Ok sekarang sudah bisa. Terima kasih atas bantuan mas2 dan mbak2 jogxer sekalian
Regards subarkah hudan dinullah wrote: > > squid yg sampeyan gunakan versi berapa mas?? > klo versi 2.6 kebawah option transparentnya sebagai > berikut : > httpd_accel_host virtual > httpd_accel_port 80 > httpd_accel_with_proxy on > httpd_accel_uses_host_header on > > klo versi 2.6 keatas konfigurasinya : > http_port 8080 transparent > > lalu restart squidnya, cba dibrowser secara manual > dulu, lihat log accesnya.. jika berjalan normal bru > set firewallnya seperti yg td.. > > beberapa referensi > http://www.cyberciti.biz/tips/linux-setup-transparent-proxy-squid-howto.html > <http://www.cyberciti.biz/tips/linux-setup-transparent-proxy-squid-howto.html> > http://r3dluv.wordpress.com/2007/03/01/setting-transparent-proxy/ > <http://r3dluv.wordpress.com/2007/03/01/setting-transparent-proxy/> > > moga membantu > > --- Johanes Joko <[EMAIL PROTECTED] <mailto:sijhe95%40gmail.com>> menulis: > > > Terima kasih atas pencerahannya Mas Subarkah tapi > > waktu saya coba malah > > error spt ini > > FATAL: Bungled squid.conf line 55: http_port 8080 > > transparent > > kemudian waktu saya set iptablesnya spt saran mas > > koneksi ke internet jg > > eror > > Mohon pencerahannya > > > > Terima kasih > > > > subarkah hudan dinullah wrote: > > > > > > coba bikin transparant aja mas squidnya, edit > > konfigurasi squid dan > > > tambahkan konfigurasi berikut "http_port 8080 > > transparent" > > > setelah itu set iptablesnya sebagai berikut : > > > > > > # redirect to squid-http > > > /sbin/iptables -t nat -A PREROUTING -p tcp --dport > > 80 -j REDIRECT > > > --to-port 8080 > > > /sbin/iptables -t nat -A PREROUTING -p tcp --dport > > 3128 -j REDIRECT > > > --to-port 8080 > > > > > > restart squid dan iptables, jd kita gak perlu > > susah seting manual di > > > browser client, pastikan client konk ke proxy > > kita..... > > > > > > RACHMAT WAHYUDI <[EMAIL PROTECTED] <mailto:yudhiaq%40yahoo.co.id> > > <mailto:yudhiaq%40yahoo.co.id>> > > > wrote: > > > hmm,.. konfignya sudah sesuai tuh, kalo anda mau > > memblock traffik dari > > > client 10.1.1.11-10. 1.1.14 supaya tdk konek ke > > internet berikan > > > perintah sbb: > > > > > > iptables -A FORWARD -s 10.1.1.11 -j DROP > > > iptables -A FORWARD -s 10.1.1.12 -j DROP > > > iptables -A FORWARD -s 10.1.1.13 -j DROP > > > iptables -A FORWARD -s 10.1.1.14 -j DROP > > > > > > kemudian cek hasilnya, coba brosing dari IP2 > > client tersebut apakah > > > terkoneksi ke INTERNET,. > > > > > > [EMAIL PROTECTED] ~]# iptables -vnL > > > Chain INPUT (policy ACCEPT 370 packets, 30974 > > bytes) > > > pkts bytes target prot opt in out source > > destination > > > > > > Chain FORWARD (policy ACCEPT 89016 packets, 7793K > > bytes) > > > pkts bytes target prot opt in out source > > destination > > > 0 0 DROP all -- * * 10.1.1.11 0.0.0.0/0 > > > 0 0 DROP all -- * * 10.1.1.12 0.0.0.0/0 > > > 0 0 DROP all -- * * 10.1.1.13 0.0.0.0/0 > > > 0 0 DROP all -- * * 10.1.1.14 0.0.0.0/0 > > > > > > Chain OUTPUT (policy ACCEPT 245 packets, 43812 > > bytes) > > > pkts bytes target prot opt in out source > > destination > > > [EMAIL PROTECTED] ~]# > > > > > > mudah2an bisa membantu,. > > > > > > regard., > > > > > > --- Pada Jum, 7/11/08, Johanes Joko > > <[EMAIL PROTECTED] <mailto:sijhe95%40gmail.com> > > > <mailto:sijhe95%40gmail.com>> menulis: > > > Dari: Johanes Joko <[EMAIL PROTECTED] <mailto:sijhe95%40gmail.com> > > <mailto:sijhe95%40gmail.com>> > > > Topik: [jogja-linux] tanya squid lagi > > > Kepada: "linux jogja" <[email protected] > <mailto:jogja-linux%40yahoogroups.com> > > > > > <mailto:jogja-linux%40yahoogroups.com>> > > > Tanggal: Jumat, 7 November, 2008, 9:28 AM > > > > > > Mohon pencerahan dari mas2 mbak2 jogxer. > > > > > > Saya instal squid bawaan dari slas 10. client > > sudah diarahkan ke squid > > > > > > server dan sudah dapat mengakses dari internet. > > tapi saya cek di > > > > > > /var/log/squid/ access.log kosong. Selain itu > > rule2 yang saya pake untuk > > > > > > memblok beberapa ip dari pc client tidak jalan > > (client yang diblok masih > > > > > > dapat mengakses ke internet) padahal dengan konfig > > tsb jalan di redhat > > > > > > 9. konfig-nya kurang lebih spt ini : > > > > > > http_port 8080 > > > > > > icp_port 0 > > > > > > hierarchy_stoplist cgi-bin ? > > > > > > acl QUERY urlpath_regex cgi-bin \? > > > > > > no_cache deny QUERY > > > > > > cache_mem 32 MB > > > > > > cache_dir ufs /var/cache/squid 100 48 512 > > > > > > cache_access_ log /var/log/squid/ access.log > > > > > > cache_log /var/log/squid/ cache.log > > > > > > cache_store_ log /var/log/squid/ store.log > > > > > > client_netmask 255.255.255. 0 > > > > > > dns_nameservers 10.1.1.5 > > > > > > auth_param basic children 5 > > > > > > auth_param basic realm Squid proxy-caching web > > server > > > > > > auth_param basic credentialsttl 2 hours > > > > > > auth_param basic casesensitive off > > > > > > acl all src 0.0.0.0/0.0. 0.0 > > > > > > acl manager proto cache_object > > > > > > acl localhost src 127.0.0.1/255. 255.255.255 > > > > > > acl lan src 10.1.1.0/255. 255.255.0 > > > > > > acl SSL_ports port 443 563 > > > > > > acl Safe_ports port 80 # http > > > > > > acl Safe_ports port 21 # ftp > > > > > > acl Safe_ports port 443 563 # https, snews > > > > > > acl Safe_ports port 70 # gopher > > > > > > acl Safe_ports port 210 # wais > > > > > > acl Safe_ports port 1025-65535 # unregistered > > ports > > > > > > acl Safe_ports port 280 # http-mgmt > > > > > > acl Safe_ports port 488 # gss-http > > > > > > acl Safe_ports port 591 # filemaker > > > > > > acl Safe_ports port 777 # multiling http > > > > > > acl CONNECT method CONNECT > > > > > > acl konek src 10.1.1.3-10. 1.1.5/255. 255.255.255 > > > > > > acl blok src 10.1.1.11-10. 1.1.14/255. 255.255.255 > > > > > > http_access deny blok > > > > > > http_access allow konek > > > > > > http_access allow manager > > > > > > http_access deny !Safe_ports > > > > > > http_access deny CONNECT !SSL_ports > > > > > > http_access deny all > > > > > > http_reply_access allow all > > > > > > icp_access deny all > > > > > > icp_access allow localhost > > > > > > cache_effective_ user squid > > > > > > cache_effective_ group squid > > > > > > httpd_accel_ port 80 > > > > > > httpd_accel_ with_proxy on > > > === message truncated === > > __________________________________________________________ > Dapatkan nama yang Anda sukai! > Sekarang Anda dapat memiliki email di @ymail.com dan @rocketmail.com. > http://mail.promotions.yahoo.com/newdomains/id/ > <http://mail.promotions.yahoo.com/newdomains/id/> > >
