• [ASK] Cara bypass captive portal untuk situs tertentu

    5
    0 Votes
    5 Posts
    2k Views
    ?

    @91X:

    sorry oot gan, ane mau Tanya, pf mikrotik ke clientnya pake apa? dstnat? mark routing?

    dstnat gan, saya cuma direct port 80/443 ke ip dan port CPortal

  • Ssl yang stabil versi berapa ?

    8
    0 Votes
    8 Posts
    2k Views
    A

    @shr_kaza:

    @91X:

    @shr_kaza:

    ini lagi percobaan 2.2.3 pke https, semua https tampilan normal. kecuali facebook. apa ada setingan tertentu untuk akses facebook ? bagi2 agan yg sdah bisa pke https untuk facebook, tolong pencerahannya

    coba masukan ke custom acl before auth:                         
    sslproxy_cert_error allow all                                                                                                           
    sslproxy_flags DONT_VERIFY_PEER

    jos markotop bos, tampilan facebook jadi oke !

    oke mantab dah  ;D

  • Port LAN dengan IP Public ==> pfSense sebagai Bridge

    5
    0 Votes
    5 Posts
    2k Views
    S

    pfsense model bridge, nyimak

  • Transparent proxy di squid3 pfsense-2.2.2-release (i386)

    5
    0 Votes
    5 Posts
    2k Views
    S

    @91X:

    @shr_kaza:

    saya sdah pke pfsense 2.2.2 squid 3 transparent, tp 1 land card

    ente brp bit? dari tsnya 32bit

    iya om, saya pke 32bit

  • Perbedaan open vpn site to site dengan road warior

    3
    0 Votes
    3 Posts
    1k Views
    G

    @DeSastro:

    Site to site kira kira :

    https://openvpn.net/index.php/access-server/section-faq-openvpn-as/server-configuration/209-how-do-i-setup-openvpn-access-server-to-use-site-to-site.html

    Road Warrior

    http://davidsduty.blogspot.com/2011/11/untangle-open-vpn-vpn-road-warrior.html

    Cara setting :

    https://forum.pfsense.org/index.php?topic=12888.0

    owh begitu, q mengerti sekarang. site to site contohnya itu kantor pusat dengan kantor cabang (server pusat vpn ke server cabang) nah kalo road warior itu misalnya user satu orang pake laptop kantor nongkrong di starbuck tangerang trus pengen buka file di server kantor di bekasi, (keren banget ni satu orang disebut warior)  ::)….tolong di koreksi.... ;D

  • [ASK] Squidguard Pfsense 2.2

    22
    0 Votes
    22 Posts
    5k Views
    A

    akhirnya SOLVED bro,
    ternyata sederhana beud, harus memasukan/membuat TARGET CATEGORIES dulu di settingan squidguardnya
    *ane test pake pf 2.2.2 squid 3.4 squidguard 1.9.14

  • Yuk..Bikin Hotspot, Login Page, User Manager, Billing di PfSense

    10
    0 Votes
    10 Posts
    6k Views
    J

    tutorialnya donk bt ane yg newbi ;D.
    edit captiveny di folder mn?
    usr/local/captive….?

  • Open VPN

    2
    0 Votes
    2 Posts
    1k Views
    P

    Sudahkah membuka referensi tutorial di subforum OpenVPN ???

  • PfSense Network Appliance

    5
    0 Votes
    5 Posts
    2k Views
    J

    mantap bro… lanjutken....  :) :) ;) dirunggu reviewnya  ;) ;) ;) ;)

    BGP blm pernah coba , kawan yg lain mungkin  dah coba

  • Cara mengisi modul LDAP pada Freeradius

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • [ASK] Bagaimana Cara Print Captive Portal Voucher

    2
    0 Votes
    2 Posts
    2k Views
    R

    TS coba link ini http://www.youtube.com/watch?v=O9D2fM883Fc, mungkin bisa membantu. thx

  • Advise Konfigurasi Jaringan

    2
    0 Votes
    2 Posts
    1k Views
    P

    Kalo saya Semua Router0 , 1, 2  Di handle hanya dengan 1 mesin pfsense.

    public server (mail, www1,www2,www3) cukup satu pc server.

    internal server (ldap, radius server, NAS) cukup satu pc server / Windows server 2012 enterprise / red….

    dengan konfigurasi seperti itu sangat mudah dalam memanage nya.

  • Butuh Bantuan untuk Pemula

    3
    0 Votes
    3 Posts
    1k Views
    Z

    masalahnya dah kelar ternyata di firewall filternya mikrotik, thanks ya rekan2

  • Help

    2
    0 Votes
    2 Posts
    1k Views
    A

    tuan, dsini indonesia, salah kamar klo pakai bahasa inggris  ;D

  • Traffic Shaper Banyak Drop

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • Pfsense 2.1.5 + NAT mikrotik TCP denied

    4
    0 Votes
    4 Posts
    2k Views
    A

    shundhul uph uph

  • Pfsense 2.1.5 NAT 1:1 tetap ke blok

    8
    0 Votes
    8 Posts
    3k Views
    P

    ya … kendala jelas di Firewall nya ..

    NAT 1:1 ...

    Karena setelah di test ternyata jalan, Topografi diatas...

    Coba gak usah pakai virtual IPs

  • Storeurl.pl youtube

    10
    0 Votes
    10 Posts
    4k Views
    A

    btw tsnya mana nih, kabur aja (tipikal org indo lagi)  ::)

  • Squid3-dev saya

    4
    0 Votes
    4 Posts
    2k Views
    A

    ada yang tahu cara backup dan restore cache ? (cache terpisah)

    yang saya alami ketika padam listrik!!

    hardisk cache yang terpisah tidak terbaca oleh system pfsense..
    sehingga harus dilakukan kembali..("squid -z" tetap tidak terbaca)!!STOP SQUIDNYA!!

    #newfs /dev/nama_hardisk_anda

    #ee /etc/fstab
    edit / tambahkan
    /dev/hardisk_anda  /nama_cache ufs rw,noatime 2 2 (save)

    #mkdir /nama_cache

    #mount -a

    #df -h (baru kebaca deh hardisk cachenya (yg terpisah)
    masuk ke GUI rubah direktory cachenya ditujukan ke hardisk terpisah ( /nama_cahe)

    #chown proxy:proxy /nama_cache

    #chmod 777 /nama_cache

    #rm -R /var/squid/cache/* (cache lama masih belum terhapus)

    #squid -z

    #reboot

    pfsense kembali normal, tapi cache yang terpisah terhapus jadi 0% terlalu.. :'(

    df -h

    Filesystem    Size    Used  Avail Capacity  Mounted on
    /dev/ad2s1a    447G    78G    333G    19%    /
    devfs          1.0k    1.0k      0B  100%    /dev
    /dev/ad1s1a    222G    234M    204G    0%    /cache
    /dev/md0      3.6M    60k    3.3M    2%    /var/run
    devfs          1.0k    1.0k      0B  100%    /var/dhcpd/dev

    ada solusi lain?..

  • (ask) masih bisa kah lusca di install di pfsense 2.1.1??

    9
    0 Votes
    9 Posts
    4k Views
    C

    2014/09/10 01:01:15| refreshAddToList: Unknown option '.(ico|video-stats)': negative-ttl=10080
    2014/09/10 01:01:15| refreshAddToList: Unknown option '^.(utm.gif|ads?|rmxads.com|ad.z5x.net|bh.contextweb.com|bstats.adbrite.com|a1.interclick.com|ad.trafficmp.com|ads.cubics.com|ad.xtendmedia.com|.googlesyndication.com|advertising.com|yieldmanager|game-advertising.com|pixel.quantserve.com|adperium.com|doubleclick.net|adserving.cpxinteractive.com|syndication.com|media.fastclick.net).': negative-ttl=40320
    2014/09/10 01:01:15| refreshAddToList: Unknown option '^.safebrowsing.google': negative-ttl=10080
    2014/09/10 01:01:15| refreshAddToList: Unknown option '^http://((cbk|mt|khm|mlt)[0-9]?).google.co(m|.uk)': negative-ttl=10080
    2014/09/10 01:01:15| refreshAddToList: Unknown option '^http://v.okezone.com/get_video/([a-zA-Z0-9])': negative-ttl=10080
    2014/09/10 01:01:15| /usr/pbi/squid-i386/etc/squid/squid.conf line 131: refresh_pattern ^http://(.?)/get_video? 10080 80% 10080 override-expire ignore-no-cache ignore-private store-stale ignore-must-revalidate
    2014/09/10 01:01:15| refreshAddToList: Invalid regular expression '^http://(.?)/get_video?': repetition-operator operand invalid
    2014/09/10 01:01:15| /usr/pbi/squid-i386/etc/squid/squid.conf line 132: refresh_pattern ^http://(.?)/videodownload? 10080 80% 10080 override-expire ignore-no-cache ignore-private store-stale ignore-must-revalidate
    2014/09/10 01:01:15| refreshAddToList: Invalid regular expression '^http://(.?)/videodownload?': repetition-operator operand invalid

    ini lagi belajar squid3-dev

    This file is automatically generated by pfSense Do not edit manually !

    http_port 192.168.0.100:3128
    http_port 127.0.0.1:3128 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-i386/etc/squid/serverkey.pem capath=/usr/pbi/squid-i386/share/certs/

    https_port 127.0.0.1:3127 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-i386/etc/squid/serverkey.pem capath=/usr/pbi/squid-i386/share/certs/

    icp_port 0
    dns_v4_first on
    pid_filename /var/run/squid.pid
    cache_effective_user proxy
    cache_effective_group proxy
    error_default_language id
    icon_directory /usr/pbi/squid-i386/etc/squid/icons
    visible_hostname proxies.fastnet.uk
    cache_mgr owner@fastnet.uk
    access_log /var/squid/logs/access.log
    cache_log /var/squid/logs/cache.log
    cache_store_log none
    netdb_filename /var/squid/logs/netdb.state
    pinger_enable off
    pinger_program /usr/pbi/squid-i386/libexec/squid/pinger
    sslcrtd_program /usr/pbi/squid-i386/libexec/squid/ssl_crtd -s /var/squid/lib/ssl_db -M 4MB -b 2048
    sslcrtd_children 5
    sslproxy_capath /usr/pbi/squid-i386/share/certs/

    logfile_rotate 0
    debug_options rotate=0
    shutdown_lifetime 3 seconds

    Allow local network(s) on interface(s)

    acl localnet src  192.168.0.0/24 192.168.1.0/24
    via off
    httpd_suppress_version_string on
    uri_whitespace strip
    dns_nameservers 127.0.0.1

    Break HTTP standard for flash videos. Keep them in cache even if asked not to.

    refresh_pattern -i .flv$ 10080 90% 999999 ignore-no-cache override-expire ignore-private

    Let the clients favorite video site through with full caching

    acl youtube dstdomain .youtube.com
    cache allow youtube
    refresh_pattern -i .flv$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
    refresh_pattern -i .mp3$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
    refresh_pattern -i .mp4$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
    refresh_pattern -i .swf$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
    refresh_pattern -i .gif$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
    refresh_pattern -i .jpg$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
    refresh_pattern -i .jpeg$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
    refresh_pattern -i .exe$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth

    1 year = 525600 mins, 1 month = 10080 mins, 1 day = 1440

    #refresh_pattern (get_video?|videoplayback?|videodownload?|.flv?) 10080 80% 10080 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims
    #refresh_pattern (get_video?|videoplayback?id|videoplayback.id|videodownload?|.flv?) 10080 80% 10080 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims
    #refresh_pattern .(ico|video-stats) 10080 80% 10080 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth override-lastmod negative-ttl=10080
    refresh_pattern .etology? 10080 80% 10080 override-expire ignore-reload ignore-no-cache
    refresh_pattern galleries.video(?|sz) 10080 80% 10080 override-expire ignore-reload ignore-no-cache
    refresh_pattern brazzers? 10080 80% 10080 override-expire ignore-reload ignore-no-cache
    refresh_pattern .adtology? 10080 80% 10080 override-expire ignore-reload ignore-no-cache
    #refresh_pattern ^.(utm.gif|ads?|rmxads.com|ad.z5x.net|bh.contextweb.com|bstats.adbrite.com|a1.interclick.com|ad.trafficmp.com|ads.cubics.com|ad.xtendmedia.com|.googlesyndication.com|advertising.com|yieldmanager|game-advertising.com|pixel.quantserve.com|adperium.com|doubleclick.net|adserving.cpxinteractive.com|syndication.com|media.fastclick.net).* 10080 20% 10080 ignore-no-cache ignore-private override-expire ignore-reload ignore-auth negative-ttl=40320 max-stale=10
    #refresh_pattern ^.safebrowsing.google 10080 80% 10080 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth negative-ttl=10080
    #refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?).google.co(m|.uk) 10080 80% 10080 override-expire ignore-reload ignore-private negative-ttl=10080
    #refresh_pattern ytimg.com..jpg 10080 80% 10080 override-expire ignore-reload
    refresh_pattern images.friendster.com..(png|gif) 10080 80% 10080 override-expire ignore-reload
    refresh_pattern garena.com 10080 80% 10080 override-expire reload-into-ims
    refresh_pattern photobucket..(jp(e?g|e|2)|tiff?|bmp|gif|png) 10080 80% 10080 override-expire ignore-reload
    refresh_pattern vid.akm.dailymotion.com..on2? 10080 80% 10080 ignore-no-cache override-expire override-lastmod
    refresh_pattern mediafire.com/images..(jp(e?g|e|2)|tiff?|bmp|gif|png) 10080 80% 10080 reload-into-ims override-expire ignore-private
    refresh_pattern ^http://images|pics|thumbs[0-9]. 10080 80% 10080 reload-into-ims ignore-no-cache ignore-reload override-expire
    refresh_pattern ^http://www.onemanga.com./ 10080 80% 10080 reload-into-ims ignore-no-cache ignore-reload override-expire
    #refresh_pattern ^http://v.okezone.com/get_video/([a-zA-Z0-9]) 10080 80% 10080 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth override-lastmod negative-ttl=10080
    refresh_pattern .speedtest/.* 10080 80% 10080 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate store-stale
    refresh_pattern code.google.com.*(svn|download) 10080 80% 10080 reload-into-ims

    Images Facebook

    refresh_pattern -i .facebook.com..(jpg|png|gif) 10080 80% 10080 ignore-reload override-expire ignore-no-cache
    refresh_pattern -i .fbcdn.net..(jpg|gif|png|swf|mp3) 10080 80% 10080 ignore-reload override-expire ignore-no-cache
    refresh_pattern static.ak.fbcdn.net*.(jpg|gif|png) 10080 80% 10080 ignore-reload override-expire ignore-no-cache
    refresh_pattern ^http://profile.ak.fbcdn.net*.(jpg|gif|png) 10080 80% 10080 ignore-reload override-expire ignore-no-cache

    Detik

    refresh_pattern -i ^http://..detik.com/ 10080 80% 10080
    refresh_pattern -i ^http://..detiknews.com/ 10080 80% 10080
    refresh_pattern -i ^http://..detikhot.com/ 10080 80% 10080
    refresh_pattern -i ^http://..detikfinance.com/ 10080 80% 10080
    refresh_pattern -i ^http://.*.detiksport.com/ 10080 80% 10080

    Game Online Update

    refresh_pattern ^http://file.pb.gemscool.com/hackshield/.* 10080 80% 10080 override-expire override-lastmod reload-into-ims store-stale
    refresh_pattern ^http://file.pb.gemscool.com/gamepatch/..(exe|dll|cab|zip) 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-auth store-stale
    refresh_pattern ^http://file.fs.gemscool.com/JCE/..(exe|dll|cab|zip) 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-auth store-stale
    refresh_pattern ^http://file.atlantica.gemscool.com/.. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-auth store-stale
    refresh_pattern ^http://122.102.49.132/..(zip|exe) 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-auth ignore-no-store store-stale
    refresh_pattern ^http://122.102.49.202/..(kom|zip|exe|stg) 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-auth ignore-no-store store-stale
    refresh_pattern ^http://..cabalonline.co.id/..(cab|zip|exe|rar|dat) 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-auth store-stale
    refresh_pattern ^http://..gemscool.com/..(cab|zip|exe|rar|dat) 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-auth store-stale
    refresh_pattern ^http://patch.crossfire.web.id/..(cab|zip|exe|rar|dat) 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-auth store-stale
    refresh_pattern (zynga|ninjasaga|mafiawars|cityville|farmville|crowdstar|spilcdn|agame|popcap|miniclip).com/. 10080 80% 10080 override-expire ignore-reload ignore-no-cache ignore-private ignore-no-store ignore-must-revalidate store-stale

    Spesific Game URL

    refresh_pattern ^http://.lytogame.com/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.megaxus.com/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.ayodance.com/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.gemscool.com/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.wavegame.net/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.playcircle.net/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.lineage2.co.id/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.roseonline.web.id/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.xshot.web.id/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.romonline.web.id/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.iahgames.co.id/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.vtconline.co.id/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.blackshotonline.com/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.speedsoft.co.id/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.ijji.com/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.mmosite.com/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

    Spesific URL

    refresh_pattern ^http://.jobstreet.com./.* 10080 80% 10080 override-expire override-lastmod ignore-no-cache store-stale ignore-must-revalidate
    refresh_pattern ^http://.indowebster.com./.* 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.21cineplex./.* 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.kompas./.* 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.blogspot.com/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.wordpress.com/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache store-stale ignore-must-revalidate
    refresh_pattern ^http://.photobucket.com/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.tinypic.com/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.imageshack.us/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.kaskus./.* 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.detik./.* 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.detiknews./. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://video.liputan6.com/.* 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://static.liputan6.com/.* 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.friendster.com/. 10080 80% 10080 override-expire override-lastmod ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    refresh_pattern ^http://.forummikrotik.com/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate

    #refresh_pattern ^http://.linux.or.id/. 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth store-stale ignore-must-revalidate
    #refresh_pattern ^http://(.?)/get_video? 10080 80% 10080 override-expire ignore-no-cache ignore-private store-stale ignore-must-revalidate
    #refresh_pattern ^http://(.?)/videodownload? 10080 80% 10080 override-expire ignore-no-cache ignore-private store-stale ignore-must-revalidate

    Update Antivirus

    refresh_pattern guru.avg.com/..(bin) 10080 80% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
    refresh_pattern avast.com..vpx 10080 80% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
    refresh_pattern (avgate|avira)..(idx|gz)$ 10080 80% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
    refresh_pattern kaspersky..avc$ 10080 80% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
    refresh_pattern kaspersky 10080 80% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
    refresh_pattern liveupdate.symantecliveupdate.com..zip 10080 80% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
    refresh_pattern .update.nai.com/..(gem|zip|mcs) 10080 80% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
    refresh_pattern .symantec.com.(exe|zip) 10080 80% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
    refresh_pattern mbamupdates.com..ref 10080 80% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale

    Update Windows

    refresh_pattern windowsupdate.com/..(cab|exe) 10080 80% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
    refresh_pattern update.microsoft.com/..(cab|exe) 10080 80% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
    refresh_pattern download.microsoft.com/.*.(cab|exe) 10080 80% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale

    Download IIX

    refresh_pattern ^http://.www[0-9][0-9].indowebster.com/(.*)(mp3|rar|zip|flv|wmv|3gp|mp(4|3)|exe|msi|zip) 10080 80% 10080 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale ignore-auth

    Banner IIX

    refresh_pattern ^http://openx..(jp(e?g|e|2)|gif|pn[pg]|swf|ico|css|tiff?) 10080 80% 10080 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale
    refresh_pattern ^http://ads(1|2|3).kompas.com./ 10080 80% 10080 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale
    refresh_pattern ^http://img.ads.kompas.com./ 10080 80% 10080 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale
    refresh_pattern .kompasimages.com..(jpg|gif|png|swf) 10080 80% 10080 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale
    refresh_pattern ^http://openx.kompas.com./ 10080 80% 10080 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale
    refresh_pattern kaskus.\us..(jp(e?g|e|2)|gif|png|swf) 10080 80% 10080 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale
    refresh_pattern ^http://img.kaskus.us..(jpg|gif|png|swf) 10080 80% 10080 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale
    refresh_pattern ^http://img.gemscool.com..(jpg|gif|png|swf) 10080 80% 10080 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale
    refresh_pattern ^http://img.pb.gemscool.com..(jpg|gif|png|swf) 10080 80% 10080 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale
    refresh_pattern ^http://img.atlantica.gemscool.com..(jpg|gif|png|swf) 10080 80% 10080 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale
    refresh_pattern ^http://img.fs.gemscool.com..(jpg|gif|png|swf) 10080 80% 10080 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale
    refresh_pattern ^http://img.vivanews.com..(jpg|gif|png|swf) 10080 80% 10080 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale

    All File

    refresh_pattern -i .(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
    refresh_pattern -i .(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
    refresh_pattern -i .(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
    refresh_pattern -i .(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
    refresh_pattern -i .(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
    refresh_pattern -i (/cgi-bin/|?) 0 0% 0
    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern ^ftp: 10080 95% 10080 override-lastmod reload-into-ims
    refresh_pattern . 1440 95% 10080 override-lastmod reload-into-ims

    cache_mem 256 MB
    maximum_object_size_in_memory 64 KB
    memory_replacement_policy heap GDSF
    cache_replacement_policy heap LFUDA
    cache_dir aufs /var/squid/cache 100000 64 256
    minimum_object_size 8 KB
    maximum_object_size 512000 KB
    offline_mode off
    cache_swap_low 90
    cache_swap_high 95
    cache allow all

    Add any of your own refresh_pattern entries above these.

    refresh_pattern ^ftp:    1440  20%  10080
    refresh_pattern ^gopher:  1440  0%  1440
    refresh_pattern -i (/cgi-bin/|?) 0  0%  0
    refresh_pattern .    0  20%  4320

    No redirector configured

    #Remote proxies

    Setup some default acls From 3.2 further configuration cleanups have been done to make things easier and safer. The manager, localhost, and to_localhost ACL definitions are now built-in. acl localhost src 127.0.0.1/32

    acl allsrc src all
    acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 666 3128 3127 1025-65535
    acl sslports port 443 563 666

    From 3.2 further configuration cleanups have been done to make things easier and safer. The manager, localhost, and to_localhost ACL definitions are now built-in.

    #acl manager proto cache_object

    acl purge method PURGE
    acl connect method CONNECT

    Define protocols used for redirects

    acl HTTP proto HTTP
    acl HTTPS proto HTTPS
    acl blacklist dstdom_regex -i "/var/squid/acl/blacklist.acl"
    http_access allow manager localhost

    Allow external cache managers

    acl ext_manager src 127.0.0.1
    http_access allow manager ext_manager

    http_access deny manager
    http_access allow purge localhost
    http_access deny purge
    http_access deny !safeports
    http_access deny CONNECT !sslports

    Always allow localhost connections From 3.2 further configuration cleanups have been done to make things easier and safer. The manager, localhost, and to_localhost ACL definitions are now built-in. http_access allow localhost

    quick_abort_min -1 KB
    quick_abort_max 0 KB
    request_body_max_size 0 KB
    reply_body_max_size 400000 KB allsrc
    delay_pools 1
    delay_class 1 2
    delay_parameters 1 -1/-1 -1/-1
    delay_initial_bucket_level 100

    Throttle extensions matched in the url

    acl throttle_exts urlpath_regex -i "/var/squid/acl/throttle_exts.acl"
    delay_access 1 allow throttle_exts
    delay_access 1 deny allsrc

    Reverse Proxy settings

    http_port 192.168.0.100:80 accel defaultsite=192.168.1.1 vhost
    https_port 192.168.0.100:443 accel cert=/usr/pbi/squid-i386/etc/squid/540d30ca51b31.crt key=/usr/pbi/squid-i386/etc/squid/540d30ca51b31.key defaultsite=192.168.1.1 vhost

    deny_info TCP_RESET allsrc

    Custom options before auth Block access to blacklist domains

    http_access deny blacklist

    Setup allowed acls Allow local network(s) on interface(s)

    http_access allow localnet

    Default block all to be sure

    http_access deny allsrc

    itu kenapa ya bang ?

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.