Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 12 of 12
  1. #1
    Status
    Offline
    nitaufan's Avatar
    Member
    Join Date
    Apr 2008
    Posts
    154
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0

    <ASK> Mangle Tidak ada Respon

    Para suhu dan master2 mikrotik dan squid.....

    ane ada masalah neh....di log squid terlihat TCP HIT tetapi di mangle mikrotik traffic HIT tidak tertangkap sama skali....mohon solusinya....

    ini settingan mangle saya
    Code:
    [admin@MikroTik] /ip firewall mangle> print              
    Flags: X - disabled, I - invalid, D - dynamic 
     0   ;;; squid
         chain=prerouting action=mark-packet new-packet-mark=proxy-hit passthrough=no protocol=tcp dscp=12 
    
     1   ;;; Rule Pisah Bandwidth Browsing dan Game
         chain=prerouting action=mark-connection new-connection-mark=koneksi iix passthrough=yes dst-address-list=iix in-interface=local 
    
     2   chain=prerouting action=mark-packet new-packet-mark=paket iix passthrough=no connection-mark=koneksi iix 
    
     3   chain=output action=mark-packet new-packet-mark=paket iix passthrough=no connection-mark=koneksi iix 
    
     4   chain=prerouting action=mark-packet new-packet-mark=paket int passthrough=no 
    
     5   chain=output action=mark-packet new-packet-mark=paket int passthrough=no 
    
     6   chain=forward action=mark-packet new-packet-mark=download-paket passthrough=yes protocol=tcp src-address-list=downloads 
    
     7 X ;;; zph (DSCP TOS 12)
         chain=prerouting action=mark-packet new-packet-mark=proxy-pkt passthrough=no protocol=tcp dscp=12 
    
     8 X ;;; zph (X-Cache: HIT)
         chain=prerouting action=mark-packet new-packet-mark=proxy-pkt passthrough=no protocol=tcp content=X-Cache: HIT 
    
     9 X ;;; Bypass queue jika video HIT dari squid
         chain=prerouting action=mark-connection new-connection-mark=squid_HIT_conn passthrough=yes protocol=tcp dst-address=192.168.10.2 in-interface=local 
         dst-port=80 
    
    10 X chain=prerouting action=mark-packet new-packet-mark=proxy-pkt passthrough=no connection-mark=squid_HIT_conn 
    
    11 X chain=output action=mark-packet new-packet-mark=proxy-pkt passthrough=no connection-mark=squid_HIT_conn 
    [admin@MikroTik] /ip firewall mangle>
    Gambar Log TCP-HIT Squid Proxy
    Click here to enlarge

    Gambar Mangle di Mikrotik
    Click here to enlarge

    Mohon koreksi dan Solusinya.......Click here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlarge
    Last edited by nitaufan; 24-07-2010 at 08:21.

  2. #2
    Status
    Offline
    keblux's Avatar
    Member Senior
    Join Date
    Nov 2009
    Location
    ǝɹǝɥʍ ou ɟo ǝlppıɯ ǝɥʇ uı
    Posts
    452
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    pake squid versi apa?

    di confignya ud ada ini
    Code:
    zph_mode tos
    zph_local 0x30
    zph_parent 0
    zph_option 136
    Click here to enlarge

  3. #3
    Status
    Offline
    nitaufan's Avatar
    Member
    Join Date
    Apr 2008
    Posts
    154
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by keblux Click here to enlarge
    pake squid versi apa?

    di confignya ud ada ini
    Code:
    zph_mode tos
    zph_local 0x30
    zph_parent 0
    zph_option 136
    Click here to enlarge
    Squid windows CCPB Versi 2.7 udh ada config yg agan ksh tau....

    ini squid.conf saya....
    Code:
    http_port 3128 transparent
    cache_mgr One_Stop
    forwarded_for off
    visible_hostname One_stop_Digital
    
    
    cache_mem 64 MB
    cache_dir ufs d:/squid/cache0 1000 16 256
    cache_dir ufs d:/squid/cache1 1000 16 256
    cache_dir ufs d:/squid/cache2 1000 16 256
    cache_dir ufs d:/squid/cache3 1000 16 256
    coredump_dir d:/squid
    
    #logformat squid  %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
    #logformat squidmime  %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt [%>h] [%<h]
    #logformat common %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st %Ss:%Sh
    logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
    access_log d:/squid/access.log squid
    cache_store_log none
    cache_log  d:/squid/cache.log
    
    acl apache rep_header Server ^Apache
    broken_vary_encoding allow apache
    maximum_object_size 1024000 KB
    maximum_object_size_in_memory 512 KB
    
    negative_ttl 2 minutes
    half_closed_clients off
    #cache_swap_high 100%
    #cache_swap_low 80%
    
    ipcache_size 4096
    ipcache_low 95
    ipcache_high 100
    
    memory_pools off
    reload_into_ims on
    pipeline_prefetch on
    
    acl all src 0.0.0.0/0.0.0.0
    acl localNet src 192.168.0.0/24, 192.168.1.0/24, 192.168.10.0/24, 192.168.100.0/24
    acl manager proto cache_object
    acl localhost src 127.0.0.1/255.255.255.255
    acl to_localhost dst 127.0.0.0/8
    acl SSL_ports port 443
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 # https
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl CONNECT method CONNECT
    
    # Yahoo! Messenger
    acl ym dstdomain .messenger.yahoo.com .psq.yahoo.com
    acl ym dstdomain .us.il.yimg.com .msg.yahoo.com .pager.yahoo.com
    acl ym dstdomain .rareedge.com .ytunnelpro.com .chat.yahoo.com
    acl ym dstdomain .voice.yahoo.com
    
    acl ymregex url_regex yupdater.yim ymsgr myspaceim
    
    # Other protocols Yahoo!Messenger uses ??
    acl ym dstdomain .skype.com .imvu.com
    
    
    # add from H4ck3rKu
    
    refresh_pattern ^http\:\/\/*\.facebook\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/*\.kaskus\.us\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/*\.google\.co\*.*/ 10080 90% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/*\.yahoo\.co*\.*/ 10080 90% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/.*\.windowsupdate\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/office\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/windowsupdate\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/w?xpsp[0-9]\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/w2ksp[0-9]\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/download\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/download\.macromedia\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^ftp\:\/\/ftp\.nai\.com/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/ftp\.software\.ibm\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/*\.friendster\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/*\.detik\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/*\.kaskus\.us\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/*\.google\.co\*.*/ 10080 90% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/*\.yahoo\.co*\.*/ 10080 90% 43200 reload-into-ims
    
    refresh_pattern ^http://*.apps.facebook.*/.* 720 80% 4320
    refresh_pattern ^http://*.profile.ak.fbcdn.net/.* 720 80% 4320
    refresh_pattern ^http://*.creative.ak.fbcdn.net/.* 720 80% 4320
    refresh_pattern ^http://*.static.ak.fbcdn.net/.* 720 80% 4320
    refresh_pattern ^http://*.facebook.poker.zynga.com/.* 720 80% 4320
    refresh_pattern ^http://*.statics.poker.static.zynga.com/.* 720 80% 4320
    refresh_pattern ^http://*.zynga.*/.* 720 80% 4320
    refresh_pattern ^http://*.texas_holdem.*/.* 720 80% 4320
    refresh_pattern ^http://*.google.*/.* 720 80% 4320
    refresh_pattern ^http://*.indowebster.*/.* 720 80% 4320
    refresh_pattern ^http://*.4shared.*/.* 720 80% 4320
    refresh_pattern ^http://*.yahoo.com/.* 720 80% 4320
    refresh_pattern ^http://*.yimg.*/.* 720 80% 4320
    refresh_pattern ^http://*.plasa.com/.* 720 80% 4320
    refresh_pattern ^http://*.boleh.*/.* 720 80% 4320
    refresh_pattern ^http://*.detik.*/.* 180 80% 4320
    refresh_pattern ^http://*.detikinet.*/.* 180 80% 4320
    refresh_pattern ^http://*.detikhot.*/.* 180 80% 4320
    refresh_pattern ^http://*.detiportal.*/.* 180 80% 4320
    refresh_pattern ^http://*.kompas.*/.* 180 80% 4320
    refresh_pattern ^http://*.kapanlagi.*/.* 720 80% 4320
    refresh_pattern ^http://*.google-analytics.*/.* 720 80% 4320
    
    
    # add from KtheXBeleX
    
    refresh_pattern ^http://(.*?)/get_video\? 10080 90% 999999 override-expire ignore-no-cache ignore-private
    refresh_pattern ^http://(.*?)/videoplayback\? 10080 90% 999999 override-expire ignore-no-cache ignore-private
    refresh_pattern -i (get_video\?|videoplayback\?id|videoplayback.*id) 161280 50000% 525948 override-expire ignore-reload
    
    
    # my refresh_patern
    
    # compressed
    refresh_pattern -i \.gz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.cab$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.bzip2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.bz2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.gz2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.tgz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.tar.gz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.zip$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.rar$ 1008000 90% 99999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.tar$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.ace$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.7z$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    
    # documents
    refresh_pattern -i \.xls$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.doc$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.xlsx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.docx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.pdf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.ppt$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.pptx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.rtf\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    
    # multimedia
    refresh_pattern -i \.mid$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.wav$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.viv$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.mpg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.mov$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.avi$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.asf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.qt$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.rm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.rmvb$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.mpeg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.wmp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.3gp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.mp3$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.mp4$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    
    # web content
    refresh_pattern -i \.js$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.psf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.html$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.htm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.css$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.swf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.js\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.css\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.xml$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    
    # images
    refresh_pattern -i \.gif$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.jpg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.png$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.jpeg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.bmp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.psd$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.ad$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.gif\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.jpg\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.png\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.jpeg\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.psd\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    
    # application
    refresh_pattern -i \.deb$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.rpm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.msi$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.exe$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.dmg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    
    # misc
    refresh_pattern -i \.dat$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.qtm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    
    # itunes
    refresh_pattern -i \.m4p$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.mpa$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    
    
    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    
    refresh_pattern cgi-bin	0	0%	0
    refresh_pattern \?	0	20%	4320
    refresh_pattern .	0	20%	4320
    
    storeurl_access deny all
    
    ####### ADZAPER #######
    
    redirect_program C:/squid/bin/perl.exe C:/squid/adzap/scripts/squid_redirect
    redirect_children 5
    
    ### END OF ADZAPPER ###
    
    #################################################
    # Delaypools added by imer :shakehand           #
    # default setting is disabled                   #
    # enable it by removing # mark at start of line #
    #################################################
    
    #acl time time SMTWHFA 09:00-23:59
    #acl host url_regex -i "C:/squid/etc/host.acl"
    #acl lambat url_regex -i "C:/squid/etc/lambat.acl"
    #acl download urlpath_regex -i "C:/squid/etc/download.acl"
    
    #delay_pools 3
    #delay_access 1 allow host
    #delay_access 1 deny all
    #delay_access 2 allow download time
    #delay_access 2 deny all
    #delay_access 3 allow lambat time
    #delay_access 3 deny all
    
    #delay_class 1 2
    #delay_class 2 2
    #delay_class 3 2
    
    #delay_parameters 1 -1/-1 -1/-1
    #delay_parameters 2 -1/-1 1000/100000
    #delay_parameters 3 -1/-1 1000/100000
    
    ################ END DELAYPOOLS ################
    
    http_access allow manager localhost
    http_access allow ym
    http_access allow localhost
    http_access allow localNet
    http_access deny manager
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access deny all
    http_reply_access allow all
    icp_access allow all
    
    # YouTube options.
    #quick_abort_min -1 KB
    
    # This will block other streaming media.Maybe we don't want this, but using
    # it for now.
    # hierarchy_stoplist cgi-bin ?
    # acl QUERY urlpath_regex cgi-bin \?
    # cache deny QUERY 
    cache allow all
    
    ## ANONYMITY OPTION ###
    #header_access From deny all
    #header_access Referer deny all
    #header_access Server deny all
    #header_access User-Agent deny all
    #header_access WWW-Authenticate deny all
    #header_access Link deny all
    
    		header_access Proxy-Connection deny all
    		header_access Cache-Control deny all
    		header_access X-Cache deny all
    		header_access X-Cache-Lookup deny all
    		header_access X-Powered-By deny all
    		header_access Via deny all
    #		header_access Rewrite-URL deny all
    #		header_access X-Rewrite-URL deny all
    		header_access Forwarded-For deny all
    		header_access X-Forwarder-For deny all
    #		header_access Pragma deny all
    #		header_access Keep-Alive deny all
    #### cendol donk gan ####
    
    #tcp_outgoing_tos 0x30 localnet
    zph_mode tos
    zph_local 0x30
    zph_parent 0
    zph_option 136
    mohon solusinya......para suhu2 sekalian.....
    Last edited by nitaufan; 24-07-2010 at 14:16.

  4. #4
    Status
    Offline
    lif2k3's Avatar
    Newbie
    Join Date
    Jul 2010
    Posts
    22
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by nitaufan Click here to enlarge
    Squid windows CCPB Versi 2.7 udh ada config yg agan ksh tau....

    ini squid.conf saya....
    Code:
    http_port 3128 transparent
    cache_mgr One_Stop
    forwarded_for off
    visible_hostname One_stop_Digital
    
    
    cache_mem 64 MB
    cache_dir ufs d:/squid/cache0 1000 16 256
    cache_dir ufs d:/squid/cache1 1000 16 256
    cache_dir ufs d:/squid/cache2 1000 16 256
    cache_dir ufs d:/squid/cache3 1000 16 256
    coredump_dir d:/squid
    
    #logformat squid  %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
    #logformat squidmime  %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt [%>h] [%<h]
    #logformat common %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st %Ss:%Sh
    logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
    access_log d:/squid/access.log squid
    cache_store_log none
    cache_log  d:/squid/cache.log
    
    acl apache rep_header Server ^Apache
    broken_vary_encoding allow apache
    maximum_object_size 1024000 KB
    maximum_object_size_in_memory 512 KB
    
    negative_ttl 2 minutes
    half_closed_clients off
    #cache_swap_high 100%
    #cache_swap_low 80%
    
    ipcache_size 4096
    ipcache_low 95
    ipcache_high 100
    
    memory_pools off
    reload_into_ims on
    pipeline_prefetch on
    
    acl all src 0.0.0.0/0.0.0.0
    acl localNet src 192.168.0.0/24, 192.168.1.0/24, 192.168.10.0/24, 192.168.100.0/24
    acl manager proto cache_object
    acl localhost src 127.0.0.1/255.255.255.255
    acl to_localhost dst 127.0.0.0/8
    acl SSL_ports port 443
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 # https
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl CONNECT method CONNECT
    
    # Yahoo! Messenger
    acl ym dstdomain .messenger.yahoo.com .psq.yahoo.com
    acl ym dstdomain .us.il.yimg.com .msg.yahoo.com .pager.yahoo.com
    acl ym dstdomain .rareedge.com .ytunnelpro.com .chat.yahoo.com
    acl ym dstdomain .voice.yahoo.com
    
    acl ymregex url_regex yupdater.yim ymsgr myspaceim
    
    # Other protocols Yahoo!Messenger uses ??
    acl ym dstdomain .skype.com .imvu.com
    
    
    # add from H4ck3rKu
    
    refresh_pattern ^http\:\/\/*\.facebook\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/*\.kaskus\.us\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/*\.google\.co\*.*/ 10080 90% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/*\.yahoo\.co*\.*/ 10080 90% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/.*\.windowsupdate\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/office\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/windowsupdate\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/w?xpsp[0-9]\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/w2ksp[0-9]\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/download\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/download\.macromedia\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^ftp\:\/\/ftp\.nai\.com/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/ftp\.software\.ibm\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/*\.friendster\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/*\.detik\.com\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/*\.kaskus\.us\/ 10080 80% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/*\.google\.co\*.*/ 10080 90% 43200 reload-into-ims
    refresh_pattern ^http\:\/\/*\.yahoo\.co*\.*/ 10080 90% 43200 reload-into-ims
    
    refresh_pattern ^http://*.apps.facebook.*/.* 720 80% 4320
    refresh_pattern ^http://*.profile.ak.fbcdn.net/.* 720 80% 4320
    refresh_pattern ^http://*.creative.ak.fbcdn.net/.* 720 80% 4320
    refresh_pattern ^http://*.static.ak.fbcdn.net/.* 720 80% 4320
    refresh_pattern ^http://*.facebook.poker.zynga.com/.* 720 80% 4320
    refresh_pattern ^http://*.statics.poker.static.zynga.com/.* 720 80% 4320
    refresh_pattern ^http://*.zynga.*/.* 720 80% 4320
    refresh_pattern ^http://*.texas_holdem.*/.* 720 80% 4320
    refresh_pattern ^http://*.google.*/.* 720 80% 4320
    refresh_pattern ^http://*.indowebster.*/.* 720 80% 4320
    refresh_pattern ^http://*.4shared.*/.* 720 80% 4320
    refresh_pattern ^http://*.yahoo.com/.* 720 80% 4320
    refresh_pattern ^http://*.yimg.*/.* 720 80% 4320
    refresh_pattern ^http://*.plasa.com/.* 720 80% 4320
    refresh_pattern ^http://*.boleh.*/.* 720 80% 4320
    refresh_pattern ^http://*.detik.*/.* 180 80% 4320
    refresh_pattern ^http://*.detikinet.*/.* 180 80% 4320
    refresh_pattern ^http://*.detikhot.*/.* 180 80% 4320
    refresh_pattern ^http://*.detiportal.*/.* 180 80% 4320
    refresh_pattern ^http://*.kompas.*/.* 180 80% 4320
    refresh_pattern ^http://*.kapanlagi.*/.* 720 80% 4320
    refresh_pattern ^http://*.google-analytics.*/.* 720 80% 4320
    
    
    # add from KtheXBeleX
    
    refresh_pattern ^http://(.*?)/get_video\? 10080 90% 999999 override-expire ignore-no-cache ignore-private
    refresh_pattern ^http://(.*?)/videoplayback\? 10080 90% 999999 override-expire ignore-no-cache ignore-private
    refresh_pattern -i (get_video\?|videoplayback\?id|videoplayback.*id) 161280 50000% 525948 override-expire ignore-reload
    
    
    # my refresh_patern
    
    # compressed
    refresh_pattern -i \.gz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.cab$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.bzip2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.bz2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.gz2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.tgz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.tar.gz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.zip$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.rar$ 1008000 90% 99999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.tar$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.ace$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.7z$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    
    # documents
    refresh_pattern -i \.xls$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.doc$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.xlsx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.docx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.pdf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.ppt$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.pptx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.rtf\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    
    # multimedia
    refresh_pattern -i \.mid$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.wav$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.viv$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.mpg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.mov$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.avi$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.asf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.qt$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.rm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.rmvb$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.mpeg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.wmp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.3gp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.mp3$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.mp4$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    
    # web content
    refresh_pattern -i \.js$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.psf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.html$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.htm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.css$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.swf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.js\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.css\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.xml$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    
    # images
    refresh_pattern -i \.gif$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.jpg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.png$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.jpeg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.bmp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.psd$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.ad$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.gif\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.jpg\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.png\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.jpeg\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.psd\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    
    # application
    refresh_pattern -i \.deb$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.rpm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.msi$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.exe$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.dmg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    
    # misc
    refresh_pattern -i \.dat$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.qtm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    
    # itunes
    refresh_pattern -i \.m4p$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i \.mpa$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
    
    
    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    
    refresh_pattern cgi-bin	0	0%	0
    refresh_pattern \?	0	20%	4320
    refresh_pattern .	0	20%	4320
    
    storeurl_access deny all
    
    ####### ADZAPER #######
    
    redirect_program C:/squid/bin/perl.exe C:/squid/adzap/scripts/squid_redirect
    redirect_children 5
    
    ### END OF ADZAPPER ###
    
    #################################################
    # Delaypools added by imer :shakehand           #
    # default setting is disabled                   #
    # enable it by removing # mark at start of line #
    #################################################
    
    #acl time time SMTWHFA 09:00-23:59
    #acl host url_regex -i "C:/squid/etc/host.acl"
    #acl lambat url_regex -i "C:/squid/etc/lambat.acl"
    #acl download urlpath_regex -i "C:/squid/etc/download.acl"
    
    #delay_pools 3
    #delay_access 1 allow host
    #delay_access 1 deny all
    #delay_access 2 allow download time
    #delay_access 2 deny all
    #delay_access 3 allow lambat time
    #delay_access 3 deny all
    
    #delay_class 1 2
    #delay_class 2 2
    #delay_class 3 2
    
    #delay_parameters 1 -1/-1 -1/-1
    #delay_parameters 2 -1/-1 1000/100000
    #delay_parameters 3 -1/-1 1000/100000
    
    ################ END DELAYPOOLS ################
    
    http_access allow manager localhost
    http_access allow ym
    http_access allow localhost
    http_access allow localNet
    http_access deny manager
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access deny all
    http_reply_access allow all
    icp_access allow all
    
    # YouTube options.
    #quick_abort_min -1 KB
    
    # This will block other streaming media.Maybe we don't want this, but using
    # it for now.
    # hierarchy_stoplist cgi-bin ?
    # acl QUERY urlpath_regex cgi-bin \?
    # cache deny QUERY 
    cache allow all
    
    ## ANONYMITY OPTION ###
    #header_access From deny all
    #header_access Referer deny all
    #header_access Server deny all
    #header_access User-Agent deny all
    #header_access WWW-Authenticate deny all
    #header_access Link deny all
    
    		header_access Proxy-Connection deny all
    		header_access Cache-Control deny all
    		header_access X-Cache deny all
    		header_access X-Cache-Lookup deny all
    		header_access X-Powered-By deny all
    		header_access Via deny all
    #		header_access Rewrite-URL deny all
    #		header_access X-Rewrite-URL deny all
    		header_access Forwarded-For deny all
    		header_access X-Forwarder-For deny all
    #		header_access Pragma deny all
    #		header_access Keep-Alive deny all
    #### cendol donk gan ####
    
    #tcp_outgoing_tos 0x30 localnet
    zph_mode tos
    zph_local 0x30
    zph_parent 0
    zph_option 136
    mohon solusinya......para suhu2 sekalian.....
    maaf gan, squidNT tidak dukung fitur ZPH, jadi ga bisa ditangkap oleh mangle (DSCP=12 atau TOS=48).

  5. #5
    Status
    Offline
    lif2k3's Avatar
    Newbie
    Join Date
    Jul 2010
    Posts
    22
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Maaf gan, squid NT tidak dukung fitur ZPH, jd ga bisa ditangkap rule mangle (DSCP/TOS).

  6. The Following User Says Thank You to lif2k3 For This Useful Post:


  7. #6
    Status
    Offline
    keblux's Avatar
    Member Senior
    Join Date
    Nov 2009
    Location
    ǝɹǝɥʍ ou ɟo ǝlppıɯ ǝɥʇ uı
    Posts
    452
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    squid di NT/windows emang blum support DSCP/TOS jadi untuk nangkep HIT nya coba pake layer7. alternatifnya.

    Code:
    http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(x-cache: hit)

  8. #7
    Status
    Offline
    nitaufan's Avatar
    Member
    Join Date
    Apr 2008
    Posts
    154
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    Terima kasih untuk semua nya yang udah mau kasih solusinya....akhirnya saya install ulang proxy server menggunakan squid 2.7 di ubuntu server. Click here to enlargeClick here to enlargeClick here to enlarge tp saya menemukan masalah pada queue nya...

    Setting manggle
    Code:
    [admin@MikroTik] /ip firewall mangle> print 
    Flags: X - disabled, I - invalid, D - dynamic 
     0   ;;; Proxy
         chain=prerouting action=mark-packet new-packet-mark=proxy-hit passthrough=no protocol=tcp dscp=12 
    
     1   ;;; Rule Pisah Bandwidth Browsing dan Game
         chain=prerouting action=mark-connection new-connection-mark=koneksi iix passthrough=yes dst-address-list=iix in-interface=local 
    
     2   chain=prerouting action=mark-packet new-packet-mark=paket iix passthrough=no connection-mark=koneksi iix 
    
     3   chain=output action=mark-packet new-packet-mark=paket iix passthrough=no connection-mark=koneksi iix 
    
     4   chain=prerouting action=mark-packet new-packet-mark=paket int passthrough=no 
    
     5   chain=output action=mark-packet new-packet-mark=paket int passthrough=no 
    
     6 X ;;; Proxy_HIT
         chain=forward action=mark-connection new-connection-mark=proxy-hit passthrough=yes protocol=tcp in-interface=Linux Proxy Server out-interface=local 
    
     7 X chain=forward action=mark-packet new-packet-mark=proxy-hit passthrough=no protocol=tcp in-interface=Linux Proxy Server out-interface=local 
         connection-mark=proxy-hit 
    
     8 X ;;; Squid
         chain=forward action=mark-packet new-packet-mark=proxy-hit passthrough=no
    ini settingan queue nya
    Code:
    [admin@MikroTik] /queue simple> print 
    Flags: X - disabled, I - invalid, D - dynamic 
     0    name="Proxy" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=proxy-hit direction=both priority=1 queue=default-small/default-small 
          limit-at=0/0 max-limit=0/0 burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 
    
     1    name="ikbal iix" target-addresses=192.168.0.2/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=paket iix direction=both priority=8 
          queue=default-small/default-small limit-at=10k/64k max-limit=32k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 
    
     2    name="ikbal int" target-addresses=192.168.0.2/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=paket int direction=both priority=8 
          queue=default-small/default-small limit-at=0/0 max-limit=32k/256k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 
    
     3    name="riko - iix" target-addresses=192.168.0.20/32,192.168.0.5/32,192.168.0.18/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=paket iix 
          direction=both priority=8 queue=default-small/default-small limit-at=10k/64k max-limit=10k/64k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 
          total-queue=default-small 
    
     4    name="riko - int" target-addresses=192.168.0.20/32,192.160.0.5/32,192.168.0.18/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=paket int 
          direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/256k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 
          total-queue=default-small 
    
     5    name="ayu - iix" target-addresses=192.168.0.4/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=paket iix direction=both priority=8 
          queue=default-small/default-small limit-at=10k/64k max-limit=10k/64k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 
    
     6    name="ayu - int" target-addresses=192.168.0.4/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=paket int direction=both priority=8 
          queue=default-small/default-small limit-at=0/0 max-limit=32k/256k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 
    
     7    name="lutfi-iix" target-addresses=192.168.0.6/32,192.168.0.22/32,192.168.0.7/32,192.168.0.15/32,192.168.0.29/32 dst-address=0.0.0.0/0 interface=all 
          parent=none packet-marks=paket iix direction=both priority=8 queue=default-small/default-small limit-at=10k/64k max-limit=10k/64k burst-limit=0/0 
          burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 
    
     8    name="lutfi-int" target-addresses=192.168.0.6/32,192.168.0.22/32,192.168.0.7/32,192.168.0.15/32,192.168.0.29/32 dst-address=0.0.0.0/0 interface=all 
          parent=none packet-marks=paket int direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/256k burst-limit=0/0 
          burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 
    
     9    name="ibnu - iix" target-addresses=192.168.0.10/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=paket iix direction=both priority=8 
          queue=default-small/default-small limit-at=10k/64k max-limit=20k/200k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 
    
    10    name="ibnu - int" target-addresses=192.168.0.10/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=paket int direction=both priority=8 
          queue=default-small/default-small limit-at=0/0 max-limit=32k/256k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
    Click here to enlarge

    Di mangle traffic Hit nya sudah tertangkap dengan baik tetapi di queue nya tidak ada pergerakkan sama sekali Sebagai informasi saya juga menggunakan rule pemisahan gateway untuk browsing(ix) dan khusus game online(iix) pada mangle nya dan bisa di lihat pada rule mangle yang sudah saya kasih....

    Topologi (Squid Sejajar dengan Mikrotik)

    Code:
     Speedy1 (Browsing,Download,chatting,dll)           
                       |                          
                       |                   Speedy2 (Khusus game online saja)
                       |                        |                                      
                       |--------------------MIKROTIK------------Squid Proxy
                                                |
                                                |
                                                |
                                             Switch
                                                |
                                                |
                                      Client1,Client2, dsb
    Mohon bimbingan dan solusinya para master2 mikrotik Click here to enlarge.....Click here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlarge
    Last edited by nitaufan; 25-07-2010 at 08:50.

  9. #8
    Status
    Offline
    karaeng's Avatar
    VIP Member
    Join Date
    Jun 2010
    Posts
    958
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by nitaufan Click here to enlarge
    Terima kasih untuk semua nya yang udah mau kasih solusinya....akhirnya saya install ulang proxy server menggunakan squid 2.7 di ubuntu server. Click here to enlargeClick here to enlargeClick here to enlarge tp saya menemukan masalah pada queue nya...

    Setting manggle
    Code:
    [admin@MikroTik] /ip firewall mangle> print 
    Flags: X - disabled, I - invalid, D - dynamic 
     0   ;;; Proxy
         chain=prerouting action=mark-packet new-packet-mark=proxy-hit passthrough=no protocol=tcp dscp=12 
    
     1   ;;; Rule Pisah Bandwidth Browsing dan Game
         chain=prerouting action=mark-connection new-connection-mark=koneksi iix passthrough=yes dst-address-list=iix in-interface=local 
    
     2   chain=prerouting action=mark-packet new-packet-mark=paket iix passthrough=no connection-mark=koneksi iix 
    
     3   chain=output action=mark-packet new-packet-mark=paket iix passthrough=no connection-mark=koneksi iix 
    
     4   chain=prerouting action=mark-packet new-packet-mark=paket int passthrough=no 
    
     5   chain=output action=mark-packet new-packet-mark=paket int passthrough=no 
    
     6 X ;;; Proxy_HIT
         chain=forward action=mark-connection new-connection-mark=proxy-hit passthrough=yes protocol=tcp in-interface=Linux Proxy Server out-interface=local 
    
     7 X chain=forward action=mark-packet new-packet-mark=proxy-hit passthrough=no protocol=tcp in-interface=Linux Proxy Server out-interface=local 
         connection-mark=proxy-hit 
    
     8 X ;;; Squid
         chain=forward action=mark-packet new-packet-mark=proxy-hit passthrough=no
    ini settingan queue nya
    Code:
    [admin@MikroTik] /queue simple> print 
    Flags: X - disabled, I - invalid, D - dynamic 
     0    name="Proxy" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=proxy-hit direction=both priority=1 queue=default-small/default-small 
          limit-at=0/0 max-limit=0/0 burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 
    
     1    name="ikbal iix" target-addresses=192.168.0.2/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=paket iix direction=both priority=8 
          queue=default-small/default-small limit-at=10k/64k max-limit=32k/128k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 
    
     2    name="ikbal int" target-addresses=192.168.0.2/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=paket int direction=both priority=8 
          queue=default-small/default-small limit-at=0/0 max-limit=32k/256k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 
    
     3    name="riko - iix" target-addresses=192.168.0.20/32,192.168.0.5/32,192.168.0.18/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=paket iix 
          direction=both priority=8 queue=default-small/default-small limit-at=10k/64k max-limit=10k/64k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 
          total-queue=default-small 
    
     4    name="riko - int" target-addresses=192.168.0.20/32,192.160.0.5/32,192.168.0.18/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=paket int 
          direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/256k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s 
          total-queue=default-small 
    
     5    name="ayu - iix" target-addresses=192.168.0.4/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=paket iix direction=both priority=8 
          queue=default-small/default-small limit-at=10k/64k max-limit=10k/64k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 
    
     6    name="ayu - int" target-addresses=192.168.0.4/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=paket int direction=both priority=8 
          queue=default-small/default-small limit-at=0/0 max-limit=32k/256k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 
    
     7    name="lutfi-iix" target-addresses=192.168.0.6/32,192.168.0.22/32,192.168.0.7/32,192.168.0.15/32,192.168.0.29/32 dst-address=0.0.0.0/0 interface=all 
          parent=none packet-marks=paket iix direction=both priority=8 queue=default-small/default-small limit-at=10k/64k max-limit=10k/64k burst-limit=0/0 
          burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 
    
     8    name="lutfi-int" target-addresses=192.168.0.6/32,192.168.0.22/32,192.168.0.7/32,192.168.0.15/32,192.168.0.29/32 dst-address=0.0.0.0/0 interface=all 
          parent=none packet-marks=paket int direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=32k/256k burst-limit=0/0 
          burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 
    
     9    name="ibnu - iix" target-addresses=192.168.0.10/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=paket iix direction=both priority=8 
          queue=default-small/default-small limit-at=10k/64k max-limit=20k/200k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small 
    
    10    name="ibnu - int" target-addresses=192.168.0.10/32 dst-address=0.0.0.0/0 interface=all parent=none packet-marks=paket int direction=both priority=8 
          queue=default-small/default-small limit-at=0/0 max-limit=32k/256k burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s total-queue=default-small
    Click here to enlarge

    Di mangle traffic Hit nya sudah tertangkap dengan baik tetapi di queue nya tidak ada pergerakkan sama sekali Sebagai informasi saya juga menggunakan rule pemisahan gateway untuk browsing(ix) dan khusus game online(iix) pada mangle nya dan bisa di lihat pada rule mangle yang sudah saya kasih....

    Topologi (Squid Sejajar dengan Mikrotik)

    Code:
     Speedy1 (Browsing,Download,chatting,dll)           
                       |                          
                       |                   Speedy2 (Khusus game online saja)
                       |                        |                                      
                       |--------------------MIKROTIK------------Squid Proxy
                                                |
                                                |
                                                |
                                             Switch
                                                |
                                                |
                                      Client1,Client2, dsb
    Mohon bimbingan dan solusinya para master2 mikrotik Click here to enlarge.....Click here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlarge
    coba di buatkan Rule LOSS proxy dulu...
    klo ketangkap di mangle dan simple Queu, artinya masalah di rule mangle untuk proxy HIT kamu

    coba di buat lebih spesifik fi mangle HITnya
    Code:
    chain=forward action=mark-connection new-connection-mark=HIT 
         passthrough=yes protocol=tcp in-interface=Proxy 
         out-interface=Lokal src-port=3128 dscp=12

  10. #9
    Status
    Offline
    nitaufan's Avatar
    Member
    Join Date
    Apr 2008
    Posts
    154
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0

    Talking

    Click here to enlarge Originally Posted by karaeng Click here to enlarge
    coba di buatkan Rule LOSS proxy dulu...
    klo ketangkap di mangle dan simple Queu, artinya masalah di rule mangle untuk proxy HIT kamu

    coba di buat lebih spesifik fi mangle HITnya
    Code:
    chain=forward action=mark-connection new-connection-mark=HIT 
         passthrough=yes protocol=tcp in-interface=Proxy 
         out-interface=Lokal src-port=3128 dscp=12
    Udah di buat bos...dan ketangkep di mangle nya...trus buat simple queue nya gimana??????

    nih screen capture HIT Proxy nya
    Click here to enlarge

    Mohon solusinya.....

  11. #10
    Status
    Offline
    karaeng's Avatar
    VIP Member
    Join Date
    Jun 2010
    Posts
    958
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by nitaufan Click here to enlarge
    Udah di buat bos...dan ketangkep di mangle nya...trus buat simple queue nya gimana??????

    nih screen capture HIT Proxy nya
    Click here to enlarge

    Mohon solusinya.....
    yah... klo dah ketangkap artinya dah jalan tuh
    tinggal loe tambahin rule packet aja, biar bisa di terapkan di simple queue
    emank di simple tuh, nga bakalan klihatan.....
    klo lihat yah, tes di kompi client, browser ato buka poker... trus clear cokies, buka poker lagi, klo dah ngacir, artinya dah tersimpan di proxy...

    ato gini...
    coba lo batasin ajaa di simple nya
    ngasih Max Limit 64k pada up dan down nya...
    trus coba browsing, klo simplenya berwarna merah ato kuning, artinya rulenya dah berfungsi.......

  12. The Following User Says Thank You to karaeng For This Useful Post:


  13. #11
    Status
    Offline
    nitaufan's Avatar
    Member
    Join Date
    Apr 2008
    Posts
    154
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by karaeng Click here to enlarge
    yah... klo dah ketangkap artinya dah jalan tuh
    tinggal loe tambahin rule packet aja, biar bisa di terapkan di simple queue
    emank di simple tuh, nga bakalan klihatan.....
    klo lihat yah, tes di kompi client, browser ato buka poker... trus clear cokies, buka poker lagi, klo dah ngacir, artinya dah tersimpan di proxy...

    ato gini...
    coba lo batasin ajaa di simple nya
    ngasih Max Limit 64k pada up dan down nya...
    trus coba browsing, klo simplenya berwarna merah ato kuning, artinya rulenya dah berfungsi.......
    Thanks bro.....iya bener pas ane kasih limit jd 64 K jadi merah....brarti Problem Solved....

    Skali lagi makasih........Click here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlarge

  14. #12
    Status
    Offline
    karaeng's Avatar
    VIP Member
    Join Date
    Jun 2010
    Posts
    958
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by nitaufan Click here to enlarge
    Thanks bro.....iya bener pas ane kasih limit jd 64 K jadi merah....brarti Problem Solved....

    Skali lagi makasih........Click here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlargeClick here to enlarge
    sama2 gan...
    namanya juga lagi belajar...........
    skrang tinggal lepasin Limitnya buat Proxy HITnya....

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 22
    Last Post: 07-07-2013, 10:47
  2. [ASK] Efek Marking pada Mangle yang tidak di pakai
    By shy_evsa in forum General Networking
    Replies: 8
    Last Post: 19-06-2010, 06:30
  3. ask priority mangle
    By john_0ng80 in forum Beginner Basics
    Replies: 1
    Last Post: 08-02-2010, 23:06
  4. Replies: 3
    Last Post: 31-12-2009, 19:29
  5. mangle gak jalan ?
    By rendyka in forum General Networking
    Replies: 5
    Last Post: 19-08-2008, 10:02

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •