Thursday, November 30, 2017

Script Linux Dump ASNUMBER


Kali ini saya akan bagi script untuk dumping ip-ip dalam suatu ASNUMBER tertentu. Buatlah script dengan ekstensi dot sh pada console linux anda. Jangan lupa di chmod 777 file.sh tadi kemudian jalaankan script.
rm -rf ASN
rm -rf IP
touch ASN
touch IP
clear
echo "========================================="
echo -n "asnumber / ipnya berapa ?  = "
read asnum
if [[ $asnum =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
whois -h whois.radb.net -i origin $asnum | grep '^notify:' | awk '{print "ini kak deskripsinya:   = "$2}'
fi
echo -n "address-list-nya ? contoh: cidr_akamai = "
read addrlist
echo -n "comment-nya apa ? contoh: akamai = "
read comment
rm -rf "$asnum"-"$comment".rsc
echo "========#[tunggu sebentar ya kak]#======="
echo ""
if [[ $asnum =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
whois -h whois.radb.net -i origin $asnum | grep '^origin:' | awk '{print $2}' >> ASN
sort -u -o ASN ASN
tail -f IP &
for ASN in $(cat ASN | awk '{print $1}');
do
{ whois -h whois.radb.net -- "-i origin $ASN" | grep '^route:' | perl -MNet::Netmask -ne'm!(\d+\.\d+\.\d+\.\d+/?\d*)! or next; $h = $1; $h =~ s/(\.0)+$//; $b=Net::Netmask->new($h); $b->storeNetblock(); END {print map {$_->base()."/".$_->bits()."\n"} cidrs2cidrs(dumpNetworkTable)}'; } >> IP
sleep 3
done
echo "";
sort -V IP | uniq | awk '{print "/ip firewall address-list add list='$addrlist' comment='$comment' address=" $1}' >> /var/www/html/dump/"$asnum"-"$comment".rsc
#sed -i '4d' "$addrlist".rsc
cat /var/www/html/dump/"$asnum"-"$comment".rsc
else
whois -h whois.radb.net -i origin $asnum | grep '^route:' | perl -MNet::Netmask -ne'm!(\d+\.\d+\.\d+\.\d+/?\d*)! or next; $h = $1; $h =~ s/(\.0)+$//; $b=Net::Netmask->new($h); $b->storeNetblock(); END {print map {$_->base()."/".$_->bits()."\n"} cidrs2cidrs(dumpNetworkTable)}'  >> temp.txt
sort -V temp.txt | uniq | awk '{print "/ip firewall address-list add list='$addrlist' comment='$comment' address=" $1}' >> /var/www/html/dump/"$asnum"-"$comment".rsc
cat /var/www/html/dump/"$asnum"-"$comment".rsc
rm temp.txt
fi

Hasilnya sepeti berikut ini :


Jangan khawatir jika ada double ip yang tertera dalam file tersebut karena sudah difilter dan dipastikan UNIQ, alias tidak mungkin sama! 
Tidak sampai di situ saja, hasil generate anda berwujud file rsc yang siap di import di mikrotik anda setiap anda men-generate as number baru, berikut penampakannya :


Semoga bermanfaat. Terima kasih.
at No comments:

Mikrotik AutoBackup Gmail


Buat script pada mikrotik seperti berikut ini, sesuaikan dengan email anda.
:log warning message="backup beginning now"
:global backupfile ([/system identity get name] . "-" . [/system clock get time])
/system backup save name=$backupfile
:log warning message="backup pausing for 10s"
:delay 10s
:log warning message="backup being emailed"
/tool e-mail send tls=yes port=587 to="<email.anda@gmail.com>" subject=([/system identity get name] . \
" Backup") from=<terserah@gmail.com> file=$backupfile server=74.125.68.108
:delay 20s
/file remove $backupfile

Lalu buat scheduler, sesuaikan durasi kapan harus otomatis dibackup, bisa setiap bulan, tiap minggu, dan lain sebagainya.

at No comments:

Wednesday, November 29, 2017

Bypass Whatsapp BBM LINE Telegram Hotspot Mikrotik


/ip hotspot walled-garden ip
add action=accept comment=whatsapp disabled=no dst-address=50.23.90.128/27
add action=accept comment=whatsapp disabled=no dst-address=108.168.176.192/26
add action=accept comment=whatsapp disabled=no dst-address=108.168.177.0/27
add action=accept comment=whatsapp disabled=no dst-address=108.168.180.96/27
add action=accept comment=whatsapp disabled=no dst-address=157.240.7.54
add action=accept comment=whatsapp disabled=no dst-address=158.85.48.224/27
add action=accept comment=whatsapp disabled=no dst-address=158.85.58.0/25
add action=accept comment=whatsapp disabled=no dst-address=158.85.224.160/27
add action=accept comment=whatsapp disabled=no dst-address=169.44.82.96/27
add action=accept comment=whatsapp disabled=no dst-address=169.45.71.32/27
add action=accept comment=whatsapp disabled=no dst-address=169.45.71.96/27
add action=accept comment=whatsapp disabled=no dst-address=169.45.87.128/26
add action=accept comment=whatsapp disabled=no dst-address=169.45.210.64/27
add action=accept comment=whatsapp disabled=no dst-address=169.45.214.224/27
add action=accept comment=whatsapp disabled=no dst-address=169.45.219.224/27
add action=accept comment=whatsapp disabled=no dst-address=169.45.238.32/27
add action=accept comment=whatsapp disabled=no dst-address=169.45.248.96/27
add action=accept comment=whatsapp disabled=no dst-address=169.45.248.160/27
add action=accept comment=whatsapp disabled=no dst-address=169.47.5.192/26
add action=accept comment=whatsapp disabled=no dst-address=169.47.35.32/27
add action=accept comment=whatsapp disabled=no dst-address=169.47.40.128/27
add action=accept comment=whatsapp disabled=no dst-address=169.47.42.96/27
add action=accept comment=whatsapp disabled=no dst-address=169.47.42.160/27
add action=accept comment=whatsapp disabled=no dst-address=169.47.42.192/26
add action=accept comment=whatsapp disabled=no dst-address=169.53.29.128/27
add action=accept comment=whatsapp disabled=no dst-address=169.53.71.224/27
add action=accept comment=whatsapp disabled=no dst-address=169.53.81.64/27
add action=accept comment=whatsapp disabled=no dst-address=169.53.250.128/26
add action=accept comment=whatsapp disabled=no dst-address=169.55.67.224/27
add action=accept comment=whatsapp disabled=no dst-address=169.55.210.96/27
add action=accept comment=whatsapp disabled=no dst-address=198.11.251.32/27
add action=accept comment=bbm disabled=no dst-address=206.51.26.0/24
add action=accept comment=bbm disabled=no dst-address=193.109.81.0/24
add action=accept comment=bbm disabled=no dst-address=103.246.200.0/22
add action=accept comment=bbm disabled=no dst-address=216.9.240.0/20
add action=accept comment=bbm disabled=no dst-address=206.53.144.0/20
add action=accept comment=bbm disabled=no dst-address=67.223.64.0/19
add action=accept comment=bbm disabled=no dst-address=93.186.16.0/20
add action=accept comment=bbm disabled=no dst-address=68.171.224.0/19
add action=accept comment=bbm disabled=no dst-address=74.82.64.0/19
add action=accept comment=bbm disabled=no dst-address=173.247.32.0/19
add action=accept comment=bbm disabled=no dst-address=178.239.80.0/20
add action=accept comment=bbm disabled=no dst-address=5.100.168.0/21
add action=accept comment=bbm disabled=no dst-address=131.117.168.0/21
add action=accept comment=bbm disabled=no dst-address=111.95.240.0/24
add action=accept comment=bbm disabled=no dst-address=68.171.238.0/24
add action=accept comment=telegram disabled=no dst-address=149.154.160.0/20
add action=accept comment=telegram disabled=no dst-address=149.154.164.0/22
add action=accept comment=telegram disabled=no dst-address=91.108.4.0/22
add action=accept comment=telegram disabled=no dst-address=91.108.56.0/22
add action=accept comment=telegram disabled=no dst-address=91.108.8.0/22
add action=accept comment=line disabled=no dst-address=125.209.253.0/24
add action=accept comment=line disabled=no dst-address=203.105.150.0/24
add action=accept comment=line disabled=no dst-address=203.104.153.0/24
add action=accept comment=line disabled=no dst-address=203.104.174.0/24
add action=accept comment=line disabled=no dst-address=74.82.94.0/24
add action=accept comment=line disabled=no dst-address=139.193.253.0/24
add action=accept comment=line disabled=no dst-address=111.94.254.0/24
add action=accept comment=line disabled=no dst-address=203.104.142.0/24
add action=accept comment=bbm disabled=no dst-address=68.171.238.0/24
add action=accept comment=bbm disabled=no dst-address=74.82.91.0/24
add action=accept comment=bbm disabled=no dst-address=74.125.200.0/24
add action=accept comment=bbm disabled=no dst-address=111.94.254.0/24
add action=accept comment=telegram disabled=no dst-address=91.108.56.0/22
add action=accept comment=telegram disabled=no dst-address=74.82.91.0/24
add action=accept comment=telegram disabled=no dst-address=68.171.238.0/24
add action=accept comment=telegram disabled=no dst-address=91.108.56.0/22
add action=accept comment=bbm disabled=no dst-address=208.65.75.21
add action=accept comment=bbm disabled=no dst-address=208.65.75.22
add action=accept comment=bbm disabled=no dst-address=74.82.72.232/29
add action=accept comment=bbm disabled=no dst-address=178.239.90.232/29
at 1 comment:

Sunday, November 26, 2017

Script DNS Service Mikrotik

Kali ini saya akan bagi tips bagi anda yang menggunakan DNS server local pada jaringan anda dengan menggunakan Mikrotik RouterOS. Setelah DNS Server anda konfigurasi ada kalanya saat ingin mengubah konfigurasi dns terjadi service off, yakni dns server tidak running sebagaimana mestinya, bisa jadi karena bug atau permasalahan yang lain. Solusinya, jalankan script berikut ini agar meminimalisir terjadinya down service dengan cara me-redirect sementara saat dns server kita down. Buatlah scheduler dengan script berikut ini :

# sesuaikan bagian ini
:local dns 27.131.2x.x
:local addrlist dns_aktif
:local interface ether5.DNS
# buat rule tangkap service dns jika belum ada
:if ([:len [/ip firewall filter find comment=cek-dns]] = 0) do={
   /ip firewall filter add action=add-src-to-address-list address-list=$addrlist address-list-timeout=10s chain=forward comment=cek-dns disabled=no in-interface=$interface protocol=udp src-address=$dns src-port=53
   }
# buat rule redirect dns jika dns server mati
:if ([:len [/ip firewall nat find comment=redirect-dns]] = 0) do={
   /ip firewall nat add action=dst-nat chain=dstnat comment=redirect-dns disabled=yes dst-address=$dns dst-port=53 protocol=udp to-addresses=208.67.220.220 to-ports=443
   }
# sensor dns diaktifkan
:if ([:len [/ip firewall address-list find list=$addrlist address=$dns] ] = 0) do={
   /ip firewall nat set [/ip firewall nat find comment=redirect-dns disabled=yes] disabled=no
   } else {
   /ip firewall nat set [/ip firewall nat find comment=redirect-dns disabled=no] disabled=yes
   }

Semoga Bermanfaat. 
at No comments:

ps_mem.py debian raspberry



root@dns:/home/pi # apt-get install gcc python-dev python-pip
root@dns:/home/pi # pip install ps_mem
Collecting ps_mem
  Downloading ps_mem-3.6.tar.gz
Building wheels for collected packages: ps-mem
  Running setup.py bdist_wheel for ps-mem ... done
  Stored in directory: /root/.cache/pip/wheels/62/da/b7/06050fabac6563945185c173835cd76dd2ccc273172eb3f5f7
Successfully built ps-mem
Installing collected packages: ps-mem
Successfully installed ps-mem-3.6
root@dns:/home/pi # wget https://raw.githubusercontent.com/pixelb/ps_mem/master/ps_mem.py
--2017-11-26 18:43:35--  https://raw.githubusercontent.com/pixelb/ps_mem/master/ps_mem.py
Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 151.101.0.133, 151.101.64.133, 151.101.128.133, ...
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|151.101.0.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 22127 (22K) [text/plain]
Saving to: ‘ps_mem.py’
ps_mem.py    100%[============================================================================>]  21.61K  --.-KB/s    in 0.03s
2017-11-26 18:43:36 (818 KB/s) - ‘ps_mem.py’ saved [22127/22127]

root@dns:/home/pi # chmod 777 ps_mem.py
root@dns:/home/pi # ./ps_mem.py
 Private  +   Shared  =  RAM used       Program
316.0 KiB +  53.0 KiB = 369.0 KiB       sftp-server
276.0 KiB + 144.5 KiB = 420.5 KiB       cron
272.0 KiB + 204.5 KiB = 476.5 KiB       thd
392.0 KiB + 216.0 KiB = 608.0 KiB       agetty (2)
504.0 KiB + 395.0 KiB = 899.0 KiB       systemd-timesyncd
584.0 KiB + 478.0 KiB =   1.0 MiB       systemd-logind
740.0 KiB + 347.0 KiB =   1.1 MiB       dbus-daemon
304.0 KiB + 851.0 KiB =   1.1 MiB       avahi-daemon (2)
744.0 KiB + 509.0 KiB =   1.2 MiB       su (2)
800.0 KiB + 478.5 KiB =   1.2 MiB       (sd-pam)
  1.3 MiB + 154.5 KiB =   1.4 MiB       systemd-udevd
  1.3 MiB +  96.5 KiB =   1.4 MiB       rsyslogd
748.0 KiB + 864.0 KiB =   1.6 MiB       sudo (2)
  1.2 MiB + 430.0 KiB =   1.6 MiB       systemd-journald
  1.5 MiB +   2.2 MiB =   3.7 MiB       systemd (2)
  1.7 MiB +   5.5 MiB =   7.2 MiB       sshd (7)
 16.4 MiB +   1.4 MiB =  17.8 MiB       bash (4)
 11.7 MiB +   9.2 MiB =  20.9 MiB       apache2 (10)
 27.6 MiB + 986.5 KiB =  28.5 MiB       unbound
---------------------------------
                         92.6 MiB
=================================
Warning: Swap is not reported by this system.

at No comments:

Install pip python



pip is the easiest way to install psutil. It is shipped by default with Python 2.7.9+ and 3.4+. For other Python versions you can install it manually.
On Linux or via wget:

wget https://bootstrap.pypa.io/get-pip.py -O - | python
On OSX or via curl:

python < <(curl -s https://bootstrap.pypa.io/get-pip.py)
On Windows, download pip, open cmd.exe and install it:

C:\Python27\python.exe get-pip.py
Permission issues (UNIX)

The commands below assume you're running as root. If you're not or you bump into permission errors you can either:


  • prepend sudo, e.g.:

sudo pip install psutil

  • install psutil for your user only (not at system level):

pip install --user psutil
Linux

Ubuntu / Debian:

sudo apt-get install gcc python-dev python-pip
pip install psutil
RedHat / CentOS:

sudo yum install gcc python-devel python-pip
pip install psutil
If you're on Python 3 use python3-dev and python3-pip instead.

OSX

Install Xcode first, then:

pip install psutil
Windows

The easiest way to install psutil on Windows is to just use the pre-compiled exe/wheel installers hosted on PYPI via pip:

C:\Python27\python.exe -m pip install psutil
If you want to compile psutil from sources you'll need Visual Studio (Mingw32 is no longer supported):

  • Python 2.6, 2.7: VS-2008
  • Python 3.3, 3.4: VS-2010
  • Python 3.5+: VS-2015

Compiling 64 bit versions of Python 2.6 and 2.7 with VS 2008 requires Windows SDK and .NET Framework 3.5 SP1. Once installed run vcvars64.bat, then you can finally compile (see here). To compile / install psutil from sources on Windows run:

make.bat build
make.bat install
FreeBSD

pkg install python gcc
python -m pip install psutil
OpenBSD

export PKG_PATH="http://ftp.openbsd.org/pub/OpenBSD/`uname -r`/packages/`arch -s`/"
pkg_add -v python gcc
python -m pip install psutil
NetBSD

export PKG_PATH="ftp.netbsd.org/pub/pkgsrc/packages/NetBSD/`uname -m`/`uname -r`/All"
pkg_add -v pkgin
pkgin install python gcc
python -m pip install psutil
Solaris

If cc compiler is not installed create a symlink to gcc:

sudo ln -s /usr/bin/gcc /usr/local/bin/cc
Install:

pkg install gcc
python -m pip install psutil
Install from sources

git clone https://github.com/giampaolo/psutil.git
cd psutil
python setup.py install
Example :
root@dns:/home/pi # pip install psutil
Collecting psutil
  Downloading psutil-5.4.1.tar.gz (408kB)
    100% |████████████████████████████████| 409kB 234kB/s
Building wheels for collected packages: psutil
  Running setup.py bdist_wheel for psutil ... done
  Stored in directory: /root/.cache/pip/wheels/05/a2/2a/2015d6af91fb5a4cc5bcdfa9699034e2f624fc9cc5acde7ab9
Successfully built psutil
Installing collected packages: psutil
Successfully installed psutil-5.4.1

root@dns:/home/pi # ./meminfo.py
MEMORY
------
Total      :  927.3M
Available  :  767.2M
Percent    :    17.3
Used       :   80.5M
Free       :  416.4M
Active     :  209.9M
Inactive   :  260.4M
Buffers    :   30.1M
Cached     :  400.3M
Shared     :   25.4M
SWAP
----
Total      :  100.0M
Used       :      0B
Free       :  100.0M
Percent    :     0.0
Sin        :      0B
Sout       :      0B
root@dns:/home/pi #
at No comments:

Friday, November 24, 2017

Setup Unbound Blocking Ads


Kali ini saya akan share bagaimana menambahkan list domain iklan ke unbound service. Pertama pastikan unbound sudah berjalan sempurna. Silahkan cari tutor di blog ini dengan men-search keyword unbound.

Jika sudah, buatlah script berikut dengan ekstensi.sh dan jangan lupa chmod 777 nama.sh
#!/bin/bash
#
# Update the dummy ads block
#
# From http://www.bentasker.co.uk/documentation/linux/279-unbound-adding-custom-dns-records
cd /etc/unbound/local.d/
rm ads.conf
for a in `wget -O - "http://www.bentasker.co.uk/adblock/autolist.txt"`; do echo "       local-data: \"$a A 127.0.0.2\"" >> ads.conf; done
Lalu pada /etc/unbound/unbound.conf sisipkan kode berikut ini
include: /etc/unbound/local.d/ads.conf
kemudian jangan lupa ketikkan "service unbound reload"


at No comments:

Sunday, November 19, 2017

Monitor Ping Mikrotik Dengan Telegram


Hy all, kali ini saya akan bagi tips mengenai sensor atau alarm ping mikrotik yang di integrasikan dengan BOT TELEGRAM. Untuk masalah bot telegram silahkan cari tutor di internet, focus bahasan kali ini adalah pembuatan scriptnya. Baiklah studi kasusnya begini :

  • Ingin memonitor ping / latency
  • Ketika pingtime besar, maka bot telegram mengirimkan perintah untuk menginformasikan tentang besaran ping ke target yang di ping
  • Jika dalam waktu yang panjang, misalkan seharian ping time besar, tentu sangat bising kita mendengar alarm telegram, solusinya hanya di MUTE saja, tapi tetap saja notifikasi itu muncul.
  • Nah di sini nanti ada filter supaya alarm tetep jalan, tapi hanya dibatasi 30 notifikasi saja.
  • Dan selanjutnya, setiap beberapa menit kemudian apabila ping time MASIH tinggi, maka jalankan lagi script alarm.
Langsung saja. Buat scheduler di mikrotik dengan interval 10 detik
:local avgRtt;
:local pin
:local pout
:local target 10.77.159.66
:global perulangan
:local router [/system identity get name]
:local time [/system clock get time]
:local date [/system clock get date]
/tool flood-ping $target count=10 do={
  :if ($sent = 10) do={
    :set avgRtt $"avg-rtt"
    :set pout $sent
    :set pin $received
  }
:if (($perulangan <= 30  && $avgRtt >= 60))  do={
:local pesan ("[ $router ]%0A" ."LATENCY $target $avgRtt ms pada : %0A" . $time .", ".$date."%0A")
:log error message="LATENCY $target $avgRtt"
/tool fetch url="https://api.telegram.org/bot380921xxx:AAGn69QpFDuLSOQd3E3JtI5nhfUmxxx/sendMessage?chat_id=-203533xx&text=$pesan"
}
:set perulangan ($perulangan + 1)
:delay 2
/file remove [find type=". file"]
/file remove [find type="file"]
}
Kemudian buat lagi satu scheduler selama 20 menit (sesuaikan aja) untuk membersihkan counter $perulangan agar kembali nol

:set $perulangan 0 

Semoga berhasil. Jangan lupa Komen, Subscribe dan Share ya.
at No comments:

Monday, November 13, 2017

Tips mendapatkan ip publik tertentu broadband indihome


Pernahkah Anda mengalami mendapatkan IP indihome kepala 125.xx .xx  atau 180.xx.xx rasanya slow respon dan ping ke internationalnya beda. Nah, dengan kepala IP 36 ini katanya lebih nyaman daripada kepala ip yg lainnya. Coba saja, tentu beda daerah mungkin beda kondisi, ehehe....
{
  :local target "36"
  :local inface "pppoe"
  :local data1 [:pick [/ip add get [find interface=$inface] address] 0 2]  ;
  :while ($data1 != $target)  do={
  :delay 2s;
  :local data [:pick [/ip add get [find interface=$inface] address] 0 2]  ;
  :log warning "mboknom = $data"
    :if ($data != $target) do={
    :log error "DISABLE $inface"
    /in dis [find name=$inface]
    :delay 2s;
    :log warning "ENABLE $inface"
    /in en [find name=$inface]
    :delay 10s;
    }
  :set data1 $data;
  }
}

at 1 comment: