Kadang seorang administrator
jaringan akan mengalami “pusing” atas ulah para client yang mggunakan download
accelator seperti Free Download Manager (FDM), Internet Download Manager (IDM)
dan download accelerator yang lain.
Nah.. untuk mengakali nya ada cara
yang efektif membatasi bandwitdh download tanpa mengganggu browsing secara
keseluruhan.
Sebelum berlanjut, ada beberapa
tahapan yang perlu kita perhatikan antara lain, kapasitas bandwith yang kita
miliki, firewall, mangle, dan simple queue.
Langkah pertama kita
mensetting firewall. berikut ini script nya :
/ip firewall filter add
chain=forward src-address=192.168.100.0/24 protocol=tcp content=.exe
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
/ip firewall filter add
chain=forward src-address=192.168.100.0/24 protocol=tcp content=.iso
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
/ip firewall filter add
chain=forward src-address=192.168.100.0/24 protocol=tcp content=.mpg
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
/ip firewall filter add
chain=forward src-address=192.168.100.0/24 protocol=tcp content=.zip
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
/ip firewall filter add
chain=forward src-address=192.168.100.0/24 protocol=tcp content=.rar
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
/ip firewall filter add
chain=forward src-address=192.168.100.0/24 protocol=tcp content=.dat
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
/ip firewall filter add
chain=forward src-address=192.168.100.0/24 protocol=tcp content=.flv
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
/ip firewall filter add
chain=forward src-address=192.168.100.0/24 protocol=tcp content=.3gp
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
/ip firewall filter add
chain=forward src-address=192.168.100.0/24 protocol=tcp content=.mpeg
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
/ip firewall filter add
chain=forward src-address=192.168.100.0/24 protocol=tcp content=.avi
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
/ip firewall filter add
chain=forward src-address=192.168.100.0/24 protocol=tcp content=.ram
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
/ip firewall filter add
chain=forward src-address=192.168.10.0/24 protocol=tcp content=.mov
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
/ip firewall filter add
chain=forward src-address=192.168.100.0/24 protocol=tcp content=.wma
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
/ip firewall filter add
chain=forward src-address=192.168.100.0/24 protocol=tcp content=.aiff
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
/ip firewall filter add
chain=forward src-address=192.168.100.0/24 protocol=tcp content=.au
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
/ip firewall filter add
chain=forward src-address=192.168.100.0/24 protocol=tcp content=.wav
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
/ip firewall filter add
chain=forward src-address=192.168.100.0/24 protocol=tcp content=.rar
action=add-dst-to-address-list address-list=cekek address-list-timeout=01:00:00
Keterangan :
ip address yang ada di script adalah
ip network, oleh karena itu sesuaikan dulu dengan ip network anda, tcp content
merupakan EXTENSI file yang sering di download oleh client, jika anda merasa
kurang, silakan di tambahi sendiri. Address list cekek nantinya akan muncul
otomatis di menu ip firewall address list dengan nana cekek (di cekik,
red) . Blok smua Script di atas kemudian anda paste kan di menu New
terminal, akhiri dengan enter.
Langkah berikutnya adalah
menginisialisai marking packet di mangle dengan script di bawah ini :
/ip firewall mangle add
chain=forward protocol=tcp src-address-list=cekek action=mark-packet
new-packet-mark=cekek-bw-by-extension
maksudnya, semua traffict tcp yang
di kenali pada extension file yang di download akan di mark (ditandai) sebagai
cekek-bw-by-extension yang selanjutny akan di kenali di firewall address list
sehingga alamat ip yang di download akan terdeteksi otomatis.
Langkah terakhir,
adalah memasukkan marking packet yang kita buat di mangle agar di kenali
oleh queu dengan memasukkan script dibawah ini:
/queue simple add-files
max-limit=20000/20000 packet-marks=cekek-bw-by-extension
artinya kita membatasi download
extension file 32kbps upload dan 64kbps dowload. jika bandwitdh anda
CEKAK perlu di CEKEK mereka-mereka yang suka ngedownload. Bagi anda
yang memiliki bandwitdh besar silakan sesuaikan kapasitas downlod yang ingin
anda berikan.. bisa 128kbps, 256kbps 512kbps up to you dah….
OK selesai..
sumber :
http://arizownie.blog.com/sistem-operasi/membatasi-download-di-mikrotik/