Slide # 1

Slide # 1

Far far away, behind the word mountains, far from the countries Vokalia and Consonantia, there live the blind texts Read More

Slide # 2

Slide # 2

Far far away, behind the word mountains, far from the countries Vokalia and Consonantia, there live the blind texts Read More

Slide # 3

Slide # 3

Far far away, behind the word mountains, far from the countries Vokalia and Consonantia, there live the blind texts Read More

Slide # 4

Slide # 4

Far far away, behind the word mountains, far from the countries Vokalia and Consonantia, there live the blind texts Read More

Slide # 5

Slide # 5

Baru belajar ngeblog gan..... Read More

Jumat, 23 Mei 2014

Analisis Perancangan Jaringan Komputer

10.33     No comments

Setting Microtik + Squid


Mikrotik box :
Cel 333
HD 10 Gb
RAM 192 MB
IP Address : 192.168.10.1 (Local), 192.168.20.1(Proxy), 10.100.0.4(Public)
Proxy Box :
OS Ubuntu 7.04 (Feisty Fawn)
HD 80 Gb SATA
RAM 1 Gb
IP Address : 192.168.20.2
Pertama-tama install mikrotik default .
Pada Mikrotik box tambahkan LAN Card ketiga yang akan digunakan untuk koneksi ke proxy. Setting IP Address, misalnya 192.168.20.1/30. Jadi di dalam mikrotik box gunakan perintah :
/ip address add address=192.168.20.1/30 interface=Proxy
Setting proxy di mikrotik box
/ip proxy set enabled=yes ports=3128 paren-proxy=192.168.20.2:3128
Firewall nat
/ip firewall nat add chain=srcnat out-interface=Public action=masquerade
/ip firewall nat add chain=dstnat in-interface=Local src-address192.168.10.0/24 protocol=tcp dst-port=80 action=redirect to-ports=3128
Hasilnya :

[admin@STIK Yos Sudarso] > /ip firewall nat print
Flags: X – disabled, I – invalid, D – dynamic
0 chain=srcnat out-interface=Public action=masquerade


1 chain=dstnat in-interface=Local src-address=192.168.10.0/24 protocol=tcp
dst-port=80 action=redirect to-ports=3128


/ ip firewall mangle
add chain=prerouting src-address=192.168.n.n/27 action=mark-packet \
new-packet-mark=test-up passthrough=no comment=”UP TRAFFIC” disabled=no
add chain=forward src-address=192.168.14.n.n/27 action=mark-connection \
new-connection-mark=test-conn passthrough=yes comment=”CONN-MARK” \
disabled=no
add chain=forward in-interface=Public connection-mark=test-conn \
action=mark-packet new-packet-mark=test-down passthrough=no comment=” \
DOWN-DIRECT CONNECTION” disabled=no
add chain=output out-interface=Local dst-address=192.168.n.n/27 \
action=mark-packet new-packet-mark=test-down passthrough=no \
comment=”DOWN-VIA PROXY” disabled=no

Hasilnya :

[admin@STIK Yos Sudarso] > /ip firewall mangle print
Flags: X – disabled, I – invalid, D – dynamic
0 ;;; UP TRAFFIC
chain=prerouting src-address=192.168.10.0/24 action=mark-packet
new-packet-mark=test-up passthrough=no


1 ;;; CONN-MARK
chain=forward src-address=192.168.10.0/24 action=mark-connection
new-connection-mark=test-con passthrough=yes


2 ;;; DOWN-DIRECT CONNECTION
chain=forward in-interface=Public connection-mark=test-con
action=mark-packet new-packet-mark=test-down passthrough=no


3 ;;; DOWN-VIA PROXY
chain=output out-interface=Local dst-address=192.168.10.0/24
action=mark-packet new-packet-mark=test-down passthrough=no


/ queue type
add name=”pcq-download” kind=pcq pcq-rate=0 pcq-limit=50 \
pcq-classifier=dst-address pcq-total-limit=2000
add name=”pcq-upload” kind=pcq pcq-rate=0 pcq-limit=50 \
pcq-classifier=src-address pcq-total-limit=2000

Hasilnya :

[admin@STIK Yos Sudarso] > /queue type print
0 name=”default” kind=pfifo pfifo-limit=50

1 name=”ethernet-default” kind=pfifo pfifo-limit=50
2 name=”wireless-default” kind=sfq sfq-perturb=5 sfq-allot=1514

3 name=”synchronous-default” kind=red red-limit=60 red-min-threshold=10
red-max-threshold=50 red-burst=20 red-avg-packet=1000

4 name=”hotspot-default” kind=sfq sfq-perturb=5 sfq-allot=1514

5 name=”pcq-download” kind=pcq pcq-rate=0 pcq-limit=50
pcq-classifier=dst-address pcq-total-limit=2000


6 name=”pcq-upload” kind=pcq pcq-rate=0 pcq-limit=50
pcq-classifier=src-address pcq-total-limit=2000


/ queue tree
add name=”downstream” parent=Local packet-mark=test-down limit-at=0 \
queue=pcq-download priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=no
add name=”upstream” parent=global-in packet-mark=test-up limit-at=0 \
queue=pcq-upload priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
burst-time=0s disabled=no

Hasilnya :

[admin@STIK Yos Sudarso] > /queue tree print
Flags: X – disabled, I – invalid
0 name=”downstream” parent=Local packet-mark=test-down limit-at=0
queue=pcq-download priority=8 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0s


1 name=”upstream” parent=global-in packet-mark=test-up limit-at=0
queue=pcq-upload priority=8 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s

Proxy Box
Install squid
Dengan menggunakan Synaptic Package Manager install squid apabila belum terinstall.
edit squid.conf
# sudo gedit /etc/squid/squid.conf
tambahkan baris berikut :

acl jaringan src 192.168.10.0/24
http_access allow jaringan


acl jaringan1 src 192.168.20.0/30
http_access allow jaringan1

restart squid :
#/etc/init.d/squid restart
#echo 1 > proc/sys/net/ipv4/ip forward
#iptables -A PREROUTING -t nat -p tcp –dport 80 -j REDIRECT –to-port 3128
Referensi :
http://tajidyakub.net/index.php/2007/03/12/mikrotik-external-squid-simple-queue/
http://harrychanputra.wordpress.com
dll.


0 komentar :

Posting Komentar