menggunakan PC router dengan OS mikrotik terinstall ditambah 7buat lancard, banyak yg tanya pake motherboard apa ya?jawabannya asus…ya asus menyediakan banyak MB yg punya slot pci>6 ditambah 1 onboard, kalo bingung bisa menggunakan modul tambahan pci dengan 4 pci permudul yg disediakan oleh routerboard.
settingan dibawah terpisah dengan squid linux, jadi jangan slah kaprah loh..
selamat membaca ya
interface print
Flags: X – disabled, D – dynamic, R – running
# NAME TYPE RX-RATE TX-RATE MTU
0 R Lan ether 0 0 1500
1 R Modem5 ether 0 0 1500
2 R Modem6 ether 0 0 1500
3 R ether4-squid ether 0 0 1500
4 R ether5 ether 0 0 1500
5 R Modem4 ether 0 0 1500
6 R Modem3 ether 0 0 1500
7 R Modem2 ether 0 0 1500
8 R Modem1 ether 0 0 1500
ip address print
Flags: X – disabled, I – invalid, D – dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 192.168.2.2/30 192.168.2.0 192.168.2.3 Modem1
1 192.168.3.2/30 192.168.3.0 192.168.3.3 Modem2
2 192.168.4.2/30 192.168.4.0 192.168.4.3 Modem3
3 12.12.12.1/24 12.12.12.0 12.12.12.255 Lan
4 192.168.5.2/30 192.168.5.0 192.168.5.3 Modem4
5 192.168.6.2/30 192.168.6.0 192.168.6.3 Modem5
6 192.168.7.2/30 192.168.7.0 192.168.7.3 Modem6
7 10.10.10.1/30 10.10.10.0 10.10.10.3 ether4-squid
ip dns print
primary-dns: 203.130.209.242
secondary-dns: 202.134.0.155
allow-remote-requests: yessed: 731KiB
cache-size: 2048KiB
cache-max-ttl: 1w
cache-used: 731KiB
[cybernet@nunukan] > ip firewall mangle print
Flags: X – disabled, I – invalid, D – dynamic
0 chain=prerouting in-interface=Lan protocol=tcp dst-port=80 connection-state=new nth=6,6,0
action=mark-connection new-connection-mark=Modem1 passthrough=yes
1 chain=prerouting in-interface=Lan connection-mark=Modem1 action=mark-routing
new-routing-mark=Konek1 passthrough=no
2 chain=prerouting in-interface=Lan protocol=tcp fragment=no dst-port=80 connection-state=ne>
nth=6,6,1 action=mark-connection new-connection-mark=Modem2 passthrough=yes
3 chain=prerouting in-interface=Lan connection-mark=Modem2 action=mark-routing
new-routing-mark=Konek2 passthrough=no
4 ;;; Load Balancing
chain=prerouting in-interface=Lan protocol=tcp dst-port=80 connection-state=new nth=6,6,2
action=mark-connection new-connection-mark=Modem3 passthrough=yes
5 chain=prerouting in-interface=Lan connection-mark=Modem3 action=mark-routing
new-routing-mark=Konek3 passthrough=no
6 chain=prerouting in-interface=Lan protocol=tcp dst-port=80 connection-state=new nth=6,6,3
action=mark-connection new-connection-mark=Modem4 passthrough=yes
7 chain=prerouting in-interface=Lan connection-mark=Modem4 action=mark-routing
new-routing-mark=Konek4 passthrough=no
8 chain=prerouting in-interface=Lan protocol=tcp dst-port=80 connection-state=new nth=6,6,4
action=mark-connection new-connection-mark=Modem5 passthrough=yes
9 chain=prerouting in-interface=Lan connection-mark=Modem5 action=mark-routing
new-routing-mark=Konek5 passthrough=no
10 chain=prerouting in-interface=Lan protocol=tcp dst-port=80 connection-state=new nth=6,6,5
action=mark-connection new-connection-mark=Modem6 passthrough=yes
11 chain=prerouting in-interface=Lan connection-mark=Modem6 action=mark-routing
new-routing-mark=Konek6 passthrough=no
12 chain=prerouting in-interface=Lan protocol=tcp dst-port=80 connection-state=new nth=6,6,6
action=mark-connection new-connection-mark=Modem7 passthrough=yes
13 chain=prerouting in-interface=Lan connection-mark=Modem1 action=mark-routing
new-routing-mark=Konek7 passthrough=no
14 chain=prerouting content=facebook.com action=add-src-to-address-list address-list=FBlist
address-list-timeout=0s
++++++++++++++
ip firewall nat print
Flags: X – disabled, I – invalid, D – dynamic
0 chain=srcnat out-interface=Modem1 action=masquerade
1 chain=srcnat out-interface=Modem2 action=masquerade
2 chain=srcnat out-interface=Modem3 action=masquerade
3 chain=srcnat out-interface=Modem4 action=masquerade
4 chain=srcnat out-interface=Modem5 action=masquerade
5 chain=srcnat out-interface=Modem6 action=masquerade
6 chain=dstnat protocol=udp dst-port=53 action=redirect to-ports=53
7 chain=dstnat protocol=tcp dst-port=53 action=redirect to-ports=53
8 chain=dstnat in-interface=Lan protocol=icmp action=redirect to-ports=1
9 X chain=dstnat in-interface=Lan dst-port=80 action=dst-nat to-addresses=10.10.10.2 to-ports=3128
++++++++++++++++
ip route print
Flags: X – disabled, A – active, D – dynamic, C – connect, S – static, r – rip, b – bgp, o – ospf
# DST-ADDRESS PREF-SRC G GATEWAY DISTANCE INTERFACE
0 ADC 10.10.10.0/30 10.10.10.1 ether4-squid
1 ADC 12.12.12.0/24 12.12.12.1 Lan
2 ADC 192.168.2.0/30 192.168.2.2 Modem1
3 ADC 192.168.3.0/30 192.168.3.2 Modem2
4 ADC 192.168.4.0/30 192.168.4.2 Modem3
5 ADC 192.168.5.0/30 192.168.5.2 Modem4
6 ADC 192.168.6.0/30 192.168.6.2 Modem5
7 ADC 192.168.7.0/30 192.168.7.2 Modem6
8 A S 0.0.0.0/0 r 192.168.2.1 Modem1
9 A S 0.0.0.0/0 r 192.168.3.1 Modem2
10 A S 0.0.0.0/0 r 192.168.4.1 Modem3
11 A S 0.0.0.0/0 r 192.168.5.1 Modem4
12 A S 0.0.0.0/0 r 192.168.6.1 Modem5
13 A S 0.0.0.0/0 r 192.168.7.1 Modem6
14 A S 0.0.0.0/0 r 192.168.2.1 Modem1
15 A S 0.0.0.0/0 r 192.168.2.1 2 Modem1
No comments:
Post a Comment