Friday 1 February 2008

setingan privat router

# oct/28/2008 11:37:35 by RouterOS 2.9.6
# software id = 4B3X-XNT
#
/ interface ethernet
set PRIVATE name="PRIVATE" mtu=1500 mac-address=00:0B:6A:89:AD:F3 arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
set Proxy name="Proxy" mtu=1500 mac-address=00:08:C7:D2:3B:24 arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
set PUBLIC name="PUBLIC" mtu=1500 mac-address=00:50:04:76:F0:49 arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
/ interface wireless security-profiles
set default name="default" mode=none wpa-unicast-ciphers="" \
wpa-group-ciphers="" pre-shared-key="" static-algo-0=none static-key-0="" \
static-algo-1=none static-key-1="" static-algo-2=none static-key-2="" \
static-algo-3=none static-key-3="" static-transmit-key=key-0 \
static-sta-private-algo=none static-sta-private-key="" \
radius-mac-authentication=no group-key-update=5m
/ interface wireless align
set frame-size=300 active-mode=yes receive-all=no \
audio-monitor=00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 ssid-all=no \
frames-per-second=25 audio-min=-100 audio-max=-20
/ interface wireless snooper
set multiple-channels=yes channel-time=200ms receive-errors=no
/ interface wireless sniffer
set multiple-channels=no channel-time=200ms only-headers=no receive-errors=no \
memory-limit=10 file-name="" file-limit=10 streaming-enabled=no \
streaming-server=0.0.0.0 streaming-max-rate=0
/ interface bridge port
set PRIVATE bridge=none priority=128 path-cost=10
set Proxy bridge=none priority=128 path-cost=10
set PUBLIC bridge=none priority=128 path-cost=10
/ interface l2tp-server server
set enabled=no max-mtu=1460 max-mru=1460 \
authentication=pap,chap,mschap1,mschap2 default-profile=default-encryption
/ interface pppoe-server server
add service-name="pppoe" interface=PRIVATE max-mtu=1480 max-mru=1480 \
authentication=pap,chap,mschap1,mschap2 keepalive-timeout=10 \
one-session-per-host=no max-sessions=0 default-profile=default disabled=no
/ interface pptp-server server
set enabled=yes max-mtu=1460 max-mru=1460 \
authentication=pap,chap,mschap1,mschap2 keepalive-timeout=30 \
default-profile=default-encryption
/ ip telephony region
/ ip telephony gatekeeper
set gatekeeper=none remote-id="" remote-address=0.0.0.0
/ ip telephony aaa
set use-radius-accounting=no interim-update=0s
/ ip telephony codec
move G.711-uLaw-64k/sw
move G.711-ALaw-64k/sw
move G.729A-8k/sw
move G.729-8k/sw
move G.723.1-6.3k/sw
move GSM-06.10-13.2k/sw
move LPC-10-2.5k/sw
/ ip accounting
set enabled=no account-local-traffic=no threshold=256
/ ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ ip service
set telnet port=23 address=0.0.0.0/0 disabled=no
set ftp port=21 address=0.0.0.0/0 disabled=no
set www port=80 address=0.0.0.0/0 disabled=no
set ssh port=22 address=0.0.0.0/0 disabled=no
set www-ssl port=443 address=0.0.0.0/0 certificate=none disabled=yes
/ ip socks
set enabled=no port=1080 connection-idle-timeout=2m max-connections=200
/ ip arp
/ ip upnp
set enabled=no allow-disable-external-interface=yes show-dummy-rule=yes
/ ip traffic-flow
set enabled=no interfaces=all cache-entries=4k active-flow-timeout=30m \
inactive-flow-timeout=15s
/ ip dns
set primary-dns=202.134.0.155 secondary-dns=202.134.2.5 \
allow-remote-requests=yes cache-size=2048KiB cache-max-ttl=1w
/ ip address
add address=10.29.1.25/30 network=10.29.1.24 broadcast=10.29.1.27 \
interface=PRIVATE comment="CityNet" disabled=no
add address=10.29.1.1/30 network=10.29.1.0 broadcast=10.29.1.3 \
interface=PRIVATE comment="" disabled=no
add address=10.29.1.6/30 network=10.29.1.4 broadcast=10.29.1.7 \
interface=PRIVATE comment="" disabled=no
add address=10.29.1.10/30 network=10.29.1.8 broadcast=10.29.1.11 \
interface=PRIVATE comment="Komp Tari" disabled=no
add address=10.29.1.13/30 network=10.29.1.12 broadcast=10.29.1.15 \
interface=PRIVATE comment="LAB ICT Center + Multimedia" disabled=no
add address=10.29.1.22/30 network=10.29.1.20 broadcast=10.29.1.23 \
interface=PRIVATE comment="MTU" disabled=no
add address=10.29.1.30/30 network=10.29.1.28 broadcast=10.29.1.31 \
interface=PRIVATE comment="SD Teladan" disabled=no
add address=10.29.1.33/30 network=10.29.1.32 broadcast=10.29.1.35 \
interface=PRIVATE comment="Perintis 1 - 195.170.5.77" disabled=no
add address=10.29.1.41/30 network=10.29.1.40 broadcast=10.29.1.43 \
interface=PRIVATE comment="SMP Negeri 25" disabled=no
add address=10.29.1.53/30 network=10.29.1.52 broadcast=10.29.1.55 \
interface=PRIVATE comment="SMA Negeri 2 - 195.170.5.16" disabled=yes
add address=10.29.1.65/30 network=10.29.1.64 broadcast=10.29.1.67 \
interface=PRIVATE comment="SMA Utama - 195.170.5.17" disabled=no
add address=10.29.1.69/30 network=10.29.1.68 broadcast=10.29.1.71 \
interface=PRIVATE comment="SMP Al-Kautsar" disabled=no
add address=10.29.1.81/30 network=10.29.1.80 broadcast=10.29.1.83 \
interface=PRIVATE comment="Dinas Pendidikan Kota - 195.170.5.30" \
disabled=yes
add address=10.29.1.85/30 network=10.29.1.84 broadcast=10.29.1.87 \
interface=PRIVATE comment="SD Negeri 1 Perumnas Way Halim" disabled=no
add address=10.29.1.89/30 network=10.29.1.88 broadcast=10.29.1.91 \
interface=PRIVATE comment="SMA Negeri 12" disabled=no
add address=10.29.1.101/30 network=10.29.1.100 broadcast=10.29.1.103 \
interface=PRIVATE comment="SMK Negeri 1" disabled=no
add address=10.29.1.105/30 network=10.29.1.104 broadcast=10.29.1.107 \
interface=PRIVATE comment="SMP N 23 195.170.5.44" disabled=no
add address=10.29.1.117/30 network=10.29.1.116 broadcast=10.29.1.119 \
interface=PRIVATE comment="UML" disabled=no
add address=10.29.1.125/30 network=10.29.1.124 broadcast=10.29.1.127 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.129/30 network=10.29.1.128 broadcast=10.29.1.131 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.133/30 network=10.29.1.132 broadcast=10.29.1.135 \
interface=PRIVATE comment="SMK Surya Dharma - 195.170.6.8" disabled=no
add address=10.29.1.137/30 network=10.29.1.136 broadcast=10.29.1.139 \
interface=PRIVATE comment="SMP Negeri 3" disabled=no
add address=10.29.1.141/30 network=10.29.1.140 broadcast=10.29.1.143 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.145/30 network=10.29.1.144 broadcast=10.29.1.147 \
interface=PRIVATE comment="SMK Negeri 3" disabled=no
add address=10.29.1.149/30 network=10.29.1.148 broadcast=10.29.1.151 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.153/30 network=10.29.1.152 broadcast=10.29.1.155 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.157/30 network=10.29.1.156 broadcast=10.29.1.159 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.161/30 network=10.29.1.160 broadcast=10.29.1.163 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.165/30 network=10.29.1.164 broadcast=10.29.1.167 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.169/30 network=10.29.1.168 broadcast=10.29.1.171 \
interface=PRIVATE comment="MA Nahdatuh Ulama" disabled=no
add address=10.29.1.173/30 network=10.29.1.172 broadcast=10.29.1.175 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.177/30 network=10.29.1.176 broadcast=10.29.1.179 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.181/30 network=10.29.1.180 broadcast=10.29.1.183 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.185/30 network=10.29.1.184 broadcast=10.29.1.187 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.189/30 network=10.29.1.188 broadcast=10.29.1.191 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.193/30 network=10.29.1.192 broadcast=10.29.1.195 \
interface=PRIVATE comment="SMP Negeri 16" disabled=no
add address=10.29.1.197/30 network=10.29.1.196 broadcast=10.29.1.199 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.201/30 network=10.29.1.200 broadcast=10.29.1.203 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.205/30 network=10.29.1.204 broadcast=10.29.1.207 \
interface=PRIVATE comment="" disabled=no
add address=10.29.1.209/30 network=10.29.1.208 broadcast=10.29.1.211 \
interface=PRIVATE comment="" disabled=no
add address=10.29.1.213/30 network=10.29.1.212 broadcast=10.29.1.215 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.217/30 network=10.29.1.216 broadcast=10.29.1.219 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.221/30 network=10.29.1.220 broadcast=10.29.1.223 \
interface=PRIVATE comment="SMA Negeri 8" disabled=no
add address=10.29.1.225/30 network=10.29.1.224 broadcast=10.29.1.227 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.229/30 network=10.29.1.228 broadcast=10.29.1.231 \
interface=PRIVATE comment="SMA Negeri 5" disabled=no
add address=10.29.1.233/30 network=10.29.1.232 broadcast=10.29.1.235 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.237/30 network=10.29.1.236 broadcast=10.29.1.239 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.241/30 network=10.29.1.240 broadcast=10.29.1.243 \
interface=PRIVATE comment="SMA Immanuel" disabled=no
add address=10.29.1.245/30 network=10.29.1.244 broadcast=10.29.1.247 \
interface=PRIVATE comment="SMA BPK Penabur" disabled=no
add address=10.29.1.249/30 network=10.29.1.248 broadcast=10.29.1.251 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.1.254/30 network=10.29.1.252 broadcast=10.29.1.255 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.2.1/30 network=10.29.2.0 broadcast=10.29.2.3 \
interface=PRIVATE comment="CityNet SMK" disabled=no
add address=10.29.2.5/30 network=10.29.2.4 broadcast=10.29.2.7 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.2.9/30 network=10.29.2.8 broadcast=10.29.2.11 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.2.13/30 network=10.29.2.12 broadcast=10.29.2.15 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.2.17/30 network=10.29.2.16 broadcast=10.29.2.19 \
interface=PRIVATE comment="" disabled=yes
add address=10.29.2.21/30 network=10.29.2.20 broadcast=10.29.2.23 \
interface=PRIVATE comment="" disabled=yes
add address=195.170.89.200/16 network=195.170.0.0 broadcast=195.170.255.255 \
interface=PRIVATE comment="" disabled=no
add address=10.29.10.1/24 network=10.29.10.0 broadcast=10.29.10.255 \
interface=PRIVATE comment="IP Voip" disabled=no
add address=192.168.88.249/29 network=192.168.88.248 broadcast=192.168.88.255 \
interface=PRIVATE comment="" disabled=no
add address=10.3.3.2/30 network=10.3.3.0 broadcast=10.3.3.3 interface=Proxy \
comment="" disabled=no
add address=192.168.20.1/24 network=192.168.20.0 broadcast=192.168.20.255 \
interface=PRIVATE comment="" disabled=no
add address=10.29.0.18/28 network=10.29.0.16 broadcast=10.29.0.31 \
interface=PUBLIC comment="" disabled=no
add address=193.168.0.1/28 network=193.168.0.0 broadcast=193.168.0.15 \
interface=PRIVATE comment="" disabled=no
add address=199.168.18.2/27 network=199.168.18.0 broadcast=199.168.18.31 \
interface=PUBLIC comment="IP ke Server Pustekom" disabled=no
/ ip proxy
set enabled=no ports=8080 parent-proxy=0.0.0.0:0 \
maximal-client-connecions=1000 maximal-server-connectons=1000 \
cache-administrator="webmaster" max-object-size=4096KiB \
max-disk-cache-size=none max-ram-cache-size=67000KiB disk-database=yes
/ ip proxy drive
set
/ ip proxy access
add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" \
disabled=no
add method=CONNECT dst-port=443 action=allow comment="allow CONNECT only to \
SSL ports 443 \[https\] and 563 \[snews\]" disabled=no
add method=CONNECT dst-port=563 action=allow comment="allow CONNECT only to \
SSL ports 443 \[https\] and 563 \[snews\]" disabled=no
add method=CONNECT action=deny comment="allow CONNECT only to SSL ports 443 \
\[https\] and 563 \[snews\]" disabled=no
/ ip proxy cache
add path=:\\? action=deny comment="don't cache dynamic http pages" disabled=no
add path=:\\.php action=deny comment="don't cache dynamic http pages" \
disabled=no
add path=:\\.asp action=deny comment="don't cache dynamic http pages" \
disabled=no
/ ip neighbor discovery
set PRIVATE discover=yes
set Proxy discover=yes
set PUBLIC discover=yes
set pppoe-pur discover=no
set pppoe-tari discover=no
/ ip route
add dst-address=192.168.0.250/32 gateway=10.29.1.26 scope=255 target-scope=10 \
comment="" disabled=no
add dst-address=202.150.0.0/24 gateway=10.29.1.26 scope=255 target-scope=10 \
comment="" disabled=no
add dst-address=202.154.183.8/32 gateway=10.29.0.17 scope=255 target-scope=10 \
comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=10.3.3.1 scope=255 target-scope=10 \
comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=10.29.0.17 scope=255 target-scope=10 \
comment="" disabled=yes
/ ip firewall nat
add chain=dstnat in-interface=PRIVATE protocol=tcp dst-port=80 action=dst-nat \
to-addresses=10.3.3.1 to-ports=3128 comment="Transparent Proxy" \
disabled=yes
add chain=dstnat in-interface=PRIVATE protocol=udp dst-port=953 action=dst-nat \
to-addresses=10.29.0.18 to-ports=953 comment="" disabled=yes
add chain=srcnat out-interface=Proxy action=masquerade comment="Masquerade" \
disabled=yes
add chain=srcnat action=masquerade comment="Masquerade" disabled=yes
add chain=srcnat src-address=10.29.1.2 action=masquerade comment="" \
disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.5 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.9 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.14 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.17 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.1.21 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.29 action=masquerade \
comment="" disabled=no
add chain=srcnat src-address=10.29.1.26 action=masquerade comment="" \
disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.34 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.38 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.1.42 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.46 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.1.50 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.54 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.1.58 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.62 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.66 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.70 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.74 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.78 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.82 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.86 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.90 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.94 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.98 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.98 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.102 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.106 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.110 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.114 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.1.118 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.122 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.126 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.130 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.134 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.142 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.146 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.150 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.1.154 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.158 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.162 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.166 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.1.138 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.170 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.174 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.178 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.1.182 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.186 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.1.190 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.194 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.198 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.1.202 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.206 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.210 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.214 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.1.218 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.1.222 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.226 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.230 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.234 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.1.238 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.1.242 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.246 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.1.250 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.1.253 action=masquerade \
comment="" disabled=no
add chain=srcnat src-address=10.29.2.2 action=masquerade comment="" \
disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.2.6 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.2.10 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.2.14 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.2.22 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.2.26 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.2.30 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.2.34 action=masquerade \
comment="" disabled=yes
add chain=srcnat out-interface=Proxy src-address=10.29.2.38 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.2.42 action=masquerade \
comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.2.46 action=masquerade \
comment="" disabled=no
add chain=srcnat src-address=192.168.20.0/24 action=masquerade comment="" \
disabled=no
add chain=srcnat src-address=169.254.66.0/24 action=masquerade comment="" \
disabled=no
add chain=srcnat out-interface=Proxy src-address=10.29.10.0/24 \
action=masquerade comment="" disabled=no
add chain=srcnat dst-address=10.29.0.0/24 action=masquerade comment="" \
disabled=yes
add chain=dstnat in-interface=PRIVATE dst-address=10.29.1.0/24 protocol=tcp \
dst-port=80 action=dst-nat to-addresses=10.29.0.24 to-ports=80 \
comment="Redirect Port 80" disabled=no
add chain=srcnat src-address=10.29.0.0/16 dst-address=195.170.0.0/16 \
action=masquerade comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=192.168.1.0/26 \
action=masquerade comment="" disabled=no
add chain=srcnat out-interface=Proxy src-address=193.168.0.0/28 \
action=masquerade comment="Perintis 1" disabled=no
add chain=srcnat out-interface=Proxy src-address=125.160.10.0/28 \
action=masquerade comment="Kantor SMKN2" disabled=no
/ ip firewall connection tracking
set enabled=yes tcp-syn-sent-timeout=2m tcp-syn-received-timeout=1m \
tcp-established-timeout=5d tcp-fin-wait-timeout=2m \
tcp-close-wait-timeout=1m tcp-last-ack-timeout=30s \
tcp-time-wait-timeout=2m tcp-close-timeout=10s udp-timeout=30s \
udp-stream-timeout=3m icmp-timeout=30s generic-timeout=10m
/ ip firewall filter
add chain=input connection-state=invalid action=drop comment="Drop Invalid \
connections" disabled=no
add chain=input connection-state=established action=accept comment="Allow \
Established connections" disabled=no
add chain=input protocol=udp action=accept comment="Allow UDP" disabled=no
add chain=input protocol=icmp action=accept comment="Allow ICMP" disabled=no
add chain=forward protocol=tcp connection-state=invalid action=drop \
comment="drop invalid connections" disabled=no
add chain=forward connection-state=established action=accept comment="allow \
already established connections" disabled=no
add chain=forward connection-state=related action=accept comment="allow \
related connections" disabled=no
add chain=forward protocol=tcp action=jump jump-target=tcp comment="" \
disabled=no
add chain=forward protocol=udp action=jump jump-target=udp comment="" \
disabled=no
add chain=forward protocol=icmp action=jump jump-target=icmp comment="" \
disabled=no
add chain=tcp protocol=tcp dst-port=69 action=drop comment="deny TFTP" \
disabled=no
add chain=tcp protocol=tcp dst-port=111 action=drop comment="deny RPC \
portmapper" disabled=no
add chain=tcp protocol=tcp dst-port=135 action=drop comment="deny RPC \
portmapper" disabled=no
add chain=tcp protocol=tcp dst-port=137-139 action=drop comment="deny NBT" \
disabled=no
add chain=tcp protocol=tcp dst-port=445 action=drop comment="deny cifs" \
disabled=no
add chain=tcp protocol=tcp dst-port=2049 action=drop comment="deny NFS" \
disabled=no
add chain=tcp protocol=tcp dst-port=12345-12346 action=drop comment="deny \
NetBus" disabled=no
add chain=tcp protocol=tcp dst-port=20034 action=drop comment="deny NetBus" \
disabled=no
add chain=tcp protocol=tcp dst-port=3133 action=drop comment="deny \
BackOriffice" disabled=no
add chain=tcp protocol=tcp dst-port=67-68 action=drop comment="deny DHCP" \
disabled=no
add chain=udp protocol=udp dst-port=69 action=drop comment="deny TFTP" \
disabled=no
add chain=udp protocol=udp dst-port=111 action=drop comment="deny PRC \
portmapper" disabled=no
add chain=udp protocol=udp dst-port=135 action=drop comment="deny PRC \
portmapper" disabled=no
add chain=udp protocol=udp dst-port=137-139 action=drop comment="deny NBT" \
disabled=no
add chain=udp protocol=udp dst-port=2049 action=drop comment="deny NFS" \
disabled=no
add chain=udp protocol=udp dst-port=3133 action=drop comment="deny \
BackOriffice" disabled=no
add chain=icmp protocol=icmp icmp-options=0:0 action=accept comment="drop \
invalid connections" disabled=no
add chain=icmp protocol=icmp icmp-options=3:0 action=accept comment="allow \
established connections" disabled=no
add chain=icmp protocol=icmp icmp-options=3:1 action=accept comment="allow \
already established connections" disabled=no
add chain=icmp protocol=icmp icmp-options=4:0 action=accept comment="allow \
source quench" disabled=no
add chain=icmp protocol=icmp icmp-options=8:0 action=accept comment="allow \
echo request" disabled=no
add chain=icmp protocol=icmp icmp-options=11:0 action=accept comment="allow \
time exceed" disabled=no
add chain=icmp protocol=icmp icmp-options=12:0 action=accept comment="allow \
parameter bad" disabled=no
add chain=icmp action=drop comment="deny all other types" disabled=no
add chain=forward src-address=10.29.10.0/24 dst-address=0.0.0.0/0 protocol=tcp \
dst-port=80 action=drop comment="firewall-jalur-voip" disabled=no
add chain=forward dst-address=66.55.141.0/24 protocol=tcp action=drop \
comment="Bokep" disabled=no
add chain=forward dst-address=64.191.65.149 protocol=tcp action=drop \
comment="Bokep" disabled=no
add chain=forward dst-address=69.50.129.124 protocol=tcp action=drop \
comment="Bokep" disabled=no
add chain=forward dst-address=146.82.202.0/24 protocol=tcp action=drop \
comment="Bokep" disabled=no
add chain=forward dst-address=146.82.203.0/24 protocol=tcp action=drop \
comment="Bokep" disabled=no
add chain=forward dst-address=146.82.200.0/24 protocol=tcp action=drop \
comment="Bokep" disabled=no
add chain=forward dst-address=64.72.114.0/24 protocol=tcp action=drop \
comment="Bokep" disabled=no
add chain=forward dst-address=76.9.6.0/24 protocol=tcp action=drop \
comment="Bokep" disabled=no
add chain=input in-interface=PRIVATE dst-address=255.255.255.255 protocol=udp \
dst-port=5678 action=accept comment="Winbox Viewer" disabled=no
/ ip firewall service-port
set ftp ports=21 disabled=no
set tftp ports=69 disabled=no
set irc ports=6667 disabled=no
set h323 disabled=yes
set quake3 disabled=no
set mms disabled=no
set gre disabled=yes
set pptp disabled=yes
/ ip dhcp-server config
set store-leases-disk=5m
/ ip hotspot service-port
set ftp ports=21 disabled=no
/ ip hotspot profile
set default name="default" hotspot-address=0.0.0.0 dns-name="" \
html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 \
smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d \
split-user-domain=no use-radius=no
/ ip hotspot user profile
set default name="default" idle-timeout=none keepalive-timeout=2m \
status-autorefresh=1m shared-users=1 transparent-proxy=yes \
open-status-page=always advertise=no
/ ip ipsec policy
add src-address=0.0.0.0/0:any dst-address=169.254.66.0/24:any protocol=all \
action=encrypt level=use ipsec-protocols=esp tunnel=yes \
sa-src-address=0.0.0.0 sa-dst-address=0.0.0.0 proposal=default \
manual-sa=none dont-fragment=clear disabled=no
/ ip ipsec proposal
add name="default" auth-algorithms=sha1 enc-algorithms=3des lifetime=30m \
lifebytes=0 pfs-group=modp1024 disabled=no
/ system logging
add topics=info prefix="" action=memory disabled=no
add topics=error prefix="" action=memory disabled=no
add topics=warning prefix="" action=memory disabled=no
add topics=critical prefix="" action=echo disabled=no
/ system logging action
set memory name="memory" target=memory memory-lines=100 memory-stop-on-full=no
set disk name="disk" target=disk disk-lines=100 disk-stop-on-full=no
set echo name="echo" target=echo remember=yes
set remote name="remote" target=remote remote=0.0.0.0:514
/ system upgrade mirror
set enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0 \
check-interval=1d user=""
/ system clock dst
set dst-delta=+01:00 dst-start="jan/01/1970 00:00:00" dst-end="jan/01/1970 \
00:00:00"
/ system watchdog
set reboot-on-failure=yes watch-address=none watchdog-timer=yes \
no-ping-delay=5m automatic-supout=yes auto-send-supout=no
/ system console
add port=serial0 term="" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
/ system console screen
set line-count=25
/ system identity
set name="PRIVATE-ROUTER"
/ system note
set show-at-login=yes note=""
/ system gps
set enabled=no set-system-time=no
/ system lcd
set enabled=no type=24x4 port=parallel contrast=0
/ system lcd page
set time display-time=5s disabled=yes
set resources display-time=5s disabled=yes
set uptime display-time=5s disabled=yes
set packets display-time=5s disabled=yes
set bits display-time=5s disabled=yes
set version display-time=5s disabled=yes
set pppoe-tari display-time=5s disabled=yes
set PRIVATE display-time=5s disabled=yes
set Proxy display-time=5s disabled=yes
set PUBLIC display-time=5s disabled=yes
set pppoe-pur display-time=5s disabled=yes
/ system ntp server
set enabled=no broadcast=no multicast=no manycast=yes
/ system ntp client
set enabled=no mode=unicast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/ system routerboard bios
set
/ system health
set state-after-reboot=enabled
/ port
set serial0 name="serial0" baud-rate=9600 data-bits=8 parity=none stop-bits=1 \
flow-control=hardware
/ ppp profile
set default name="default" use-compression=default use-vj-compression=default \
use-encryption=default only-one=default change-tcp-mss=default comment=""
add name="RtRwNet" local-address=169.254.66.1 use-compression=default \
use-vj-compression=default use-encryption=default only-one=default \
change-tcp-mss=default rate-limit=0/0 dns-server=10.29.1.1 comment=""
add name="bandwidth-128" local-address=169.254.66.1 use-compression=default \
use-vj-compression=default use-encryption=default only-one=default \
change-tcp-mss=default rate-limit=128000/128000 comment=""
add name="bandwidth-256" local-address=169.254.66.1 use-compression=default \
use-vj-compression=default use-encryption=default only-one=default \
change-tcp-mss=default rate-limit=256000/256000 comment=""
add name="ICT" local-address=169.254.66.1 use-compression=default \
use-vj-compression=default use-encryption=default only-one=default \
change-tcp-mss=default rate-limit=1024000/1024000 comment=""
add name="kantor" local-address=125.160.134.1 use-compression=default \
use-vj-compression=default use-encryption=default only-one=default \
change-tcp-mss=default rate-limit=128000/128000 comment=""
set default-encryption name="default-encryption" use-compression=default \
use-vj-compression=default use-encryption=yes only-one=default \
change-tcp-mss=default comment=""
/ ppp secret
add name="tari" service=pppoe caller-id="" password="tari" profile=ICT \
local-address=169.254.66.1 remote-address=169.254.66.6 routes="" \
limit-bytes-in=0 limit-bytes-out=0 comment="" disabled=no
add name="harry" service=pppoe caller-id="" password="harry" profile=ICT \
local-address=169.254.66.1 remote-address=169.254.66.2 routes="" \
limit-bytes-in=0 limit-bytes-out=0 comment="" disabled=no
add name="jono" service=pppoe caller-id="" password="jono" profile=ICT \
local-address=169.254.66.1 remote-address=169.254.66.3 routes="" \
limit-bytes-in=0 limit-bytes-out=0 comment="" disabled=no
add name="jpinluv" service=pppoe caller-id="" password="jpinluv" profile=ICT \
local-address=169.254.66.1 remote-address=169.254.66.4 routes="" \
limit-bytes-in=0 limit-bytes-out=0 comment="" disabled=no
add name="pur" service=pppoe caller-id="" password="pur" profile=ICT \
local-address=169.254.66.1 remote-address=169.254.66.5 routes="" \
limit-bytes-in=0 limit-bytes-out=0 comment="" disabled=no
add name="hadi" service=pppoe caller-id="" password="hadi" profile=ICT \
local-address=0.0.0.0 remote-address=169.254.66.8 routes="" \
limit-bytes-in=0 limit-bytes-out=0 comment="" disabled=no
add name="budi" service=pppoe caller-id="" password="budi" profile=ICT \
local-address=0.0.0.0 remote-address=169.254.66.9 routes="" \
limit-bytes-in=0 limit-bytes-out=0 comment="" disabled=no
add name="arjuna" service=pppoe caller-id="" password="008" \
profile=bandwidth-256 local-address=10.29.1.142 \
remote-address=169.254.66.10 routes="" limit-bytes-in=0 limit-bytes-out=0 \
comment="" disabled=yes
add name="smkn2" service=pppoe caller-id="" password="123" profile=kantor \
local-address=125.160.10.1 remote-address=125.160.10.4 routes="" \
limit-bytes-in=0 limit-bytes-out=0 comment="" disabled=no
add name="kantor01" service=pppoe caller-id="" password="smkn2" profile=kantor \
local-address=125.160.10.1 remote-address=125.160.10.2 routes="" \
limit-bytes-in=0 limit-bytes-out=0 comment="" disabled=no
add name="kantor02" service=pppoe caller-id="" password="smkn2" profile=kantor \
local-address=125.160.10.1 remote-address=125.160.10.3 routes="" \
limit-bytes-in=0 limit-bytes-out=0 comment="" disabled=no
add name="pptp" service=pptp caller-id="" password="pptp1" profile=default \
local-address=10.0.0.1 remote-address=10.0.0.2 routes="" limit-bytes-in=0 \
limit-bytes-out=0 comment="" disabled=no
/ ppp aaa
set use-radius=no accounting=yes interim-update=0s
/ queue type
set default name="default" kind=pfifo pfifo-limit=50
set ethernet-default name="ethernet-default" kind=pfifo pfifo-limit=50
set wireless-default name="wireless-default" kind=sfq sfq-perturb=5 \
sfq-allot=1514
set synchronous-default name="synchronous-default" kind=red red-limit=60 \
red-min-threshold=10 red-max-threshold=50 red-burst=20 red-avg-packet=1000
set hotspot-default name="hotspot-default" kind=sfq sfq-perturb=5 \
sfq-allot=1514
/ queue simple
add name="Sesama" dst-address=10.29.0.0/16 interface=all parent=none \
priority=8 queue=default/default limit-at=0/0 max-limit=0/0 \
total-queue=default disabled=no
add name="Streaming CityNet" dst-address=192.168.0.250/32 interface=all \
parent=none priority=8 queue=default/default limit-at=0/0 max-limit=0/0 \
total-queue=default disabled=no
add name="Web CityNet" target-addresses=0.0.0.0/0 dst-address=202.150.0.0/24 \
interface=all parent=none priority=8 queue=default/default limit-at=0/0 \
max-limit=0/0 total-queue=default disabled=no
add name="Voip" dst-address=10.29.0.23/32 interface=all parent=none priority=8 \
queue=default/default limit-at=0/0 max-limit=0/0 total-queue=default \
disabled=no
add name="HotSpot Server" target-addresses=10.29.1.2/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default limit-at=0/0 \
max-limit=512000/512000 total-queue=default disabled=no
add name="Rumah pak harry" target-addresses=10.29.1.5/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default limit-at=0/0 \
max-limit=128000/128000 total-queue=default disabled=no
add name="Komp Tari" target-addresses=10.29.1.9/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default limit-at=0/0 \
max-limit=128000/128000 total-queue=default disabled=no
add name="Lab ICT/Multimedia" target-addresses=10.29.1.14/32 \
dst-address=0.0.0.0/0 interface=all parent=none priority=8 \
queue=default/default limit-at=0/0 max-limit=512000/512000 \
total-queue=default disabled=no
add name="MTU" target-addresses=10.29.1.21/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default limit-at=0/0 \
max-limit=128000/128000 total-queue=default disabled=no
add name="City.Net" target-addresses=10.29.1.26/32,10.29.2.42/32,192.168.0.0/24\
dst-address=0.0.0.0/0 interface=all parent=none priority=8 \
queue=default/default limit-at=0/0 max-limit=3000000/3000000 \
total-queue=default disabled=no
add name="SD Teladan" target-addresses=10.29.1.29/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default limit-at=0/0 \
max-limit=256000/256000 total-queue=default disabled=no
add name="SMA Perintis 1" target-addresses=10.29.1.34/32,193.168.0.0/28 \
dst-address=0.0.0.0/0 interface=all parent=none priority=8 \
queue=default/default limit-at=64000/64000 max-limit=512000/512000 \
total-queue=default disabled=no
add name="SMP Negeri 25" target-addresses=10.29.1.42/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default limit-at=0/0 \
max-limit=128000/128000 total-queue=default disabled=no
add name="SMP Al-Kautsar" target-addresses=10.29.1.70/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default limit-at=0/0 \
max-limit=256000/256000 total-queue=default disabled=no
add name="SMA Utama" target-addresses=10.29.1.66/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default limit-at=0/0 \
max-limit=256000/256000 total-queue=default disabled=no
add name="SMK Surya Dharma" target-addresses=10.29.1.134/32 \
dst-address=0.0.0.0/0 interface=all parent=none priority=8 \
queue=default/default limit-at=0/0 max-limit=256000/256000 \
total-queue=default disabled=no
add name="SD Negeri 1 Perumnas Way Halim" target-addresses=10.29.1.86/32 \
dst-address=0.0.0.0/0 interface=all parent=none priority=8 \
queue=default/default limit-at=0/0 max-limit=128000/128000 \
total-queue=default disabled=no
add name="SMA Negeri 12" target-addresses=10.29.1.90/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default limit-at=0/0 \
max-limit=256000/256000 total-queue=default disabled=no
add name="SMA Xaverius - 195.170.5.22" target-addresses=10.29.1.98/32 \
dst-address=0.0.0.0/0 interface=all parent=none priority=8 \
queue=default/default limit-at=0/0 max-limit=256000/256000 \
total-queue=default disabled=no
add name="SMP Negeri 23 - 195.170.5.44" target-addresses=10.29.1.106/32 \
dst-address=0.0.0.0/0 interface=all parent=none priority=8 \
queue=default/default limit-at=0/0 max-limit=256000/256000 \
total-queue=default disabled=no
add name="SMK Negeri 1-195.170.5.68" target-addresses=10.29.1.102/32 \
dst-address=0.0.0.0/0 interface=all parent=none priority=8 \
queue=default/default limit-at=0/0 max-limit=256000/256000 \
total-queue=default disabled=no
add name="UML" target-addresses=10.29.1.118/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default limit-at=0/0 \
max-limit=256000/256000 total-queue=default disabled=no
add name="SMP Negeri 3" target-addresses=10.29.1.138/32,192.168.20.0/24 \
dst-address=0.0.0.0/0 interface=all parent=none priority=8 \
queue=default/default limit-at=0/0 max-limit=128000/128000 \
total-queue=default disabled=no
add name="SMK Negeri 3 - 195.170.5.29" target-addresses=10.29.1.146/32 \
dst-address=0.0.0.0/0 interface=all parent=none priority=8 \
queue=default/default limit-at=0/0 max-limit=512000/512000 \
total-queue=default disabled=no
add name="MA Nahdatul Ulama -195.170.5.18" target-addresses=10.29.1.170/32 \
dst-address=0.0.0.0/0 interface=all parent=none priority=8 \
queue=default/default limit-at=0/0 max-limit=256000/256000 \
total-queue=default disabled=no
add name="SMP Negeri 16 - 195.170.5.28" target-addresses=10.29.1.194/32 \
dst-address=0.0.0.0/0 interface=all parent=none priority=8 \
queue=default/default limit-at=0/0 max-limit=256000/256000 \
total-queue=default disabled=no
add name="SMP Negeri 3 - 195.170.5.75" \
target-addresses=10.29.1.206/32,192.168.20.0/24 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default limit-at=0/0 \
max-limit=256000/256000 total-queue=default disabled=no
add name="HotspotCityNet" target-addresses=10.29.1.210/32 \
dst-address=0.0.0.0/0 interface=all parent=none priority=8 \
queue=default/default limit-at=0/0 max-limit=2000000/2000000 \
total-queue=default disabled=no
add name="SMA Negeri 8 - 195.170.5.81" \
target-addresses=10.29.1.222/32,192.168.88.248/29 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default limit-at=0/0 \
max-limit=256000/256000 total-queue=default disabled=no
add name="SMA Negeri 5" target-addresses=10.29.1.230/32 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default limit-at=0/0 \
max-limit=128000/128000 total-queue=default disabled=no
add name="SMA Imanuel - 195.170.5.32" target-addresses=10.29.1.242/32 \
dst-address=0.0.0.0/0 interface=all parent=none priority=8 \
queue=default/default limit-at=0/0 max-limit=256000/256000 \
total-queue=default disabled=no
add name="SMA BPK Penabur 195.170.5.38" target-addresses=10.29.1.246/32 \
dst-address=0.0.0.0/0 interface=all parent=none priority=8 \
queue=default/default limit-at=0/0 max-limit=256000/256000 \
total-queue=default disabled=no
add name="CityNet - SMK" target-addresses=10.29.2.2/32,192.168.212.0/24 \
dst-address=0.0.0.0/0 interface=all parent=none priority=8 \
queue=default/default limit-at=0/0 max-limit=2000000/2000000 \
total-queue=default disabled=no
add name="Kantor SMKN2" target-addresses=125.160.10.0/28 dst-address=0.0.0.0/0 \
interface=all parent=none priority=8 queue=default/default \
limit-at=64000/64000 max-limit=256000/256000 total-queue=default \
disabled=no
/ user
add name="admin" group=full address=0.0.0.0/0 comment="system default user" \
disabled=no
/ user group
add name="read" policy=local,telnet,ssh,reboot,read,test,winbox,password,web,!f\
tp,!write,!policy
add name="write" policy=local,telnet,ssh,reboot,read,write,test,winbox,password\
,web,!ftp,!policy
add name="full" policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbo\
x,password,web
/ user aaa
set use-radius=no accounting=yes interim-update=0s default-group=read
/ radius incoming
set accept=no port=1700
/ driver
/ snmp
set enabled=no contact="" location=""
/ snmp community
set public name="public" address=0.0.0.0/0 read-access=yes
/ tool bandwidth-server
set enabled=yes authenticate=yes allocate-udp-ports-from=2000 max-sessions=10
/ tool mac-server ping
set enabled=yes
/ tool e-mail
set server=0.0.0.0 from="<>"
/ tool sniffer
set interface=all only-headers=no memory-limit=10 file-name="" file-limit=10 \
streaming-enabled=no streaming-server=0.0.0.0 filter-stream=yes \
filter-protocol=ip-only filter-address1=0.0.0.0/0:0-65535 \
filter-address2=0.0.0.0/0:0-65535
/ tool graphing
set store-every=5min
/ tool graphing queue
add simple-queue=all allow-address=0.0.0.0/0 store-on-disk=yes \
allow-target=yes disabled=no
/ tool graphing interface
add interface=PRIVATE allow-address=0.0.0.0/0 store-on-disk=yes disabled=no
add interface=Proxy allow-address=0.0.0.0/0 store-on-disk=yes disabled=no
add interface=PUBLIC allow-address=0.0.0.0/0 store-on-disk=yes disabled=no
/ routing bgp instance
set default as=65530 router-id=0.0.0.0 redistribute-static=no \
redistribute-connected=no redistribute-rip=no redistribute-ospf=no \
redistribute-other-bgp=no name="default" out-filter="" disabled=no
/ routing rip
set redistribute-static=no redistribute-connected=no redistribute-ospf=no \
redistribute-bgp=no metric-static=1 metric-connected=1 metric-ospf=1 \
metric-bgp=1 update-timer=30s timeout-timer=3m garbage-timer=2m
/ routing ospf
set router-id=0.0.0.0 distribute-default=never redistribute-connected=no \
redistribute-static=no redistribute-rip=no redistribute-bgp=no \
metric-default=1 metric-connected=20 metric-static=20 metric-rip=20 \
metric-bgp=20
/ routing ospf area
set backbone area-id=0.0.0.0 authentication=none prefix-list-import="" \
prefix-list-export="" disabled=no

Posted by welcome to web mas_haribudi at 12:53 0 comments
Subscribe to: Posts (Atom)