- Beranda
- Internet Service & Networking
[ASK]https tidak bisa terbuka
...
TS
hayatalone
[ASK]https tidak bisa terbuka
Assalamualaikum Juragan Kaskus
maaf kalau salah kamar
ane newbie numpang tanya, sekiranya disini masih ada yang menggunakan Squid 2.7 stable di windows.
yang ingin ane tanyakan adalah,Knapa setiap buka https yang mana squid sejajar mikrotik selalu begini " The connection has timed out,,,,the server at www.yahoo.com is taking too long to respond"
akan tetapi bila squid sejajar client, https terbuka dengan lancar..
ISP=mikrotik=client
=====squid======
tidak bisa buka situs yang ada https-nya
ISP=MIKROTIK=CLIENT
==============SQUID===
lancar jaya buka situs https
Udah nyari kemana" di mbah google, tapi masih belum dapat hasilnya, sudi kiranya para suhu disni membantu saya menyelesaikan permasalahan saya.,
terima kasih
maaf kalau salah kamar
ane newbie numpang tanya, sekiranya disini masih ada yang menggunakan Squid 2.7 stable di windows.
yang ingin ane tanyakan adalah,Knapa setiap buka https yang mana squid sejajar mikrotik selalu begini " The connection has timed out,,,,the server at www.yahoo.com is taking too long to respond"
akan tetapi bila squid sejajar client, https terbuka dengan lancar..
Spoiler for squid sejajar mikrotik:
ISP=mikrotik=client
=====squid======
tidak bisa buka situs yang ada https-nya
Spoiler for Squid sejajar client:
ISP=MIKROTIK=CLIENT
==============SQUID===
lancar jaya buka situs https
Spoiler for Squid.conf:
Code:
############################
## Port Configuration ##
############################
http_port 8000 transparent
# http1.1 handling
server_http11 on
#######################################
# caching option (memory, directory,) #
#######################################
cache_mem 6 MB
cache_dir aufs D:/luscacache 5000 12 256
coredump_dir D:/luscacache
maximum_object_size 128 MB
maximum_object_size_in_memory 0 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
########################
# name of squid server #
########################
visible_hostname Pt Quantum Tera Network
cache_mgr [email]cs@quantum.net.id[/email]
##########################
## Cache Options ##
##########################
netdb_filename none
shutdown_lifetime 10 seconds
half_closed_clients off
windows_ipaddrchangemonitor off
negative_dns_ttl 1 second
forwarded_for off
httpd_suppress_version_string on
acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
upgrade_http0.9 deny shoutcast
update_headers off
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
request_timeout 1 minute
pconn_timeout 15 seconds
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 100
vary_ignore_expire on
reload_into_ims on
##############################################
### DNS OPTION ###
##############################################
## uncomment this if u wanna try with unbound
#dns_nameservers 127.0.0.1
#dns_nameservers 8.8.8.8
hosts_file C:/Windows/etc/hosts
########### END OF DNS OPTION ################
##############################################
### LOGING OPTION ###
##############################################
access_log D:/luscacache/access.log
cache_log D:/luscacache/cache.log
cache_store_log none
logfile_rotate 1
log_icp_queries off
########### END OF LOG OPTION ################
##############################################
### ACL DEFINITION ###
##############################################
acl all src all
acl localNet src 192.168.9.0/24
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 21
acl Safe_ports port 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 80 # http
acl safe_ports port 443 # https
acl Safe_ports port 210 # wais
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 1025-65535 # unregistered ports
acl CONNECT method CONNECT
acl PURGE method PURGE
acl ftp proto FTP
acl manager proto cache_object
# Yahoo! Messenger
acl ym dstdomain .messenger.yahoo.com .psq.yahoo.com
acl ym dstdomain .us.il.yimg.com .msg.yahoo.com .pager.yahoo.com
acl ym dstdomain .rareedge.com .ytunnelpro.com .chat.yahoo.com
acl ym dstdomain .voice.yahoo.com
acl ymregex url_regex yupdater.yim ymsgr myspaceim
# Other protocols Yahoo!Messenger uses ??
acl ym dstdomain .skype.com .imvu.com
acl keyword url_regex -i "C:/squid/etc/keyword.txt"
acl bolt url_regex ^http://www.boltsuper4g.com/my-bolt.html$
cache deny bolt
# Rules: Advertising
acl ads url_regex -i .youtube\.com\/ad_frame?
acl ads url_regex -i .(s|s[0-90-9])\.youtube\.com
acl ads url_regex -i .googlesyndication\.com
acl ads url_regex -i .doubleclick\.net
acl ads url_regex -i ^http:\/\/googleads\.*
acl ads url_regex -i ^http:\/\/(ad|ads|ads[0-90-9]|ads\d|kad|a[b|d]|ad\d|adserver|adsbox)\.[a-z0-9]*\.[a-z][a-z]*
acl ads url_regex -i ^http:\/\/(newopenx|openx)\.[a-z0-9]*\.[a-z][a-z]*
acl ads url_regex -i ^http:\/\/[a-z0-9]*\.openx\.net\/
acl ads url_regex -i ^http:\/\/[a-z0-9]*\.u-ad\.info\/
acl ads url_regex -i .youtube\.com
## STORE REWRITE
#Warn Wordpress dan blogspot
acl dontrewrite_domain url_regex -i ^http:\/\/([a-z]+[0-9]+([a-z0-9\-]*)?)\.(wordpress|blogspot)\.com
#ACL CDN
acl store_rewrite_list_domain_CDN url_regex -i ^http:\/\/([a-z]+-?[0-9]+([a-z0-9\-]*)?)\.[a-z0-9\-]*\.[a-z]*
#Speedtest
acl store_rewrite_list url_regex -i \/speedtest\/.*(jpg|txt|png|swf)
acl store_rewrite_list_domain url_regex ^http:\/\/([a-zA-Z-]+[0-9-]+)\.[A-Za-z]*\.[A-Za-z]*
acl store_rewrite_list_domain url_regex (([a-z]{1,2}[0-9]{1,3})|([0-9]{1,3}[a-z]{1,2}))\.[a-z]*[0-9]?\.[a-z]{3}
acl store_rewrite_list_path urlpath_regex \.(jp(e?g|eS E N S O R)|gif|png|tiff?|bmp|ico|flv|avc|zip|mp3S E N S O Rgp|rar|on2|mar|exe|cab)$
acl getmethod method GET
#
#
storeurl_access deny dontrewrite_domain
storeurl_access deny !getmethod
storeurl_access allow store_rewrite_list_domain_CDN
storeurl_access allow store_rewrite_list
storeurl_access allow store_rewrite_list_domain
storeurl_access allow store_rewrite_list_path
storeurl_access deny all
# REWRITE FEATURE
#Strawberry Perl
storeurl_rewrite_program C:/strawberry/perl/bin/perl.exe C:/squid/etc/storeurl.pl
storeurl_rewrite_children 5
storeurl_rewrite_concurrency 10
# END OF REWRITE FEATURE
## END STORE REWRITE
# END OF REWRITE FEATURE
##############################################
### ADSBLOCKING ###
##############################################
acl safeuri url_regex -i th30nly\.indolini\.org
http_access allow safeuri
acl gaHack url_regex -i google-analytics\.com\/ga\.js
acl gaHack url_regex -i google-analytics\.com\/analytics\.js
acl gaHack url_regex -i google-analytics\.com\/plugins\/ga\/inpage_linkid\.js
acl gaHack url_regex -i partner\.googleadservices\.com\/gampad\/google_service\.js
acl gaHack url_regex -i googletagservices\.com\/tag\/js\/gpt\.js
acl fbHack url_regex -i connect\.facebook\.net\/[\w]{2}_[\w]{2}\/all\.js
acl fbHack url_regex -i connect\.facebook\.net\/[a-zA-Z_]{5}\/all\.js
deny_info http://lusca.indolini.org/gahack.js? gaHack
deny_info http://lusca.indolini.org/fbhack.js? fbHack
http_access deny gaHack
http_access deny fbHack
acl popads url_regex -i "C:\squid\etc\popads.block"
deny_info http://lusca.indolini.org/popkiller.html popads
http_access deny popads
acl jstrigger url_regex -i (\.[^\.\-]*?\..*?)\/(.*)\.([^\/\?\&][js])((\?|\%).*)?$
acl advertise url_regex -i "C:\squid\etc\ads.block"
deny_info http://lusca.indolini.org/empty.js jstrigger
deny_info http://upload.wikimedia.org/wikipedia/en/d/d0/Clear.gif advertise
http_access deny advertise
http_access deny advertise jstrigger
########### END OF ADSBLOCKING ################
cache_peer 127.0.0.1 parent 8080 7 no-query default
cache allow all
##############################################
##############################################
##############################################
### ACL RULEZ ###
##############################################
http_access allow PURGE manager localhost
http_access allow ym
http_access allow ftp
http_access allow localhost
http_access allow localNet
http_access deny keyword
http_access deny ads
http_access deny PURGE
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT
http_access deny CONNECT !SSL_ports
http_access deny all
http_reply_access deny ads
http_reply_access allow all
icp_access allow all
################ END ACL RULEZ ################
########### END OF ACL DEFINITION ################
##############################################
### NEW REFRESH PATTERN OPTION ###
##############################################
#Speedtest
refresh_pattern -i \/speedtest\/.*(jpg|txt|png|swf)) 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
#SQUID INTERNAL
refresh_pattern -i storeurl://.*SQUIDINTERNAL 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
#IIX DOWNLOAD
refresh_pattern ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(mp3|rar|zip|flv|wmvS E N S O Rgp|mp(4S E N S O R)|exe|msi|zip) 1440 99% 14400 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale ignore-auth
refresh_pattern ^http:\/\/images|image|img|pics|openx|thumbs[0-9]\. 1440 99% 14400 override-expire ignore-reload ignore-private
refresh_pattern kaskus.\co.id.*\.(jp(e?g|eS E N S O R)|gif|png|swf) 1440 99% 14400 reload-into-ims ignore-reload override-expire ignore-no-cache
refresh_pattern -i cdn\.kaskus.\com.*\.(jp(e?g|eS E N S O R|eg|g)|gif|png|css|js) 1440 99% 14400 reload-into-ims ignore-reload override-expire ignore-no-cache
refresh_pattern ^http:\/\/openx.*\.(jp(e?g|eS E N S O R)|gif|pn[pg]|swf|ico|css|tiff?) 129600 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache
refresh_pattern ^.*safebrowsing.*google 1440 99% 14400 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-must-revalidate negative-ttl=10080 store-stale
#sensitive site
refresh_pattern -i \.(sc-|dl-|ex-|mh-|dll|da-) 0 2% 50 reload-into-ims
refresh_pattern -i \.(mst|Xtp|iop)$ 0 50% 1440 reload-into-ims
#general
refresh_pattern \.(7z|arj|bin|bz2|cab|deb|dll|exe|gz|inc|iso|jar|lha|ms(i|p|u)|rar|rpm|tar|tgz|zip|rtp|rpz|nui|kom|stg|pak|sup|nzp|npz|iop|nth|psd|sis|apk)$ 1440 99% 14400 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth reload-into-ims override-lastmod ignore-must-revalidate store-stale
refresh_pattern \.(class|doc|docx|pdf|pps|ppt|ppsx|pptx|ps|rtx|txt|wpl|xls|xlsx)$ 1440 99% 14400 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth reload-into-ims override-lastmod ignore-must-revalidate store-stale
refresh_pattern \.(3gp|ac4|agx|au|avi|cbr|cbt|cbz|dat|divx|flv|hqx)|mid|mk(a|v)|mov|mp(1S E N S O RS E N S O R|4|e|eg|g)|og(a|g|v)|qt|ra|ram|rm|swf|wa(v|x)|wm(a|v|x)|x-flv|webm)$ 1440 99% 14400 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth reload-into-ims override-lastmod ignore-must-revalidate store-stale
refresh_pattern \.(gif|png|jp(e?g|eS E N S O R|g|eg)|ico|bmp|tif|tiff?)$ 1440 99% 14400 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth reload-into-ims override-lastmod ignore-must-revalidate store-stale
refresh_pattern \.(html|htm|css|js)$ 240 75% 420 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth override-lastmod reload-into-ims ignore-must-revalidate store-stale
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
########### END OF REFRESH PATTERN OPTION ################
Spoiler for Nat Mikrotik:
Code:
Flags: X - disabled, I - invalid, D - dynamic
0 X chain=srcnat action=masquerade
1 ;;; NAT Proxy
chain=srcnat action=masquerade src-address=192.168.11.2
2 ;;; lusca
chain=dstnat action=dst-nat to-addresses=192.168.11.2 to-ports=8000
protocol=tcp src-address=192.168.9.10-192.168.9.254
in-interface=ether2-LAN Switch dst-port=80
Udah nyari kemana" di mbah google, tapi masih belum dapat hasilnya, sudi kiranya para suhu disni membantu saya menyelesaikan permasalahan saya.,
terima kasih
0
2K
Kutip
3
Balasan
Guest
Tulis komentar menarik atau mention replykgpt untuk ngobrol seru
Mari bergabung, dapatkan informasi dan teman baru!
Internet Service & Networking
21.3KThread•4KAnggota
Terlama
Guest
Tulis komentar menarik atau mention replykgpt untuk ngobrol seru