Kumpulan Mikrotik Scripts Terbaru Dan Terlengkap

Mikrotik Scripts adalah fitur yang sangat berguna untuk otomatisasi tugas, mengatasi masalah jaringan, dan memfasilitasi konfigurasi jaringan yang kompleks. Dalam artikel ini, akan dibahas tentang kumpulan Mikrotik Script yang dapat membantu administrator jaringan dalam mempercepat dan memudahkan manajemen jaringan.

Apa itu Mikrotik Scripts?

Mikrotik Scripts adalah kumpulan syntax-syntax mikrotik console yang memiliki tujuan tertentu seperti memblokir, membatasi trafick tertentu pada router mikrotik, dengan menggunakan mikrotik scripts proses konfigurasi atau setting router mikrotik menjadi lebih mudah dan cepat

Apa Saja Manfaat Mikrotik Script?

Berikut adalah beberapa manfaat utama dari Mikrotik Script:

  1. Otomatisasi tugas: Dengan menggunakan Mikrotik Script, administrator jaringan dapat mengotomatisasi tugas-tugas yang repetitif dan memakan waktu, seperti backup konfigurasi, update firmware, dan lain sebagainya.
  2. Mengatasi masalah: Mikrotik Script memungkinkan administrator jaringan untuk membuat skrip yang dapat menyelesaikan masalah jaringan secara otomatis, seperti restart otomatis pada interface yang terputus.
  3. Konfigurasi jaringan yang kompleks: Dalam konfigurasi jaringan yang kompleks, Mikrotik Script dapat membantu administrator jaringan dalam membuat skrip yang dapat mengatur konfigurasi jaringan secara efisien dan konsisten.
  4. Manajemen jaringan yang lebih baik: Dengan menggunakan Mikrotik Script, administrator jaringan dapat membuat skrip yang membantu dalam manajemen jaringan yang lebih baik, seperti monitoring jaringan dan memberikan notifikasi jika terjadi masalah.
  5. Fleksibilitas: Mikrotik Script memberikan fleksibilitas kepada administrator jaringan untuk membuat skrip yang disesuaikan dengan kebutuhan spesifik jaringan dan bisnis.

Coba Gratis: Mikrotik Script Generator Tool Powered by AI

Domain Content

Domain Content Facebook

Berikut Daftar Domain Content Facebook

.facebook.com
.facebook.net
.fbcdn.net
.fbsbx.com
fb.com
fb.gg
fbwat.ch
messenger.com
m.me

Script Lengkap Untuk Raw Content Facebook:

/ip firewall raw
add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting comment=FACEBOOK content=\
    .facebook.com dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting content=.facebook.net \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting content=.fbcdn.net \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting content=.fbsbx.com \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting content=fb.com dst-address-list=\
    !lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting content=fb.gg dst-address-list=\
    !lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting content=fbwat.ch \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting content=messenger.com \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting content=m.me dst-address-list=\
    !lokal src-address-list=lokal

Domain Content Instagram

.instagram.com
.cdninstagram.com
/ip firewall raw
add action=add-dst-to-address-list address-list=INSTAGRAM \
    address-list-timeout=1d chain=prerouting comment=INSTAGRAM content=\
    .instagram.com dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=INSTAGRAM \
    address-list-timeout=1d chain=prerouting content=.cdninstagram.com \
    dst-address-list=!lokal src-address-list=lokal

Baca Juga : Daftar lengkap Address List Mikrotik Terbaru

Domain Content Marketplace

tokopedia.com
tokopedia.net
shopee.co.id
bukalapak.com
lazada.co.id
blibli.com
olx.co.id

Script Lengkap Untuk Raw Content Marketplace atau toko online:

/ip firewall raw
add action=add-dst-to-address-list address-list=MARKETPLACE \
    address-list-timeout=1d chain=prerouting comment=MARKETPLACE content=\
    tokopedia.com dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=MARKETPLACE \
    address-list-timeout=1d chain=prerouting content=tokopedia.net \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=MARKETPLACE \
    address-list-timeout=1d chain=prerouting content=shopee.co.id \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=MARKETPLACE \
    address-list-timeout=1d chain=prerouting content=bukalapak.com \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=MARKETPLACE \
    address-list-timeout=1d chain=prerouting content=lazada.co.id \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=MARKETPLACE \
    address-list-timeout=1d chain=prerouting content=blibli.com \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=MARKETPLACE \
    address-list-timeout=1d chain=prerouting content=olx.co.id \
    dst-address-list=!lokal src-address-list=lokal

Domain Content Snack Video

.snackvideo.com
.myqcloud.com
.snackvideo.in
/ip firewall raw
add action=add-dst-to-address-list address-list=SNACKVIDEO \
    address-list-timeout=1d chain=prerouting comment=SNACKVIDEO content=\
    .snackvideo.com dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=SNACKVIDEO \
    address-list-timeout=1d chain=prerouting content=.myqcloud.com \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=SNACKVIDEO \
    address-list-timeout=1d chain=prerouting content=.snackvideo.in \
    dst-address-list=!lokal src-address-list=lokal

Domain Content Bank Mandiri

.bankmandiri.co.id
/ip firewall raw
add action=add-dst-to-address-list address-list=BANK-MANDIRI address-list-timeout=\
    1d chain=prerouting comment=BANK MANDIRI content=.bankmandiri.co.id dst-address-list=\
    !lokal src-address-list=lokal

Domain Content Tiktok

.tiktok.com
.tiktokv.com
.tiktokcdn.com
.byteoversea.com
.ibyteimg.com
.ibytedtos.com
.myqcloud.com
/ip firewall raw
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
    1d chain=prerouting comment=TIKTOK content=.tiktok.com dst-address-list=\
    !lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
    1d chain=prerouting content=.tiktokv.com dst-address-list=!lokal \
    src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
    1d chain=prerouting content=.tiktokcdn.com dst-address-list=!lokal \
    src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
    1d chain=prerouting content=.byteoversea.com dst-address-list=!lokal \
    src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
    1d chain=prerouting content=.ibyteimg.com dst-address-list=!lokal \
    src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
    1d chain=prerouting content=.ibytedtos.com dst-address-list=!lokal \
    src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
    1d chain=prerouting content=.myqcloud.com dst-address-list=!lokal \
    src-address-list=lokal

Domain Content CAPCUT

.capcut.com
.byteoversea.com
.byteimg.com
.bytevcloudapi.com
/ip firewall raw
add action=add-dst-to-address-list address-list=CAPCUT address-list-timeout=\
    1d chain=prerouting comment=CAPCUT content=.capcut.com dst-address-list=\
    !IP-LOKAL src-address-list=IP-LOKAL
add action=add-dst-to-address-list address-list=CAPCUT address-list-timeout=\
    1d chain=prerouting content=.byteoversea.com dst-address-list=!IP-LOKAL \
    src-address-list=IP-LOKAL
add action=add-dst-to-address-list address-list=CAPCUT address-list-timeout=\
    1d chain=prerouting content=.byteimg.com dst-address-list=!IP-LOKAL \
    src-address-list=IP-LOKAL
add action=add-dst-to-address-list address-list=CAPCUT address-list-timeout=\
    1d chain=prerouting content=.bytevcloudapi.com dst-address-list=!IP-LOKAL \
    src-address-list=IP-LOKAL

Domain Content Kapwing

.kapwing.com
/ip firewall raw
add action=add-dst-to-address-list address-list=KAPWING address-list-timeout=\
    1d chain=prerouting comment=KAPWING content=.kapwing.com \
    dst-address-list=!IP-LOKAL src-address-list=IP-LOKAL

Domain Content Canva

.canva.com
/ip firewall raw
add action=add-dst-to-address-list address-list=CANVA address-list-timeout=\
    1d chain=prerouting comment=CANVA content=.canva.com \
    dst-address-list=!IP-LOKAL src-address-list=IP-LOKAL

Domain Content Titan Mail

.flockmail.com
.titan.email
/ip firewall raw
add action=add-dst-to-address-list address-list=TITAN-MAIL address-list-timeout=\
    1d chain=prerouting comment=TITAN-MAIL content=.flockmail.com \
    dst-address-list=!IP-LOKAL src-address-list=IP-LOKAL

add action=add-dst-to-address-list address-list=TITAN-MAIL address-list-timeout=\
    1d chain=prerouting comment=TITAN-MAIL content=.titan.email \
    dst-address-list=!IP-LOKAL src-address-list=IP-LOKAL

Domain Content Twitter

.twitter.com
.twimg.com
t.co
/ip firewall raw
add action=add-dst-to-address-list address-list=TWITTER address-list-timeout=\
    1d chain=prerouting comment=TWITTER content=.twitter.com \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=TWITTER address-list-timeout=\
    1d chain=prerouting content=.twimg.com dst-address-list=!lokal \
    src-address-list=lokal

add action=add-dst-to-address-list address-list=TWITTER address-list-timeout=\
    1d chain=prerouting content=t.co dst-address-list=!lokal \
    src-address-list=lokal

Domain Content Youtube

.youtube.com
.ytimg.com
.googlevideo.com
youtu.be
yt3.ggpht.com
youtubei.googleapis.com
/ip firewall raw
add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
    1d chain=prerouting comment=YOUTUBE content=.youtube.com \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
    1d chain=prerouting content=.ytimg.com dst-address-list=!lokal \
    src-address-list=lokal

add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
    1d chain=prerouting content=.googlevideo.com dst-address-list=!lokal \
    src-address-list=lokal

add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
    1d chain=prerouting content=youtu.be dst-address-list=!lokal \
    src-address-list=lokal

add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
    1d chain=prerouting content=yt3.ggpht.com dst-address-list=!lokal \
    src-address-list=lokal

add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
    1d chain=prerouting content=youtubei.googleapis.com dst-address-list=\
    !lokal src-address-list=lokal

Script Install Mikrotik CHR di VPS

berikut adalah script untuk menginstall mikrotik chr di vps

wget https://download.mikrotik.com/routeros/6.46.5/chr-6.46.5.img.zip -O chr.img.zip && \
gunzip -c chr.img.zip > chr.img && \
echo u > /proc/sysrq-trigger && \
dd if=chr.img bs=1024 of=/dev/sda

Yang Perlu di ganti adalah partisi di barisi terakhir /dev/sda silahkan sesuaikan dengan partisi vps anda, untuk cara cek partisi di vps gunakan perintah

sudo fdisk -l

Untuk lebih lengkap cara tutorial mikrotik chr silahkan baca disini

Mengirim Notifikasi Mikrotik Ke Bot Telegram

berikut ini adalah script untuk mengirimkan notifikasi ke bot telegram, silahkan sobat masukkan script ini di tool > netwatch

Contoh Script Notifikasi Ketika Dapat Terkoneksi Ke DNS Google

/tool fetch url="https://api.telegram.org/bot5708391154:AAFKJviidwIHiMicz-3RBLJS7Zp-FK9m7ww/sendMessage?chat_id=1666322534&text='DNS Google Connect Coy'" keep-result=no

Contoh Script Notifikasi Ketika Gagal Terkoneksi Ke DNS Google

/tool fetch url="https://api.telegram.org/bot5708391154:AAFKJviidwIHiMicz-3RBLJS7Zp-FK9m7ww/sendMessage?chat_id=1666322534&text='Gagal Terhubung Ke DNS Google'" keep-result=no

bot token = bot5708391154:AAFKJviidwIHiMicz-3RBLJS7Zp-FK9m7ww

Chat ID : 1666322534

Silahkan sobat ganti bot token dan chat id script mikrotik di atas dengan bot token dan chat id bot telegram yang sobat miliki

Tonton Juga Video : Cara Membuat Notifikasi Mikrotik Dengan BOT Telegram Cocok Untuk Pemula

Script Untuk Monitoring Trafick Router Mikrotik Ke BOT Telegram

di bawah ini adalah contoh script untuk mengirimkan notifikasi untuk memonitoring trafick download dan upload pada mikrotik router

Script untuk mendapatkan tanggal saat ini

:local CurDate [/system clock get date]

Script untuk mendapatkan jam saat ini

:local CurTime [/system clock get time]

Script untuk menampilkan Informasi Log

#Log
:log info "Kecepatan Download Lebih Dari 8 Mbps"

Script untuk mengirimkan notifikasi trafick monitoring dari mikrotik ke bot telegram

/tool fetch url="https://api.telegram.org/bot5708391154:AAFKJviidwIHiMicz-3RBLJS7Zp-FK9m7ww/sendMessage?chat_id=1666322534&text='Traffick Internet Di $CurDate $CurTime Sudah Lebih Dari 8 Mbps Gan" keep-result=no

Tonton Juga Video : Cara Monitoring Trafick Download Dan Upload Mikrotik Menggunakan Bot Telegram

Monitoring Trafick Download Dan Upload Mikrotik Menggunakan Bot Telegram

Load Balance PCC

Load Balance PCC 2 ISP

Load Balance PCC 2 ISP adalah metode penyimbangan dua koneksi atau lebih internet gateway

#=====================================================
# https://midteknologi.com
#=====================================================

/interface
set ether1 comment=Modem-1
set ether2 comment=Modem-2
set ether3 comment=Lan

/ip firewall address-list
add address=192.168.0.0/16 list=IP-LOKAL
add address=172.16.0.0/12 list=IP-LOKAL
add address=10.0.0.0/8 list=IP-LOKAL

/ ip address
add address=192.168.9.9/24 network=192.168.9.0 broadcast=192.168.9.255 interface=ether1
add address=192.168.8.2/24 network=192.168.8.0 broadcast=192.168.8.255 interface=ether2
add address=192.168.10.1/24 network=192.168.10.0 broadcast=192.168.10.255 interface=ether3

/ip route
add check-gateway=ping distance=1 gateway="192.168.9.1" routing-mark="to-ether1"
add check-gateway=ping distance=1 gateway="192.168.8.1" routing-mark="to-ether2"
add check-gateway=ping distance=1 gateway="192.168.9.1"
add check-gateway=ping distance=2 gateway="192.168.8.1"

/ip dns set cache-max-ttl=1d cache-size=2048KiB servers=8.8.8.8,8.8.4.4

/ip firewall nat
add chain=srcnat out-interface="ether1" action=masquerade
add chain=srcnat out-interface="ether2" action=masquerade

/ip firewall mangle
add action=mark-connection chain=input in-interface="ether1" new-connection-mark="cm-ether1" passthrough=yes
add action=mark-connection chain=input in-interface="ether2" new-connection-mark="cm-ether2" passthrough=yes
add action=mark-routing chain=output connection-mark="cm-ether1" new-routing-mark="to-ether1" passthrough=yes
add action=mark-routing chain=output connection-mark="cm-ether2" new-routing-mark="to-ether2" passthrough=yes

add action=mark-connection chain=prerouting dst-address-list=!IP-LOKAL dst-address-type=!local new-connection-mark="cm-ether1" passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0 src-address-list=IP-LOKAL

add action=mark-connection chain=prerouting dst-address-list=!IP-LOKAL dst-address-type=!local new-connection-mark="cm-ether2" passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 src-address-list=IP-LOKAL

add action=mark-routing chain=prerouting connection-mark="cm-ether1" dst-address-list=!IP-LOKAL new-routing-mark="to-ether1" passthrough=yes src-address-list=IP-LOKAL

add action=mark-routing chain=prerouting connection-mark="cm-ether2" dst-address-list=!IP-LOKAL new-routing-mark="to-ether2" passthrough=yes src-address-list=IP-LOKAL

Load Balance PCC 3 ISP

Load Balance PCC 3 ISP adalah metode penyimbangan dua koneksi atau lebih internet gateway

#=====================================================
# https://midteknologi.com
#=====================================================

/interface
set ether1 comment=Modem-1
set ether2 comment=Modem-2
set ether3 comment=Modem-3
set ether4 comment=Lan

/ip firewall address-list
add address=192.168.0.0/16 list=IP-LOKAL
add address=172.16.0.0/12 list=IP-LOKAL
add address=10.0.0.0/8 list=IP-LOKAL

/ ip address
add address=192.168.9.9/24 network=192.168.9.0 broadcast=192.168.9.255 interface=ether1
add address=192.168.8.2/24 network=192.168.8.0 broadcast=192.168.8.255 interface=ether2
add address=192.168.10.2/24 network=192.168.10.0 broadcast=192.168.8.255 interface=ether3
add address=192.168.11.1/24 network=192.168.11.0 broadcast=192.168.10.255 interface=ether4

/ip route
add check-gateway=ping distance=1 gateway="192.168.9.1" routing-mark="to-ether1"
add check-gateway=ping distance=1 gateway="192.168.8.1" routing-mark="to-ether2"
add check-gateway=ping distance=1 gateway="192.168.10.1" routing-mark="to-ether3"
add check-gateway=ping distance=1 gateway="192.168.9.1"
add check-gateway=ping distance=2 gateway="192.168.8.1"
add check-gateway=ping distance=3 gateway="192.168.10.1"

/ip dns set cache-max-ttl=1d cache-size=2048KiB servers=8.8.8.8,8.8.4.4

/ip firewall nat
add chain=srcnat out-interface="ether1" action=masquerade
add chain=srcnat out-interface="ether2" action=masquerade
add chain=srcnat out-interface="ether3" action=masquerade

/ip firewall mangle
add action=mark-connection chain=input in-interface="ether1" new-connection-mark="cm-ether1" passthrough=yes
add action=mark-connection chain=input in-interface="ether2" new-connection-mark="cm-ether2" passthrough=yes
add action=mark-connection chain=input in-interface="ether3" new-connection-mark="cm-ether3" passthrough=yes

add action=mark-routing chain=output connection-mark="cm-ether1" new-routing-mark="to-ether1" passthrough=yes
add action=mark-routing chain=output connection-mark="cm-ether2" new-routing-mark="to-ether2" passthrough=yes
add action=mark-routing chain=output connection-mark="cm-ether3" new-routing-mark="to-ether3" passthrough=yes

add action=mark-connection chain=prerouting dst-address-list=!IP-LOKAL dst-address-type=!local new-connection-mark="cm-ether1" passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0 src-address-list=IP-LOKAL

add action=mark-connection chain=prerouting dst-address-list=!IP-LOKAL dst-address-type=!local new-connection-mark="cm-ether2" passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 src-address-list=IP-LOKAL

add action=mark-connection chain=prerouting dst-address-list=!IP-LOKAL dst-address-type=!local new-connection-mark="cm-ether3" passthrough=yes per-connection-classifier=both-addresses-and-ports:2/2 src-address-list=IP-LOKAL

add action=mark-routing chain=prerouting connection-mark="cm-ether1" dst-address-list=!IP-LOKAL new-routing-mark="to-ether1" passthrough=yes src-address-list=IP-LOKAL

add action=mark-routing chain=prerouting connection-mark="cm-ether2" dst-address-list=!IP-LOKAL new-routing-mark="to-ether2" passthrough=yes src-address-list=IP-LOKAL

add action=mark-routing chain=prerouting connection-mark="cm-ether3" dst-address-list=!IP-LOKAL new-routing-mark="to-ether3" passthrough=yes src-address-list=IP-LOKAL

Script Mikrotik Redirect DNS Client Ke DNS Mikrotik

Script ini berfungsi untuk mengarahkan client mikrotik untuk menggunakan DNS yang sama dengan dns yang di setting pada router mikrotik

/ip dns
set allow-remote-requests=yes cache-max-ttl=3h cache-size=10240KiB servers=8.8.8.8,8.8.4.4

/ip firewall nat
add action=redirect chain=dstnat dst-port=53 protocol=udp to-ports=53
add action=redirect chain=dstnat dst-port=53 protocol=tcp to-ports=53

Script Menambahkan Dynamic IP Route ( Modem IP DHCP)

Script ini sangat berfungsi ketika kita melakukan konfigurasi load balance di mikrotik ketika Modem dari ISP tersebut menggunakan IP DHCP dan tidak bisa di set static kasus seperti ini akan anda temui ketika menggunakan jaringan internet dari ICON + atau Iconnet, dimana kita tidak dapat merubah konfigurasi IP Addressnya menjadi static

berikut ini scriptnya :

:if ($bound=1) do={
	/ip route add distance=1 gateway=$"gateway-address" routing-mark=to-ether2 comment="ISP2"
} else={
	/ip route remove [/ip route find comment="ISP2"]
}

Script diatas teman-teman tambahkan di menu IP > DHCP Client Lalu Klik Tambah Dan Pada tab Advanced Masukkan Script Diatas

dynamic ip route modem ip dhcp
dynamic ip route modem ip dhcp

penjelasan script diatas : ketika kita mendapatkan ip dari modem maka script otomatis akan menambahkan router baru dengan routing mark to ether-2 dengan komentar ISP2 , namun ketika modem ISP mengalami masalah dan kita tidak mendapatkan IP dari modem maka script diatas akan otomatis menghapus route dengan komentar ISP2

Tonton Juga : Solusi Load Balance Dengan IP Modem DHCP

Mikrotik Script Untuk Blokir Situs

Blokir Facebook Menggunakan Address Lists Mikrotik

/ip firewall filter
add action=drop chain=forward dst-address-list=Facebook src-address=192.168.17.0/24 comment="Blokir Facebook Menggunakan Address-Lists"

/ip firewall address-list
add address=146.88.59.0/24 list=Facebook
add address=74.119.76.0/22 list=Facebook
add address=45.64.40.0/22 list=Facebook
add address=69.63.176.0/20 list=Facebook
add address=31.13.64.0/18 list=Facebook
add address=66.220.144.0/20 list=Facebook
add address=69.171.224.0/19 list=Facebook
add address=103.4.96.0/22 list=Facebook
add address=173.252.64.0/19 list=Facebook
add address=173.252.96.0/19 list=Facebook
add address=179.60.192.0/22 list=Facebook
add address=204.15.20.0/22 list=Facebook
add address=31.13.24.0/21 list=Facebook
add address=199.201.64.0/22 list=Facebook
add address=185.60.216.0/22 list=Facebook
add address=157.240.0.0/16 list=Facebook
add address=129.205.94.0/23 list=Facebook

Blokir Facebook Menggunakan Mikrotik

/ip firewall filter
add action=drop chain=forward dst-address-list=Facebook src-address=192.168.17.0/24 comment="Blokir Facebook Menggunakan TLS Host"

/ip firewall mangle
add action=add-dst-to-address-list address-list=Facebook address-list-timeout=4w2d chain=prerouting dst-port=443 protocol=tcp tls-host=*.facebook.com comment="Detecting IP Addresses Facebook"

Blokir Twitter Menggunakan Address Lists Mikrotik

/ip firewall filter
add action=drop chain=forward dst-address-list=Twitter src-address=192.168.17.0/24 comment="Blocking Twitter Menggunakan Address Lists"

/ip firewall address-list add list=Twitter address=8.25.196.0/23
/ip firewall address-list add list=Twitter address=8.25.194.0/23
/ip firewall address-list add list=Twitter address=69.195.188.0/24
/ip firewall address-list add list=Twitter address=69.195.187.0/24
/ip firewall address-list add list=Twitter address=69.195.186.0/24
/ip firewall address-list add list=Twitter address=69.195.185.0/24
/ip firewall address-list add list=Twitter address=69.195.182.0/24
/ip firewall address-list add list=Twitter address=69.195.181.0/24
/ip firewall address-list add list=Twitter address=69.195.180.0/24
/ip firewall address-list add list=Twitter address=69.195.179.0/24
/ip firewall address-list add list=Twitter address=69.195.178.0/24
/ip firewall address-list add list=Twitter address=69.195.177.0/24
/ip firewall address-list add list=Twitter address=69.195.176.0/24
/ip firewall address-list add list=Twitter address=69.195.175.0/24
/ip firewall address-list add list=Twitter address=69.195.174.0/24
/ip firewall address-list add list=Twitter address=69.195.171.0/24
/ip firewall address-list add list=Twitter address=69.195.169.0/24
/ip firewall address-list add list=Twitter address=69.195.168.0/24
/ip firewall address-list add list=Twitter address=69.195.166.0/24
/ip firewall address-list add list=Twitter address=69.195.165.0/24
/ip firewall address-list add list=Twitter address=69.195.164.0/24
/ip firewall address-list add list=Twitter address=69.195.163.0/24
/ip firewall address-list add list=Twitter address=69.195.162.0/24
/ip firewall address-list add list=Twitter address=69.195.160.0/24
/ip firewall address-list add list=Twitter address=69.12.63.0/24
/ip firewall address-list add list=Twitter address=69.12.62.0/24
/ip firewall address-list add list=Twitter address=69.12.61.0/24
/ip firewall address-list add list=Twitter address=69.12.56.0/21
/ip firewall address-list add list=Twitter address=64.63.33.0/24
/ip firewall address-list add list=Twitter address=64.63.0.0/18
/ip firewall address-list add list=Twitter address=209.237.221.0/24
/ip firewall address-list add list=Twitter address=209.237.220.0/24
/ip firewall address-list add list=Twitter address=209.237.218.0/24
/ip firewall address-list add list=Twitter address=209.237.217.0/24
/ip firewall address-list add list=Twitter address=209.237.216.0/24
/ip firewall address-list add list=Twitter address=209.237.215.0/24
/ip firewall address-list add list=Twitter address=209.237.214.0/24
/ip firewall address-list add list=Twitter address=209.237.213.0/24
/ip firewall address-list add list=Twitter address=209.237.210.0/24
/ip firewall address-list add list=Twitter address=209.237.209.0/24
/ip firewall address-list add list=Twitter address=209.237.201.0/24
/ip firewall address-list add list=Twitter address=209.237.200.0/24
/ip firewall address-list add list=Twitter address=209.237.199.0/24
/ip firewall address-list add list=Twitter address=209.237.198.0/24
/ip firewall address-list add list=Twitter address=209.237.197.0/24
/ip firewall address-list add list=Twitter address=209.237.196.0/24
/ip firewall address-list add list=Twitter address=209.237.195.0/24
/ip firewall address-list add list=Twitter address=209.237.194.0/24
/ip firewall address-list add list=Twitter address=209.237.193.0/24
/ip firewall address-list add list=Twitter address=209.237.192.0/24
/ip firewall address-list add list=Twitter address=202.160.131.0/24
/ip firewall address-list add list=Twitter address=202.160.130.0/24
/ip firewall address-list add list=Twitter address=202.160.129.0/24
/ip firewall address-list add list=Twitter address=202.160.128.0/24
/ip firewall address-list add list=Twitter address=199.96.62.0/23
/ip firewall address-list add list=Twitter address=199.96.61.0/24
/ip firewall address-list add list=Twitter address=199.96.60.0/24
/ip firewall address-list add list=Twitter address=199.96.60.0/23
/ip firewall address-list add list=Twitter address=199.96.58.0/23
/ip firewall address-list add list=Twitter address=199.96.57.0/24
/ip firewall address-list add list=Twitter address=199.96.56.0/24
/ip firewall address-list add list=Twitter address=199.96.56.0/23
/ip firewall address-list add list=Twitter address=199.59.148.0/22
/ip firewall address-list add list=Twitter address=199.16.156.0/23
/ip firewall address-list add list=Twitter address=199.16.156.0/22
/ip firewall address-list add list=Twitter address=192.48.237.0/24
/ip firewall address-list add list=Twitter address=192.48.236.0/24
/ip firewall address-list add list=Twitter address=192.48.236.0/23
/ip firewall address-list add list=Twitter address=192.133.78.0/23
/ip firewall address-list add list=Twitter address=192.133.76.0/23
/ip firewall address-list add list=Twitter address=192.133.76.0/22
/ip firewall address-list add list=Twitter address=188.64.224.0/21
/ip firewall address-list add list=Twitter address=185.45.6.0/23
/ip firewall address-list add list=Twitter address=185.45.5.0/24
/ip firewall address-list add list=Twitter address=185.45.4.0/24
/ip firewall address-list add list=Twitter address=185.45.4.0/23
/ip firewall address-list add list=Twitter address=104.244.47.0/24
/ip firewall address-list add list=Twitter address=104.244.46.0/24
/ip firewall address-list add list=Twitter address=104.244.45.0/24
/ip firewall address-list add list=Twitter address=104.244.44.0/24
/ip firewall address-list add list=Twitter address=104.244.43.0/24
/ip firewall address-list add list=Twitter address=104.244.42.0/24
/ip firewall address-list add list=Twitter address=104.244.41.0/24
/ip firewall address-list add list=Twitter address=104.244.40.0/24

Blokir Twitter Di Mikrotik

/ip firewall filter
add action=drop chain=forward dst-address-list=Twitter src-address=192.168.17.0/24 comment="Blokir Twitter Menggunakan TLS Host"

/ip firewall mangle
add action=add-dst-to-address-list address-list=Twitter address-list-timeout=4w2d chain=prerouting dst-port=443 protocol=tcp tls-host=*.twitter.com comment="Detecting IP Addresses Twitter"

Blokir Tiktok Di Mikrotik

/ip firewall filter
add action=drop chain=forward dst-address-list=TikTok src-address=192.168.17.0/24 comment="Blocking TikTok Di Router Mikrotik"

/ip firewall mangle
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.tiktok.com src-address=192.168.17.0/24 comment="Blokir TikTok Menggunakan Mikrotik"
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.tiktokv.com src-address=192.168.17.0/24
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.tiktokcdn.com src-address=192.168.17.0/24
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.byteoversea.com src-address=192.168.17.0/24
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.ibyteimg.com src-address=192.168.17.0/24
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.ibytedtos.com src-address=192.168.17.0/24
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.myqcloud.com src-address=192.168.17.0/24

Blokir Netflix Di Mikrotik

/ip firewall filter
add action=drop chain=forward dst-address-list=Netflix src-address=192.168.17.0/24 comment="Blocking Netflix Menggunakan TLS Hosts"

/ip firewall mangle
add action=add-dst-to-address-list address-list=Netflix address-list-timeout=4w2d chain=prerouting content=nflxvideo.net src-address=192.168.17.0/24 comment="Deteksi Alamat IP Address Netflix"

Blokir Steam Menggunakan Address Lists Mikrotik

/ip firewall filter
add action=drop chain=forward dst-address-list=Steam src-address=192.168.17.0/24 comment="Blocking Steam Menggunakan Address Lists"

/ip firewall address-list
add address=45.121.184.0/23 list=Steam
add address=45.121.186.0/23 list=Steam
add address=103.10.124.0/24 list=Steam
add address=103.10.125.0/24 list=Steam
add address=103.28.54.0/23 list=Steam
add address=146.66.152.0/23 list=Steam
add address=146.66.154.0/24 list=Steam
add address=146.66.155.0/24 list=Steam
add address=146.66.156.0/23 list=Steam
add address=146.66.158.0/23 list=Steam
add address=153.254.86.0/24 list=Steam
add address=155.133.224.0/23 list=Steam
add address=155.133.227.0/24 list=Steam
add address=155.133.228.0/23 list=Steam
add address=155.133.230.0/23 list=Steam
add address=155.133.232.0/24 list=Steam
add address=155.133.233.0/24 list=Steam
add address=155.133.234.0/24 list=Steam
add address=155.133.235.0/24 list=Steam
add address=155.133.236.0/23 list=Steam
add address=155.133.238.0/24 list=Steam
add address=155.133.239.0/24 list=Steam
add address=155.133.240.0/23 list=Steam
add address=155.133.242.0/23 list=Steam
add address=155.133.244.0/24 list=Steam
add address=155.133.245.0/24 list=Steam
add address=155.133.246.0/23 list=Steam
add address=155.133.248.0/24 list=Steam
add address=155.133.249.0/24 list=Steam
add address=155.133.250.0/24 list=Steam
add address=155.133.252.0/24 list=Steam
add address=155.133.253.0/24 list=Steam
add address=155.133.254.0/24 list=Steam
add address=155.133.255.0/24 list=Steam
add address=162.254.192.0/24 list=Steam
add address=162.254.193.0/24 list=Steam
add address=162.254.194.0/23 list=Steam
add address=162.254.196.0/24 list=Steam
add address=162.254.197.0/24 list=Steam
add address=162.254.198.0/24 list=Steam
add address=162.254.199.0/24 list=Steam
add address=185.25.180.0/23 list=Steam
add address=185.25.182.0/24 list=Steam
add address=185.25.183.0/24 list=Steam
add address=190.216.121.0/24 list=Steam
add address=190.217.33.0/24 list=Steam
add address=192.69.96.0/23 list=Steam
add address=205.185.194.0/24 list=Steam
add address=205.196.6.0/24 list=Steam
add address=208.64.200.0/24 list=Steam
add address=208.64.201.0/24 list=Steam
add address=208.64.202.0/24 list=Steam
add address=208.64.203.0/24 list=Steam
add address=208.78.164.0/23 list=Steam
add address=208.78.166.0/24 list=Steam
add address=208.78.167.0/24 list=Steam

Blokir Garena ROV Di Mikrotik

/ip firewall filter
add action=drop chain=forward dst-address-list=RoV src-address=192.168.17.0/24 comment="Blocking Garena RoV traffic Menggunakan Mikrotik"

/ip firewall mangle
add action=add-dst-to-address-list address-list=RoV address-list-timeout=4d chain=prerouting dst-port=20000 protocol=tcp comment="Mendeteksi Alamat IP Garena RoV"

Penjelasan Script : IP 192.168.17.0/24 adalah Network ID Dari IP Lokal Anda

Blokir Akses Internet Menggunakan Macc Address

/ip firewall filter

add action=accept chain=forward comment=MID_TEKNOLOGI src-mac-address=\
    80:1F:02:6D:24:14

//global blokir ketika terhubung di semua interface 
add action=drop chain=forward comment="Block WIFI"

//spesifik diterapkan untuk interface wlan1
add action=drop chain=forward comment="Block WIFI" in-interface=wlan1

Penjelasan Script : Pada script diatas kita melakukan blokir akses internet dengan macc address “80:1F:02:8D:54:C4”

Mikrotik Scripts Untuk Keamanan Jaringan Router Mikrotik

Mencegah Port Scanner

/ip firewall filter
add action=add-src-to-address-list address-list="Port Scan" address-list-timeout=4w2d chain=forward comment="Mencegah port scanner" protocol=tcp psd=21,3s,3,1
add action=add-src-to-address-list address-list="Port Scan" address-list-timeout=4w2d chain=input protocol=tcp psd=21,3s,3,1
add action=drop chain=forward src-address-list="Port Scan"
add action=drop chain=input src-address-list="Port Scan"

Mencegah UDP Flood Attack

/ip firewall raw
add action=drop chain=prerouting comment="Mencegah UDP Flood Attack" dst-port=53 in-interface=pppoe-out1 protocol=udp
add action=accept chain=prerouting dst-port=53 in-interface=!pppoe-out1 limit=100,5:packet protocol=udp
add action=drop chain=prerouting dst-port=53 in-interface=!pppoe-out1 protocol=udp


jangan Lupa Set Allow Remote Request di IP > DNS 

Mencegah TCP Syn Attack

/ip firewall filter add chain=input protocol=tcp connection-limit=32,1 action=add-src-to-address-list  address-list=blocked-addr address-list-timeout=1d 
/ip firewall filter add chain=input protocol=tcp src-address-list=blocked-addr connection-limit=3,32 action=tarpit 
/ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-state=new action=jump jump-target=SYN-Protect comment="SYN Flood protect" disabled=no
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5 connection-state=new action=accept comment="" disabled=no
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn connection-state=new action=drop comment="" disabled=no
/ip settings set tcp-syncookies=yes

Mencegah ICMP Smurf Attack

/ip firewall raw
add action=drop chain=prerouting comment="Mencegah ICMP Smurf Attack" dst-address-type=broadcast protocol=icmp

/ip firewall filter
add action=drop chain=input comment="Block Ping dari interface WAN" in-interface=LAN-1 protocol=icmp

Mencegah Brute Force

/ip firewall filter
add action=drop chain=input comment="Drop anyone in Black List (SSH)" src-address-list="Black List (SSH)"
add action=jump chain=input comment="Jump to Black List (SSH) Chain" dst-port=22 jump-target="Black List (SSH) Chain" protocol=tcp
add action=add-src-to-address-list address-list="Black List (SSH)" address-list-timeout=4w2d chain="Black List (SSH) Chain" comment="Transfer repeated attempts from Black List (SSH) Stage 3 to Black List (SSH)" connection-state=new src-address-list="Black List (SSH) Stage 3"
add action=add-src-to-address-list address-list="Black List (SSH) Stage 3" address-list-timeout=1m chain="Black List (SSH) Chain" comment="Add Successive attempts to Black List (SSH) Stage 3" connection-state=new src-address-list="Black List (SSH) Stage 2"
add action=add-src-to-address-list address-list="Black List (SSH) Stage 2" address-list-timeout=1m chain="Black List (SSH) Chain" comment="Add Successive attempts to Black List (SSH) Stage 2" connection-state=new src-address-list="Black List (SSH) Stage 1"
add action=add-src-to-address-list address-list="Black List (SSH) Stage 1" address-list-timeout=1m chain="Black List (SSH) Chain" comment="Add initial attempt to Black List (SSH) Stage 1" connection-state=new
add action=return chain="Black List (SSH) Chain" comment="Return from Black List (SSH) chain"

Set Prioritas Bandwith Untuk Zoom

/ip firewall mangle
add action=mark-connection chain=prerouting comment="Mark Zoom Application Connections" dst-address-list=Zoom dst-port=3478,3479,5090,5091,8801-8810 new-connection-mark=Zoom-Connection passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting dst-address-list=Zoom dst-port=3478,3479,5090,5091,8801-8810 new-connection-mark=Zoom-Connection passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="Mark Zoom Web App Connections" dst-address-list=Zoom dst-port=80,443 new-connection-mark=Zoom-Connection passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="Mark All Zoom Packets" connection-mark=Zoom-Connection new-packet-mark=Zoom-Packet passthrough=no

/queue simple
add comment="Internet Package (Upload Speed: 300 Mbps, Download Speed: 300 Mbps)" max-limit=300M/300M name=Parent_Queue target=192.168.17.0/24
add comment="Share Speed  to Zoom (Upload Speed: 20Mbps, Download Speed: 20Mbps)" max-limit=20M/20M name=Queue_Zoom packet-marks=Zoom-Packet parent=Parent_Queue priority=1/1 target=192.168.17.0/24
add comment="Share Speed For General Working (Upload Speed: 280 Mbps, Download Speed: 280Mbps)" max-limit=280M/280M name=Queue_Other packet-marks=no-mark parent=Parent_Queue target=192.168.17.0/24

/ip firewall address-list
add address=3.7.35.0/25	list=Zoom
add address=3.21.137.128/25 list=Zoom
add address=3.22.11.0/24 list=Zoom
add address=3.23.93.0/24 list=Zoom
add address=3.25.41.128/25 list=Zoom
add address=3.25.42.0/25 list=Zoom
add address=3.25.49.0/24 list=Zoom
add address=3.80.20.128/25 list=Zoom
add address=3.96.19.0/24 list=Zoom
add address=3.101.32.128/25 list=Zoom
add address=3.101.52.0/25 list=Zoom
add address=3.104.34.128/25 list=Zoom
add address=3.120.121.0/25 list=Zoom
add address=3.127.194.128/25 list=Zoom
add address=3.208.72.0/25 list=Zoom
add address=3.211.241.0/25 list=Zoom
add address=3.235.69.0/25 list=Zoom
add address=3.235.82.0/23 list=Zoom
add address=3.235.71.128/25 list=Zoom
add address=3.235.72.128/25 list=Zoom
add address=3.235.73.0/25 list=Zoom
add address=3.235.96.0/23 list=Zoom
add address=4.34.125.128/25 list=Zoom
add address=4.35.64.128/25 list=Zoom
add address=8.5.128.0/23 list=Zoom
add address=13.52.6.128/25 list=Zoom
add address=13.52.146.0/25 list=Zoom
add address=18.157.88.0/24 list=Zoom
add address=18.205.93.128/25 list=Zoom
add address=20.203.158.80/28 list=Zoom
add address=20.203.190.192/26 list=Zoom
add address=50.239.202.0/23 list=Zoom
add address=50.239.204.0/24 list=Zoom
add address=52.61.100.128/25 list=Zoom
add address=52.202.62.192/26 list=Zoom
add address=52.215.168.0/25 list=Zoom
add address=64.125.62.0/24 list=Zoom
add address=64.211.144.0/24 list=Zoom
add address=64.224.32.0/19 list=Zoom
add address=65.39.152.0/24 list=Zoom
add address=69.174.57.0/24 list=Zoom
add address=69.174.108.0/22 list=Zoom
add address=99.79.20.0/25 list=Zoom
add address=101.36.167.0/24 list=Zoom
add address=103.122.166.0/23 list=Zoom
add address=111.33.115.0/25 list=Zoom
add address=111.33.181.0/25 list=Zoom
add address=115.110.154.192/26 list=Zoom
add address=115.114.56.192/26 list=Zoom
add address=115.114.115.0/26 list=Zoom
add address=115.114.131.0/26 list=Zoom
add address=120.29.148.0/24 list=Zoom
add address=129.151.0.0/19 list=Zoom
add address=129.151.40.0/22 list=Zoom
add address=129.151.48.0/20 list=Zoom
add address=129.159.0.0/20 list=Zoom
add address=129.159.160.0/19 list=Zoom
add address=129.159.208.0/20 list=Zoom
add address=130.61.164.0/22 list=Zoom
add address=134.224.0.0/16 list=Zoom
add address=140.238.128.0/24 list=Zoom
add address=140.238.232.0/22 list=Zoom
add address=144.195.0.0/16 list=Zoom
add address=147.124.96.0/19 list=Zoom
add address=149.137.0.0/17 list=Zoom
add address=150.230.224.0/21 list=Zoom
add address=152.67.20.0/24 list=Zoom
add address=152.67.118.0/24 list=Zoom
add address=152.67.168.0/22 list=Zoom
add address=152.67.180.0/24 list=Zoom
add address=152.67.184.0/22 list=Zoom
add address=152.67.240.0/21 list=Zoom
add address=152.70.224.0/21 list=Zoom
add address=156.45.0.0/17 list=Zoom
add address=158.101.64.0/24 list=Zoom
add address=158.101.184.0/22 list=Zoom
add address=160.1.56.128/25 list=Zoom
add address=161.199.136.0/22 list=Zoom
add address=162.12.232.0/22 list=Zoom
add address=162.255.36.0/22 list=Zoom
add address=165.254.88.0/23 list=Zoom
add address=166.108.64.0/18 list=Zoom
add address=168.138.16.0/22 list=Zoom
add address=168.138.48.0/24 list=Zoom
add address=168.138.56.0/21 list=Zoom
add address=168.138.72.0/24 list=Zoom
add address=168.138.74.0/25 list=Zoom
add address=168.138.80.0/21 list=Zoom
add address=168.138.96.0/22 list=Zoom
add address=168.138.116.0/22 list=Zoom
add address=168.138.244.0/24 list=Zoom
add address=170.114.0.0/16 list=Zoom
add address=173.231.80.0/20 list=Zoom
add address=192.204.12.0/22 list=Zoom
add address=193.122.16.0/20 list=Zoom
add address=193.122.32.0/20 list=Zoom
add address=193.122.208.0/20 list=Zoom
add address=193.122.224.0/20 list=Zoom
add address=193.122.240.0/20 list=Zoom
add address=193.123.0.0/19 list=Zoom
add address=193.123.40.0/21 list=Zoom
add address=193.123.128.0/19 list=Zoom
add address=193.123.168.0/21 list=Zoom
add address=193.123.192.0/19 list=Zoom
add address=198.251.128.0/17 list=Zoom
add address=202.177.207.128/27 list=Zoom
add address=204.80.104.0/21 list=Zoom
add address=204.141.28.0/22 list=Zoom
add address=206.247.0.0/16 list=Zoom
add address=207.226.132.0/24 list=Zoom
add address=209.9.211.0/24 list=Zoom
add address=209.9.215.0/24 list=Zoom
add address=213.19.144.0/24 list=Zoom
add address=213.19.153.0/24 list=Zoom
add address=213.244.140.0/24 list=Zoom
add address=221.122.88.64/27 list=Zoom
add address=221.122.88.128/25 list=Zoom
add address=221.122.89.128/25 list=Zoom
add address=221.123.139.192/27 list=Zoom

Set Prioritas Bandwith Untuk Aplikasi Mircrosoft Teams

/ip firewall mangle
add action=mark-connection chain=prerouting comment="Mark MicrosoftTeams Application Connection" dst-address-list=MicrosoftTeams dst-port=3478,3479,3480,3481 new-connection-mark=MicrosoftTeams-Connection passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting dst-address-list=MicrosoftTeams dst-port=3478,3479,3480,3481 new-connection-mark=MicrosoftTeams-Connection passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="Mark MicrosoftTeams Web App Connections" dst-address-list=MicrosoftTeams dst-port=80,443 new-connection-mark=MicrosoftTeams-Connection passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="Mark All MicrosoftTeams Packets" connection-mark=MicrosoftTeams-Connection new-packet-mark=MicrosoftTeams-Packet passthrough=no

/queue simple
add comment="Internet Package (Upload Speed: 300 Mbps, Download Speed: 300 Mbps)" max-limit=300M/300M name=Parent_Queue target=192.168.17.0/24
add comment="Share Speed  to MicrosoftTeams (Upload Speed: 20Mbps, Download Speed: 20Mbps)" max-limit=20M/20M name=Queue_MicrosoftTeams packet-marks=MicrosoftTeams-Packet parent=Parent_Queue priority=1/1 target=192.168.17.0/24
add comment="Share Speed For General Working (Upload Speed: 280 Mbps, Download Speed: 280Mbps)" max-limit=280M/280M name=Queue_Other packet-marks=no-mark parent=Parent_Queue target=192.168.17.0/24

/ip firewall address-list
add address=13.107.64.0/18 list=MicrosoftTeams
add address=52.112.0.0/14 list=MicrosoftTeams
add address=52.120.0.0/14 list=MicrosoftTeams
add address=52.238.119.141/32 list=MicrosoftTeams
add address=52.244.160.207/32 list=MicrosoftTeams

Bypass IP Lokal Agar Tidak Terlimit

# tambahkan address lists ip lokal di mikrotik 

/ip firewall address-list
add address=0.0.0.0/8 list=IP_LOKAL
add address=10.0.0.0/8 list=IP_LOKAL
add address=100.64.0.0/10 list=IP_LOKAL
add address=127.0.0.0/8 list=IP_LOKAL
add address=169.254.0.0/16 list=IP_LOKAL
add address=172.16.0.0/12 list=IP_LOKAL
add address=192.0.0.0/24 list=IP_LOKAL
add address=192.0.2.0/24 list=IP_LOKAL
add address=192.168.0.0/16 list=IP_LOKAL
add address=198.18.0.0/15 list=IP_LOKAL
add address=198.51.100.0/24 list=IP_LOKAL
add address=203.0.113.0/24 list=IP_LOKAL
add address=224.0.0.0/4 list=IP_LOKAL
add address=240.0.0.0/4 list=IP_LOKAL

# letakkan script ini di bagian paling atas pada mangle rules

/ip firewall mangle
add action=accept chain=prerouting dst-address-list=IP_LOKAL  src-address-list=IP_LOKAL
add action=accept chain=postrouting dst-address-list=IP_LOKAL  src-address-list=IP_LOKAL
add action=accept chain=forward dst-address-list=IP_LOKAL  src-address-list=IP_LOKAL
add action=accept chain=input dst-address-list=IP_LOKAL  src-address-list=IP_LOKAL
add action=accept chain=output dst-address-list=IP_LOKAL  src-address-list=IP_LOKAL

Konversi Dynamic Address List Ke Static

:local list
:local address
:log info "Dynamic to static conversion started"
/ip firewall address-list
:foreach a in=[find where dynamic=yes] do={
      :set list [get $a list]
      :set address [get $a address]
      remove $a
      add list=$list address=$address disabled=no
}
:log info "Dynamic to static conversion finished"

Some of the links in this article may be affiliate links, which can provide compensation to us at no cost to you if you decide to purchase a paid plan. These are products we’ve personally used and stand behind. This site is not intended to provide financial advice.

31 thoughts on “Kumpulan Mikrotik Scripts Terbaru Dan Terlengkap”

    • buat security profilenya abaikan jika sudah ada

      /interface wireless security-profiles
      add name=security1 authentication-types=wpa-psk,wpa2-psk mode=dynamic-keys wpa-pre-shared-key=12345 wpa2-pre-shared-key=12345

      /caps-man access-list
      add action=accept disabled=no interface=any mac-address=XX:XX:XX:XX:XX:XX security-profile=security1

      //jika macc addressnya banyak anda dapat menambahkan sbb:

      /caps-man access-list
      add action=accept disabled=no interface=any mac-address=YY:YY:YY:YY:YY:YY security-profile=security1
      add action=accept disabled=no interface=any mac-address=ZZ:ZZ:ZZ:ZZ:ZZ:ZZ security-profile=security1

      Reply
  1. mas buatakn script schedule buka speed test setiap 5 menit sekali,
    jaringan di tempat saya harus buka speedtest dulu baru normal,kalo ngak setiap 5 menit pasti down internetnya

    Reply
    • cek video youtube cara mencari domain content mikrotik peraktekkan di apps dana dan tambahkan di mikrotik lalu buat mangle dan routing marknya lalu tinggal arahkan

      Reply
    • kalau benar macc bindingnya maka HP yg di macc binding akan bisa browsing tanpa login kalau putus sekali gpp krn saat pertama di macc binding tapi klo putus terus berarti ada yg salah dengan cara kamu set macc bindingnya

      Reply
  2. di sekolah guru sering lupa waktu jam ngajar asyik pegang hp, Minta tolong dibuatkan scrip agar ada notifikasi pesan peringatan bahkan ada bunyi bel di hp pengguna hotspot saat jam masuk dan pergantian pelajaran

    Reply
  3. Bang, bisa bikinin script netwatch yg buat monitoring jaringan LB PCC + failover recursive kalo isp 1 mati terus kirim ke telegram ? waktu di tambahin rule recursive jadi gak mau kirim pesan

    Reply
  4. Mantap penjelasannya jika boleh ijin bertanya :
    Saya menggunakan mikrotik lama type RB450. Dengan keinginan :
    1. Modem isp sebagai breadge (semoga tulisannya benar hehehe) ke port 1 mikrotik
    2. Dial up isp menggunakan mikrotik
    3. Wifi router 1 ke port 2 mikrotik sebagai jaringan hotspot
    4. Wifi router 2 ke port 2 wifi router 1
    5. Port 3 mikrotik sebagai koneksi dvr cctv
    6. Port 4 mikrotik sebagai koneksi dengan tv box (ip tv dgn root)
    7. Port 5 sebagai cadangan untuk lan
    Keinginan :
    A. Membatasi koneksi hotspot berdasarkan nama pengguna (keluarga)
    B. Proteksi dari netcut dan lainnya
    C. Membatasi bandwitch youtube, capcut, tiktok dan medsos lainnya
    D. Bypass game sehingga hanya butuh bandwitch kecil
    E. Membatasi maaf pornografi (sering lolos dengan proxy di google)
    F. Membatasi ip tv di port tadi (bandwitch sendiri)
    G. Bandwitch cctv
    I. Bisa menambahkan bandwitch saat menggunakan aplikasi yg sedang digunakan (zoom) atau lainnya.
    Terima kasih

    Reply
    • keinginan anda bisa di penuhi oleh mikrotik, namun kami tidak bisa menjawab melalui kolom komentar pertanyaan diatas karena butuh penjelasan lebih lanjut
      mungkin akan di bahas di Tutorial Terpisah

      Thanks

      Reply

Leave a Comment


Blokir
Iklan & Malware Gratis
Pakai
Adguard DNS Cloud
Coba Adguard
Cari Provider Internet Terbaik?
Pakai Indihome
Diskon 70%
Daftar Indihome