Tempat Berbagi Catatan dan Riset tentang Ilmu Jaringan Komputer, Tutorial Mikrotik, Cisco, GNS3, Linux, Windows serta Aplikasi Ujian Online

Cara Blokir Hostname di Mikrotik

Cara Blokir Hostname, ARP Spoofing dan lain sebagainya di Mikrotik. 

Cara ini bisa kita lakukan untuk mencegah user iseng yang ingin menikmati internet gratis secara tidak sah pada hotspot area kita.
jasa setting mikrotik murah


Block Bad Host Name, ARP Spoofing etc.
hostname, edit t1 sampai t15 sesuai nama hostname yang ingin anda blokir
kemudian buat script dan scheduler, jalankan tiap 2 menit
dibuat pada Mikrotik RouterOS v6.33rc30

:foreach i in=[/ip dhcp-server lease find host-name="t1" || host-name="t2" || host-name="t3" \
|| host-name="t4" || host-name="t5" || host-name="t6" || host-name="t7" \
|| host-name="t8" || host-name="t9" || host-name="t10" || host-name="t11" \
|| host-name="t12" || host-name="t13" || host-name="t14" || host-name="t15" ] do={
:local ip [/ip dhcp-server lease get $i address ];
:local mac [/ip dhcp-server lease get $i mac-address ];
:local host [/ip dhcp-server lease get $i host-name ];
/ip dhcp-server lease make-static [ find ];
/ip dhcp-server lease set [ find where dynamic=no mac-address=$mac ] use-src-mac=yes client-id="1:$mac" \
server=dhcp1 block-access=yes comment=BadHost
:log warning ("Bad Host Name $host " . "with Mac $mac " . "and IP $ip blocked on dhcp server lease ")
}


Hapus Bad Hostname, ARP Spoofing etc.
kemudian buat script dan scheduler, jalankan tiap 12 jam
:foreach i in=[/ip dhcp-server lease find comment=BadHost ] do={
:local ip [/ip dhcp-server lease get $i address ];
:local mac [/ip dhcp-server lease get $i mac-address ];
:local host [/ip dhcp-server lease get $i host-name ];
/ip dhcp-server lease remove [ find where comment=BadHost ];
:log warning ("Bad Host Name $host " . "with Mac $mac " . "and IP $ip Removing from dhcp server lease ")
}
Mudah2an aman dah :)

Opsi lainnya untuk memblokir 'Bad Element' dengan menggunakan Bridge Filter
edit hostname t1 sampai t15
kemudian buat script dan scheduler, jalankan tiap 2 menit
:foreach i in=[/ip dhcp-server lease find host-name="t1" || host-name="t2" || host-name="t3" \
|| host-name="t4" || host-name="t5" || host-name="t6" || host-name="t7" \
|| host-name="t8" || host-name="t9" || host-name="t10" || host-name="t11" \
|| host-name="t12" || host-name="t13" || host-name="t14" || host-name="t15" ] do={
:local ip [/ip dhcp-server lease get $i address ];
:local mac [/ip dhcp-server lease get $i mac-address ];
:local host [/ip dhcp-server lease get $i host-name ];
:if ([/interface bridge filter find src-mac-address="$mac/FF:FF:FF:FF:FF:FF" ] = "") do={
/interface bridge filter add chain=input src-mac-address="$mac/FF:FF:FF:FF:FF:FF"\
mac-protocol=ip action=drop comment=BadHost
/interface bridge filter add chain=output src-mac-address="$mac/FF:FF:FF:FF:FF:FF"\
mac-protocol=ip action=drop comment=BadHost
/interface bridge filter add chain=forward src-mac-address="$mac/FF:FF:FF:FF:FF:FF"\
mac-protocol=ip action=drop comment=BadHost
:log warning ("Bad Host Name $host " . "with Mac $mac " . "and IP $ip add to bridge filter ")
}
}

# Hapus Bad Host Name, ARP Spoofing etc. #
/interface bridge filter remove [ find comment=BadHost ]

OK, demikian artikel yang dapat saya share hari ini semoga bermanfaat :)


BACA JUGA:



Cara Blokir Hostname di Mikrotik Rating: 4.5 Diposkan Oleh: Maspur Mikrotik

2 komentar:

  1. ini biasanya dipake diwarnet untuk memblokir ip adddreas dan mac addreas agar tidak jebol.jadi cara ngatasinya biar masuk ke 192.168.1.1 default ADDREAS tanpa terkendala { "HostName" : "192.168.8.11", "cmd" : "", "cmdVersion" : 20150406, "returnCode" : false, "returnMsg" : "Not Supported URL" } itu pencerahanannya MASTER

    BalasHapus

Apabila ada pertanyaan dengan artikel ini mohon tinggalkan komentar anda pada form yg tersedia. Mimin akan menjawab saat tidak ada kesibukan :) Semoga Hari-hari anda senantiasa mendapatkan curahan cahaya kasih sayang Alloh SWT.