Topic: squid tidak jalan..

sesuai dengan tutorial mas opik..

1. # apt-get install havp squid squid-common squid-cgi squidclient

2. Kemudian edit file configurasi squid proxy di /etc/squid/squid.conf -- sy copypaste ke squid.conf

3.# /etc/init.d/squid stop

4. Memberikan permission pada folder cache
# chown -R proxy.proxy /home/proxy1
# chown -R proxy.proxy /home/proxy2
# chown -R proxy.proxy /home/proxy3
# squid -f /etc/squid/squid.conf -z
# /etc/init.d/squid restart
# iptables -t nat -I PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
# iptables -t nat -I PREROUTING -i eth0 -p udp -m udp --dport 80 -j REDIRECT --to-ports 3128
• Untuk

yang jadi pertanyaan sy..

1. http://www.eicar.org/download/eicarcom2.zip -- sy bisa download file ..apakah membuktikan squid nya ngak jalan..


2. sy coba buka var/log/squid tapi ngak ada isinya kosong..padahal sy dah coba beberapa web.. tapi masih kosong.. sy pake perintan "tail -f /path_to/access.log"


3. di forum ini di jelaskan calamaris harus di generate.. gimana cara generate.. ?
fyi.. sy dah masukkan crontab ini
* */1 * * * /usr/sbin/sarg-reports today
* */6 * * * calamaris -a -F html /var/log/squid/access.log > /var/www/calamaris/index.html

sorry nanya nya agak banyak. big_smile

--- tinggal di jawa barat, tapi ngak bisa bahasa sunda. ---
http://www.hermawan.web.id

Re: squid tidak jalan..

maaf sudah bisa jalan.. sorry..

--- tinggal di jawa barat, tapi ngak bisa bahasa sunda. ---
http://www.hermawan.web.id

Re: squid tidak jalan..

hermawan_fsi wrote:

1. http://www.eicar.org/download/eicarcom2.zip -- sy bisa download file ..apakah membuktikan squid nya ngak jalan..

itu hanya nge-check untuk HAVP+ClamAV,
sebuah antivirus di port 80....


hermawan_fsi wrote:

2. sy coba buka var/log/squid tapi ngak ada isinya kosong..padahal sy dah coba beberapa web.. tapi masih kosong.. sy pake perintan "tail -f /path_to/access.log"

klo kosong sih memang belum jalan, cobain perbaiki untuk iptables redirect-nya.


hermawan_fsi wrote:

3. di forum ini di jelaskan calamaris harus di generate.. gimana cara generate.. ?
fyi.. sy dah masukkan crontab ini
* */1 * * * /usr/sbin/sarg-reports today
* */6 * * * calamaris -a -F html /var/log/squid/access.log > /var/www/calamaris/index.html

itu ada generate-nya koq, dah dibikin schedule....

calamaris -a -F html /var/log/squid/access.log > /var/www/calamaris/index.html
Facebook OPiKdesign
http://badge.facebook.com/badge/100000147194199.279.411965916.png
* IT Consultant * Networking Specialist for Internet Cafe/HotSpot/SOHO * Maintenance * Graphic & Web Design, 3D Modeling & 2D/3D Animation * Hosting & Domain * email to: th@opikdesign.com

Re: squid tidak jalan..

Ma'af Bang Opick Salam Kenal  Saya Juga Sering install ubuntu + Squidnya sesuai dengan tutorial Bang opick tp sering juga Gak Jadi he he he he Apa saya yang OON / Newbie. acces.log kosong, terus PATCH game ONline tidak tersimpan padahal tak cek squidnya dah jalan tapi tak check dengan perintah tail -f /var/log/squid/access.log tidak muncul apa2x Mohon Penjelasannya Sudah Bingung ini mau tanya siapa lagi, udah instal berkali2x selalu gagal.

Re: squid tidak jalan..

bosgolden wrote:

Ma'af Bang Opick Salam Kenal  Saya Juga Sering install ubuntu + Squidnya sesuai dengan tutorial Bang opick tp sering juga Gak Jadi he he he he Apa saya yang OON / Newbie. acces.log kosong, terus PATCH game ONline tidak tersimpan padahal tak cek squidnya dah jalan tapi tak check dengan perintah tail -f /var/log/squid/access.log tidak muncul apa2x Mohon Penjelasannya Sudah Bingung ini mau tanya siapa lagi, udah instal berkali2x selalu gagal.

iptables yg untuk redirect dari port 80/HTTP ke port 3128/PROXY sudah dijalankan?

Facebook OPiKdesign
http://badge.facebook.com/badge/100000147194199.279.411965916.png
* IT Consultant * Networking Specialist for Internet Cafe/HotSpot/SOHO * Maintenance * Graphic & Web Design, 3D Modeling & 2D/3D Animation * Hosting & Domain * email to: th@opikdesign.com

Re: squid tidak jalan..

Kayak sudah sesuai tutorial bang opik, apa yang kayak gini perintahnya :iptables -t nat -I PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 sm ini : iptables -t nat -I PREROUTING -i eth0 -p udp -m udp --dport 80 -j REDIRECT --to-ports 3128

apa ada yang terlewat saya yang ndak tau ? Mohon penjelasannyaa?

Re: squid tidak jalan..

bosgolden wrote:

Kayak sudah sesuai tutorial bang opik, apa yang kayak gini perintahnya :iptables -t nat -I PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 sm ini : iptables -t nat -I PREROUTING -i eth0 -p udp -m udp --dport 80 -j REDIRECT --to-ports 3128

apa ada yang terlewat saya yang ndak tau ? Mohon penjelasannyaa?

Coba terapkan lagi iptablesnya, lanjut di copykan iptables yg barusan itu ke /etc/rc.local sebelum exit 0

*eth0 : yg ngarah ke lokal.
*protokol nya perhatiin.

Re: squid tidak jalan..

sudah saya terapkan Mas tp tidak ada efeknya .... tak lihat total disk yang kepakai dipartisi proxy 0% padahal udah 1 bulan, ap yang salah yah mas. ini setiingan squid saya
#################################################################
# Port
#################################################################
http_port 3128 transparent
icp_port 3130
prefer_direct off
#################################################################
# Cache & Object
#################################################################
cache_mem 8 MB
cache_swap_low 98
cache_swap_high 99
max_filedesc 8192
maximum_object_size 1024 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 4 bytes
ipcache_size 4096
ipcache_low 98
ipcache_high 99
fqdncache_size 4096
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
#################################################################
# cache_dir <type> <Directory-Name> <Space in Mbytes> <Level1> <Level2> <options>
# Maksimum Level1=((Space in byte/13)/Level2/Level2)*2
cache_dir aufs /home/proxy1 15000 32 256
cache_dir aufs /home/proxy2 15000 32 256
cache_dir aufs /home/proxy3 15000 32 256
#################################################################
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
pid_filename /var/run/squid.pid
cache_swap_log /var/log/squid/swap.state
dns_nameservers 127.0.0.1
emulate_httpd_log off
hosts_file /etc/hosts
half_closed_clients off
negative_ttl 1 minutes
#################################################################
# Rules: Safe Port
#################################################################
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 873 # https snews rsync
acl Safe_ports port 80 # http
acl Safe_ports port 20 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 631 # cups
acl Safe_ports port 10000 # webmin
acl Safe_ports port 901 # SWAT
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 873 # rsync
acl Safe_ports port 110 # POP3
acl Safe_ports port 25 # SMTP
acl Safe_ports port 2095 2096 # webmail from cpanel
acl Safe_ports port 2082 2083 # cpanel
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports !Safe_ports
#################################################################
# Refresh Pattern
#################################################################
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|mpg|swf|flv|x-flv)$ 43200 90% 432000 override-expire ignore-nocache
ignore-private
refresh_pattern -i \.(deb|rpm|exe|ram|bin|pdf|ppt|doc|tiff)$ 10080 90% 43200 override-expire ignore-no-cache
ignore-private
refresh_pattern -i \.(zip|gz|arj|lha|lzh|tar|tgz|cab|rar)$ 10080 95% 43200 override-expire ignore-no-cache
ignore-private
refresh_pattern -i \.(html|htm|css|js|php|asp|aspx|cgi) 1440 40% 40320
refresh_pattern . 0 20% 4320
#################################################################
# HAVP + Clamav
#################################################################
cache_peer 127.0.0.1 parent 8080 0 no-query no-digest no-netdb-exchange default
#################################################################
# HIERARCHY (BYPASS CGI)
#################################################################
#hierarchy_stoplist cgi-bin ? .js .jsp
#acl QUERY urlpath_regex cgi-bin \? .js .jsp
#no_cache deny QUERY
#################################################################
# Pembatasan B/W Download dgn mendeteksi extention file.
# dan pembatasan access domain
#
#################################################################
acl client src 192.168.0.101 192.168.0.102 192.168.0.103 192.168.0.104 192.168.0.105 192.168.0.106
192.168.0.107 192.168.0.108 192.168.0.109 192.168.0.110
acl billing src 192.168.0.200
acl server src 192.168.0.1
acl download url_regex -i ftp \.exe$ \.mp3$ \.mp4$ \.tar.gz$ \.gz$ \.tar.bz2$ \.rpm$ \.zip$ \.rar$ \.7z$ \.avi$
\.mpg$ \.mpeg$ \.rm$ \.iso$ \.wav$ \.mov$ \.dat$ \.mpe$ \.mid$
acl download url_regex -i \.midi$ \.rmi$ \.wma$ \.wmv$ \.ogg$ \.ogm$ \.m1v$ \.mp2$ \.mpa$ \.wax$ \.m3u$ \.asx$
\.wpl$ \.wmx$ \.dvr-ms$ \.snd$ \.au$ \.aif$ \.asf$ \.m2v$
acl download url_regex -i \.m2p$ \.ts$ \.tp$ \.trp$ \.div$ \.divx$ \.mod$ \.vob$ \.aob$ \.dts$ \.ac3$ \.cda$
\.vro$ \.deb$ \.pdf$ \.com$ \.nrg$ \.vcd$ \.flv$ \.swf$ \.3gp$
delay_pools 2
delay_class 1 1
delay_parameters 1 40000/10000000 15000/40000000 10000/70000000
delay_access 1 allow download client
delay_access 1 deny all
delay_class 2 1
delay_parameters 2 -1/-1
delay_access 2 allow download billing
delay_access 2 allow download server
delay_access 2 deny all
#################################################################
# SNMP
#################################################################
snmp_port 3401
acl snmpsquid snmp_community public
snmp_access allow snmpsquid localhost
snmp_access deny all
#################################################################
# ALLOWED ACCESS
#################################################################
acl modem url_regex 192.168.1. 192.168.2.
http_access allow !modem client
http_access allow billing
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow dl
icp_access allow localhost
icp_access deny all
always_direct deny all
#################################################################
# Cache CGI & Administrative
#################################################################
cache_mgr th@opikdesign.com
cachemgr_passwd 123 all
visible_hostname local.domain
cache_effective_user proxy
cache_effective_group proxy
coredump_dir /var/spool/squid
shutdown_lifetime 10 seconds
logfile_rotate 14

Re: squid tidak jalan..

@bosgolden

Udah dibuat direktory cachenya :
#squid -z

Chek apa masih ada konfigurasi belum benar
#squid -k parse

Nerapin redirect port gak (squid transparent)? kalau iya chek iptables-nya

chek juga log proxy nya

10 (edited by bosgolden 12-09-2011 13:29:09)

Re: squid tidak jalan..

