Dear all, Temen saya ingin minta tolong bagaimana cara blok situs tertentu di warnet saya di misalnya situs dewasa ,di net
saya mengguanakan mikrotik RB750G dan proxy squid sebagai transparent saya sudah mencoba untuk blok hasilnya berhasil tetapi untuk game online seperti Point Blank dll dan situs2 tertentu seperti facebook dll tidak bisa terbuka ,saya liat di log squidnya keterangannya seperti berikut: TCP_DENIED/403 1712 GET http://file.pb.gemscool.com/gamepatch/2011-04-04_17-01-17/Gui/Image/announce.xml.zip - NONE/- text/html Berikut saya lampirkan settingan dari mikrotik dan squid nya sbb 1 .mikrotik /ip firewall nat add action=dst-nat chain=dstnat comment="transparent proxy" disabled=no \ dst-address-list=!proxyNET dst-port=80,8080,3128 protocol=tcp src-address=!192.168.3.x \ to-addresses=192.168.3.x to-ports=3128 2 squid.conf http_port 3128 transparent cache_mem 8 MB server_http11 on pid_filename /var/run/squid.pid coredump_dir /var/spool/squid/ error_directory /usr/share/squid/errors/English icon_directory /usr/share/squid/icons mime_table /usr/share/squid/mime.conf maximum_object_size_in_memory 32 KB memory_replacement_policy heap GDSF cache_replacement_policy heap LFUDA maximum_object_size 4096 MB cache_swap_low 98% cache_swap_high 99% cache_dir aufs /squid 50000 64 256 access_log /var/log/squid/access.log cache_log /var/log/squid/cache.log cache_log /dev/null cache_store_log /dev/null redirect_rewrites_host_header off acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl Safe_ports port 80 21 443 563 70 210 1025-65535 acl Safe_ports port 280 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl CONNECT method CONNECT acl dynamic urlpath_regex cgi-bin \? acl all src 0.0.0.0/0 acl jaringan src 192.168.1.0/24 acl domain-blacklist dstdomain "/etc/squid/blacklist/domain-blacklist" acl kata-blacklist url_regex -i "/etc/squid/blacklist/kata-blacklist" http_access deny domain-blacklist http_access deny kata-blacklist http_access allow jaringan http_access allow manager http_access allow localhost http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny all http_reply_access allow all snmp_port 3401 acl snmppublic snmp_community public snmp_access allow snmppublic all acl admin src 192.168.1.12/32 acl management src 192.168.1.13/32 acl download url_regex -i \.avi$ \.mpg$ \.mpeg$ \.rm$ \.iso$ \.wav$ \.mov$ \.dat$ \.mpe$ \.mid$ \.flv$ \.3gp$ acl download url_regex -i ftp \.exe$ \.mp3$ \.mp4$ \.tar.gz$ \.gz$ \.tar.bz2$ \.rpm$ \.zip$ \.rar$ acl download url_regex -i \.midi$ \.rmi$ \.wma$ \.wmv$ \.ogg$ \.ogm$ \.m1v$ \.mp2$ \.mpa$ \.wax$ acl download url_regex -i \.m3u$ \.asx$ \.wpl$ \.wmx$ \.dvr-ms$ \.snd$ \.au$ \.aif$ \.asf$ \.m2v$ acl download url_regex -i \.m2p$ \.ts$ \.tp$ \.trp$ \.div$ \.divx$ \.mod$ \.vob$ \.aob$ \.dts$ acl download url_regex -i \.ac3$ \.cda$ \.vro$ \.deb$ \.mkv$ delay_pools 2 delay_class 1 1 delay_parameters 1 -1/-1 delay_access 1 allow admin delay_access 1 allow admin management delay_access 1 deny all delay_class 2 1 delay_parameters 2 40000/5000000 delay_access 2 allow download delay_access 2 deny all Mohon bantuan ya temen2 ,sebelumnya saya ucapkan terima kasih . salam Hendro ______________________________________________ --- Info Milis : http://opensuse.or.id/milis Keluar dari Milis : Kirim email ke [email protected] Manajemen Keanggotaan : http://lists.opensuse-id.org/listinfo.cgi/milis-opensuse-id.org
