# MikroTik Network Monitor (Flask) Dashboard ringan & aman untuk **memantau DHCP lease** MikroTik, **deteksi aplikasi/game**, dan eksekusi aksi cepat: **Reset Counters**, **Clear Address-List**, **Unblock Massal**, hingga **Restart Router**. UI tema **Dark Neon** + **Login profesional** dengan animasi techno. ![Login](/r/mikrotik-blok-user-game-online-medsos/file/docs/screenshots/login.png) ![Dashboard 3](/r/mikrotik-blok-user-game-online-medsos/file/docs/screenshots/dash3.png) ![Dashboard 1](/r/mikrotik-blok-user-game-online-medsos/file/docs/screenshots/dash1.png) ![Dashboard 2](/r/mikrotik-blok-user-game-online-medsos/file/docs/screenshots/dash2.png)

๐ŸŽฌ Video Demo

Tonton Demo โ€” MikroTik Network Monitor --- > **Heads-up:** Aksi **Unblock Massal** akan menghapus firewall rule `drop` yang dibuat dashboard **dan** membersihkan tabel `blocked_devices` di SQLite. --- ## โœจ Fitur - **Device list** dari `/ip/dhcp-server/lease` (hostname, IP, MAC, status bound). - **Deteksi apps/games** via Address-List: `PUBG_USERS`, `ML_USERS`, `FF_USERS`, `TIKTOK_USERS`. - **TOOL (compact mini)**: - ๐Ÿงฎ **Reset Counters** (`/ip/firewall/filter reset-counters`) - ๐Ÿ—‘๏ธ **Clear Address-List** (hapus semua entry) - ๐Ÿ”“ **Unblock Massal** (hapus rule `drop` buatan dashboard + bersihkan DB) - โš ๏ธ **Restart Router** - **Block / Unblock** IP individual (buat/hapus rule `drop` + sinkron DB). - **UX responsif**: toast notif, spinner, overlay shimmer. - **Shortcut**: `Shift+R` Refresh, `Shift+C` Reset, `Shift+A` Clear AL, `Shift+U` Unblock Massal, `Shift+X` Restart. - **Login profesional**: animasi techno (canvas + neon grid), Caps-Lock indicator, toggle lihat password. --- ## ๐Ÿ“ฆ Prasyarat - Python **3.10+** - RouterOS API aktif (default **8728**) - Akun MikroTik khusus API dengan hak minimum --- ## ๐Ÿš€ Quick Start ```bash git clone https://github.com//.git cd python -m venv .venv # Windows: .venv\Scripts\activate # Linux/Mac: source .venv/bin/activate pip install -r requirements.txt ``` Jika belum ada `requirements.txt`, minimal: ```txt Flask Flask-Cors routeros_api Werkzeug ``` --- ## ๐Ÿ”ง Konfigurasi Environment Buat file `.env` (atau export variabel di shell): ```bash # Auth Dashboard export MONITOR_USER="admin" export MONITOR_PASS_HASH="scrypt:32768:8:1$...$..." # hash dari Werkzeug export FLASK_SECRET_KEY="ganti-ini-dengan-random-key" export APP_VERSION="1.0.0" # MikroTik export MIKROTIK_HOST="192.168.28.1" export MIKROTIK_USER="api-user" export MIKROTIK_PASS="password-ku" export MIKROTIK_PORT=8728 ``` **Generate hash password (Werkzeug):** ```bash python - <<'PY' from werkzeug.security import generate_password_hash print(generate_password_hash("password_ku")) PY ``` > **Jangan commit `.env`** ke repo publik. --- ## โ–ถ๏ธ Menjalankan Aplikasi **Dev:** ```bash python app.py # akses: http://0.0.0.0:5000 ``` **Production (contoh Gunicorn):** ```bash pip install gunicorn gunicorn -w 3 -b 0.0.0.0:5000 app:app ``` _Contoh systemd service (opsional):_ ```ini [Unit] Description=MikroTik Network Monitor After=network.target [Service] User=www-data Group=www-data EnvironmentFile=/etc/mikromon.env WorkingDirectory=/opt/mikromon ExecStart=/opt/mikromon/.venv/bin/gunicorn -w 3 -b 0.0.0.0:5000 app:app Restart=always [Install] WantedBy=multi-user.target ``` --- ## ๐ŸŒ API Endpoints | Method | Endpoint | Deskripsi | |------:|--------------------------------------|---------------------------------------------------------| | GET | `/` | Dashboard (HTML) | | GET | `/login` | Halaman login | | POST | `/login` | Proses login (session) | | GET | `/logout` | Hapus session | | GET | `/api/devices` | Daftar DHCP lease + status blokir + deteksi apps | | POST | `/api/devices//block` | Block IP (rule `drop` + catat ke DB) | | POST | `/api/devices//unblock` | Unblock IP (hapus rule `drop` + hapus dari DB) | | POST | `/api/devices/unblock-all` | **Unblock massal** semua rule `drop` buatan dashboard + bersihkan DB | | POST | `/api/firewall/reset-counters` | Reset semua filter counters | | POST | `/api/firewall/clear-address-lists` | Hapus semua entry address-list | | POST | `/api/router/reboot` | Reboot router | > Beberapa endpoint dilindungi `@login_required`. --- ## ๐Ÿงฐ Deteksi Apps/Games (Address-List) Tambahkan rule (L7/TLS SNI/host match/mangle) yang **menambahkan IP klien** ke salah satu Address-List ini: - `PUBG_USERS` - `ML_USERS` - `FF_USERS` - `TIKTOK_USERS` Contoh placeholder (sesuaikan signature real): ```routeros #/ip firewall layer7-protocol add name=tiktok regexp="tiktokcdn|tiktokv" #/ip firewall mangle add chain=prerouting layer7-protocol=tiktok action=add-src-to-address-list address-list=TIKTOK_USERS address-list-timeout=1h ``` > Signature bisa berubah; pertimbangkan match SNI/host/IP list resmi jika tersedia. --- ## ๐Ÿ”’ Rekomendasi Keamanan - Buat **user RouterOS khusus API** dengan hak **minimum**. - Jalankan dashboard di belakang **VPN** atau **IP allowlist**. - Terminate **HTTPS** (Nginx) di depan Gunicorn. - Simpan kredensial/secret di ENV/secret manager (bukan hardcode). - Jika UI & API beda origin, batasi **CORS** secara ketat. --- ## ๐Ÿ—ƒ๏ธ Database SQLite: `network_monitor.db` Tabel: `blocked_devices` ```sql CREATE TABLE IF NOT EXISTS blocked_devices ( id INTEGER PRIMARY KEY AUTOINCREMENT, address TEXT UNIQUE, device_name TEXT, blocked_at DATETIME DEFAULT CURRENT_TIMESTAMP, reason TEXT, blocked_by TEXT DEFAULT 'manual' ); ``` --- ## โŒจ๏ธ Keyboard Shortcuts - `Shift+R` โ€” Refresh data - `Shift+C` โ€” Reset Counters - `Shift+A` โ€” Clear Address-List - `Shift+U` โ€” Unblock Massal - `Shift+X` โ€” Restart Router --- ## ๐Ÿ“ธ Screenshots | Login | Dashboard | |---|---| | ![Login](/r/mikrotik-blok-user-game-online-medsos/file/docs/screenshots/login.png) | ![Dashboard](/r/mikrotik-blok-user-game-online-medsos/file/docs/screenshots/dash3.png) | --- ## ๐Ÿงช Troubleshooting - **Tidak bisa konek RouterOS** - Cek `MIKROTIK_HOST`, port API (**8728**), user/pass, dan firewall router. - **Login gagal terus** - Pastikan `MONITOR_USER` + `MONITOR_PASS_HASH` benar; generate ulang hash. - **Unblock massal tidak hapus semua** - Hanya rule `drop` **buatan dashboard** yang dibersihkan. Audit rule manual terpisah. - **Toast/Loading tidak muncul** - Cek Console & Network di DevTools browser. --- ## ๐Ÿ—บ๏ธ Roadmap - [ ] 2FA (TOTP) opsional - [ ] Mode read-only (tanpa aksi tulis) - [ ] Export CSV / audit log - [ ] Live polling resources (opsional, throttled) --- ## ๐Ÿค Kontribusi PR & issue dipersilakan. Sertakan: - Deskripsi perubahan - Langkah uji - Screenshot (jika menyentuh UI) --- ## ๐Ÿชช Lisensi Untuk private/internal **Internal Use**. MIT License Copyright (c) 2025 Sulthanullah Haqqi Hidayat Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. --- ## ๐Ÿ™Œ Kredit Dikembangkan oleh **SULTHANULLAH HAQQI HIDAYAT** Teknologi: **Flask**, **routeros_api**, **SQLite**, **Vanilla JS**