Membatasi download berdasarkan extension file yang di download menggunakan Firewall Layer 7. File-file yang di limit adalah yang ber extension exe,flv,zip,rar,mp3,mp4,3gp dan lain lain.
Berikut ini cara nya :

Buka winbox kemudian klik “IP” kemudian klik “Firewall” kemudian klik tanda “Tambah” warna merah kemudian klik “layer7 protocols”

isikan

Name=Limit Download (bebas)

RegeXp=http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(content-type: video)

lalu Buka “New terminal” di winbox

Copykan dan paste kan kode di bawah ini dan patekan di “New Terminal” winbox

ip firewall layer7-protocol add comment=”” name=”Extension \” .exe \”” regexp=”\\.(exe)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .rar \”” regexp=”\\.(rar)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .zip \”” regexp=”\\.(zip)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .7z \”” regexp=”\\.(7z)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .cab \”” regexp=”\\.(cab)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .asf \”” regexp=”\\.(asf)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .mov \”” regexp=”\\.(mov)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .wmv \”” regexp=”\\.(wmv)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .mpg \”” regexp=”\\.(mpg)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .mpeg \”” regexp=”\\.(mpeg)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .mkv \”” regexp=”\\.(mkv)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .avi \”” regexp=”\\.(avi)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .flv \”” regexp=”\\.(flv)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .wav \”” regexp=”\\.(wav)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .rm \”” regexp=”\\.(rm)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .mp3 \”” regexp=”\\.(mp3)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .mp4 \”” regexp=”\\.(mp4)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .ram \”” regexp=”\\.(ram)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .rmvb \”” regexp=”\\.(rmvb)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .dat \”” regexp=”\\.(dat)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .daa \”” regexp=”\\.(daa)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .iso \”” regexp=”\\.(iso)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .nrg \”” regexp=”\\.(nrg)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .bin \”” regexp=”\\.(bin)”
ip firewall layer7-protocol add comment=”” name=”Extension \” .vcd \”” regexp=”\\.(vcd)”

lanjutkan paste kan script mangle berikut :

/ip firewall mangle add action=mark-packet chain=prerouting comment=”http-video mark-packet” disabled=no layer7-protocol=http-video new-packet-mark=http-video passthrough=no

/ip firewall mangle add action=mark-connection chain=prerouting comment=”7z DOWNS” disabled=no layer7-protocol=”Extension \” .7z \”” new-connection-mark=”7z DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”7z DOWNS” disabled=no new-packet-mark=7z passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”asf DOWNS” disabled=no layer7-protocol=”Extension \” .asf \”” new-connection-mark=”asf DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”asf DOWNS” disabled=no new-packet-mark=asf passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”avi DOWNS” disabled=no layer7-protocol=”Extension \” .avi \”” new-connection-mark=”avi DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”avi DOWNS” disabled=no new-packet-mark=avi passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”bin DOWNS” disabled=no layer7-protocol=”Extension \” .bin \”” new-connection-mark=”bin DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”bin DOWNS” disabled=no new-packet-mark=bin passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”flv DOWNS” disabled=no layer7-protocol=”Extension \” .flv \”” new-connection-mark=”flv DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”flv DOWNS” disabled=no new-packet-mark=flv passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”iso DOWNS” disabled=no layer7-protocol=”Extension \” .iso \”” new-connection-mark=”iso DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark= “iso DOWNS” disabled=no new-packet-mark=iso passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”mkv DOWNS” disabled=no layer7-protocol=”Extension \” .mkv \”” new-connection-mark=”mkv DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”mkv DOWNS” disabled=no new-packet-mark=mkv passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”exe DOWNS” disabled=no layer7-protocol=”Extension \” .exe \”” new-connection-mark=”exe DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”exe DOWNS” disabled=no new-packet-mark=exe passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”mov DOWNS” disabled=no layer7-protocol=”Extension \” .mov \”” new-connection-mark=”mov DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”mov DOWNS” disabled=no new-packet-mark=mov passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”mp3 DOWNS” disabled=no layer7-protocol=”Extension \” .mp3 \”” new-connection-mark=”mp3 DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”mp3 DOWNS” disabled=no new-packet-mark=mp3 passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”mp4 DOWNS” disabled=no layer7-protocol=”Extension \” .mp4 \”” new-connection-mark=”mp4 DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”mp4 DOWNS” disabled=no new-packet-mark=mp4 passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”mpeg DOWNS” disabled=no layer7-protocol=”Extension \” .mpeg \”” new-connection-mark=”mpeg DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”mpeg DOWNS” disabled=no new-packet-mark=mpeg passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”mpg DOWNS” disabled=no layer7-protocol=”Extension \” .mpg \”” new-connection-mark=”mpg DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”mpg DOWNS” disabled=no new-packet-mark=mpg passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”nrg DOWNS” disabled=no layer7-protocol=”Extension \” .nrg \”” new-connection-mark=”nrg DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”nrg DOWNS” disabled=no new-packet-mark=nrg passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”ram DOWNS” disabled=no layer7-protocol=”Extension \” .ram \”” new-connection-mark=”ram DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”ram DOWNS” disabled=no new-packet-mark=ram passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”rar DOWNS” disabled=no layer7-protocol=”Extension \” .rar \”” new-connection-mark=”rar DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”rar DOWNS” disabled=no new-packet-mark=rar passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”rm DOWNS” disabled=no layer7-protocol=”Extension \” .rm \”” new-connection-mark=”rm DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”rm DOWNS” disabled=no new-packet-mark=rm passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”rmvb DOWNS” disabled=no layer7-protocol=”Extension \” .rmvb \”” new-connection-mark=”rmvb DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”rmvb DOWNS” disabled=no new-packet-mark=rmvb passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”wav DOWNS” disabled=no layer7-protocol=”Extension \” .wav \”” new-connection-mark=”wav DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”wav DOWNS” disabled=no new-packet-mark=wav passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”wma DOWNS” disabled=no layer7-protocol=”Extension \” .wma \”” new-connection-mark=”wma DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”wma DOWNS” disabled=no new-packet-mark=wma passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”wmv DOWNS” disabled=no layer7-protocol=”Extension \” .wmv \”” new-connection-mark=”wmv DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”wmv DOWNS” disabled=no new-packet-mark=wmv passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”zip DOWNS” disabled=no layer7-protocol=”Extension \” .zip \”” new-connection-mark=”zip DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”zip DOWNS” disabled=no new-packet-mark=zip passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”youtube DOWNS” disabled=no layer7-protocol=”YouTube ” new-connection-mark=”youtube DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”youtube DOWNS” disabled=no new-packet-mark=youtube passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”daa DOWNS” disabled=no layer7-protocol=”Extension \” .daa \”” new-connection-mark=”daa DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”daa DOWNS” disabled=no new-packet-mark=daa passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”dat DOWNS” disabled=no layer7-protocol=”Extension \” .dat \”” new-connection-mark=”dat DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”dat DOWNS” disabled=no new-packet-mark=dat passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”vcd DOWNS” disabled=no layer7-protocol=”Extension \” .vcd \”” new-connection-mark=”vcd DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”vcd DOWNS” disabled=no new-packet-mark=vcd passthrough=no protocol=tcp

/ip firewall mangle add action=mark-connection chain=prerouting comment=”cab DOWNS” disabled=no layer7-protocol=”Extension \” .cab \”” new-connection-mark=”cab DOWNS” passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-packet chain=postrouting comment=”” connection-mark=”cab DOWNS” disabled=no new-packet-mark=cab passthrough=no protocol=tcp

kemudian untuk limit nya di sini dibatasi hanya 32kB untuk limitnya berarti downloadnya hanya 8 KB perdetik,Jika anda menginginkan limit tambah silakan ganti sesuai dengan keinginan anda, misalnya 32k/32k anda gandi menjadi 64k/64k atau 128k/128k. Sesuaikan dengan Bandwitdh yang anda miliki. Copykan kode bawah ini dan patekan di “New Terminal” winbox.

queue simple add name=”youtube” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=http-video direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=100k/100k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”exe” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=exe direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”rar” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=rar direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”zip” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=zip direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”7z” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=7z direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”cab” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=cab direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”asf” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=asf direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”mov” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mov direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”wmv” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=wmv direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”mpg” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mpg direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”mpeg” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mpeg direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”mkv” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mkv direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”avi” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=avi direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”flv” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=flv direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”wav” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=wav direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”rm” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=rm direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”mp3″ dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mp3 direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”mp4″ dst-address=0.0.0.0/0 interface=all parent=none packet-marks=mp4 direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”ram” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=ram direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”rmvb” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=rmvb direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”dat” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=dat direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”daa” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=daa direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”iso” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=iso direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”nrg” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=nrg direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”bin” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=bin direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
queue simple add name=”vcd” dst-address=0.0.0.0/0 interface=all parent=none packet-marks=vcd direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/32k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small

Setelah anda selesai settingan anda coba download dengan menggunakan IDM atau Speed Downloader yang lain, kemudian anda cek speed download nya, cek juga di queue simple mikrotik anda

 

Leave a Reply

Alamat email Anda tidak akan dipublikasikan. Ruas yang wajib ditandai *