Buka terminal Mikrotik, lalu copas kode di bawah
/ip firewall layer7-protocol
add name=torrentsites regexp="^.*(get|GET).+(torrent|\
thepiratebay|isohunt|entertane|demonoid|btjunkie|mininova|flixflux|\
torrentz|vertor|h33t|btscene|bitunity|bittoxic|thunderbytes|\
entertane|zoozle|vcdq|bitnova|bitsoup|meganova|fulldls|btbot|\
flixflux|seedpeer|fenopy|gpirate|commonbits).*\$\
"
Kita sudah memasukkan Regex ke Layer7 untuk menyaring string yang masuk dalam daftar alamat server torrent.
Dalam kasus ini, IP LAN local di tempat saya adalah 192.168.0.1 sd 0.254. Silahkan ubah IP sesuai LAN local kalian.
/ip firewall filter> add chain=forward src-address=192.168.1.0/24 layer7-protocol=torrentsites action=drop comment=torrentsites add chain=forward src-address=192.168.1.0/24 protocol=17 dst-port=53 layer7-protocol=torrentsites action=drop comment=dropDNS add chain=forward src-address=192.168.1.0/24 content=torrent action=drop comment=keyword_drop add chain=forward src-address=192.168.1.0/24 content=tracker action=drop comment=trackers_drop add chain=forward src-address=192.168.1.0/24 content=getpeers action=drop comment=get_peers_drop add chain=forward src-address=192.168.1.0/24 content=info_hash action=drop comment=info_hash_drop add chain=forward src-address=192.168.1.0/24 content=announce_peers action=drop comment=announce_peers_drop
Jangan lupa memblokir juga koneksi P2Pnya
add chain=forward src-address=192.168.1.0/24 p2p=all-p2p action=drop comment=p2p_drop
Silahkan test.
0 comments:
Post a Comment