1. Home
  2. No Label
  3. LOAD BALANCING + PROXY UBUNTU "Poker & Poinblank No Ip Ilegal Lagi"

LOAD BALANCING + PROXY UBUNTU "Poker & Poinblank No Ip Ilegal Lagi"

4/29/2014
Tutorial ini saya buat untuk menjawab byk pertanyaan tentang cara menggabungkan 2 line Speedy dgn Proxy Ekternal sekaligus solusi agar game online terutama Poker dan Poinblank tidak di deteksi sebagai ip ilegal lagi.

BAHAN-BAHAN :
- RB750 VER 4.9
- 2 Line Speedy Paket Office
- Ubuntu Versi 10.10

SISI MIKROTIK :
   /ip adrress
  - 192.168.1.1/24  interface modem-1
  - 192.168.2.1/24  interface modem-2
  - 192.168.3.1/24 interface proxy
  - 192.168.4.1/24 interface lan
 
catatan : - Dial lewat mikrotik dgn modem sbg brigde
              - IP Mesin Ubuntu 192.168.3.1

URUTAN SETTINGAN DI MIKROTIK :

1. Address List
/ip firewall address-list
add address=192.168.4.0/24 comment="" disabled=no list=lanNET
add address=192.168.3.0/24 comment="" disabled=no list=proxyNET
2. Membuat Proxy Hit
/ip firewall mangle
add action=mark-packet chain=forward comment=proxy-hit disabled=no dscp=12 \
    new-packet-mark=Hit passthrough=no
add action=mark-connection chain=forward comment="" disabled=no \
    dst-address-list=lanNET new-connection-mark=Hit passthrough=yes protocol=\
    tcp src-address-list=proxyNET
add action=mark-packet chain=forward comment="" connection-mark=Hit disabled=\
    no new-packet-mark=Hit passthrough=no
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
    max-limit=0 name=HIT packet-mark=Hit parent=global-out priority=1 \
    queue=default
3. Scaner IP PB & FB
/ip firewall mangle
add action=mark-connection chain=prerouting comment="POKER + POINT BLANK" \
    disabled=no dst-address-list="Poker + PB" dst-port=49100 \
    new-connection-mark="Trafik PB + POKER" passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no \
    dst-address-list="Poker + PB" dst-port=40000-40010 new-connection-mark=\
    "Trafik PB + POKER" passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="" disabled=no \
    dst-address-list="Poker + PB" dst-port=39190 new-connection-mark=\
    "Trafik PB + POKER" passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no \
    dst-address-list="Poker + PB" dst-port=9339 new-connection-mark=\
    "Trafik PB + POKER" passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no \
    dst-address-list="Poker + PB" dst-port=843 new-connection-mark=\
    "Trafik PB + POKER" passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" connection-mark=\
    "Trafik PB + POKER" disabled=no new-packet-mark="PB + Poker" passthrough=\
    yes
add action=mark-routing chain=prerouting comment=\
    "ROUTING POKER + POINT BLANK" connection-mark="Trafik PB + POKER" \
    disabled=no dst-address-list="Poker + PB" in-interface=lan \
    new-routing-mark="Poker + PB" passthrough=no src-address=192.168.4.0/24
add action=add-dst-to-address-list address-list="Poker + PB" \
    address-list-timeout=0s chain=forward comment=\
    "SCANNER POKER + POINT BLANK" disabled=no dst-port=40000-40010 protocol=\
    udp
add action=add-dst-to-address-list address-list="Poker + PB" \
    address-list-timeout=0s chain=forward comment="" disabled=no dst-port=\
    39100 protocol=tcp
add action=add-dst-to-address-list address-list="Poker + PB" \
    address-list-timeout=0s chain=forward comment="" disabled=no dst-port=\
    39110 protocol=tcp
add action=add-dst-to-address-list address-list="Poker + PB" \
    address-list-timeout=0s chain=forward comment="" disabled=no dst-port=\
    39220 protocol=tcp
add action=add-dst-to-address-list address-list="Poker + PB" \
    address-list-timeout=0s chain=forward comment="" disabled=no dst-port=\
    39190 protocol=tcp
add action=add-dst-to-address-list address-list="Poker + PB" \
    address-list-timeout=0s chain=forward comment="" disabled=no dst-port=\
    49100 protocol=tcp
add action=add-dst-to-address-list address-list="Poker + PB" \
    address-list-timeout=0s chain=forward comment="" disabled=no dst-port=843 \
    protocol=tcp
add action=add-dst-to-address-list address-list="Poker + PB" \
    address-list-timeout=0s chain=forward comment="" disabled=no dst-port=\
    9339 protocol=tcp

4. Mangle ( Untuk PB & FB tdk di loadbalancing)
/ip firewall mangle
add action=mark-connection chain=input comment=mark_all_ppoe_conn \
    connection-state=new disabled=no in-interface=pppoe_1 \
    new-connection-mark=pppoe1_conn passthrough=yes
add action=mark-connection chain=input comment="" connection-state=new \
    disabled=no in-interface=pppoe_2 new-connection-mark=pppoe2_conn \
    passthrough=yes
add action=mark-connection chain=prerouting comment="" connection-state=\
    established disabled=no in-interface=pppoe_1 new-connection-mark=\
    pppoe1_conn passthrough=yes
add action=mark-connection chain=prerouting comment="" connection-state=\
    established disabled=no in-interface=pppoe_2 new-connection-mark=\
    pppoe2_conn passthrough=yes
add action=mark-connection chain=prerouting comment="" connection-state=\
    related disabled=no in-interface=pppoe_1 new-connection-mark=pppoe1_conn \
    passthrough=yes
add action=mark-connection chain=prerouting comment="" connection-state=\
    related disabled=no in-interface=pppoe_2 new-connection-mark=pppoe2_conn \
    passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=pppoe1_conn \
    disabled=no new-routing-mark=pppoe_1 passthrough=no
add action=mark-routing chain=output comment="" connection-mark=pppoe2_conn \
    disabled=no new-routing-mark=pppoe_2 passthrough=no
add action=mark-connection chain=prerouting comment=mark_http_conn \
    connection-state=new disabled=no dst-address-list="!Poker + PB" \
    dst-address-type=!local dst-port=80 in-interface=proxy \
    new-connection-mark=http_pppoe_1 passthrough=yes \
    per-connection-classifier=both-addresses-and-ports:2/0 protocol=tcp
add action=mark-connection chain=prerouting comment="" connection-state=new \
    disabled=no dst-address-list="!Poker + PB" dst-address-type=!local \
    dst-port=80 in-interface=proxy new-connection-mark=http_pppoe_2 \
    passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 \
    protocol=tcp
add action=mark-connection chain=prerouting comment="" connection-state=\
    established disabled=no dst-address-list="!Poker + PB" dst-address-type=\
    !local dst-port=80 in-interface=proxy new-connection-mark=http_pppoe_1 \
    passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0 \
    protocol=tcp
add action=mark-connection chain=prerouting comment="" connection-state=\
    established disabled=no dst-address-list="!Poker + PB" dst-address-type=\
    !local dst-port=80 in-interface=proxy new-connection-mark=http_pppoe_2 \
    passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 \
    protocol=tcp
add action=mark-connection chain=prerouting comment="" connection-state=\
    related disabled=no dst-address-list="Poker + PB" dst-address-type=!local \
    dst-port=80 in-interface=proxy new-connection-mark=http_pppoe_1 \
    passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0 \
    protocol=tcp
add action=mark-connection chain=prerouting comment="" connection-state=\
    related disabled=no dst-address-list="!Poker + PB" dst-address-type=\
    !local dst-port=80 in-interface=proxy new-connection-mark=http_pppoe_2 \
    passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 \
    protocol=tcp
add action=mark-connection chain=prerouting comment=mark_non_http_conn \
    connection-state=new disabled=no dst-address-list="!Poker + PB" \
    dst-address-type=!local dst-port=!80 in-interface=lan \
    new-connection-mark=non.http_pppoe_1 passthrough=yes \
    per-connection-classifier=both-addresses-and-ports:2/0 protocol=tcp
add action=mark-connection chain=prerouting comment="" connection-state=new \
    disabled=no dst-address-list="!Poker + PB" dst-address-type=!local \
    dst-port=!80 in-interface=lan new-connection-mark=non.http_pppoe_2 \
    passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 \
    protocol=tcp
add action=mark-connection chain=prerouting comment="" connection-state=\
    established disabled=no dst-address-list="!Poker + PB" dst-address-type=\
    !local dst-port=!80 in-interface=lan new-connection-mark=non.http_pppoe_1 \
    passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0 \
    protocol=tcp
add action=mark-connection chain=prerouting comment="" connection-state=\
    established disabled=no dst-address-list="!Poker + PB" dst-address-type=\
    !local dst-port=!80 in-interface=lan new-connection-mark=non.http_pppoe_2 \
    passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 \
    protocol=tcp
add action=mark-connection chain=prerouting comment="" connection-state=\
    related disabled=no dst-address-list="!Poker + PB" dst-address-type=\
    !local dst-port=!80 in-interface=lan new-connection-mark=non.http_pppoe_1 \
    passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0 \
    protocol=tcp
add action=mark-connection chain=prerouting comment="" connection-state=\
    related disabled=no dst-address-list="!Poker + PB" dst-address-type=\
    !local dst-port=!80 in-interface=lan new-connection-mark=non.http_pppoe_2 \
    passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 \
    protocol=tcp
add action=mark-connection chain=prerouting comment="" connection-state=new \
    disabled=no dst-address-list="!Poker + PB" dst-address-type=!local \
    in-interface=lan new-connection-mark=non.http_pppoe_1 passthrough=yes \
    per-connection-classifier=both-addresses-and-ports:2/0 protocol=udp
add action=mark-connection chain=prerouting comment="" connection-state=new \
    disabled=no dst-address-list="!Poker + PB" dst-address-type=!local \
    in-interface=lan new-connection-mark=non.http_pppoe_2 passthrough=yes \
    per-connection-classifier=both-addresses-and-ports:2/1 protocol=udp
add action=mark-connection chain=prerouting comment="" connection-state=\
    established disabled=no dst-address-list="!Poker + PB" dst-address-type=\
    !local in-interface=lan new-connection-mark=non.http_pppoe_1 passthrough=\
    yes per-connection-classifier=both-addresses-and-ports:2/0 protocol=udp
add action=mark-connection chain=prerouting comment="" connection-state=\
    established disabled=no dst-address-list="!Poker + PB" dst-address-type=\
    !local in-interface=lan new-connection-mark=non.http_pppoe_2 passthrough=\
    yes per-connection-classifier=both-addresses-and-ports:2/1 protocol=udp
add action=mark-connection chain=prerouting comment="" connection-state=\
    related disabled=no dst-address-list="!Poker + PB" dst-address-type=\
    !local in-interface=lan new-connection-mark=non.http_pppoe_1 passthrough=\
    yes per-connection-classifier=both-addresses-and-ports:2/0 protocol=udp
add action=mark-connection chain=prerouting comment="" connection-state=\
    related disabled=no dst-address-list="!Poker + PB" dst-address-type=\
    !local in-interface=lan new-connection-mark=non.http_pppoe_2 passthrough=\
    yes per-connection-classifier=both-addresses-and-ports:2/1 protocol=udp
add action=mark-routing chain=prerouting comment=mark_http_route \
    connection-mark=http_pppoe_1 disabled=no new-routing-mark=pppoe_1 \
    passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=\
    http_pppoe_2 disabled=no new-routing-mark=pppoe_2 passthrough=yes
add action=mark-routing chain=prerouting comment=mark_non_http_route \
    connection-mark=non.http_pppoe_1 disabled=no new-routing-mark=pppoe_1 \
    passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=\
    non.http_pppoe_2 disabled=no new-routing-mark=pppoe_2 passthrough=yes

5. NAT
/ip firewall nat
add action=masquerade chain=srcnat comment=MASQUERADE1 disabled=no \
    out-interface=pppoe_1
add action=masquerade chain=srcnat comment=MASQUERADE2 disabled=no \
    out-interface=pppoe_2
add action=masquerade chain=srcnat comment=MASQUERADE3 disabled=no \
    out-interface=proxy
add action=dst-nat chain=dstnat comment=TRANSPARENT-DNS disabled=no dst-port=\
    53 in-interface=lan protocol=udp to-ports=53
add action=dst-nat chain=dstnat comment="" disabled=no dst-port=53 \
    in-interface=lan protocol=tcp to-ports=53
add action=dst-nat chain=dstnat comment="" disabled=no dst-port=53 \
    in-interface=proxy protocol=udp to-ports=53
add action=dst-nat chain=dstnat comment="" disabled=no dst-port=53 \
    in-interface=proxy protocol=tcp to-ports=53
add action=dst-nat chain=dstnat comment=TRANSPARENT-proxy disabled=no \
    dst-address-list=!proxyNET dst-port=80,8080,3128 in-interface=lan \
    protocol=tcp to-addresses=192.168.3.100 to-ports=3128
add action=dst-nat chain=dstnat comment="REMOTE PROXY" disabled=no \
    dst-address=125.165.40.xyz dst-port=22 protocol=tcp to-addresses=\
    192.168.3.100 to-ports=22
6. Route
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    pppoe_1 routing-mark=pppoe_1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    pppoe_2 routing-mark=pppoe_2 scope=30 target-scope=10
add check-gateway=ping comment=Default-Route-pppoe1-Distance-1 disabled=no \
    distance=1 dst-address=0.0.0.0/0 gateway=pppoe_1 scope=30 target-scope=10
add check-gateway=ping comment=Default-Route-pppoe2-Distance-2 disabled=no \
    distance=2 dst-address=0.0.0.0/0 gateway=pppoe_2 scope=30 target-scope=10

Comments

Langganan: Posting Komentar ( Atom )