Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Diskusi tentang Ubuntu Server baik webserver, database server, samba server dan service lainnya serta jaringan menggunakan Sistem Operasi Ubuntu.
User avatar
Stanley
Posts: 31
Joined: 02 Jul 2011, 18:06

Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby Stanley » 05 Jul 2011, 23:44

Sebelumnya saya ucapkan terima kasih atas perhatian n bantuannya dari teman2. Tolong dicek ya apa salahnya?

Nih topologi jaringan

======================Modem(192.168.0.1)
========================|
========================|
Proxy(192.168.2.1)---Mikrotik---HUB---Client(192.168.1.11-192.168.1.24)

IP Mikrotik
eth0 (ke modem) : 192.168.0.254
eth1 (ke HUB) : 192.168.1.254
eth2 (ke Proxy) : 192.168.2.254


Ip firewall nat mikrotik :
chain=srcnat action=masquerade out-interface=eth0
chain=dstnat action=dst-nat to-addresses=192.168.2.1 to-ports=3128 protocol=tcp src-address=192.168.1.0/24 dst-port=80

Squid.conf (hasil googling, maklum baru belajar sih)

Tampilkan
##Mulai
http_port 3128 transparent

cache_mem 8 MB
cache_swap_low 98%
cache_swap_high 99%

server_http11 on
maximum_object_size_in_memory 64 KB
maximum_object_size 1048576 KB

ipcache_low 98
ipcache_high 99

memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA

cache_dir aufs /cache 112640 110 256
cache_dir aufs /cache1 112640 110 256

access_log /var/log/squid/access.log
cache_log /dev/null
cache_store_log /dev/null

dns_nameservers 203.130.193.74 202.134.0.155

redirect_rewrites_host_header off

acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 81 210 280 443 488 563 591 631 777 901 3128 1025-65535
acl sslports port 443 563 81
acl connect method CONNECT
acl all src 0.0.0.0/0
acl local src 192.168.1.0/24
acl game dstdomain apps.facebook.com/ravenwoodfair/

no_cache deny game

ftp_list_width 32
ftp_passive on
ftp_sanitycheck on


##WEBSITE yg mengandung program javascript(.js) dan Java Server Page (.jsp)

hierarchy_stoplist cgi-bin ? .js .jsp

acl QUERY urlpath_regex cgi-bin \? .js .jsp
no_cache deny QUERY

snmp_port 3401
acl snmppublic snmp_community public
snmp_access allow snmppublic all

#Patch Ayodance

acl QUERY urlpath_regex -i \.(ini|inf|htc|ui)$
cache deny QUERY

http_access allow manager
http_access allow localhost
http_access allow local
http_access deny safeports
http_access deny CONNECT sslports
http_access deny all
http_reply_access allow all


acl store_rewrite_list urlpath_regex \/(get_video|videoplayback\?id|videoplayback.*id) \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|wmv|3gp|mp(4|3)|exe|msi|zip|on2|mar|swf)\?

acl store_rewrite_list_domain url_regex ^http:\/\/([a-zA-Z-]+[0-9-]+)\.[A-Za-z]*\.[A-Za-z]*

acl store_rewrite_list_domain url_regex (([a-z]{1,2}[0-9]{1,3})|([0-9]{1,3}[a-z]{1,2}))\.[a-z]*[0-9]?\.[a-z]{3}

acl store_rewrite_list_path urlpath_regex \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|avc|zip|mp3|3gp|rar|on2|mar|exe)$

acl store_rewrite_list_domain_CDN url_regex streamate.doublepimp.com.*\.js\? photos-[a-z].ak.fbcdn.net \.rapidshare\.com.*\/[0-9]*\/.*\/[^\/]* ^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*) \.doubleclick\.net.* yieldmanager cpxinteractive ^http:\/\/[.a-z0-9]*\.photobucket\.com.*\.[a-z]{3}$ quantserve\.com



acl videocache_allow_url url_regex -i \.youtube\.com\/get_video\?

acl videocache_allow_url url_regex -i \.youtube\.com\/videoplayback \.youtube\.com\/videoplay \.youtube\.com\/get_video\?

acl videocache_allow_url url_regex -i \.youtube\.[a-z][a-z]\/videoplayback \.youtube\.[a-z][a-z]\/videoplay \.youtube\.[a-z][a-z]\/get_video\?

acl videocache_allow_url url_regex -i \.googlevideo\.com\/videoplayback \.googlevideo\.com\/videoplay \.googlevideo\.com\/get_video\?

acl videocache_allow_url url_regex -i \.google\.com\/videoplayback \.google\.com\/videoplay \.google\.com\/get_video\?

acl videocache_allow_url url_regex -i \.google\.[a-z][a-z]\/videoplayback \.google\.[a-z][a-z]\/videoplay \.google\.[a-z][a-z]\/get_video\?

acl videocache_allow_url url_regex -i (25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/videoplayback\?

acl videocache_allow_url url_regex -i (25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/videoplay\?

acl videocache_allow_url url_regex -i (25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/get_video\?

acl videocache_allow_url url_regex -i proxy[a-z0-9\-][a-z0-9][a-z0-9][a-z0-9]?\.dailymotion\.com\/

acl videocache_allow_url url_regex -i vid\.akm\.dailymotion\.com\/

acl videocache_allow_url url_regex -i [a-z0-9][0-9a-z][0-9a-z]?[0-9a-z]?[0-9a-z]?\.xtube\.com\/(.*)flv

acl videocache_allow_url url_regex -i bitcast\.vimeo\.com\/vimeo\/videos\/

acl videocache_allow_url url_regex -i va\.wrzuta\.pl\/wa[0-9][0-9][0-9][0-9]?

acl videocache_allow_url url_regex -i \.files\.youporn\.com\/(.*)\/flv\/

acl videocache_allow_url url_regex -i \.msn\.com\.edgesuite\.net\/(.*)\.flv

acl videocache_allow_url url_regex -i media[a-z0-9]?[a-z0-9]?[a-z0-9]?\.tube8\.com\/ mobile[a-z0-9]?[a-z0-9]?[a-z0-9]?\.tube8\.com\/ www\.tube8\.com\/(.*)\/

acl videocache_allow_url url_regex -i \.mais\.uol\.com\.br\/(.*)\.flv

acl videocache_allow_url url_regex -i \.video[a-z0-9]?[a-z0-9]?\.blip\.tv\/(.*)\.(flv|avi|mov|mp3|m4v|mp4|wmv|rm|ram)

acl videocache_allow_url url_regex -i video\.break\.com\/(.*)\.(flv|mp4)

acl videocache_allow_url url_regex -i \.speedtest\.net\/

acl videocache_allow_dom dstdomain .mccont.com .metacafe.com .redtube.com .cdn.dailymotion.com


#acl videocache_deny_dom dstdomain .download.youporn.com .static.blip.tv

acl dontrewrite url_regex redbot\.org (get_video|videoplayback\?id|videoplayback.*id).*begin\=[1-9][0-9]*

acl getmethod method GET



storeurl_access allow videocache_allow_url

storeurl_access allow videocache_allow_dom



storeurl_access deny dontrewrite

storeurl_access deny !getmethod

storeurl_access allow store_rewrite_list_domain_CDN

storeurl_access allow store_rewrite_list

storeurl_access allow store_rewrite_list_domain store_rewrite_list_path

storeurl_access deny all

storeurl_rewrite_program /etc/squid/storeurl.pl

storeurl_rewrite_children 2

storeurl_rewrite_concurrency 10



max_stale 1 week



refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?) 5259487 99999999% 5259487 override-expire ignore-reload store-stale ignore-private negative-ttl=0

refresh_pattern (get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?) 5259487 99999999% 5259487 override-expire ignore-reload store-stale ignore-private negative-ttl=0



# =====================================================

# REFRESH-PATTERN #

# =====================================================

# TAG: Refresh Pattern

refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale

refresh_pattern (get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale

refresh_pattern \.(ico|video-stats) 43200 999999% 43200 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth override-lastmod ignore-must-revalidate negative-ttl=10080 store-stale

refresh_pattern \.etology\? 43200 999999% 43200 override-expire ignore-reload ignore-no-cache store-stale

refresh_pattern galleries\.video(\?|sz) 43200 999999% 43200 override-expire ignore-reload ignore-no-cache store-stale

refresh_pattern brazzers\? 43200 999999% 43200 override-expire ignore-reload ignore-no-cache store-stale

refresh_pattern \.adtology\? 43200 999999% 43200 override-expire ignore-reload ignore-no-cache store-stale

refresh_pattern ^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 43200 20% 43200 ignore-no-cache ignore-no-store ignore-private override-expire ignore-reload ignore-auth ignore-must-revalidate store-stale negative-ttl=40320 max-stale=10

refresh_pattern ^.*safebrowsing.*google 43200 999999% 43200 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-must-revalidate negative-ttl=10080 store-stale

refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.uk) 43200 999999% 43200 override-expire ignore-reload ignore-private store-stale negative-ttl=10080

refresh_pattern ytimg\.com.*\.jpg 43200 999999% 43200 override-expire ignore-reload store-stale

refresh_pattern images\.friendster\.com.*\.(png|gif) 43200 999999% 43200 override-expire ignore-reload store-stale

refresh_pattern garena\.com 43200 999999% 43200 override-expire reload-into-ims store-stale

refresh_pattern photobucket.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 43200 999999% 43200 override-expire ignore-reload store-stale

refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\? 43200 999999% 43200 ignore-no-cache override-expire override-lastmod store-stale

refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 43200 999999% 43200 reload-into-ims override-expire ignore-private store-stale

refresh_pattern ^http:\/\/images|pics|thumbs[0-9]\. 43200 999999% 43200 reload-into-ims ignore-no-cache ignore-no-store ignore-reload override-expire store-stale

refresh_pattern ^http:\/\/www.onemanga.com.*\/ 43200 999999% 43200 reload-into-ims ignore-no-cache ignore-no-store ignore-reload override-expire store-stale

refresh_pattern ^http://v\.okezone\.com/get_video\/([a-zA-Z0-9]) 43200 999999% 43200 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth override-lastmod ignore-must-revalidate negative-ttl=10080 store-stale



# ANTI VIRUS

refresh_pattern guru.avg.com/.*\.(bin) 1440 999999% 10080 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

refresh_pattern (avgate|avira).*(idx|gz)$ 1440 999999% 10080 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

refresh_pattern kaspersky.*\.avc$ 1440 999999% 10080 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

refresh_pattern kaspersky 1440 999999% 10080 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

refresh_pattern update.nai.com/.*\.(gem|zip|mcs) 1440 999999% 10080 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

refresh_pattern ^http:\/\/liveupdate.symantecliveupdate.com.*\(zip) 1440 999999% 10080 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale



refresh_pattern windowsupdate.com/.*\.(cab|exe) 10080 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

refresh_pattern update.microsoft.com/.*\.(cab|exe) 10080 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

refresh_pattern download.microsoft.com/.*\.(cab|exe) 10080 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale



#images facebook

refresh_pattern ^http://*.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale

refresh_pattern ^http://profile.ak.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale

refresh_pattern -i \.facebook.com.*\.(jpg|png|gif) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale



# games facebook

refresh_pattern ^http:\/\/apps.facebook.com.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

refresh_pattern -i \.zynga.com.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store ignore-must-revalidate store-stale

refresh_pattern -i \.farmville.com.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store ignore-must-revalidate store-stale

refresh_pattern -i \.ninjasaga.com.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store ignore-must-revalidate store-stale

refresh_pattern -i \.mafiawars.com.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store ignore-must-revalidate store-stale

refresh_pattern -i \.crowdstar.com.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store ignore-must-revalidate store-stale

refresh_pattern -i \.popcap.com.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store ignore-must-revalidate store-stale

refresh_pattern -i \.ravenwoodfair.com.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store ignore-must-revalidate store-stale



#banner IIX

refresh_pattern ^http:\/\/openx.*\.(jp(e?g|e|2)|gif|pn[pg]|swf|ico|css|tiff?) 129600 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

refresh_pattern ^http:\/\/ads(1|2|3).kompas.com.*\/ 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

refresh_pattern ^http:\/\/img.ads.kompas.com.*\/ 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

refresh_pattern .kompasimages.com.*\.(jpg|gif|png|swf) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

refresh_pattern ^http:\/\/openx.kompas.com.*\/ 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

refresh_pattern kaskus.\us.*\.(jp(e?g|e|2)|gif|png|swf) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

refresh_pattern ^http:\/\/img.kaskus.us.*\.(jpg|gif|png|swf) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale



#IIX DOWNLOAD

refresh_pattern ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(mp3|rar|zip|flv|wmv|3gp|mp(4|3)|exe|msi|zip) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale ignore-auth



#All File

refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale

refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale

refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale

refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale

refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale



#SITUS Tertentu Yang Banyak Di Akses
refresh_pattern ^http://*.jobstreet.com.*/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache store-stale ignore-must-revalidate

refresh_pattern ^http://*.indowebster.com.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.21cineplex.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.kompas.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.blogspot.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.wordpress.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache store-stale ignore-must-revalidate

refresh_pattern ^http://*.photobucket.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.tinypic.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.imageshack.us/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.kaskus.*/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.detik.*/.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.detiknews.*/*.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://video.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://static.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.friendster.com/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.kaskus.us/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.nyit-nyit.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.jasa-warnet.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.twitter.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.multiply.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.hi5.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.myspace.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.bebo.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.netlog.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.foursquare.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.koprol.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.linkedin.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.plurk.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.flickr.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.deliciuos.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.tumblr.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.jaiku.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.livejournal.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.telkomplasa.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate



#Web Game Online

refresh_pattern ^http://*.lytogame.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.megaxus.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.ayodance.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.gemscool.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.wavegame.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.playcircle.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.lineage2.co.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.roseonline.web.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.xshot.web.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.romonline.web.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.iahgames.co.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.vtconline.co.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.blackshotonline.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.speedsoft.co.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.ijji.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.mmosite.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate



refresh_pattern ^http://*.yahoo.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.facebook.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.google.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.forummikrotik.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.linux.or.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.zynga.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.microsoft.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.nod32.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.okezone.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.dagdigdug.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.karier.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.primbon.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.opera.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.mozilla.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.altavista.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.bing.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.kapersky.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.bikinwarnet.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.telkomsel.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.indosat.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

refresh_pattern ^http://*.pln.co.id/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.speedtest.net/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate



refresh_pattern -i (/cgi-bin/|\?) 0 0% 0

refresh_pattern ^gopher: 1440 0% 1440



refresh_pattern ^ftp: 10080 95% 43200 override-lastmod reload-into-ims store-stale

#refresh_pattern . 00 95% 43200 override-lastmod reload-into-ims store-stale

refresh_pattern . 0 50% 161280 store-stale



# Tunning Up

#half_closed_connections on



fqdncache_size 4096


quick_abort_min 0

quick_abort_max 0

quick_abort_pct 98

shutdown_lifetime 10 seconds



memory_pools off

buffered_logs off



log_icp_queries off

log_fqdn off



logfile_rotate 1



forwarded_for off


reload_into_ims on

pipeline_prefetch on

emulate_httpd_log off



negative_ttl 2 minutes



vary_ignore_expire on



high_page_fault_warning 2

nonhierarchical_direct on

prefer_direct off

cache_mgr steven_ryuken@yahoo.com

cache_effective_user proxy

cache_effective_group proxy

visible_hostname Proxy.Stanley.com

unique_hostname Proxy.Stanley.com

httpd_suppress_version_string on

##Selesai


ket: proxy sudah bisa konek internet

Apakah di proxynya mesti diset gini lagi?
iptables -t nat -A PREROUTING -p tcp -s 192.168.1.0/24 --dport 80 -j REDIRECT --to-port 3128

Mohon bantuannya, sekali lagi , terima kasih
User avatar
Stanley
Posts: 31
Joined: 02 Jul 2011, 18:06

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby Stanley » 08 Jul 2011, 14:24

zzz... blom ada yg mau bantu nich
User avatar
dhiemaz_mitnick
Posts: 281
Joined: 06 Jun 2011, 00:57
Location: Jakarta
Contact:

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby dhiemaz_mitnick » 08 Jul 2011, 14:43

iptables -t nat -A PREROUTING -p tcp -s 192.168.1.0/24 --dport 80 -j REDIRECT --to-port 3128

itu untuk ngeset supaya setiap traffic dari network diarahin ke proxy terlebih dahulu..
User avatar
yudiarbi
Posts: 627
Joined: 22 Mar 2011, 09:31
Location: Probolinggo, Jawa Timur
Contact:

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby yudiarbi » 08 Jul 2011, 20:50

kalo di proxy cmn satu lan gak perlu di set iptables
coba pada bagian ini :

Code: Select all

chain=dstnat action=dst-nat to-addresses=192.168.2.1
to-ports=3128 protocol=tcp src-address=192.168.1.0/24 dst-port=80

diganti

Code: Select all

chain=dstnat action=dst-nat to-addresses=192.168.2.1
to-ports=3128 protocol=tcp src-address=192.168.0.254 dst-port=80

karena menurut hemat saya, yang di cache adalah yang dari modem
saran : jangan banyak acl dan jangan setiap file di url di cache/refresh pattern, cukup ekstensi file aj, abis tuh direktory squidnya....
User avatar
Stanley
Posts: 31
Joined: 02 Jul 2011, 18:06

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby Stanley » 10 Jul 2011, 23:25

mas dhiemak
udah diset tapi tak tersimpan nih, abis set saya ketik iptables -L
muncul :
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

ga dsimpan jadinya, apa salahnya
plz
User avatar
Stanley
Posts: 31
Joined: 02 Jul 2011, 18:06

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby Stanley » 10 Jul 2011, 23:28

mas yudiarbi
saran : jangan banyak acl dan jangan setiap file di url di cache/refresh pattern, cukup ekstensi file aj, abis tuh direktory squidnya....

tuh ga ngerti deh, soalnya squidnya pun hasil googling
bisa ga jelaskan dikit tentang refresh pattern n cara penulisan tuk simpa file ext
trus ada yg bilang partisi cachenya bagusnya 20gb untuk hdd biasa, apakah benar?
trims
User avatar
Stanley
Posts: 31
Joined: 02 Jul 2011, 18:06

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby Stanley » 10 Jul 2011, 23:52

oow, udah berhasil tapi mesti pake caranya mas yudiarbi,
chain=dstnat action=dst-nat to-addresses=192.168.2.1
to-ports=3128 protocol=tcp src-address=192.168.0.254 dst-port=80

tapi kalo begini untuk pasang 2 line internet (load balance), jadi ga bisa maksimal donk

topologi :

=====================Modem(192.168.0.1)
=======================| ____________Modem2(192.168.100.1)
=======================| |
Proxy(192.168.2.1)---Mikrotik---HUB---Client(192.168.1.11-192.168.1.24)

kalo untuk topologi gini apa solusinya bos
User avatar
yudiarbi
Posts: 627
Joined: 22 Mar 2011, 09:31
Location: Probolinggo, Jawa Timur
Contact:

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby yudiarbi » 10 Jul 2011, 23:57

wah, ttp yg hebat bro stanley yg nyetting..hehee
yg bikin maksimal itu banyak sebab bro, konfigurasi hrs kita pecahin, sekarang kl 2 modem masuk hub mana bisa diatur di mikrotik?
Load balance itu membagi beban, bukan menjumlah bandwith
trus maunya client2 itu koneksinya bagaimana?jd baru kita tentukan pembagian bebannya
User avatar
Stanley
Posts: 31
Joined: 02 Jul 2011, 18:06

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby Stanley » 11 Jul 2011, 02:20

sorry bro yudiarbi, rupanya settingan dari bro cuma bisa browsing ja, tadi kiranya bisa cache rupanya cache dari firefox.
wakaka, sorry ga ngerti linux sama sekali, baru belajar, jadi bikin + bingung..
Balik ke masalah awal lage, apa sih salahnya ya???
trims
User avatar
sonor
Posts: 38
Joined: 20 Jun 2011, 16:22

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby sonor » 11 Jul 2011, 13:03

Kalau squid tiba2 jadi hang / macet itu penyebabnya apa ya..
User avatar
Slincerdream
Posts: 9
Joined: 14 May 2011, 19:00
Location: Yogyakarta

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby Slincerdream » 12 Jul 2011, 20:30

sonor wrote:Kalau squid tiba2 jadi hang / macet itu penyebabnya apa ya..
sudah coba rebuild squid?kasus hampir sama pernah ngalamin kayak gini :) , atau hardisk udah minta pensiun.
User avatar
Slincerdream
Posts: 9
Joined: 14 May 2011, 19:00
Location: Yogyakarta

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby Slincerdream » 12 Jul 2011, 21:05

Stanley wrote:sorry bro yudiarbi, rupanya settingan dari bro cuma bisa browsing ja, tadi kiranya bisa cache rupanya cache dari firefox.
wakaka, sorry ga ngerti linux sama sekali, baru belajar, jadi bikin + bingung..
Balik ke masalah awal lage, apa sih salahnya ya???
trims
Sedikit membantu aja bro, untuk cache hit, mikrotik perlu di seting penambahan beberapa rule seperti mangle untuk melewatkan paket yang sudah ter cache oleh proxy, jadi tidak serta merta ditambah proxy langsung hits. kembali ke pokok masalah, coba Nat mikrotik digeber di sini supaya kita bisa bantu.( catatan squid sudah runing). :whistle:
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby sipelaut » 13 Jul 2011, 11:59

Slincerdream wrote:
sonor wrote:Kalau squid tiba2 jadi hang / macet itu penyebabnya apa ya..
sudah coba rebuild squid?kasus hampir sama pernah ngalamin kayak gini :) , atau hardisk udah minta pensiun.

bisa juga karena konfigurasi tidak sesuai dengan hardwarenya
hekekkk.. pengalaman pribadi nich
User avatar
yudiarbi
Posts: 627
Joined: 22 Mar 2011, 09:31
Location: Probolinggo, Jawa Timur
Contact:

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby yudiarbi » 13 Jul 2011, 13:05

saya lebih cenderung ke hardware, krn maslah konfigurasi berdasarkan analisa pribadi gak ada masalah, ngaruhnya cmn di fungsi cache, kl sering hang ttp ke hardisk, minta adik....
User avatar
Stanley
Posts: 31
Joined: 02 Jul 2011, 18:06

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby Stanley » 13 Jul 2011, 19:01

masalahnya squid not running ... gmana supaya bisa aktifkan lage
n cara2nya, tlg n trims
User avatar
sonor
Posts: 38
Joined: 20 Jun 2011, 16:22

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby sonor » 14 Jul 2011, 14:20

Slincerdream wrote:
sonor wrote:Kalau squid tiba2 jadi hang / macet itu penyebabnya apa ya..
sudah coba rebuild squid?kasus hampir sama pernah ngalamin kayak gini :) , atau hardisk udah minta pensiun.


rebuild belum pernah krn squid baru 2 bulanan dan kayaknya belum penuh cachenya...
mungkin bener hardwarenya krn dulu waktu instal cuma pake Harddisk 80 gb yg seken.... hihihihihihi...
makasi inpohnya mas bos...
User avatar
yudiarbi
Posts: 627
Joined: 22 Mar 2011, 09:31
Location: Probolinggo, Jawa Timur
Contact:

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby yudiarbi » 14 Jul 2011, 14:56

Stanley wrote:masalahnya squid not running ... gmana supaya bisa aktifkan lage
n cara2nya, tlg n trims
service squid start, kl stlh restart ttp d paksa aj lewat /etc/rc.local....
User avatar
Stanley
Posts: 31
Joined: 02 Jul 2011, 18:06

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby Stanley » 14 Jul 2011, 18:43

udah coba gagal juga, gini hasilnya

service squid start
squid start/running, process 970

dicek lagi

service squid status
squid stop/waiting
User avatar
yudiarbi
Posts: 627
Joined: 22 Mar 2011, 09:31
Location: Probolinggo, Jawa Timur
Contact:

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby yudiarbi » 15 Jul 2011, 01:03

coba di remove squid, restart baru install lg
User avatar
sonor
Posts: 38
Joined: 20 Jun 2011, 16:22

Re: Browsing jadi error, jika aktifkan NAT Proxy di mikrotik

Postby sonor » 15 Jul 2011, 11:48

yudiarbi wrote:coba di remove squid, restart baru install lg


kalo mau remove.. commandnya gmn ya...
sapa tau ada yg blm bisa seperti saya..maklum blm pernah remov-remov squid..hehehe...

Return to “Ubuntu Server”

Who is online

Users browsing this forum: Yahoo [Bot] and 7 guests