Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 12 of 12
  1. #1
    Status
    Offline
    fadhli's Avatar
    Member
    Join Date
    Nov 2008
    Location
    Jakarta, Indonesia
    Posts
    277
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Layer 7 untuk proxy khusus youtube

    Selamat siang agan2...

    dari kemarin sempet muter-muter nyari clue untuk ide sederhana ini, tapi belom kelar2 Click here to enlarge

    jadi karena HDD terbatas banget, ane niatannya pengen setting squid khusus video youtube aja. <-- settingan ini sudah selesai.

    Nah yang jadi permasalahan
    Belokin ke squid nya gimana ya kalo khusus videonya ?

    ane dah coba pake layer 7

    yang "^.*get.+.c.youtube.com.*$"

    gagal

    Pake yang :
    "get_video\?|videoplayback\?|videodownload\?|\.flv ?"
    "get_video\?|videoplayback\?id|videoplayback.*id|v ideodownload\?|\.flv?"

    gagal juga




    saya minta pencerahan dari suhu2 master disini Click here to enlarge

  2. #2
    Status
    Offline
    fadhli's Avatar
    Member
    Join Date
    Nov 2008
    Location
    Jakarta, Indonesia
    Posts
    277
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Yang baca banyak tapi yg reply ga ada... hiks >.<


    sundul dulu deh

  3. #3
    Status
    Offline
    boled's Avatar
    Member
    Join Date
    Aug 2009
    Location
    Cilacap
    Posts
    246
    Reviews
    Read 0 Reviews
    Downloads
    14
    Uploads
    1
    Feedback Score
    0
    btw sy pake regek yang ini :
    regexp="^.*get.+.c.youtube.com.*\$"

    suskses aja loh gan untuk shaping youtube....
    coba Nat nya di gelar disini gan.... ?

  4. #4
    Status
    Offline
    fadhli's Avatar
    Member
    Join Date
    Nov 2008
    Location
    Jakarta, Indonesia
    Posts
    277
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ip firewall nat layer pr
    Code:
    # NAME                                   REGEXP 
    0 youtube                                ^.*get.+.c.youtube.com.*$

    ip firewall nat pr
    Code:
    chain=dstnat action=dst-nat to-addresses=192.168.10.2 to-ports=3128 
    protocol=tcp layer7-protocol=youtube in-interface=lokal dst-port=80

    kalo salah tolong di beri pencerahan gan >.<

  5. #5
    Status
    Offline
    dhopack's Avatar
    Forum Guru
    Join Date
    Dec 2010
    Location
    KUDUS
    Posts
    1,919
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    kalo misal pake ip mstine bisa, jd ngumpulin ip2 dr youtube trs dibuat address list br tarik ke NAT,
    ada yg share kok script untuk buat address list secara otomatis, jd buat script untuk cr ip misal youtube.com ntar hasil dr script tsb otomats membuat address list,
    CMIIW

  6. #6
    Status
    Offline
    fadhli's Avatar
    Member
    Join Date
    Nov 2008
    Location
    Jakarta, Indonesia
    Posts
    277
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    itu dia gan, ane pengen coba, ketika ada request file video youtube aja yg di belokin ke squid, yg lain nya akses langsung.
    kalo pake add-dst-to-addresseslist, brarti yg ke IP itu akan di belokin, dan ga cuma file video aja yg di belokin ke squid brarti.


    istilahnya bikin akamai video youtube sendiri lah Click here to enlarge

    mengingat hdd terbatas dan yg video yg pengen di cache youtube doang Click here to enlarge

  7. #7
    Status
    Offline
    boled's Avatar
    Member
    Join Date
    Aug 2009
    Location
    Cilacap
    Posts
    246
    Reviews
    Read 0 Reviews
    Downloads
    14
    Uploads
    1
    Feedback Score
    0
    jika opsi dibawah ini

    acl cache i (flv)
    cache_allow cache
    cache deny all


    udah diterapin,

    coba di by pas dulu di nat tanpa L7 sudah nge HIT lom.....?
    SS squidstat nya sekalian gan
    Last edited by boled; 21-12-2011 at 08:59. Reason: tambahan

  8. #8
    Status
    Offline
    fadhli's Avatar
    Member
    Join Date
    Nov 2008
    Location
    Jakarta, Indonesia
    Posts
    277
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Kalo masalah HIT nya belakangan kang, kan belom ke belok ke squid,
    jadi belom ada request.

    kalo udah ke belok tapi belom hit, brarti squidnya yg masalah, tapi kan ini belom ke belok gan, brarti mikrotiknya yg perlu di kocok, hehe

  9. #9
    Status
    Offline
    c0nf's Avatar
    Contributor
    Join Date
    Jul 2007
    Location
    Bandung, Indonesia
    Posts
    1,816
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    silahkan dikombinasikan sendiri yak. Clue nya ada di dan . Dari dua tutorial tadi bisa dibuat seperti diinginkan. Goodluck gan.
    Invisible...

  10. #10
    Status
    Offline
    wandi's Avatar
    Member
    Join Date
    Jul 2008
    Location
    Bandung, Indonesia
    Posts
    276
    Reviews
    Read 0 Reviews
    Downloads
    6
    Uploads
    0
    Feedback Score
    0
    Thread lama tapi lumayanlah daripada catatan ini disimpen sendiri suka ilang.

    Code:
    /system script
    add name=script1 policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api source=":local comment\r\
        \n    :local address\r\
        \n    :local list\r\
        \n    :local disabled\r\
        \n\r\
        \n    /ip firewall address-list\r\
        \n    :foreach a in=[find] do={\r\
        \n    :if ([get \$a dynamic] = true) do={\r\
        \n    :set comment [get \$a comment]\r\
        \n    :set address [get \$a address]\r\
        \n    :set list [get \$a list]\r\
        \n    :set disabled [get \$a disabled]\r\
        \n    remove \$a\r\
        \n    add address=\$address list=\$list comment=\$comment disabled=\$disabled\r\
        \n    }\r\
        \n    }\r\
        \n"
    add name=script2 policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api source=":foreach i in=[/ip dns cache find] do={\r\
        \n:local bNew \"true\";\r\
        \n# check if dns name contains youtube\r\
        \n:if ([:find [/ip dns cache get \$i name] \"youtube\"] != 0) do={\r\
        \n:local tmpAddress [/ip dns cache get \$i address] ;\r\
        \n#---- if address list is empty do not check ( add address directly )\r\
        \n:if ( [/ip firewall address-list find ] = \"\") do={/ip firewall address-list add address=\$tmpAddress list=youtube disabled=no;} else={\r\
        \n#------- check every address list entry\r\
        \n:foreach j in=[/ip firewall address-list find ] do={\r\
        \n#---------- set bNew variable to false if address exists in address list\r\
        \n:if ( [/ip firewall address-list get \$j address] = \$tmpAddress ) do={\r\
        \n:set bNew \"false\";\r\
        \n}\r\
        \n}\r\
        \n#------- if address is new then add to address list\r\
        \n:if ( \$bNew = \"true\" ) do={/ip firewall address-list add address=\$tmpAddress list=youtube disabled=no\r\
        \n}\r\
        \n}\r\
        \n}\r\
        \n}"
    layer-7 youtube saya pake ini saja kalo nemu baru bisa ganti ato kalo ada situs baru tinggal ditambah aja |

    Code:
    /ip firewall layer7-protocol
    add name=youtube-1 regexp=(o-o.preferred.pttelkom-|c.youtube.com|s.youtube.com|.youtube.com)
    add name=youtube-2 regexp=(watch\?|get_video\?|videodownload\?|videoplayback.*id)
    add name=youtube-3 regexp=(get_video|videoplayback\?id|videoplayback.*id).*begin\=[1-9][0-9]*
    kalo filter sesuaikan saja kebetulan yg saya pake jump

    Code:
    add action=jump chain=forward comment="Packet filtering" disabled=no \
        jump-target=tcp protocol=tcp
    add action=add-dst-to-address-list address-list=youtube address-list-timeout=\
        10m chain=tcp comment=YOUTUBE disabled=no dst-address=!192.168.3.2 \
        dst-address-list=!Local-Address layer7-protocol=youtube-1
    add action=add-dst-to-address-list address-list=youtube address-list-timeout=\
        10m chain=tcp comment="" disabled=no dst-address=!192.168.3.2 \
        dst-address-list=!Local-Address layer7-protocol=youtube-2
    add action=add-dst-to-address-list address-list=youtube address-list-timeout=\
        10m chain=tcp comment="" disabled=no dst-address=!192.168.3.2 \
        dst-address-list=!Local-Address layer7-protocol=youtube-3
    add action=add-dst-to-address-list address-list=youtube address-list-timeout=\
        10m chain=tcp comment="" content=.youtube.com disabled=no \
        dst-address=!192.168.3.2 dst-address-list=!Local-Address
    
    /ip firewall address-list
    add address=192.168.2.0/24 disabled=no list=Local-Address
    add address=192.168.3.0/24 disabled=no list=Proxy-Address
    kalo natnya mudah2an kaya gini

    Code:
    /ip fi nat
    add action=dst-nat chain=dstnat comment="TRANSPARENT PROXY 3 ETH" disabled=no \
        dst-address=!192.168.3.2 dst-address-list=youtube dst-port=80 \
        in-interface=Local protocol=tcp to-addresses=192.168.3.2 to-ports=3128
    terakhir pangkas refresh patern dan dst domain di squid.conf menjadi hanya youtube saja

    Code:
    acl cache_server dstdomain .youtube.com .ytimg.com .googlevideo.com
    no_cache deny !cache_server
    masih jauh dari sempurna tapi lumayanlah buat dicoba.
    Last edited by wandi; 06-02-2013 at 04:43.

  11. #11
    Status
    Offline
    Killermonk's Avatar
    Baru Gabung
    Join Date
    Jun 2010
    Posts
    5
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    ane cuma pake ini aja, siapa tau berguna

    Code:
    acl youtube_range url_regex -i .*youtube\.com\/videoplayback.*range\=.*$
    http_access deny youtube_range

  12. #12
    Status
    Offline
    wandi's Avatar
    Member
    Join Date
    Jul 2008
    Location
    Bandung, Indonesia
    Posts
    276
    Reviews
    Read 0 Reviews
    Downloads
    6
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by Killermonk Click here to enlarge
    ane cuma pake ini aja, siapa tau berguna

    Code:
    acl youtube_range url_regex -i .*youtube\.com\/videoplayback.*range\=.*$
    http_access deny youtube_range
    kalo yang ini supaya youtubenya dapet yang non range, biar wzzz kalo HIT.

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 771
    Last Post: 11-02-2015, 08:01
  2. [Tanya]Layer 7 sambung ke Web Proxy
    By harajukuon in forum Beginner Basics
    Replies: 1
    Last Post: 09-05-2012, 21:13
  3. [ASK] Layer 7 untuk proxy khusus youtube
    By fadhli in forum General Networking
    Replies: 6
    Last Post: 27-03-2012, 22:35
  4. [ASk] Antrian/queue ada di layer brp dalam OSI layer?
    By princess in forum General Networking
    Replies: 1
    Last Post: 28-02-2010, 23:54
  5. youtube gak lewat proxy
    By nashr in forum Beginner Basics
    Replies: 24
    Last Post: 25-06-2008, 11:21

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •