Created
August 17, 2021 14:33
-
-
Save zdienos/7ca656be7d93aba5ac79ef88b9fd7e40 to your computer and use it in GitHub Desktop.
limit bandwidth otomatis mikrotik
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ---------- AGAR TIDAK BINGUNG BUKA - EDIT DENGAN APLIKASI NOTEPAD++ ---------- ; | |
# ---------- Silahkan ganti sesuai dengan kondisi mikrotik dan jatah speed WAN ---------- ; | |
# ---------- Copy script dan jalankan dengan run scheduler ---------- ; | |
:local BridgeName "bridge-vlan" ; #IP Firewall Mangle Interface - Interface yang akan dilimit contoh Port2, Port3, Bridge1, Bridge2,... ; | |
:local ServerName "server-VLAN" ; #IP DHCP Server Leasess Server - Nama DHCP Server yang digunakan, untuk mencari perangkat yang aktif ; | |
:local IdentiName "vlan-200" ; #Nama sebagai Identitas pada Queuess Tree : Digunakan untuk hapus otomatis dan pembeda jika script lebih dari 1; | |
:local LimitParentDownload "30M" ; #Batas Maksimal Limit Download untuk parent global ; | |
:local LimitParentUpload "30M" ; #Batas Maksimal Limit Upload untuk parent global ; | |
:local LimitDownloadMAC "10M" ; #Batas Maksimal Limit Download untuk satu PC - Queues Parent ; | |
:local LimitUploadMAC "10M" ; #Batas Maksimal Limit Upload untuk satu PC - Queues Parent ; | |
:local LimitDownloadHP "15M" ; #Batas Maksimal Limit Download untuk grup HP Smartphone ; | |
:local LimitUploadHP "10M" ; #Batas Maksimal Limit Upload untuk grup HP Smartphone ; | |
:local LimitDownload "5M" ; #Batas Maksimal Limit Download untuk satu HP Smartphone ; | |
:local LimitUpload "3M" ; #Batas Maksimal Limit Upload untuk satu HP Smartphone ; | |
:local LimitPort "yes" ; #Isi YES jika ada port yang dilewatkan queue tree, isi NO jika tidak ada ; | |
:local LimitMaxPort "30M" ; #Batas Maksimal Limit Upload Download port yang dilewatkan ; | |
:local ulPort "8291,8080,21" ; #Port yang dilewatkan ex 8000,8080,8291,... - port cctv, port local lainnya ; | |
:local LimitPPP "yes" ; #Isi YES jika ada PPP yang dilewatkan queue tree, isi NO jika tidak ada ; | |
:local LimitMaxPPP "8M" ; #Batas Maksimal Limit Upload Download PPP yang dilewatkan ; | |
:local servicePPP "pptp|l2tp" ; #Pilih service dengan tanda pemisah | , ex pptp|l2tp ; | |
#MAC khusus yang tidak ingin dibatasi, gunakan tanda | untuk pemisah, ex. xx:xx:xx:xx:xx:xx|xx:xx:xx:xx:xx:xx ; | |
:local unLimitMac "A4:D9:90:46:77:FF|E4:8D:8C:FB:17:EC"; | |
#Parameter pencarian pada IP DHCP Server Leases Active host name - filter smartphone, pc, dll.. gunakan tanda | untuk pemisah, ex. android|nokia; | |
:local ParameterName "android|MAC|acer|asus|hp|Redmi|vivo|OPPO|Galaxy|MiPhone|TL-WA901ND|realme|samsung|iPhone|air|HUAWEI|^\$" ; | |
#-----------------------------------------------------------------------------------------------------------------------------------------------------------; | |
#------------------------------------------------------------- Batas Edit - Modifikasi ---------------------------------------------------------------------; | |
#Hapus address-list, mangle, queue tree berdasarkan identitas ; | |
ip firewall address-list remove [find list~"$IdentiName"] ; | |
ip firewall address-list remove [find list~"$IdentiName - Unlimited"] ; | |
ip firewall mangle remove [find comment~"$IdentiName"] ; | |
queue tree remove [find comment~"$IdentiName"] ; | |
queue tree remove [find comment~"$HP-IdentiName"] ; | |
#Membuat Parent queue tree upload dan download ; | |
:if [/queue tree find comment~"parent"] do={ } else={ | |
queue tree add max-limit="$LimitParentUpload" name="Upload" parent="global" priority=3 queue=default comment="parent" ; | |
queue tree add max-limit="$LimitParentDownload" name="Download" parent="global" priority=2 queue=default comment="parent" ; | |
} | |
#Membuat limit khusus port yang akan dilewatkan ; | |
:if ($LimitPort find $LimitPort~"YES|yes|Yes") do={ | |
#Firewall mangle lewati port yang ditentukan ; | |
ip firewall mangle add action="mark-connection" chain="prerouting" comment="Unlimited Port - CONN - $ulPort - $IdentiName" new-connection-mark="conn-Unlimited-Port" passthrough="yes" protocol="tcp" src-port="$ulPort" ; | |
ip firewall mangle add action="mark-connection" chain="postrouting" comment="Unlimited Port - CONN - $ulPort - $IdentiName" new-connection-mark="conn-Unlimited-Port" passthrough="yes" protocol="tcp" dst-port="$ulPort" ; | |
ip firewall mangle add action="mark-packet" chain="prerouting" comment="Unlimited Port - PKT - $ulPort - $IdentiName" connection-mark="conn-Unlimited-Port" new-packet-mark="pkt-Unlimited-port" passthrough="no" ; | |
ip firewall mangle add action="mark-packet" chain="postrouting" comment="Unlimited Port - PKT - $ulPort - $IdentiName" connection-mark="conn-Unlimited-Port" new-packet-mark="pkt-Unlimited-port" passthrough="no" ; | |
# membuat limit queue tree; | |
queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=32k max-limit="$LimitMaxPort" name="Auto Unlimited Port - $IdentiName" packet-mark="pkt-Unlimited-port" parent="global" priority=1 queue=default comment="$IdentiName ::: Unlimited Port $ulPort" ; | |
} | |
#Membuat limit khusus PPP ; | |
:if ($LimitPPP find $LimitPPP~"YES|yes|Yes") do={ | |
:foreach p in=[/ppp active find service~"$servicePPP"] do={ | |
:local hostpppIP value=[/ppp active get $p value-name=address] ; | |
:local hostpppHP value=[/ppp active get $p value-name=name] ; | |
#untuk membuat address list; | |
ip firewall address-list add address=$hostpppIP disabled=no list="PPP-$IdentiName" comment="$IdentiName ::PPP:: $hostpppHP" ; | |
#untuk membuat firewall mangle; | |
ip firewall mangle add chain=prerouting comment="$IdentiName ::U-PPP:: $hostpppHP" protocol=!icmp src-address="$hostpppIP" action=mark-packet new-packet-mark="U_$hostpppIP" passthrough=no ; | |
ip firewall mangle add chain=postrouting comment="$IdentiName ::D-PPP:: $hostpppHP" protocol=!icmp dst-address="$hostpppIP" action=mark-packet new-packet-mark="D_$hostpppIP" passthrough=no ; | |
#untuk membuat queue tree; | |
queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=32k max-limit=$LimitMaxPPP name="U_PPP_$hostpppIP - $servicePPP ::: $hostpppHP" packet-mark="U_$hostpppIP" parent="Upload" priority=8 queue=default comment="$IdentiName ::: $hostpppHP" ; | |
queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=128k max-limit=$LimitMaxPPP name="D_PPP_$hostpppIP - $servicePPP ::: $hostpppHP" packet-mark="D_$hostpppIP" parent="Download" priority=8 queue=default comment="$IdentiName ::: $hostpppHP" ; | |
} | |
} | |
#Membuat limit untuk MAC yang dilewatkan, pc, dan perangkat smartphone ; | |
:foreach i in=[/ip dhcp-server lease find status~"bound" and server~"$ServerName"] do={ | |
:local hostIP value=[/ip dhcp-server lease get $i value-name=address] ; | |
:local hostHP value=[/ip dhcp-server lease get $i value-name=host-name] ; | |
:local unLimit value=[/ip dhcp-server lease get $i value-name=mac-address] ; | |
:local Komentar value=[/ip dhcp-server lease get $i value-name=comment] ; | |
#----------------------- Script untuk MAC yang di unlimited ----------------------- ; | |
:if ($unLimit find $unLimit~"$unLimitMac") do={ | |
#untuk membuat address list; | |
ip firewall address-list add address=$hostIP disabled=no list="$IdentiName-Unlimited" comment="$IdentiName ::D:: $hostHP - Unlimited" ; | |
#untuk membuat firewall mangle; | |
ip firewall mangle add chain=prerouting comment="$IdentiName - Unlimited ::U:: $hostHP" in-interface=$BridgeName protocol=!icmp src-address="$hostIP" action=mark-packet new-packet-mark="U_$hostIP" passthrough=no ; | |
ip firewall mangle add chain=postrouting comment="$IdentiName - Unlimited ::D:: $hostHP" out-interface=$BridgeName protocol=!icmp dst-address="$hostIP" action=mark-packet new-packet-mark="D_$hostIP" passthrough=no ; | |
#untuk membuat queue tree; | |
queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=32k max-limit=$LimitParentUpload name="U_MAC - Unlimited-$hostIP-$IdentiName" packet-mark="U_$hostIP" parent="Upload" priority=8 queue=default comment="$IdentiName ::: $hostHP ::: $Komentar - Unlimited" ; | |
queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=128k max-limit=$LimitParentDownload name="D_MAC - Unlimited-$hostIP-$IdentiName" packet-mark="D_$hostIP" parent="Download" priority=8 queue=default comment="$IdentiName ::: $hostHP ::: $Komentar - Unlimited" ; | |
} else { | |
:if ($hostHP find $hostHP~"$ParameterName") do={ | |
#------------- Script untuk limit smartphone android dan kawan-kawannya ------------- ; | |
#Membuat group khusus untuk smartphone ; | |
:if [/queue tree find comment~"HP-$IdentiName"] do={ } else={ | |
queue tree add max-limit="$LimitUploadHP" name="Upload-MAC-$IdentiName" parent=Upload priority=2 queue=default comment="HP-$IdentiName" ; | |
queue tree add max-limit="$LimitDownloadHP" name="Download-MAC-$IdentiName" parent=Download priority=1 queue=default comment="HP-$IdentiName" ; | |
} | |
#untuk membuat address list; | |
ip firewall address-list add address=$hostIP disabled=no list="HP-$IdentiName" comment="$IdentiName ::D:: $hostHP" ; | |
#untuk membuat firewall mangle; | |
ip firewall mangle add chain=prerouting comment="$IdentiName ::U:: $hostHP" in-interface=$BridgeName protocol=!icmp src-address="$hostIP" action=mark-packet new-packet-mark="Uhs_$hostIP" passthrough=no ; | |
ip firewall mangle add chain=postrouting comment="$IdentiName ::D:: $hostHP" out-interface=$BridgeName protocol=!icmp dst-address="$hostIP" action=mark-packet new-packet-mark="Dhs_$hostIP" passthrough=no ; | |
#untuk membuat queue tree; | |
queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=32k max-limit=$LimitUpload name="Udhs_HP_$hostIP" packet-mark="Uhs_$hostIP" parent="Upload-MAC-$IdentiName" priority=8 queue=default comment="$IdentiName ::: $hostHP ::: $Komentar" ; | |
queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=128k max-limit=$LimitDownload name="Dhs_HP_$hostIP" packet-mark="Dhs_$hostIP" parent="Download-MAC-$IdentiName" priority=8 queue=default comment="$IdentiName ::: $hostHP ::: $Komentar" ; | |
} else { | |
#------------- Script untuk limit perangkat kecuali smartphone android dan kawan-kawannya ------------- ; | |
#untuk membuat address list; | |
ip firewall address-list add address=$hostIP disabled=no list="$IdentiName" comment="$IdentiName ::D:: $hostHP"; | |
#untuk membuat firewall mangle; | |
ip firewall mangle add chain=prerouting comment="$IdentiName ::U:: $hostHP" in-interface=$BridgeName protocol=!icmp src-address="$hostIP" action=mark-packet new-packet-mark="U_$hostIP" passthrough=no ; | |
ip firewall mangle add chain=postrouting comment="$IdentiName ::D:: $hostHP" out-interface=$BridgeName protocol=!icmp dst-address="$hostIP" action=mark-packet new-packet-mark="D_$hostIP" passthrough=no ; | |
#untuk membuat queue tree; | |
queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=32k max-limit=$LimitUploadMAC name="U_MAC_$hostIP-$IdentiName" packet-mark="U_$hostIP" parent="Upload" priority=8 queue=default comment="$IdentiName ::: $hostHP ::: $Komentar" ; | |
queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=128k max-limit=$LimitDownloadMAC name="D_MAC_$hostIP-$IdentiName" packet-mark="D_$hostIP" parent="Download" priority=8 queue=default comment="$IdentiName ::: $hostHP ::: $Komentar" ; | |
} | |
} | |
} | |
# ---------- SEKIAN DAN TERIMAKASIH ---------- ; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment