Lusca Proxy Untuk IPFire

27 Agustus 2012 Fajar R. Linux, Squid Cache 176

Lusca proxy untuk IPFire adalah addons tidak resmi (unofficial) untuk IPFire – sebuah distribusi linux untuk firewall. Pada dasarnya IPFire sudah memiliki web proxy sendiri yang diporting dari advanced proxy untuk IPCop dan Smoothwall, namun selalu di update menyesuaikan dengan rilis terakhir squid cache (versi 3.x). Lusca memiliki kemampuan dan stabilitas yang baik dalam melakukan web caching walaupun dibuat berbasis squid 2.7. Its oldy, but mighty.

Addons Lusca untuk IPFire terdiri dari binari Lusca versi stabil yang dikompilasi dengan menitikberatkan pada kinerja dan fleksibilitas dalam melakukan web caching. Lusca proxy untuk IPFire terintegrasi dengan baik dengan semua fitur yang sudah terdapat didalam IPFire dan dapat diatur dengan mudah lewat antarmuka web. Selain itu, tuning tambahan pada konfigurasi Lusca addons ini di optimasi untuk melakukan caching website-website terkemuka di Indonesia, dan juga caching beberapa games online.

System requirement :

IPFire 2.11 Core Update 61

ISO image untuk IPFire 2.11 Core Update 61 dapat didownload dari link dibawah ini :

Prerequisite :

PENTING! Sebelum addons lusca di instal, pastikan anda sudah melakukan konfigurasi squid bawaan IPFire dengan mengklik “Save and Restart” di halaman interface web, tab “Networking” di bagian pengaturan proxy. Hal ini berguna agar IPFire dapat meng-generate acl-acl yang akan digunakan oleh squid dengan sempurna.

Cara instalasi Lusca proxy untuk IPFire :

# wget http://cachebox.googlecode.com/files/ipfire-lusca-beta.tar.gz
# tar -zxvf ipfire-lusca-beta.tar.gz
# cd ipfire-lusca-beta
# ./install

Jika anda menggunakan core updates terbaru, anda juga dapat melakukan instalasi Lusca. Yang perlu diperhatikan adalah, setelah anda selesai meng-ekstrak installer nya, edit lah file “install” dengan editor kesayangan anda. Carilah tulisan if ($core_release !~ 61) dan ganti menjadi if ($core_release !~ 62), dimana angka “62” adalah contoh core updates yang anda gunakan. Sesuaikan nilai ini dengan core updates yang anda gunakan!

Untuk mengetahui informasi versi core updates yang didukung dan kompatibel oleh Lusca proxy untuk IPFire ini, silakan bergabung di grup Facebook kami : http://www.facebook.com/groups/ipfire.id/.

Setelah proses instalasi selesai, akseslah halaman antarmuka web (web GUI) untuk pengaturan web proxy (tab network). Jika Lusca terinstal dengan baik, maka pada bagian squid cache version akan tampak seperti dibawah ini :

Klik pada tombol “Save and Restart” untuk menyimpan seluruh konfigurasi dan memulai ulang (restart) web proxy.

Contoh statistik Lusca yang sudah running :

*ps. HTTP request terlihat kecil, karena sebagian besar klien yang saya layani online dari gadget atau smartphone.

Catatan :

Lusca addons untuk IPFire ini dapat didistribusikan dan dimodifikasi secara bebas dengan menyertakan credit untuk penulis asli.
Addons ini dibuat sebagaimana-adanya (as-is) tanpa ada dukungan resmi dan segala resiko atau kerugian yang diakibatkan dari addons ini berada diluar tanggung jawab penulis.

Credits :

IPFire development team (thanks for developing this awesome firewall)
Lusca development team
Lusca proxy installer based on advanced proxy installer by M. Sondermann
URL rewriter by Chuddy Fernandez and Ucok Karnadi
Alexa

About Fajar R. 297 Articles

Seseorang yang antusias terhadap dunia internet, IT, networking dan komputer. Tipikal introvert tapi suka berorganisasi dan adventuring ke tempat-tempat baru.

denny
9 April 2013 pada 09:41

mas, udah 2 bulan pakai ipfire youtube normal aja enggak ada masalah, udah 1 minggu ini kok youtubenya enggak cacahe apa ada yg salah bingung juga di instal ulang tetap gitu juga youtube enggak jalan juga

Balas
Sonic
5 April 2013 pada 11:04

transparent on green uda di ceklist, enable loging jg udah… tp kok tetep gk mau kluar urlnya…. apa ad setingan yg lain ? cara cek proxy udah berjalan gmn mas ? proxy ini apa bisa untuk cache file berformat .mp3, .exe, dll. apa gk mas…. ? mksh…

Balas
Sonic
5 April 2013 pada 10:59

itu sdh sy lakukan mass, tp msh tetep blm kluar url nya… trus cara chek proxy uda berjalan gmn mas ? ini bisa untuk cache file berformat .mp3, .exe gk mas? mksh…..

Balas
Sonic
4 April 2013 pada 20:58

mas sy dah coba install dah bisa buat browser tp kok log proxy nya kok masih kosong, gk ada urlnya sama skali ? pdhal udah seharian browsing, apa msh blm jalan ya proxy nya…. mksh sblumnya

Balas
- fazar
  5 April 2013 pada 08:12
  
  pertama pastikan squid/lusca berjalan dengan modus transparent, di web interface jangan lupa kasih ceklist untuk “Transparent on green” (dan “Transparent on blue” jika anda menggunakan interface blue). kedua, pastikan juga opsi “Enable logging” diaktifkan. terakhir, klik “Save and restart” untuk menyimpan konfigurasi.
  
  Balas
denny
4 April 2013 pada 03:00

warning: memori out filedepriptor, mas ini apa maksudnya browsing jadi lambattt tolonng ya udah kebingungan

Balas
- fazar
  4 April 2013 pada 08:45
  
  filedescriptor kali ya? coba naikkan jumlah filedescriptor nya mas. :)
  
  Balas
ca
3 April 2013 pada 11:38

ok mas thnks infonya ntar saya cuba,cuma untuk dialnya sendiri ip fire nya itu username ama password speedynya disi di bag mananya ya kalau di ipfire mas?

Balas
- fazar
  3 April 2013 pada 12:00
  
  silakan buka web interfacenya, kemudian klik menu “Dialup”
  
  Balas
Tuama Kamang
30 Maret 2013 pada 07:06

>>>UNSOLVED<<<

Balas
ca
28 Maret 2013 pada 11:51

mas gimana settingannya supaya router ipfire bisa di remote dari luar…saya menggunakan access internet speedy, dengan dial dari modem..saya sudah cari2 tapi masih belum ketemu..thnks mohon infonya..

Balas
- fazar
  28 Maret 2013 pada 15:56
  
  cari setting dmz (demilitarized zone) pada modem, kemudian tambahkan IP address IPFire pada DMZ tersebut.
  fyi, ane rekomendasikan IPFire yg melakukan dial (modem menjadi bridge) agar tidak ada hop antara ipfire ke internet, dan codel/qos pada IPFire bisa berjalan dengan baik.
  
  Balas
Tuama Kamang
22 Maret 2013 pada 14:37

Hallo masbro… see u again…

Selama ini saya memang tetap menguji kehandalan IPFire sebagai External Proxy Mikrotik untuk memenuhi tuntutan jaringan RT/RW NET. Sehingga muncul beberapa masalah yang saya tidak sadari sebelumnya.
>>>>Pertanyaan:
1) Pengaturan Queue Tree pada mikrotik saya berkarakter mengutamakan kecepatan pada browsing dengan priority 2, sedangkan Limit Extension menggunakan priority 5 dengan batasan Download 512kbps untuk 15 client. Jauh sebelum menggunakan proxy limitation ini berjalan dengan baik. Tetapi ternyata setelah menggunakan Proxy, kecepatannya drop sampe ke 256kbps bahkan sampai ke 128kbps untuk limit extention. Sebenarnya ada masalah apa yah?

2)Barusan IPFire merelease versi terbaru v.67, pada GUI ada offer untuk mengupdate ke versi ini. Saya coba mengupdatenya hingga selesai. Tetapi permasalahannya, sepertinya IPFire tidak jalan dan pengaruhnya client tidak terkoneksi internet. Sebenarnya ini apa penyebabnya.

By the way till now, I still giving 5 star for IPFire…. Ok saya tunggu respons-nya..

Balas
- fazar
  22 Maret 2013 pada 14:57
  
  halo juga masbro,
  langsung ane bales ya…
  
  pertama,
  apakah masbro mengaktifkan “Download throttling” di pengaturan proxy? kalo iya, coba jadikan Overall limit dan Limit per host jadi unlimited. atur juga mikrotik queue tree masbro agar tersusun rapi rulesnya berdasarkan priority. kalo ane biasa di mikrotik pengaturan priority seperti ini : atur priority 1 untuk proxy hit, priority 2 icmp, dns, dan ack, browsing di 5 dan download di 8.
  
  kedua,
  core 67 menggunakan squid 3, oleh sebab itu file include nya jadi nggak kompatibel. silakan instal ulang lusca/squid2.7 nya.. nggak perlu reinstal IPFire :)
  oia.. silakan juga mampir kemari, http://forum.ipfire.web.id/index.php/topic,11.0.html
  
  Balas
  - Tuama Kamang
    23 Maret 2013 pada 07:28
    
    Masbro….
    
    1)sepertinya untuk download throttling aktif dan pengaturannya sudah seperti itu. Untuk setting Queue Tree saya seperti ini:
    /queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=80M name="1.PROXY HIT KOMPUTER" packet-mark=proxy_hit parent=\ 02-LOCAL priority=2 queue="PROXY DOWN" add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=8k \ max-limit=30k name=6.PING1 packet-mark=icmp_paket parent=global-out \ priority=1 queue=PING add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=8k \ max-limit=30k name=7.PING2 packet-mark=icmp_paket parent=00-PUBLIC \ priority=1 queue=PING add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=8k \ max-limit=30k name=8.DNS1 packet-mark=dns_paket parent=global-out \ priority=1 queue=PING add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=8k \ max-limit=30k name=9.DNS2 packet-mark=dns_paket parent=00-PUBLIC \ priority=1 queue=PING add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=256k \ max-limit=512k name="1.GAME ONLINE DOWN" packet-mark=game_paket parent=\ "2.GAME DOWN" priority=2 queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=512k name="2.GAME FACEBOOK DOWN" packet-mark=\ game_facebook_paket parent="2.GAME DOWN" priority=3 queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=256k \ max-limit=256k name="1.GAME ONLINE UPLOAD" packet-mark=game_paket_client \ parent="3.GAME UPLOAD" priority=2 queue=UP add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=512k name="2.GAME FACEBOOK UPLOAD" packet-mark=\ game_facebook_client parent="3.GAME UPLOAD" priority=3 queue=UP add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="BROWSING LIMIT" packet-mark=http_paket parent=\ "5.ALL HTTP DOWN" priority=2 queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="YOUTUBE STREAMING" packet-mark="YOUTUBE STREAMING" \ parent=YOUTUBE priority=5 queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=MKV packet-mark=MKV parent="EXTENTION LIMIT" priority=5 \ queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=MP3 packet-mark=MP3 parent="EXTENTION LIMIT" priority=5 \ queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=MP4 packet-mark=MP4 parent="EXTENTION LIMIT" priority=5 \ queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=ZIP packet-mark=ZIP parent="EXTENTION LIMIT" priority=4 \ queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=ISO packet-mark=ISO parent="EXTENTION LIMIT" priority=5 \ queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=AVI packet-mark=AVI parent="EXTENTION LIMIT" priority=5 \ queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=MOV packet-mark=MOV parent="EXTENTION LIMIT" priority=5 \ queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=MPEG packet-mark=MPEG parent="EXTENTION LIMIT" priority=\ 5 queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=MPG packet-mark=MPG parent="EXTENTION LIMIT" priority=5 \ queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=RAR packet-mark=RAR parent="EXTENTION LIMIT" priority=5 \ queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=WAV packet-mark=WAV parent="EXTENTION LIMIT" priority=5 \ queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=WMV packet-mark=WMV parent="EXTENTION LIMIT" priority=5 \ queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=3GP packet-mark=3GP parent="EXTENTION LIMIT" priority=5 \ queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=7z packet-mark=7z parent="EXTENTION LIMIT" priority=5 \ queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="YOUTUBE DOWNLOAD" packet-mark="YOUTUBE DOWNLOAD" \ parent=YOUTUBE priority=5 queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=PORN1 packet-mark=PORN1 parent=PORN priority=5 queue=\ DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=PORN2 packet-mark=PORN2 parent=PORN priority=4 queue=\ DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=PORN3 packet-mark=PORN3 parent=PORN priority=5 queue=\ DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="MIVO TV" packet-mark="MIVO TV" parent="EXTENTION LIMIT" \ priority=4 queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=PORN4 packet-mark=PORN4 parent=PORN priority=5 queue=\ DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="+++TOTAL DOWNLOAD+++" packet-mark="SEMUA PAKET KELUAR" \ parent=global-out priority=5 queue=default add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=80M name="0.PROXY HIT BRIDGE" packet-mark=proxy_hit parent=\ 01-BRIDGE priority=2 queue="PROXY DOWN" add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=EXE packet-mark=EXE parent="EXTENTION LIMIT" priority=5 \ queue=DOWN add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=FLV packet-mark=FLV parent="EXTENTION LIMIT" priority=5 \ queue=DOWN
    **Dan untuk Mangle
    /ip firewall mangle add action=mark-packet chain=postrouting comment="SQUID PROXY HIT" disabled=\ no dscp=12 new-packet-mark=proxy_hit passthrough=no add action=mark-connection chain=forward disabled=no dscp=12 in-interface=\ 00-PROXY new-connection-mark=hit out-interface=01-BRIDGE passthrough=yes add action=mark-connection chain=forward disabled=no dscp=12 in-interface=\ 00-PROXY new-connection-mark=hit out-interface=02-LOCAL passthrough=yes add action=mark-packet chain=forward disabled=no dscp=12 in-interface=\ 00-PROXY new-packet-mark=proxy_hit out-interface=02-LOCAL passthrough=no \ protocol=tcp add action=mark-packet chain=forward connection-mark=hit disabled=no \ in-interface=00-PROXY new-packet-mark=proxy_hit out-interface=01-BRIDGE \ passthrough=yes protocol=tcp add action=mark-packet chain=postrouting comment="DSCP MATCHER" disabled=no \ dscp=12 new-packet-mark=packet-hits passthrough=no add action=mark-packet chain=forward comment="LIMIT EXTENTION" disabled=no \ layer7-protocol="YOUTUBE DOWNLOAD" new-packet-mark="YOUTUBE DOWNLOAD" \ passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=\ "YOUTUBE STREAMING" new-packet-mark="YOUTUBE STREAMING" passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=TUBE \ new-packet-mark=PORN1 passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=PORN \ new-packet-mark=PORN2 passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=VIDEO \ new-packet-mark=PORN3 passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=MOVIE \ new-packet-mark=PORN4 passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=MKV \ new-packet-mark=MKV passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=MP3 \ new-packet-mark=MP3 passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=MP4 \ new-packet-mark=MP4 passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=ZIP \ new-packet-mark=ZIP passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=EXE \ new-packet-mark=EXE passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=FLV \ new-packet-mark=FLV passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=ISO \ new-packet-mark=ISO passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=MOV \ new-packet-mark=MOV passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=MPEG \ new-packet-mark=MPEG passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=MPG \ new-packet-mark=MPG passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=RAR \ new-packet-mark=RAR passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=WAV \ new-packet-mark=WAV passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=WMV \ new-packet-mark=WMV passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=ISO \ new-packet-mark=3GP passthrough=no add action=mark-packet chain=forward disabled=no layer7-protocol=7z \ new-packet-mark=7z passthrough=no add action=mark-connection chain=prerouting comment=ICMP disabled=no \ new-connection-mark=icmp passthrough=yes protocol=icmp add action=mark-packet chain=prerouting connection-mark=icmp disabled=no \ new-packet-mark=icmp_paket passthrough=yes add action=change-dscp chain=prerouting disabled=no new-dscp=1 packet-mark=\ icmp_paket passthrough=yes add action=mark-connection chain=prerouting comment=DNS disabled=no dst-port=\ 53 new-connection-mark=dns passthrough=yes protocol=tcp add action=mark-connection chain=prerouting disabled=no dst-port=53 \ new-connection-mark=dns passthrough=yes protocol=udp add action=mark-packet chain=prerouting connection-mark=dns disabled=no \ new-packet-mark=dns_paket passthrough=yes add action=change-dscp chain=prerouting disabled=no new-dscp=1 packet-mark=\ dns_paket passthrough=yes add action=mark-connection chain=prerouting comment="TANDA SEMUA KONEKSI" \ disabled=no dst-address-list=!client in-interface=02-LOCAL \ new-connection-mark="SEMUA KONEKSI MASUK" passthrough=yes add action=mark-connection chain=prerouting disabled=no dst-address-list=\ !client in-interface=01-BRIDGE new-connection-mark="SEMUA KONEKSI MASUK" \ passthrough=yes add action=mark-connection chain=forward comment="SEMUA KONEKSI KELUAR" \ disabled=no new-connection-mark="SEMUA KONEKSI KELUAR" out-interface=\ 02-LOCAL passthrough=yes src-address-list=!client add action=mark-connection chain=forward disabled=no new-connection-mark=\ "SEMUA KONEKSI KELUAR" out-interface=01-BRIDGE passthrough=yes \ src-address-list=!client add action=mark-packet chain=prerouting comment="SEMUA PAKET MASUK" \ connection-mark="SEMUA KONEKSI MASUK" disabled=no new-packet-mark=\ "SEMUA PAKET_MASUK" passthrough=yes add action=mark-packet chain=forward comment="SEMUA PAKET KELUAR" \ connection-mark="SEMUA KONEKSI KELUAR" disabled=no new-packet-mark=\ "SEMUA PAKET KELUAR" passthrough=yes add action=mark-connection chain=prerouting comment=HTTP disabled=no \ dst-port=80 new-connection-mark=http passthrough=yes protocol=tcp add action=mark-packet chain=forward connection-mark=http disabled=no \ dst-address=192.168.73.0/24 new-packet-mark=http_paket passthrough=no add action=mark-packet chain=forward connection-mark=http disabled=no \ new-packet-mark=http_client_paket passthrough=no src-address=\ 192.168.73.0/24 add action=mark-packet chain=forward connection-mark=http disabled=no \ dst-address=192.168.73.0/24 new-packet-mark=http_paket passthrough=no add action=mark-packet chain=forward connection-mark=http disabled=no \ new-packet-mark=http_client_paket passthrough=no src-address=\ 192.168.73.0/24 add action=mark-connection chain=prerouting comment="GAME ONLINE" disabled=no \ dst-port="1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6001,6000\ -6152,7777" new-connection-mark=game passthrough=yes protocol=tcp add action=mark-connection chain=prerouting disabled=no dst-port="7341-7350,74\ 51,8085,9600,9601-9602,9300,9400,9700,9376-9377,10001-10011,40000" \ new-connection-mark=game passthrough=yes protocol=tcp add action=mark-connection chain=prerouting disabled=no dst-port="10009,13008,\ 16666,28012,11011-11041,10402,11031,12011,12110,13413,15000-15002,15001,15\ 002" new-connection-mark=game passthrough=yes protocol=tcp add action=mark-connection chain=prerouting disabled=no dst-port="16402-16502,\ 18901-18909,19000,19101,22100,27780,29000,29200,39100,39110,39220,39190,49\ 100" new-connection-mark=game passthrough=yes protocol=tcp add action=mark-connection chain=prerouting disabled=no dst-port=14009-14010 \ new-connection-mark=game passthrough=yes protocol=tcp add action=mark-connection chain=prerouting disabled=no dst-port="1293,1479,61\ 00-6152,7777-7977,9401,9600-9602,12020-12080,30000,40000-40010" \ new-connection-mark=game passthrough=yes protocol=udp add action=mark-connection chain=prerouting disabled=no dst-port=\ 42051-42052,11100-11125,11440-11460 new-connection-mark=game passthrough=\ yes protocol=udp add action=mark-connection chain=prerouting disabled=no dst-port=14009-14010 \ new-connection-mark=game passthrough=yes protocol=udp add action=mark-packet chain=forward connection-mark=game disabled=no \ dst-address=192.168.73.0/24 new-packet-mark=game_paket passthrough=no add action=mark-packet chain=forward connection-mark=game disabled=no \ new-packet-mark=game_paket_client passthrough=no src-address=\ 192.168.73.0/24 add action=mark-packet chain=forward connection-mark=game disabled=no \ dst-address=192.168.73.0/24 new-packet-mark=game_paket passthrough=no add action=mark-packet chain=forward connection-mark=game disabled=no \ new-packet-mark=game_paket_client passthrough=no src-address=\ 192.168.73.0/24 add action=mark-connection chain=prerouting comment="GAME FACEBOOK" disabled=\ no dst-port=843,9339 new-connection-mark=game_facebook passthrough=yes \ protocol=tcp add action=mark-packet chain=forward connection-mark=game_facebook disabled=\ no dst-address=192.168.73.0/24 new-packet-mark=game_facebook_paket \ passthrough=no add action=mark-packet chain=forward connection-mark=game_facebook disabled=\ no new-packet-mark=game_facebook_client passthrough=no src-address=\ 192.168.73.0/24 add action=mark-packet chain=forward connection-mark=game_facebook disabled=\ no dst-address=192.168.73.0/24 new-packet-mark=game_facebook_paket \ passthrough=no add action=mark-packet chain=forward connection-mark=game_facebook disabled=\ no new-packet-mark=game_facebook_client passthrough=no src-address=\ 192.168.73.0/24 add action=mark-connection chain=prerouting comment="MIVO TV" disabled=no \ dst-port=1935 new-connection-mark=mivo_tv passthrough=yes protocol=tcp add action=mark-packet chain=forward connection-mark=mivo_tv disabled=no \ new-packet-mark="MIVO TV" passthrough=no add action=mark-connection chain=game disabled=no dst-address=192.168.73.0/24 \ dst-port=40000-40010 new-connection-mark=Game passthrough=yes protocol=\ udp add action=mark-packet chain=game connection-mark=Game disabled=no \ new-packet-mark=Game_pkt passthrough=no add action=jump chain=prerouting disabled=no jump-target=game add action=mark-connection chain=game disabled=no dst-address=192.168.73.0/24 \ dst-port=40000-40010 new-connection-mark=Game passthrough=yes protocol=\ udp add action=mark-packet chain=game connection-mark=Game disabled=no \ new-packet-mark=Game_pkt passthrough=no add action=jump chain=prerouting disabled=no jump-target=game add action=mark-connection chain=forward comment="DOWNLOAD FROM PROXY" \ disabled=no in-interface=00-PUBLIC new-connection-mark=Down-Proxy \ out-interface=00-PROXY passthrough=yes protocol=tcp add action=mark-packet chain=forward connection-mark=Down-Proxy disabled=no \ in-interface=00-PUBLIC new-packet-mark=Download-Proxy out-interface=\ 00-PROXY passthrough=no protocol=tcp
    2)Cara install ulang lusca apakah sama? Masalahnya selalu ada pesan Lusca nya sudah terinstal, dan sepertinya gak bisa
    
    mohon pencerahannya yah…..
    
    Balas
budiarto
18 Maret 2013 pada 18:02

ok akan saya coba mas … klo misalkan ga pake lusca tapi pake squid bawaan ipfire core 66 itu optimal ga mas untuk proxy nya terutama untuk nge ‘hit’ nya ? … terima kasih banyak pencerahaanya … GBU mas Fazar

Balas

fazar.net

Internet, Computer, and Some Random Stuffs

Lusca Proxy Untuk IPFire

16 Komentar

Leave a Reply Batalkan balasan