Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 4 of 4
  1. #1
    Status
    Offline
    seafer's Avatar
    Newbie
    Join Date
    Jul 2009
    Posts
    38
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Squid Version 2.6.STABLE18 + Mikrotik

    SAya telah install proxy memakai Squid dengan conf demikian :

    acl all src 0.0.0.0/0.0.0.0
    acl manager proto cache_object
    acl localhost src 127.0.0.1/255.255.255.255
    acl to_localhost dst 127.0.0.0/8
    acl SSL_ports port 443 # https
    acl SSL_ports port 563 # snews
    acl SSL_ports port 873 # rsync
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 # https
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl Safe_ports port 631 # cups
    acl Safe_ports port 873 # rsync
    acl Safe_ports port 901 # SWAT
    acl purge method PURGE
    acl CONNECT method CONNECT


    http_access allow manager localhost
    http_access deny manager

    http_access allow purge localhost
    http_access deny purge

    http_access deny !Safe_ports

    http_access deny CONNECT !SSL_ports

    # edited by donny

    acl puskari src 114.xxx.xxx.xxx
    acl localnet src 192.168.0.0/20

    # http_access allow our_networks

    http_access allow puskari
    http_access allow localhost
    http_access allow localnet

    # And finally deny all other access to this proxy
    http_access deny all

    #Allow ICP queries from everyone
    icp_access allow all

    # Squid normally listens to port 3128
    http_port 3128 transparent

    #We recommend you to use at least the following line.
    hierarchy_stoplist cgi-bin ?


    maximum_object_size_in_memory 32 KB

    memory_replacement_policy heap GDSF

    cache_replacement_policy heap LFUDA

    cache_dir aufs /cache 5000 10 256

    minimum_object_size 0 KB

    maximum_object_size 131072 KB

    cache_swap_low 98
    cache_swap_high 99

    access_log /var/log/squid/access.log squid

    cache_log /dev/null

    #Default:
    # cache_store_log /var/log/squid/store.log
    cache_store_log /dev/null

    #Default:
    log_fqdn off

    #We recommend you to use the following two lines.
    acl QUERY urlpath_regex cgi-bin \?

    #Suggested default:
    refresh_pattern ^ftp: 10080 95% 241920 reload-into-ims override-lastmod
    refresh_pattern . 180 95% 120960 reload-into-ims override-lastmod

    #Default:
    quick_abort_min 0 KB
    quick_abort_max 0 KB
    quick_abort_pct 98

    # Apache to signal ETag correctly on such responses
    acl apache rep_header Server ^Apache
    broken_vary_encoding allow apache

    #Default:
    vary_ignore_expire on

    extension_methods REPORT MERGE MKACTIVITY CHECKOUT

    shutdown_lifetime 10 second


    log_icp_queries off

    icp_hit_stale on

    query_icmp on

    hosts_file /etc/hosts

    ipcache_size 1024
    ipcache_low 98
    ipcache_high 99

    memory_pools off

    reload_into_ims on

    coredump_dir /var/spool/squid

    pipeline_prefetch on

    # tambahan seafer

    follow_x_forwarded_for allow localhost
    follow_x_forwarded_for allow localnet
    acl diblok arp "/home/linux/blokku.acl"
    cache deny localhost QUERY
    http_access deny diblok
    terus saya set di mikrotik pada NAT demikian
    19 ;;; masquerade network
    chain=srcnat action=masquerade src-address=192.168.9.0/24

    20 chain=dstnat action=redirect to-ports=8080 protocol=tcp
    src-address=192.168.9.0/24 dst-address-list=!nice dst-port=80
    terus saya set web proxy pada mikrotik demikian :
    enabled: yes
    src-address: 0.0.0.0
    port: 8080
    parent-proxy: 192.168.9.100
    parent-proxy-port: 3128
    cache-administrator: "Administrator"
    max-cache-size: 10240KiB
    cache-on-disk: yes
    max-client-connections: 1000
    max-server-connections: 1000
    max-fresh-time: 3d
    serialize-connections: no
    always-from-cache: no
    cache-hit-dscp: 4
    cache-drive: secondary-master
    Pertanyaanya :
    1. Kenapa koq kalau dibandingkan tidak memakai proxy koq akses website luar negeri lebih cepat ? (perbandingan : kalau tidak memakai proxy google.com diakses 1 detik, kalau memakai proxy bisa s/d 5 detik)
    2. Apakah ada master yang bisa mengkoreksi setting squid saya sehingga lebih optimal ?

    Demikain .. terimakasih..
    Last edited by seafer; 09-12-2009 at 14:49. Reason: ganti ip publik

  2. #2
    Status
    Offline
    seafer's Avatar
    Newbie
    Join Date
    Jul 2009
    Posts
    38
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    up.. up. up...

    pls.. help...

  3. #3
    Status
    Offline
    panji's Avatar
    VIP Member
    Join Date
    Jul 2008
    Posts
    966
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    coba jangan di parent proxynya, di dstnat aja langsung ke squd hasilnya bagaimana?

  4. #4
    Status
    Offline
    mattnux's Avatar
    Forum Guru
    Join Date
    Jun 2008
    Location
    jakarta
    Posts
    1,255
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    sepakat sama atas, di nat aja kan kamu udah pake mode transparent tuh, untuk respon browsing faktor yg mempengaruhi adalah performa squid kamu, intinya di squid.conf plus spek hardwarenya, satu lg musti ada bypass HIT proxy biar ga kena limit dari mikrotik:tutorialnya udah ada diforum, semangat ya
    satu lg bos, koq masih pake squid 2.6?kan ada 2.7 yg legendaris itu, atau pake yg terbaru udah 3.1(saya sih lebih suka 2.7 versi7 karena support ZPH)

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Mikrotik Load Balancing - Winbox version
    By princenux in forum Tutorial
    Replies: 89
    Last Post: 16-05-2014, 10:14
  2. Replies: 24
    Last Post: 10-03-2011, 17:36
  3. MikroTik Version Review @ Here
    By Akangage in forum General Networking
    Replies: 30
    Last Post: 09-03-2009, 20:58
  4. Mikrotik RouterOS version 3.0beta10 released!
    By [a] in forum News & Events
    Replies: 14
    Last Post: 19-01-2009, 18:43
  5. Mikrotik RouterOS version 3.0rc5 released!
    By blackgreen in forum News & Events
    Replies: 10
    Last Post: 07-02-2008, 22:08

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •