ARTIKEL PEMULA: Manual script Mikrotik

1. Script Mikrotik add queue otomatis dari DHCP-Server:

:local queueName "Client- $leaseActMAC";:if ($leaseBound = "1") do={/queue simple add name=$queueName target=($leaseActIP . "/32") limit-at=1024k/1024k max-limit=5M/5M parent="none" comment=[/ip dhcp-server lease get [find where active-mac-address=$leaseActMAC && active-address=$leaseActIP] host-name];log info [/ip dhcp lease get [find where active-mac-address="$leaseActMAC"] host-name;]} else={/queue simple remove $queueName}

2. Script backup konfigurasi otomatis ke server ftp:

/system script

add comment=auto-backup-config-intinet dont-require-permissions=no name=Eko owner=indomie policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source="/system\

\_backup save name=(\"BACKUP\" . \"-\" . [/system identity get name] . \"-\" . \\\r\

\n[:pick [/system clock get date] 4 6] . [:pick [/system clock get date] 0 3] . [:pick [/system clock get date] 7 11]);\r\

\n/export file=(\"BACKUP\" . \"-\" . [/system identity get name] . \"-\" . \\\r\

\n[:pick [/system clock get date] 4 6] . [:pick [/system clock get date] 0 3] . [:pick [/system clock get date] 7 11]);\r\

\n:delay 10; \r\

\n:global backupname (\"BACKUP\" . \"-\" . [/system identity get name] . \"-\" . \\\r\

\n[:pick [/system clock get date] 4 6] . [:pick [/system clock get date] 0 3] . [:pick [/system clock get date] 7 11] . \".backup\");\r\

\n:global backuprsc (\"BACKUP\" . \"-\" . [/system identity get name] . \"-\" . \\\r\

\n[:pick [/system clock get date] 4 6] . [:pick [/system clock get date] 0 3] . [:pick [/system clock get date] 7 11] . \".rsc\");\r\

\n/tool fetch address=192.168.10.1 port=21 mode=ftp user=tes password=tes src-path=\$backupname dst-path=\"/home/tes/saya/\$backupname\" upload=yes\r\

\n/tool fetch address=192.168.10.1 port=21 mode=ftp user=tes password=tes src-path=\$backupname dst-path=\"/home/tes/saya/\$backuprsc\" upload=yes\r\

\n:delay 20; \r\

\n/file rem \$backupname \r\

\n/file rem \$backuprsc"

/system scheduler

add comment=auto-backup-config-ruter- interval=4w2d name=schedule1 on-event=tes policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=may/01/2023 start-time=06:45:00

3. Buat limit queue banyak dengan cepat

:for x from=2 to=254 do={/queue simple add name="client-$x" target="192.168.10.$x" max-limit=1M/1M }

4. Otomatis fitur netwatch

/tool netwatch

add down-script="/ip route disable [/ip route find comment=remote-main];/ip route enable [/ip route find comment=remote-backup];:log info \"remote main down\";" host=192.168.10.1 interval=20s timeout=4s up-script=":delay 19;/ip route disable [/ip route find comment=remote-backup]; /ip route enable [/ip route find comment=remote-main];:log info \"remote main up\";"

add down-script="/interface ovpn-client set profile=default [/interface ovpn-client find comment=main];/interface ovpn-client set profile=profile1 [/interface ovpn-client find comment=remote];:log info \"main-link Down\";" host=192.168.8.1 interval=20s timeout=10s up-script=":delay 19;/interface ovpn-client set profile=default [/interface ovpn-client find comment=remote];/interface ovpn-client set profile=profile1 [/interface ovpn-client find comment=main];:log info \"main-link UP\";"

5. Blok sosmed di Firewall

/ip firewall layer7-protocol

/ip firewall raw

add action=add-dst-to-address-list address-list=blokir-youtube address-list-timeout=1d chain=prerouting comment=YOUTUBE content=.youtube.com dst-address-list=!allow \

protocol=tcp time=0s-1d,sun,mon,tue,wed,thu,fri,sat tls-host=*.youtube.com

add action=add-dst-to-address-list address-list=blokir-youtube address-list-timeout=1d chain=prerouting comment="GOOGLE VIDEO" content=.googlevideo.com dst-address-list=\

!allow protocol=tcp time=0s-1d,sun,mon,tue,wed,thu,fri,sat tls-host=*.googlevideo.com

add action=add-dst-to-address-list address-list=blokir-youtube address-list-timeout=1d chain=prerouting comment=INSTAGRAM content=.instagram.com dst-address-list=!allow \

protocol=tcp time=0s-1d,sun,mon,tue,wed,thu,fri,sat tls-host=*.instagram.com

add action=add-dst-to-address-list address-list=blokir-youtube address-list-timeout=1d chain=prerouting comment=FACEBOOK content=.facebook. dst-address-list=!allow \

protocol=tcp time=0s-1d,sun,mon,tue,wed,thu,fri,sat

add action=add-dst-to-address-list address-list=blokir-youtube address-list-timeout=1d chain=prerouting comment=TWITTER content=.twitter. dst-address-list=!allow \

protocol=tcp time=0s-1d,sun,mon,tue,wed,thu,fri,sat tls-host=*.twitter.com

add action=add-dst-to-address-list address-list=blokir-tiktok address-list-timeout=1d chain=prerouting comment=TIKTOK content=tiktok dst-address-list=!allow protocol=tcp \

time=0s-1d,sun,mon,tue,wed,thu,fri,sat

add action=add-dst-to-address-list address-list=blokir-tiktok address-list-timeout=1w chain=prerouting comment=TIKTOK content=.musical.ly protocol=tcp time=\

0s-1d,sun,mon,tue,wed,thu,fri,sat

add action=add-dst-to-address-list address-list=blokir-tiktok address-list-timeout=1d chain=prerouting comment=TIKTOK dst-address-list=!allow protocol=tcp time=\

0s-1d,sun,mon,tue,wed,thu,fri,sat tls-host=*.tiktokcdn.com

/ip firewall filter

add action=drop chain=forward comment=Youtube dst-address-list=blokir-youtube src-address-list=!White-List time=8h-16h,mon,tue,wed,thu,fri

add action=drop chain=forward comment=Sosmed layer7-protocol=all-sosmed src-address-list=!White-List time=8h-16h,mon,tue,wed,thu,fri

add action=drop chain=forward comment=Titktok dst-address-list=blokir-tiktok src-address-list=!White-List time=8h-16h,mon,tue,wed,thu,fri

add action=drop chain=forward comment=Browsec dst-address-list="IP Browsec" src-address-list=!White-List time=8h-16h,mon,tue,wed,thu,fri