Mastechno™

ip firewall nat

killerorka@gmail.com (Unknown) — Wed, 10 Mar 2010 22:17:00 +0700

ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat out-interface=modem1 connection-mark=satu action=src-nat
to-addresses=192.168.1.2 to-ports=0-65535

1 chain=srcnat out-interface=modem2 connection-mark=dua action=src-nat
to-addresses=192.168.2.2 to-ports=0-65535

2 chain=dstnat in-interface=lokal protocol=icmp action=redirect to-ports=1

3 chain=dstnat protocol=udp dst-port=53 action=redirect to-ports=53

4 chain=dstnat protocol=tcp dst-port=53 action=redirect to-ports=53

ip firewall mangle

killerorka@gmail.com (Unknown) — Wed, 10 Mar 2010 22:06:00 +0700

ip firewall mangle print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=prerouting in-interface=lokal connection-state=new nth=1,1,0
action=mark-connection new-connection-mark=satu passthrough=yes

1 chain=prerouting in-interface=lokal connection-mark=satu
action=mark-routing new-routing-mark=satu passthrough=no

2 chain=prerouting in-interface=lokal connection-state=new nth=1,1,1
action=mark-connection new-connection-mark=dua passthrough=yes

3 chain=prerouting in-interface=lokal connection-mark=dua
action=mark-routing new-routing-mark=dua passthrough=yes

4 chain=prerouting src-address=192.168.3.0/24 protocol=icmp
action=mark-connection new-connection-mark=ICMP-CM passthrough=yes

5 chain=prerouting connection-mark=ICMP-CM action=mark-packet
new-packet-mark=ICMP-PM passthrough=yes

6 chain=prerouting packet-mark=ICMP-PM action=change-tos new-tos=min-delay

7 chain=prerouting src-address=192.168.3.0/24 protocol=tcp dst-port=53
action=mark-connection new-connection-mark=DNS-CM passthrough=yes

8 chain=prerouting src-address=192.168.3.0/24 protocol=udp dst-port=53
action=mark-connection new-connection-mark=DNS-CM passthrough=yes

9 chain=prerouting connection-mark=DNS-CM action=mark-packet
new-packet-mark=DNS-PM passthrough=yes

10 chain=prerouting packet-mark=DNS-PM action=change-tos new-tos=min-delay

11 chain=forward src-address=192.168.3.0/24 dst-address=192.168.3.0/24
action=mark-connection new-connection-mark=user-lokal passthrough=yes

12 chain=forward connection-mark=user-lokal action=mark-packet
new-packet-mark=lokaltrafic passthrough=yes

Firewall

killerorka@gmail.com (Unknown) — Wed, 10 Mar 2010 22:06:00 +0700

ip firewall filter print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; The Thing
chain=virus protocol=tcp dst-port=6400 action=drop

1 ;;; TEMan, Weia-Meia
chain=virus protocol=tcp dst-port=6661 action=drop

2 ;;; Dark Connection Inside, NetBus worm
chain=virus protocol=tcp dst-port=6666 action=drop

3 ;;; Dark FTP, ScheduleAgent, SubSeven, Subseven 2.1.4 DefCon 8, Trinity, >
Satan
chain=virus protocol=tcp dst-port=6667 action=drop

4 ;;; Host Control, Vampire
chain=virus protocol=tcp dst-port=6669 action=drop

5 ;;; BackWeb Server, Deep Throat, Foreplay, WinNuke eXtreame
chain=virus protocol=tcp dst-port=6670 action=drop

6 ;;; BackDoor-G, SubSeven, VP Killer
chain=virus protocol=tcp dst-port=6711 action=drop

7 ;;; Funny trojan, SubSeven
chain=virus protocol=tcp dst-port=6712 action=drop

8 ;;; SubSeven
chain=virus protocol=tcp dst-port=6713 action=drop

9 ;;; Mstream
chain=virus protocol=tcp dst-port=6723 action=drop

10 ;;; Deep Throat, Foreplay
chain=virus protocol=tcp dst-port=6771 action=drop

11 ;;; 2000 Cracks, BackDoor-G, SubSeven, VP Killer
chain=virus protocol=tcp dst-port=6776 action=drop

12 ;;; Mstream
chain=virus protocol=udp dst-port=6838 action=drop

13 ;;; Delta Source DarkStar
chain=virus protocol=tcp dst-port=6883 action=drop

14 ;;; Shit Heep
chain=virus protocol=tcp dst-port=6912 action=drop

15 ;;; Indoctrination
chain=virus protocol=tcp dst-port=6939 action=drop

16 ;;; GateCrasher, IRC 3, Net Controller, Priority
chain=virus protocol=tcp dst-port=6969-6970 action=drop

17 ;;; Exploit Translation Server, Kazimas, Remote Grab, SubSeven, SubSeven >
Gold
chain=virus protocol=tcp dst-port=7000 action=drop

18 ;;; Freak88, Freak2k
chain=virus protocol=tcp dst-port=7001 action=drop

19 ;;; SubSeven, SubSeven 2.1 Gold
chain=virus protocol=tcp dst-port=7215 action=drop

20 ;;; NetMonitor
chain=virus protocol=tcp dst-port=7300-7308 action=drop

21 ;;; Host Control
chain=virus protocol=tcp dst-port=7424 action=drop

22 ;;; Host Control
chain=virus protocol=udp dst-port=7424 action=drop

23 ;;; Qaz
chain=virus protocol=tcp dst-port=7597 action=drop

24 ;;; Glacier
chain=virus protocol=tcp dst-port=7626 action=drop

25 ;;; God Message, Tini
chain=virus protocol=tcp dst-port=7777 action=drop

26 ;;; Back Door Setup, ICKiller
chain=virus protocol=tcp dst-port=7789 action=drop

27 ;;; The ReVeNgEr
chain=virus protocol=tcp dst-port=7891 action=drop

28 ;;; Mstream
chain=virus protocol=tcp dst-port=7983 action=drop

29 ;;; Back Orifice 2000
chain=virus protocol=tcp dst-port=8787 action=drop

30 ;;; BacHack
chain=virus protocol=tcp dst-port=8988 action=drop

31 ;;; Rcon, Recon, Xcon
chain=virus protocol=tcp dst-port=8989 action=drop

32 ;;; Netministrator
chain=virus protocol=tcp dst-port=9000 action=drop

33 ;;; Mstream
chain=virus protocol=udp dst-port=9325 action=drop

34 ;;; InCommand
chain=virus protocol=tcp dst-port=9400 action=drop

35 ;;; Portal of Doom
chain=virus protocol=tcp dst-port=9872-9875 action=drop

36 ;;; Cyber Attacker, Rux
chain=virus protocol=tcp dst-port=9876 action=drop

37 ;;; TransScout
chain=virus protocol=tcp dst-port=9878 action=drop

38 ;;; Ini-Killer
chain=virus protocol=tcp dst-port=9989 action=drop

39 ;;; The Prayer
chain=virus protocol=tcp dst-port=9999 action=drop

40 ;;; OpwinTRojan
chain=virus protocol=tcp dst-port=10000-10005 action=drop

41 ;;; Portal of Doom
chain=virus protocol=udp dst-port=10067 action=drop

42 ;;; Syphillis
chain=virus protocol=tcp dst-port=10085-10086 action=drop

43 ;;; Control Total, Gift trojan
chain=virus protocol=tcp dst-port=10100 action=drop

44 ;;; BrainSpy, Silencer
chain=virus protocol=tcp dst-port=10101 action=drop

45 ;;; Portal of Doom
chain=virus protocol=udp dst-port=10167 action=drop

46 ;;; Acid Shivers
chain=virus protocol=tcp dst-port=10520 action=drop

47 ;;; Host Control
chain=virus protocol=tcp dst-port=10528 action=drop

48 ;;; Coma
chain=virus protocol=tcp dst-port=10607 action=drop

49 ;;; Ambush
chain=virus protocol=udp dst-port=10666 action=drop

50 ;;; Senna Spy Trojan Generator
chain=virus protocol=tcp dst-port=11000 action=drop

51 ;;; Host Control
chain=virus protocol=tcp dst-port=11050-11051 action=drop

52 ;;; Progenic trojan, Secret Agent
chain=virus protocol=tcp dst-port=11223 action=drop

53 ;;; Gjamer
chain=virus protocol=tcp dst-port=12076 action=drop

54 ;;; Hack99 KeyLogger
chain=virus protocol=tcp dst-port=12223 action=drop

55 ;;; Ashley, cron crontab, Fat Bitch trojan, GabanBus, icmp_client.c, icm>
ipe.c, Mypic, NetBus, NetBus Toy, NetBus worm, Pie Bill Gates, Whack Job, X-
bill
chain=virus protocol=tcp dst-port=12345 action=drop

56 ;;; Fat Bitch trojan, GabanBus, NetBus, X-bill
chain=virus protocol=tcp dst-port=12346 action=drop

57 ;;; BioNet
chain=virus protocol=tcp dst-port=12349 action=drop

58 ;;; Whack-a-mole
chain=virus protocol=tcp dst-port=12361-12363 action=drop

59 ;;; DUN Control
chain=virus protocol=udp dst-port=12623 action=drop

60 ;;; ButtMan
chain=virus protocol=tcp dst-port=12624 action=drop

61 ;;; Whack Job
chain=virus protocol=tcp dst-port=12631 action=drop

62 ;;; Mstream
chain=virus protocol=tcp dst-port=12754 action=drop

63 ;;; Senna Spy Trojan Generator, Senna Spy Trojan Generator
chain=virus protocol=tcp dst-port=13000 action=drop

64 ;;; Hacker Brasil HBR
chain=virus protocol=tcp dst-port=13010 action=drop

65 ;;; PsychWard
chain=virus protocol=tcp dst-port=13013-13014 action=drop

66 ;;; Hack99 KeyLogger
chain=virus protocol=tcp dst-port=13223 action=drop

67 ;;; Chupacabra
chain=virus protocol=tcp dst-port=13473 action=drop

68 ;;; PC Invader
chain=virus protocol=tcp dst-port=14500-14503 action=drop

69 ;;; NetDemon
chain=virus protocol=tcp dst-port=15000 action=drop

70 ;;; Host Control
chain=virus protocol=tcp dst-port=15092 action=drop

71 ;;; Mstream
chain=virus protocol=tcp dst-port=15104 action=drop

72 ;;; SubZero
chain=virus protocol=tcp dst-port=15382 action=drop

73 ;;; CDK
chain=virus protocol=tcp dst-port=15858 action=drop

74 ;;; Mosucker
chain=virus protocol=tcp dst-port=16484 action=drop

75 ;;; Stacheldraht
chain=virus protocol=tcp dst-port=16660 action=drop

76 ;;; ICQ Revenge
chain=virus protocol=tcp dst-port=16772 action=drop

77 ;;; SubSeven, Subseven 2.1.4 DefCon 8
chain=virus protocol=tcp dst-port=16959 action=drop

78 ;;; Priority
chain=virus protocol=tcp dst-port=16969 action=drop

79 ;;; Mosaic
chain=virus protocol=tcp dst-port=17166 action=drop

80 ;;; Kuang2 the virus
chain=virus protocol=tcp dst-port=17300 action=drop

81 ;;; Kid Terror
chain=virus protocol=tcp dst-port=17449 action=drop

82 ;;; CrazzyNet
chain=virus protocol=tcp dst-port=17499-17500 action=drop

83 ;;; Infector
chain=virus protocol=tcp dst-port=17569 action=drop

84 ;;; Audiodoor
chain=virus protocol=tcp dst-port=17593 action=drop

85 ;;; Nephron
chain=virus protocol=tcp dst-port=17777 action=drop

86 ;;; Shaft
chain=virus protocol=udp dst-port=18753 action=drop

87 ;;; ICQ Revenge
chain=virus protocol=tcp dst-port=19864 action=drop

88 ;;; Millenium
chain=virus protocol=tcp dst-port=20000 action=drop

89 ;;; Millenium, Millenium Lm
chain=virus protocol=tcp dst-port=20001 action=drop

90 ;;; AcidkoR
chain=virus protocol=tcp dst-port=20002 action=drop

91 ;;; Mosucker
chain=virus protocol=tcp dst-port=20005 action=drop

92 ;;; VP Killer
chain=virus protocol=tcp dst-port=20023 action=drop

93 ;;; NetBus 2.0 Pro, NetBus 2.0 Pro Hidden, NetRex, Whack Job
chain=virus protocol=tcp dst-port=20034 action=drop

94 ;;; Chupacabra
chain=virus protocol=tcp dst-port=20203 action=drop

95 ;;; BLA trojan
chain=virus protocol=tcp dst-port=20331 action=drop

96 ;;; Shaft
chain=virus protocol=tcp dst-port=20432 action=drop

97 ;;; Shaft
chain=virus protocol=udp dst-port=20433 action=drop

98 ;;; GirlFriend, Kid Terror
chain=virus protocol=tcp dst-port=21544 action=drop

99 ;;; Exploiter, Kid Terror, Schwindler, Winsp00fer
chain=virus protocol=tcp dst-port=21554 action=drop

100 ;;; Donald Dick, Prosiak, Ruler, RUX The TIc.K
chain=virus protocol=tcp dst-port=22222 action=drop

101 ;;; NetTrash
chain=virus protocol=tcp dst-port=23005-23006 action=drop

102 ;;; Logged
chain=virus protocol=tcp dst-port=23023 action=drop

103 ;;; Amanda
chain=virus protocol=tcp dst-port=23032 action=drop

104 ;;; Asylum
chain=virus protocol=tcp dst-port=23432 action=drop

105 ;;; Evil FTP, Ugly FTP, Whack Job
chain=virus protocol=tcp dst-port=23456 action=drop

106 ;;; Donald Dick
chain=virus protocol=tcp dst-port=23476 action=drop

107 ;;; Donald Dick
chain=virus protocol=udp dst-port=23476 action=drop

108 ;;; Donald Dick
chain=virus protocol=tcp dst-port=23477 action=drop

109 ;;; InetSpy
chain=virus protocol=tcp dst-port=23777 action=drop

110 ;;; Infector
chain=virus protocol=tcp dst-port=24000 action=drop

111 ;;; Moonpie
chain=virus protocol=tcp dst-port=25685-25982 action=drop

112 ;;; Delta Source
chain=virus protocol=udp dst-port=26274 action=drop

113 ;;; Voice Spy
chain=virus protocol=tcp dst-port=26681 action=drop

114 ;;; Bad Blood, Ramen, Seeker, SubSeven, SubSeven 2.1 Gold, Subseven 2.1.>
fCon 8, SubSeven Muie, Ttfloader
chain=virus protocol=tcp dst-port=27374 action=drop

115 ;;; Trinoo
chain=virus protocol=udp dst-port=27444 action=drop

116 ;;; SubSeven
chain=virus protocol=tcp dst-port=27573 action=drop

117 ;;; Trinoo
chain=virus protocol=tcp dst-port=27665 action=drop

118 ;;; Exploiter
chain=virus protocol=tcp dst-port=28678 action=drop

119 ;;; NetTrojan
chain=virus protocol=tcp dst-port=29104 action=drop

120 ;;; ovasOn
chain=virus protocol=tcp dst-port=29369 action=drop

121 ;;; The Unexplained
chain=virus protocol=tcp dst-port=29891 action=drop

122 ;;; Infector
chain=virus protocol=tcp dst-port=30000 action=drop

123 ;;; ErrOr32
chain=virus protocol=tcp dst-port=30001 action=drop

124 ;;; Lamers Death
chain=virus protocol=tcp dst-port=30003 action=drop

125 ;;; AOL trojan
chain=virus protocol=tcp dst-port=30029 action=drop

126 ;;; NetSphere
chain=virus protocol=tcp dst-port=30100-30133 action=drop

127 ;;; NetSphere
chain=virus protocol=udp dst-port=30103 action=drop

128 ;;; Sockets des Troie
chain=virus protocol=tcp dst-port=30303 action=drop

129 ;;; Intruse
chain=virus protocol=tcp dst-port=30947 action=drop

130 ;;; Kuang2
chain=virus protocol=tcp dst-port=30999 action=drop

131 ;;; Trinoo
chain=virus protocol=tcp dst-port=31335 action=drop

132 ;;; Bo Whack, Butt Funnel
chain=virus protocol=tcp dst-port=31336 action=drop

133 ;;; Back Fire, Back Orifice 1.20 patches, Back Orifice Lm, Back Orifice >
ian, Baron Night, Beeone, BO client, BO Facil, BO spy, BO2, cron crontab, F
reak88, Freak2k, icmp_pipe.c, Sockdmini
chain=virus protocol=tcp dst-port=31337 action=drop

134 ;;; Back Orifice, Deep BO
chain=virus protocol=udp dst-port=31337 action=drop

135 ;;; Back Orifice, Butt Funnel, NetSpy DK
chain=virus protocol=tcp dst-port=31338 action=drop

136 ;;; Deep BO
chain=virus protocol=udp dst-port=31338 action=drop

137 ;;; NetSpy DK
chain=virus protocol=tcp dst-port=31339 action=drop

138 ;;; BOWhack
chain=virus protocol=tcp dst-port=31666 action=drop

139 ;;; Hack a Tack
chain=virus protocol=tcp dst-port=31785-31792 action=drop

140 ;;; Hack a Tack
chain=virus protocol=udp dst-port=31791-31792 action=drop

141 ;;; Donald Dick
chain=virus protocol=tcp dst-port=32001 action=drop

142 ;;; Peanut Brittle, Project nEXT
chain=virus protocol=tcp dst-port=32100 action=drop

143 ;;; Acid Battery
chain=virus protocol=tcp dst-port=32418 action=drop

144 ;;; Trinity
chain=virus protocol=tcp dst-port=33270 action=drop

145 ;;; Blakharaz, Prosiak
chain=virus protocol=tcp dst-port=33333 action=drop

146 ;;; Son of PsychWard
chain=virus protocol=tcp dst-port=33577-33777 action=drop

147 ;;; Spirit 2000, Spirit 2001
chain=virus protocol=tcp dst-port=33911 action=drop

148 ;;; Big Gluck, TN
chain=virus protocol=tcp dst-port=34324 action=drop

149 ;;; Donald Dick
chain=virus protocol=tcp dst-port=34444 action=drop

150 ;;; Trinoo for Windows
chain=virus protocol=udp dst-port=34555-35555 action=drop

151 ;;; Mantis
chain=virus protocol=tcp dst-port=37237 action=drop

152 ;;; Yet Another Trojan YAT
chain=virus protocol=tcp dst-port=37651 action=drop

153 ;;; The Spy
chain=virus protocol=tcp dst-port=40412 action=drop

154 ;;; Agent 40421, Masters Paradise
chain=virus protocol=tcp dst-port=40421 action=drop

155 ;;; Masters Paradise
chain=virus protocol=tcp dst-port=40422-40426 action=drop

156 ;;; Storm
chain=virus protocol=tcp dst-port=41337 action=drop

157 ;;; Remote Boot Tool RBT, Remote Boot Tool RBT
chain=virus protocol=tcp dst-port=41666 action=drop

158 ;;; Prosiak
chain=virus protocol=tcp dst-port=44444 action=drop

159 ;;; Exploiter
chain=virus protocol=tcp dst-port=44575 action=drop

160 ;;; Delta Source
chain=virus protocol=udp dst-port=47262 action=drop

161 ;;; OnLine KeyLogger
chain=virus protocol=tcp dst-port=49301 action=drop

162 ;;; Enterprise
chain=virus protocol=tcp dst-port=50130 action=drop

163 ;;; Sockets des Troie
chain=virus protocol=tcp dst-port=50505 action=drop

164 ;;; Fore, Schwindler
chain=virus protocol=tcp dst-port=50766 action=drop

165 ;;; Cafeini
chain=virus protocol=tcp dst-port=51966 action=drop

166 ;;; Acid Battery 2000
chain=virus protocol=tcp dst-port=52317 action=drop

167 ;;; Remote Windows Shutdown RWS
chain=virus protocol=tcp dst-port=53001 action=drop

168 ;;; allow established
;;; connections
chain=forward connection-state=established action=accept

169 ;;; allow related connections
chain=forward connection-state=related action=accept

170 ;;; drop invalid
;;; connections
chain=forward connection-state=invalid action=drop

171 ;;; Drop Blaster
;;; Worm
chain=virus protocol=tcp dst-port=135-139 action=drop

172 ;;; Drop Messenger
;;; Worm
chain=virus protocol=udp dst-port=135-139 action=drop

173 ;;; Drop Blaster Worm
chain=virus protocol=tcp dst-port=445 action=drop

174 ;;; Drop Blaster Worm
chain=virus protocol=udp dst-port=445 action=drop

175 ;;; ________
chain=virus protocol=tcp dst-port=593 action=drop

176 chain=virus protocol=tcp dst-port=1024-1030 action=drop

177 ;;; Drop MyDoom
chain=virus protocol=tcp dst-port=1080 action=drop

178 ;;; ________
chain=virus protocol=tcp dst-port=1214 action=drop

179 ;;; ndm requester
chain=virus protocol=tcp dst-port=1363 action=drop

180 ;;; ndm server
chain=virus protocol=tcp dst-port=1364 action=drop

181 ;;; screen cast
chain=virus protocol=tcp dst-port=1368 action=drop

182 ;;; hromgrafx
chain=virus protocol=tcp dst-port=1373 action=drop

183 ;;; cichlid
chain=virus protocol=tcp dst-port=1377 action=drop

184 ;;; Worm
chain=virus protocol=tcp dst-port=1433-1434 action=drop

185 ;;; Bagle Virus
chain=virus protocol=tcp dst-port=2745 action=drop

186 ;;; Drop Dumaru.Y
chain=virus protocol=tcp dst-port=2283 action=drop

187 ;;; Drop Beagle
chain=virus protocol=tcp dst-port=2535 action=drop

188 ;;; Drop Beagle.C-K
chain=virus protocol=tcp dst-port=2745 action=drop

189 ;;; Drop
;;; MyDoom
chain=virus protocol=tcp dst-port=3127-3128 action=drop

190 ;;; Drop Backdoor
;;; OptixPro
chain=virus protocol=tcp dst-port=3410 action=drop

191 ;;; Worm
chain=virus protocol=tcp dst-port=4444 action=drop

192 ;;; Worm
chain=virus protocol=udp dst-port=4444 action=drop

193 ;;; Drop Sasser
chain=virus protocol=tcp dst-port=5554 action=drop

194 ;;; Drop Beagle.B
chain=virus protocol=tcp dst-port=8866 action=drop

195 ;;; Drop Dabber.A-B
chain=virus protocol=tcp dst-port=9898 action=drop

196 ;;; Drop Dumaru.Y
chain=virus protocol=tcp dst-port=10000 action=drop

197 ;;; Drop MyDoom.B
chain=virus protocol=tcp dst-port=10080 action=drop

198 ;;; Drop NetBus
chain=virus protocol=tcp dst-port=12345 action=drop

199 ;;; Drop Kuang2
chain=virus protocol=tcp dst-port=17300 action=drop

200 ;;; Drop SubSeven
chain=virus protocol=tcp dst-port=27374 action=drop

201 ;;; Drop PhatBot,
;;; Agobot, Gaobot
chain=virus protocol=tcp dst-port=65506 action=drop

202 X ;;; jump to the virus chain
chain=forward action=jump jump-target=virus

203 ;;; Allow HTTP
chain=forward protocol=tcp dst-port=80 action=accept

204 ;;; Allow SMTP
chain=forward protocol=tcp dst-port=25 action=accept

205 ;;; allow TCP
chain=forward protocol=tcp action=accept

206 ;;; allow ping
chain=forward protocol=icmp action=accept

207 ;;; allow udp
chain=forward protocol=udp action=accept

208 ;;; drop everything else
chain=forward action=drop

209 chain=input protocol=tcp dst-port=22 connection-limit=1,32 action=accept

210 chain=input protocol=tcp dst-port=22 src-address-list=!ssh_logins
action=accept

211 chain=forward src-address=192.168.1.10 protocol=tcp src-port=21
action=accept

212 chain=forward src-address-list=ftp_logins action=drop

213 ;;; Confiker
chain=virus protocol=udp dst-port=135 action=drop

214 ;;; Confiker
chain=virus protocol=udp dst-port=137 action=drop

215 ;;; Confiker
chain=virus protocol=udp dst-port=138 action=drop

216 ;;; Confiker
chain=virus protocol=udp dst-port=445 action=drop

217 ;;; Confiker
chain=virus protocol=tcp dst-port=135 action=drop

218 ;;; Confiker
chain=virus protocol=tcp dst-port=139 action=drop

219 ;;; Confiker
chain=virus protocol=tcp dst-port=5933 action=drop

220 ;;; Confiker
chain=virus protocol=tcp dst-port=445 action=drop

221 ;;; Confiker
chain=virus protocol=tcp dst-port=4691 action=drop

222 ;;; Drop Spammer
chain=virus protocol=tcp dst-port=25 src-address-list=spammer
action=drop

223 ;;; add to spammer list
chain=virus protocol=tcp dst-port=25 connection-limit=30,32 limit=50,5
action=add-src-to-address-list address-list=spammer
address-list-timeout=1d

224 chain=forward in-interface=lokal protocol=udp dst-port=5678 action=drop

225 chain=input in-interface=lokal protocol=udp dst-port=5678 action=drop

School MT

killerorka@gmail.com (Unknown) — Tue, 9 Mar 2010 10:05:00 +0700

system export
# mar/09/2010 10:14:56 by RouterOS 2.9.27
# software id = A07X-4UT
#
/ system logging
add topics=info prefix="" action=memory disabled=no
add topics=error prefix="" action=memory disabled=no
add topics=warning prefix="" action=memory disabled=no
add topics=critical prefix="" action=echo disabled=no
add topics=web-proxy prefix="" action=memory disabled=no
/ system logging action
set memory name="memory" target=memory memory-lines=100 memory-stop-on-full=no
set disk name="disk" target=disk disk-lines=100 disk-stop-on-full=no
set echo name="echo" target=echo remember=yes
set remote name="remote" target=remote remote=0.0.0.0:514
add name="proxy" target=memory memory-lines=100 memory-stop-on-full=no
/ system upgrade mirror
set enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0 \
check-interval=1d user=""
/ system script
add name="spammers" source=":log error \"----------Users detected like \
SPAMMERS -------------\";\n\n:foreach i in \[/ip firewall address-list \
find list=spammer\] do={:set usser \[/ip firewall address-list get \$i \
address\];\n\n:foreach j in=\[/ip hotspot active find address=\$usser\] \
do={:set ip \[/ip hotspot active get \$j user\];\n\n:log error \
\$ip;\n\n:log error \$usser} };" policy=ftp,read,write,policy,test,winbox
add name="proxy-limpacahe" source="/ip web-proxy clear-cache" \
policy=ftp,reboot,read,write,policy,test,winbox,password
add name="proxy-off" source="/ip firewall nat set \[/ip firewall nat find \
comment= proxy \] disable=yes n/ip web-proxy set enabled=no \
policy=ftp,reboot,read,write,policy,test,winbox,password" \
policy=ftp,reboot,read,write,policy,test,winbox,password
add name="proxy-on" source="/ip web-proxy set enabled=yes n/ip firewall nat \
set \[/ip firewall nat find comment= proxy \] disable=no" \
policy=ftp,reboot,read,write,policy,test,winbox,password
/ system clock dst
set dst-delta=+00:00 dst-start="jan/01/1970 00:00:00" dst-end="jan/01/1970 \
00:00:00"
/ system watchdog
set reboot-on-failure=yes watch-address=none watchdog-timer=yes \
no-ping-delay=5m automatic-supout=yes auto-send-supout=no
/ system console
add port=serial0 term="" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
/ system console screen
set line-count=25
/ system identity
set name="SMA 2 Kudus"
/ system note
set show-at-login=yes note=""
/ system scheduler
add name="proxy-off" on-event=Proxy-off start-date=nov/01/2009 \
start-time=12:30:00 interval=1d comment="" disabled=no
add name="proxy-limpacache" on-event=proxy-limpacache start-date=nov/01/2009 \
start-time=12:30:00 interval=1d comment="" disabled=no
add name="proxy-on" on-event=proxy-on start-date=nov/01/2009 \
start-time=12:30:00 interval=1d comment="" disabled=no
add name="spammers" on-event="" start-date=jan/01/2009 start-time=12:30:00 \
interval=1d comment="" disabled=no
/ system gps
set enabled=no set-system-time=yes
/ system lcd
set enabled=no type=24x4 port=parallel contrast=0
/ system lcd page
set time display-time=5s disabled=yes
set resources display-time=5s disabled=yes
set uptime display-time=5s disabled=yes
set packets display-time=5s disabled=yes
set bits display-time=5s disabled=yes
set version display-time=5s disabled=yes
set Internet display-time=5s disabled=yes
set Hotspot display-time=5s disabled=yes
set Lan display-time=5s disabled=yes
/ system ntp server
set enabled=no broadcast=no multicast=no manycast=yes
/ system ntp client
set enabled=no mode=unicast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/ system routerboard bios
set
/ system health
set state-after-reboot=enabled

Script Scheduler Uptime Hotspot

killerorka@gmail.com (Unknown) — Wed, 28 Oct 2009 10:51:00 +0700

Wah pertama sih agak bingung ….soale dulu script ni cman taunya buat scheduler bandwith management eh setelah searching2 dapet deh caranya buat script scheduler selain buat limit bandwith…..caranya yah….

misalkan disini aku mo buat scheduler untuk me refresh counter uptime limit di user hotspot…..jadi critanya user hotspot area di salah satu tempat gua (critanya lokasi areanya buanyak gitu deh)….
itu di uptime limit seharinya itu cman dikasih free charge 1 jam only…..ini buat mengantisipasi yang ngantri ngantri gitu deh……hehehehee….oke langkah pertama ya…

1. Aplikasi hotspot di mikrotik udah berjalan normal….
2. Membuat user di hotspotnya kemudian di set pada limit usernya lebih tepatnya di uptime limit misal 1 jam gitu ya
3. langsung aja setalh selesai diatas kemudian masuk ke system —> script, ada tombol Plus warna merah diklik aja….untuk namanya terserah tapi disini tak tulisi refreshcounter. Di kolom source nya itu ditulis script ketika kita menjalankan nya lewat new terminal, sebagai contoh misal untuk shutdown kita ketik, /system shutdown nah dalam contoh ini kebetulan perintahnya /ip hotspot user reset-counters, ditulis aja di box source lengkap heheheeee….di ok dah

4. langkah terakhir masuk ke system scheduler, ada tombol plus merah seperti diatas diklik aja pada name terserah ditulis aja sebagai tenger,….dalam hal ini aku tak tulisi refresh pagi, nah pada klom on event ditulis name pada script yang kita buat diatas,….kan tadi tak namai refreshcounter jadi ya ditulis itu. nah untuk kolom star date itu tanggal mulainya scheduler dibawahnya ada jam dimulainya scheduler ini trus di kolom interval itu,…..dalam interval berapa script ini bakalan berjalan lagi,…contoh aja misal di kolom waktu kita tulis 06:00:00 berarti jalan pada pukul 6 pagi terus intervalnya ditulis 1d 00:00:00 artinya tiap satu hari sekali pada jam enam schedule untuk menjalankan script akan di exsekusi…gitu deh…..

Source : http://oktobrima.staff.fe.uns.ac.id

FreeBSD 6.2 Proxy Squid server

killerorka@gmail.com (Unknown) — Sun, 25 Oct 2009 23:03:00 +0700

Tulisan ini merupakan hutang dari postingan terdahulu. Sebenarnya langkah-langkah instalasinya hilang dari memory otak. Hanya saja kemaren ingat lagi setelah disodori komputer dengan dual processor P3 733Mhz dan RAM 512Mb plus 1 scsi HDD 18 Gb.
Komputer ini built-up dengan merk HP series Netserver E800

Tak ada hambatan sama sekali saat komputer di set untuk booting awal lewat CD. Langkah biasa saja yaitu masuk ke BIOS dengan pencet tombol F2 dan pilih boot order.
Hanya saja, Netserver ini agak lama untuk boot karena dia harus meload dulu driver scsi-nya dan RAM checker. butuh sekitar 3 menit untuk benar-2 masuk dan boot lewat CD.

Oke..untuk instalasi pilih saja opsi kern-developer karena nantinya kita akan mendownload langsung sourcenya squid dan mengcompilenya dengan berbagai opsi dibawah.

Squid
Squid merupakan web proxy yang sangat populer dan tentunya sangat berkelas dan digunakan di berbagai institusi baik kecil ataupun perusahaan besar dan tentunya ISP di seluruh dunia. Juga personal seperti saya ini tentunya juga boleh pakai
Squid akan meningkatkan kemampuan web browsing dan menghemat bandwidth, juga memiliki Access Control Lists (ACLs) yang sangat kaya yang dapat dikonfigurasi sebagai filter yang powerfull dan juga bisa sebagai firewall.

Squid, saat ini dibangun dari sumbangan para sukarelawan. Tim squid hanya terdiri dari sedikit orang tetapi mereka sangat berbakat dan tentunya juga para developer program yang profesional.

Untuk informasi lebih lanjut sila ikuti URL berikut:

http://www.squid-cache.org/Intro/helping.dyn

Instalasi manual ini menggunakan Squid-2.6.STABLE18. Tetapi tentu saja dapat digunakan untuk versi squid lainnya dan juga tidak hanya untuk FreeBSD karena dapat digunakan untuk keluarga Linux ataupun BSD. Dan dengan sedikit modifikasi bisa dipakai untuk Solaris dengan mengganti ‘make’ menjadi ‘gmake’ dan tentu saja pastikan ‘/usr/sfw/bin’ ada di PATH.

Berikut asumsi yang digunakan di server;

2 cache partisi /cache0 dan /cache1 dengan ukuran masing-masing 6 GB dan dipartisi saat instalasi OS.
User squid dan Group squid telah dibikin di OS
Incoming TCP connections di Port 3128

How-To ini menerangkan bagaimana squid jalan sebagai transparent proxy di di FreeBSD-6.2/Linux untuk melayani ribuan user dan dapat juga dikombinasikan dengan mikrotik tanpa menjalankan web proxy mikrotik. NAT yang dipakai di mikrotik menggunakan DST-NAT dan cukup 2 LAN card disisi mikrotik (1 WAN dan 1 LAN).

Instalasi Squid
Oke kita mulai instalasi squidnya.

(1.) Karena kita mau langsung server FreeBSD yang unduh squidnya maka package ‘wget’ harus ada. Dan tentunya konfigurasi jaringan sudah oke dan telah terhubung ke internet.
cd /usr/ports/ftp/wget < < href="http://simplyeko.com/tag/freebsd">FreeBSD
make install << href="http://simplyeko.com/tag/freebsd">FreeBSD untuk mengunduh wget langsung dari repository FreeBSD

Ketikkan perintah diatas secara berurutan dan tunggu sampai selesai.

(2) Download squid di /usr/local/src

cd /usr/local/src
wget http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE18.tar.gz

(2.) Dekompress squidnya

tar zxvf squid-2.6.STABLE18.tar.gz

(3.) Konfigurasi squid dengan parameter berikut

–bindir=/usr/local/sbin \
–sysconfdir=/usr/local/etc/squid \
–datadir=/usr/local/etc/squid \
–libexecdir=/usr/local/libexec/squid \
–localstatedir=/usr/local/squid \
–enable-removal-policies=heap,lru \
–enable-storeio=diskd,aufs,coss,ufs,null \
–enable-time-hack \
–with-large-files \
–enable-large-cache-files \
–prefix=/usr/local \
–disable-ident-lookups \
–enable-cache-digests \
–enable-underscores \
–enable-kill-parent-hack \
–enable-follow-x-forwarded-for

(4.) Jika semua berjalan dengan baik -tanpa error-, jalankan

make all
make install

(5.) Sekarang kita tune konfigurasi squid.conf sesuai kebutuhan

cd /usr/local/etc/squid
mv squid.conf squid.default.conf

(6.) Gunakan squid.conf berikut

############## Start of squid.conf ###########

cache_effective_user squid
cache_effective_group squid

#hosts_file /etc/hosts

#Only if you have other proxies running and want to use them as sibling peers
#Uncomment them
#cache_peer proxy1.example.com sibling 3128 3130 proxy-only
#cache_peer proxy2.example.com sibling 3128 3130 proxy-only
#cache_peer proxy6.example.com sibling 3128 3130 proxy-only

#Remove 127.0.0.1 if you don’t have a local caching name server
dns_nameservers 127.0.0.1 IP.OF.ISP.DNSSERVER

#debug_options ALL,1 33,2 28,9

acl all src 0.0.0.0/0.0.0.0

#offline_mode off

icp_query_timeout 1000

high_memory_warning 500 MB

#If you have 2 or more different links, use them for load-balancing
#tcp_outgoing_address IP.Address.2nd.Router

visible_hostname proxy.example.com

httpd_suppress_version_string on

cache_mem 64 MB

#cache_replacement_policy heap LFUDA
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF

cache_swap_low 90
cache_swap_high 95

maximum_object_size 131072 KB

########New test — Default is 8
maximum_object_size_in_memory 64 KB

#minimum_object_size 1 KB
#store_avg_object_size 20 KB

tcp_recv_bufsize 65535 bytes

ipcache_size 8192

fqdncache_size 8192

##If this proxy is also your gateway and if you want to block MSN messenger
##Uncomment the ACLs below

#acl msn-type req_mime_type -i ^application/x-msn-messenger$
#acl msn-type req_mime_type -i ^application/x-msnmsgrp2p
#http_access deny msn-type

#acl msnmessenger url_regex -i gateway.dll
#http_access deny msnmessenger
#acl msn req_mime_type -i ^application/x-msn-messenger
#http_access deny all msn

acl msnmess url_regex http://207.46.111.55/gateway/gateway.dll?
deny_info TCP_RESET msnmess
http_access deny msnmess

#forwarded_for on
#request_header_max_size 24 KB
#negative_dns_ttl 1 minutes
#positive_dns_ttl 1 hours
#negative_dns_ttl 60 seconds
#connect_timeout 60 seconds
#request_timeout 60 seconds
#pconn_timeout 30 seconds
high_page_fault_warning 10
high_response_time_warning 2000
client_persistent_connections off
server_persistent_connections on
half_closed_clients off

#If you need the high performace COSS storage scheme
#cache_dir coss /cache1/squid/coss 9216 max-size=131072 max-stripe-waste=16384 block-size=1024
#cache_dir coss /cache2/squid/coss 9216 max-size=131072 max-stripe-waste=16384 block-size=1024

#Diskd storage scehme
cache_dir diskd /cache0 6144 16 256 Q1=72 Q2=64
cache_dir diskd /cache1 6144 16 256 Q1=72 Q2=64

#Used for COSS only
#cache_swap_log /var/squid/%s

log_icp_queries off
cache_store_log none
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log

emulate_httpd_log on

acl spammers dstdomain .maxonlinejob.com .max-online.biz .maxjob.info
deny_info TCP_RESET spammers
http_access deny spammers

ftp_user ftpuser@example.com
cache_mgr squidadmin@example.com

#Block some comme Microsoft bugs
acl msnbug url_regex http://msgr.dlservice.microsoft.com/download/1/A/4/1A4FEB1A-18E0-423A-B898-F697402E4F7F/I nstall_Messenger.exe
deny_info TCP_RESET msnbug
http_access deny msnbug

acl msnbug2 url_regex http://msgr.dlservice.microsoft.com/download/4/b/c/4bc83bb2-18dd-486f-943f-332a9b3e01dc/Install_MSN_Messenger_DL.exe
deny_info TCP_RESET msnbug2
http_access deny msnbug2

#No cache for the following sites
acl newssites dstdomain .cnn.com .bbcnews.com
no_cache deny newssites

refresh_pattern windowsupdate.com/.*\.(cab|exe) 4320 100% 43200 reload-into-ims
refresh_pattern update.microsoft.com/.*\.(cab|exe) 4320 100% 43200 reload-into-ims
refresh_pattern download.microsoft.com/.*\.(cab|exe) 4320 100% 43200 reload-into-ims

#Try to cache some google Earth stuff
acl QUERY urlpath_regex cgi-bin \? intranet
acl forcecache url_regex -i kh.google keyhole.com
no_cache allow forcecache
no_cache deny QUERY

#Don’t cache dynamic content
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

refresh_pattern -i kh.google 1440 20% 10080 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i keyhole.com 1440 20% 10080 override-expire override-lastmod reload-into-ims ignore-reload

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

#Only if you want your Squid box to cache aggressively, not recommended

#refresh_pattern -i \.gif$ 600 50% 10080
#refresh_pattern -i \.jpe?g$ 600 50% 10080
#refresh_pattern -i \.tif?f$ 600 50% 10080
#refresh_pattern -i \.png$ 600 50% 10080
#refresh_pattern -i \.mov$ 600 50% 10080
#refresh_pattern -i \.qt$ 600 50% 10080
#refresh_pattern -i \.avi$ 600 50% 10080
#refresh_pattern -i \.mpe?g$ 600 50% 10080
#refresh_pattern -i \.wav$ 600 50% 10080
#refresh_pattern -i \.au$ 600 50% 10080
#refresh_pattern -i \.aif?f$ 600 50% 10080
#refresh_pattern -i \.ps$ 360 30% 10080
#refresh_pattern -i \.pdf$ 360 30% 10080
#refresh_pattern -i \.gz$ 360 30% 10080
#refresh_pattern -i \.Z$ 360 30% 10080
#refresh_pattern -i \.zip$ 360 30% 10080
#refresh_pattern . 180 50% 10180

#Configure downloading even after aborted requests.
quick_abort_min 0 KB
quick_abort_max 0 KB
#quick_abort_pct 99

negative_dns_ttl 2 minutes

acl mynetwork src 192.168.0.0/24 172.16.0.0/24 10.0.0.0/24

acl nimda urlpath_regex .*/winnt/system32/cmd.exe.* .*/MSADC/root.exe..c.dir$ .*/scripts/root.exe..c.dir$
acl Newvirus urlpath_regex .*/Cgi-bin/!Vip.exe.* .*/LE/isapitest.dll.*
acl BadURL urlpath_regex -i cmd.exe
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563 2082 2083 2086 2087 2093 2095 2096
acl Safe_ports port 80 21 443 563 70 210 8000 11999 2082 2083 2086 2087 2095 2096 8082 8090
acl CONNECT method CONNECT
acl worm dst 63.251.5.47 65.74.168.210
acl worm1 dstdomain kyamzaa.virtualave.net/com.exe
acl worm2 dstdomain kyamazza.virtualave.net/dos.exe

acl VIRUS urlpath_regex winnt/system32/cmd.exe?
acl VIRUS urlpath_regex ^/osa..gif
acl VIRUS urlpath_regex ^/./fils.php
acl VIRUS urlpath_regex ^/./999.jpg
acl VIRUS urlpath_regex ^/w.php
acl YAHOOATTACK urlpath_regex akamai.*yahoo.*config/login
acl INADDR_ANY dst 0.0.0.0/32
acl IpAddrProbeUA browser ^Mozilla/4.0.$compatible;.MSIE.5.5;.Windows.98$$
acl IpAddrProbeURL url_regex //[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/$

acl codered url_regex \/default\.ida$
http_access deny codered

acl gator_url url_regex \.gator.com
acl gator_domain_start dstdomain gator.com
http_access deny gator_url
http_access deny gator_domain_start

acl brazvir url_regex http://www.instituto.com.br/attackDoS.php
http_access deny brazvir

acl worm_url url_regex ^http://www.tradeexit.com/link1.html$
acl worm_url url_regex ^http://www.tradeexit.com/link2.html$
acl worm_url url_regex ^http://www.revistaprofashional.com.br/put?
acl worm_url url_regex ^http://www.putassp.com/put?
http_access deny worm_url

#Block uncessary microsoft updates
acl microsoft_url_1 urlpath_regex msdownload/update/v3-19990518/cabpool
http_access deny microsoft_url_1

###################
##virus
#acl mblock url_regex -i musicindiaonline.com

acl dangurl urlpath_regex -i \.id[aq]\?.{100,} # CodeRED
acl dangurl urlpath_regex -i /readme\.(eml|nws|exe) # NIMDA

#Remove transparent if you don’t want Squid to run transparently
http_port 3128 transparent

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny BadURL
http_access deny nimda
http_access deny Newvirus
deny_info TCP_RESET worm
http_access deny worm
http_access deny worm1
http_access deny worm2
http_access deny Codered
http_access allow mynetwork

http_access deny IpAddrProbeUA IpAddrProbeURL
deny_info TCP_RESET IpAddrProbeURL
acl OriginsThatComplainOfAbuse dstdomain .fencing101.com
http_access deny OriginsThatComplainOfAbuse
deny_info TCP_RESET OriginsThatComplainOfAbuse
acl soedirman dstdomain soedirman.gudangupload.com
http_access deny soedirman
http_access deny VIRUS
http_access deny YAHOOATTACK
http_access deny INADDR_ANY

acl PURGE method PURGE
http_access allow PURGE localhost
http_access deny PURGE

deny_info TCP_RESET all
http_access deny all

icp_access allow mynetwork
icp_access deny all

miss_access allow all

append_domain .example.com

#Always direct allow to yahoo.com and hotmail.com
acl yahoo dstdomain login.yahoo.com
acl yahoo dstdomain mail.yahoo.com
acl hotmail dstdomain hotmail.com
always_direct allow yahoo
always_direct allow hotmail

ie_refresh on
######## End of squid.conf ###############

(6.) Initialize direktory cache-nya

/usr/local/sbin/squid -z

(7.) Jalankan Squid

/usr/local/sbin/squid start

(8.) Pastikan langkah 7 dimasukkan ke /etc/rc.local biar saat boot up FreeBSD langsung menjalankan squidnya.
(9.) Karena ini transparent proxy, maka tak ada yang perlu di set di sisi client. Tinggal belokkan semua request ke port 80 di mikrotik ke port 3128 squid proxy server

Kalau semua berjalan dengan oke, silahkan parameter di squid.conf diutak-atik dengan menambahka delay pool ataupun menghilangkan tanda # di depannya. Jangan lupa untuk menjalankan ‘/usr/local/sbin/squid -k reconfigure’ agar squid menggunakan squid.conf yang baru di update.

Source : http://simplyeko.com

Tutorial Mikrotik Load Balancing

killerorka@gmail.com (Unknown) — Sat, 17 Oct 2009 22:21:00 +0700

Tutorial Mikrotik Load Balancing

Konsep awal :

Di beberapa daerah, model internet seperti ini adalah bentuk yang paling ekonomis dan paling memadai, karena dibeberapa daerah tidak mungkin untuk menggunakan jenis koneksi internet lain, karena cost yang akan di keluarkan untuk biaya operasional akan menjadi sangat besar.

Lalu bagai mana dengan solusinya ? apakah kita bisa menggunakan beberapa line untuk menunjang kehidupan ber-internet ? Bisa, tapi harus di gabung.

Contoh topologi yang tidak di gabung :

Ini adalah contoh topologi yang tidak di gabung. Di perusahaan ini menerapkan 3 koneksi internet, dengan 3 modem yang berbeda, akan tetapi mereka di pecah, seakan2 mereka mempunyai 3 gerbang internet yang berbeda. Dengan topologi seperti ini, load internet tidak akan tergabung.

Model seperti ini kurang ideal untuk disebutkan sebagai load balancing.

Load Balancing
Topologi load balancing :

Dengan topologi seperti diatas, maka terjadi yang namanya Load Balancing. Jadi pada site ini, akan menggunakan 3 koneksi internet (baik itu dari ISP yang sama maupun yg berbeda) dan juga baik itu menggunakan jenis koneksi yg sama maupun yg berbeda (wireless, adsl, dialup).

Dan semua client yang ada di jaringan, akan memiliki satu gateway, dan gateway itu yang akan menentukan packetnya akan lewat ISP yang mana.

Konsep LoadBalancing (di Mikrotik)

1. Paket data masuk dari interface network

2. Paket data akan di berikan tanda pemisah (mangle). MIsalnya di bagi jadi 3 group. :
• paket 1 masuk group 1,
• paket 2 masuk group 2,
• paket 3 masuk group 3,
• paket 4 masuk group 1,
• paket 5 masuk group 2,
• paket 6 masuk group 3,
• dsb

3. Setelah paket di pisahkan, kita atur NATnya
a. group 1, maka akan keluar melalui interface 1,
b. group 2 akan keluar melalui interface 2,
c. group 3 akan keluar melalui interface 3.

4. Begitu juga dengan routingnya.

Konfigurasi Load Balancing
Topologi lengkap :

Preparation
1. Configure modem-modem yg ada dengan IP management seperti yang ada di topologi
• Modem hijau : 192.168.10.2 / 24
• Modem biru : 192.168.20.2 / 24
• Modem merah : 192.168.30.2 / 24
2. Configure PC Workstation yang ada di dalam jaringan dengan IP sebagai berikut :
• IP : 192.168.1.x ( x, dari 2 – 254, karena 1 untuk gateway)
• Netmask : 255.255.255.0
• Gateway : 192.168.1.1

Set IP Address Interface Mikrotik (IP > Address)
3. Konfigurasi IP address mikrotik dengan IP sebagai berikut :
Ether1 : 192.168.1.1 /24
Ether2 : 192.168.10.1/24 (interface ke modem hijau)
Ether3 : 192.168.20.1/24 (interface ke modem biru)
Ether4 : 192.168.30.1/24 (interface ke modem merah)

Note :
Setelah melakukan konfigurasi IP Address pada mikrotik, cek kembali konektifitas antara modem dengan mikrotik.
ping 192.168.10.2
ping 192.168.20.2
ping 192.168.30.2

Mangling (IP > Firewall > Mangle)
Mangle ada proses pemisahan. Pada proses mangle, sebenarnya tidak terjadi perubahan apa-apa pada paket atau data yang akan kita kirimkan, tapi pada proses ini paket hanya di berikan tanda.

Connection Mark
Pertama kita akan lakukan connection mark.
1. General
• Add chain : prerouting
• In Interface : Eth 1 (interface jaringan local)
• Connection State : new

2. Extra - nth
• Nth
a. Every : 3
b. Packet : 1

Note :
Bagian Nth ini yang menentukan apakah paket akan masuk ke group 1, group 2 atau group 3. Untuk 3 line, maka nanti akan di buat 3 rule dengan Nth 31, 32 dan 33.

3. Action
• Action : mark connection
• New Connection mark : conn_1
• Passtrough : yes

Note :
Pada bagian ini kita akan memberi nama koneksi kita. Conn_1 adalah koneksi pertama, Conn_2, untuk koneksi kedua, dan Conn_3 untuk koneksi ke 3.

Note :
Lakukan connection marking ini sebanyak 3 kali, masing2 dengan NTH 31, 32 dan 33, dengan nama Conn_1, Conn_2 dan Conn_3

Route Mark
4. General
• Add chain : prerouting
• In Interface : Eth 1 (interface jaringan local)
• Connection mark : conn_1

5. Action
• Action : mark routing
• New Connection mark : route_1
• Passtrough : no

Note :
Pada bagian ini kita akan memberi nama pada routing kita. route_1 adalah route pertama, route_2, untuk route kedua, dan route_3 untuk routing ke 3.

Note :
Lakukan routing marking ini sebanyak 3 kali, masing2 untuk Conn_1, Conn_2 dan Conn_3, dengan nama route_1, route_2 dan route_3

NAT (IP > Firewall > NAT)

NAT, Network Address Translation, adalah suatu proses perubahan pengalamatan. Ada beberapa jenis NAT, yang akan digunakan pada proses ini adalah src-nat (source nat).

Src-nat adalah perubahan pada bagian source dari suatu paket.

1. General
• Chain : src nat
• In Interface : Eth 1 (interface jaringan local)
• Connection mark : conn_1

2. Action
• Action : src nat
• To address : 192.168.10.1

Note :
Lakukan src-nat ini sebanyak 3 kali dengan rule sebagai berikut :
Conn_1 == > 192.168.10.1
Conn_2 == > 192.168.20.1
Conn_3 == > 192.168.30.1

Routing Policy (IP > Route)
Routing policy adalah bagian pengaturan routing. Pada bagian ini diatur gateway atau jalur keluar untuk setiap group

1. General
• gateway : 192.168.10.2
• Routing mark : route_1

Note :
Lakukan src-nat ini sebanyak 4 kali dengan rule sebagai berikut :
route_1 == > 192.168.10.2
route_2 == > 192.168.20.2
route_3 == > 192.168.30.2
default == > 192.168.10.2

Source : forummikrotik

NAT ( Network Address Translation)

killerorka@gmail.com (Unknown) — Fri, 24 Jul 2009 09:14:00 +0700

Aktivitas

Network Address Translation (NAT) adalah sebuah router yang menggantikan fasilitas sumber dan (atau) alamat IP tujuan dari paket IP karena melewati jalur router. Hal ini paling sering digunakan untuk mengaktifkan beberapa host di jaringan pribadi untuk mengakses internet dengan menggunakan satu alamat IP publik.

Spesifikasi
Paket yang diperlukan: sistem
Lisensi yang diperlukan: level1 (jumlah terbatas pada aturan 1), Level3
Standar dan teknologi: IP, RFC1631, RFC2663
Penggunaan hardware: increase with the count of rules

NAT ada 2 jenis yaitu:
1. Sumber(source) NAT atau srcnat. Jenis NAT dilakukan pada paket yang berasal dari natted jaringan. Router A NAT akan mengganti sumber alamat IP dari sebuah paket dengan alamat IP baru publik karena perjalanan melalui router. A setiap operasi diterapkan ke paket balasan dalam arah lainnya.
2. Tujuan(destination) NAT atau dstnat. Jenis ini dilakukan pada paket yang ditujukan ke natted jaringan. Hal ini umumnya digunakan untuk membuat host di jaringan pribadi untuk dapat diakses dari Internet. router A NAT melakukan dstnat menggantikan alamat IP tujuan dari sebuah paket IP karena perjalanan melalui router terhadap jaringan pribadi.

NAT Drawbacks(menarik mundur)
Host di balik NAT- enabled router tidak benar end-to-end connectivity. Ada beberapa protokol internet mungkin tidak bekerja dengan skenario NAT. Pelayanan yang membutuhkan inisiasi dari koneksi TCP dari dalam atau luar jaringan status protokol seperti UDP, dapat terganggu. Terlebih lagi, beberapa protokol yang tetap bertentangan dengan NAT,

Redirect dan Masquerade
Redirect dan masquerade adalah bentuk khusus tujuan NAT dan sumber NAT, masing-masing. Redirect adalah diutamakan dengan ke tujuan NAT biasa dengan cara yang sama seperti yang masquerade diutamakan ke sumber masquerade NAT adalah bentuk khusus sumber NAT tanpa perlu menentukan ke alamat - alamat keluar antarmuka yang digunakan secara otomatis. Yang sama adalah redirect - ia adalah satu bentuk tujuan NAT ke mana-alamat yang tidak digunakan - masuk antarmuka digunakan sebagai ganti alamat. Perlu diketahui bahwa to-port adalah makna penuh untuk redirect aturan – ini adalah port layanan pada router yag akan menangani permintaannya (contoh:webproxy)

Ketika paketnya adalah dst-natted (tidak perduli - action=nat atau action=redirect), dst alamat berubah. Informasi tentang terjemahan alamat (termasuk alamat asli dst) disimpan dalam tabel router internal. Transparan proxy web bekerja pada router (bila permintaan mendapatkan web redirect ke port proxy pada router) dapat mengakses informasi ini dari table internal dan mendapatkan alamat web server dari alamat IP header (dst karena alamat IP dari paket yang sebelumnya adalah alamat web server telah berubah ke alamat server proxy). Mulai dari HTTP/1.1 ada khusus di header permintaan HTTP yang berisi alamat web server, jadi server proxy dapat menggunakannya, dst, bukan alamat IP paket, jika tidak ada semacam header (HTTP versi lama pada klien), proxy server dapat tidak menentukan alamat web server dan karena itu tidak dapat bekerja.

Ini berarti, adalah mustahil untuk benar transparan reditrect dari lalu lintas HTTP ke beberapa router lainnya box transparan-proxy. Hanya dengan cara yang benar adalah dengan menambahkan transparan proxy di router itu sendiri, dan konfigurasikan agar Anda "real" proxy adalah orang parent-proxy. Dalam situasi ini Anda "real" proxy tidak harus transparan lagi, sebagai proxy pada router akan transparan dan akan meneruskan permintaan proxy-style (menurut standar; permintaan ini mencakup semua informasi yang diperlukan tentang web server) to "real" proxy.

Keterangan Properti
action (accept | add-dst-to-address-list | add-src-to-address-list | dst-nat | jump | log | masquerade |
netmap | passthrough | redirect | return | same | src-nat; default: accept) - untuk melakukan tindakan jika paket sesuai dengan aturan

• accept - menerima paket. Tidak ada tindakan yang diambil, yaitu paket yang lulus dan tidak lagi melalui aturan-aturan yang diterapkan
• add-dst-to-address-list - menambahkan tujuan dari sebuah alamat IP paket ke alamat yang ditentukan daftar oleh daftar alamat-parameter
• add-src-to-address-list - menambahkan sumber alamat IP dari sebuah paket ke alamat yang ditentukan oleh daftar daftar alamat-parameter
• dst-nat - menggantikan alamat tujuan dari sebuah paket ke IP ditentukan oleh nilai-nilai to-address dan parameter ke-port
• jump - melompat ke rantai yang ditentukan oleh nilai yang melompat-sasaran parameter
• log - masing-masing sesuai dengan tindakan ini akan menambah sebuah pesan masuk ke sistem
• masquerade - menggantikan sumber alamat IP secara otomatis ke salah satu paket ditentukan oleh fasilitas routing alamat IP
• netmap - membuat statis 1:1 pemetaan sekumpulan alamat IP yang lain. Sering digunakan untuk mendistribusikan publik host ke alamat IP pribadi pada jaringan
• passthrough - mengabaikan aturan ini pergi ke yang berikutnya atau berlanjut ke rules yg berada dibawahnya
• redirect - tujuan menggantikan alamat IP dari sebuah paket ke salah satu router lokal alamat
• return - melewati kontrol kembali ke tempat dari rantai melompat terjadi
• same - memberikan tertentu klien yang sama sumber / tujuan dari alamat IP yang disediakan untuk berbagai masing-masing sambungan. Hal ini paling sering digunakan untuk layanan yang mengharapkan klien alamat yang sama untuk beberapa sambungan dari klien yang sama
• src-nat - menggantikan sumber alamat IP dari sebuah paket ke ditentukan oleh nilai-nilai ke-alamat dan parameter ke-port

addres-list (name) - menetapkan nama untuk mengumpulkan daftar alamat alamat IP dari aturan yang action = add-dst-to-address-list atau action = add-src-to-address-list tindakan. Daftar alamat inikemudian digunakan untuk paket yang cocok

address-list-timeout (time; standar: 00:00:00) - interval waktu setelah alamat yang akan
dihapus dari daftar alamat-alamat yang ditentukan oleh daftar parameter. Digunakan bersama-sama dengan
tambah-dst-to-address-list-src atau menambahkan ke daftar alamat-tindakan
• 00:00:00 - meninggalkan alamat di daftar alamat selamanya

chain (dstnat | srcnatname) - menentukan rantai untuk meletakkan aturan tertentu ke dalam. Karena lalu lintas yang berbeda dimasukan melalui berbagai rantai, selalu berhati-hati dalam memilih yang tepat untuk rantai baru aturan. Jika input tidak sesuai dengan nama yang sudah ditetapkan rantai, rantai baru akan dibuat
• dstnat - aturan yang ditempatkan di rantai ini diterapkan sebelum routing. Aturan-aturan yang menggantikan tujuan alamat IP paket harus ditempatkan di sana
• srcnat - aturan yang ditempatkan di rantai ini akan diterapkan setelah routing. Aturan-aturan yang menggantikan sumber alamat IP paket harus ditempatkan di sana,

comment (teks) - Berikan komentar untuk memerintah. Komentar dapat digunakan untuk mengidentifikasi bentuk peraturan skrip

connection-byte (integerinteger) - sesuai paket yang diberikan hanya jika jumlah byte telah ditransfer melalui sambungan tertentu
• 0 - berarti infinity, exempli Gratia: sambungan-byte = 2000000-0 berarti jika sesuai aturan
lebih dari 2MB yang ditransfer melalui sambungan relevan

connection-limit (integernetmask) - membatasi jumlah koneksi per alamat atau alamat blok (cocok jika ditentukan jumlah sambungan telah ditetapkan)

connection-mark (name) - sesuai paket ditandai melalui fasilitas ngoyakkan dengan sambungan
menandai

connection-type (ftp | GRE | h323 | irc | mms | PPTP | quake3 | TFTP) - sesuai dari paket-paket yang terkait sambungan berdasarkan informasi dari pelacakan koneksi penolongpun. A relevan sambungan penolong harus diaktifkan di / ip firewall service-port

conten (teks) - teks harus berisi paket agar sesuai dengan aturan

dscp (integer: 0 .. 63) –DSCP (ex-KL) IP kepala bidang nilai

dst-address (alamat IP addressnetmaskIP addressIP) - menentukan rentang alamat IP adalah paket yg diperuntukkan untuk. Perlu diketahui bahwa konsol mengkonversi memasukkan alamat / netmask nilai jaringan ke alamat yang valid,
i.e.: 1.1.1.1/24 dikonvert ke 1.1.1.0/24

dst-address-list (name) - sesuai alamat tujuan dari paket yang ditetapkan pengguna terhadap daftar alamat dst-address-type (unicast | lokal | broadcast | multicast) - sesuai tujuan alamat jenis IP paket, salah satu:
• unicast - alamat IP yang digunakan untuk satu titik ke titik lainnya transmisi. Hanya ada satu
satu pengirim dan penerima dalam hal ini
• local - sesuai alamat yang ditugaskan ke router dari interface
• broadcast - IP paket akan dikirim dari satu titik ke semua titik dalam IP subnetwork
• multicast - jenis alamat IP yang bertanggung jawab untuk transmisi atau lebih dari satu poin ke satu set lainnya

dst-limit (integertimeintegerdst-address | dst-port | src-addresstime) - membatasi paket per detik
(pps) menilai pada tujuan per IP atau per port tujuan dasar. Yang bertentangan dengan batas cocok, setiap alamat IP tujuan / tujuan pelabuhan itu sendiri batas. Pilihannya adalah sebagai berikut (dalam urutan tampilan):
• count - maksimum rata-rata harga paket, diukur dalam paket per detik (pps), kecuali jika diikuti oleh waktu opsi
• time - menentukan interval waktu yang lebih dari paket menilai diukur
• burst - jumlah paket yang cocok dengan yang di burst
• modus - yang penggolong (-s) menilai paket untuk membatasi
• expire - Interval setelah menentukan alamat IP yang direkam / port akan dihapus

dst-port (integer: 0 .. 65535integer: 0 .. 65535) - tujuan nomor port atau range

fragmen (ya | tidak) - apakah paket adalah fragmen dari sebuah paket IP. Memulai paket (i.e., pertama fragmen) tidak dihitung. Catatan yang sambungan pelacakan diaktifkan, tidak akan ada fragmen karena sistem akan secara otomatis assembles setiap paket

hotspot (multiple choice: auth | from-client | http | lokal dst | to-client) - cocok paket diterima
dari klien terhadap berbagai kondisi Hotspot. Semua nilai-nilai dapat negated
• auth - benar, jika paket yang berasal dari authenticted HotSpotclient
• from-client - benar, jika paket yang datang dari klien Hotspot
• http - benar, jika Hotspot klien mengirimkan sebuah paket ke alamat dan port sebelumnya terdeteksi sebagai server proxy (proxy teknik Universal) atau jika tujuan port 80 dan transparan
proxying diaktifkan bagi klien
• local-dst - benar, jika paket memiliki tujuan lokal alamat IP
• to-client - benar, jika paket yang akan dikirim ke klien

ICMP-option (integerinteger) - cocok ICMP Jenis: Kode bidang

in-bridge-port (name) - interface sebenarnya paket telah dimasukkan melalui router (jika Bridged, ini kekayaan sesuai dengan sebenarnya jembatan pelabuhan, sedangkan di-interface jembatan itu sendiri)

in-interface (nama) - antarmuka paket yang telah dimasukkan melalui router (jika antarmuka adalah Bridged, maka akan muncul paket yang akan datang dari jembatan antarmuka sendiri)

ingress-priority (integer: 0 .. 63) - masuk (diterima) prioritas paket, jika diatur (0 lainnya).
Prioritas mungkin berasal dari salah satu atau VLAN WMM prioritas

IPv4-option (any | loose-source-routing | no-record-route | no-router-alert | no-source-routing |
no-timestamp | none | record-route | router-alert | strict-source-routing | timestamp) - match ipv4
header option
• any - paket cocok dengan setidaknya salah satu pilihan IPv4
• loose-source-routing - paket cocok dengan sumber loose routing pilihan. Pilihan ini digunakan untuk rute internet datagram berdasarkan informasi yang diberikan oleh sumber
• no- record-route - tidak cocok dengan paket dengan catatan rute pilihan. Pilihan ini digunakan untuk rute yang internet datagram berdasarkan informasi yang diberikan oleh sumber
• no-router-alert- tidak cocok dengan paket router mengubah pilihan
• no-source-routing - tidak cocok dengan paket sumber routing pilihan
• no- timestamp - tidak cocok dengan paket waktu opsi
• record-route - paket cocok dengan catatan rute pilihan
• router-alert - paket cocok dengan router mengubah pilihan
• strict-source-routing - paket cocok dengan ketat sumber routing pilihan
• timestamp sesuai dengan paket

jump-target (dstnat | srcnatname) - nama target untuk melompat ke rantai, jika action= jump

layer7-protokol (name) - Layer 7 menyaring nama sebagaimana ditetapkan dalam / ip firewall layer7-protokol menu. Perhatian: ini matcher kebutuhan daya tinggi computer

limit (integertimeinteger) - membatasi paket cocok untuk menilai suatu batas. Berguna untuk mengurangi jumlah dari log pesan
• count - maksimum rata-rata harga paket, diukur dalam paket per detik (pps), kecuali jika diikuti oleh waktu opsi
• time - menentukan interval waktu yang lebih dari paket menilai diukur
• burst - jumlah paket yang cocok dengan yang di burst

log-prefix (teks) - semua pesan log akan ditulis ke berisi awalan ditentukan di sini. Digunakan dalam bersama-sama dengan action =log

nth (integerinteger: 0 .. 15integer) - cocok Nth paket tertentu yang diterima oleh aturan. Satu dari 16 counter tersedia dapat digunakan untuk menghitung paket-paket
• every - cocok setiap tanggal 1 setiap paket. Misalnya, jika setiap = 1 maka setiap aturan yang cocok 2. paket
• counter - menentukan yang digunakan. A counter akan menambahkan setiap kali berisi aturan nth cocok cocok
• packet - cocok diberikan pada paket nomor. Nilai dengan jelas alasan harus antara 0
dan setiap. Jika opsi ini digunakan untuk suatu counter, maka harus ada sekurang-kurangnya setiap 1 peraturan dengan opsi ini, yang meliputi semua nilai antara 0 dan setiap inclusively.

out-bridge-port (name) - antarmuka yang sebenarnya adalah paket meninggalkan router melalui (jika Bridged, ini kekayaan sesuai dengan sebenarnya jembatan pelabuhan, sementara out-interface - jembatan itu sendiri)

out-interface (name) - interface adalah paket meninggalkan router melalui (jika antarmuka adalah Bridged, maka paket akan muncul untuk meninggalkan jembatan melalui antarmuka sendiri)

paket-mark (teks) - sesuai paket ditandai melalui fasilitas ngoyakkan dengan paket tandai paket-size (integer: 0 .. 65535integer: 0 .. 65535) - sesuai paket yang ditentukan atau ukuran berbagai ukuran dalam byte
• min - menetapkan batas yang lebih rendah dari berbagai ukuran atau berdasarkan nilai
• max - menetapkan batas atas dari berbagai ukuran

port (port) - jika ada yang cocok (sumber atau tujuan) port ditentukan sesuai dengan daftar port atau port rentang (dicatat bahwa protokol harus masih dapat dipilih, seperti biasa untuk src dan dst-port-port matchers) Protocol (ddp | EGP | encap | ggp | GRE | hmp | ICMP | idrp-cmtp | igmp | ipencap | ipip | ipsec-ah | ipsec-esp | iso-tp4 | ospf | pup | rdp | rspf | st | tcp | udp | vmtp | xns-IDP | xtpinteger) - cocok protokol IP tertentu ditentukan oleh protokol nama atau nomor. Anda harus menetapkan pengaturan ini jika Anda ingin menentukan port

PSD (integertimeintegerinteger) - berupaya untuk mendeteksi dan UDP TCP scans. Hal ini disarankan untuk menetapkan
menurunkan berat ke pelabuhan dengan angka tinggi untuk mengurangi frekuensi palsu positif, seperti dari pasif mode FTP transfer
• WeightThreshold - total berat terbaru TCP / UDP paket dengan tujuan pelabuhan
yang berasal dari host yang sama untuk diperlakukan sebagai port scan urutan
• DelayThreshold - menunda untuk paket dengan tujuan yang berbeda yang datang dari pelabuhan yang sama
tuan rumah harus dirawat sebaik mungkin port scan subsequence
• LowPortWeight - berat yang paket dengan privilege (<= 1024) tujuan pelabuhan • HighPortWeight - berat paket dengan non-priviliged tujuan pelabuhan

random (integer) - sesuai dengan paket yang diberikan secara acak propability

routing-mark (name) - sesuai paket ditandai dengan merusak fasilitas routing mark

same-not-by-dst (yes | no) - untuk menentukan apakah account atau tidak untuk mencapai tujuan IP alamat yang baru ketika memilih sumber alamat IP untuk paket cocok dengan aturan oleh ation= sama

src-address (alamat IP addressnetmaskIP addressIP) - menentukan rentang alamat IP adalah paket berasal dari. Perlu diketahui bahwa konsol mengkonversi memasukkan alamat / netmask nilai yang valid untuk jaringan alamat, yaitu: 1.1.1.1/24 dikonvert ke 1.1.1.0/24

src-address-list (nama) - sesuai alamat sumber dari paket terhadap pengguna ditetapkan daftar alamat

src-address-type (unicast | lokal | broadcast | multicast) - sesuai jenis sumber alamat IP
paket, salah satu:
• unicast - alamat IP yang digunakan untuk satu titik ke titik lainnya transmisi. Hanya ada satu
satu pengirim dan penerima dalam hal ini
• local - sesuai alamat yang ditugaskan ke router dari interface
• broadcast - IP paket akan dikirim dari satu titik ke semua titik dalam IP subnetwork
• multicast - jenis alamat IP yang bertanggung jawab untuk transmisi atau lebih dari satu poin ke satu set lainnya Registred lainnya merek dagang dan merek dagang yang disebutkan di sini adalah properti dari masing-masing pemilik.
• src-mac-address (MAC address) - sumber alamat MAC src-port (integer: 0 .. 65535integer: 0 .. 65535) - Nomor port sumber atau jangkauan
• tcp-MSS (integer: 0 .. 65.535) - TCP MSS sesuai nilai IP paket
• time (timetime sat | Jumat | thu | Rabu | Selasa | Senin | Minggu) - memungkinkan untuk membuat penyaring berdasarkan paket ' tiba waktu dan tanggal, atau untuk paket lokal yang dihasilkan, waktu dan tanggal keberangkatan
• to-address (alamat addressIP; default: 0.0.0.0) - alamat atau kisaran alamat untuk menggantikan asli alamat IP dari sebuah paket dengan
• to-port (integer: 0 .. 65535integer: 0 .. 65535) - port atau jangkauan port untuk menggantikan port asli dengan sebuah IP bersama paket

Copied From : http://forummikrotik.com

Hotspot dan User Manager

killerorka@gmail.com (Unknown) — Tue, 21 Jul 2009 22:00:00 +0700

Langkah-langkah sebagai berikut :

1. rename interface eth :LAN, LOCAL, INT

[admin@46un6-Router] > interface print
Flags: X - disabled, D - dynamic, R - running
# NAME TYPE RX-RATE TX-RATE MTU
0 R lan ether 0 0 1500
1 R int ether 0 0 1500
2 R local ether 0 0 1500
[admin@46un6-Router] >

2. setting ip address ketiga interface

[admin@46un6-Router] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 10.8.8.45/24 10.8.8.0 10.8.8.255 local
1 192.168.10.1/24 192.168.10.0 192.168.10.255 lan
2 202.47.77.24x/28 202.47.77.240 202.47.77.255 int
[admin@46un6-Router] >

3. setting ip route / gateway

[admin@46un6-Router] > ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC G GATEWAY DISTANCE INTERFACE
0 A S 0.0.0.0/0 r 10.8.8.1 1 local
1 A S 0.0.0.0/0 r 202.47.77.24x 1 int
2 ADC 10.8.8.0/24 10.8.8.45 0 local
3 ADC 192.168.10.0/24 192.168.10.1 0 lan
4 ADC 202.47.77.240/28 202.47.77.249 0 int
[admin@46un6-Router] >

4. setting dns

[admin@46un6-Router] > ip dns print
primary-dns: 202.47.78.8
secondary-dns: 202.47.78.9
allow-remote-requests: yes
cache-size: 2048KiB
cache-max-ttl: 1w
cache-used: 21KiB
[admin@46un6-Router] >
5. setting nat / masquerading

[admin@46un6-Router] > ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=masquerade

1 chain=srcnat action=masquerade src-address=192.168.10.0/24

2 ;;; masquerade hotspot network
chain=srcnat action=masquerade src-address=192.168.10.0/24
[admin@46un6-Router] >

6. input address-list nice

7. marking-connection dan marking-routing

[admin@46un6-Router] > ip firewall mangle print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=output action=mark-connection new-connection-mark=mark-local-con passthrough=yes dst-address-list=nice

1 chain=output action=mark-routing new-routing-mark=mark-routing-local passthrough=yes connection-mark=mark-local-con
[admin@46un6-Router] >

8. marking gateway

9. test traceroute situs local dan international

10. setup hotspot system [ACTIVATE HOTSPOT SYSTEM]

11. activate RADIUS pada hotspot server profile [use radius = yes]

12. add Radius
services = hotspot
address = 202.47.77.24x [IP dimana radius / user-manager berada]
secret = 123456 [secret harus sama dengan user-manager]

SETTING USER-MANAGER [PAKET DIANGGAP TERPISAH DARI SISTEM HOTSPOT]
1. install paket user-manager

2. buat account user-manager

[admin@46un6-router] > tool user-manager customer add login=”46un6” password=”pu5k0mx" permissions=owner

3. untuk mengakses user-manager di >> http://202.47.77.24x/userman
username = 46un6
password = pu5k0mx

4. setting router
name = 46un6-router
ip address = 202.47.77.24x [ip address sendiri bisa juga 127.0.0.1]
secret = 123456 [secret ini harus sama dengan router]
OK

5. add user account untuk dapat akses hotspot system dari client
>> account setting lebih lengkap

6. pelajari menu aplikasi user-manager

user-manager juga bisa digunakan untuk login RouterOS

1. konfigurasi user XXX pada sisi routerOS
#/ user xxx set use-radius=yes

2. permission pada default group harus full
#/ user xxx set default-group=full

3. setting ip radius dan secret harus sama dengan user-manager
#/ radius add service=login address=202.47.77.24x secret=123456

4. test login menggunakan account user-manager [radius]

Virus II

killerorka@gmail.com (Unknown) — Thu, 25 Jun 2009 22:31:00 +0700

add chain=virus protocol=tcp action=drop dst-port=6400 comment="The Thing"

add chain=virus protocol=tcp action=drop dst-port=6661 comment="TEMan, Weia-Meia"

add chain=virus protocol=tcp action=drop dst-port=6666 comment="Dark Connection Inside, NetBus worm"

add chain=virus protocol=tcp action=drop dst-port=6667 comment="Dark FTP, ScheduleAgent, SubSeven, Subseven 2.1.4 DefCon 8, Trinity, WinSatan"

add chain=virus protocol=tcp action=drop dst-port=6669 comment="Host Control, Vampire"

add chain=virus protocol=tcp action=drop dst-port=6670 comment="BackWeb Server, Deep Throat, Foreplay, WinNuke eXtreame"

add chain=virus protocol=tcp action=drop dst-port=6711 comment="BackDoor-G, SubSeven, VP Killer"

add chain=virus protocol=tcp action=drop dst-port=6712 comment="Funny trojan, SubSeven"

add chain=virus protocol=tcp action=drop dst-port=6713 comment="SubSeven"

add chain=virus protocol=tcp action=drop dst-port=6723 comment="Mstream"

add chain=virus protocol=tcp action=drop dst-port=6771 comment="Deep Throat, Foreplay"

add chain=virus protocol=tcp action=drop dst-port=6776 comment="2000 Cracks, BackDoor-G, SubSeven, VP Killer"

add chain=virus protocol=udp action=drop dst-port=6838 comment="Mstream"

add chain=virus protocol=tcp action=drop dst-port=6883 comment="Delta Source DarkStar"

add chain=virus protocol=tcp action=drop dst-port=6912 comment="Shit Heep"

add chain=virus protocol=tcp action=drop dst-port=6939 comment="Indoctrination"

add chain=virus protocol=tcp action=drop dst-port=6969-6970 comment="GateCrasher, IRC 3, Net Controller, Priority"

add chain=virus protocol=tcp action=drop dst-port=7000 comment="Exploit Translation Server, Kazimas, Remote Grab, SubSeven, SubSeven 2.1 Gold"

add chain=virus protocol=tcp action=drop dst-port=7001 comment="Freak88, Freak2k"

add chain=virus protocol=tcp action=drop dst-port=7215 comment="SubSeven, SubSeven 2.1 Gold"

add chain=virus protocol=tcp action=drop dst-port=7300-7308 comment="NetMonitor"

add chain=virus protocol=tcp action=drop dst-port=7424 comment="Host Control"

add chain=virus protocol=udp action=drop dst-port=7424 comment="Host Control"

add chain=virus protocol=tcp action=drop dst-port=7597 comment="Qaz"

add chain=virus protocol=tcp action=drop dst-port=7626 comment="Glacier"

add chain=virus protocol=tcp action=drop dst-port=7777 comment="God Message, Tini"

add chain=virus protocol=tcp action=drop dst-port=7789 comment="Back Door Setup, ICKiller"

add chain=virus protocol=tcp action=drop dst-port=7891 comment="The ReVeNgEr"

add chain=virus protocol=tcp action=drop dst-port=7983 comment="Mstream"

add chain=virus protocol=tcp action=drop dst-port=8787 comment="Back Orifice 2000"

add chain=virus protocol=tcp action=drop dst-port=8988 comment="BacHack"

add chain=virus protocol=tcp action=drop dst-port=8989 comment="Rcon, Recon, Xcon"

add chain=virus protocol=tcp action=drop dst-port=9000 comment="Netministrator"

add chain=virus protocol=udp action=drop dst-port=9325 comment="Mstream"

add chain=virus protocol=tcp action=drop dst-port=9400 comment="InCommand"

add chain=virus protocol=tcp action=drop dst-port=9872-9875 comment="Portal of Doom"

add chain=virus protocol=tcp action=drop dst-port=9876 comment="Cyber Attacker, Rux"

add chain=virus protocol=tcp action=drop dst-port=9878 comment="TransScout"

add chain=virus protocol=tcp action=drop dst-port=9989 comment="Ini-Killer"

add chain=virus protocol=tcp action=drop dst-port=9999 comment="The Prayer"

add chain=virus protocol=tcp action=drop dst-port=10000-10005 comment="OpwinTRojan"

add chain=virus protocol=udp action=drop dst-port=10067 comment="Portal of Doom"

add chain=virus protocol=tcp action=drop dst-port=10085-10086 comment="Syphillis"

add chain=virus protocol=tcp action=drop dst-port=10100 comment="Control Total, Gift trojan"

add chain=virus protocol=tcp action=drop dst-port=10101 comment="BrainSpy, Silencer"

add chain=virus protocol=udp action=drop dst-port=10167 comment="Portal of Doom"

add chain=virus protocol=tcp action=drop dst-port=10520 comment="Acid Shivers"

add chain=virus protocol=tcp action=drop dst-port=10528 comment="Host Control"

add chain=virus protocol=tcp action=drop dst-port=10607 comment="Coma"

add chain=virus protocol=udp action=drop dst-port=10666 comment="Ambush"

add chain=virus protocol=tcp action=drop dst-port=11000 comment="Senna Spy Trojan Generator"

add chain=virus protocol=tcp action=drop dst-port=11050-11051 comment="Host Control"

add chain=virus protocol=tcp action=drop dst-port=11223 comment="Progenic trojan, Secret Agent"

add chain=virus protocol=tcp action=drop dst-port=12076 comment="Gjamer"

add chain=virus protocol=tcp action=drop dst-port=12223 comment="Hack´99 KeyLogger"

add chain=virus protocol=tcp action=drop dst-port=12345 comment="Ashley, cron crontab, Fat Bitch trojan, GabanBus, icmp_client.c, icmp_pipe.c, Mypic, NetBus, NetBus Toy, NetBus worm, Pie Bill Gates, Whack Job, X-bill"

add chain=virus protocol=tcp action=drop dst-port=12346 comment="Fat Bitch trojan, GabanBus, NetBus, X-bill"

add chain=virus protocol=tcp action=drop dst-port=12349 comment="BioNet"

add chain=virus protocol=tcp action=drop dst-port=12361-12363 comment="Whack-a-mole"

add chain=virus protocol=udp action=drop dst-port=12623 comment="DUN Control"

add chain=virus protocol=tcp action=drop dst-port=12624 comment="ButtMan"

add chain=virus protocol=tcp action=drop dst-port=12631 comment="Whack Job"

add chain=virus protocol=tcp action=drop dst-port=12754 comment="Mstream"

add chain=virus protocol=tcp action=drop dst-port=13000 comment="Senna Spy Trojan Generator, Senna Spy Trojan Generator"

add chain=virus protocol=tcp action=drop dst-port=13010 comment="Hacker Brasil HBR"

add chain=virus protocol=tcp action=drop dst-port=13013-13014 comment="PsychWard"

add chain=virus protocol=tcp action=drop dst-port=13223 comment="Hack´99 KeyLogger"

add chain=virus protocol=tcp action=drop dst-port=13473 comment="Chupacabra"

add chain=virus protocol=tcp action=drop dst-port=14500-14503 comment="PC Invader"

add chain=virus protocol=tcp action=drop dst-port=15000 comment="NetDemon"

add chain=virus protocol=tcp action=drop dst-port=15092 comment="Host Control"

add chain=virus protocol=tcp action=drop dst-port=15104 comment="Mstream"

add chain=virus protocol=tcp action=drop dst-port=15382 comment="SubZero"

add chain=virus protocol=tcp action=drop dst-port=15858 comment="CDK"

add chain=virus protocol=tcp action=drop dst-port=16484 comment="Mosucker"

add chain=virus protocol=tcp action=drop dst-port=16660 comment="Stacheldraht"

add chain=virus protocol=tcp action=drop dst-port=16772 comment="ICQ Revenge"

add chain=virus protocol=tcp action=drop dst-port=16959 comment="SubSeven, Subseven 2.1.4 DefCon 8"

add chain=virus protocol=tcp action=drop dst-port=16969 comment="Priority"

add chain=virus protocol=tcp action=drop dst-port=17166 comment="Mosaic"

add chain=virus protocol=tcp action=drop dst-port=17300 comment="Kuang2 the virus"

add chain=virus protocol=tcp action=drop dst-port=17449 comment="Kid Terror"

add chain=virus protocol=tcp action=drop dst-port=17499-17500 comment="CrazzyNet"

add chain=virus protocol=tcp action=drop dst-port=17569 comment="Infector"

add chain=virus protocol=tcp action=drop dst-port=17593 comment="Audiodoor"

add chain=virus protocol=tcp action=drop dst-port=17777 comment="Nephron"

add chain=virus protocol=udp action=drop dst-port=18753 comment="Shaft"

add chain=virus protocol=tcp action=drop dst-port=19864 comment="ICQ Revenge"

add chain=virus protocol=tcp action=drop dst-port=20000 comment="Millenium"

add chain=virus protocol=tcp action=drop dst-port=20001 comment="Millenium, Millenium Lm"

add chain=virus protocol=tcp action=drop dst-port=20002 comment="AcidkoR"

add chain=virus protocol=tcp action=drop dst-port=20005 comment="Mosucker"

add chain=virus protocol=tcp action=drop dst-port=20023 comment="VP Killer"

add chain=virus protocol=tcp action=drop dst-port=20034 comment="NetBus 2.0 Pro, NetBus 2.0 Pro Hidden, NetRex, Whack Job"

add chain=virus protocol=tcp action=drop dst-port=20203 comment="Chupacabra"

add chain=virus protocol=tcp action=drop dst-port=20331 comment="BLA trojan"

add chain=virus protocol=tcp action=drop dst-port=20432 comment="Shaft"

add chain=virus protocol=udp action=drop dst-port=20433 comment="Shaft"

add chain=virus protocol=tcp action=drop dst-port=21544 comment="GirlFriend, Kid Terror"

add chain=virus protocol=tcp action=drop dst-port=21554 comment="Exploiter, Kid Terror, Schwindler, Winsp00fer"

add chain=virus protocol=tcp action=drop dst-port=22222 comment="Donald Dick, Prosiak, Ruler, RUX The TIc.K"

add chain=virus protocol=tcp action=drop dst-port=23005-23006 comment="NetTrash"

add chain=virus protocol=tcp action=drop dst-port=23023 comment="Logged"

add chain=virus protocol=tcp action=drop dst-port=23032 comment="Amanda"

add chain=virus protocol=tcp action=drop dst-port=23432 comment="Asylum"

add chain=virus protocol=tcp action=drop dst-port=23456 comment="Evil FTP, Ugly FTP, Whack Job"

add chain=virus protocol=tcp action=drop dst-port=23476 comment="Donald Dick"

add chain=virus protocol=udp action=drop dst-port=23476 comment="Donald Dick"

add chain=virus protocol=tcp action=drop dst-port=23477 comment="Donald Dick"

add chain=virus protocol=tcp action=drop dst-port=23777 comment="InetSpy"

add chain=virus protocol=tcp action=drop dst-port=24000 comment="Infector"

add chain=virus protocol=tcp action=drop dst-port=25685-25982 comment="Moonpie"

add chain=virus protocol=udp action=drop dst-port=26274 comment="Delta Source"

add chain=virus protocol=tcp action=drop dst-port=26681 comment="Voice Spy"

add chain=virus protocol=tcp action=drop dst-port=27374 comment="Bad Blood, Ramen, Seeker, SubSeven, SubSeven 2.1 Gold, Subseven 2.1.4 DefCon 8, SubSeven Muie, Ttfloader"

add chain=virus protocol=udp action=drop dst-port=27444 comment="Trinoo"

add chain=virus protocol=tcp action=drop dst-port=27573 comment="SubSeven"

add chain=virus protocol=tcp action=drop dst-port=27665 comment="Trinoo"

add chain=virus protocol=tcp action=drop dst-port=28678 comment="Exploit"er

add chain=virus protocol=tcp action=drop dst-port=29104 comment="NetTrojan"

add chain=virus protocol=tcp action=drop dst-port=29369 comment="ovasOn"

add chain=virus protocol=tcp action=drop dst-port=29891 comment="The Unexplained"

add chain=virus protocol=tcp action=drop dst-port=30000 comment="Infector"

add chain=virus protocol=tcp action=drop dst-port=30001 comment="ErrOr32"

add chain=virus protocol=tcp action=drop dst-port=30003 comment="Lamers Death"

add chain=virus protocol=tcp action=drop dst-port=30029 comment="AOL trojan"

add chain=virus protocol=tcp action=drop dst-port=30100-30133 comment="NetSphere"

add chain=virus protocol=udp action=drop dst-port=30103 comment="NetSphere"

add chain=virus protocol=tcp action=drop dst-port=30303 comment="Sockets des Troie"

add chain=virus protocol=tcp action=drop dst-port=30947 comment="Intruse"

add chain=virus protocol=tcp action=drop dst-port=30999 comment="Kuang2"

add chain=virus protocol=tcp action=drop dst-port=31335 comment="Trinoo"

add chain=virus protocol=tcp action=drop dst-port=31336 comment="Bo Whack, Butt Funnel"

add chain=virus protocol=tcp action=drop dst-port=31337 comment="Back Fire, Back Orifice 1.20 patches, Back Orifice Lm, Back Orifice russian, Baron Night, Beeone, BO client, BO Facil, BO spy, BO2, cron crontab, Freak88, Freak2k, icmp_pipe.c, Sockdmini"

add chain=virus protocol=udp action=drop dst-port=31337 comment="Back Orifice, Deep BO"

add chain=virus protocol=tcp action=drop dst-port=31338 comment="Back Orifice, Butt Funnel, NetSpy DK"

add chain=virus protocol=udp action=drop dst-port=31338 comment="Deep BO"

add chain=virus protocol=tcp action=drop dst-port=31339 comment="NetSpy DK"

add chain=virus protocol=tcp action=drop dst-port=31666 comment="BOWhack"

add chain=virus protocol=tcp action=drop dst-port=31785-31792 comment="Hack a Tack"

add chain=virus protocol=udp action=drop dst-port=31791-31792 comment="Hack a Tack"

add chain=virus protocol=tcp action=drop dst-port=32001 comment="Donald Dick"

add chain=virus protocol=tcp action=drop dst-port=32100 comment="Peanut Brittle, Project nEXT"

add chain=virus protocol=tcp action=drop dst-port=32418 comment="Acid Battery"

add chain=virus protocol=tcp action=drop dst-port=33270 comment="Trinity"

add chain=virus protocol=tcp action=drop dst-port=33333 comment="Blakharaz, Prosiak"

add chain=virus protocol=tcp action=drop dst-port=33577-33777 comment="Son of PsychWard"

add chain=virus protocol=tcp action=drop dst-port=33911 comment="Spirit 2000, Spirit 2001"

add chain=virus protocol=tcp action=drop dst-port=34324 comment="Big Gluck, TN"

add chain=virus protocol=tcp action=drop dst-port=34444 comment="Donald Dick"

add chain=virus protocol=udp action=drop dst-port=34555-35555 comment="Trinoo for Windows"

add chain=virus protocol=tcp action=drop dst-port=37237 comment="Mantis"

add chain=virus protocol=tcp action=drop dst-port=37651 comment="Yet Another Trojan YAT"

add chain=virus protocol=tcp action=drop dst-port=40412 comment="The Spy"

add chain=virus protocol=tcp action=drop dst-port=40421 comment="Agent 40421, Masters Paradise"

add chain=virus protocol=tcp action=drop dst-port=40422-40426 comment="Masters Paradise"

add chain=virus protocol=tcp action=drop dst-port=41337 comment="Storm"

add chain=virus protocol=tcp action=drop dst-port=41666 comment="Remote Boot Tool RBT, Remote Boot Tool RBT"

add chain=virus protocol=tcp action=drop dst-port=44444 comment="Prosiak"

add chain=virus protocol=tcp action=drop dst-port=44575 comment="Exploiter"

add chain=virus protocol=udp action=drop dst-port=47262 comment="Delta Source"

add chain=virus protocol=tcp action=drop dst-port=49301 comment="OnLine KeyLogger"

add chain=virus protocol=tcp action=drop dst-port=50130 comment="Enterprise"

add chain=virus protocol=tcp action=drop dst-port=50505 comment="Sockets des Troie"

add chain=virus protocol=tcp action=drop dst-port=50766 comment="Fore, Schwindler"

add chain=virus protocol=tcp action=drop dst-port=51966 comment="Cafeini"

add chain=virus protocol=tcp action=drop dst-port=52317 comment="Acid Battery 2000"

add chain=virus protocol=tcp action=drop dst-port=53001 comment="Remote Windows Shutdown RWS"

Virus I

killerorka@gmail.com (Unknown) — Thu, 25 Jun 2009 22:31:00 +0700

/ip firewall filter

add chain=forward protocol=tcp dst-port=25 src-address-list=spammer

action=drop comment="BLOCK SPAMMERS OR INFECTED USERS"

add chain=forward protocol=tcp dst-port=25 connection-limit=30,32 limit=50,5

action=add-src-to-address-list

address-list=spammer address-list-timeout=1d comment="Detect and add-list SMTP

virus or spammers"

/system script

add name="spammers" source=":log error \"----------Users detected like \

SPAMMERS -------------\";

\n:foreach i in \[/ip firewall address-list find \

list=spammer\] do={:set usser \[/ip firewall address-list get \$i \

address\];

\n:foreach j in=\[/ip hotspot active find address=\$usser\] \

do={:set ip \[/ip hotspot active get \$j user\];

\n:log error \$ip;

\n:log \

error \$usser} };" policy=ftp,read,write,policy,test,winbox

yang ini buat virus2

/ip firewall filter

add chain=forward connection-state=established comment="allow established

connections"

add chain=forward connection-state=related comment="allow related connections"

add chain=forward connection-state=invalid action=drop comment="drop invalid

connections"

add chain=virus protocol=tcp dst-port=135-139 action=drop comment="Drop Blaster

Worm"

add chain=virus protocol=udp dst-port=135-139 action=drop comment="Drop Messenger

Worm"

add chain=virus protocol=tcp dst-port=445 action=drop comment="Drop Blaster Worm"

add chain=virus protocol=udp dst-port=445 action=drop comment="Drop Blaster Worm"

add chain=virus protocol=tcp dst-port=593 action=drop comment="________"

add chain=virus protocol=tcp dst-port=1024-1030 action=drop

comment="________"

add chain=virus protocol=tcp dst-port=1080 action=drop comment="Drop MyDoom"

add chain=virus protocol=tcp dst-port=1214 action=drop comment="________"

add chain=virus protocol=tcp dst-port=1363 action=drop comment="ndm requester"

add chain=virus protocol=tcp dst-port=1364 action=drop comment="ndm server"

add chain=virus protocol=tcp dst-port=1368 action=drop comment="screen cast"

add chain=virus protocol=tcp dst-port=1373 action=drop comment="hromgrafx"

add chain=virus protocol=tcp dst-port=1377 action=drop comment="cichlid"

add chain=virus protocol=tcp dst-port=1433-1434 action=drop comment="Worm"

add chain=virus protocol=tcp dst-port=2745 action=drop comment="Bagle Virus"

add chain=virus protocol=tcp dst-port=2283 action=drop comment="Drop Dumaru.Y"

add chain=virus protocol=tcp dst-port=2535 action=drop comment="Drop Beagle"

add chain=virus protocol=tcp dst-port=2745 action=drop comment="Drop Beagle.C-K"

add chain=virus protocol=tcp dst-port=3127-3128 action=drop comment="Drop

MyDoom"

add chain=virus protocol=tcp dst-port=3410 action=drop comment="Drop Backdoor

OptixPro"

add chain=virus protocol=tcp dst-port=4444 action=drop comment="Worm"

add chain=virus protocol=udp dst-port=4444 action=drop comment="Worm"

add chain=virus protocol=tcp dst-port=5554 action=drop comment="Drop Sasser"

add chain=virus protocol=tcp dst-port=8866 action=drop comment="Drop Beagle.B"

add chain=virus protocol=tcp dst-port=9898 action=drop comment="Drop Dabber.A-B"

add chain=virus protocol=tcp dst-port=10000 action=drop comment="Drop Dumaru.Y"

add chain=virus protocol=tcp dst-port=10080 action=drop comment="Drop MyDoom.B"

add chain=virus protocol=tcp dst-port=12345 action=drop comment="Drop NetBus"

add chain=virus protocol=tcp dst-port=17300 action=drop comment="Drop Kuang2"

add chain=virus protocol=tcp dst-port=27374 action=drop comment="Drop SubSeven"

add chain=virus protocol=tcp dst-port=65506 action=drop comment="Drop PhatBot,

Agobot, Gaobot"

add chain=forward action=jump jump-target=virus comment="jump to the virus chain"

add chain=forward action=accept protocol=tcp dst-port=80 comment="Allow HTTP"

add chain=forward action=accept protocol=tcp dst-port=25 comment="Allow SMTP"

add chain=forward protocol=tcp comment="allow TCP"

add chain=forward protocol=icmp comment="allow ping"

add chain=forward protocol=udp comment="allow udp"

add chain=forward action=drop comment="drop everything else"

No Special In Here

killerorka@gmail.com (Unknown) — Thu, 25 Jun 2009 22:29:00 +0700

may/20/2009 08:44:37 by RouterOS 2.9.27

# software id = EM5K-LJN

/ interface ethernet

set "lan on board" name="lan on board" mtu=1500 mac-address=00:1C:F0:EC:11:16 arp=enabled disable-running-check=yes \

auto-negotiation=yes full-duplex=yes cable-settings=default speed=100Mbps comment="" disabled=no

set modem1 name="modem1" mtu=1500 mac-address=00:1C:F0:BC:74:55 arp=enabled disable-running-check=yes \

auto-negotiation=yes full-duplex=yes cable-settings=default speed=100Mbps comment="" disabled=no

set modem2 name="modem2" mtu=1500 mac-address=00:02:44:48:88:29 arp=enabled disable-running-check=yes \

auto-negotiation=yes full-duplex=yes cable-settings=default speed=100Mbps comment="" disabled=no

set lokal name="lokal" mtu=1500 mac-address=00:E0:4D:23:E7:58 arp=enabled disable-running-check=yes \

auto-negotiation=yes full-duplex=yes cable-settings=default speed=100Mbps comment="" disabled=no

/ interface l2tp-server server

set enabled=no max-mtu=1460 max-mru=1460 authentication=pap,chap,mschap1,mschap2 default-profile=default-encryption

/ interface pptp-server server

set enabled=no max-mtu=1460 max-mru=1460 authentication=mschap1,mschap2 keepalive-timeout=30 \

default-profile=default-encryption

/ ip accounting

set enabled=no account-local-traffic=no threshold=256

/ ip accounting web-access

set accessible-via-web=no address=0.0.0.0/0

/ ip service

set telnet port=23 address=0.0.0.0/0 disabled=no

set ftp port=21 address=0.0.0.0/0 disabled=no

set www port=80 address=0.0.0.0/0 disabled=no

set ssh port=22 address=0.0.0.0/0 disabled=no

set www-ssl port=443 address=0.0.0.0/0 certificate=none disabled=yes

/ ip upnp

set enabled=no allow-disable-external-interface=yes show-dummy-rule=yes

/ ip arp

/ ip socks

set enabled=no port=1080 connection-idle-timeout=2m max-connections=200

/ ip dns

set primary-dns=202.134.0.155 secondary-dns=202.134.1.10 allow-remote-requests=yes cache-size=2048KiB \

cache-max-ttl=1w

/ ip traffic-flow

set enabled=no interfaces=all cache-entries=4k active-flow-timeout=30m inactive-flow-timeout=15s

/ ip address

add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=modem1 comment="" disabled=no

add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=modem2 comment="" disabled=no

add address=192.168.3.1/24 network=192.168.3.0 broadcast=192.168.3.255 interface=lokal comment="" disabled=no

/ ip proxy

set enabled=no port=8080 parent-proxy=0.0.0.0:0 maximal-client-connecions=1000 maximal-server-connectons=1000

/ ip proxy access

add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" disabled=no

/ ip neighbor discovery

set "lan on board" discover=yes

set modem1 discover=yes

set modem2 discover=yes

set lokal discover=yes

/ ip route

add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10 routing-mark=satu comment="" disabled=no

add dst-address=0.0.0.0/0 gateway=192.168.2.1 scope=255 target-scope=10 routing-mark=dua comment="" disabled=no

add dst-address=0.0.0.0/0 gateway=192.168.2.1 scope=255 target-scope=10 comment="" disabled=no

/ ip firewall mangle

add chain=prerouting in-interface=lokal connection-state=new nth=1,1,0 action=mark-connection \

new-connection-mark=satu passthrough=yes comment="" disabled=no

add chain=prerouting in-interface=lokal connection-mark=satu action=mark-routing new-routing-mark=satu passthrough=no \

comment="" disabled=no

add chain=prerouting in-interface=lokal connection-state=new nth=1,1,1 action=mark-connection new-connection-mark=dua \

passthrough=yes comment="" disabled=no

add chain=prerouting in-interface=lokal connection-mark=dua action=mark-routing new-routing-mark=dua passthrough=no \

comment="" disabled=no

/ ip firewall nat

add chain=srcnat out-interface=modem1 connection-mark=satu action=src-nat to-addresses=192.168.1.2 to-ports=0-65535 \

comment="" disabled=no

add chain=srcnat out-interface=modem2 connection-mark=dua action=src-nat to-addresses=192.168.2.2 to-ports=0-65535 \

comment="" disabled=no

/ ip firewall connection tracking

set enabled=yes tcp-syn-sent-timeout=2s tcp-syn-received-timeout=2s tcp-established-timeout=1d \

tcp-fin-wait-timeout=5s tcp-close-wait-timeout=5s tcp-last-ack-timeout=5s tcp-time-wait-timeout=5s \

tcp-close-timeout=5s udp-timeout=5s udp-stream-timeout=1m icmp-timeout=5s generic-timeout=5m tcp-syncookie=no

/ ip firewall filter

add chain=virus protocol=udp dst-port=1 action=drop comment="Sockets des Troie" disabled=no

add chain=virus protocol=tcp dst-port=2 action=drop comment="Death" disabled=no

add chain=virus protocol=tcp dst-port=20 action=drop comment="Senna Spy FTP server" disabled=no

add chain=virus protocol=tcp dst-port=21 action=drop comment="Back Construction, Blade Runner, Cattivik FTP Server, \

CC Invader, Dark FTP, Doly Trojan, Fore, Invisible FTP, Juggernaut 42, Larva, MotIv FTP, Net Administrator, \

Ramen, Senna Spy FTP server, The Flu, Traitor 21, WebEx, WinCrash" disabled=no

add chain=virus protocol=tcp dst-port=22 action=drop comment="Shaft" disabled=no

add chain=virus protocol=tcp dst-port=23 action=drop comment="Fire HacKer, Tiny Telnet Server TTS, Truva Atl" \

disabled=no

add chain=virus protocol=tcp dst-port=25 action=drop comment="Ajan, Antigen, Barok, Email Password Sender EPS, EPS \

II, Gip, Gris, Happy99, Hpteam mail, Hybris, I love you, Kuang2, Magic Horse, MBT Mail Bombing Trojan, Moscow \

Email trojan, Naebi, NewApt worm, ProMail trojan, Shtirlitz, Stealth, Tapiras, Terminator, WinPC, WinSpy" \

disabled=no

add chain=virus protocol=tcp dst-port=30 action=drop comment="Agent 40421" disabled=no

add chain=virus protocol=tcp dst-port=31 action=drop comment="Agent 31, Hackers Paradise, Masters Paradise" \

disabled=no

add chain=virus protocol=tcp dst-port=41 action=drop comment="Deep Throat, Foreplay" disabled=no

add chain=virus protocol=tcp dst-port=48 action=drop comment="DRAT" disabled=no

add chain=virus protocol=tcp dst-port=50 action=drop comment="DRAT" disabled=no

add chain=virus protocol=tcp dst-port=58 action=drop comment="DMSetup" disabled=no

add chain=virus protocol=tcp dst-port=59 action=drop comment="DMSetup" disabled=no

add chain=virus protocol=tcp dst-port=79 action=drop comment="CDK, Firehotcker" disabled=no

add chain=virus protocol=tcp dst-port=80 action=drop comment="711 trojan, Seven Eleven, AckCmd, Back End, Back \

Orifice 2000 Plug-Ins, Cafeini, CGI Backdoor, Executor, God Message, God Message Creator, Hooker, IISworm, MTX, \

NCX, Reverse WWW Tunnel Backdoor, RingZero, Seeker, WAN Remote, Web Server CT, WebDownloader" disabled=no

add chain=virus protocol=tcp dst-port=81 action=drop comment="RemoConChubo" disabled=no

add chain=virus protocol=tcp dst-port=99 action=drop comment="Hidden Port, NCX" disabled=no

add chain=virus protocol=tcp dst-port=110 action=drop comment="ProMail trojan" disabled=no

add chain=virus protocol=tcp dst-port=113 action=drop comment="Invisible Identd Deamon, Kazimas" disabled=no

add chain=virus protocol=tcp dst-port=119 action=drop comment="Happy99" disabled=no

add chain=virus protocol=tcp dst-port=121 action=drop comment="Attack Bot, God Message, JammerKillah" disabled=no

add chain=virus protocol=tcp dst-port=123 action=drop comment="Net Controller" disabled=no

add chain=virus protocol=tcp dst-port=133 action=drop comment="Farnaz" disabled=no

add chain=virus protocol=tcp dst-port=135-139 action=drop comment="Blaster worm" disabled=no

add chain=forward protocol=tcp dst-port=25 src-address-list=spammer action=accept comment="" disabled=no

add chain=forward protocol=tcp dst-port=25 connection-limit=30,32 limit=50,5 action=accept comment="" disabled=no

/ ip firewall service-port

set ftp ports=21 disabled=no

set tftp ports=69 disabled=no

set irc ports=6667 disabled=no

set h323 disabled=yes

set quake3 disabled=no

set gre disabled=yes

set pptp disabled=yes

/ ip hotspot service-port

set ftp ports=21 disabled=no

/ ip hotspot profile

set default name="default" hotspot-address=0.0.0.0 dns-name="" html-directory=hotspot rate-limit="" \

http-proxy=0.0.0.0:0 smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d split-user-domain=no \

use-radius=no

/ ip hotspot user profile

set default name="default" idle-timeout=none keepalive-timeout=2m status-autorefresh=1m shared-users=1 \

transparent-proxy=yes open-status-page=always advertise=no

/ ip dhcp-server config

set store-leases-disk=5m

/ ip ipsec proposal

add name="default" auth-algorithms=sha1 enc-algorithms=3des lifetime=30m lifebytes=0 pfs-group=modp1024 disabled=no

/ ip web-proxy

set enabled=no src-address=0.0.0.0 port=3128 hostname="proxy" transparent-proxy=no parent-proxy=0.0.0.0:0 \

cache-administrator="webmaster" max-object-size=4096KiB cache-drive=system max-cache-size=none \

max-ram-cache-size=unlimited

/ ip web-proxy access

add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" disabled=no

/ ip web-proxy cache

add url=":cgi-bin \\?" action=deny comment="don't cache dynamic http pages" disabled=no

/ system logging

add topics=info prefix="" action=memory disabled=no

add topics=error prefix="" action=memory disabled=no

add topics=warning prefix="" action=memory disabled=no

add topics=critical prefix="" action=echo disabled=no

/ system logging action

set memory name="memory" target=memory memory-lines=100 memory-stop-on-full=no

set disk name="disk" target=disk disk-lines=100 disk-stop-on-full=no

set echo name="echo" target=echo remember=yes

set remote name="remote" target=remote remote=0.0.0.0:514

/ system upgrade mirror

set enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0 check-interval=1d user=""

/ system script

add name="spammers" source=":log error \"----------Users detected like SPAMMERS -------------\";\n\n:foreach i in \

\[/ip firewall address-list find list=spammer\] do={:set usser \[/ip firewall address-list get \$i \

address\];\n\n:foreach j in=\[/ip hotspot active find address=\$usser\] do={:set ip \[/ip hotspot active get \$j \

user\];\n\n:log error \$ip;\n\n:log error \$usser} };" policy=ftp,read,write,policy,test,winbox

/ system clock dst

set dst-delta=+00:00 dst-start="jan/01/1970 00:00:00" dst-end="jan/01/1970 00:00:00"

/ system watchdog

set reboot-on-failure=yes watch-address=none watchdog-timer=yes no-ping-delay=5m automatic-supout=yes \

auto-send-supout=no

/ system console

add port=serial0 term="" disabled=no

set FIXME term="linux" disabled=no

/ system console screen

set line-count=25

/ system identity

set name="premiernet"

/ system note

set show-at-login=yes note=""

/ port

set serial0 name="serial0" baud-rate=9600 data-bits=8 parity=none stop-bits=1 flow-control=hardware

/ ppp profile

set default name="default" use-compression=default use-vj-compression=default use-encryption=default only-one=default \

change-tcp-mss=yes comment=""

set default-encryption name="default-encryption" use-compression=default use-vj-compression=default \

use-encryption=yes only-one=default change-tcp-mss=yes comment=""

/ ppp aaa

set use-radius=no accounting=yes interim-update=0s

/ queue type

set default name="default" kind=pfifo pfifo-limit=50

set ethernet-default name="ethernet-default" kind=pfifo pfifo-limit=50

set wireless-default name="wireless-default" kind=sfq sfq-perturb=5 sfq-allot=1514

set synchronous-default name="synchronous-default" kind=red red-limit=60 red-min-threshold=10 red-max-threshold=50 \

red-burst=20 red-avg-packet=1000

set hotspot-default name="hotspot-default" kind=sfq sfq-perturb=5 sfq-allot=1514

add name="default-small" kind=pfifo pfifo-limit=10

/ queue simple

add name="Lokal" dst-address=0.0.0.0/0 interface=all parent=none direction=both priority=8 \

queue=default-small/default-small limit-at=0/0 max-limit=0/0 total-queue=default-small \

time=0s-1d,sun,mon,tue,wed,thu,fri,sat disabled=no

/ user

add name="----" group=write address=0.0.0.0/0 comment="system default user" disabled=no

add name="----" group=full address=0.0.0.0/0 comment="" disabled=no

/ user group

add name="read" policy=local,telnet,ssh,reboot,read,test,winbox,password,web,!ftp,!write,!policy

add name="write" policy=local,telnet,ssh,reboot,read,write,test,winbox,password,web,!ftp,!policy

add name="full" policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web

/ user aaa

set use-radius=no accounting=yes interim-update=0s default-group=read

/ radius incoming

set accept=no port=1700

/ driver

/ snmp

set enabled=no contact="" location=""

/ snmp community

set public name="public" address=0.0.0.0/0 read-access=yes

/ tool bandwidth-server

set enabled=yes authenticate=yes allocate-udp-ports-from=2000 max-sessions=10

/ tool mac-server ping

set enabled=yes

/ tool e-mail

set server=0.0.0.0 from="<>"

/ tool sniffer

set interface=all only-headers=no memory-limit=10 file-name="" file-limit=10 streaming-enabled=no \

streaming-server=0.0.0.0 filter-stream=yes filter-protocol=ip-only filter-address1=0.0.0.0/0:0-65535 \

filter-address2=0.0.0.0/0:0-65535

/ tool graphing

set store-every=5min

/ tool graphing queue

add simple-queue=all allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no

/ tool graphing resource

add allow-address=0.0.0.0/0 store-on-disk=yes disabled=no

/ tool graphing interface

add interface=all allow-address=0.0.0.0/0 store-on-disk=yes disabled=no

/ routing ospf

set router-id=0.0.0.0 distribute-default=never redistribute-connected=no redistribute-static=no redistribute-rip=no \

redistribute-bgp=no metric-default=1 metric-connected=20 metric-static=20 metric-rip=20 metric-bgp=20

/ routing ospf area

set backbone area-id=0.0.0.0 type=default translator-role=translate-candidate authentication=none \

prefix-list-import="" prefix-list-export="" disabled=no

/ routing bgp

set enabled=no as=1 router-id=0.0.0.0 redistribute-static=no redistribute-connected=no redistribute-rip=no \

redistribute-ospf=no

/ routing rip

set redistribute-static=no redistribute-connected=no redistribute-ospf=no redistribute-bgp=no metric-static=1 \

metric-connected=1 metric-ospf=1 metric-bgp=1 update-timer=30s timeout-timer=3m garbage-timer=2m

OpenOffice 3.0

killerorka@gmail.com (Unknown) — Tue, 13 Jan 2009 17:11:00 +0700

OpenOffice 3.0

This free office suite packages an impressive
set of editing tools inside a foolproof interface

Despite the adage “You get what you pay for,” free doesn’t necessarily equal bad, and OpenOffice 3.0 makes the latest case. This open-source productivity suite lets you create and edit documents, presentations, spreadsheets, databases, and drawings, and even reads Microsoft Office 2007 files. If you can deal with its limited (nay, nonexistent) sharing functionality, this suite offers everything a student or road warrior could want.

Installation and Speed

Although OpenOffice is free, you’ll be prompted to make a donation when you download the install file. Downloading the 142MB file to our desktop using an Ethernet connection took 19 minutes and 1 second, and installation took 5 minutes and 54 seconds to install, a rather long wait.

With the previous version of OpenOffice, we were displeased by how slow the Java-based program was in daily use. In our hands-on experience with the current iteration, however, the different components (e.g., Writer, Draw, Impress) took a second to launch on an Intel Centrino 2–powered HP Pavilion dv5t. The program took about a second to open blank documents.

Simple Interface, Made to Customize

OpenOffice has most of the features you’d expect in a desktop office suite, and in contrast to Office 2007’s icon-packed Ribbon interface, which new users often find intimidating, they’re presented here in a foolproof UI. The task-oriented opening screen has icons for creating text documents, presentations, spreadsheets, drawing, formulas, and databases. There are also icons for choosing templates or opening documents that have already been created. In the lower right corner are smaller icons which let us add features and templates from Openoffice.org.

As with Office 2007, you can customize menus. You can choose which icons to display, as well as their order, and even decide which items appear under hierarchical menus, such as File, and rearrange their sequence. This is a level of customization not available in Microsoft Office.

More important, OpenOffice allows you to switch among the document, spreadsheet, and presentation programs within a single interface. Clicking File > New brings up a fly-away menu showing the different documents you can create. So, if you’re in the word processor, you can click New > Spreadsheet, whereas if you were working in Microsoft Word you’d have to launch Excel to begin working on a spreadsheet. Across most of the applications—documents, spreadsheets, presentations, and drawings—users can export their work as PDFs.

Word Processing

For anyone who has ever used Microsoft Office 2003, OpenOffice’s document creation interface is a cinch to master. Blank documents (or spreadsheets or presentations) sit atop a dark gray background. The hierarchical menus—including File, Edit, View, Insert, Format, Table, Tools, Window, and Help—will look familiar, as will the two rows of icons underneath it, representing common functions, such as spell check. When you roll over an icon with your cursor you’ll see a label explaining what it does.

When it comes to formatting text, OpenOffice has more options than its free online counterparts (Google Docs and Acrobat.com), including more text and background colors, and the ability to program macros and insert movies, sound, and objects, such as charts, into the copy. Best of all: it reads Office 2007 files, so if your colleagues send you DOCX files, you can open and edit them in OpenOffice.

Spreadsheets

OpenOffice’s simple two-row kitchen sink of icons is particularly handy with spreadsheets: it highlights the features and shortcuts you’re likely to use most, including sorting in ascending or descending order and adjusting the number of decimal places. Like Excel 2007, the formula bar autocompletes (so, if you type “=a”, Average will appear as a choice).

The one instance in which you might miss Excel is in OpenOffice’s lack of formatting options. For instance, there aren’t as many color or customization options when creating charts, whereas the Microsoft Office Suite, including Excel, offers Quick Style, from which users can apply a plethora of different color themes to charts or a whole document.

Presentations

When you first launch Impress, OpenOffice’s version of PowerPoint, you can either open a template (of which there are few), open an existing document, or walk through an on-screen wizard. This optional wizard, which prompts you to choose backgrounds and slide transitions, can be intimidating to users who don’t know precisely how they want their presentation to look.

A right-hand panel lets you choose master pages, layouts, table designs, custom animations, and slide transitions. At a glance you can select, say, a vertical bar graph with a title on top. As with PowerPoint, users can also insert pictures, movies, and sounds.

Although these features are helpful, OpenOffice doesn’t have any prepackaged templates; just these à la carte one-click edits, as well as a slew of backgrounds. To add templates, you’ll have to go to OpenOffice’s main screen and click the icon to add more templates; you’ll be brought to a Web site, which has more than nine pages worth of apps but only three pages of templates.

Sharing—or Lack Thereof

In an age where Acrobat.com, Google Docs, and Zoho Docs all allow users to collaborate on documents online, OpenOffice’s biggest weakness is that it has too few sharing options. Even Microsoft Office lets users publish their documents directly to blogs and shared workspaces and store presentations and slides in a Slide library.

Just as OpenOffice allows users to download additional templates and features, it requires them to add collaborative functionality through third-party apps (such as 03spaces.com, which is free for individual users). That’s not so bad, but given the trend toward collaboration in productivity software—and given that OpenOffice itself is an open-source project—we wish these tools were baked in.

Verdict

With the exception of online collaboration, a feature OpenOffice doesn’t natively offer, this free productivity suite gets the job done. There’s no doubt that its robust feature package not only matches its pricey competitors, but it also trounces other free options, particularly Web-based services such as Google Apps and Acrobat.com. While business users might want to keep Office as their primary tool for its integration with Exchange Server, OpenOffice will do just fine for students—not to mention road warriors who don’t have a Microsoft Office license to spare.

Download :
http://ftp.nluug.nl/ftp/pub/office/openoffice/stable/3.0.0/OOo_3.0.0_Win32Intel_install_wJRE_en-US.exe

Adobe Photoshop CS4 Portable Edition

killerorka@gmail.com (Unknown) — Wed, 10 Dec 2008 21:22:00 +0700

Adobe Photoshop CS4 Portable Edition
Adobe® Photoshop® CS4 software provides improved access to its unrivaled power through a more intuitive user experience, greater editing freedom, and significant productivity enhancements.

Working with images is now easier
Navigate around images more naturally with fluid canvas rotation and enhanced pan and zoom tools.

DNG raw format is supported
The DNG format helps promote archival confidence, since digital-imaging software solutions will be able to open your raw files more easily in the future.

Adjustments panel
Simplify image adjustment by easily accessing every tool you need to nondestructively adjust and enhance the color and tone of your images; on-image controls and a wide variety of presets are also included in the new live and dynamic Adjustments panel.

Masks panel
Quickly create and edit masks from the new Masks panel. This panel offers all the tools you need to create editable pixel- and vector-based masks, adjust mask density and feathering, easily select noncontiguous objects, and more.

Extended depth of field
Easily create a single image from a series of shots that have different focal points with the enhanced Auto-Blend Layers command, which smoothly blends color and shading and now extends your depth of field, automatically correcting vignettes and lens distortion.

Download :
http://rapidshare.com/files/164202974/PhotoshopCS4Portable.rar

Cossacks: European Wars , The Art of War , Cossacks 2 :Napoleonic Wars , Battle for Europe

killerorka@gmail.com (Unknown) — Thu, 4 Dec 2008 18:40:00 +0700

Cossacks: European Wars Rapidshare Links, The Art of War Rapidshare Links, Cossacks 2 :Napoleonic Wars Rapidshare Links, Battle for Europe Rapidshare Links

Cossacks: European Wars
http://rapidshare.com/files/65321456/European_Wars.part1.rar
http://rapidshare.com/files/65330125/European_Wars.part2.rar

Cossacks: The Art of War
http://rapidshare.com/files/65341490/Art_of_War.part1.rar
http://rapidshare.com/files/65353219/Art_of_War.part2.rar

Cossacks: Back To War
http://rapidshare.com/files/65364286/Back_To_War.part01.rar
http://rapidshare.com/files/65374211/Back_To_War.part02.rar
http://rapidshare.com/files/65383824/Back_To_War.part03.rar
http://rapidshare.com/files/65395803/Back_To_War.part04.rar
http://rapidshare.com/files/65477166/Back_To_War.part05.rar
http://rapidshare.com/files/65482481/Back_To_War.part06.rar
http://rapidshare.com/files/65488532/Back_To_War.part07.rar
http://rapidshare.com/files/65493085/Back_To_War.part08.rar

Cossacks 2: Napoleonic Wars
CD1
http://rapidshare.com/files/65630151/Napoleonic_Wars_CD1.part1.rar
http://rapidshare.com/files/65640862/Napoleonic_Wars_CD1.part2.rar
http://rapidshare.com/files/65705298/Napoleonic_Wars_CD1.part3.rar
http://rapidshare.com/files/65713526/Napoleonic_Wars_CD1.part4.rar
http://rapidshare.com/files/65721362/Napoleonic_Wars_CD1.part5.rar
http://rapidshare.com/files/65732592/Napoleonic_Wars_CD1.part6.rar
http://rapidshare.com/files/65759066/Napoleonic_Wars_CD1.part7.rar
http://rapidshare.com/files/65759974/Napoleonic_Wars_CD1.part8.rar

CD2
http://rapidshare.com/files/65770458/Napoleonic_Wars_CD2.part01.rar
http://rapidshare.com/files/65781438/Napoleonic_Wars_CD2.part02.rar
http://rapidshare.com/files/65792251/Napoleonic_Wars_CD2.part03.rar
http://rapidshare.com/files/65809209/Napoleonic_Wars_CD2.part04.rar
http://rapidshare.com/files/65819330/Napoleonic_Wars_CD2.part05.rar
http://rapidshare.com/files/65833703/Napoleonic_Wars_CD2.part06.rar
http://rapidshare.com/files/65853150/Napoleonic_Wars_CD2.part07.rar
http://rapidshare.com/files/65863655/Napoleonic_Wars_CD2.part08.rar
http://rapidshare.com/files/65898224/Napoleonic_Wars_CD2.part09.rar

Cossacks 2: Battle for Europe
http://rapidshare.com/files/65970596/Battle_for_Europe.part01.rar
http://rapidshare.com/files/65979509/Battle_for_Europe.part02.rar
http://rapidshare.com/files/65990283/Battle_for_Europe.part03.rar
http://rapidshare.com/files/66003092/Battle_for_Europe.part04.rar
http://rapidshare.com/files/66013358/Battle_for_Europe.part05.rar
http://rapidshare.com/files/66023509/Battle_for_Europe.part06.rar
http://rapidshare.com/files/66062572/Battle_for_Europe.part07.rar
http://rapidshare.com/files/66191772/Battle_for_Europe.part08.rar
http://rapidshare.com/files/66202786/Battle_for_Europe.part09.rar
http://rapidshare.com/files/66210506/Battle_for_Europe.part10.rar
http://rapidshare.com/files/66218794/Battle_for_Europe.part11.rar
http://rapidshare.com/files/66227520/Battle_for_Europe.part12.rar
http://rapidshare.com/files/66235762/Battle_for_Europe.part13.rar
http://rapidshare.com/files/66245228/Battle_for_Europe.part14.rar
http://rapidshare.com/files/66297969/Battle_for_Europe.part15.rar
http://rapidshare.com/files/66309200/Battle_for_Europe.part16.rar
http://rapidshare.com/files/66314922/Battle_for_Europe.part17.rar
pass: Qvasta

James Bond 007 Quantum of Solace PcDvD English

killerorka@gmail.com (Unknown) — Thu, 4 Dec 2008 18:34:00 +0700

* OS: Windows XP/Vista
* Processor: Pentium 4 @ 2.4 GHz/AMD Athlon XP 64 2800+/Any Dual Core Processor @ 1.8 GHz
* Memory: 512 MB (1 GB for Vista)
* Video Memory: 128 MB (nVidia GeForce 6600/ATI Radeon 9800 Pro)
* Sound Card: DirectX Compatible
* DirectX: 9.0c or 10
* Keyboard & Mouse
* DVD Rom Drive

Download Links
http://rapidshare.com/files/160646829/jb007qos_killer.2030_www.dl4all.com.part01.rar
http://rapidshare.com/files/160672616/jb007qos_killer.2030_www.dl4all.com.part02.rar
http://rapidshare.com/files/160712817/jb007qos_killer.2030_www.dl4all.com.part03.rar
http://rapidshare.com/files/160730581/jb007qos_killer.2030_www.dl4all.com.part04.rar
http://rapidshare.com/files/160746486/jb007qos_killer.2030_www.dl4all.com.part05.rar
http://rapidshare.com/files/160759639/jb007qos_killer.2030_www.dl4all.com.part06.rar
http://rapidshare.com/files/160770273/jb007qos_killer.2030_www.dl4all.com.part07.rar
http://rapidshare.com/files/160779727/jb007qos_killer.2030_www.dl4all.com.part08.rar
http://rapidshare.com/files/160789191/jb007qos_killer.2030_www.dl4all.com.part09.rar
http://rapidshare.com/files/160801233/jb007qos_killer.2030_www.dl4all.com.part10.rar
http://rapidshare.com/files/160814081/jb007qos_killer.2030_www.dl4all.com.part11.rar
http://rapidshare.com/files/160829548/jb007qos_killer.2030_www.dl4all.com.part12.rar
http://rapidshare.com/files/160868438/jb007qos_killer.2030_www.dl4all.com.part13.rar
http://rapidshare.com/files/160900122/jb007qos_killer.2030_www.dl4all.com.part14.rar
http://rapidshare.com/files/160938239/jb007qos_killer.2030_www.dl4all.com.part15.rar
http://rapidshare.com/files/160966618/jb007qos_killer.2030_www.dl4all.com.part16.rar
http://rapidshare.com/files/161016961/jb007qos_killer.2030_www.dl4all.com.part17.rar
http://rapidshare.com/files/161048670/jb007qos_killer.2030_www.dl4all.com.part18.rar
http://rapidshare.com/files/161065173/jb007qos_killer.2030_www.dl4all.com.part19.rar
http://rapidshare.com/files/161077030/jb007qos_killer.2030_www.dl4all.com.part20.rar
http://rapidshare.com/files/161088172/jb007qos_killer.2030_www.dl4all.com.part21.rar
http://rapidshare.com/files/161097816/jb007qos_killer.2030_www.dl4all.com.part22.rar
http://rapidshare.com/files/161107813/jb007qos_killer.2030_www.dl4all.com.part23.rar
http://rapidshare.com/files/161119218/jb007qos_killer.2030_www.dl4all.com.part24.rar
http://rapidshare.com/files/161132092/jb007qos_killer.2030_www.dl4all.com.part25.rar
http://rapidshare.com/files/161147698/jb007qos_killer.2030_www.dl4all.com.part26.rar
http://rapidshare.com/files/161175662/jb007qos_killer.2030_www.dl4all.com.part27.rar
http://rapidshare.com/files/161215491/jb007qos_killer.2030_www.dl4all.com.part28.rar
http://rapidshare.com/files/161333147/jb007qos_killer.2030_www.dl4all.com.part29.rar
http://rapidshare.com/files/161354494/jb007qos_killer.2030_www.dl4all.com.part30.rar
http://rapidshare.com/files/161384833/jb007qos_killer.2030_www.dl4all.com.part31.rar
http://rapidshare.com/files/161399973/jb007qos_killer.2030_www.dl4all.com.part32.rar
http://rapidshare.com/files/161412320/jb007qos_killer.2030_www.dl4all.com.part33.rar
http://rapidshare.com/files/161422346/jb007qos_killer.2030_www.dl4all.com.part34.rar
http://rapidshare.com/files/161435067/jb007qos_killer.2030_www.dl4all.com.part35.rar
http://rapidshare.com/files/161450670/jb007qos_killer.2030_www.dl4all.com.part36.rar
http://rapidshare.com/files/161490798/jb007qos_killer.2030_www.dl4all.com.part37.rar
http://rapidshare.com/files/161524064/jb007qos_killer.2030_www.dl4all.com.part38.rar
No Password

Adobe Photoshop Elements v7.0

killerorka@gmail.com (Unknown) — Thu, 4 Dec 2008 16:10:00 +0700

Adobe Photoshop Elements is the consumer version of the Adobe Photoshop raster image editing product, sold at a fraction (roughly 1/6th) of the cost of the professional product or bundled with related hardware such as scanners and digital cameras. It contains most of the features of the professional version but with fewer and simpler options. The program allows users to create, edit, organize and share images, all from the same product.

Originally introduced alongside Photoshop version 7, Photoshop Elements targets photography enthusiasts and thus lacks many features that make it useful in a proper print production environment. For example, Photoshop Elements cannot export files in the CMYK color mode, supports a simplified color management system, and excludes detailed soft-proofing. It also either eliminates completely or offers simplified versions of some of the more powerful plug-ins, along with a number of features aimed at non-experts (such as removing the red-eye effect or changing the skin tone in a picture). An example of a redesigned feature would be the Variations correction dialog. Some versions can, however, open, edit, and save PDFs.

Download Links
http://rapidshare.com/files/153314022/Elements7.part1.rar
http://rapidshare.com/files/153314312/Elements7.part2.rar
http://rapidshare.com/files/153314093/Elements7.part3.rar
http://rapidshare.com/files/153314407/Elements7.part4.rar
http://rapidshare.com/files/153313952/Elements7.part5.rar
or
http://www.megaupload.com/?d=BHZ2MSPF
http://www.megaupload.com/?d=29V1NGTV
http://www.megaupload.com/?d=QH0L508L
http://www.megaupload.com/?d=BBJR9GDB
http://www.megaupload.com/?d=AWL13H35

Vistapack 2.6 | 20MB

killerorka@gmail.com (Unknown) — Thu, 27 Nov 2008 23:39:00 +0700

"Vistapack 2.6 | 20MB"

This application gives your 2000/XP operating system the cool look of Microsoft Windows Vista
Vistapack takes the file from the host, backs it up, modifies a sample and puts the modified file back in the system.

This ensures that you are using the latest files so no need for alerts like "Now I am using an old file, what if it's updated by Microsoft? Then I will be open for attack...". Nope, no need to worry. You keep the updated file.

This pack uses ResHacker to change bitmaps, icons and some dialogs in order to make it look more like Vista.

It's rather safe in my opinion, but of course there are some risks when you modify system files. This is at your own risk!!!

But no need to worry, there are few bugs that cause your pc not to boot or something. Personally i did not had that happening here. Of course, when you don't like it, you can uninstall the pack like any other software.

What's New in This Release:

· Changed the bootscreen, yet again...
· Changed the vistasounds to the louder scheme.
· Finally added the force reloader back in the pack this also makes it possible to update the pack without the user uninstalling the old version.
· Again tweaked the dialogs in the shell32...
· Added an error message when errors are detected on the patch and reload functions.
· Fixed the drive icons not reverting back to the original on uninstall of the Vdrive.
· Changed the wallpaper, now a ultimate like one.

Download: (Size: 20,0 MB)

http://anonymz.com/?http://rapidshare.com/files/163750468/Vistapack-XP_www.softarchive.net.zip

Portable Tuneup Utilities 2009 RC1 Multi-Langs

killerorka@gmail.com (Unknown) — Fri, 21 Nov 2008 19:14:00 +0700

Portable Tuneup Utilities 2009 RC1 Multi-Langs | 15 Mb

Improve your system's performance, thoroughly clean up your hard drives, solve your PC problems with a few clicks, and customize windows to your personal requirements. All in one program, simple and intuitive - TuneUp Utilities 2009.

10 fundamental reasons for using TuneUp Utilities 2009:
* Powerful hard drive defragmentation
* Optimum start-up, Internet, and Windows acceleration
* Quick and extensive clean-up for hard drives
* Effective elimination of junk data
* Fully-automatic clean-up and improvement of your PC
* Extensive clean-up of the registry
* Effective help in solving standard Windows problems
* Secure data recovery and data elimination
* Simple custom Windows configuration
* Individual Windows styling

Download :
Link1
Link2

Need For Speed Undercover - RELOADED

killerorka@gmail.com (Unknown) — Fri, 21 Nov 2008 18:34:00 +0700

Download :
http://rapidshare.com/files/165345850/Lrld-nfuc.part01.rar
http://rapidshare.com/files/165344680/Lrld-nfuc.part02.rar
http://rapidshare.com/files/165347058/Lrld-nfuc.part03.rar
http://rapidshare.com/files/165348418/Lrld-nfuc.part04.rar
http://rapidshare.com/files/165349901/Lrld-nfuc.part05.rar
http://rapidshare.com/files/165356519/Lrld-nfuc.part06.rar
http://rapidshare.com/files/165357493/Lrld-nfuc.part07.rar
http://rapidshare.com/files/165358738/Lrld-nfuc.part08.rar
http://rapidshare.com/files/165359593/Lrld-nfuc.part09.rar
http://rapidshare.com/files/165360761/Lrld-nfuc.part10.rar
http://rapidshare.com/files/165351428/Lrld-nfuc.part11.rar
http://rapidshare.com/files/165352378/Lrld-nfuc.part12.rar
http://rapidshare.com/files/165353384/Lrld-nfuc.part13.rar
http://rapidshare.com/files/165354484/Lrld-nfuc.part14.rar
http://rapidshare.com/files/165355598/Lrld-nfuc.part15.rar
http://rapidshare.com/files/165368754/Lrld-nfuc.part16.rar
http://rapidshare.com/files/165369943/Lrld-nfuc.part17.rar
http://rapidshare.com/files/165370697/Lrld-nfuc.part18.rar
http://rapidshare.com/files/165361473/Lrld-nfuc.part19.rar
http://rapidshare.com/files/165362431/Lrld-nfuc.part20.rar
http://rapidshare.com/files/165363368/Lrld-nfuc.part21.rar
http://rapidshare.com/files/165364435/Lrld-nfuc.part22.rar
http://rapidshare.com/files/165365756/Lrld-nfuc.part23.rar
http://rapidshare.com/files/165366953/Lrld-nfuc.part24.rar
http://rapidshare.com/files/165368013/Lrld-nfuc.part25.rar
http://rapidshare.com/files/165374739/Lrld-nfuc.part26.rar
http://rapidshare.com/files/165375489/Lrld-nfuc.part27.rar
http://rapidshare.com/files/165371702/Lrld-nfuc.part28.rar
http://rapidshare.com/files/165372563/Lrld-nfuc.part29.rar
http://rapidshare.com/files/165373562/Lrld-nfuc.part30.rar
http://rapidshare.com/files/165401587/Lrld-nfuc.part31.rar
http://rapidshare.com/files/165410834/Lrld-nfuc.part32.rar
http://rapidshare.com/files/165653129/Lrld-nfuc.part33.rar
http://rapidshare.com/files/165433166/Lrld-nfuc.part34.rar
http://rapidshare.com/files/165650578/Lrld-nfuc.part35.rar
http://rapidshare.com/files/165650995/Lrld-nfuc.part36.rar
http://rapidshare.com/files/165651446/Lrld-nfuc.part37.rar
http://rapidshare.com/files/165651852/Lrld-nfuc.part38.rar
http://rapidshare.com/files/165652308/Lrld-nfuc.part39.rar
http://rapidshare.com/files/165652717/Lrld-nfuc.part40.rar
http://rapidshare.com/files/165653531/Lrld-nfuc.part41.rar
http://rapidshare.com/files/165654006/Lrld-nfuc.part42.rar
http://rapidshare.com/files/165654450/Lrld-nfuc.part43.rar
http://rapidshare.com/files/165654903/Lrld-nfuc.part44.rar
http://rapidshare.com/files/165655358/Lrld-nfuc.part45.rar
http://rapidshare.com/files/165655796/Lrld-nfuc.part46.rar
http://rapidshare.com/files/165656222/Lrld-nfuc.part47.rar
http://rapidshare.com/files/165656621/Lrld-nfuc.part48.rar
http://rapidshare.com/files/165657050/Lrld-nfuc.part49.rar
http://rapidshare.com/files/165657448/Lrld-nfuc.part50.rar
http://rapidshare.com/files/165657852/Lrld-nfuc.part51.rar
http://rapidshare.com/files/165658305/Lrld-nfuc.part52.rar
http://rapidshare.com/files/165658792/Lrld-nfuc.part53.rar
http://rapidshare.com/files/165659401/Lrld-nfuc.part54.rar
http://rapidshare.com/files/165659853/Lrld-nfuc.part55.rar
http://rapidshare.com/files/165660291/Lrld-nfuc.part56.rar

Pass : www.rslinks.org

Corel Painter X v10.046 Full

killerorka@gmail.com (Unknown) — Thu, 20 Nov 2008 17:37:00 +0700

Setting the standard for digital painting and illustration software, painter X introduces new composition tools, unparalleled performance and a new RealBristle™ Painting System that model traditionla brusheslike never before — right down to the individual bristles on the brush.

• Choose from more than 30 brush categories, including Crayons, Chalk, Charcoal, Acrylics, Watercolor and the new RealBristle
• Make on-the-fly changes to brush settings and variables
• Control the texture of your canvas to achieve realistic results
• Create animated movies and save them as animated GIFs, QuickTime® movies or AVI files

Download :

http://rapidshare.com/files/165537932/CorelPainterX.rar

http://w18.easy-share.com/1702491855.html

TuneUp Utilities 2009 full cracked

killerorka@gmail.com (Unknown) — Thu, 20 Nov 2008 17:16:00 +0700

Professional assistance for your Windows PC

Improve your system’s performance, thoroughly clean up your hard drives, solve your PC problems with a few clicks, and customize windows to your personal requirements. All in one program, simple and intuitive - TuneUp Utilities 2008.

10 fundamental reasons for using TuneUp Utilities 2008

Powerful hard drive defragmentation
Optimum start-up, Internet, and Windows acceleration
Quick and extensive clean-up for hard drives
Effective elimination of junk data
Fully-automatic clean-up and improvement of your PC
Extensive clean-up of the registry
Effective help in solving standard Windows problems
Secure data re and data elimination
Simple custom Windows configuration
Individual Windows styling

Installation
At the registration screen, enter any name, any organization then enter the serial provided
The software is german so improvise if you dont understand

Rapidshare Link:

http://rs522.rapidshare.com/files/165795153/TuneUp.Utilities.2009-EN_rif-attack.rar

Dragon hunters 2008 DvDRip Xvid

killerorka@gmail.com (Unknown) — Fri, 7 Nov 2008 17:39:00 +0700

Download:
Dragon hunters 2008 DvDRip Xvid | Rapidshare

http://rapidshare.com/files/146398781/dragon.hunters-tnan.part1.rar
http://rapidshare.com/files/146417917/dragon.hunters-tnan.part2.rar
http://rapidshare.com/files/146430941/dragon.hunters-tnan.part3.rar
http://rapidshare.com/files/146439473/dragon.hunters-tnan.part4.rar
http://rapidshare.com/files/146441840/dragon.hunters-tnan.part5.rar
http://rapidshare.com/files/146447632/dragon.hunters-tnan.part6.rar
http://rapidshare.com/files/146454002/dragon.hunters-tnan.part7.rar
http://rapidshare.com/files/146458350/dragon.hunters-tnan.part8.rar

The Eye 2008 DvDrip by aXXo

killerorka@gmail.com (Unknown) — Fri, 7 Nov 2008 17:37:00 +0700

The Eye 2008 DvDrip by aXXo | Rapidshare

http://www.imdb.com/title/tt0406759/

Download:

http://rapidshare.com/files/152284363/Th3_3Y3.part1.rar
http://rapidshare.com/files/152290839/Th3_3Y3.part2.rar
http://rapidshare.com/files/152297675/Th3_3Y3.part3.rar
http://rapidshare.com/files/152304538/Th3_3Y3.part4.rar
http://rapidshare.com/files/152311500/Th3_3Y3.part5.rar
http://rapidshare.com/files/152318642/Th3_3Y3.part6.rar
http://rapidshare.com/files/152325391/Th3_3Y3.part7.rar

Wicked Lake 2008 DVDRip XviD

killerorka@gmail.com (Unknown) — Fri, 7 Nov 2008 17:35:00 +0700

Wicked Lake 2008 DVDRip XviD | Rapidshare

http://www.imdb.com/title/tt0907681/

Download: