arysandi · November 16, 2018 09:12 · mameck · Mar 27, 2019
diff --git a/mikrotik queue tree b/mikrotik queue tree
 /ip firewall address-list
 add address=0.0.0.0/8 list=private-lokal
 add address=10.0.0.0/8 list=private-lokal
 add address=100.64.0.0/10 list=private-lokal
 add address=127.0.0.0/8 list=private-lokal
 add address=169.254.0.0/16 list=private-lokal
 add address=172.16.0.0/12 list=private-lokal
 add address=192.0.0.0/24 list=private-lokal
 add address=192.0.2.0/24 list=private-lokal
 add address=192.168.0.0/16 list=private-lokal
 add address=198.18.0.0/15 list=private-lokal
 add address=198.51.100.0/24 list=private-lokal
 add address=203.0.113.0/24 list=private-lokal
 add address=224.0.0.0/3 list=private-lokal
 add address=118.98.0.0/17 list=ggc-telkom
 add address=118.97.0.0/16 list=ggc-telkom
 add address=216.239.32.0/19 list=ggc-telkom
 add address=216.58.192.0/19 list=ggc-telkom
 add address=172.217.0.0/16 list=ggc-telkom
 add address=74.125.0.0/16 list=ggc-telkom
 /ip firewall mangle
 add action=mark-connection chain=prerouting comment=private-lokal \
 dst-address-list=private-lokal new-connection-mark=private-lokal \
 passthrough=yes src-address-list=private-lokal
 add action=accept chain=prerouting comment=private-lokal connection-mark=\
 private-lokal dst-address-list=private-lokal src-address-list=\
 private-lokal
 add action=mark-connection chain=prerouting comment=vip dst-address-list=\
 !private-lokal new-connection-mark=vip passthrough=yes protocol=icmp \
 src-address-list=private-lokal
 add action=mark-connection chain=prerouting comment=dns dst-address-list=\
 !private-lokal dst-port=53,5353,123,1194 new-connection-mark=vip \
 passthrough=yes protocol=tcp src-address-list=private-lokal
 add action=mark-connection chain=prerouting comment=dns dst-address-list=\
 !private-lokal dst-port=53,5353,123,1194 new-connection-mark=vip \
 passthrough=yes protocol=udp src-address-list=private-lokal
 add action=accept chain=prerouting comment=vip connection-mark=vip
 add action=mark-connection chain=prerouting comment=games dst-address-list=\
 games new-connection-mark=games passthrough=yes src-address-list=\
 private-lokal
 add action=accept chain=prerouting comment=games connection-mark=games
 add action=mark-connection chain=prerouting comment=sosmed dst-address-list=\
 sosmed new-connection-mark=sosmed passthrough=yes src-address-list=\
 private-lokal
 add action=accept chain=prerouting comment=sosmed connection-mark=sosmed
 add action=mark-connection chain=prerouting comment=ggc-telkom \
 dst-address-list=ggc-telkom new-connection-mark=ggc-redirector \
 passthrough=yes src-address-list=private-lokal
 add action=accept chain=prerouting comment=ggc-redirector connection-mark=\
 ggc-redirector
 add action=mark-connection chain=prerouting comment=all-trafik \
 dst-address-list=!private-lokal new-connection-mark=all-trafik \
 passthrough=yes src-address-list=private-lokal
 add action=accept chain=prerouting comment=all-trafik connection-mark=\
 all-trafik
 add action=jump chain=forward in-interface=ether1 jump-target=qos-down
 add action=mark-packet chain=qos-down comment=vip-down connection-mark=vip \
 new-packet-mark=vip-down passthrough=no
 add action=mark-packet chain=qos-down comment=games-down connection-mark=\
 games new-packet-mark=games-down passthrough=no
 add action=mark-packet chain=qos-down comment=sosmed-down connection-mark=\
 sosmed new-packet-mark=sosmed-down passthrough=no
 add action=mark-packet chain=qos-down comment=patch-games-down \
 connection-mark=all-trafik new-packet-mark=patch-games-down passthrough=\
 no src-address-list=games
 add action=mark-packet chain=qos-down comment=ggc-telkom-down \
 connection-mark=ggc-redirector new-packet-mark=ggc-telkom-down \
 passthrough=no
 add action=mark-packet chain=qos-down comment=browsing-down connection-bytes=\
 0-1000000 connection-mark=all-trafik new-packet-mark=browsing-down \
 passthrough=no
 add action=mark-packet chain=qos-down comment=low-down connection-bytes=\
 1000001-10000000 connection-mark=all-trafik new-packet-mark=low-down \
 passthrough=no
 add action=mark-packet chain=qos-down comment=midle-down connection-bytes=\
 10000001-50000000 connection-mark=all-trafik new-packet-mark=midle-down \
 passthrough=no
 add action=mark-packet chain=qos-down comment=high-down connection-bytes=\
 50000001-0 connection-mark=all-trafik new-packet-mark=high-down \
 passthrough=no
 add action=mark-packet chain=qos-down comment=unknown-down connection-mark=\
 all-trafik new-packet-mark=unknown-down passthrough=no
 add action=mark-packet chain=qos-down comment=unknown-down new-packet-mark=\
 unknown-down passthrough=no
 add action=return chain=qos-down
 add action=jump chain=forward jump-target=qos-up out-interface=ether1
 add action=mark-packet chain=qos-up comment=vip-up connection-mark=vip \
 new-packet-mark=vip-up passthrough=no
 add action=mark-packet chain=qos-up comment=games-up connection-mark=games \
 new-packet-mark=games-up passthrough=no
 add action=mark-packet chain=qos-up comment=sosmed-up connection-mark=sosmed \
 new-packet-mark=sosmed-up passthrough=no
 add action=mark-packet chain=qos-up comment=patch-games-up connection-mark=\
 all-trafik dst-address-list=games new-packet-mark=patch-games-up \
 passthrough=no
 add action=mark-packet chain=qos-up comment=ggc-telkom-up connection-mark=\
 ggc-redirector new-packet-mark=ggc-telkom-up passthrough=no
 add action=mark-packet chain=qos-up comment=browsing-up connection-bytes=\
 0-1000000 connection-mark=all-trafik new-packet-mark=browsing-up \
 passthrough=no
 add action=mark-packet chain=qos-up comment=low-up connection-bytes=\
 1000001-10000000 connection-mark=all-trafik new-packet-mark=low-up \
 passthrough=no
 add action=mark-packet chain=qos-up comment=midle-up connection-bytes=\
 10000001-50000000 connection-mark=all-trafik new-packet-mark=midle-up \
 passthrough=no
 add action=mark-packet chain=qos-up comment=high-up connection-bytes=\
 50000001-0 connection-mark=all-trafik new-packet-mark=high-up \
 passthrough=no
 add action=mark-packet chain=qos-up comment=unknown-up connection-mark=\
 all-trafik new-packet-mark=unknown-up passthrough=no
 add action=mark-packet chain=qos-up comment=unknown-up new-packet-mark=\
 unknown-up passthrough=no
 add action=return chain=qos-up
 /ip firewall raw
 add action=add-dst-to-address-list address-list=games address-list-timeout=\
 none-dynamic chain=prerouting comment=Vainglory dst-address-list=\
 !private-lokal dst-port=7000-8020 protocol=tcp src-address-list=\
 private-lokal
 add action=add-dst-to-address-list address-list=games address-list-timeout=\
 none-dynamic chain=prerouting comment=Vainglory content=.superevil.net \
 dst-address-list=!private-lokal src-address-list=private-lokal
 add action=add-dst-to-address-list address-list=games address-list-timeout=\
 none-dynamic chain=prerouting comment="Mobile Legends" dst-address-list=\
 !private-lokal dst-port=30050-30150 protocol=tcp src-address-list=\
 private-lokal
 add action=add-dst-to-address-list address-list=games address-list-timeout=\
 none-dynamic chain=prerouting comment="Mobile Legends" dst-address-list=\
 !private-lokal dst-port=5000-5570 protocol=udp src-address-list=\
 private-lokal
 add action=add-dst-to-address-list address-list=games address-list-timeout=\
 none-dynamic chain=prerouting comment="PUBG Mobile" dst-address-list=\
 !private-lokal dst-port=10012,17500 protocol=tcp src-address-list=\
 private-lokal
 add action=add-dst-to-address-list address-list=games address-list-timeout=\
 none-dynamic chain=prerouting comment="PUBG Mobile" dst-address-list=\
 !private-lokal dst-port="10491,10010,10013,10612,20002,20001,20000,12235,1\
 3748,13972,13894,11455,10096,10039" protocol=udp src-address-list=\
 private-lokal
 add action=add-dst-to-address-list address-list=games address-list-timeout=\
 none-dynamic chain=prerouting comment="PUBG Mobile" content=.igamecj.com \
 dst-address-list=!private-lokal src-address-list=private-lokal
 add action=add-dst-to-address-list address-list=games address-list-timeout=\
 none-dynamic chain=prerouting comment="PUBG Mobile" content=\
 tencentgames.helpshift.com dst-address-list=!private-lokal \
 src-address-list=private-lokal
 add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
 none-dynamic chain=prerouting comment=ig content=.cdninstagram.com \
 dst-address-list=!private-lokal src-address-list=private-lokal
 add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
 none-dynamic chain=prerouting comment=ig content=.instagram.com \
 dst-address-list=!private-lokal src-address-list=private-lokal
 add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
 none-dynamic chain=prerouting comment=WA content=.whatsapp.net \
 dst-address-list=!private-lokal src-address-list=private-lokal
 add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
 none-dynamic chain=prerouting comment=WA content=.whatsapp.com \
 dst-address-list=!private-lokal src-address-list=private-lokal
 add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
 none-dynamic chain=prerouting comment=life360 content=.life360.com \
 dst-address-list=!private-lokal src-address-list=private-lokal
 add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
 none-dynamic chain=prerouting comment=fb content=.facebook.com \
 dst-address-list=!private-lokal src-address-list=private-lokal
 add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
 none-dynamic chain=prerouting comment=fb content=.facebook.net \
 dst-address-list=!private-lokal src-address-list=private-lokal
 add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
 none-dynamic chain=prerouting comment=fb content=.fbcdn.net \
 dst-address-list=!private-lokal src-address-list=private-lokal
 add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
 none-dynamic chain=prerouting comment=twitter content=.twitter.com \
 dst-address-list=!private-lokal src-address-list=private-lokal
 add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
 none-dynamic chain=prerouting comment=twitter content=.twimg.com \
 dst-address-list=!private-lokal src-address-list=private-lokal
 add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
 none-dynamic chain=prerouting comment=tiktok content=.tiktokv.com \
 dst-address-list=!private-lokal src-address-list=private-lokal
 /queue tree
 add max-limit=100M name=INCOMING parent=global queue=default
 add limit-at=10M max-limit=100M name=A.1.PAKET-TRAFIK parent=INCOMING queue=\
 default
 add bucket-size=0 name=A.1.1.VIP packet-mark=vip-down parent=A.1.PAKET-TRAFIK \
 priority=1 queue=default
 add bucket-size=0 name=A.1.2.GAMES-ONLINE packet-mark=games-down parent=\
 A.1.PAKET-TRAFIK priority=2 queue=default
 add bucket-size=0 name=A.1.3.PATCH-GAMES packet-mark=patch-games-down parent=\
 A.1.PAKET-TRAFIK priority=3 queue=pcq-download-default
 add max-limit=8M name=A.1.4.NORMAL parent=A.1.PAKET-TRAFIK queue=default
 add limit-at=200k max-limit=8M name=A.1.4.1.BROWSING packet-mark=\
 browsing-down parent=A.1.4.NORMAL priority=4 queue=pcq-download-default
 add limit-at=200k max-limit=8M name=A.1.4.3.LOW packet-mark=low-down parent=\
 A.1.4.NORMAL priority=5 queue=pcq-download-default
 add limit-at=200k max-limit=8M name=A.1.4.4.MIDLE packet-mark=midle-down \
 parent=A.1.4.NORMAL priority=6 queue=pcq-download-default
 add limit-at=200k max-limit=8M name=A.1.4.5.HIGH packet-mark=high-down \
 parent=A.1.4.NORMAL priority=7 queue=pcq-download-default
 add limit-at=200k max-limit=8M name=A.1.4.6.UNKNOWN packet-mark=unknown-down \
 parent=A.1.4.NORMAL priority=7 queue=pcq-download-default
 add limit-at=200k max-limit=10M name=A.1.4.7.GGC-TELKOM packet-mark=\
 ggc-telkom-down parent=A.1.4.NORMAL queue=pcq-download-default
 add max-limit=100M name=OUTGOING parent=global queue=default
 add limit-at=2M max-limit=2M name=B.1.PAKET-TRAFIK parent=OUTGOING queue=\
 default
 add limit-at=64k max-limit=2M name=B.1.1.VIP packet-mark=vip-up parent=\
 B.1.PAKET-TRAFIK priority=1 queue=default
 add limit-at=500k max-limit=2M name=B.1.2.GAMES-ONLINE packet-mark=games-up \
 parent=B.1.PAKET-TRAFIK priority=2 queue=default
 add limit-at=250k max-limit=2M name=B.1.3.PATCH-GAMES packet-mark=\
 patch-games-up parent=B.1.PAKET-TRAFIK priority=3 queue=\
 pcq-upload-default
 add limit-at=1500k max-limit=1500k name=B.1.4.NORMAL parent=B.1.PAKET-TRAFIK \
 queue=default
 add limit-at=200k max-limit=1500k name=B.1.4.1.BROWSING packet-mark=\
 browsing-up parent=B.1.4.NORMAL priority=4 queue=pcq-upload-default
 add limit-at=200k max-limit=1500k name=B.1.4.3.LOW packet-mark=low-up parent=\
 B.1.4.NORMAL priority=5 queue=pcq-upload-default
 add limit-at=200k max-limit=1500k name=B.1.4.4.MIDLE packet-mark=midle-up \
 parent=B.1.4.NORMAL priority=6 queue=pcq-upload-default
 add limit-at=200k max-limit=1500k name=B.1.4.5.HIGH packet-mark=high-up \
 parent=B.1.4.NORMAL priority=7 queue=pcq-upload-default
 add limit-at=200k max-limit=1500k name=B.1.4.6.UNKNOWN packet-mark=unknown-up \
 parent=B.1.4.NORMAL priority=7 queue=pcq-upload-default
 add limit-at=100k max-limit=2M name=B.1.4.7.GGC-TELKOM packet-mark=\
 ggc-telkom-up parent=B.1.4.NORMAL queue=pcq-upload-default
 add limit-at=200k max-limit=8M name=A.1.4.2.SOSMED packet-mark=sosmed-down \
 parent=A.1.4.NORMAL priority=7 queue=pcq-download-default
 add limit-at=200k max-limit=1500k name=B.1.4.2.SOSMED packet-mark=sosmed-up \
 parent=B.1.4.NORMAL priority=7 queue=pcq-upload-default
 /ip firewall filter
 add action=drop chain=input comment=dns-flood dst-port=53,5353 protocol=tcp \
 src-address-list=!private-lokal
 add action=drop chain=input comment=dns-flood dst-port=53,5353 protocol=udp \
 src-address-list=!private-lokal
 add action=drop chain=forward comment=dns-flood dst-port=53,5353 protocol=tcp \
 src-address-list=!private-lokal
 add action=drop chain=forward comment=dns-flood dst-port=53,5353 protocol=udp \
 src-address-list=!private-lokal
 add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
 add action=accept chain=input comment="defconf: accept ICMP" dst-port=\
 8291-8299,8030-8039,2222,22,5900-5911,1701-1723,8123,1194,8012,8123 \
 protocol=tcp
 add action=accept chain=input comment="defconf: accept ICMP" dst-port=\
 8291-8299,8030-8039,2222,22,5900-5911,1701-1723,8123,1194,8012,8123 \
 protocol=udp
 add action=accept chain=input comment="defconf: accept established,related" \
 connection-state=established,related
 add action=drop chain=input comment="defconf: drop all from WAN" \
 in-interface=ether1
 add action=accept chain=forward comment="defconf: accept established,related" \
 connection-state=established,related
 add action=drop chain=forward comment="defconf: drop invalid" \
 connection-state=invalid
 add action=drop chain=forward comment=\
 "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
 connection-state=new in-interface=ether1
	/ip firewall address-list
	add address=0.0.0.0/8 list=private-lokal
	add address=10.0.0.0/8 list=private-lokal
	add address=100.64.0.0/10 list=private-lokal
	add address=127.0.0.0/8 list=private-lokal
	add address=169.254.0.0/16 list=private-lokal
	add address=172.16.0.0/12 list=private-lokal
	add address=192.0.0.0/24 list=private-lokal
	add address=192.0.2.0/24 list=private-lokal
	add address=192.168.0.0/16 list=private-lokal
	add address=198.18.0.0/15 list=private-lokal
	add address=198.51.100.0/24 list=private-lokal
	add address=203.0.113.0/24 list=private-lokal
	add address=224.0.0.0/3 list=private-lokal
	add address=118.98.0.0/17 list=ggc-telkom
	add address=118.97.0.0/16 list=ggc-telkom
	add address=216.239.32.0/19 list=ggc-telkom
	add address=216.58.192.0/19 list=ggc-telkom
	add address=172.217.0.0/16 list=ggc-telkom
	add address=74.125.0.0/16 list=ggc-telkom
	/ip firewall mangle
	add action=mark-connection chain=prerouting comment=private-lokal \
	dst-address-list=private-lokal new-connection-mark=private-lokal \
	passthrough=yes src-address-list=private-lokal
	add action=accept chain=prerouting comment=private-lokal connection-mark=\
	private-lokal dst-address-list=private-lokal src-address-list=\
	private-lokal
	add action=mark-connection chain=prerouting comment=vip dst-address-list=\
	!private-lokal new-connection-mark=vip passthrough=yes protocol=icmp \
	src-address-list=private-lokal
	add action=mark-connection chain=prerouting comment=dns dst-address-list=\
	!private-lokal dst-port=53,5353,123,1194 new-connection-mark=vip \
	passthrough=yes protocol=tcp src-address-list=private-lokal
	add action=mark-connection chain=prerouting comment=dns dst-address-list=\
	!private-lokal dst-port=53,5353,123,1194 new-connection-mark=vip \
	passthrough=yes protocol=udp src-address-list=private-lokal
	add action=accept chain=prerouting comment=vip connection-mark=vip
	add action=mark-connection chain=prerouting comment=games dst-address-list=\
	games new-connection-mark=games passthrough=yes src-address-list=\
	private-lokal
	add action=accept chain=prerouting comment=games connection-mark=games
	add action=mark-connection chain=prerouting comment=sosmed dst-address-list=\
	sosmed new-connection-mark=sosmed passthrough=yes src-address-list=\
	private-lokal
	add action=accept chain=prerouting comment=sosmed connection-mark=sosmed
	add action=mark-connection chain=prerouting comment=ggc-telkom \
	dst-address-list=ggc-telkom new-connection-mark=ggc-redirector \
	passthrough=yes src-address-list=private-lokal
	add action=accept chain=prerouting comment=ggc-redirector connection-mark=\
	ggc-redirector
	add action=mark-connection chain=prerouting comment=all-trafik \
	dst-address-list=!private-lokal new-connection-mark=all-trafik \
	passthrough=yes src-address-list=private-lokal
	add action=accept chain=prerouting comment=all-trafik connection-mark=\
	all-trafik
	add action=jump chain=forward in-interface=ether1 jump-target=qos-down
	add action=mark-packet chain=qos-down comment=vip-down connection-mark=vip \
	new-packet-mark=vip-down passthrough=no
	add action=mark-packet chain=qos-down comment=games-down connection-mark=\
	games new-packet-mark=games-down passthrough=no
	add action=mark-packet chain=qos-down comment=sosmed-down connection-mark=\
	sosmed new-packet-mark=sosmed-down passthrough=no
	add action=mark-packet chain=qos-down comment=patch-games-down \
	connection-mark=all-trafik new-packet-mark=patch-games-down passthrough=\
	no src-address-list=games
	add action=mark-packet chain=qos-down comment=ggc-telkom-down \
	connection-mark=ggc-redirector new-packet-mark=ggc-telkom-down \
	passthrough=no
	add action=mark-packet chain=qos-down comment=browsing-down connection-bytes=\
	0-1000000 connection-mark=all-trafik new-packet-mark=browsing-down \
	passthrough=no
	add action=mark-packet chain=qos-down comment=low-down connection-bytes=\
	1000001-10000000 connection-mark=all-trafik new-packet-mark=low-down \
	passthrough=no
	add action=mark-packet chain=qos-down comment=midle-down connection-bytes=\
	10000001-50000000 connection-mark=all-trafik new-packet-mark=midle-down \
	passthrough=no
	add action=mark-packet chain=qos-down comment=high-down connection-bytes=\
	50000001-0 connection-mark=all-trafik new-packet-mark=high-down \
	passthrough=no
	add action=mark-packet chain=qos-down comment=unknown-down connection-mark=\
	all-trafik new-packet-mark=unknown-down passthrough=no
	add action=mark-packet chain=qos-down comment=unknown-down new-packet-mark=\
	unknown-down passthrough=no
	add action=return chain=qos-down
	add action=jump chain=forward jump-target=qos-up out-interface=ether1
	add action=mark-packet chain=qos-up comment=vip-up connection-mark=vip \
	new-packet-mark=vip-up passthrough=no
	add action=mark-packet chain=qos-up comment=games-up connection-mark=games \
	new-packet-mark=games-up passthrough=no
	add action=mark-packet chain=qos-up comment=sosmed-up connection-mark=sosmed \
	new-packet-mark=sosmed-up passthrough=no
	add action=mark-packet chain=qos-up comment=patch-games-up connection-mark=\
	all-trafik dst-address-list=games new-packet-mark=patch-games-up \
	passthrough=no
	add action=mark-packet chain=qos-up comment=ggc-telkom-up connection-mark=\
	ggc-redirector new-packet-mark=ggc-telkom-up passthrough=no
	add action=mark-packet chain=qos-up comment=browsing-up connection-bytes=\
	0-1000000 connection-mark=all-trafik new-packet-mark=browsing-up \
	passthrough=no
	add action=mark-packet chain=qos-up comment=low-up connection-bytes=\
	1000001-10000000 connection-mark=all-trafik new-packet-mark=low-up \
	passthrough=no
	add action=mark-packet chain=qos-up comment=midle-up connection-bytes=\
	10000001-50000000 connection-mark=all-trafik new-packet-mark=midle-up \
	passthrough=no
	add action=mark-packet chain=qos-up comment=high-up connection-bytes=\
	50000001-0 connection-mark=all-trafik new-packet-mark=high-up \
	passthrough=no
	add action=mark-packet chain=qos-up comment=unknown-up connection-mark=\
	all-trafik new-packet-mark=unknown-up passthrough=no
	add action=mark-packet chain=qos-up comment=unknown-up new-packet-mark=\
	unknown-up passthrough=no
	add action=return chain=qos-up
	/ip firewall raw
	add action=add-dst-to-address-list address-list=games address-list-timeout=\
	none-dynamic chain=prerouting comment=Vainglory dst-address-list=\
	!private-lokal dst-port=7000-8020 protocol=tcp src-address-list=\
	private-lokal
	add action=add-dst-to-address-list address-list=games address-list-timeout=\
	none-dynamic chain=prerouting comment=Vainglory content=.superevil.net \
	dst-address-list=!private-lokal src-address-list=private-lokal
	add action=add-dst-to-address-list address-list=games address-list-timeout=\
	none-dynamic chain=prerouting comment="Mobile Legends" dst-address-list=\
	!private-lokal dst-port=30050-30150 protocol=tcp src-address-list=\
	private-lokal
	add action=add-dst-to-address-list address-list=games address-list-timeout=\
	none-dynamic chain=prerouting comment="Mobile Legends" dst-address-list=\
	!private-lokal dst-port=5000-5570 protocol=udp src-address-list=\
	private-lokal
	add action=add-dst-to-address-list address-list=games address-list-timeout=\
	none-dynamic chain=prerouting comment="PUBG Mobile" dst-address-list=\
	!private-lokal dst-port=10012,17500 protocol=tcp src-address-list=\
	private-lokal
	add action=add-dst-to-address-list address-list=games address-list-timeout=\
	none-dynamic chain=prerouting comment="PUBG Mobile" dst-address-list=\
	!private-lokal dst-port="10491,10010,10013,10612,20002,20001,20000,12235,1\
	3748,13972,13894,11455,10096,10039" protocol=udp src-address-list=\
	private-lokal
	add action=add-dst-to-address-list address-list=games address-list-timeout=\
	none-dynamic chain=prerouting comment="PUBG Mobile" content=.igamecj.com \
	dst-address-list=!private-lokal src-address-list=private-lokal
	add action=add-dst-to-address-list address-list=games address-list-timeout=\
	none-dynamic chain=prerouting comment="PUBG Mobile" content=\
	tencentgames.helpshift.com dst-address-list=!private-lokal \
	src-address-list=private-lokal
	add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
	none-dynamic chain=prerouting comment=ig content=.cdninstagram.com \
	dst-address-list=!private-lokal src-address-list=private-lokal
	add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
	none-dynamic chain=prerouting comment=ig content=.instagram.com \
	dst-address-list=!private-lokal src-address-list=private-lokal
	add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
	none-dynamic chain=prerouting comment=WA content=.whatsapp.net \
	dst-address-list=!private-lokal src-address-list=private-lokal
	add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
	none-dynamic chain=prerouting comment=WA content=.whatsapp.com \
	dst-address-list=!private-lokal src-address-list=private-lokal
	add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
	none-dynamic chain=prerouting comment=life360 content=.life360.com \
	dst-address-list=!private-lokal src-address-list=private-lokal
	add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
	none-dynamic chain=prerouting comment=fb content=.facebook.com \
	dst-address-list=!private-lokal src-address-list=private-lokal
	add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
	none-dynamic chain=prerouting comment=fb content=.facebook.net \
	dst-address-list=!private-lokal src-address-list=private-lokal
	add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
	none-dynamic chain=prerouting comment=fb content=.fbcdn.net \
	dst-address-list=!private-lokal src-address-list=private-lokal
	add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
	none-dynamic chain=prerouting comment=twitter content=.twitter.com \
	dst-address-list=!private-lokal src-address-list=private-lokal
	add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
	none-dynamic chain=prerouting comment=twitter content=.twimg.com \
	dst-address-list=!private-lokal src-address-list=private-lokal
	add action=add-dst-to-address-list address-list=sosmed address-list-timeout=\
	none-dynamic chain=prerouting comment=tiktok content=.tiktokv.com \
	dst-address-list=!private-lokal src-address-list=private-lokal
	/queue tree
	add max-limit=100M name=INCOMING parent=global queue=default
	add limit-at=10M max-limit=100M name=A.1.PAKET-TRAFIK parent=INCOMING queue=\
	default
	add bucket-size=0 name=A.1.1.VIP packet-mark=vip-down parent=A.1.PAKET-TRAFIK \
	priority=1 queue=default
	add bucket-size=0 name=A.1.2.GAMES-ONLINE packet-mark=games-down parent=\
	A.1.PAKET-TRAFIK priority=2 queue=default
	add bucket-size=0 name=A.1.3.PATCH-GAMES packet-mark=patch-games-down parent=\
	A.1.PAKET-TRAFIK priority=3 queue=pcq-download-default
	add max-limit=8M name=A.1.4.NORMAL parent=A.1.PAKET-TRAFIK queue=default
	add limit-at=200k max-limit=8M name=A.1.4.1.BROWSING packet-mark=\
	browsing-down parent=A.1.4.NORMAL priority=4 queue=pcq-download-default
	add limit-at=200k max-limit=8M name=A.1.4.3.LOW packet-mark=low-down parent=\
	A.1.4.NORMAL priority=5 queue=pcq-download-default
	add limit-at=200k max-limit=8M name=A.1.4.4.MIDLE packet-mark=midle-down \
	parent=A.1.4.NORMAL priority=6 queue=pcq-download-default
	add limit-at=200k max-limit=8M name=A.1.4.5.HIGH packet-mark=high-down \
	parent=A.1.4.NORMAL priority=7 queue=pcq-download-default
	add limit-at=200k max-limit=8M name=A.1.4.6.UNKNOWN packet-mark=unknown-down \
	parent=A.1.4.NORMAL priority=7 queue=pcq-download-default
	add limit-at=200k max-limit=10M name=A.1.4.7.GGC-TELKOM packet-mark=\
	ggc-telkom-down parent=A.1.4.NORMAL queue=pcq-download-default
	add max-limit=100M name=OUTGOING parent=global queue=default
	add limit-at=2M max-limit=2M name=B.1.PAKET-TRAFIK parent=OUTGOING queue=\
	default
	add limit-at=64k max-limit=2M name=B.1.1.VIP packet-mark=vip-up parent=\
	B.1.PAKET-TRAFIK priority=1 queue=default
	add limit-at=500k max-limit=2M name=B.1.2.GAMES-ONLINE packet-mark=games-up \
	parent=B.1.PAKET-TRAFIK priority=2 queue=default
	add limit-at=250k max-limit=2M name=B.1.3.PATCH-GAMES packet-mark=\
	patch-games-up parent=B.1.PAKET-TRAFIK priority=3 queue=\
	pcq-upload-default
	add limit-at=1500k max-limit=1500k name=B.1.4.NORMAL parent=B.1.PAKET-TRAFIK \
	queue=default
	add limit-at=200k max-limit=1500k name=B.1.4.1.BROWSING packet-mark=\
	browsing-up parent=B.1.4.NORMAL priority=4 queue=pcq-upload-default
	add limit-at=200k max-limit=1500k name=B.1.4.3.LOW packet-mark=low-up parent=\
	B.1.4.NORMAL priority=5 queue=pcq-upload-default
	add limit-at=200k max-limit=1500k name=B.1.4.4.MIDLE packet-mark=midle-up \
	parent=B.1.4.NORMAL priority=6 queue=pcq-upload-default
	add limit-at=200k max-limit=1500k name=B.1.4.5.HIGH packet-mark=high-up \
	parent=B.1.4.NORMAL priority=7 queue=pcq-upload-default
	add limit-at=200k max-limit=1500k name=B.1.4.6.UNKNOWN packet-mark=unknown-up \
	parent=B.1.4.NORMAL priority=7 queue=pcq-upload-default
	add limit-at=100k max-limit=2M name=B.1.4.7.GGC-TELKOM packet-mark=\
	ggc-telkom-up parent=B.1.4.NORMAL queue=pcq-upload-default
	add limit-at=200k max-limit=8M name=A.1.4.2.SOSMED packet-mark=sosmed-down \
	parent=A.1.4.NORMAL priority=7 queue=pcq-download-default
	add limit-at=200k max-limit=1500k name=B.1.4.2.SOSMED packet-mark=sosmed-up \
	parent=B.1.4.NORMAL priority=7 queue=pcq-upload-default
	/ip firewall filter
	add action=drop chain=input comment=dns-flood dst-port=53,5353 protocol=tcp \
	src-address-list=!private-lokal
	add action=drop chain=input comment=dns-flood dst-port=53,5353 protocol=udp \
	src-address-list=!private-lokal
	add action=drop chain=forward comment=dns-flood dst-port=53,5353 protocol=tcp \
	src-address-list=!private-lokal
	add action=drop chain=forward comment=dns-flood dst-port=53,5353 protocol=udp \
	src-address-list=!private-lokal
	add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
	add action=accept chain=input comment="defconf: accept ICMP" dst-port=\
	8291-8299,8030-8039,2222,22,5900-5911,1701-1723,8123,1194,8012,8123 \
	protocol=tcp
	add action=accept chain=input comment="defconf: accept ICMP" dst-port=\
	8291-8299,8030-8039,2222,22,5900-5911,1701-1723,8123,1194,8012,8123 \
	protocol=udp
	add action=accept chain=input comment="defconf: accept established,related" \
	connection-state=established,related
	add action=drop chain=input comment="defconf: drop all from WAN" \
	in-interface=ether1
	add action=accept chain=forward comment="defconf: accept established,related" \
	connection-state=established,related
	add action=drop chain=forward comment="defconf: drop invalid" \
	connection-state=invalid
	add action=drop chain=forward comment=\
	"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
	connection-state=new in-interface=ether1
No results found