Translate

Saturday, December 7, 2013

Mikrotik Get Current Number Connection


how to know how many connection was there, for example how many client was in game or
how many people was using that connection.

for example gaming in my connection was marking with vip.conn

chain=postrouting action=mark-connection new-connection-mark=vip.conn    passthrough=yes protocol=udp dst-address-list=GAME out-interface=wan  dst-port=5000-5500 
so we can catch number connection that using vip.conn connection mark with this code:
:global inGaming[/ip firewall connection print count-only where connection-mark~"vip.conn"];

what exactly this for?, well sometimes we need to change dynamically some Tree in Queue Tree, 

if thre are two oe more people gaming then we slowdown the download and youtube tree like this code below:
:global inGaming[/ip firewall connection print count-only where connection-mark~"vip.conn"];
:if ($inGaming > 2) do={;
     /queue tree set [find name="download"] max-limit="430000"
     /queue tree set [find name="youtube"]  max-limit="430k"
};
then simply put it (the script) on event system scheduler (create new schedule) and set interval for 10 sec maybe. so it automatically check every 10 secs.


Saturday, August 31, 2013

Pika Billing Bug?

Pika Billing Sering terputus secara Acak di nomor2 pc yang berbeda2 pula,..!, Untuk Sementara ini saya sendiri Tidak tau penyebabnya...

client terputus dari server..., kalo diteliti layar input id & passwnya kedip2 ( sepertinya client tsb ada proses berusaha menyambung ke server).. putus hanya ke server tidak ke internet.. kalo op lupa bisa main terus walau waktu udah abis.

Solusi :
0. Lapor cs pika, siapkan id dan pass team viewer
 *plus : gak ada ( becanda ) :p
 *minus : ribet bet.. bet gak manidiri pula. masalah bisa terjadi   tiap hari.. kontak cs lama responnya

1. Jika dibiarkan baik sendiri dalam beberapa jam atau hari kemudian...
 *plus : gak perlu dibetulin, baik sendiri kan xD
 *minus: gak jelas bgt baiknya entah kapan..bisa itungan jam, 
              hari bahkan minggu. :(

2. Ganti Ip client tersebut ( tentunya masih dalam range ip address / jumlah pc yg di set di server billing ).
  *plus  : Voila.. langsung konak eh konek lagi dengan server billing xD
  *Minus: Repot, gonta ganti ip client, masuk mode admin dulu (pelanggan lagi make komputer pula).., kalo pake  deepfreeze.. restart setingan balik lagi alias ip kembali ke ip yg terputus dari server.

3. Ganti ipnya manual di server
#tutup dulu pika server sebelum melakukan perubahan.., jalankan setwizard.exe selanjutnya perhatikan gambar.

biasanya setelah apply/simpan.. pikamanagernya/server akan launching sendiri.
  *plus : gk perlu ke server alias bisa silent.
  *minus : susunan kompie jadi aneh.. komputer 3 jadi 13 dan sebaliknya..

Analisa dan kesimpulan..
=====================
Ini jelas bug dari pikabilling.. kalo kompie bermasalah terus (nyalahin virus, firewall, soft dsbnya..) kenapa bisa baik sendiri..,kadang cuman beberapa jam aja errornya.. meskipun lebih sering harian :p

dengan file exe client yang sama bisa baik lagi bila diganti ipnya.. ini mirip dengan freeBSD/pfsense kalo terjadi apa2 (misal dicurgai ip attacker) ip tsb terjail (diblokir) jadi di reject bila melakukan koneksi. dan akan dibebaskan setelah beberapa jam.

saya mencurigai ada model begitu di program pikabilling..
itu sebabnya cs minta id sama pass team viewer.. yg tujuannya melepas jail tsb. (mungkin di database atau entah dimananya).
perhitungan yg meragukan?, database corrupt?,timeout saat query log database?,interval backup dan delete backup kah?,thread yg bentrok?,permission denied?, MAC address gak kebaca? hmm... ;)
dsbnya banyak kemungkinan yang musti di debug tentunya oleh developer pika.. yg jelas ip tsb di reject dulu.... sampai suatu kondisi terpenuhi baru jailnya dilepas..

semoga di updatan berikut hal ini sudah di fix.

Friday, July 5, 2013

Change Ip Address on Windows, Linux, Mikrotik and offcourse pfsense too

windows

netsh interface ip set address name="Local Area Connection" static 192.168.1.6 255.255.255.0 192.168.1.1 1

linux
sudo ifconfig eth0   192.168.1.6 netmask 255.255.255.0
sudo route add default gw 192.168.1.1 eth0

mikrotik
/ip address add address 192.168.1.6 netmask 255.255.255.0 interface ether0

pfsense
# ifconfig em0 inet 192.168.1.6 netmask 255.255.255.0

em0 is vary depend on pfsense intallation... sometime the name is msk0, ste0, so u need to make sure the interface names with

# ifconfig -a


thats all folk.





Friday, May 24, 2013

Playing League Of Legends On Ubuntu Linux

Playing League Of Legends On Ubuntu

tested on UBUNTU 12.04 LTS version with  non installed lol client just copying pasteing lol folder games

1. Install Winetricks from Software Manager

2. Run the following in terminal:
  1. sudo add-apt-repository ppa:ubuntu-wine/ppa
  2. sudo apt-get update
  3. sudo apt-get install wine1.5
3. Run the following in terminal:
  1. winetricks vcrun2005
  2. winetricks ie8
  3. winetricks wininet
  4. winetricks d3dx9
  5. winetricks corefonts
  6. winetricks adobeair
* somehow u receive skiping already installed do force install like this :
winetricks --force d3dx9

goto your LOL folder then double click your lol.launcher.admin.exe and voila... you play the rock Tower Defense Game, just like dota...


*sometimes your ingame screen going black or garbage then
adds the OpenGL extensions GL_S3_s3tc and GL_EXT_texture_compression_s3tc.
from https://apps.ubuntu.com/cat/applications/libtxc-dxtn-s2tc0/

or just search on ubuntu software center s2tc then install them :)

Tips:
1. improve performance and remove some flicker on land or bush
type in terminal :  winetricks glsl-disable

2. wine regedit
HKEY_CURRENT_USER\Software\Wine\ 
[NEW KEY]  = OpenGL 
OpenGL  ->  [NEW String] =  DisabledExtensions
DisabledExtensions -> [Value] = GL_ARB_vertex_buffer_object

 

thats all folk, simple... 

Wednesday, March 27, 2013

Pfsense Tips!

How to Fix Un Respond pfsense Web Gui

Restarting pfsense Web Gui


if you found pfsense web gui become unstable, crash or unresponsive try below code at terminal

[2.0.2-RELEASE][admin@pfsense.localdomain]/root(4): killall -9 php; killall -9 lighttpd; /etc/rc.restart_webgui

Restarting webConfigurator... done.


the code will force to kill crash php, lighttpd and will restart pfsense webgui

Permanent disable acpi

Some odd pc need to disable acpi, or ur pfsense become stuck at boot time
goto console and type code below:

echo "hint.acpi.0.disabled=1" >> /boot/loader.conf.local
note: that script will create loader.conf.local file.  double ">>" mean append..

Tuesday, January 1, 2013

Mikrotik with External Pfsense SQUID Proxy, with Original Source Client IP


Mikrotik with External Pfsense SQUID Proxy, with Original Source Client IP



1. Topology 
2. Pfsense Setting

 0   192.168.0.3/24     gw 192.168.0.1     wan
 1   192.168.1.2/24     gw 192.168.1.1     lan

Note
after installing pfsense with 2 interface ( em0 and em1), 
set ip address of em0 wan = 192.168.0.3, add gateway 192.168.0.1 ( modem ip)
set ip address of em1 lan = 192.168.1.2 then at system -> routing add gateway with ip 192.168.1.1 ( connected to eth1  mikrotik ip for proxy interface later)

and then point to Firewall: Rules: lan, its probably already configure by pfsense installation, make sure the lan subnet allow lan to any rule as pict below
then point to Services: Proxy server: Access control
  make sure you allow subnets 192.168.1.0/24 and 192.168.2.0 through proxy. 
2. Mikrotik Setting

 0   192.168.0.2/24     192.168.0.0    
wan
 1   192.168.2.1/28     192.168.2.0     lan
 2   192.168.1.1/24     192.168.1.0     proxy

# Set DNS



# Set firewall NAT

/ip firewall 
# Accept All TCP Port 80, will not masquerade by mikrotik ip
add chain=srcnat action=accept protocol=tcp dst-port=80

# All traffic masqueraded
add chain=srcnat action=masquerade out-interface=wan

/ip firewall mangle>
 ;;; Mark Cache Hit Packets  
add chain=prerouting action=mark-packet new-packet-mark=proxy-hit passthrough=no dscp=12
# mark routing to-ext-proxy  
;;; mark routing to proxy
add chain=prerouting action=mark-routing new-routing-mark=to-ext-proxy passthrough=yes protocol=tcp src-address=192.168.2.0/28 dst-port=80
then make routing to external proxy like picture below :



Well now Squid show original client request instead of mikrotik ip



#update

someone tell me why i cant access internet from lan, why i cant remote the pfsense ( i assume remoting using putty port 22), and why i cant access pfsense web gui from lan net, and etc

for that similar questions i will explain, because some miss configurations.. remember ur pfsense is behind mikrotik, so u must tell mikrotik to not masquarade that pfsense because he is local net.


ok lets do it:


#mikrotik

add some internal network ip at [ip firewall address List] for this situation are

intern = 192.168.0.2 this is wan modem

intern = 192.168.2.1 this is lan mikrotik
intern = 192.168.1.1 this is lan pfsense proxy side

`this script below tell mikrotik to not masquarade that local or we call it as intern const, assuming only for destination `port 80 (web gui) and 22 (telnet, putty etc) and out-interface is lan (mikrotik)


"add chain=srcnat action=accept protocol=tcp dst-address-list=!intern out-interface=lan dst-port=80,22"


"add chain=srcnat action=masquerade out-interface=wan"

then all connection to internet are masquarade out-interface is wan (mikrotik)

even mikrotik already forward ur request to pfsense, we must also tell to pfsense the 192.168.2.1 to 192.168.2.n is not intruder, or pfsense will reject ur request because that was not his ip lan ranges 192.168.1.n (not same subnets).


#pfsense

[Firewall-> Rules->LAN] tell source 192.168.2.0/28 (client behind mikrotik) is allowable using ur gateway

now pfsense firewall will pass that request but we still have problem, if u have squid or luscha proxy installed, he also still assume u are intruders. then simply we tell squid we are not.


[Services->Proxy server: Access control] Allowed subnets 192.168.2.0/28


thats all folks.. thats it. hope u got it.

Proxy Report using Lightsquid screenshoot