/ip firewall filter add chain=forward \
src-address=192.168.1.0/24 protocol=tcp content=.exe \
action=add-dst-to-address-list address-list=cekek \
address-list-timeout=01:00:00
/ip firewall filter add chain=forward \
src-address=192.168.1.0/24 protocol=tcp content=.iso \
action=add-dst-to-address-list address-list=cekek \
address-list-timeout=01:00:00
/ip firewall filter add chain=forward \
src-address=192.168.1.0/24 protocol=tcp content=.mpg \
action=add-dst-to-address-list address-list=cekek \
address-list-timeout=01:00:00
/ip firewall filter add chain=forward \
src-address=192.168.1.0/24 protocol=tcp content=.mp3 \
action=add-dst-to-address-list address-list=cekek \
address-list-timeout=01:00:00
/ip firewall filter add chain=forward \
src-address=192.168.1.0/24 protocol=tcp content=.3gp \
action=add-dst-to-address-list address-list=cekek \
address-list-timeout=01:00:00
/ip firewall filter add chain=forward \
src-address=192.168.1.0/24 protocol=tcp content=.rar \
action=add-dst-to-address-list address-list=cekek \
address-list-timeout=01:00:00
/ip firewall filter add chain=forward \
src-address=192.168.1.0/24 protocol=tcp content=.zip \
action=add-dst-to-address-list address-list=cekek \
address-list-timeout=01:00:00
time diatas menunjukkan 1 menit. bisa diatus sesuka anda bisa juga ditambahkan rule sesuai kebutuhan.
kemudian kita lakukan mangle untuk marking paket yang berasal dari address list diatas seperti ini:
/ip firewall mangle add chain=forward \
protocol=tcp src-address-list=cekek \
action=mark-packet new-packet-mark=cekek-bw
Lalu untuk yg terakhir kita masukkan simple queue dari paket mark diatas
/queue simple add name=download-files \
max-limit=64000/64000 packet-marks=cekek-bw
Selamat mencoba :)
No comments:
Post a Comment