Kumpulan Mikrotik Scripts Terbaru Dan Terlengkap

mikrotik scripts

Apa itu Mikrotik Scripts?

Mikrotik Scripts adalah kumpulan syntax-syntax mikrotik console yang memiliki tujuan tertentu seperti memblokir, membatasi trafick tertentu pada router mikrotik, dengan menggunakan mikrotik scripts proses konfigurasi atau setting router mikrotik menjadi lebih mudah dan cepat

Domain Content

Domain Content Facebook

Berikut Daftar Domain Content Facebook

.facebook.com
.facebook.net
.fbcdn.net
.fbsbx.com
fb.com
fb.gg
fbwat.ch
messenger.com
m.me

Script Lengkap Untuk Raw Content Facebook:

/ip firewall raw
add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting comment=FACEBOOK content=\
    .facebook.com dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting content=.facebook.net \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting content=.fbcdn.net \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting content=.fbsbx.com \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting content=fb.com dst-address-list=\
    !lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting content=fb.gg dst-address-list=\
    !lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting content=fbwat.ch \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting content=messenger.com \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=FACEBOOK \
    address-list-timeout=1d chain=prerouting content=m.me dst-address-list=\
    !lokal src-address-list=lokal

Domain Content Instagram

.instagram.com
.cdninstagram.com
/ip firewall raw
add action=add-dst-to-address-list address-list=INSTAGRAM \
    address-list-timeout=1d chain=prerouting comment=INSTAGRAM content=\
    .instagram.com dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=INSTAGRAM \
    address-list-timeout=1d chain=prerouting content=.cdninstagram.com \
    dst-address-list=!lokal src-address-list=lokal

Baca Juga : Daftar lengkap Address List Mikrotik Terbaru

Domain Content Marketplace

tokopedia.com
tokopedia.net
shopee.co.id
bukalapak.com
lazada.co.id
blibli.com
olx.co.id

Script Lengkap Untuk Raw Content Marketplace atau toko online:

/ip firewall raw
add action=add-dst-to-address-list address-list=MARKETPLACE \
    address-list-timeout=1d chain=prerouting comment=MARKETPLACE content=\
    tokopedia.com dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=MARKETPLACE \
    address-list-timeout=1d chain=prerouting content=tokopedia.net \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=MARKETPLACE \
    address-list-timeout=1d chain=prerouting content=shopee.co.id \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=MARKETPLACE \
    address-list-timeout=1d chain=prerouting content=bukalapak.com \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=MARKETPLACE \
    address-list-timeout=1d chain=prerouting content=lazada.co.id \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=MARKETPLACE \
    address-list-timeout=1d chain=prerouting content=blibli.com \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=MARKETPLACE \
    address-list-timeout=1d chain=prerouting content=olx.co.id \
    dst-address-list=!lokal src-address-list=lokal

Domain Content Snack Video

.snackvideo.com
.myqcloud.com
.snackvideo.in
/ip firewall raw
add action=add-dst-to-address-list address-list=SNACKVIDEO \
    address-list-timeout=1d chain=prerouting comment=SNACKVIDEO content=\
    .snackvideo.com dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=SNACKVIDEO \
    address-list-timeout=1d chain=prerouting content=.myqcloud.com \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=SNACKVIDEO \
    address-list-timeout=1d chain=prerouting content=.snackvideo.in \
    dst-address-list=!lokal src-address-list=lokal

Domain Content Tiktok

.tiktok.com
.tiktokv.com
.tiktokcdn.com
.byteoversea.com
.ibyteimg.com
.ibytedtos.com
.myqcloud.com
/ip firewall raw
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
    1d chain=prerouting comment=TIKTOK content=.tiktok.com dst-address-list=\
    !lokal src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
    1d chain=prerouting content=.tiktokv.com dst-address-list=!lokal \
    src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
    1d chain=prerouting content=.tiktokcdn.com dst-address-list=!lokal \
    src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
    1d chain=prerouting content=.byteoversea.com dst-address-list=!lokal \
    src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
    1d chain=prerouting content=.ibyteimg.com dst-address-list=!lokal \
    src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
    1d chain=prerouting content=.ibytedtos.com dst-address-list=!lokal \
    src-address-list=lokal
add action=add-dst-to-address-list address-list=TIKTOK address-list-timeout=\
    1d chain=prerouting content=.myqcloud.com dst-address-list=!lokal \
    src-address-list=lokal

Domain Content CAPCUT

.capcut.com
.byteoversea.com
.byteimg.com
.bytevcloudapi.com
/ip firewall raw
add action=add-dst-to-address-list address-list=CAPCUT address-list-timeout=\
    1d chain=prerouting comment=CAPCUT content=.capcut.com dst-address-list=\
    !IP-LOKAL src-address-list=IP-LOKAL
add action=add-dst-to-address-list address-list=CAPCUT address-list-timeout=\
    1d chain=prerouting content=.byteoversea.com dst-address-list=!IP-LOKAL \
    src-address-list=IP-LOKAL
add action=add-dst-to-address-list address-list=CAPCUT address-list-timeout=\
    1d chain=prerouting content=.byteimg.com dst-address-list=!IP-LOKAL \
    src-address-list=IP-LOKAL
add action=add-dst-to-address-list address-list=CAPCUT address-list-timeout=\
    1d chain=prerouting content=.bytevcloudapi.com dst-address-list=!IP-LOKAL \
    src-address-list=IP-LOKAL

Domain Content Kapwing

.kapwing.com
/ip firewall raw
add action=add-dst-to-address-list address-list=KAPWING address-list-timeout=\
    1d chain=prerouting comment=KAPWING content=.kapwing.com \
    dst-address-list=!IP-LOKAL src-address-list=IP-LOKAL

Domain Content Canva

.canva.com
/ip firewall raw
add action=add-dst-to-address-list address-list=CANVA address-list-timeout=\
    1d chain=prerouting comment=CANVA content=.canva.com \
    dst-address-list=!IP-LOKAL src-address-list=IP-LOKAL

Domain Content Titan Mail

.flockmail.com
.titan.email
/ip firewall raw
add action=add-dst-to-address-list address-list=TITAN-MAIL address-list-timeout=\
    1d chain=prerouting comment=TITAN-MAIL content=.flockmail.com \
    dst-address-list=!IP-LOKAL src-address-list=IP-LOKAL

add action=add-dst-to-address-list address-list=TITAN-MAIL address-list-timeout=\
    1d chain=prerouting comment=TITAN-MAIL content=.titan.email \
    dst-address-list=!IP-LOKAL src-address-list=IP-LOKAL

Domain Content Twitter

.twitter.com
.twimg.com
t.co
/ip firewall raw
add action=add-dst-to-address-list address-list=TWITTER address-list-timeout=\
    1d chain=prerouting comment=TWITTER content=.twitter.com \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=TWITTER address-list-timeout=\
    1d chain=prerouting content=.twimg.com dst-address-list=!lokal \
    src-address-list=lokal

add action=add-dst-to-address-list address-list=TWITTER address-list-timeout=\
    1d chain=prerouting content=t.co dst-address-list=!lokal \
    src-address-list=lokal

Domain Content Youtube

.youtube.com
.ytimg.com
.googlevideo.com
youtu.be
yt3.ggpht.com
youtubei.googleapis.com
/ip firewall raw
add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
    1d chain=prerouting comment=YOUTUBE content=.youtube.com \
    dst-address-list=!lokal src-address-list=lokal

add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
    1d chain=prerouting content=.ytimg.com dst-address-list=!lokal \
    src-address-list=lokal

add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
    1d chain=prerouting content=.googlevideo.com dst-address-list=!lokal \
    src-address-list=lokal

add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
    1d chain=prerouting content=youtu.be dst-address-list=!lokal \
    src-address-list=lokal

add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
    1d chain=prerouting content=yt3.ggpht.com dst-address-list=!lokal \
    src-address-list=lokal

add action=add-dst-to-address-list address-list=YOUTUBE address-list-timeout=\
    1d chain=prerouting content=youtubei.googleapis.com dst-address-list=\
    !lokal src-address-list=lokal

Script Install Mikrotik CHR di VPS

berikut adalah script untuk menginstall mikrotik chr di vps

wget https://download.mikrotik.com/routeros/6.46.5/chr-6.46.5.img.zip -O chr.img.zip && \
gunzip -c chr.img.zip > chr.img && \
echo u > /proc/sysrq-trigger && \
dd if=chr.img bs=1024 of=/dev/sda

Yang Perlu di ganti adalah partisi di barisi terakhir /dev/sda silahkan sesuaikan dengan partisi vps anda, untuk cara cek partisi di vps gunakan perintah

sudo fdisk -l

Untuk lebih lengkap cara tutorial mikrotik chr silahkan baca disini

Mengirim Notifikasi Mikrotik Ke Bot Telegram

berikut ini adalah script untuk mengirimkan notifikasi ke bot telegram, silahkan sobat masukkan script ini di tool > netwatch

Contoh Script Notifikasi Ketika Dapat Terkoneksi Ke DNS Google

/tool fetch url="https://api.telegram.org/bot5708391154:AAFKJviidwIHiMicz-3RBLJS7Zp-FK9m7ww/sendMessage?chat_id=1666322534&text='DNS Google Connect Coy'" keep-result=no

Contoh Script Notifikasi Ketika Gagal Terkoneksi Ke DNS Google

/tool fetch url="https://api.telegram.org/bot5708391154:AAFKJviidwIHiMicz-3RBLJS7Zp-FK9m7ww/sendMessage?chat_id=1666322534&text='Gagal Terhubung Ke DNS Google'" keep-result=no

bot token = bot5708391154:AAFKJviidwIHiMicz-3RBLJS7Zp-FK9m7ww

Chat ID : 1666322534

Silahkan sobat ganti bot token dan chat id script mikrotik di atas dengan bot token dan chat id bot telegram yang sobat miliki

Tonton Juga Video : Cara Membuat Notifikasi Mikrotik Dengan BOT Telegram Cocok Untuk Pemula

Script Untuk Monitoring Trafick Router Mikrotik Ke BOT Telegram

di bawah ini adalah contoh script untuk mengirimkan notifikasi untuk memonitoring trafick download dan upload pada mikrotik router

Script untuk mendapatkan tanggal saat ini

:local CurDate [/system clock get date]

Script untuk mendapatkan jam saat ini

:local CurTime [/system clock get time]

Script untuk menampilkan Informasi Log

#Log
:log info "Kecepatan Download Lebih Dari 8 Mbps"

Script untuk mengirimkan notifikasi trafick monitoring dari mikrotik ke bot telegram

/tool fetch url="https://api.telegram.org/bot5708391154:AAFKJviidwIHiMicz-3RBLJS7Zp-FK9m7ww/sendMessage?chat_id=1666322534&text='Traffick Internet Di $CurDate $CurTime Sudah Lebih Dari 8 Mbps Gan" keep-result=no

Tonton Juga Video : Cara Monitoring Trafick Download Dan Upload Mikrotik Menggunakan Bot Telegram

Monitoring Trafick Download Dan Upload Mikrotik Menggunakan Bot Telegram

Load Balance PCC

Load Balance PCC 2 ISP

Load Balance PCC 2 ISP adalah metode penyimbangan dua koneksi atau lebih internet gateway

#=====================================================
# https://midteknologi.com
#=====================================================

/interface
set ether1 comment=Modem-1
set ether2 comment=Modem-2
set ether3 comment=Lan

/ip firewall address-list
add address=192.168.0.0/16 list=IP-LOKAL
add address=172.16.0.0/12 list=IP-LOKAL
add address=10.0.0.0/8 list=IP-LOKAL

