Scribd
Upload
68 views1 page

Iix FB

The document defines firewall rules and configurations for traffic marking and routing of private and social media addresses. Private addresses are marked and allowed to pass directly. Traffic to social media addresses is marked and routed through a PPTP VPN connection for access. DNS servers are also configured for name resolution.

Uploaded by

fuad hasyim
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
68 views1 page

Iix FB

The document defines firewall rules and configurations for traffic marking and routing of private and social media addresses. Private addresses are marked and allowed to pass directly. Traffic to social media addresses is marked and routed through a PPTP VPN connection for access. DNS servers are also configured for name resolution.

Uploaded by

fuad hasyim
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 1

/ip firewall address-list

add address=0.0.0.0/8 list=private-lokal


add address=10.0.0.0/8 list=private-lokal
add address=172.16.0.0/12 list=private-lokal
add address=192.168.0.0/16 list=private-lokal
add address=147.92.128.0/17 comment=LINE list=sosmed
add address=23.221.76.0/22 comment=LINE list=sosmed
add address=147.92.164.0/22 comment=LINE list=sosmed
add address=23.53.160.0/22 comment=LINE list=sosmed

/ip firewall mangle


add action=mark-connection chain=prerouting comment=IP-PRIVATE \
dst-address-list=private-lokal new-connection-mark=private-lokal \
passthrough=yes src-address-list=private-lokal
add action=accept chain=prerouting comment=IP-PRIVATE connection-mark=\
private-lokal dst-address-list=private-lokal src-address-list=private-lokal
add action=mark-routing chain=prerouting comment="LINK ARDHA-SOSMED" \
dst-address-list=sosmed new-routing-mark=SOSMED-ARDHA passthrough=yes \
src-address-list=private-lokal
add action=accept chain=prerouting comment="LINK ARDHA-SOSMED" routing-mark=\
SOSMED-ARDHA

/ip firewall raw


add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
none-dynamic chain=prerouting comment=INSTAGRAM content=.cdninstagram.com \
dst-address-list=!private-lokal src-address-list=private-lokal
add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
none-dynamic chain=prerouting comment=INSTAGRAM content=.instagram.com \
dst-address-list=!private-lokal src-address-list=private-lokal
add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
none-dynamic chain=prerouting comment=WHATSAPP content=.whatsapp.net \
dst-address-list=!private-lokal src-address-list=private-lokal
add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
none-dynamic chain=prerouting comment=WHATSAPP content=.whatsapp.com \
dst-address-list=!private-lokal src-address-list=private-lokal
add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
none-dynamic chain=prerouting comment=FACEBOOK content=.facebook.com \
dst-address-list=!private-lokal src-address-list=private-lokal
add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
none-dynamic chain=prerouting comment=FACEBOOK content=.facebook.net \
dst-address-list=!private-lokal src-address-list=private-lokal
add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
none-dynamic chain=prerouting comment=FACEBOOK content=.fbcdn.net \
dst-address-list=!private-lokal src-address-list=private-lokal
add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
none-dynamic chain=prerouting comment=TWITTER content=.twitter.com \
dst-address-list=!private-lokal src-address-list=private-lokal
add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
none-dynamic chain=prerouting comment=TWITTER content=.twimg.com \
dst-address-list=!private-lokal src-address-list=private-lokal

/int pptp-client add name=ArdhaNet connect-to=103.133.223.58 user=ArdhaNet


password=122121209309 max-mtu=1450 max-mru=1450 add-default-route=no disabled=no
comment=Ardha-Networks
/ip ro add gateway=10.20.30.1 check-gateway=ping routing-mark=SOSMED-ARDHA
comment=Ardha-Networks
/ip fi na add chain=srcnat action=masquerade out-interface=ArdhaNet comment=Ardha-
Networks
/ip dns set servers=1.1.1.1,1.0.0.1,8.8.8.8,8.8.8.4 allow-remote-requests=yes

You might also like