Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 10 of 10
  1. #1
    Status
    Offline
    dorisbanget's Avatar
    Calon Member
    Join Date
    Oct 2011
    Posts
    75
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0

    squidproxy+webserver+internet

    mau tanya nich kenapa ya aku pasang webserver + squid proxy di ubuntu server 11.04 ko kacau ya tak pasang NAT dan mangel nya kok malah gak ngecache ya dan kalau mangelnya di disable ngecache tapi webservernya kelimit....nah mau nya gini aku internet ke limit tapi webserver lokal loss dan proxy losss gitu mohon pecerahannya terima kasih

  2. #2
    Status
    Offline
    boled's Avatar
    Member
    Join Date
    Aug 2009
    Location
    Cilacap
    Posts
    246
    Reviews
    Read 0 Reviews
    Downloads
    14
    Uploads
    1
    Feedback Score
    0
    jawaban di mari gan...
    kep learning by doing gan..

  3. #3
    Status
    Offline
    dorisbanget's Avatar
    Calon Member
    Join Date
    Oct 2011
    Posts
    75
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    gak ada penjelasannya gan maklum newbie

  4. #4
    Status
    Offline
    boled's Avatar
    Member
    Join Date
    Aug 2009
    Location
    Cilacap
    Posts
    246
    Reviews
    Read 0 Reviews
    Downloads
    14
    Uploads
    1
    Feedback Score
    0
    pelan2 gan...
    logika nya sama gan dengan tread diatas.
    simple nya pada saat bikin nat ke proxy berikan pengecualiaan pada ip dan port pada webserver. (bisa dengan memodifikasi port webserver ato dengan membuat rule con mark di mikrotik.)
    selamat mencoba gan

  5. #5
    Status
    Offline
    dorisbanget's Avatar
    Calon Member
    Join Date
    Oct 2011
    Posts
    75
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    bisa kasih contoh nya dong

  6. #6
    Status
    Offline
    vgate's Avatar
    Forum Guru
    Join Date
    Apr 2008
    Posts
    2,624
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    11 (100%)
    dibabar saja setting dan topologinya mungkin kawan2 yang lain bisa lebih jelas

  7. #7
    Status
    Offline
    dorisbanget's Avatar
    Calon Member
    Join Date
    Oct 2011
    Posts
    75
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    ;;; :::HOTSPOT:::
    chain=dstnat action=dst-nat to-addresses=192.168.4.2 to-ports=3128
    protocol=tcp src-address=192.168.5.0/24 in-interface=hotspot dst-port=80

    ;;; :::LOKAL:::
    chain=dstnat action=dst-nat to-addresses=192.168.4.2 to-ports=3128
    protocol=tcp src-address=192.168.3.0/24 in-interface=local dst-port=80

    ;;; :WEBSERVER::::::
    chain=dstnat action=dst-nat to-addresses=192.168.4.2 to-ports=82
    protocol=tcp dst-address=192.168.4.2 dst-port=82

    webserver lokal tak gabungin satu sama proxy dan port nya tak ganti menjadi 82 untuk webserver lokal

    /ip fi ma
    chain=forward action=mark-packet new-packet-mark=webserver passthrough=no
    protocol=tcp in-interface=proxy src-port=82

    chain=forward action=mark-packet new-packet-mark=webserver passthrough=no
    protocol=tcp out-interface=proxy dst-port=82

    jadi gini masalahnnya benwidth weblokal loss proxy loss tapi internetnya bisa di limit. limitnya di lokal sama hotspot...... kira kira gimana nich....setingnya oh y dan satu lagi kalau nat di aktifin untuk webservernya proxy gak mau ngeche yang dari internet mohon pencerahan.......suhu suhu

  8. #8
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,696
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by dorisbanget Click here to enlarge
    ........................
    ;;; :WEBSERVER::::::
    chain=dstnat action=dst-nat to-addresses=192.168.4.2 to-ports=82
    protocol=tcp dst-address=192.168.4.2 dst-port=82

    /ip fi ma
    chain=forward action=mark-packet new-packet-mark=webserver passthrough=no
    protocol=tcp in-interface=proxy src-port=82

    chain=forward action=mark-packet new-packet-mark=webserver passthrough=no
    protocol=tcp out-interface=proxy dst-port=82
    kalo untuk model gitu.. saya rasa ga perlu pake nat.., kenapa?? cukup ketik 192.168.4.2:82.. selesai..

    tapi pake port 80 langsung juga gpp kenapa??

    karena port proxy 3128

    kalo itu cukup begini nat nya..

    chain=dstnat action=dst-nat to-addresses=192.168.4.2 to-ports=3128
    protocol=tcp src-address=192.168.5.0/24 dst-address=!192.168.4.2 in-interface=hotspot dst-port=80

    trus untuk mangle.. kalo squid ZPH tos 0x30

    untuk loss hit
    chain=forward action=mark-connection src-port=3128 new-connection-mark=proxy passthrough=yes in-interface=proxy
    chain=forward action=mark-packet connection-mark=proxy new-packet-mark=hit-hotspot DSCP=12 passthrough=no in-interface=proxy dst-address=192.168.3.0/24
    chain=forward action=mark-packet connection-mark=proxy new-packet-mark=hit-lokal DSCP=12 passthrough=no in-interface=proxy dst-address=192.168.5.0/24

    untuk loss web server
    chain=forward action=mark-connection src-port=80 new-connection-mark=webserver passthrough=yes in-interface=proxy
    chain=forward action=mark-packet connection-mark=webserver new-packet-mark=web-hotspot passthrough=no in-interface=proxy dst-address=192.168.3.0/24
    chain=forward action=mark-packet connection-mark=webserver new-packet-mark=web-lokal passthrough=no in-interface=proxy dst-address=192.168.5.0/24

    cara yang sama bisa digunakan untuk upload.. karena jika upload dilimit.. maka download juga ga bisa maksimall

    buatkan queue tree dengan parent global out
    per klien di limit di queue simple, ini metode sederhana untuk hit tanpa menguras banyak resource.. demikian..
    trus..

    dicoba aj..

    demikian..

  9. The Following User Says Thank You to Anto.PJ For This Useful Post:


  10. #9
    Status
    Offline
    dorisbanget's Avatar
    Calon Member
    Join Date
    Oct 2011
    Posts
    75
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by Anto.PJ Click here to enlarge
    kalo untuk model gitu.. saya rasa ga perlu pake nat.., kenapa?? cukup ketik 192.168.4.2:82.. selesai..

    tapi pake port 80 langsung juga gpp kenapa??

    karena port proxy 3128

    kalo itu cukup begini nat nya..

    chain=dstnat action=dst-nat to-addresses=192.168.4.2 to-ports=3128
    protocol=tcp src-address=192.168.5.0/24 dst-address=!192.168.4.2 in-interface=hotspot dst-port=80

    trus untuk mangle.. kalo squid ZPH tos 0x30

    untuk loss hit
    chain=forward action=mark-connection src-port=3128 new-connection-mark=proxy passthrough=yes in-interface=proxy
    chain=forward action=mark-packet connection-mark=proxy new-packet-mark=hit-hotspot DSCP=12 passthrough=no in-interface=proxy dst-address=192.168.3.0/24
    chain=forward action=mark-packet connection-mark=proxy new-packet-mark=hit-lokal DSCP=12 passthrough=no in-interface=proxy dst-address=192.168.5.0/24

    untuk loss web server
    chain=forward action=mark-connection src-port=80 new-connection-mark=webserver passthrough=yes in-interface=proxy
    chain=forward action=mark-packet connection-mark=webserver new-packet-mark=web-hotspot passthrough=no in-interface=proxy dst-address=192.168.3.0/24
    chain=forward action=mark-packet connection-mark=webserver new-packet-mark=web-lokal passthrough=no in-interface=proxy dst-address=192.168.5.0/24

    cara yang sama bisa digunakan untuk upload.. karena jika upload dilimit.. maka download juga ga bisa maksimall

    buatkan queue tree dengan parent global out
    per klien di limit di queue simple, ini metode sederhana untuk hit tanpa menguras banyak resource.. demikian..
    trus..

    dicoba aj..

    demikian..


    jadi gak pakek chain=postrouting action=mark-packet new-packet-mark=hit-proxy passthrough=no dscp=12
    ;;; :::HOTSPOT:::
    chain=dstnat action=dst-nat to-addresses=192.168.4.2 to-ports=3128
    protocol=tcp src-address=192.168.5.0/24 in-interface=hotspot dst-port=80

    ;;; :::LOKAL:::
    chain=dstnat action=dst-nat to-addresses=192.168.4.2 to-ports=3128
    protocol=tcp src-address=192.168.3.0/24 in-interface=local dst-port=80

    yang ini NAT proxy squid gan

  11. #10
    Status
    Offline
    masdidit57's Avatar
    Member
    Join Date
    Jul 2008
    Location
    Papua
    Posts
    139
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Makasih bang...emang jalan lho...SepppClick here to enlarge

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. <Ask> webserver gak bisa diakses dr lan
    By officeboy in forum General Networking
    Replies: 5
    Last Post: 23-03-2011, 14:42
  2. [ASk] webserver berbasis ISP FM
    By realgame21 in forum Beginner Basics
    Replies: 1
    Last Post: 30-05-2010, 19:42
  3. Replies: 3
    Last Post: 23-10-2009, 11:24
  4. Webserver DNS problem
    By adeishere in forum General Networking
    Replies: 3
    Last Post: 06-09-2008, 12:10

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •