Biar Gx Lupa...!!!!
Minggu, 27 April 2014
SETUP MIKROTIK OS (UNTUK BILLING HOTSPOT) DIBELAKANG PFSENSE (PROXY LUSCA)
# RouterOS 5.25
#
#
/interface ethernet
set 0 arp=enabled auto-negotiation=yes cable-settings=default \
disable-running-check=yes disabled=no full-duplex=yes l2mtu=16383 \
mac-address= mtu=1500 name=Public speed=100Mbps
set 1 arp=enabled auto-negotiation=yes cable-settings=default \
disable-running-check=yes disabled=no full-duplex=yes mac-address=\
mtu=1500 name=Local speed=100Mbps
set 2 arp=enabled auto-negotiation=yes cable-settings=default \
disable-running-check=yes disabled=no full-duplex=yes mac-address=\
mtu=1500 name=Antena speed=100Mbps
/interface wireless security-profiles
set [ find default=yes ] authentication-types="" eap-methods=passthrough \
group-ciphers=aes-ccm group-key-update=5m interim-update=0s \
management-protection=disabled management-protection-key="" mode=none \
name=default radius-eap-accounting=no radius-mac-accounting=no \
radius-mac-authentication=no radius-mac-caching=disabled \
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \
static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=\
none static-key-0="" static-key-1="" static-key-2="" static-key-3="" \
static-sta-private-algo=none static-sta-private-key="" \
static-transmit-key=key-0 supplicant-identity=MikroTik tls-certificate=\
none tls-mode=no-certificates unicast-ciphers=aes-ccm wpa-pre-shared-key=\
"" wpa2-pre-shared-key=""
/ip hotspot profile
set [ find default=yes ] dns-name="" hotspot-address=0.0.0.0 html-directory=\
hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=\
cookie,http-chap name=default rate-limit="" smtp-server=0.0.0.0 \
split-user-domain=no use-radius=no
add dns-name="" hotspot-address=192.168.12.1 html-directory=hotspot \
http-proxy=0.0.0.0:0 login-by=http-chap name=hsprof1 nas-port-type=\
wireless-802.11 radius-accounting=yes radius-default-domain="" \
radius-interim-update=received radius-location-id="" \
radius-location-name="" radius-mac-format=XX:XX:XX:XX:XX:XX rate-limit="" \
smtp-server=0.0.0.0 split-user-domain=no use-radius=yes
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m name=default \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add advertise=no idle-timeout=1m keepalive-timeout=2m name=siswa \
open-status-page=always shared-users=10 status-autorefresh=1m \
transparent-proxy=yes
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha1 disabled=no enc-algorithms=3des \
lifetime=30m name=default pfs-group=modp1024
/ip pool
add name=hs-pool-3 ranges=192.168.12.2-192.168.12.250
/ip dhcp-server
add address-pool=hs-pool-3 authoritative=after-2sec-delay bootp-support=\
static disabled=no interface=Antena lease-time=1h name=dhcp1
/ip hotspot
add address-pool=hs-pool-3 addresses-per-mac=2 disabled=no idle-timeout=5m \
interface=Antena keepalive-timeout=none name=hotspot1 profile=hsprof1
/port
set 0 baud-rate=9600 data-bits=8 flow-control=none name=serial0 parity=none \
stop-bits=1
set 1 baud-rate=9600 data-bits=8 flow-control=none name=serial1 parity=none \
stop-bits=1
/ppp profile
set 0 change-tcp-mss=yes name=default only-one=default \
remote-ipv6-prefix-pool=none use-compression=default use-encryption=\
default use-ipv6=yes use-mpls=default use-vj-compression=default
set 1 change-tcp-mss=yes name=default-encryption only-one=default \
remote-ipv6-prefix-pool=none use-compression=default use-encryption=yes \
use-ipv6=yes use-mpls=default use-vj-compression=default
/queue type
set 0 kind=pfifo name=default pfifo-limit=50
set 1 kind=pfifo name=ethernet-default pfifo-limit=50
set 2 kind=sfq name=wireless-default sfq-allot=1514 sfq-perturb=5
set 3 kind=red name=synchronous-default red-avg-packet=1000 red-burst=20 \
red-limit=60 red-max-threshold=50 red-min-threshold=10
set 4 kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=5
set 5 kind=none name=only-hardware-queue
set 6 kind=mq-pfifo mq-pfifo-limit=50 name=multi-queue-ethernet-default
set 7 kind=pfifo name=default-small pfifo-limit=10
/routing bgp instance
set default as=65530 client-to-client-reflection=yes disabled=no \
ignore-as-path-len=no name=default out-filter="" redistribute-connected=\
no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no \
redistribute-static=no router-id=0.0.0.0 routing-table=""
/routing ospf instance
set [ find default=yes ] disabled=no distribute-default=never in-filter=\
ospf-in metric-bgp=auto metric-connected=20 metric-default=1 \
metric-other-ospf=auto metric-rip=20 metric-static=20 name=default \
out-filter=ospf-out redistribute-bgp=no redistribute-connected=no \
redistribute-other-ospf=no redistribute-rip=no redistribute-static=no \
router-id=0.0.0.0
/routing ospf area
set [ find default=yes ] area-id=0.0.0.0 disabled=no instance=default name=\
backbone type=default
/routing ospf-v3 instance
set [ find default=yes ] disabled=no distribute-default=never metric-bgp=auto \
metric-connected=20 metric-default=1 metric-other-ospf=auto metric-rip=20 \
metric-static=20 name=default redistribute-bgp=no redistribute-connected=\
no redistribute-other-ospf=no redistribute-rip=no redistribute-static=no \
router-id=0.0.0.0
/routing ospf-v3 area
set [ find default=yes ] area-id=0.0.0.0 disabled=no instance=default name=\
backbone type=default
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0 authentication-password="" \
authentication-protocol=MD5 encryption-password="" encryption-protocol=\
DES name=public read-access=yes security=none write-access=no
/system logging action
set 0 memory-lines=100 memory-stop-on-full=no name=memory target=memory
set 1 disk-file-count=2 disk-file-name=log disk-lines-per-file=100 \
disk-stop-on-full=no name=disk target=disk
set 2 name=echo remember=yes target=echo
set 3 bsd-syslog=no name=remote remote=:: remote-port=514 src-address=0.0.0.0 \
syslog-facility=daemon syslog-severity=auto target=remote
/tool user-manager customer
add backup-allowed=yes disabled=no login=admin password=78121 \
paypal-accept-pending=no paypal-allowed=no paypal-secure-response=no \
permissions=owner signup-allowed=no time-zone=-00:00
/user group
set read name=read policy="local,telnet,ssh,reboot,read,test,winbox,password,w\
eb,sniff,sensitive,api,!ftp,!write,!policy" skin=default
set write name=write policy="local,telnet,ssh,reboot,read,write,test,winbox,pa\
ssword,web,sniff,sensitive,api,!ftp,!policy" skin=default
set full name=full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,\
winbox,password,web,sniff,sensitive,api" skin=default
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=\
no
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=\
default-encryption enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=\
1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\
default enabled=no keepalive-timeout=60 mac-address=FE:33:DE:01:70:FB \
max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption \
enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/interface sstp-server server
set authentication=pap,chap,mschap1,mschap2 certificate=none default-profile=\
default enabled=no keepalive-timeout=60 max-mru=1500 max-mtu=1500 mrru=\
disabled port=443 verify-client-certificate=no
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=\
00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300 \
frames-per-second=25 receive-all=no ssid-all=no
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name="" memory-limit=10 \
multiple-channels=no only-headers=no receive-errors=no streaming-enabled=\
no streaming-max-rate=0 streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=192.168.11.1/24 disabled=no interface=Local network=192.168.11.0
add address=192.168.12.1/24 disabled=no interface=Antena network=192.168.12.0
add address=192.168.10.4/24 disabled=no interface=Public network=192.168.10.0
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=192.168.12.0/24 comment="hotspot network" dhcp-option="" \
dns-server="" gateway=192.168.12.1 ntp-server="" wins-server=""
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \
max-udp-packet-size=4096 servers=203.130.193.74,203.130.206.250
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes to-addresses=0.0.0.0
add action=masquerade chain=srcnat disabled=no out-interface=Public
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no src-address=192.168.12.0/24 to-addresses=0.0.0.0
add action=dst-nat chain=dstnat disabled=no dst-address=192.168.10.4 \
dst-port=3389 in-interface=Public protocol=tcp to-addresses=192.168.11.2 \
to-ports=3389
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061 sip-direct-media=yes
set pptp disabled=no
/ip hotspot service-port
set ftp disabled=no ports=21
/ip hotspot user
add disabled=no name=admin password=78121 profile=default
add disabled=yes name=siswa password=siswa profile=siswa
/ip hotspot walled-garden
add action=allow disabled=no dst-host=s26.postimg.org dst-port=80
/ip neighbor discovery
set Public disabled=no
set Local disabled=no
set Antena disabled=no
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 \
cache-on-disk=no enabled=no max-cache-size=unlimited \
max-client-connections=600 max-fresh-time=3d max-server-connections=600 \
parent-proxy=0.0.0.0 parent-proxy-port=0 port=8080 serialize-connections=\
no src-address=0.0.0.0
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.10.1 scope=\
30 target-scope=10
/ip service
set telnet address="" disabled=no port=23
set ftp address="" disabled=no port=21
set www address="" disabled=no port=8081
set ssh address="" disabled=no port=222
set www-ssl address="" certificate=none disabled=yes port=443
set api address="" disabled=yes port=8728
set winbox address="" disabled=no port=8291
/ip smb
set allow-guests=yes comment=MikrotikSMB domain=MSHOME enabled=no interfaces=\
all
/ip smb shares
set [ find default=yes ] comment="default share" directory=/pub disabled=no \
max-sessions=10 name=pub
/ip smb users
set [ find default=yes ] disabled=no name=guest password="" read-only=yes
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no \
inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes
/ipv6 nd
set [ find default=yes ] advertise-dns=no advertise-mac-address=yes disabled=\
no hop-limit=unspecified interface=all managed-address-configuration=no \
mtu=unspecified other-configuration=no ra-delay=3s ra-interval=3m20s-10m \
ra-lifetime=30m reachable-time=unspecified retransmit-interval=\
unspecified
/ipv6 nd prefix default
set autonomous=yes preferred-lifetime=1w valid-lifetime=4w2d
/mpls
set dynamic-label-range=16-1048575 propagate-ttl=yes
/mpls interface
set [ find default=yes ] disabled=no interface=all mpls-mtu=1508
/mpls ldp
set distribute-for-default-route=no enabled=no hop-limit=255 loop-detect=no \
lsr-id=0.0.0.0 path-vector-limit=255 transport-address=0.0.0.0 \
use-explicit-null=no
/port firmware
set directory=firmware ignore-directip-modem=no
/ppp aaa
set accounting=yes interim-update=0s use-radius=no
/queue interface
set Public queue=ethernet-default
set Local queue=ethernet-default
set Antena queue=ethernet-default
/radius
add accounting-backup=no accounting-port=1813 address=127.0.0.1 \
authentication-port=1812 called-id="" disabled=no domain="" realm="" \
secret=22222222 service=hotspot timeout=300ms
/radius incoming
set accept=yes port=3799
/routing bfd interface
set [ find default=yes ] disabled=no interface=all interval=0.2s min-rx=0.2s \
multiplier=5
/routing igmp-proxy
set query-interval=2m5s query-response-interval=10s quick-leave=no
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m \
gateway-selection=no-gateway origination-interval=5s preferred-gateway=\
0.0.0.0 timeout=1m ttl=50
/routing pim
set switch-to-spt=yes switch-to-spt-bytes=0 switch-to-spt-interval=1m40s
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \
metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \
redistribute-connected=no redistribute-ospf=no redistribute-static=no \
routing-table=main timeout-timer=3m update-timer=30s
/routing ripng
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \
metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \
redistribute-connected=no redistribute-ospf=no redistribute-static=no \
timeout-timer=3m update-timer=30s
/snmp
set contact="" enabled=no engine-id="" location="" trap-generators="" \
trap-target="" trap-version=1
/system clock
set time-zone-name=Asia/Jakarta
/system clock manual
set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start=\
"jan/01/1970 00:00:00" time-zone=+00:00
/system console
set [ find port=serial0 ] channel=0 disabled=no port=serial0 term=vt102
set [ find vcno=1 ] channel=0 disabled=no term=linux
set [ find vcno=2 ] channel=0 disabled=no term=linux
set [ find vcno=3 ] channel=0 disabled=no term=linux
set [ find vcno=4 ] channel=0 disabled=no term=linux
set [ find vcno=5 ] channel=0 disabled=no term=linux
set [ find vcno=6 ] channel=0 disabled=no term=linux
set [ find vcno=7 ] channel=0 disabled=no term=linux
set [ find vcno=8 ] channel=0 disabled=no term=linux
/system console screen
set blank-interval=10min line-count=25
/system gps
set channel=0 enabled=no set-system-time=no
/system hardware
set multi-cpu=yes
/system health
set state-after-reboot=enabled
/system identity
set name=MikroTik
/system lcd
set contrast=0 enabled=no port=parallel type=24x4
/system lcd page
set time disabled=yes display-time=5s
set resources disabled=yes display-time=5s
set uptime disabled=yes display-time=5s
set packets disabled=yes display-time=5s
set bits disabled=yes display-time=5s
set version disabled=yes display-time=5s
set identity disabled=yes display-time=5s
set Antena disabled=yes display-time=5s
set Local disabled=yes display-time=5s
set Public disabled=yes display-time=5s
/system logging
set 0 action=memory disabled=no prefix="" topics=info
set 1 action=memory disabled=no prefix="" topics=error
set 2 action=memory disabled=no prefix="" topics=warning
set 3 action=echo disabled=no prefix="" topics=critical
/system note
set note="" show-at-login=yes
/system ntp client
set enabled=yes mode=unicast primary-ntp=180.211.88.5 secondary-ntp=\
113.52.148.37
/system ntp server
set broadcast=no broadcast-addresses="" enabled=no manycast=yes multicast=no
/system resource irq
set 0 cpu=auto
set 1 cpu=auto
set 2 cpu=auto
set 3 cpu=auto
set 4 cpu=auto
set 5 cpu=auto
set 6 cpu=auto
set 7 cpu=auto
set 8 cpu=auto
/system resource irq rps
set Public disabled=no
set Local disabled=no
set Antena disabled=no
/system scheduler
add disabled=no interval=1d name=siswa_on on-event=":foreach u in=[/ip hotspot\
\_user find] do={:if ([/ip hotspot user get \$u profile]=\"siswa\") do={:l\
og warning \"siswa : \$[/ip hotspot user get \$u name] enable\"\r\
\n/ip hotspot user enable \$u}}}" policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-date=apr/25/2014 start-time=07:00:00
add disabled=no interval=1d name=siswa_off on-event=":foreach u in=[/ip hotspo\
t user find] do={:if ([/ip hotspot user get \$u profile]=\"siswa\") do={:l\
og warning \"siswa : \$[/ip hotspot user get \$u name] disable\"\r\
\n/ip hotspot user disable \$u}}}" policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-date=apr/25/2014 start-time=16:00:00
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=\
0.0.0.0 user=""
/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=\
none watchdog-timer=yes
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=\
100
/tool e-mail
set address=0.0.0.0 from=<> password="" port=25 starttls=no user=""
/tool graphing
set page-refresh=300 store-every=5min
/tool mac-server
set [ find default=yes ] disabled=no interface=all
/tool mac-server mac-winbox
set [ find default=yes ] disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool netwatch
add comment=internet-down-hotspot disabled=no down-script=":local dumplist [/i\
p hotspot active find]\r\
\n:foreach i in=\$dumplist do={\r\
\n /ip hotspot active remove \$i\r\
\n}\r\
\n:local dumplist [/ip hotspot cookie find]\r\
\n:foreach i in=\$dumplist do={\r\
\n /ip hotspot cookie remove \$i\r\
\n}" host=8.8.8.8 interval=30s timeout=1s up-script=""
/tool sms
set allowed-number="" channel=0 keep-max-sms=0 receive-enabled=no secret=""
/tool sniffer
set file-limit=1000KiB file-name="" filter-ip-address="" filter-ip-protocol=\
"" filter-mac-address="" filter-mac-protocol="" filter-port="" \
filter-stream=yes interface=all memory-limit=100KiB memory-scroll=yes \
only-headers=no streaming-enabled=no streaming-server=0.0.0.0
/tool traffic-generator
set latency-distribution-scale=10 test-id=0
/tool user-manager router
add coa-port=3799 customer=admin disabled=no ip-address=127.0.0.1 log=\
auth-fail name=hotspot shared-secret=2222222222 use-coa=no
/user aaa
set accounting=yes default-group=read exclude-groups="" interim-update=0s \
use-radius=no
REMOTE MIKROTIK MELALUI PFSENSE
Kita dapat mengakses semua perangkat komputer (windows rdp, linux diskless) dan server windows maupun server linux melalui mikrotik (ssh, ftp, user manager, winbox) yang diletakkan setelah PFsense Router. langkah-langkah :
1. membuat NAT di Modem
2. membuat NAT di Pfsense ( Firewall – NAT )
Hasilnya :
3. rubah port mikrotik yg diperlukan ( ip – services )
4. membuat nat di mikrotik (ip – firewall – NAT)
masukkan script dibawah ini melalui terminal dan jgn lupa sesuaikan ip publik (192.168.10.4) dan ip komputer (192.168.11.2) tujuan anda
/ip firewall nat
add action=dst-nat chain=dstnat disabled=no dst-address=192.168.10.4 \
dst-port=3389 in-interface=Public protocol=tcp to-addresses=192.168.11.2 \
to-ports=3389
5. sekarang saatnya mencoba dari internet dengan menggunakan ip publik speedy. untuk mengetahui ip publik speedy
6. buka browser dan ketikkan http://ippublic:port contoh http://36.76.178.238:3389
Semoga bermanfaat
Sabtu, 26 April 2014
Pemeberitahuan Koneksi Internet via Loginpage Mikrotik
Agar User Hotspot Mikrotik tahu apakah internet anda sedang online atau offline dibawah ini panduan sederhananya.
1. edit file login.html dan letakkkan coding dibawah ini dimana saja dan jangan lupa disave
<center><img src='http://s26.postimg.org/ce70rb3a1/internet_up_hostpot.jpg'
onerror="this.src='img/internet_down_hostpot.jpg'"/align="middle"></center>
2.buka new termina dan masukkan script dibawah ini
/ip hotspot walled-garden
add action=allow disabled=no dst-host=s26.postimg.org dst-port=80
3.masih di new terminal tambahkan juga script dibawah ini
/tool netwatch
add comment=internet-down-hotspot disabled=no down-script=":local dumplist [/ip hotspot active find]\r\
\n:foreach i in=\$dumplist do={\r\
\n /ip hotspot active remove \$i\r\
\n}\r\
\n:local dumplist [/ip hotspot cookie find]\r\
\n:foreach i in=\$dumplist do={\r\
\n /ip hotspot cookie remove \$i\r\
\n}" host=8.8.8.8 interval=30s timeout=1s up-script=""
4.Masukkan file internet_down_hostpot.jpg pada folder hotspot/img mikrotik anda
5. Selamat Mencoba. Dan Terima kasih
1. edit file login.html dan letakkkan coding dibawah ini dimana saja dan jangan lupa disave
<center><img src='http://s26.postimg.org/ce70rb3a1/internet_up_hostpot.jpg'
onerror="this.src='img/internet_down_hostpot.jpg'"/align="middle"></center>
2.buka new termina dan masukkan script dibawah ini
/ip hotspot walled-garden
add action=allow disabled=no dst-host=s26.postimg.org dst-port=80
3.masih di new terminal tambahkan juga script dibawah ini
/tool netwatch
add comment=internet-down-hotspot disabled=no down-script=":local dumplist [/ip hotspot active find]\r\
\n:foreach i in=\$dumplist do={\r\
\n /ip hotspot active remove \$i\r\
\n}\r\
\n:local dumplist [/ip hotspot cookie find]\r\
\n:foreach i in=\$dumplist do={\r\
\n /ip hotspot cookie remove \$i\r\
\n}" host=8.8.8.8 interval=30s timeout=1s up-script=""
4.Masukkan file internet_down_hostpot.jpg pada folder hotspot/img mikrotik anda
Jumat, 25 April 2014
NTP Client di Mikrotik
Agar Mikrotik kita selalu uptodate waktunya dengan jam dunia maka kita harus memberikan input script
/system ntp client
set enabled=yes mode=unicast primary-ntp=180.211.88.5 secondary-ntp=113.52.148.37
/system ntp client
set enabled=yes mode=unicast primary-ntp=180.211.88.5 secondary-ntp=113.52.148.37
Scheduler Profile Hotspot di Mikrotik
Untuk membatasi waktu Login dan Logout Hotspot Mikrotik berdasarkan Profile, harap diganti atau disesuaikan Profilenya
Contoh : profile "siswa"
script enable
:foreach u in=[/ip hotspot user find] do={:if ([/ip hotspot user get $u profile]="siswa") do={:log warning "siswa : $[/ip hotspot user get $u name] enable"
/ip hotspot user enable $u}}}
script disable
:foreach u in=[/ip hotspot user find] do={:if ([/ip hotspot user get $u profile]="siswa") do={:log warning "siswa : $[/ip hotspot user get $u name] disable"
/ip hotspot user disable $u}}}
script diatas kita masukkan kedalam
/system scheduler pada mikrotik kita dan atur waktunya
/system scheduler
add disabled=no interval=1d name=siswa_on on-event=":foreach u in=[/ip hotspot\
\_user find] do={:if ([/ip hotspot user get \$u profile]=\"siswa\") do={:l\
og warning \"siswa : \$[/ip hotspot user get \$u name] enable\"\r\
\n/ip hotspot user enable \$u}}}" policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-date=apr/25/2014 start-time=07:00:00
add disabled=no interval=1d name=siswa_off on-event=":foreach u in=[/ip hotspo\
t user find] do={:if ([/ip hotspot user get \$u profile]=\"siswa\") do={:l\
og warning \"siswa : \$[/ip hotspot user get \$u name] disable\"\r\
\n/ip hotspot user disable \$u}}}" policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-date=apr/25/2014 start-time=16:00:00
Semoga bermanfaat.
Contoh : profile "siswa"
script enable
:foreach u in=[/ip hotspot user find] do={:if ([/ip hotspot user get $u profile]="siswa") do={:log warning "siswa : $[/ip hotspot user get $u name] enable"
/ip hotspot user enable $u}}}
script disable
:foreach u in=[/ip hotspot user find] do={:if ([/ip hotspot user get $u profile]="siswa") do={:log warning "siswa : $[/ip hotspot user get $u name] disable"
/ip hotspot user disable $u}}}
script diatas kita masukkan kedalam
/system scheduler pada mikrotik kita dan atur waktunya
/system scheduler
add disabled=no interval=1d name=siswa_on on-event=":foreach u in=[/ip hotspot\
\_user find] do={:if ([/ip hotspot user get \$u profile]=\"siswa\") do={:l\
og warning \"siswa : \$[/ip hotspot user get \$u name] enable\"\r\
\n/ip hotspot user enable \$u}}}" policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-date=apr/25/2014 start-time=07:00:00
add disabled=no interval=1d name=siswa_off on-event=":foreach u in=[/ip hotspo\
t user find] do={:if ([/ip hotspot user get \$u profile]=\"siswa\") do={:l\
og warning \"siswa : \$[/ip hotspot user get \$u name] disable\"\r\
\n/ip hotspot user disable \$u}}}" policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-date=apr/25/2014 start-time=16:00:00
Semoga bermanfaat.
Langganan:
Postingan (Atom)