Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 1 of 2 12 LastLast
Results 1 to 15 of 16
  1. #1
    Status
    Offline
    Ruwet's Avatar
    Baru Gabung
    Join Date
    Oct 2011
    Posts
    8
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Unhappy MASALAH DI dstnat MIKROTIK

    mohon bantuan'y Para senior

    dimesin proxy server saya:

    # tail -f /var/log/squid/access.log

    Code:
    1318339063.842      1 127.0.0.1 TCP_MISS/200 2816 GET cache_object://127.0.0.1/info - NONE/- text/plain
    1318339230.310      1 127.0.0.1 TCP_MISS/200 2816 GET cache_object://127.0.0.1/info - NONE/- text/plain
    sedang kan di mesin mikrotik
    ip fir nat

    HTML Code:
    1   ;;; Proxy_Warnet
         chain=dstnat action=dst-nat to-addresses=192.25.25.4 to-ports=3128 
         protocol=tcp in-interface=ether2 dst-port=80,3128
    untuk squid.conf

    acl localnet src 192.168.0.0/24
    acl localnet src 192.25.25.0/24

    http_access allow localnet

    NAH yang jadi masalah saya : Click here to enlarge
    kenapa proxy server tidak bekerja
    N pada waktu proxy di shutdown client masik bisa browsing

  2. #2
    Status
    Offline
    adiputrolds's Avatar
    Forum Guru
    Join Date
    Oct 2008
    Posts
    1,485
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    itu di tail buat apaan
    itu kan cache_object

    maksudnya proxy gk bekerja gimane ?
    proxy di shutdown gimana mau browsing client
    sama aja masuk ke blackhole

    disable dst-nat nya kalo proxy di matiin

  3. #3
    Status
    Offline
    dhopack's Avatar
    Forum Guru
    Join Date
    Dec 2010
    Location
    KUDUS
    Posts
    1,919
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    @TS
    btul kata bro electrix_85

    disable dst-nat nya kalo proxy di matiin
    kalo gak mau repot2 disable/enable manual pake netwatch aja biar otomatis disable jika proxy off dan otomatis enable jika proxy on,

  4. The Following User Says Thank You to dhopack For This Useful Post:


  5. #4
    Status
    Offline
    Ruwet's Avatar
    Baru Gabung
    Join Date
    Oct 2011
    Posts
    8
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    maaf klo GG ngasih kabar.. baru mudik


    Click here to enlarge Originally Posted by Anto.PJ Click here to enlarge
    1 ;;; Proxy_Warnet
    chain=dstnat action=dst-nat src-address=192.168.0.0/24 dst-address=!192.25.25.4 to-addresses=192.25.25.4 to-ports=3128
    protocol=tcp dst-port=80,3128

    in-interface=ether2 << ga usah diisi..
    allhamdullilah udah jalan ini GAN.. makasih atass bimbinganya..



    Click here to enlarge Originally Posted by electrix_85 Click here to enlarge
    itu di tail buat apaan
    itu kan cache_object

    maksudnya proxy gk bekerja gimane ?
    proxy di shutdown gimana mau browsing client
    sama aja masuk ke blackhole

    disable dst-nat nya kalo proxy di matiin
    klo untuk browsing clien jalan walo sudah di shutdown proxy nya..
    mohon bimbinganya.. soal'ya ni juga binggung tuk ngelimit IDM





    Click here to enlarge Originally Posted by dhopack Click here to enlarge
    @TS
    btul kata bro electrix_85



    kalo gak mau repot2 disable/enable manual pake netwatch aja biar otomatis disable jika proxy off dan otomatis enable jika proxy on,
    untuk sitinganya gimana bozz di netwatch..
    maklom.. masih newbe Click here to enlarge
    Last edited by Ruwet; 25-10-2011 at 02:39.

  6. #5
    Status
    Offline
    triadisantoso's Avatar
    Member
    Join Date
    May 2010
    Location
    Lampung, Indonesia
    Posts
    199
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    /tool netwatch
    add comment="" disabled=no down-script="/ip firewall nat disable [find comment=PROXY]" host=<ip proxy> interval=2s timeout=1s up-script=\
    "/ip firewall nat enable [find comment=PROXY]"
    jangan lupa NAT kasih coment PROXY
    klo ngk berhasil lapor di mari Click here to enlarge

  7. #6
    Status
    Offline
    Ruwet's Avatar
    Baru Gabung
    Join Date
    Oct 2011
    Posts
    8
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Klo seperti ini ginana Mass bro aditardy
    /ip fir nat pr
    ;;; Proxy_Warnet
    chain=dstnat action=dst-nat to-addresses=192.25.25.4 to-ports=3128 protocol=tcp src-address-list=warnet dst-address-list=!proxy_net
    in-interface=ether2 dst-port=80,3128

    /tool netwatch
    add comment="" disabled=no down-script="/ip firewall nat disable [find comment=Proxy_Warnet]" host=192.25.25.4 interval=2s timeout=1s up-script= \
    "/ip firewall nat enable [find comment=Proxy_Warnet]"
    nah yang jadi masalah.. klo proxy kita restart untuk HIT nya gimana..
    [maksutnya] ap tidak mengurangi HIT pada squidclient..
    mohon pencerahanya..

  8. #7
    Status
    Offline
    arthalita01's Avatar
    Newbie
    Join Date
    Oct 2010
    Posts
    46
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    simak Click here to enlarge

  9. #8
    Status
    Offline
    triadisantoso's Avatar
    Member
    Join Date
    May 2010
    Location
    Lampung, Indonesia
    Posts
    199
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    waduh, udah saya baca 3x masih bingung, maaf sebelumnya, mas bro tau apa itu squidclient ?

  10. #9
    Status
    Offline
    Ruwet's Avatar
    Baru Gabung
    Join Date
    Oct 2011
    Posts
    8
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    nah yang jadi masalah.. klo proxy kita restart untuk HIT nya gimana..
    [maksutnya] ap tidak mengurangi HIT pada squidclient..
    mohon pencerahanya..
    maksud saya gini mass broo
    untuk pengambil URL melalui objek cache squid apa tidak meugulang lagi. dan cache dir apa tidak cepat penuh.

    maklum masih newbi jadi banyak bertanya Click here to enlarge

  11. #10
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,696
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by Ruwet Click here to enlarge
    mohon bantuan'y Para senior

    dimesin proxy server saya:

    # tail -f /var/log/squid/access.log

    Code:
    1318339063.842      1 127.0.0.1 TCP_MISS/200 2816 GET cache_object://127.0.0.1/info - NONE/- text/plain
    1318339230.310      1 127.0.0.1 TCP_MISS/200 2816 GET cache_object://127.0.0.1/info - NONE/- text/plain
    ini mungkin karena salah IP.. kenapa??.. lihat dibawah

    Click here to enlarge Originally Posted by Ruwet Click here to enlarge
    untuk squid.conf

    acl localnet src 192.168.0.0/24
    acl localnet src 192.25.25.0/24

    http_access allow localnet
    ane baru tersadar.. ente udah make IP Publik orang

    192.25.25.4 yang punya adalah
    HEWLETT-PACKARD COMPANY, PALO ALTO.. silahkan di trace..

    silahkan pelajari dulu tentang alokasi IP publik dan IP privat..

  12. #11
    Status
    Offline
    dhopack's Avatar
    Forum Guru
    Join Date
    Dec 2010
    Location
    KUDUS
    Posts
    1,919
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by Ruwet Click here to enlarge
    maksud saya gini mass broo
    untuk pengambil URL melalui objek cache squid apa tidak meugulang lagi. dan cache dir apa tidak cepat penuh.

    maklum masih newbi jadi banyak bertanya Click here to enlarge
    mnrt sy kalo setingane bnr tuh proxy te2p nyimpn walapun direstart bolak balik,kalo udah ada di cache ya te2p HIT kecuali udah kadaluarsa(trgntng refresh patternnya)
    CMIIW

  13. #12
    Status
    Offline
    adiputrolds's Avatar
    Forum Guru
    Join Date
    Oct 2008
    Posts
    1,485
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    awas proxy nya makan bandwidth ........................................Click here to enlarge

  14. The Following 2 Users Say Thank You to adiputrolds For This Useful Post:


  15. #13
    Status
    Offline
    Ruwet's Avatar
    Baru Gabung
    Join Date
    Oct 2011
    Posts
    8
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by electrix_85 Click here to enlarge
    awas proxy nya makan bandwidth ........................................Click here to enlarge
    maksud'ya gimana gam...

  16. #14
    Status
    Offline
    dhopack's Avatar
    Forum Guru
    Join Date
    Dec 2010
    Location
    KUDUS
    Posts
    1,919
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by Ruwet Click here to enlarge
    maksud'ya gimana gam...
    mgkn mksdnya kalo proxyna lapar BW sampeyan bisa dimakn abis hehehehhe.....
    piss bro OOT dikit

  17. The Following 2 Users Say Thank You to dhopack For This Useful Post:


  18. #15
    Status
    Offline
    Ruwet's Avatar
    Baru Gabung
    Join Date
    Oct 2011
    Posts
    8
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    tolong dicoreksi sittingan saya..

    ip fir nat pr
    1 chain=srcnat action=masquerade out-interface=pppoe-out1

    2 chain=srcnat action=masquerade out-interface=ether2

    4 ;;; proxy_warnet
    chain=dstnat action=dst-nat to-addresses=192.25.25.4 to-ports=3128
    protocol=tcp dst-address-list=!proxyNET in-interface=ether3
    dst-port=80,3128
    sekalian koreksi juga tuk ngelimit IDM ..
    di layer7 saya kek gini
    ip firewall layer7-protocol add comment=" name=contens" regexp="^.*get.+\\.(.exe|.rar|.zip|.7z|.cab|.asf|. mov|.wmv|.mpg|.mpeg|.mkv|.avi|.flv|.pdf|.wav|.rm|. mp3|.mp4|.ram|.rmvb|.dat|.daa|.iso|.nrg|.bin|.vcd| .mp2|.3gp|.mpe|.qt|.raw|.wma|.ogg|.doc|.deb|.tar|. bzip|.gzip|.gzip2|0[0-9][0-9]).*\$|"
    untuk firewall mangle'y begini
    15 ;;; LIMIT DOWN
    chain=prerouting action=mark-packet new-packet-mark=test-down passthrough=no protocol=tcp dst-address-list=!IP-games layer7-protocol=contens
    in-interface=pppoe-out1 packet-mark=!HIT connection-bytes=131073-4294967295
    dan untuk queue tree nya
    0 name="downstream" parent=global-out packet-mark=test-down limit-at=0 queue=downstream-pcq priority=8 max-limit=256k burst-limit=0 burst-threshold=0 burst-time=0s
    kerena baru kemaren Q netinstall dari v4.9 ke v5.7
    maaf klo sedikit menyimpang dari Threads dan sudah di bahas di Threads yang laen
    mohon pencerahanya ...
    harap maklum karena saya masih newbe disini Click here to enlarge
    Last edited by Ruwet; 31-10-2011 at 05:43.

 

 
Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 2 users browsing this thread. (0 members and 2 guests)

Similar Threads

  1. perbedaan redirect sm dstnat port dns
    By dhopack in forum General Networking
    Replies: 8
    Last Post: 11-06-2011, 17:22
  2. Masalah Wireless di Mikrotik (help) :(
    By k4t4ms03 in forum Wireless Networking
    Replies: 19
    Last Post: 18-06-2010, 20:36
  3. Script untuk dstnat (proxy transparent) dengan 3 target
    By awarmanf in forum Scripting @ Mikrotik
    Replies: 1
    Last Post: 22-02-2010, 23:58
  4. Dstnat untuk proxy external ke mikrotik dengan proxy internal
    By awarmanf in forum General Networking
    Replies: 3
    Last Post: 21-02-2010, 21:17
  5. (ask) cara redirect dstnat dari MT ke squidbox
    By sum14rdi in forum General Networking
    Replies: 15
    Last Post: 17-11-2008, 13:04

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •