Você está na página 1de 7

COMMAND LINE MIKROTIK FOR UKK

MMMM MMMM
KKK
TTTTTTTTTTT
KKK
MMM MMMM MMM III KKK KKK RRRRRR
OOOOOO
TTT
III KKK KKK
MMM MM MMM III KKKKK
RRR RRR OOO OOO
TTT
III KKKKK
MMM
MMM III KKK KKK RRRRRR OOO OOO
TTT
III KKK KKK
MMM
MMM III KKK KKK RRR RRR OOOOOO
TTT
III KKK KKK
MikroTik RouterOS 6.32.2 (c) 1999-2015

http://www.mikrotik.com/

[?]
Gives the list of available commands
command [?]
Gives help on the command and list of arguments
[Tab]

Completes the command/word. If the input is ambiguous,


a second [Tab] gives possible options

/
Move up to base level
..
Move up one level
/command
Use command at the base level
[admin@MikroTik] > password
old-password:
new-password: ***
confirm-new-password: ***
[admin@MikroTik] > system identity set name=RouterTKJ
[admin@RouterTKJ] >
[admin@RouterTKJ] > interface print
Flags: D - dynamic, X - disabled, R - running, S - slave
#
NAME
TYPE
ACTUAL-MTU L2MTU MAX-L2MTU
0 R ether1
ether
1500
1 R ether2
ether
1500
[admin@RouterTKJ] > interface set ether2 name=internet
[admin@RouterTKJ] > interface set ether1 name=local
[admin@RouterTKJ] > interface print
Flags: D - dynamic, X - disabled, R - running, S - slave
#
NAME
TYPE
ACTUAL-MTU L2MTU MAX-L2MTU
0 R internet
ether
1500
1 R local
ether
1500
[admin@RouterTKJ] > ip address add address=192.168.10.1/25 interface=local
[admin@RouterTKJ] > ip dhcp-client add interface=internet disabled=no
[admin@RouterTKJ] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS
NETWORK
INTERFACE
0 D 192.168.1.2/24
192.168.1.0
internet
1 192.168.10.1/25 192.168.10.0 local
[admin@RouterTKJ] > ip dhcp-client print
Flags: X - disabled, I - invalid
# INTERFACE
USE-PEER-DNS ADD-DEFAULT-ROUTE STATUS
ADDRESS
0 internet
yes
yes
bound
192.168.1.2/24
[admin@RouterTKJ] > ip dhcp-server setup
Select interface to run DHCP server on

COMMAND LINE MIKROTIK FOR UKK

dhcp server interface: local


Select network for DHCP addresses
dhcp address space: 192.168.10.0/25
Select gateway for given network
gateway for dhcp network: 192.168.10.1
Select pool of ip addresses given out by DHCP server
addresses to give out: 192.168.10.2-192.168.10.126
Select DNS servers
dns servers: 192.168.1.1
Select lease time
lease time: 10m
[admin@RouterTKJ] > ip route print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
#
DST-ADDRESS
PREF-SRC
GATEWAY
DISTANCE
0 ADS 0.0.0.0/0
192.168.1.1
1
1 ADC 192.168.1.0/24
192.168.1.2
internet
0
2 ADC 192.168.10.0/25 192.168.10.1 local
0
[admin@RouterTKJ] > ip firewall nat add chain=srcnat out-interface=internet src-add
ress=192.168.10.0/25 action=masquerade
[admin@RouterTKJ] > ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=masquerade src-address=192.168.10.0/25
out-interface=internet log=no log-prefix=""
[admin@RouterTKJ] > ping google.com
SEQ HOST
SIZE TTL TIME STATUS
0 74.125.200.101
56 45 62ms
1 74.125.200.101
56 45 59ms
sent=2 received=2 packet-loss=0% min-rtt=59ms avg-rtt=60ms max-rtt=62ms
[admin@RouterTKJ] > ip hotspot setup
Select interface to run HotSpot on
hotspot interface: local
Set HotSpot address for interface
local address of network: 192.168.10.1/25
masquerade network: yes
Set pool for HotSpot addresses
address pool of network: 192.168.10.2-192.168.10.126
Select hotspot SSL certificate
select certificate: none

COMMAND LINE MIKROTIK FOR UKK


Select SMTP server
ip address of smtp server: 0.0.0.0
Setup DNS configuration
dns servers: 192.168.10.1
DNS name of local hotspot server
dns name: routertkj.net
Create local hotspot user
name of local hotspot user: admin
password for the user: admin
[admin@RouterTKJ] > ip hotspot print
Flags: X - disabled, I - invalid, S - HTTPS
# NAME
INTERFACE
ADDRESS-POOL
PROFILE
IDLE-TIMEOUT
0 hotspot1
local
dhcp_pool1
hsprof1
5m
[admin@RouterTKJ] > ip hotspot profile print
Flags: * - default
0 * name="default" hotspot-address=0.0.0.0 dns-name="" html-directory=hotspot
rate-limit="" http-proxy=0.0.0.0:0 smtp-server=0.0.0.0
login-by=cookie,http-chap http-cookie-lifetime=3d split-user-domain=no
use-radius=no
1 name="hsprof1" hotspot-address=192.168.10.1 dns-name="routertkj.net"
html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0
smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d
split-user-domain=no use-radius=no
[admin@RouterTKJ] > ip hotspot profile set 0,1 login-by=http-chap
[admin@RouterTKJ] > ip hotspot profile set 1 rate-limit=256k/512k
[admin@RouterTKJ] > ip hotspot profile print
Flags: * - default
0 * name="default" hotspot-address=0.0.0.0 dns-name="" html-directory=hotspot
rate-limit="" http-proxy=0.0.0.0:0 smtp-server=0.0.0.0 login-by=http-chap
split-user-domain=no use-radius=no
1 name="hsprof1" hotspot-address=192.168.10.1 dns-name="routertkj.net"
html-directory=hotspot rate-limit="256k/512k" http-proxy=0.0.0.0:0
smtp-server=0.0.0.0 login-by=http-chap split-user-domain=no use-radius=no
[admin@RouterTKJ] > ip hotspot user add name=panda password=panda
[admin@RouterTKJ] > ip hotspot user print
Flags: X - disabled, D - dynamic
# SERVER
NAME
ADDRESS
PROFILE
UPTIME
0
admin
default
0s
1
panda
default
0s
[admin@RouterTKJ] > ip hotspot user profile add name=siswa shared-users=16 transpar
ent-proxy=yes
[admin@RouterTKJ] > ip hotspot user profile print
Flags: * - default
0 * name="default" idle-timeout=none keepalive-timeout=2m status-autorefresh=1m

COMMAND LINE MIKROTIK FOR UKK


shared-users=1 add-mac-cookie=yes mac-cookie-timeout=3d address-list=""
transparent-proxy=no
1 name="siswa" idle-timeout=none keepalive-timeout=2m status-autorefresh=1m
shared-users=16 add-mac-cookie=yes mac-cookie-timeout=3d address-list=""
transparent-proxy=yes open-status-page=always advertise=no
[admin@RouterTKJ] > ip hotspot user profile set 0 transparent-proxy=yes
[admin@RouterTKJ] > ip hotspot user profile set 1 rate-limit=256k/512k
[admin@RouterTKJ] > ip hotspot user profile print
Flags: * - default
0 * name="default" idle-timeout=none keepalive-timeout=2m status-autorefresh=1m
shared-users=1 add-mac-cookie=yes mac-cookie-timeout=3d address-list=""
transparent-proxy=yes open-status-page=always advertise=no
1 name="siswa" idle-timeout=none keepalive-timeout=2m status-autorefresh=1m
shared-users=16 add-mac-cookie=yes mac-cookie-timeout=3d
rate-limit="256k/512k" address-list="" transparent-proxy=yes
open-status-page=always advertise=no
[admin@RouterTKJ] > ip hotspot user add name=siswa1 password=1 profile=siswa
[admin@RouterTKJ] > ip hotspot user add name=siswa2 password=2 profile=siswa
[admin@RouterTKJ] > ip hotspot user add name=siswa3 password=3 profile=siswa
[admin@RouterTKJ] > ip hotspot user print
Flags: X - disabled, D - dynamic
# SERVER
NAME
ADDRESS
PROFILE
UPTIME
0
admin
default
0s
1
panda
default
0s
2
siswa1
siswa
0s
3
siswa2
siswa
0s
4
siswa3
siswa
0s
[admin@RouterTKJ] > ip proxy print
enabled: no
src-address: ::
port: 8080
anonymous: no
parent-proxy: ::
parent-proxy-port: 0
cache-administrator: webmaster
max-cache-size: unlimited
max-cache-object-size: 2048KiB
cache-on-disk: no
max-client-connections: 600
max-server-connections: 600
max-fresh-time: 3d
serialize-connections: no
always-from-cache: no
cache-hit-dscp: 4
cache-path: web-proxy
[admin@RouterTKJ] > ip proxy set enabled=yes src-address=0.0.0.0 parent-proxy=0.0.0
.0 cache-administrator=webmaster@sekolah.sch.id cache-on-disk=yes
[admin@RouterTKJ] > ip proxy print

COMMAND LINE MIKROTIK FOR UKK


enabled: yes
src-address: 0.0.0.0
port: 8080
anonymous: no
parent-proxy: 0.0.0.0
parent-proxy-port: 0
cache-administrator: webmaster@sekolah.sch.id
max-cache-size: unlimited
max-cache-object-size: 2048KiB
cache-on-disk: yes
max-client-connections: 600
max-server-connections: 600
max-fresh-time: 3d
serialize-connections: no
always-from-cache: no
cache-hit-dscp: 4
cache-path: web-proxy
[admin@RouterTKJ] > ip proxy access add src-address=192.168.10.0/25 dst-host=*.face
book* action=deny
[admin@RouterTKJ] > ip proxy access add src-address=192.168.10.0/25 dst-host=*.yout
ube* action=deny
[admin@RouterTKJ] > ip proxy access add src-address=192.168.10.0/25 dst-host=*.telk
om* action=deny
[admin@RouterTKJ] > ip proxy access print
Flags: X - disabled
# DST-PORT
DST-HOST
PATH
METHOD ACTION
HITS
0
*.facebook*
deny
0
1
*.youtube*
deny
0
2
*.telkom*
deny
0
[admin@RouterTKJ] > ip firewall nat add chain=dstnat protocol=tcp src-address=192.1
68.10.0/25 dst-port=80,3128,8000 action=redirect to-ports=8080
[admin@RouterTKJ] > ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 D chain=dstnat action=jump jump-target=hotspot hotspot=from-client log=no
log-prefix=""
1 D chain=hotspot action=jump jump-target=pre-hotspot log=no log-prefix=""
2 D chain=hotspot action=redirect to-ports=64872 protocol=udp dst-port=53 log=n>
log-prefix=""
3 D chain=hotspot action=redirect to-ports=64872 protocol=tcp dst-port=53 log=n>
log-prefix=""
4 D chain=hotspot action=redirect to-ports=64873 protocol=tcp hotspot=local-dst
dst-port=80 log=no log-prefix=""
5 D chain=hotspot action=redirect to-ports=64875 protocol=tcp hotspot=local-dst
dst-port=443 log=no log-prefix=""

COMMAND LINE MIKROTIK FOR UKK


6 D chain=hotspot action=jump jump-target=hs-unauth protocol=tcp hotspot=!auth
log=no log-prefix=""
7 D chain=hotspot action=jump jump-target=hs-auth protocol=tcp hotspot=auth
log=no log-prefix=""
8 D chain=hs-unauth action=redirect to-ports=64874 protocol=tcp dst-port=80
log=no log-prefix=""
-- [Q quit|D dump|right|down]
9 D chain=hs-unauth action=redirect to-ports=64874 protocol=tcp dst-port=3128
log=no log-prefix=""
10 D chain=hs-unauth action=redirect to-ports=64874 protocol=tcp dst-port=8080
log=no log-prefix=""
11 D chain=hs-unauth action=redirect to-ports=64875 protocol=tcp dst-port=443
log=no log-prefix=""
12 D chain=hs-unauth action=jump jump-target=hs-smtp protocol=tcp dst-port=25
log=no log-prefix=""
13 D chain=hs-auth action=redirect to-ports=64874 protocol=tcp hotspot=http
log=no log-prefix=""
14 D chain=hs-auth action=jump jump-target=hs-smtp protocol=tcp dst-port=25
log=no log-prefix=""
15 X ;;; place hotspot rules here
chain=unused-hs-chain action=passthrough log=no log-prefix=""
16

chain=srcnat action=masquerade src-address=192.168.10.0/25


out-interface=internet log=no log-prefix=""

17

;;; masquerade hotspot network


chain=srcnat action=masquerade src-address=192.168.10.0/25 log=no
log-prefix=""

18

chain=dstnat action=redirect to-ports=8080 protocol=tcp


src-address=192.168.10.0/25 dst-port=80,3128,8000 log=no log-prefix=""

[admin@RouterTKJ] > queue simple print


Flags: X - disabled, I - invalid, D - dynamic
0 D name="hs-<hotspot1>" target=local parent=none packet-marks="" priority=8/8
queue=hotspot-default/hotspot-default limit-at=256k/512k
max-limit=256k/512k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s
1

name="limit-local" target=local parent=none packet-marks="" priority=8/8


queue=default-small/default-small limit-at=0/0 max-limit=256k/512k
burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s

COMMAND LINE MIKROTIK FOR UKK

Gambar 1. Hasil DHCP Server telah aktif

Gambar 2. Hasil Hotspot telah aktif

Gambar 3. Hasil Proxy telah Aktif