
name="file-7z" regexp="\\.(7z)"
/ip firewall layer7-protocol add
name="file-cab" regexp="\\.(cab)"
/ip firewall layer7-protocol add
name="file-asf" regexp="\\.(asf)"
/ip firewall layer7-protocol add
name="file-mov" regexp="\\.(mov)"
/ip firewall layer7-protocol add
name="file-wmv" regexp="\\.(wmv)"
/ip firewall layer7-protocol add
name="file-mpg" regexp="\\.(mpg)"
/ip firewall layer7-protocol add
name="file-mpeg" regexp="\\.(mpeg)"
/ip firewall layer7-protocol add
name="file-mkv" regexp="\\.(mkv)"
/ip firewall layer7-protocol add
name="file-avi" regexp="\\.(avi)"
/ip firewall layer7-protocol add
name="file-flv" regexp="\\.(flv)"
/ip firewall layer7-protocol add
name="file-pdf" regexp="\\.(pdf)"
/ip firewall layer7-protocol add
name="file-wav" regexp="\\.(wav)"
/ip firewall layer7-protocol add
name="file-rm" regexp="\\.(rm)"
/ip firewall layer7-protocol add name="file-mp3"
regexp="\\.(mp3)"
/ip firewall layer7-protocol add
name="file-mp4" regexp="\\.(mp4)"
/ip firewall layer7-protocol add
name="file-ram" regexp="\\.(ram)"
/ip firewall layer7-protocol add
name="file-rmvb" regexp="\\.(rmvb)"
/ip firewall layer7-protocol add
name="file-dat" regexp="\\.(dat)"
/ip firewall layer7-protocol add
name="file-daa" regexp="\\.(daa)"
/ip firewall layer7-protocol add
name="file-iso" regexp="\\.(iso)"
/ip firewall layer7-protocol add
name="file-nrg" regexp="\\.(nrg)"
/ip firewall layer7-protocol add
name="file-bin" regexp="\\.(bin)"
/ip firewall layer7-protocol add
name="file-vcd" regexp="\\.(vcd)"
/ip firewall layer7-protocol add
name="file-mp2" regexp="\\.(mp2)"
/ip firewall layer7-protocol add
name="file-3gp" regexp="\\.(3gp)"
/ip firewall layer7-protocol add
name="file-mpe" regexp="\\.(mpe)"
/ip firewall layer7-protocol add
name="file-qt" regexp="\\.(qt)"
/ip firewall layer7-protocol add
name="file-raw" regexp="\\.(raw)"
/ip firewall layer7-protocol add
name="file-wma" regexp="\\.(wma)"
/ip firewall layer7-protocol add
name="file-ogg" regexp="\\.(ogg)"
/ip firewall layer7-protocol add
name="file-webm" regexp="\\.(webm)"
/ip firewall layer7-protocol add
name="file-gz" regexp="\\.(gz)"
/ip firewall layer7-protocol add name="file-tar"
regexp="\\.(tar)"
/ip firewall layer7-protocol add
name="file-rpm" regexp="\\.(rpm)"
/ip firewall layer7-protocol add
name="file-dmg" regexp=\\.(dmg)”
Jika sudah pastikan sama dengan gambar di bawah ini
Setelah itu buatkanlah address list untuk jalur LAN, dengan mengetik perintah di bawah ini di Terminal :
/ip firewall address-list add address=10.11.3.0/24 list=client disabled=no
(10.11.3.0/24 adalah IP untuk network lokal LAN)
Contohnya seperti ini
Kemudian lanjutkan memberi mangle untuk http-video dengan memasukan perintah :
/ip firewall mangle add chain=forward protocol=tcp layer7-protocol=http-video dst-address-list=client action=mark-packet new-packet-mark=download passthrough=no
Contohnya seperti ini
Kemudian masukan extensi di bawah ini :
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=http-video dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-msi dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward protocol=tcp
layer7-protocol=file-exe dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-rar dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-zip dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-7z dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-cab dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-asf dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-mov dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-wmv dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-mpg dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-mpeg dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-mkv dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-avi dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-flv dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-pdf dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-wav dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-rm dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-mp3 dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-mp4 dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-ram dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-rmvb dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-dat dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-daa dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-iso dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-nrg dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-bin dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-vcd dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-mp2 dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-3gp dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-mpe dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-qt dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-raw dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-wma dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-ogg dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-webm dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-gz dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-tar dst-address-list=client action=mark-packet
new-packet-mark=download passthrough=no
/ip firewall mangle add chain=forward
protocol=tcp layer7-protocol=file-rpm dst-address-list=client
action=mark-packet new-packet-mark=download passthrough=no
Contohnya seperti ini
Selanjutnya adalah membuat PCQ & Queue dengan perintah ini :
/queue type
add kind=pcq name=pcq-download pcq-classifier=dst-address
Contohnya seperti ini
Lalu ketik perintah ini di terminal untuk mengatur kecepatannya :
/queue
tree add name="total-download" parent=ether3-Lan packet-mark=download
limit-at=128k queue=pcq-download priority=8 max-limit=384k burst-limit=0
burst-threshold=0 burst-time=0s
Contohnya seperti ini
Konfigurasi selesai, sekarang tinggal mencobanya saja dengan cara mendownload apa saja.
Lihatlah hasilnya :D
Thanks sudah membaca artikel saya kali ini, jgn lupa baca artikel lainnya ya :D
Semoga sukses!