BTW klau  perintah squid -k parse g keluar apa2 mas, kalau acces lognya :
1315612821.386      0 31.44.184.50 TCP_DENIED/403 1524 GET http://allrequestsallowed.com/? - NONE/- text/html
1315635007.818      0 175.181.225.108 TCP_DENIED/403 1494 CONNECT 74.125.153.99:80 - NONE/- text/html
1315656977.234      0 95.132.105.247 TCP_DENIED/403 1506 GET http://www.google.com/ - NONE/- text/html
1315728023.532      0 125.230.161.78 TCP_DENIED/403 2910 CONNECT 203.188.201.253:25 - NONE/- text/html
1315728045.022      0 125.230.161.78 TCP_DENIED/403 2910 CONNECT 203.188.201.253:25 - NONE/- text/html
1315728152.539      0 175.180.185.57 TCP_DENIED/403 2906 CONNECT 74.125.31.106:80 - NONE/- text/html
1315728153.335      0 175.180.185.57 TCP_DENIED/403 2906 CONNECT 74.125.31.106:80 - NONE/- text/html
1315752486.360      0 175.181.132.3 TCP_DENIED/403 2906 CONNECT 74.125.31.105:80 - NONE/- text/html
1315752487.107      0 175.181.132.3 TCP_DENIED/403 2906 CONNECT 74.125.31.105:80 - NONE/- text/html
1315754523.542      0 95.132.183.158 TCP_DENIED/403 2918 GET http://www.google.com/ - NONE/- text/html
1315754549.596      0 95.132.183.158 TCP_DENIED/403 2918 GET http://www.google.com/ - NONE/- text/html
segitu aja mas g ada lagi sad
terus yang dimaksud log proxy yang mana?pake mode transparant mas proxyna

Re: squid tidak jalan..

Sudah terselesaikan para suhu ternyata redirectnya yang keliru interfacenya he he he he tp kok banyak yang miss yah..

tak tampilkan sebagian aja :

1315812222.472    287 192.168.0.10 TCP_MISS/302 759 GET http://www.google.co.id/search? - DEFAULT_PARENT/127.0.0.1 text/html
1315812222.739    264 192.168.0.10 TCP_MISS/200 25213 GET http://www.google.co.id/search? - DEFAULT_PARENT/127.0.0.1 text/html
1315812223.777    999 192.168.0.10 TCP_MISS/200 76956 GET http://www.google.co.id/extern_js/f/CgJ … C6ESVUI.js - DEFAULT_PARENT/127.0.0.1 text/javascript
1315812224.114    269 192.168.0.10 TCP_MISS/204 362 GET http://clients1.google.co.id/generate_204 - DEFAULT_PARENT/127.0.0.1 text/html
1315812224.357    232 192.168.0.10 TCP_MISS/204 363 GET http://www.google.co.id/csi? - DEFAULT_PARENT/127.0.0.1 image/gif
1315812228.926   2887 192.168.0.10 TCP_MISS/200 644 POST http://www.facebook.com/ajax/messaging/async.php? - DIRECT/69.171.228.40 application/x-javascript
1315812231.451   1497 192.168.0.10 TCP_MISS/200 443 POST http://www.facebook.com/ajax/chat/send.php? - DIRECT/69.171.228.40 application/x-javascript
1315812246.982    718 192.168.0.10 TCP_MISS/200 493 POST http://www.facebook.com/ajax/messaging/typ.php? - DIRECT/69.171.228.40 application/x-javascript
1315812248.146   1195 192.168.0.10 TCP_MISS/200 443 POST http://www.facebook.com/ajax/chat/send.php? - DIRECT/69.171.228.40 application/x-javascript
1315812249.850    593 192.168.0.10 TCP_MISS/200 855 POST http://www.facebook.com/ajax/chat/buddy_list.php? - DIRECT/69.171.228.40 application/x-javascript
1315812253.804    890 192.168.0.10 TCP_MISS/200 846 GET http://sitecheck2.opera.com/? - DEFAULT_PARENT/127.0.0.1 text/xml
1315812255.020   2062 192.168.0.10 TCP_MISS/200 6885 GET http://m.facebook.com/ - DEFAULT_PARENT/127.0.0.1 application/xhtml+xml
1315812255.586    413 192.168.0.10 TCP_MISS/200 6215 GET http://photos-b.ak.fbcdn.net/hphotos-ak … 9607_t.jpg - DEFAULT_PARENT/127.0.0.1 image/jpeg
1315812256.985   1832 192.168.0.10 TCP_MISS/200 647 GET http://static.ak.fbcdn.net/rsrc.php/v1/ … RhPvjk.gif - DEFAULT_PARENT/127.0.0.1 image/gif
1315812257.005   1853 192.168.0.10 TCP_MISS/200 951 GET http://static.ak.fbcdn.net/rsrc.php/v1/ … tw3FnO.png - DEFAULT_PARENT/127.0.0.1 image/png
1315812257.137    130 192.168.0.10 TCP_MISS/200 571 GET http://static.ak.fbcdn.net/rsrc.php/v1/ … txbXTT.png - DEFAULT_PARENT/127.0.0.1 image/png
1315812262.961    687 192.168.0.10 TCP_MISS/200 94854 GET http://www.bhinneka.com/aspx/bhindexpc.aspx - DEFAULT_PARENT/127.0.0.1 text/html
1315812263.262    226 192.168.0.10 TCP_MISS/304 282 GET http://www.google-analytics.com/ga.js - DEFAULT_PARENT/127.0.0.1 -
1315812263.451    179 192.168.0.10 TCP_MISS/200 478 GET http://www.google-analytics.com/__utm.gif? - DEFAULT_PARENT/127.0.0.1 image/gif
1315812264.195    141 192.168.0.10 TCP_MISS/200 475 GET http://www.bhinneka.com/aspx/bhindex-Sp … AJAX.aspx? - DEFAULT_PARENT/127.0.0.1 text/xml
1315812265.045    837 192.168.0.10 TCP_MISS/200 418 GET http://api-public.addthis.com/url/shares.json? - DEFAULT_PARENT/127.0.0.1 application/javascript
1315812267.300   3210 192.168.0.10 TCP_MISS/200 10943 GET http://www.bhinneka.com/aspx/bhindex_middle.aspx? - DEFAULT_PARENT/127.0.0.1 text/html
1315812267.525    209 192.168.0.10 TCP_MISS/200 21594 GET http://www.bhinneka.com/aspx/bhindex_bottom.aspx? - DEFAULT_PARENT/127.0.0.1 text/html

Re: squid tidak jalan..

mohon pencerahan nya buat para master squid

kok squid saya gagal terus yah setelah saya squid -k reconfigure muncul error

squid: ERROR: Could not send signal 1 to process 1032: (3) No such process

kenapa yah
maaf saya masih belajar setting squid ,,mohon bantuan nya buat para sesepuh

Re: squid tidak jalan..

problem solved cukup dengan perintah squid restart hehehehehe squid udah ngacirrrr
lagi belajar mahamin webmin sama calamaris....thx kawan-kawan

Re: squid tidak jalan..

malam mas
mau nanya, bbrp waktu kmrn ada teknisi yg nyeting proxy di net saya
tapi setelah 1 minggu di setting kadang proxy nya tidak jalan, dalam arti transparent proxy yg di mikrotik harus di disable dulu baru bisa konek..
kalo transparant proxy nya di enable tidak konek sama sekali, tidak bisa browsing apapun..

bisa tolong di bantu untuk solusi nya ga mas..
terimakasih atas saran dan masukan aan2 sekalian