On 8/10/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Quoting Gatra Wikan <[EMAIL PROTECTED]>: > > > Pada tanggal 10/08/07, [EMAIL PROTECTED] > > <[EMAIL PROTECTED]> menulis: > > > > > > > coba pastekan isi > > > > > > > > /etc/squid/squid.conf > > > > > > > > dan > > > > > > > > /etc/shorewall/rules > > > > > > > Dah trace di > > > /etc/squid/squid.conf sama /etc/shorewall/rules mungkin ada yang boleh > > ngasih > > > contoh rules shorewall atau port mana yang mesti dibuka > > > > > > /etc/shorewall/rules > > > > > > #Transparent proxy > > > REDIRECT loc 3128 tcp > > > www > > > - > > > ACCEPT $FW net tcp > > > www > > > > > > #Accept DNS connections from the firewall to the network > > > DNS/ACCEPT $FW net > > > DNS/ACCEPT net $FW > > > DNS/ACCEPT loc net > > > DNS/ACCEPT $FW loc > > > DNS/ACCEPT loc $FW > > > > > > #Accept SSH connections from local network for administration > > > SSH/ACCEPT loc $FW > > > SSH/ACCEPT net $FW > > > SSH/ACCEPT loc net > > > SSH/ACCEPT $FW loc > > > > > > #Allow Ping from local network > > > Ping/ACCEPT loc $FW > > > > > > #Reject Ping from "bad" net zone.. and prevent your log from being > > flooded.. > > > #Ping/REJECT net $FW > > > ACCEPT net $FW > > > ACCEPT $FW loc icmp > > > ACCEPT $FW net icmp > > > ACCEPT loc $FW icmp > > > ACCEPT loc net icmp > > > > > > #Web > > > Web/ACCEPT loc net > > > > > > #Mail > > > POP3/ACCEPT loc net > > > SMTP/ACCEPT loc net > > > ICQ/ACCEPT loc net > > > > > > #others rules > > > ACCEPT loc net tcp > > 2082,2095 > > > ACCEPT loc net tcp 5050 > > > > > > > > > /etc/squid/squid.conf > > > > > > acl our_networks src 192.168.2.0.0.0/24 > > > http_access allow our_networks > > > > > > httpd_accel_port 80 > > > httpd_accel_host virtual > > > httpd_accel_with_proxy on > > > httpd_accel_uses_host_header on > > > > > > yang lain masih ikutin default. mohon pencerahan ke suhu semua > > > > > > > > > > > > > > > -------------------------------------------------------------- > > > This mail sent through Bina Nusantara Student Webmail Services > > > (http://webmail.student.binus.ac.id) > > > > > > > > > -- > > > FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab > > > Unsubscribe: kirim email ke [EMAIL PROTECTED] > > > Arsip dan info milis selengkapnya di http://linux.or.id/milis > > > > > > > > > > coba buka port httpsnya soalnya sekarang semua halaman login e-mail pakai > > https. > > -- > di squid kan default dah di buka mas apakah di firewall ditambahkan juga > > > > -------------------------------------------------------------- > This mail sent through Bina Nusantara Student Webmail Services > (http://webmail.student.binus.ac.id) > > > -- > FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab > Unsubscribe: kirim email ke [EMAIL PROTECTED] > Arsip dan info milis selengkapnya di http://linux.or.id/milis > >
secara default, shorewall sudah bisa untuk ip forward dan trafik loc ke net langsung bisa dilakukan tanpa perlu menggunakan rulu khusus untuk transparent proxy rulenya udah bener, jika ini shorewall + squid dalam satu komputer REDIRECT loc 3128 tcp www untuk fw dimana shorewall terinstall, coba ubah bagian ini ACCEPT $FW net tcp www ke ACCEPT $FW net tcp all trus lakukan restart pada shorewallnya, o iya rule lainnya gak usah di ubah gpp, emang perlu kan ? kalo gak perlu di hapus aja :D -- ------RoKR E2 juga Linux---------- http://wiki.openezx.org/Rokr_E2 --------------------------------------------- bayu - mandriva - other Linux at http://bayuart.wordpress.com -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [EMAIL PROTECTED] Arsip dan info milis selengkapnya di http://linux.or.id/milis