Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 5 of 5
  1. #1
    Status
    Offline
    effectop's Avatar
    Baru Gabung
    Join Date
    Jul 2010
    Posts
    6
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    [ask] tcp_denied/400

    mau tanya kepada sesepuh disini.
    sewaktu menjalankan cache log saya mendapati ada yang aneh dengan cache.log ini

     

    1360417434.268 0 192.168.8.11 TCP_DENIED/400 1720 NONE error:invalid-request - NONE/- text/html
    1360417434.269 0 192.168.8.11 TCP_DENIED/400 1720 NONE error:invalid-request - NONE/- text/html
    1360418432.709 0 192.168.8.12 TCP_DENIED/400 1723 NONE error:invalid-request - NONE/- text/html
    1360418432.709 0 192.168.8.12 TCP_DENIED/400 1723 NONE error:invalid-request - NONE/- text/html
    1360501277.427 0 192.168.8.29 TCP_DENIED/400 1743 NONE error:invalid-request - NONE/- text/html
    1360501277.427 0 192.168.8.29 TCP_DENIED/400 1743 NONE error:invalid-request - NONE/- text/html
    1360501556.680 0 192.168.8.29 TCP_DENIED/400 1729 NONE error:invalid-request - NONE/- text/html
    1360501556.792 0 192.168.8.29 TCP_DENIED/400 1720 NONE error:invalid-request - NONE/- text/html
    1360501556.792 0 192.168.8.29 TCP_DENIED/400 1720 NONE error:invalid-request - NONE/- text/html
    1360501556.818 0 192.168.8.29 TCP_DENIED/400 1729 NONE error:invalid-request - NONE/- text/html
    1360501557.055 0 192.168.8.29 TCP_DENIED/400 1729 NONE error:invalid-request - NONE/- text/html
    1360501557.180 0 192.168.8.29 TCP_DENIED/400 1729 NONE error:invalid-request - NONE/- text/html
    1360501566.783 0 192.168.8.29 TCP_DENIED/400 1720 NONE error:invalid-request - NONE/- text/html
    1360501566.783 0 192.168.8.29 TCP_DENIED/400 1720 NONE error:invalid-request - NONE/- text/html
    1360501566.809 0 192.168.8.29 TCP_DENIED/400 1729 NONE error:invalid-request - NONE/- text/html
    1360501566.912 0 192.168.8.29 TCP_DENIED/400 1720 NONE error:invalid-request - NONE/- text/html
    1360501566.912 0 192.168.8.29 TCP_DENIED/400 1720 NONE error:invalid-request - NONE/- text/html
    1360501567.167 0 192.168.8.29 TCP_DENIED/400 1729 NONE error:invalid-request - NONE/- text/html
    1360501567.298 0 192.168.8.29 TCP_DENIED/400 1729 NONE error:invalid-request - NONE/- text/html


    kira-kira ini errornya kenapa ya ? arti nilai 1720,723, 1729, 1743 ini apa ya ?
    berikut ini senpenggalan isi squid.conf saya

     

    ##start of config
    http_port 3128 transparent
    server_http11 on
    icp_port 0

    #================================================= ============================
    # TAG File Squid
    #================================================= ============================
    pid_filename /var/run/squid.pid
    coredump_dir /var/spool/squid/
    error_directory /usr/share/squid/errors/en/
    icon_directory /usr/share/squid/icons
    mime_table /usr/share/squid/mime.conf
    visible_hostname proxy

    #================================================= ============================
    # TAG: Log Squid
    #================================================= ============================
    access_log /var/log/squid/access.log
    cache_log /dev/null
    cache_store_log /dev/null

    log_fqdn off
    log_icp_queries off
    buffered_logs off
    emulate_httpd_log off

    #================================================= ==========================
    # TAG: FTP section
    #================================================= ==========================
    ftp_list_width 32
    ftp_passive on
    ftp_sanitycheck on

    #================================================= ==================
    # TAG: ACL Section
    #================================================= ==================
    acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
    acl localnet src 172.0.0.0/8 # RFC1918 possible internal network
    acl localnet src 192.168.0.0/16 # RFC1918 possible internal network

    uri_whitespace strip


    #DNS NAMESERVER
    dns_nameservers 192.168.90.1

    cache_mem 64 MB
    maximum_object_size_in_memory 50 KB
    memory_replacement_policy heap GDSF
    cache_replacement_policy heap LFUDA

    cache_dir aufs /cache 56400 66 256


    minimum_object_size 0 bytes
    maximum_object_size 250 MB
    offline_mode off
    cache_swap_low 98
    cache_swap_high 99

    # Setup some default acls
    acl all src 0.0.0.0/0
    acl localhost src 127.0.0.1/32
    acl safeports port 21 70 80 81 210 280 443 488 563 591 631 777 901 3128 1025-65535
    acl sslports port 443 563 81
    acl manager proto cache_object
    acl purge method PURGE
    acl connect method CONNECT
    acl dynamic urlpath_regex cgi-bin \?
    acl ayodance dst 122.102.49.132/32
    #always_direct allow localnet dynamic
    always_direct allow ayodance
    always_direct deny all
    http_access allow manager localhost
    http_access deny manager
    http_access allow purge localhost
    http_access deny purge
    http_access deny !safeports
    http_access deny CONNECT !sslports
    # Always allow localhost connections
    http_access allow localhost

    # Allow local network(s) on interface(s)
    http_access allow localnet

    # Default block all to be sure
    http_access deny all

    follow_x_forwarded_for allow localnet
    follow_x_forwarded_for allow localhost


     

    #!/bin/sh
    #
    #This is a ubuntu adapted iptables script from gentoo
    #() which was originally distributed
    # under the terms of the GNU General Public License v2
    #and was Copyrighted 1999-2004 by the Gentoo Foundation
    #
    #This adapted version was intended for and ad-hoc personal
    #situation and as such no warranty is provided.
    # Installation
    #-------------
    # chmod +x /etc/init.d/iptables
    # update-rc.d iptables start 37 S . stop 37 0 .
    # /etc/init.d/iptables start

    IPTABLES_SAVE="/etc/default/iptables-rules"
    SAVE_RESTORE_OPTIONS="-c"
    SAVE_ON_STOP="no"

    checkrules() {
    if [ ! -f ${IPTABLES_SAVE} ]
    then
    echo "Not starting iptables. First create some rules then run"
    echo "\"/etc/init.d/iptables save\""
    return 1
    fi
    }

    save() {
    echo "Saving iptables state"
    /sbin/iptables-save ${SAVE_RESTORE_OPTIONS} > ${IPTABLES_SAVE}
    }

    start(){
    checkrules || return 1
    echo "Loading iptables state and starting firewall"
    echo -n "Restoring iptables ruleset"
    start-stop-daemon --start --quiet --exec /sbin/iptables-restore -- ${SAVE_RESTORE_OPTIONS} < ${IPTABLES_SAVE}
    }

    case "$1" in
    save)
    save
    echo "."
    ;;

    start)
    start
    echo "."
    ;;
    stop)
    if [ "${SAVE_ON_STOP}" = "yes" ]; then
    save || exit 1
    fi
    echo -n "Stopping firewall"
    for a in `cat /proc/net/ip_tables_names`; do
    /sbin/iptables -F -t $a
    /sbin/iptables -X -t $a

    if [ $a == nat ]; then
    /sbin/iptables -t nat -P PREROUTING ACCEPT
    /sbin/iptables -t nat -P POSTROUTING ACCEPT
    /sbin/iptables -t nat -P OUTPUT ACCEPT
    elif [ $a == mangle ]; then
    /sbin/iptables -t mangle -P PREROUTING ACCEPT
    /sbin/iptables -t mangle -P INPUT ACCEPT
    /sbin/iptables -t mangle -P FORWARD ACCEPT
    /sbin/iptables -t mangle -P OUTPUT ACCEPT
    /sbin/iptables -t mangle -P POSTROUTING ACCEPT
    elif [ $a == filter ]; then
    /sbin/iptables -t filter -P INPUT ACCEPT
    /sbin/iptables -t filter -P FORWARD ACCEPT
    /sbin/iptables -t filter -P OUTPUT ACCEPT
    fi
    done
    start-stop-daemon --stop --quiet --pidfile /var/run/iptables.pid --exec /sbin/iptables
    echo "."
    ;;

    restart)
    echo -n "Flushing firewall"
    for a in `cat /proc/net/ip_tables_names`; do
    /sbin/iptables -F -t $a
    /sbin/iptables -X -t $a
    done;
    start
    echo "."
    ;;
    *)
    echo "Usage: /etc/init.d/iptables {start|stop|restart|save}" >&2
    exit 1
    ;;
    esac

    exit 0



    kira-kira masalahnya dimana ya ? thx.
    Last edited by effectop; 11-02-2013 at 10:43.

  2. #2
    Status
    Offline
    wandi's Avatar
    Member
    Join Date
    Jul 2008
    Location
    Bandung, Indonesia
    Posts
    276
    Reviews
    Read 0 Reviews
    Downloads
    6
    Uploads
    0
    Feedback Score
    0
    kalo bisa bagian http_port di squid.conf dan iptablesnya di share juga kang biar lebih gampang dilokalisir troublenya. pokonya semakin lengkap semakin baik.

    kalo error 400 itu error Kode dan headers Hypertext Transfer Protocol (rfc2616)

    coba kesini kalo mau baca2


    biasanya formatnya log squid susunanya seperti ini

    1360417434.268 0 192.168.8.11 TCP_DENIED/400 1720 NONE error:invalid-request - NONE/- text/html

    1: timestamp= 1360417434.268
    2: response time= 0
    3: client address= 192.168.8.11
    4: result/status code= TCP_DENIED/400
    5: transfer size= 1720
    6: request method= NONE
    7: URI= error:invalid-request
    8: client identitas= NONE/
    9: peering code/peerhost=
    10: content type= text/html
    11: HTTP request headers=
    12: HTTP response headers=
    Last edited by wandi; 11-02-2013 at 10:39.

  3. The Following User Says Thank You to wandi For This Useful Post:


  4. #3
    Status
    Offline
    effectop's Avatar
    Baru Gabung
    Join Date
    Jul 2010
    Posts
    6
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by wandi Click here to enlarge
    kalo bisa bagian http_port di squid.conf dan iptablesnya di share juga kang biar lebih gampang dilokalisir troublenya. pokonya semakin lengkap semakin baik.

    kalo error 400 itu error Kode dan headers Hypertext Transfer Protocol (rfc2616)

    coba kesini kalo mau baca2


    biasanya formatnya log squid susunanya seperti ini

    1360417434.268 0 192.168.8.11 TCP_DENIED/400 1720 NONE error:invalid-request - NONE/- text/html

    1: timestamp= 1360417434.268
    2: response time= 0
    3: client address= 192.168.8.11
    4: result/status code= TCP_DENIED/400
    5: transfer size= 1720
    6: request method= NONE
    7: URI= error:invalid-request
    8: client identitas= NONE/
    9: peering code/peerhost=
    10: content type= text/html
    11: HTTP request headers=
    12: HTTP response headers=
    em
    Trims kepada bro wandi yang sudah mereply. kira-kira uda cukup data dari squid.conf saya? sorry saya masih pemula di proxy ini.

  5. #4
    Status
    Offline
    wandi's Avatar
    Member
    Join Date
    Jul 2008
    Location
    Bandung, Indonesia
    Posts
    276
    Reviews
    Read 0 Reviews
    Downloads
    6
    Uploads
    0
    Feedback Score
    0
    Jangan Menatap saya kang Click here to enlarge saya masih bodo
    melapor saja saya masih belajar cuma sepengatahuan saya kalo urusan TCP_DENIED/400 penyebabnya bisa banyak. apalagi yang si akang errornya gak menunjukan apa dan kemana selain error 1360417434.268 0 192.168.8.11 TCP_DENIED/400 1720 NONE error:invalid-request - NONE/- text/html , beda sama error permission cache misalnya. ya penyebabnya bisa config, iptables,dns dari mikrotiknya juga ada kemungkinan.

    iptables saya pake juga cuma

    Code:
    nano /etc/iptables.up.rules
    
    # Generated by iptables-save v1.4.8 on Wed Feb  6 00:50:12 2013
    *mangle
    :PREROUTING ACCEPT [17:1480]
    :INPUT ACCEPT [17:1480]
    :FORWARD ACCEPT [0:0]
    :OUTPUT ACCEPT [16:2388]
    :POSTROUTING ACCEPT [16:2388]
    COMMIT
    # Completed on Wed Feb  6 00:50:12 2013
    # Generated by iptables-save v1.4.8 on Wed Feb  6 00:50:12 2013
    *nat
    :PREROUTING ACCEPT [0:0]
    :POSTROUTING ACCEPT [0:0]
    :OUTPUT ACCEPT [0:0]
    [0:0] -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3229 
    COMMIT
    # Completed on Wed Feb  6 00:50:12 2013
    # Generated by iptables-save v1.4.8 on Wed Feb  6 00:50:12 2013
    gak ngerti saya baca yang punya akang wkwkwk


    jadi kita tunggu saja ahlinya Click here to enlarge kalo saya mah bagian ikut2an saja. bagian pemulung dan tukang sundul wkwkwk

    tapi saya juga coba cari dari kemarin ko di google cuma masih banyak pilihan .

    Amos bilang sih

    A program tried to use the proxy with a request that is either not HTTP or is part of the HTTP extensions your squid can't handle yet.

    nah untuk tahu what program is, si akang bisa edit atau ke devel squid.conf nya supaya nyatet lebih lengkap biar ketahuan yang di DENY itu apa. atau mungkin pake squid.conf non transparent yg simple tanpa refresh-pattern dan iptables simple
    Code:
    contoh log squid confignya 
    
    #access_log /var/log/squid/access.log
    cache_log /var/log/squid/cache.log
    logformat 	combined %{Host}>h %>a %ui %un [%tl] "%rm %ru  HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
    logformat 	vcombined %{Host}>h %>a %ui %un [%tl] "%rm %ru  HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h"
    access_log	/var/log/squid/access.log combined
    access_log	/var/log/squid/vaccess.log vcombined
    
    iptablesnya (gak pake ini juga kalo gak transparent dan sejajar klien cukup di clear aja -F -X)
    
    iptables -F
    iptables -X
    iptables -t nat -F
    iptables -t nat -X
    iptables -t mangle -F
    iptables -t mangle -X
    iptables -P INPUT ACCEPT
    iptables -P OUTPUT ACCEPT
    iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
    iptables-save -c > /etc/iptables.up.rules
    topologinya dibikin sejajar klien dulu dengan setting dari control panel atau browser apakah masih ada DENY. clearkan dulu iptables baik yang mikrotik atau yang proxy. pokoknya step by step config dari awal.biar ketahuan dari mana masalahnya kalo sudah fix satu baru naik ke tahap selanjutnya.
    bayangan saya yang enak sih begitu.

    contoh hasil lognya masing2 dan sesuaikan
    Code:
    nod32.hallsoft.net 192.168.2.6 - - [12/Feb/2013:01:25:12 +0700] "GET http://nod32.hallsoft.net/v4/update.ver  HTTP/1.1" 403 591 "-" "ESS Update (Windows; U; 32bit; VDB 11832; BPC 4.0.68.0; OS: 6.1.7601 SP 1.0 NT; CH 0.0; LNG 1033; x32c; UPD http://nod32.hallsoft.net/v4/; APP eav; BEO 1; CPU 14284; ASP 0.10; FW 0.0; PX 0; PUA 0)" TCP_MISS:DIRECT
    
    i1.ytimg.com 192.168.2.2 - - [12/Feb/2013:01:20:28 +0700] "GET http://i1.ytimg.com/i/D9sFXUWIpMpqBlE31b_jPw/1.jpg  HTTP/1.1" 404 2226 "http://www.youtube.com/watch?v=PyHAm6TTBIY" "Mozilla/5.0 (Windows NT 5.1; rv:17.0) Gecko/17.0 Firefox/17.0"
    ma'af gak bisa bantu banyak maklum saja saya juga baru bisa belum ahli Click here to enlarge cuma pura2 ngerti aja biar gak malu kalo ikut ngobrol
    install linux dan mikrotik 03-2012 pake proxy 09-2012 gak butuh banyak lagi cuman buat warnet punya temen saja lumayan sekalian belajar gratis.

    BTW errornya mirip
    cuma port 80 saja kan yang dibelokan ke proxy kang?
    Last edited by wandi; 16-02-2013 at 02:15.

  6. #5
    Status
    Offline
    iamspa's Avatar
    Member Super Senior
    Join Date
    Jan 2010
    Location
    MEDAN DONK AH....
    Posts
    685
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ini kayaknya TS mau di buat gateway proxy nya....
    jadi make iptables gitu.....
    coba kalo buat ip tables pake webmin aja....
    lalu post di mari hasil ip tables nya....

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. (Solved) tcp_denied youtube site
    By davinmei in forum Linux Support
    Replies: 5
    Last Post: 22-10-2011, 02:52
  2. [ask] squid tcp_denied/403
    By ajib004 in forum Guide
    Replies: 17
    Last Post: 05-09-2011, 06:02

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •