Limit IDM dengan Mikrotik

sumber dari http://www.zulfanruri.com/salah-satu-trik-mengatasi-idm-dengan-mikrotik.htm

Kita asumsikan mikrotik sudah diset dengan benar (Internet Sharing) dan berfungsi dengan baik, dengan blok IP Client yang digunakan adalah 192.168.10.0/24.

Tutorial ini sangat bermanfaat bagi RT/RW net ataupun warnet yang ingin melakukan limitasi untuk akses ke ekstensi file2 tertentu, yang biasanya identik dengan hal download mendownload. Biasanya, si client menggunakan salah satu program yang sudah tidak asing lagi, yaitu IDM.

Dengan menambahkan setingan berikut, hanya aktifitas download saja yang akan kita limit, sehingga aktifitas browsing client tetap lancar.

Langkah-langkahnya adalah sebagai berikut :

1. Masukkan rule di firewall untuk mendapatkan IP server tempat file yang didownload dan memasukan IP itu ke dalam address list.

/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.mp3
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.exe
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.rar
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.zip
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.7z
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.cab
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.asf
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.mov
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.wmv
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.mpg
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.mpeg
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.mkv
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.avi
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.flv
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.pdf
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.wav
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.rm
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.mp4
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.ram
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.rmvb
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.dat
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.daa
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.iso
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.nrg
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.bin
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.vcd
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.mp2
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.3gp
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.mpe
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.qt
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.raw
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.wma
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.ogg
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00
/ip firewall filter add chain=forward
src-address=192.168.10.0/24 protocol=tcp content=.doc
action=add-dst-to-address-list address-list=downloads
address-list-timeout=00:05:00

Rule diatas akan menangkap semua traffic dengan ekstensi tertentu dan memasukkannya ke address list downloads selamat 5 menit. Jika ingin menambahkan ekstensi lainnya tinggal dikopas saja.

2. Setting mangle untuk paket yang berasal dari IP yang didapat dari langkah 1.

/ip firewall mangle add chain=forward
protocol=tcp src-address-list=downloads
action=mark-packet new-packet-mark=downloads-paket

3. Langkah terakhir kita masukkan simple queue dari paket mark yang dibuat dari langkah 2.

/queue simple add name=downloads-files
max-limit=128000/128000 packet-marks=downloads-paket

Letakkan queue ini di urutan paling atas, supaya dibaca pertama kali oleh mikrotik sebelum queue lainnya.

2 thoughts on “Limit IDM dengan Mikrotik

  1. mas alhamdulilah berhasil,, terima kasih atas ilmunya,,
    tapi ada sedikit kendala kalo misalnya download langsung di youtube memakai idm, sama mikrotik tidak terlimit,, kenapa ya mas? formatnya flv tapi tetep jebol,,
    terima kasih,,

    1. kalo mau ada beberapa alternatif bisa menggunakan fasilitas layer7 protocol dan mangle.. tuk limit dari websitenya.., pertama2 buat rule di layer7 masukan website yg mau dilimit, setelah itu di mangle mark connection dari layer 7 + mark paket, dah gitu pake simple queue, limit dari situ dan jangan lupa mark connection dari paket mangle nya dimasukan..

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s