Di sini saya coba jelaskan bagaimana blokir koneksi torrent
dengan mikrotik. Trus ngapain di blokir segala bos? tuh koneksi ngabisin
bandwidth alias bandwidth killer,
download upload disedot semua. Hasilnya ga kebagian bandwidth deh. Di
sini kita pakai tehnik trap aktifitas aplikasi/koneksi torrent dan dst-address
IPnya di masukin ke address-list bernama “torrent”. Kemudian semua tujuan ke address-list
“torrent” kita drop.
/ip firewall filter
add action=add-dst-to-address-list address-list=torrent
chain=forward comment=\
"TORRENT No
1: Classic non security torrent [adamonline.web.id]" in-interface=\
ether2-lan
p2p=all-p2p
add action=add-dst-to-address-list address-list=torrent
chain=forward comment=\
"TORRENT No
2: outgoing DHT [adamonline.web.id]" content=d1:ad2:id20: dst-port=\
1025-65535
in-interface=ether2-lan packet-size=95-190 protocol=udp
add action=add-dst-to-address-list address-list=torrent
chain=forward comment=\
"TORRENT No
3: outgoing TCP announce [adamonline.web.id]"
content="info_hash=" \
dst-port=27
in-interface=ether2-lan protocol=tcp
add action=add-dst-to-address-list address-list=torrent
chain=forward comment=\
"TORRENT No
5: 6771 block Local Broadcast [adamonline.web.id]" content=\
"\r\
\nInfohash:"
dst-port=6771 in-interface=ether2-lan protocol=udp
add action=drop chain=forward comment=\
"TORRENT No
4: prohibits download .torrent files. [adamonline.web.id]" content=\
.torrent
dst-port=80 in-interface=ether2-lan protocol=tcp
add action=drop chain=forward comment=\
"TORRENT No.
5 : Finally we drop all torrent connection [adamonline.web.id]" \
dst-address-list=torrent
Script diatas bisa di copy paste ke terminal, tapi edit dulu
“in-interface=ether2-lan” ke nama interfaces lokal/LAN Anda, agar IP
lokal/client Anda tidak masuk ke address-list torrent.
Script diatas juga block/blokir jika ada user download file
berektensi “.torrent” (line 15-17), jadi user tidak bisa download file .torrent
ke aplikasi torrentnya.
Sekian tutorial saya semoga bermanfaat
0 komentar:
Post a Comment