Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 2 of 2 FirstFirst 12
Results 16 to 25 of 25
  1. #16
    Status
    Offline
    hiberngiu's Avatar
    Newbie
    Join Date
    Sep 2009
    Posts
    20
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    patut dicoba yah,thx master

  2. #17
    Status
    Offline
    brutuz_1's Avatar
    VIP Member
    Join Date
    Feb 2010
    Posts
    790
    Reviews
    Read 0 Reviews
    Downloads
    3
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by reges Click here to enlarge
    hanya satu jawaban untuk masalah anda yaitu memakai routing policy untuk redirect to proxynya

    jadi untuk mengarahkan jalur ke proxy jangan memakai dst-nat seperti ini :
    Code:
    /ip firewall nat
    chain=dstnat action=dst-nat to-addresses=192.168.50.50 to-ports=3128  protocol=tcp in-interface=eth2-LAN dst-port=80
    tapi untuk redirect to proxynya memakai routing policy seperti ini :
    Click here to enlarge

    selengkapnya bisa di baca disini:
    Code:
    http://wiki.warneter.net/mengatasi-traffic-limit-pada-ip-proxy.aspx
    sudah saya coba memakai external proxy baik squid/internal-proxy yg di jadiin external proxy
    semua mangle src-port=80 bisa saya pisahkan baik ix/iix maupun host-host tertentu seperti game online di indonesia

    jadi nanti untuk melakukan transparent proxy melalui mesin proxynya bukan dari NAT mikrotik.
    hmmm tertarik nih sama trik nya om reges redirect ke proxy pake routing policy,
    kemarin sempat ujicoba sebentar pake vmware, tapi ada kendala sama rule buat hit nya proxy yg memakai DSCP(TOS)=12, mungkin karena pake routing policy, maka chain nya ikut berubah kali yaks..., biasanya pake chain=postrouting dscp=12, sudah bisa ke tangkep, kalo pake policy routing jadi tidak masuk deh ke rule tersebut...
    mungkin ada sedikit clue dari mastah..??
    sambil utak atik mangle nih...begadang mode=on.... Click here to enlarge

  3. #18
    Status
    Offline
    iamspa's Avatar
    Member Super Senior
    Join Date
    Jan 2010
    Location
    MEDAN DONK AH....
    Posts
    685
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by brutuz_1 Click here to enlarge
    hmmm tertarik nih sama trik nya om reges redirect ke proxy pake routing policy,
    kemarin sempat ujicoba sebentar pake vmware, tapi ada kendala sama rule buat hit nya proxy yg memakai DSCP(TOS)=12, mungkin karena pake routing policy, maka chain nya ikut berubah kali yaks..., biasanya pake chain=postrouting dscp=12, sudah bisa ke tangkep, kalo pake policy routing jadi tidak masuk deh ke rule tersebut...
    mungkin ada sedikit clue dari mastah..??
    sambil utak atik mangle nih...begadang mode=on.... Click here to enlarge
    ane kok gak da masalah ya gan....
    padahal pake dscp tos 12 juga
    Click here to enlarge
    apa ane yang salah setting atau gimana ya
    mohon bantuan nya....

  4. #19
    Status
    Offline
    brutuz_1's Avatar
    VIP Member
    Join Date
    Feb 2010
    Posts
    790
    Reviews
    Read 0 Reviews
    Downloads
    3
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by iamspa Click here to enlarge
    ane kok gak da masalah ya gan....
    padahal pake dscp tos 12 juga
    Click here to enlarge
    apa ane yang salah setting atau gimana ya
    mohon bantuan nya....
    yupz problem HIT akhir nya solved, ternyata src port nya rubah asal nya saya pake src-port=3128 (port proxy), setelah ganti src port=80 plus DSCP=12 tentunya, akhir nya ketangkep juga HIT nya...Click here to enlarge
    thanks for all...

  5. #20
    Status
    Offline
    iamspa's Avatar
    Member Super Senior
    Join Date
    Jan 2010
    Location
    MEDAN DONK AH....
    Posts
    685
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by brutuz_1 Click here to enlarge
    yupz problem HIT akhir nya solved, ternyata src port nya rubah asal nya saya pake src-port=3128 (port proxy), setelah ganti src port=80 plus DSCP=12 tentunya, akhir nya ketangkep juga HIT nya...Click here to enlarge
    thanks for all...
    gak ngerti maksudnya apa...
    bisa di perjelas gan...?

  6. #21
    Status
    Offline
    brutuz_1's Avatar
    VIP Member
    Join Date
    Feb 2010
    Posts
    790
    Reviews
    Read 0 Reviews
    Downloads
    3
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by iamspa Click here to enlarge
    gak ngerti maksudnya apa...
    bisa di perjelas gan...?
    kalo pake redirect pake rule dstnat, ane biasa pake rule ini buat nangkep HIT nya:
    Code:
    chain=postrouting protocol=tcp src-port=3128 DSCP=12 action=mark-packet new-packet-mark=proxy_hit passtrough=no
    dan kalo setelah pake rule redirect menggunakan routing policy, rule ane kena nya jadi begini:
    Code:
    chain=postrouting protocol=tcp src-port=80 DSCP=12 action=mark-packet new-packet-mark=proxy_hit passtrough=no
    hasil uprekan ane sih gitu om..Click here to enlarge

  7. #22
    Status
    Offline
    iamspa's Avatar
    Member Super Senior
    Join Date
    Jan 2010
    Location
    MEDAN DONK AH....
    Posts
    685
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by brutuz_1 Click here to enlarge
    kalo pake redirect pake rule dstnat, ane biasa pake rule ini buat nangkep HIT nya:
    Code:
    chain=postrouting protocol=tcp src-port=3128 DSCP=12 action=mark-packet new-packet-mark=proxy_hit passtrough=no
    dan kalo setelah pake rule redirect menggunakan routing policy, rule ane kena nya jadi begini:
    Code:
    chain=postrouting protocol=tcp src-port=80 DSCP=12 action=mark-packet new-packet-mark=proxy_hit passtrough=no
    hasil uprekan ane sih gitu om..Click here to enlarge
    owh....
    gitu toh
    ane cuma make
    Code:
    add chain=prerouting action=mark-packet new-packet-mark=CACHE-HIT passthrough=no dscp=12
    trus di letak paling atas hit gan....
    mohon bantuan nya.....

  8. #23
    Status
    Offline
    kweteng's Avatar
    VIP Member
    Join Date
    Nov 2009
    Location
    batu wae
    Posts
    797
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ehm ... pisah iix dan ix + ada proxy dalam satu mikrotik ( one process local)

    baca2 lagi deh rules packet flow Click here to enlarge

  9. #24
    Status
    Offline
    iamspa's Avatar
    Member Super Senior
    Join Date
    Jan 2010
    Location
    MEDAN DONK AH....
    Posts
    685
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by kweteng Click here to enlarge
    ehm ... pisah iix dan ix + ada proxy dalam satu mikrotik ( one process local)

    baca2 lagi deh rules packet flow Click here to enlarge
    wew...
    SUHU turun gunung neh....

    sene gan di pijat reflexi dolo kaki nya biar enak...

    maksudnya gimana ya gan....
    bisa di perjelas

    mohon bimbingan nya.....

  10. #25
    Status
    Offline
    ip03nk's Avatar
    Baru Gabung
    Join Date
    Oct 2010
    Posts
    5
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    kalo untuk settingan seperti ini gimana pengaturan untuk proxnya ?
    ane udah oprak oprek sana sini tapi nggak ada yg berhasil

    udah nyoba sejajar dengan client dan sejajar dengan mikrotik nggak ada yg behasil

    ane pake external proxy ipcop squid 3xx


    ip address
    add address=192.168.11.2/24 interface=ether1 comment="Jalur Browsing" disabled=no
    add address=192.168.12.2/24 interface=ether2 comment="Jalur Game" disabled=no
    add address=192.168.1.0/24 interface=ether3 disabled=no

    /ip firewall nat
    add chain=srcnat action=masquerade disabled=no

    /ip firewall mangle
    add chain=prerouting src-address=192.168.1.0/24 dst-address-list=Jalur Game action=mark-routing new-routing-mark=Conn-Game disabled=no comment="Routing Mark Untuk Game"

    /ip route
    add gateway=192.168.11.1 ( ane pakai Speedy 2Mb )
    add gateway=192.168.12.1 routing-mark=Conn-Game ( ane pakai Speedy 2 Mb)

 

 
Page 2 of 2 FirstFirst 12

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. limit download menggunakan connection bytes
    By shiratc in forum QOS & Traffic Shaping
    Replies: 33
    Last Post: 28-12-2011, 12:24
  2. Dstnat untuk proxy external ke mikrotik dengan proxy internal
    By awarmanf in forum General Networking
    Replies: 3
    Last Post: 21-02-2010, 21:17
  3. [ask] external proxy dengan load balancer
    By erwinpasali in forum General Networking
    Replies: 2
    Last Post: 16-12-2009, 14:44

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •