Pastikan dulu proxy dapat berjalan dengan baik. Kalau sudah OK, pake winbox masuk IP>Web Proxy. Pada tab Access klik tanda (+) - src address : ip client - dst host : domain yang akan di blok, bisa pakai tanda bintang. misal (*facebook*) - access : denny
selesai dah :) On Wed, Apr 13, 2011 at 5:12 PM, wahyu hendro <[email protected]>wrote: > Dear all, > Temen saya ingin minta tolong bagaimana cara blok situs tertentu di warnet > saya > di misalnya situs dewasa ,di net saya mengguanakan mikrotik RB750G dan > proxy > squid sebagai transparent saya sudah mencoba untuk blok hasilnya berhasil > tetapi > untuk game online seperti Point Blank dll dan situs2 tertentu seperti > facebook > dll tidak bisa terbuka ,saya liat di log squidnya keterangannya seperti > berikut: > > > TCP_DENIED/403 1712 GET > > http://file.pb.gemscool.com/gamepatch/2011-04-04_17-01-17/Gui/Image/announce.xml.zip > - NONE/- text/html > > Berikut saya lampirkan settingan dari mikrotik dan squid nya sbb > 1 .mikrotik > /ip firewall nat > add action=dst-nat chain=dstnat comment="transparent proxy" disabled=no \ > dst-address-list=!proxyNET dst-port=80,8080,3128 protocol=tcp > src-address=!192.168.3.x \ > to-addresses=192.168.3.x to-ports=3128 > 2 squid.conf > http_port 3128 transparent > cache_mem 8 MB > server_http11 on > > pid_filename /var/run/squid.pid > coredump_dir /var/spool/squid/ > error_directory /usr/share/squid/errors/English > icon_directory /usr/share/squid/icons > mime_table /usr/share/squid/mime.conf > > maximum_object_size_in_memory 32 KB > memory_replacement_policy heap GDSF > cache_replacement_policy heap LFUDA > maximum_object_size 4096 MB > cache_swap_low 98% > cache_swap_high 99% > cache_dir aufs /squid 50000 64 256 > access_log /var/log/squid/access.log > cache_log /var/log/squid/cache.log > cache_log /dev/null > cache_store_log /dev/null > redirect_rewrites_host_header off > acl manager proto cache_object > acl localhost src 127.0.0.1/255.255.255.255 > acl SSL_ports port 443 563 > acl Safe_ports port 80 21 443 563 70 210 1025-65535 > acl Safe_ports port 280 > acl Safe_ports port 488 > acl Safe_ports port 591 > acl Safe_ports port 777 > acl CONNECT method CONNECT > acl dynamic urlpath_regex cgi-bin \? > acl all src 0.0.0.0/0 > acl jaringan src 192.168.1.0/24 > acl domain-blacklist dstdomain "/etc/squid/blacklist/domain-blacklist" > acl kata-blacklist url_regex -i "/etc/squid/blacklist/kata-blacklist" > > http_access deny domain-blacklist > http_access deny kata-blacklist > http_access allow jaringan > http_access allow manager > http_access allow localhost > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > http_access deny all > http_reply_access allow all > > > snmp_port 3401 > acl snmppublic snmp_community public > snmp_access allow snmppublic all > > acl admin src 192.168.1.12/32 > acl management src 192.168.1.13/32 > > acl download url_regex -i \.avi$ \.mpg$ \.mpeg$ \.rm$ \.iso$ \.wav$ \.mov$ > \.dat$ \.mpe$ \.mid$ \.flv$ \.3gp$ > acl download url_regex -i ftp \.exe$ \.mp3$ \.mp4$ \.tar.gz$ \.gz$ > \.tar.bz2$ > \.rpm$ \.zip$ \.rar$ > acl download url_regex -i \.midi$ \.rmi$ \.wma$ \.wmv$ \.ogg$ \.ogm$ \.m1v$ > \.mp2$ \.mpa$ \.wax$ > acl download url_regex -i \.m3u$ \.asx$ \.wpl$ \.wmx$ \.dvr-ms$ \.snd$ > \.au$ > \.aif$ \.asf$ \.m2v$ > acl download url_regex -i \.m2p$ \.ts$ \.tp$ \.trp$ \.div$ \.divx$ \.mod$ > \.vob$ > \.aob$ \.dts$ > acl download url_regex -i \.ac3$ \.cda$ \.vro$ \.deb$ \.mkv$ > > delay_pools 2 > > delay_class 1 1 > delay_parameters 1 -1/-1 > delay_access 1 allow admin > delay_access 1 allow admin management > delay_access 1 deny all > delay_class 2 1 > delay_parameters 2 40000/5000000 > delay_access 2 allow download > delay_access 2 deny all > > Mohon bantuan ya temen2 ,sebelumnya saya ucapkan terima kasih . > > > salam > > > Hendro > ______________________________________________ > --- > Info Milis : http://opensuse.or.id/milis > Keluar dari Milis : Kirim email ke [email protected] > Manajemen Keanggotaan : > http://lists.opensuse-id.org/listinfo.cgi/milis-opensuse-id.org > -- Sri Rustanto http://masrust.web.id/ ______________________________________________ --- Info Milis : http://opensuse.or.id/milis Keluar dari Milis : Kirim email ke [email protected] Manajemen Keanggotaan : http://lists.opensuse-id.org/listinfo.cgi/milis-opensuse-id.org
