Mikrotik 3.30+squid (ubuntu 11.04)

Diskusi tentang Ubuntu Server baik webserver, database server, samba server dan service lainnya serta jaringan menggunakan Sistem Operasi Ubuntu.
User avatar
TaNK
Posts: 10
Joined: 05 Aug 2011, 18:23

Mikrotik 3.30+squid (ubuntu 11.04)

Postby TaNK » 05 Aug 2011, 19:44

Mohon koreksinya dari para suhu disini
mikrotik 3.30
ubuntu 11.04 (squid 2.7 stable9)
topologi

Code: Select all

Modem --- Mikrotik ---- HUB/switch --- Client
             |
           squid

Mikrotik 3.30 :
ether1 (ke modem) 192.168.100.11/26
ether2 (ke cumi) = 192.168.101.2/24
ether3 (ke Client/HUB) = 192.168.102.0/26

NAT Mikrotik
Tampilkan
[admin@MikroTik] > /ip firewall nat pr
Flags: X - disabled, I - invalid, D - dynamic
0 chain=dstnat action=dst-nat to-addresses=192.168.101.1 to-ports=3128 protocol=tcp src-address=!192.168.101.1 dst-port=80

1 chain=srcnat action=masquerade src-address=192.168.101.1
[admin@MikroTik] >


/ip proxy
Tampilkan
[admin@MikroTik] > /ip proxy pr
enabled: yes
src-address: 0.0.0.0
port: 8080
parent-proxy: 192.168.101.1
parent-proxy-port: 3128
cache-administrator: "cumikriting"
max-cache-size: none
cache-on-disk: no
max-client-connections: 600
max-server-connections: 600
max-fresh-time: 3d
serialize-connections: no
always-from-cache: no
cache-hit-dscp: 4
cache-drive: secondary-master
[admin@MikroTik] >

-----------------------
Squid box

ip eth0 192.168.101.1
isi dari /etc/network/interface
Tampilkan
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.101.1
netmask 255.255.255.0
network 192.168.101.0
broadcast 192.168.101.255
gateway 192.168.101.2
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 192.168.101.2

isi squid.conf
Tampilkan
#Recommended minimum configuration:
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl mikrotik src 192.168.101.2/32 #ip mikrotik
acl semuaklien src 192.168.102.0/26 #ip semuanya
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
#
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT

#Recommended minimum configuration:
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost

http_access allow semuaklien
http_access allow mikrotik
http_access deny all

# http_reply_access allow all
icp_access allow localnet
icp_access deny all

http_port 3128 transparent
icp_port 0
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136
##zph end

hierarchy_stoplist cgi-bin ?
cache_mem 256 MB
# memory_replacement_policy lru
memory_replacement_policy heap LFUDA
cache_replacement_policy heap GDSF
# cache_replacement_policy lru
cache_dir ufs /squid/cache 10240 64 128
# store_dir_select_algorithm least-load
# max_open_disk_fds 0
minimum_object_size 8 KB
maximum_object_size 128 MB
maximum_object_size_in_memory 32 KB
cache_swap_low 90
cache_swap_high 99
update_headers on
##jika memori 512 MB keatas, silahkan diperbesar angkanya
ipcache_size 2048
ipcache_low 98
ipcache_high 99

# cache_log /var/log/squid/cache.log
access_log /squid/access.log squid
cache_store_log /squid/store.log
# logfile_rotate 0
# emulate_httpd_log off
# log_ip_on_direct on
# mime_table /usr/share/squid/mime.conf
# log_mime_hdrs off
# log_fqdn off
# client_netmask 255.255.255.255
# strip_query_terms on
# buffered_logs off
# netdb_filename /var/spool/squid/logs/netdb.state
# max_stale 1 week
visible_hostname tank.gurita

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Package(.gz)*)$ 0 20% 2880
refresh_pattern -i .(class|css|js|gif|jpg)$ 10080 100% 43200 reload-into-ims override-lastmod
refresh_pattern -i .(jpe|jpeg|png|bmp|tif)$ 10080 100% 43200 reload-into-ims override-lastmod
refresh_pattern -i .(tiff|mov|avi|qt|mpeg)$ 10080 100% 43200 reload-into-ims override-lastmod
refresh_pattern -i .(mp3|3gp|mpg|mpe|wav|au|mid)$ 10080 100% 43200 override-lastmod reload-into-ims
refresh_pattern -i .(exe|iso|tar|rar|zip|gz|arj|lha|lzh)$ 10080 100% 43200 override-lastmod reload-into-ims
refresh_pattern -i .(rar|tgz|tar|exe|bin)$ 10080 100% 43200 reload-into-ims override-lastmod
refresh_pattern -i .(hqx|pdf|rtf|doc|swf)$ 10080 100% 43200 reload-into-ims override-lastmod
refresh_pattern -i .(inc|cab|ad|txt|dll)$ 10080 100% 43200 reload-into-ims override-lastmod
refresh_pattern ^http:/*.facebook.*/.* 10080 90% 43200 reload-into-ims override-lastmod

# store_avg_object_size 13 KB
# store_objects_per_bucket 20
# reply_header_max_size 20 KB
# request_body_max_size 0 KB
acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
upgrade_http0.9 deny shoutcast
# via on
# cache_vary on
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
extension_methods REPORT MERGE MKACTIVITY CHECKOUT

dns_nameservers 192.168.101.2
#nggonku dns nyah pake alamat ip mikriting
hosts_file /etc/hosts
# fqdncache_size 1024
coredump_dir /var/spool/squid
# balance_on_multiple_ip on
# pipeline_prefetch of


iptables -A PREROUTING -t nat -p tcp -s 192.168.101.2 --dport 80 -j REDIRECT --to-port 3128

-----
setelah di cek ke http://www.cmyip.com/
Tampilkan
My IP Address Is 192.168.102.9

dan http://proxy.jaringanwarnet.com/
Tampilkan
Proxy detected
This request appears to have come via a proxy.

Proxy Details :
2011-08-05 19:37:35
Detected proxy server: 118.xxx.xx.x (118.xxx.xx.x)
trigger HTTP_VIA: 1.1 tank.gurita:3128 (squid/2.7.STABLE9)
trigger HTTP_X_FORWARDED_FOR: 192.168.102.9
Your IP Address is : 118.xxx.xx.x


konsidi :
1. squid-box bisa konek ke internet
2. klient 192.168.102.0/26 bisa konek ke internet semua

Pertanyaanku :
1. apa sudah tepat settinganku ?
2. tail -f /squid/access.log miss semua, apakah wajar?
3. dari komputer klien aku buka game facebook dan youtube pake firefox sampe selesai, kemudian aku buka pake chrome kok gak ngambil dari cache squid, tp malah konek langsung ke internet (dilihat dari trafik interface MT), dan dilihat dari squidclient -h localhost cache Hits nya 0 0, kenapa ya?

Mohon bantuan untuk mengoreksi settingan saya
User avatar
Magelar
Posts: 11
Joined: 21 Jul 2011, 22:47
Location: palembang

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby Magelar » 05 Aug 2011, 20:58

Sundul dulu gan...ikut menyimak aja....semoga para master cepat turun ke TKP....ane juga lagi nyari...

sekedar bahan pertimbangan ane kasih link yang berhubungan dengan seting di mikrotik
http://interfacewirelessbridge.blogspot ... ernal.html
User avatar
Slincerdream
Posts: 9
Joined: 14 May 2011, 19:00
Location: Yogyakarta

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby Slincerdream » 05 Aug 2011, 23:08

Coba jalan-jalan dimari Gan, seting squid ubuntu + mikrotik , bisa jadi refrensi. :)
User avatar
yudiarbi
Posts: 627
Joined: 22 Mar 2011, 09:31
Location: Probolinggo, Jawa Timur
Contact:

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby yudiarbi » 06 Aug 2011, 00:03

cobain membantu bro, ip 192.168.102.9 milik siapa?

Code: Select all

chain=dstnat action=dst-nat to-addresses=192.168.101.1
to-ports=3128 protocol=tcp src-address=!192.168.101.1 dst-port=80

diganti

Code: Select all

chain=dstnat action=dst-nat to-addresses=192.168.101.1
to-ports=3128 protocol=tcp src-address=192.168.101.11 dst-port=80

iptables pada cumi gak usah diaktifin, krn jatuhnya NAT pada mikrotik
User avatar
TaNK
Posts: 10
Joined: 05 Aug 2011, 18:23

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby TaNK » 06 Aug 2011, 00:38

192.168.102.9 ip client

Code: Select all

chain=dstnat action=dst-nat to-addresses=192.168.101.1
to-ports=3128 protocol=tcp src-address=192.168.101.11 dst-port=80


src-address=192.168.101.11 == ip ether1 yang menuju modem kah?

oh iya gan, aslina setelah kuamati lebih lanjut, settingku udah ngeHit, cuman emang gak bisa ngecache youtube.
setelah telusur sana sini, dari link diatas... untuk mencache video semacam youtube ternyata ada rumusnya sendiri, ada yang pake lusca atau cachevideos
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby sipelaut » 06 Aug 2011, 09:52

wabuset.. mau ngecache yutub apa gak ngebengkak masbro..nanti jadinya
User avatar
yudiarbi
Posts: 627
Joined: 22 Mar 2011, 09:31
Location: Probolinggo, Jawa Timur
Contact:

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby yudiarbi » 06 Aug 2011, 11:27

kl aq mending type filenya aj yg dicaceh, flv-nya pake tag refresh_pattern itu ud nge-hit kok
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby sipelaut » 06 Aug 2011, 12:00

yudiarbi wrote:kl aq mending type filenya aj yg dicaceh, flv-nya pake tag refresh_pattern itu ud nge-hit kok

turunin ilmunya dong masbro..
pengen tau juga nichh
dishare dimari aja hee....
User avatar
rafdinal
Posts: 131
Joined: 22 Jun 2011, 20:01

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby rafdinal » 06 Aug 2011, 12:07

@yudiarbi,,kalo modemnya bridge dan dial pppoe dr mikrotik apa bisa jg pake src-address ip interface ke modem???..
User avatar
yudiarbi
Posts: 627
Joined: 22 Mar 2011, 09:31
Location: Probolinggo, Jawa Timur
Contact:

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby yudiarbi » 07 Aug 2011, 09:43

sipelaut wrote:turunin ilmunya dong masbro..
pengen tau juga nichh
dishare dimari aja hee....

waduh, ilmuq belum cukup juga Gus-->(elmuna engkok gik kurang.. :D)
mungkin spt ini :

Code: Select all

refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|mpg|swf|flv|x-flv)$ 43200 90% 432000 override-expire ignore-no-cache ignore-private


gibrannet wrote:kalo modemnya bridge dan dial pppoe dr mikrotik apa bisa jg pake src-address ip interface ke modem???..

waduh, ya salah satu donk bro, pake bridge apa pppoe gitu, gak bsa kl modem bridge dial pppoe....
konsepnya spt ini, kl modem bridge, dial di mikrotik krn jatuhnya gateway di server, kl modem pppoe, dialnya di modem krn jatuhnya gateway di modem...
User avatar
rafdinal
Posts: 131
Joined: 22 Jun 2011, 20:01

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby rafdinal » 07 Aug 2011, 10:54

@yudiarbi,,iya kan memang itu yg aku maksud "kalo modemnya bridge dan dial pppoe dr mikrotik apa bisa jg pake src-address ip interface ke modem???.coba baca dgn teliti
modem bridge dial pppoe dari mikeorik..
jadi kan ip public nya masuk ke mikrotik,,src-address nya yg mana kita bikin ip public pppoe atau ip lokal modem yg bridge??...
User avatar
yudiarbi
Posts: 627
Joined: 22 Mar 2011, 09:31
Location: Probolinggo, Jawa Timur
Contact:

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby yudiarbi » 07 Aug 2011, 19:05

kl modem bridge, src-address kita bikin ip mikrotik, krn yg dial si mikrotik
User avatar
ilham2930
Posts: 1123
Joined: 02 Jan 2010, 19:30
Location: /indonesia/tangerang/bonank_city
Contact:

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby ilham2930 » 08 Aug 2011, 10:51

TaNK wrote:oh iya gan, aslina setelah kuamati lebih lanjut, settingku udah ngeHit, cuman emang gak bisa ngecache youtube.
setelah telusur sana sini, dari link diatas... untuk mencache video semacam youtube ternyata ada rumusnya sendiri, ada yang pake lusca atau cachevideos

emang udah jalan brapa lama bro squidnya..!!
biarin cachenya gendut dlu, baru deh terasa bedanya..!!
-=just share bro, ni punya q =-
Tampilkan

Code: Select all

Squid Object Cache: Version 2.7.STABLE6
Start Time:   Mon, 01 Aug 2011 08:11:09 GMT
Current Time:   Mon, 08 Aug 2011 03:52:19 GMT
Connection information for squid:
   Number of clients accessing cache:   33
   Number of HTTP requests received:   306102
   Number of ICP messages received:   0
   Number of ICP messages sent:   0
   Number of queued ICP replies:   0
   Number of HTCP messages received:   0
   Number of HTCP messages sent:   0
   Request failure ratio:    0.00
   Average HTTP requests per minute since start:   31.2
   Average ICP messages per minute since start:   0.0
   Select loop called: 7984898 times, 73.798 ms avg
Cache information for squid:
   Request Hit Ratios:   5min: 44.6%, 60min: 34.1%
   Byte Hit Ratios:   5min: 25.1%, 60min: 14.0%
   Request Memory Hit Ratios:   5min: 3.8%, 60min: 8.9%
   Request Disk Hit Ratios:   5min: 8.2%, 60min: 29.0%
   Storage Swap size:   17113716 KB
   Storage Mem size:   367544 KB
   Mean Object Size:   19.24 KB
   Requests given to unlinkd:   0
Median Service Times (seconds)  5 min    60 min:
   HTTP Requests (All):   0.18699  0.27332
   Cache Misses:          0.52331  0.52331
   Cache Hits:            0.00091  0.00091
   Near Hits:             0.35832  0.28853
   Not-Modified Replies:  0.00000  0.00091
   DNS Lookups:           0.06364  0.05815
   ICP Queries:           0.00000  0.00000
Resource usage for squid:
   UP Time:   589269.880 seconds
   CPU Time:   601.538 seconds
   CPU Usage:   0.10%
   CPU Usage, 5 minute avg:   0.38%
   CPU Usage, 60 minute avg:   0.41%
   Process Data Segment Size via sbrk(): 103788 KB
   Maximum Resident Size: 0 KB
   Page faults with physical i/o: 1
Memory usage for squid via mallinfo():
   Total space in arena:  525676 KB
   Ordinary blocks:       524307 KB  38445 blks
   Small blocks:               0 KB      0 blks
   Holding blocks:          7192 KB      7 blks
   Free Small blocks:          0 KB
   Free Ordinary blocks:    1368 KB
   Total in use:          531499 KB 100%
   Total free:              1368 KB 0%
   Total size:            532868 KB
Memory accounted for:
   Total accounted:       469910 KB
   memPoolAlloc calls: 53178932
   memPoolFree calls: 50195825
File descriptor usage for squid:
   Maximum number of file descriptors:   4096
   Largest file desc currently in use:    145
   Number of file desc currently in use:  108
   Files queued for open:                   0
   Available number of file descriptors: 3988
   Reserved number of file descriptors:   100
   Store Disk files open:                   0
   IO loop method:                     epoll
Internal Data Structures:
   890293 StoreEntries
    49168 StoreEntries with MemObjects
    49160 Hot Object Cache Items
   889518 on-disk objects
User avatar
sonor
Posts: 38
Joined: 20 Jun 2011, 16:22

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby sonor » 09 Aug 2011, 12:55

ikutan nyimak...
User avatar
TaNK
Posts: 10
Joined: 05 Aug 2011, 18:23

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby TaNK » 11 Aug 2011, 03:08

Oh iya bro...
dah nyoba ngoprek LUSCA...
ternyata mangTAV bro... youtube pun diembat.
LUSCA katanya emang emang spesialis konten dinamis
User avatar
ilham2930
Posts: 1123
Joined: 02 Jan 2010, 19:30
Location: /indonesia/tangerang/bonank_city
Contact:

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby ilham2930 » 11 Aug 2011, 10:17

TaNK wrote:Oh iya bro...
dah nyoba ngoprek LUSCA...
ternyata mangTAV bro... youtube pun diembat.
LUSCA katanya emang emang spesialis konten dinamis

jadi sekarang gimana konfigurasi squid+lusca mu bro..
share dong..!
User avatar
TaNK
Posts: 10
Joined: 05 Aug 2011, 18:23

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby TaNK » 17 Aug 2011, 00:21

ini sekarang konfigurasiku
for iler :
Tampilkan

Code: Select all

#-----------------------------------------------------#
## PROXY LUSCA - High Performance Configuration
## ---------------------------------------------------#
## Support :    TaNK
## Updated :   016.08.2011
#-----------------------------------------------------#

http_port 3128 transparent
icp_port 0
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/share/squid/errors/English
icon_directory /usr/share/squid/icons
visible_hostname proxy-tank
cache_mgr admin@localhost
access_log /squid/access.log
cache_log /squid/cache.log
cache_store_log none
pid_filename /squid/squid.pid
logfile_rotate 1
shutdown_lifetime 10 seconds
acl localnet src 192.168.101.0/24 ###Mikretek
acl warnet src 192.168.102.0/26 ###Klien warnet
uri_whitespace strip
dns_nameservers 127.0.0.1
cache_mem 8 MB
maximum_object_size_in_memory 256 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir aufs /cache 30000 64 256
##minimum_object_size 512 bytes
maximum_object_size 768 MB
offline_mode off
cache_swap_low 90
cache_swap_high 99
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535
acl sslports port 443 563 81
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin \?
http_access allow manager localhost
http_access allow localnet
http_access allow warnet
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports
http_access allow localhost
http_access deny all

acl store_rewrite_list urlpath_regex            \/(get_video|videoplayback\?id|videoplayback.*id)
acl store_rewrite_list urlpath_regex            \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|wmv|3gp|mp(4|3)|exe|msi|zip|on2|mar|rar|mp3)\?
acl store_rewrite_list_domain url_regex         ^http:\/\/([a-zA-Z-]+[0-9-]+)\.[A-Za-z]*\.[A-Za-z]*
acl store_rewrite_list_domain url_regex         (([a-z]{1,2}[0-9]{1,3})|([0-9]{1,3}[a-z]{1,2}))\.[a-z]*[0-9]?\.[a-z]{3}
acl store_rewrite_list_path urlpath_regex       \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|avc|zip|mp3|3gp|rar|on2|mar|exe)$
acl store_rewrite_list_domain_CDN url_regex     \.rapidshare\.com.*\/[0-9]*\/.*\/[^\/]* ^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*) \.doubleclick\.net.*
acl store_rewrite_list_domain_CDN url_regex     ^http:\/\/[.a-z0-9]*\.photobucket\.com.*\.[a-z]{3}$ quantserve\.com
acl store_rewrite_list_domain_CDN url_regex     ^http:\/\/[a-z]+[0-9]\.google\.co(m|\.id)
acl store_rewrite_list_domain_CDN url_regex     ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(rar|zip|flv|wm(a|v)|3gp|mp(4|3)|exe|msi|avi|(mp(e?g|a|e|1|2|3|4))|cab|exe)
acl dontrewrite url_regex redbot\.org \.php
acl getmethod method GET

storeurl_access deny dontrewrite
storeurl_access deny !getmethod
storeurl_access allow store_rewrite_list_domain_CDN
storeurl_access allow store_rewrite_list
storeurl_access allow store_rewrite_list_domain
storeurl_access allow store_rewrite_list_path
storeurl_access deny all

storeurl_rewrite_program /etc/squid/storeurl.pl
storeurl_rewrite_children 4
storeurl_rewrite_concurrency 99

# 1 year = 525600 mins, 1 month = 43800 mins
refresh_pattern imeem.*\.flv  0 0% 0    override-lastmod override-expire store-stale
refresh_pattern \.rapidshare.*\/[0-9]*\/.*\/[^\/]*   161280   90%   161280 ignore-reload  store-stale
refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?)    129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern (get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?)    129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern \.(ico|video-stats) 129600 999999% 129600   override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth override-lastmod ignore-must-revalidate negative-ttl=10080 store-stale
refresh_pattern \.etology\?                  129600 999999% 129600   override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern galleries\.video(\?|sz)            129600 999999% 129600   override-expire ignore-reload ignore-no-cache store-stale   
refresh_pattern brazzers\?                  129600 999999% 129600   override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern \.adtology\?                 129600 999999% 129600   override-expire ignore-reload ignore-no-cache store-stale   
refresh_pattern ^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 129600 20% 129600 ignore-no-cache ignore-no-store ignore-private override-expire ignore-reload ignore-auth ignore-must-revalidate store-stale negative-ttl=40320 max-stale=10
refresh_pattern ^.*safebrowsing.*google  129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-must-revalidate negative-ttl=10080 store-stale
refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.uk) 129600 999999% 129600 override-expire ignore-reload   ignore-private store-stale negative-ttl=10080
refresh_pattern ytimg\.com.*\.jpg               129600 999999% 129600   override-expire ignore-reload   store-stale   
refresh_pattern images\.friendster\.com.*\.(png|gif)         129600 999999% 129600   override-expire ignore-reload   store-stale 
refresh_pattern garena\.com                                 129600 999999% 129600    override-expire reload-into-ims store-stale   
refresh_pattern photobucket.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png)  129600 999999% 129600    override-expire ignore-reload   store-stale 
refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\?         129600 999999% 129600 ignore-no-cache override-expire override-lastmod store-stale
refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png)    129600 999999% 129600 reload-into-ims override-expire ignore-private    store-stale
refresh_pattern ^http:\/\/images|pics|thumbs[0-9]\.      129600 999999% 129600 reload-into-ims ignore-no-cache ignore-no-store ignore-reload override-expire store-stale
refresh_pattern ^http:\/\/www.onemanga.com.*\/           129600 999999% 129600 reload-into-ims ignore-no-cache ignore-no-store ignore-reload override-expire store-stale

# files
refresh_pattern -i \.(flv|x-flv|mov|avi|qt|mpg|mpeg)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache  store-stale ignore-must-revalidate
refresh_pattern -i \.(swf|wav|mp3|mp4|au|mid)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth  store-stale ignore-must-revalidate
refresh_pattern -i \.(iso|deb|rpm|zip|tar|tgz|ram|rar|bin|ppt|doc)$ 10080 90% 43200 ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern -i \.(zip|gz|arj|lha|lzh)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth  store-stale ignore-must-revalidate
refresh_pattern -i \.(rar|tgz|tar|exe|bin)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern -i \.(hqx|pdf|rtf|doc)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern -i \.(inc|cab|ad|txt|dll)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth store-stale ignore-must-revalidate

# specific sites
refresh_pattern ^http://*.jobstreet.com.*/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache store-stale ignore-must-revalidate
refresh_pattern ^http://*.indowebster.com.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.21cineplex.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.kompas.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.blogspot.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.wordpress.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache store-stale ignore-must-revalidate
refresh_pattern ^http://*.photobucket.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.tinypic.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.imageshack.us/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.kaskus.*/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.detik.*/.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.detikinet.*/.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.detiknews.*/*.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://video.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://static.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.friendster.com/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.facebook.com/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.yahoo.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.google.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.forummikrotik.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://*.linux.or.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
refresh_pattern ^http://(.*?)/get_video\? 10080 90% 999999 override-expire ignore-no-cache ignore-private store-stale ignore-must-revalidate
refresh_pattern ^http://(.*?)/videodownload\? 10080 90% 999999 override-expire ignore-no-cache ignore-private store-stale ignore-must-revalidate
refresh_pattern (cgi-bin|\?)      0     0%     0
refresh_pattern ^gopher:   1440   0%   1440
refresh_pattern ^ftp:       10080    95%    43200 override-lastmod reload-into-ims store-stale
refresh_pattern       .    180    95% 43200 override-lastmod reload-into-ims store-stale

header_access X-Forwarded-For deny all
header_access Accept-Encoding deny  all
client_persistent_connections off
server_persistent_connections on
half_closed_clients off
strip_query_terms off
quick_abort_min 0
quick_abort_max 0
quick_abort_pct 98
vary_ignore_expire on
reload_into_ims on
pipeline_prefetch on
#range_offset_limit 50 KB
#read_timeout 30 minutes
#client_lifetime 6 hours
negative_ttl 30 seconds
positive_dns_ttl 6 hours
negative_dns_ttl 60 seconds
pconn_timeout 15 seconds
request_timeout 1 minute
store_avg_object_size 13 KB
log_icp_queries off
ipcache_size 16384
ipcache_low 98
ipcache_high 99
log_fqdn off
fqdncache_size 16384
memory_pools off
forwarded_for off
prefer_direct on

### Direct gak perlu belok proxy rumusnya dibawah ini ###
#acl local-dst dst semuaalamatlokal semuaalamatipygdekat
#acl local-domain dstdomain localhost domain-anda.com isp-anda.com domainku.web.id

#always_direct allow localhost local-dst local-domain
#always_direct deny all

##zph
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136

#cachemgr_passwd none info
cachemgr_passwd none all
client_db on
max_filedescriptors 8192

######### for Lusca Only #############
n_aiops_threads 24
load_check_stopen on
load_check_stcreate on
download_fastest_client_speed on

############ TaNK #################
###dns nameserver
dns_nameservers 192.168.101.2
#nggonku dns nyah pake alamat ip mikriting
hosts_file /etc/hosts
# fqdncache_size 1024
coredump_dir /var/spool/squid
# balance_on_multiple_ip on
# pipeline_prefetch off

untuk lusca aku donlot disini
Tampilkan

ini nggak tau kenapa kl donlot situs officialnya selalu gagal waktu eksekusi squidnya, mungkin ada yang kurang paket dev nya,
biasane kesalahan ada di

Code: Select all

cache_dir aufs /cache 30000 64 256

di aufs, padahal waktu kompil juga dah kusertakan aufs.
ketika kuganti ufs pun masih tetep gak mau jalan squidnya
User avatar
seekerz
Posts: 1
Joined: 26 Aug 2011, 12:34
Location: Ubuntu Server 11.04

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby seekerz » 26 Aug 2011, 12:47

maaf semua, numpang nanya..
udah bisa konek internet via proxy, mengikuti langkah TS..
tapi kok susah ya koneksinya?
kadang kadang,

"Unable to connect
Firefox can't establish a connection to the server"

setelah di refresh, beberapa kali baru jalan..

mohon bantuan, salahnya dimana? :)
User avatar
rafdinal
Posts: 131
Joined: 22 Jun 2011, 20:01

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby rafdinal » 03 Sep 2011, 21:04

squid 2.7.stable9 gak ada option ignore-must-revalidate pada refresh_patern nya,,apa bisa di pacth gann,,biar dapat ignore-must-revalidate???
User avatar
bontoe
Posts: 10
Joined: 10 Nov 2010, 21:28
Location: Borneo at Kalimantan Selatan

Re: Mikrotik 3.30+squid (ubuntu 11.04)

Postby bontoe » 08 Sep 2011, 21:13

Ikut nyimak yach...para master, soalnya pemula

Return to “Ubuntu Server”

Who is online

Users browsing this forum: No registered users and 6 guests