/ ip address
add address=192.168.9.9/24 network=192.168.9.0 broadcast=192.168.9.255 interface=ether1
add address=192.168.8.2/24 network=192.168.8.0 broadcast=192.168.8.255 interface=ether2
add address=192.168.10.1/24 network=192.168.10.0 broadcast=192.168.10.255 interface=ether3

/ip route
add check-gateway=ping distance=1 gateway="192.168.9.1" routing-mark="to-ether1"
add check-gateway=ping distance=1 gateway="192.168.8.1" routing-mark="to-ether2"
add check-gateway=ping distance=1 gateway="192.168.9.1"
add check-gateway=ping distance=2 gateway="192.168.8.1"

/ip dns set cache-max-ttl=1d cache-size=2048KiB servers=8.8.8.8,8.8.4.4

/ip firewall nat
add chain=srcnat out-interface="ether1" action=masquerade
add chain=srcnat out-interface="ether2" action=masquerade

/ip firewall mangle
add action=mark-connection chain=input in-interface="ether1" new-connection-mark="cm-ether1" passthrough=yes
add action=mark-connection chain=input in-interface="ether2" new-connection-mark="cm-ether2" passthrough=yes
add action=mark-routing chain=output connection-mark="cm-ether1" new-routing-mark="to-ether1" passthrough=yes
add action=mark-routing chain=output connection-mark="cm-ether2" new-routing-mark="to-ether2" passthrough=yes

add action=mark-connection chain=prerouting dst-address-list=!IP-LOKAL dst-address-type=!local new-connection-mark="cm-ether1" passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0 src-address-list=IP-LOKAL

add action=mark-connection chain=prerouting dst-address-list=!IP-LOKAL dst-address-type=!local new-connection-mark="cm-ether2" passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 src-address-list=IP-LOKAL

add action=mark-routing chain=prerouting connection-mark="cm-ether1" dst-address-list=!IP-LOKAL new-routing-mark="to-ether1" passthrough=yes src-address-list=IP-LOKAL

add action=mark-routing chain=prerouting connection-mark="cm-ether2" dst-address-list=!IP-LOKAL new-routing-mark="to-ether2" passthrough=yes src-address-list=IP-LOKAL

Load Balance PCC 3 ISP

Load Balance PCC 3 ISP adalah metode penyimbangan dua koneksi atau lebih internet gateway

#=====================================================
# https://midteknologi.com
#=====================================================

/interface
set ether1 comment=Modem-1
set ether2 comment=Modem-2
set ether3 comment=Modem-3
set ether4 comment=Lan

/ip firewall address-list
add address=192.168.0.0/16 list=IP-LOKAL
add address=172.16.0.0/12 list=IP-LOKAL
add address=10.0.0.0/8 list=IP-LOKAL

/ ip address
add address=192.168.9.9/24 network=192.168.9.0 broadcast=192.168.9.255 interface=ether1
add address=192.168.8.2/24 network=192.168.8.0 broadcast=192.168.8.255 interface=ether2
add address=192.168.10.2/24 network=192.168.10.0 broadcast=192.168.8.255 interface=ether3
add address=192.168.11.1/24 network=192.168.11.0 broadcast=192.168.10.255 interface=ether4

/ip route
add check-gateway=ping distance=1 gateway="192.168.9.1" routing-mark="to-ether1"
add check-gateway=ping distance=1 gateway="192.168.8.1" routing-mark="to-ether2"
add check-gateway=ping distance=1 gateway="192.168.10.1" routing-mark="to-ether3"
add check-gateway=ping distance=1 gateway="192.168.9.1"
add check-gateway=ping distance=2 gateway="192.168.8.1"
add check-gateway=ping distance=3 gateway="192.168.10.1"

/ip dns set cache-max-ttl=1d cache-size=2048KiB servers=8.8.8.8,8.8.4.4

/ip firewall nat
add chain=srcnat out-interface="ether1" action=masquerade
add chain=srcnat out-interface="ether2" action=masquerade
add chain=srcnat out-interface="ether3" action=masquerade

/ip firewall mangle
add action=mark-connection chain=input in-interface="ether1" new-connection-mark="cm-ether1" passthrough=yes
add action=mark-connection chain=input in-interface="ether2" new-connection-mark="cm-ether2" passthrough=yes
add action=mark-connection chain=input in-interface="ether3" new-connection-mark="cm-ether3" passthrough=yes

add action=mark-routing chain=output connection-mark="cm-ether1" new-routing-mark="to-ether1" passthrough=yes
add action=mark-routing chain=output connection-mark="cm-ether2" new-routing-mark="to-ether2" passthrough=yes
add action=mark-routing chain=output connection-mark="cm-ether3" new-routing-mark="to-ether3" passthrough=yes

add action=mark-connection chain=prerouting dst-address-list=!IP-LOKAL dst-address-type=!local new-connection-mark="cm-ether1" passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0 src-address-list=IP-LOKAL

add action=mark-connection chain=prerouting dst-address-list=!IP-LOKAL dst-address-type=!local new-connection-mark="cm-ether2" passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 src-address-list=IP-LOKAL

add action=mark-connection chain=prerouting dst-address-list=!IP-LOKAL dst-address-type=!local new-connection-mark="cm-ether3" passthrough=yes per-connection-classifier=both-addresses-and-ports:2/2 src-address-list=IP-LOKAL

add action=mark-routing chain=prerouting connection-mark="cm-ether1" dst-address-list=!IP-LOKAL new-routing-mark="to-ether1" passthrough=yes src-address-list=IP-LOKAL

add action=mark-routing chain=prerouting connection-mark="cm-ether2" dst-address-list=!IP-LOKAL new-routing-mark="to-ether2" passthrough=yes src-address-list=IP-LOKAL

add action=mark-routing chain=prerouting connection-mark="cm-ether3" dst-address-list=!IP-LOKAL new-routing-mark="to-ether3" passthrough=yes src-address-list=IP-LOKAL

Script Menambahkan Dynamic IP Route ( Modem IP DHCP)

Script ini sangat berfungsi ketika kita melakukan konfigurasi load balance di mikrotik ketika Modem dari ISP tersebut menggunakan IP DHCP dan tidak bisa di set static kasus seperti ini akan anda temui ketika menggunakan jaringan internet dari ICON + atau Iconnet, dimana kita tidak dapat merubah konfigurasi IP Addressnya menjadi static

berikut ini scriptnya :

:if ($bound=1) do={
	/ip route add distance=1 gateway=$"gateway-address" routing-mark=to-ether2 comment="ISP2"
} else={
	/ip route remove [/ip route find comment="ISP2"]
}

Script diatas teman-teman tambahkan di menu IP > DHCP Client Lalu Klik Tambah Dan Pada tab Advanced Masukkan Script Diatas

dynamic ip route modem ip dhcp
dynamic ip route modem ip dhcp

penjelasan script diatas : ketika kita mendapatkan ip dari modem maka script otomatis akan menambahkan router baru dengan routing mark to ether-2 dengan komentar ISP2 , namun ketika modem ISP mengalami masalah dan kita tidak mendapatkan IP dari modem maka script diatas akan otomatis menghapus route dengan komentar ISP2

Tonton Juga : Solusi Load Balance Dengan IP Modem DHCP

Mikrotik Script Untuk Blokir Situs

Blokir Facebook Menggunakan Address Lists Mikrotik

/ip firewall filter
add action=drop chain=forward dst-address-list=Facebook src-address=192.168.17.0/24 comment="Blokir Facebook Menggunakan Address-Lists"

/ip firewall address-list
add address=146.88.59.0/24 list=Facebook
add address=74.119.76.0/22 list=Facebook
add address=45.64.40.0/22 list=Facebook
add address=69.63.176.0/20 list=Facebook
add address=31.13.64.0/18 list=Facebook
add address=66.220.144.0/20 list=Facebook
add address=69.171.224.0/19 list=Facebook
add address=103.4.96.0/22 list=Facebook
add address=173.252.64.0/19 list=Facebook
add address=173.252.96.0/19 list=Facebook
add address=179.60.192.0/22 list=Facebook
add address=204.15.20.0/22 list=Facebook
add address=31.13.24.0/21 list=Facebook
add address=199.201.64.0/22 list=Facebook
add address=185.60.216.0/22 list=Facebook
add address=157.240.0.0/16 list=Facebook
add address=129.205.94.0/23 list=Facebook

Blokir Facebook Menggunakan Mikrotik

/ip firewall filter
add action=drop chain=forward dst-address-list=Facebook src-address=192.168.17.0/24 comment="Blokir Facebook Menggunakan TLS Host"

/ip firewall mangle
add action=add-dst-to-address-list address-list=Facebook address-list-timeout=4w2d chain=prerouting dst-port=443 protocol=tcp tls-host=*.facebook.com comment="Detecting IP Addresses Facebook"

Blokir Twitter Menggunakan Address Lists Mikrotik

/ip firewall filter
add action=drop chain=forward dst-address-list=Twitter src-address=192.168.17.0/24 comment="Blocking Twitter Menggunakan Address Lists"

/ip firewall address-list add list=Twitter address=8.25.196.0/23
/ip firewall address-list add list=Twitter address=8.25.194.0/23
/ip firewall address-list add list=Twitter address=69.195.188.0/24
/ip firewall address-list add list=Twitter address=69.195.187.0/24
/ip firewall address-list add list=Twitter address=69.195.186.0/24
/ip firewall address-list add list=Twitter address=69.195.185.0/24
/ip firewall address-list add list=Twitter address=69.195.182.0/24
/ip firewall address-list add list=Twitter address=69.195.181.0/24
/ip firewall address-list add list=Twitter address=69.195.180.0/24
/ip firewall address-list add list=Twitter address=69.195.179.0/24
/ip firewall address-list add list=Twitter address=69.195.178.0/24
/ip firewall address-list add list=Twitter address=69.195.177.0/24
/ip firewall address-list add list=Twitter address=69.195.176.0/24
/ip firewall address-list add list=Twitter address=69.195.175.0/24
/ip firewall address-list add list=Twitter address=69.195.174.0/24
/ip firewall address-list add list=Twitter address=69.195.171.0/24
/ip firewall address-list add list=Twitter address=69.195.169.0/24
/ip firewall address-list add list=Twitter address=69.195.168.0/24
/ip firewall address-list add list=Twitter address=69.195.166.0/24
/ip firewall address-list add list=Twitter address=69.195.165.0/24
/ip firewall address-list add list=Twitter address=69.195.164.0/24
/ip firewall address-list add list=Twitter address=69.195.163.0/24
/ip firewall address-list add list=Twitter address=69.195.162.0/24
/ip firewall address-list add list=Twitter address=69.195.160.0/24
/ip firewall address-list add list=Twitter address=69.12.63.0/24
/ip firewall address-list add list=Twitter address=69.12.62.0/24
/ip firewall address-list add list=Twitter address=69.12.61.0/24
/ip firewall address-list add list=Twitter address=69.12.56.0/21
/ip firewall address-list add list=Twitter address=64.63.33.0/24
/ip firewall address-list add list=Twitter address=64.63.0.0/18
/ip firewall address-list add list=Twitter address=209.237.221.0/24
/ip firewall address-list add list=Twitter address=209.237.220.0/24
/ip firewall address-list add list=Twitter address=209.237.218.0/24
/ip firewall address-list add list=Twitter address=209.237.217.0/24
/ip firewall address-list add list=Twitter address=209.237.216.0/24
/ip firewall address-list add list=Twitter address=209.237.215.0/24
/ip firewall address-list add list=Twitter address=209.237.214.0/24
/ip firewall address-list add list=Twitter address=209.237.213.0/24
/ip firewall address-list add list=Twitter address=209.237.210.0/24
/ip firewall address-list add list=Twitter address=209.237.209.0/24
/ip firewall address-list add list=Twitter address=209.237.201.0/24
/ip firewall address-list add list=Twitter address=209.237.200.0/24
/ip firewall address-list add list=Twitter address=209.237.199.0/24
/ip firewall address-list add list=Twitter address=209.237.198.0/24
/ip firewall address-list add list=Twitter address=209.237.197.0/24
/ip firewall address-list add list=Twitter address=209.237.196.0/24
/ip firewall address-list add list=Twitter address=209.237.195.0/24
/ip firewall address-list add list=Twitter address=209.237.194.0/24
/ip firewall address-list add list=Twitter address=209.237.193.0/24
/ip firewall address-list add list=Twitter address=209.237.192.0/24
/ip firewall address-list add list=Twitter address=202.160.131.0/24
/ip firewall address-list add list=Twitter address=202.160.130.0/24
/ip firewall address-list add list=Twitter address=202.160.129.0/24
/ip firewall address-list add list=Twitter address=202.160.128.0/24
/ip firewall address-list add list=Twitter address=199.96.62.0/23
/ip firewall address-list add list=Twitter address=199.96.61.0/24
/ip firewall address-list add list=Twitter address=199.96.60.0/24
/ip firewall address-list add list=Twitter address=199.96.60.0/23
/ip firewall address-list add list=Twitter address=199.96.58.0/23
/ip firewall address-list add list=Twitter address=199.96.57.0/24
/ip firewall address-list add list=Twitter address=199.96.56.0/24
/ip firewall address-list add list=Twitter address=199.96.56.0/23
/ip firewall address-list add list=Twitter address=199.59.148.0/22
/ip firewall address-list add list=Twitter address=199.16.156.0/23
/ip firewall address-list add list=Twitter address=199.16.156.0/22
/ip firewall address-list add list=Twitter address=192.48.237.0/24
/ip firewall address-list add list=Twitter address=192.48.236.0/24
/ip firewall address-list add list=Twitter address=192.48.236.0/23
/ip firewall address-list add list=Twitter address=192.133.78.0/23
/ip firewall address-list add list=Twitter address=192.133.76.0/23
/ip firewall address-list add list=Twitter address=192.133.76.0/22
/ip firewall address-list add list=Twitter address=188.64.224.0/21
/ip firewall address-list add list=Twitter address=185.45.6.0/23
/ip firewall address-list add list=Twitter address=185.45.5.0/24
/ip firewall address-list add list=Twitter address=185.45.4.0/24
/ip firewall address-list add list=Twitter address=185.45.4.0/23
/ip firewall address-list add list=Twitter address=104.244.47.0/24
/ip firewall address-list add list=Twitter address=104.244.46.0/24
/ip firewall address-list add list=Twitter address=104.244.45.0/24
/ip firewall address-list add list=Twitter address=104.244.44.0/24
/ip firewall address-list add list=Twitter address=104.244.43.0/24
/ip firewall address-list add list=Twitter address=104.244.42.0/24
/ip firewall address-list add list=Twitter address=104.244.41.0/24
/ip firewall address-list add list=Twitter address=104.244.40.0/24

Blokir Twitter Di Mikrotik

/ip firewall filter
add action=drop chain=forward dst-address-list=Twitter src-address=192.168.17.0/24 comment="Blokir Twitter Menggunakan TLS Host"

/ip firewall mangle
add action=add-dst-to-address-list address-list=Twitter address-list-timeout=4w2d chain=prerouting dst-port=443 protocol=tcp tls-host=*.twitter.com comment="Detecting IP Addresses Twitter"

Blokir Tiktok Di Mikrotik

/ip firewall filter
add action=drop chain=forward dst-address-list=TikTok src-address=192.168.17.0/24 comment="Blocking TikTok Di Router Mikrotik"

/ip firewall mangle
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.tiktok.com src-address=192.168.17.0/24 comment="Blokir TikTok Menggunakan Mikrotik"
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.tiktokv.com src-address=192.168.17.0/24
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.tiktokcdn.com src-address=192.168.17.0/24
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.byteoversea.com src-address=192.168.17.0/24
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.ibyteimg.com src-address=192.168.17.0/24
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.ibytedtos.com src-address=192.168.17.0/24
add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.myqcloud.com src-address=192.168.17.0/24

Blokir Netflix Di Mikrotik

/ip firewall filter
add action=drop chain=forward dst-address-list=Netflix src-address=192.168.17.0/24 comment="Blocking Netflix Menggunakan TLS Hosts"

/ip firewall mangle
add action=add-dst-to-address-list address-list=Netflix address-list-timeout=4w2d chain=prerouting content=nflxvideo.net src-address=192.168.17.0/24 comment="Deteksi Alamat IP Address Netflix"

Blokir Steam Menggunakan Address Lists Mikrotik

/ip firewall filter
add action=drop chain=forward dst-address-list=Steam src-address=192.168.17.0/24 comment="Blocking Steam Menggunakan Address Lists"

/ip firewall address-list
add address=45.121.184.0/23 list=Steam
add address=45.121.186.0/23 list=Steam
add address=103.10.124.0/24 list=Steam
add address=103.10.125.0/24 list=Steam
add address=103.28.54.0/23 list=Steam
add address=146.66.152.0/23 list=Steam
add address=146.66.154.0/24 list=Steam
add address=146.66.155.0/24 list=Steam
add address=146.66.156.0/23 list=Steam
add address=146.66.158.0/23 list=Steam
add address=153.254.86.0/24 list=Steam
add address=155.133.224.0/23 list=Steam
add address=155.133.227.0/24 list=Steam
add address=155.133.228.0/23 list=Steam
add address=155.133.230.0/23 list=Steam
add address=155.133.232.0/24 list=Steam
add address=155.133.233.0/24 list=Steam
add address=155.133.234.0/24 list=Steam
add address=155.133.235.0/24 list=Steam
add address=155.133.236.0/23 list=Steam
add address=155.133.238.0/24 list=Steam
add address=155.133.239.0/24 list=Steam
add address=155.133.240.0/23 list=Steam
add address=155.133.242.0/23 list=Steam
add address=155.133.244.0/24 list=Steam
add address=155.133.245.0/24 list=Steam
add address=155.133.246.0/23 list=Steam
add address=155.133.248.0/24 list=Steam
add address=155.133.249.0/24 list=Steam
add address=155.133.250.0/24 list=Steam
add address=155.133.252.0/24 list=Steam
add address=155.133.253.0/24 list=Steam
add address=155.133.254.0/24 list=Steam
add address=155.133.255.0/24 list=Steam
add address=162.254.192.0/24 list=Steam
add address=162.254.193.0/24 list=Steam
add address=162.254.194.0/23 list=Steam
add address=162.254.196.0/24 list=Steam
add address=162.254.197.0/24 list=Steam
add address=162.254.198.0/24 list=Steam
add address=162.254.199.0/24 list=Steam
add address=185.25.180.0/23 list=Steam
add address=185.25.182.0/24 list=Steam
add address=185.25.183.0/24 list=Steam
add address=190.216.121.0/24 list=Steam
add address=190.217.33.0/24 list=Steam
add address=192.69.96.0/23 list=Steam
add address=205.185.194.0/24 list=Steam
add address=205.196.6.0/24 list=Steam
add address=208.64.200.0/24 list=Steam
add address=208.64.201.0/24 list=Steam
add address=208.64.202.0/24 list=Steam
add address=208.64.203.0/24 list=Steam
add address=208.78.164.0/23 list=Steam
add address=208.78.166.0/24 list=Steam
add address=208.78.167.0/24 list=Steam

Blokir Garena ROV Di Mikrotik

/ip firewall filter
add action=drop chain=forward dst-address-list=RoV src-address=192.168.17.0/24 comment="Blocking Garena RoV traffic Menggunakan Mikrotik"

/ip firewall mangle
add action=add-dst-to-address-list address-list=RoV address-list-timeout=4d chain=prerouting dst-port=20000 protocol=tcp comment="Mendeteksi Alamat IP Garena RoV"

Penjelasan Script : IP 192.168.17.0/24 adalah Network ID Dari IP Lokal Anda

Blokir Akses Internet Menggunakan Macc Address

/ip firewall filter

add action=accept chain=forward comment=MID_TEKNOLOGI src-mac-address=\
    80:1F:02:6D:24:14

//global blokir ketika terhubung di semua interface 
add action=drop chain=forward comment="Block WIFI"

//spesifik diterapkan untuk interface wlan1
add action=drop chain=forward comment="Block WIFI" in-interface=wlan1

Penjelasan Script : Pada script diatas kita melakukan blokir akses internet dengan macc address “80:1F:02:8D:54:C4”

Mikrotik Scripts Untuk Keamanan Jaringan Router Mikrotik

Mencegah Port Scanner

/ip firewall filter
add action=add-src-to-address-list address-list="Port Scan" address-list-timeout=4w2d chain=forward comment="Mencegah port scanner" protocol=tcp psd=21,3s,3,1
add action=add-src-to-address-list address-list="Port Scan" address-list-timeout=4w2d chain=input protocol=tcp psd=21,3s,3,1
add action=drop chain=forward src-address-list="Port Scan"
add action=drop chain=input src-address-list="Port Scan"

Mencegah UDP Flood Attack

/ip firewall raw
add action=drop chain=prerouting comment="Mencegah UDP Flood Attack" dst-port=53 in-interface=pppoe-out1 protocol=udp
add action=accept chain=prerouting dst-port=53 in-interface=!pppoe-out1 limit=100,5:packet protocol=udp
add action=drop chain=prerouting dst-port=53 in-interface=!pppoe-out1 protocol=udp


jangan Lupa Set Allow Remote Request di IP > DNS 

Mencegah TCP Syn Attack

/ip firewall filter add chain=input protocol=tcp connection-limit=32,1 action=add-src-to-address-list  address-list=blocked-addr address-list-timeout=1d 
/ip firewall filter add chain=input protocol=tcp src-address-list=blocked-addr connection-limit=3,32 action=tarpit 
/ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-state=new action=jump jump-target=SYN-Protect comment="SYN Flood protect" disabled=no
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5 connection-state=new action=accept comment="" disabled=no
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn connection-state=new action=drop comment="" disabled=no
/ip settings set tcp-syncookies=yes

Mencegah ICMP Smurf Attack

/ip firewall raw
add action=drop chain=prerouting comment="Mencegah ICMP Smurf Attack" dst-address-type=broadcast protocol=icmp

/ip firewall filter
add action=drop chain=input comment="Block Ping dari interface WAN" in-interface=LAN-1 protocol=icmp

Mencegah Brute Force

/ip firewall filter
add action=drop chain=input comment="Drop anyone in Black List (SSH)" src-address-list="Black List (SSH)"
add action=jump chain=input comment="Jump to Black List (SSH) Chain" dst-port=22 jump-target="Black List (SSH) Chain" protocol=tcp
add action=add-src-to-address-list address-list="Black List (SSH)" address-list-timeout=4w2d chain="Black List (SSH) Chain" comment="Transfer repeated attempts from Black List (SSH) Stage 3 to Black List (SSH)" connection-state=new src-address-list="Black List (SSH) Stage 3"
add action=add-src-to-address-list address-list="Black List (SSH) Stage 3" address-list-timeout=1m chain="Black List (SSH) Chain" comment="Add Successive attempts to Black List (SSH) Stage 3" connection-state=new src-address-list="Black List (SSH) Stage 2"
add action=add-src-to-address-list address-list="Black List (SSH) Stage 2" address-list-timeout=1m chain="Black List (SSH) Chain" comment="Add Successive attempts to Black List (SSH) Stage 2" connection-state=new src-address-list="Black List (SSH) Stage 1"
add action=add-src-to-address-list address-list="Black List (SSH) Stage 1" address-list-timeout=1m chain="Black List (SSH) Chain" comment="Add initial attempt to Black List (SSH) Stage 1" connection-state=new
add action=return chain="Black List (SSH) Chain" comment="Return from Black List (SSH) chain"

Set Prioritas Bandwith Untuk Zoom

/ip firewall mangle
add action=mark-connection chain=prerouting comment="Mark Zoom Application Connections" dst-address-list=Zoom dst-port=3478,3479,5090,5091,8801-8810 new-connection-mark=Zoom-Connection passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting dst-address-list=Zoom dst-port=3478,3479,5090,5091,8801-8810 new-connection-mark=Zoom-Connection passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="Mark Zoom Web App Connections" dst-address-list=Zoom dst-port=80,443 new-connection-mark=Zoom-Connection passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="Mark All Zoom Packets" connection-mark=Zoom-Connection new-packet-mark=Zoom-Packet passthrough=no

/queue simple
add comment="Internet Package (Upload Speed: 300 Mbps, Download Speed: 300 Mbps)" max-limit=300M/300M name=Parent_Queue target=192.168.17.0/24
add comment="Share Speed  to Zoom (Upload Speed: 20Mbps, Download Speed: 20Mbps)" max-limit=20M/20M name=Queue_Zoom packet-marks=Zoom-Packet parent=Parent_Queue priority=1/1 target=192.168.17.0/24
add comment="Share Speed For General Working (Upload Speed: 280 Mbps, Download Speed: 280Mbps)" max-limit=280M/280M name=Queue_Other packet-marks=no-mark parent=Parent_Queue target=192.168.17.0/24

/ip firewall address-list
add address=3.7.35.0/25	list=Zoom
add address=3.21.137.128/25 list=Zoom
add address=3.22.11.0/24 list=Zoom
add address=3.23.93.0/24 list=Zoom
add address=3.25.41.128/25 list=Zoom
add address=3.25.42.0/25 list=Zoom
add address=3.25.49.0/24 list=Zoom
add address=3.80.20.128/25 list=Zoom
add address=3.96.19.0/24 list=Zoom
add address=3.101.32.128/25 list=Zoom
add address=3.101.52.0/25 list=Zoom
add address=3.104.34.128/25 list=Zoom
add address=3.120.121.0/25 list=Zoom
add address=3.127.194.128/25 list=Zoom
add address=3.208.72.0/25 list=Zoom
add address=3.211.241.0/25 list=Zoom
add address=3.235.69.0/25 list=Zoom
add address=3.235.82.0/23 list=Zoom
add address=3.235.71.128/25 list=Zoom
add address=3.235.72.128/25 list=Zoom
add address=3.235.73.0/25 list=Zoom
add address=3.235.96.0/23 list=Zoom
add address=4.34.125.128/25 list=Zoom
add address=4.35.64.128/25 list=Zoom
add address=8.5.128.0/23 list=Zoom
add address=13.52.6.128/25 list=Zoom
add address=13.52.146.0/25 list=Zoom
add address=18.157.88.0/24 list=Zoom
add address=18.205.93.128/25 list=Zoom
add address=20.203.158.80/28 list=Zoom
add address=20.203.190.192/26 list=Zoom
add address=50.239.202.0/23 list=Zoom
add address=50.239.204.0/24 list=Zoom
add address=52.61.100.128/25 list=Zoom
add address=52.202.62.192/26 list=Zoom
add address=52.215.168.0/25 list=Zoom
add address=64.125.62.0/24 list=Zoom
add address=64.211.144.0/24 list=Zoom
add address=64.224.32.0/19 list=Zoom
add address=65.39.152.0/24 list=Zoom
add address=69.174.57.0/24 list=Zoom
add address=69.174.108.0/22 list=Zoom
add address=99.79.20.0/25 list=Zoom
add address=101.36.167.0/24 list=Zoom
add address=103.122.166.0/23 list=Zoom
add address=111.33.115.0/25 list=Zoom
add address=111.33.181.0/25 list=Zoom
add address=115.110.154.192/26 list=Zoom
add address=115.114.56.192/26 list=Zoom
add address=115.114.115.0/26 list=Zoom
add address=115.114.131.0/26 list=Zoom
add address=120.29.148.0/24 list=Zoom
add address=129.151.0.0/19 list=Zoom
add address=129.151.40.0/22 list=Zoom
add address=129.151.48.0/20 list=Zoom
add address=129.159.0.0/20 list=Zoom
add address=129.159.160.0/19 list=Zoom
add address=129.159.208.0/20 list=Zoom
add address=130.61.164.0/22 list=Zoom
add address=134.224.0.0/16 list=Zoom
add address=140.238.128.0/24 list=Zoom
add address=140.238.232.0/22 list=Zoom
add address=144.195.0.0/16 list=Zoom
add address=147.124.96.0/19 list=Zoom
add address=149.137.0.0/17 list=Zoom
add address=150.230.224.0/21 list=Zoom
add address=152.67.20.0/24 list=Zoom
add address=152.67.118.0/24 list=Zoom
add address=152.67.168.0/22 list=Zoom
add address=152.67.180.0/24 list=Zoom
add address=152.67.184.0/22 list=Zoom
add address=152.67.240.0/21 list=Zoom
add address=152.70.224.0/21 list=Zoom
add address=156.45.0.0/17 list=Zoom
add address=158.101.64.0/24 list=Zoom
add address=158.101.184.0/22 list=Zoom
add address=160.1.56.128/25 list=Zoom
add address=161.199.136.0/22 list=Zoom
add address=162.12.232.0/22 list=Zoom
add address=162.255.36.0/22 list=Zoom
add address=165.254.88.0/23 list=Zoom
add address=166.108.64.0/18 list=Zoom
add address=168.138.16.0/22 list=Zoom
add address=168.138.48.0/24 list=Zoom
add address=168.138.56.0/21 list=Zoom
add address=168.138.72.0/24 list=Zoom
add address=168.138.74.0/25 list=Zoom
add address=168.138.80.0/21 list=Zoom
add address=168.138.96.0/22 list=Zoom
add address=168.138.116.0/22 list=Zoom
add address=168.138.244.0/24 list=Zoom
add address=170.114.0.0/16 list=Zoom
add address=173.231.80.0/20 list=Zoom
add address=192.204.12.0/22 list=Zoom
add address=193.122.16.0/20 list=Zoom
add address=193.122.32.0/20 list=Zoom
add address=193.122.208.0/20 list=Zoom
add address=193.122.224.0/20 list=Zoom
add address=193.122.240.0/20 list=Zoom
add address=193.123.0.0/19 list=Zoom
add address=193.123.40.0/21 list=Zoom
add address=193.123.128.0/19 list=Zoom
add address=193.123.168.0/21 list=Zoom
add address=193.123.192.0/19 list=Zoom
add address=198.251.128.0/17 list=Zoom
add address=202.177.207.128/27 list=Zoom
add address=204.80.104.0/21 list=Zoom
add address=204.141.28.0/22 list=Zoom
add address=206.247.0.0/16 list=Zoom
add address=207.226.132.0/24 list=Zoom
add address=209.9.211.0/24 list=Zoom
add address=209.9.215.0/24 list=Zoom
add address=213.19.144.0/24 list=Zoom
add address=213.19.153.0/24 list=Zoom
add address=213.244.140.0/24 list=Zoom
add address=221.122.88.64/27 list=Zoom
add address=221.122.88.128/25 list=Zoom
add address=221.122.89.128/25 list=Zoom
add address=221.123.139.192/27 list=Zoom

Set Prioritas Bandwith Untuk Aplikasi Mircrosoft Teams

/ip firewall mangle
add action=mark-connection chain=prerouting comment="Mark MicrosoftTeams Application Connection" dst-address-list=MicrosoftTeams dst-port=3478,3479,3480,3481 new-connection-mark=MicrosoftTeams-Connection passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting dst-address-list=MicrosoftTeams dst-port=3478,3479,3480,3481 new-connection-mark=MicrosoftTeams-Connection passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="Mark MicrosoftTeams Web App Connections" dst-address-list=MicrosoftTeams dst-port=80,443 new-connection-mark=MicrosoftTeams-Connection passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="Mark All MicrosoftTeams Packets" connection-mark=MicrosoftTeams-Connection new-packet-mark=MicrosoftTeams-Packet passthrough=no

/queue simple
add comment="Internet Package (Upload Speed: 300 Mbps, Download Speed: 300 Mbps)" max-limit=300M/300M name=Parent_Queue target=192.168.17.0/24
add comment="Share Speed  to MicrosoftTeams (Upload Speed: 20Mbps, Download Speed: 20Mbps)" max-limit=20M/20M name=Queue_MicrosoftTeams packet-marks=MicrosoftTeams-Packet parent=Parent_Queue priority=1/1 target=192.168.17.0/24
add comment="Share Speed For General Working (Upload Speed: 280 Mbps, Download Speed: 280Mbps)" max-limit=280M/280M name=Queue_Other packet-marks=no-mark parent=Parent_Queue target=192.168.17.0/24

/ip firewall address-list
add address=13.107.64.0/18 list=MicrosoftTeams
add address=52.112.0.0/14 list=MicrosoftTeams
add address=52.120.0.0/14 list=MicrosoftTeams
add address=52.238.119.141/32 list=MicrosoftTeams
add address=52.244.160.207/32 list=MicrosoftTeams

Bypass IP Lokal Agar Tidak Terlimit

# tambahkan address lists ip lokal di mikrotik 

/ip firewall address-list
add address=0.0.0.0/8 list=IP_LOKAL
add address=10.0.0.0/8 list=IP_LOKAL
add address=100.64.0.0/10 list=IP_LOKAL
add address=127.0.0.0/8 list=IP_LOKAL
add address=169.254.0.0/16 list=IP_LOKAL
add address=172.16.0.0/12 list=IP_LOKAL
add address=192.0.0.0/24 list=IP_LOKAL
add address=192.0.2.0/24 list=IP_LOKAL
add address=192.168.0.0/16 list=IP_LOKAL
add address=198.18.0.0/15 list=IP_LOKAL
add address=198.51.100.0/24 list=IP_LOKAL
add address=203.0.113.0/24 list=IP_LOKAL
add address=224.0.0.0/4 list=IP_LOKAL
add address=240.0.0.0/4 list=IP_LOKAL

# letakkan script ini di bagian paling atas pada mangle rules

/ip firewall mangle
add action=accept chain=prerouting dst-address-list=IP_LOKAL  src-address-list=IP_LOKAL
add action=accept chain=postrouting dst-address-list=IP_LOKAL  src-address-list=IP_LOKAL
add action=accept chain=forward dst-address-list=IP_LOKAL  src-address-list=IP_LOKAL
add action=accept chain=input dst-address-list=IP_LOKAL  src-address-list=IP_LOKAL
add action=accept chain=output dst-address-list=IP_LOKAL  src-address-list=IP_LOKAL

Konversi Dynamic Address List Ke Static

:local list
:local address
:log info "Dynamic to static conversion started"
/ip firewall address-list
:foreach a in=[find where dynamic=yes] do={
      :set list [get $a list]
      :set address [get $a address]
      remove $a
      add list=$list address=$address disabled=no
}
:log info "Dynamic to static conversion finished"

Disclosure: I may receive affiliate compensation for some of the links below at no cost to you if you decide to purchase a paid plan. This site is not intending to provide financial advice. This is for entertainment only.

Leave a Reply

Your email address will not be published. Required fields are marked *

4 × 5 =

Promo Indihome JITU Diskon Hingga 70%
Daftar Sekarang
Promo Indihome JITU
Diskon Hingga 70%
Daftar Sekarang
Dapatkan Tutorial Mikrotik Setiap Minggu
Subscribe