UNTUK GAME ONLINE MASUK SINI !!!!!!!!!
-
sdh di try tp ttp aja lambat. terutama pada saat start awal update..lambat bgt kdg2 malas nerusinnya.
nb: spec kompi utk game ini p4 3.0, ram 512mb, vga gf 6200, hd 60gb ide paket spidi up to 1mb.maksudnya lambat game onlinenya bukan .. patah2 ini bukan dari proxy atau laian2 spec hardware kurang mendukung.
coba aja spec ini :D
MainBoard ECS
Intel Pentium 2.6 - 3.0
RAM 1 GB
HD 80 GByang penting dalam game online dibutuhkan AGP atau PCI exprees yang support Pixelshardered … kalau nggak support jangan harap game bisa lancar.
AGP / PCI EXP 256 MB
Dijamin kencang tanpa putus2 :D
selamat mencoba
gf 6200a 256 MB… kl sdh masuk lancar aja gan.. cuma loading pertama itu loh lambat bgt.. setiap pake harus pake update dulu nih Point Blank. nah lambatnya di update itu. padahal kan seharusnya update hari ini tersimpan di cache proxy and tentunya client yang mau ake PB updatenya kan langsung ambil dari server proxy aja agar cepat. tetapi kenyataannya tidak begitu..lambat bgt..knp ya ?? pls help me dgn pencerahannya.
kalo patah2 sih ga bos. -
sdh di try tp ttp aja lambat. terutama pada saat start awal update..lambat bgt kdg2 malas nerusinnya.
nb: spec kompi utk game ini p4 3.0, ram 512mb, vga gf 6200, hd 60gb ide paket spidi up to 1mb.maksudnya lambat game onlinenya bukan .. patah2 ini bukan dari proxy atau laian2 spec hardware kurang mendukung.
coba aja spec ini :D
MainBoard ECS
Intel Pentium 2.6 - 3.0
RAM 1 GB
HD 80 GByang penting dalam game online dibutuhkan AGP atau PCI exprees yang support Pixelshardered … kalau nggak support jangan harap game bisa lancar.
AGP / PCI EXP 256 MB
Dijamin kencang tanpa putus2 :D
selamat mencoba
gf 6200a 256 MB… kl sdh masuk lancar aja gan.. cuma loading pertama itu loh lambat bgt.. setiap pake harus pake update dulu nih Point Blank. nah lambatnya di update itu. padahal kan seharusnya update hari ini tersimpan di cache proxy and tentunya client yang mau ake PB updatenya kan langsung ambil dari server proxy aja agar cepat. tetapi kenyataannya tidak begitu..lambat bgt..knp ya ?? pls help me dgn pencerahannya.
kalo patah2 sih ga bos.Ini menyebabkan update PB tidak tersimpan di cache … hilangkan saja ..
acl game dst 203.89.146.0/24
always_direct allow game -
Ini menyebabkan update PB tidak tersimpan di cache … hilangkan saja ..
acl game dst 203.89.146.0/24
always_direct allow gamejadi dengan mengisi:
acl game dst 203.89.146.0/24
always_direct allow game
di Proxy server: General settings: Custom Options menyebabkan update PB tidak tersimpan di cache ya ?
kalau begitu sy coba hilangkan ya om -
Tolong di cek ya ohmm….....
squid.conf seperti ini :Do not edit manually !
http_port 192.168.11.2:3128 transparent
http_port 127.0.0.1:80 transparent
icp_port 0pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/English
icon_directory /usr/local/etc/squid/icons
visible_hostname localhost
cache_mgr admin@localhost
access_log /var/squid/logs/access.log
cache_log /var/squid/logs/cache.log
cache_store_log none
logfile_rotate 1
shutdown_lifetime 5 secondsAllow local network(s) on interface(s)
acl localnet src 192.168.11.0/255.255.255.0
uri_whitespace strip
dns_nameservers 127.0.0.1 192.168.11.2 203.130.206.250 203.130.193.74 8.8.8.8cache_mem 15 MB
maximum_object_size_in_memory 50 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDAcache_dir aufs /var/squid/cache 200000 16 256
minimum_object_size 15 KB
maximum_object_size 10 MB
offline_mode off
cache_swap_low 90
cache_swap_high 95No redirector configured
Setup some default acls
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 3128 1025-65535
acl sslports port 443 563
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
#acl dynamic urlpath_regex cgi-bin ?
include /usr/local/etc/squid/include.conf
acl allowed_subnets src 192.168.11.0/24
#cache deny dynamic
http_access allow manager localhostAllow external cache managers
acl ext_manager_1 src 192.168.1.1
http_access allow manager ext_manager_1http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslportsAlways allow localhost connections
http_access allow localhost
request_body_max_size 0 allow all
reply_body_max_size 0 deny allCustom options
acl game dst 203.89.146.0/24always_direct allow game
Allow local network(s) on interface(s)
http_access allow localnet
http_access allow allowed_subnetsDefault block all to be sure
http_access deny all
apa kemungkinan:
cache_mem 15 MB
maximum_object_size_in_memory 50 KB
minimum_object_size 15 KB
maximum_object_size 10 MB
terlalu kecil ?dan juga ini:
uname -a
FreeBSD proxyku.local 7.2-RELEASE-p5 FreeBSD 7.2-RELEASE-p5 #0: Sun Dec 6 22:57:48 EST 2009 sullrich@FreeBSD_7.2_pfSense_1.2.3_snaps.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense.7 i386
squidclient -p 80 cache_object://192.168.11.2/info
HTTP/1.0 200 OK
Server: Lusca/LUSCA r14804 patched: chudy r12.13
Date: Mon, 01 Nov 2010 03:19:34 GMT
Content-Type: text/plain
Expires: Mon, 01 Nov 2010 03:19:34 GMT
X-Cache: MISS from localhost
Via: 1.0 localhost:3128 (Lusca/LUSCA r14804 patched: chudy r12.13)
Connection: closeSquid Object Cache: Version LUSCA r14804 patched: chudy r12.13
Start Time: Mon, 01 Nov 2010 01:23:21 GMT
Current Time: Mon, 01 Nov 2010 03:19:34 GMT
Connection information for squid:
Number of clients accessing cache: 6
Number of HTTP requests received: 12562
Number of ICP messages received: 0
Number of ICP messages sent: 0
Number of queued ICP replies: 0
Request failure ratio: 0.00
Average HTTP requests per minute since start: 108.1
Average ICP messages per minute since start: 0.0
Select loop called: 402421 times, 17.327 ms avg
Cache information for squid:
Request Hit Ratios: 5min: 8.2%, 60min: 6.9%
Byte Hit Ratios: 5min: 39.3%, 60min: 49.4%
Request Memory Hit Ratios: 5min: 0.0%, 60min: 0.0%
Request Disk Hit Ratios: 5min: 78.1%, 60min: 90.1%
Storage Swap size: 3963976 KB
Storage Mem size: 9016 KB
Mean Object Size: 96.42 KB
Requests given to unlinkd: 0
Median Service Times (seconds) 5 min 60 min:
HTTP Requests (All): 0.44492 0.46965
Cache Misses: 0.55240 0.52331
Cache Hits: 0.00865 0.01235
Near Hits: 0.00000 0.00000
Not-Modified Replies: 0.00091 0.00000
DNS Lookups: 0.10906 0.05313
ICP Queries: 0.00000 0.00000
Resource usage for squid:
UP Time: 6972.593 seconds
CPU Time: 38.003 seconds
CPU Usage: 0.55%
CPU Usage, 5 minute avg: 0.80%
CPU Usage, 60 minute avg: 0.68%
Process Data Segment Size via sbrk(): 0 KB
Maximum Resident Size: 33900 KB
Page faults with physical i/o: 5
Memory accounted for:
Total accounted: 12594 KB
memPoolAlloc calls: 2049247
memPoolFree calls: 1955202
File descriptor usage for squid:
Maximum number of file descriptors: 58982
Largest file desc currently in use: 203
Number of file desc currently in use: 178
Files queued for open: 0
Available number of file descriptors: 58804
Reserved number of file descriptors: 100
Store Disk files open: 1
IO loop method: kqueue
Internal Data Structures:
41186 StoreEntries
363 StoreEntries with MemObjects
351 Hot Object Cache Items
41111 on-disk objectssorry ya om nungkin terlalu panjang.. tapi saya ingin supaya jelas, krn bs jadi di settingan squid yg salah.
thanx mohon bimbingan dari senior ;D -
dns_nameservers 127.0.0.1 –--> biar dns forwarder kepakai ..
cache_dir aufs /var/squid/cache 200000 16 256 ---> kalau bisa jangan dicampur system -
Om yg pinter semua..
Kalo aku buang acl game dst 203.89.146.0/24 always_direct allow game
proxy transparentnya gax jalan jugaMalah sekarang aku harus paket proxy manual di browser client..
Aku pengennnya Transparent dan GOL nya jalan..
Tolong pencerahan om..
Sebelumnya Lancar kira2 15 hari pemaikaian Gax jalan lagi.. ( Kalo proxy Transparent nya di conteng GOL nya Gak Jalan.. maunya pake proxy manual di clients.)
-
coba cek
/tmp/rules.debugOm yg pinter semua..
Kalo aku buang acl game dst 203.89.146.0/24 always_direct allow game
proxy transparentnya gax jalan jugaMalah sekarang aku harus paket proxy manual di browser client..
Aku pengennnya Transparent dan GOL nya jalan..
Tolong pencerahan om..
Sebelumnya Lancar kira2 15 hari pemaikaian Gax jalan lagi.. ( Kalo proxy Transparent nya di conteng GOL nya Gak Jalan.. maunya pake proxy manual di clients.)
-
Ada yg bisa bantu Om om tw mungkin Tante : aku dh install lusca dan berjalan normal dengan tranparent proxy aku conteng.. pas aku main point blank ko gx mw konek.. aku gax conteng tranparent nya jalan.. tp aku pengen pake tranparent bagai mana cara seting biar jalan poin blanknya..
terima kasih.. yg mau membantu
Thank You
-
Kenapa gak coba, squid 2.7.9.4 aja.. tanpa lusca…..
Khusus game point blank.. gak ada kendala..
namun.. kalo ada yg main rohan. harus di rdr ip nya.. masukin.. aja..coba deh.. ::)
-
pake lusca jg ga masalah tanpa ini –>acl game dst 203.89.146.0/24. hanya buka portnya aja.
tp klo di tempat sy masalahnya klo pake proxy filter block porno aktif PB mental... ga mau masuk -
poscom tolong cara buka portnya gemana….?
-
poscom tolong cara buka portnya gemana….?
buka port biasa dr rules tp intalan lusca jangan di tambah2in (oprek dan aplikasi pkg lainnya sperti proxy filter) biasa aja.
Luna,PB,ayo dance,atlantica,dotta lancar.klo config sy ga pake apa2 karena sy jg belum paham pake yg lain lainnya:
http_port 110.1xx.x.x:3128 http11 transparent
http_port 127.0.0.1:80 http11 transparent
icp_port 0pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/English
icon_directory /usr/local/etc/squid/icons
visible_hostname sorrow
cache_mgr sorrowdee@yahoo.com
access_log /var/squid/logs/access.log
cache_log /var/squid/logs/cache.log
cache_store_log none
logfile_rotate 1
shutdown_lifetime 0 secondsAllow local network(s) on interface(s)
acl localnet src 110.1xx.x.0/255.255.255.0
server_http11 on
uri_whitespace strip
dns_nameservers 127.0.0.1cache_mem 128 MB
maximum_object_size_in_memory 64 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDAcache_dir aufs /var/squid/cache 80000 16 256
minimum_object_size 0 KB
maximum_object_size 50 MB
offline_mode off
cache_swap_low 97
cache_swap_high 98No redirector configured
Setup some default acls
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 99 3128 1025-65535
acl sslports port 443 563 99
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl partialcontent_req req_header Range .*
#acl dynamic urlpath_regex cgi-bin ?
include /usr/local/etc/squid/include.conf
acl allowed_subnets src 110.1xx.x.0/24
#cache deny dynamic
http_access allow manager localhostAllow external cache managers
acl ext_manager_1 src 192.168.1.1
http_access allow manager ext_manager_1http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslportsAlways allow localhost connections
http_access allow localhost
quick_abort_min 32 KB
quick_abort_max 128 KB
quick_abort_pct 75
range_offset_limit 0 MB
request_body_max_size 0 allow all
reply_body_max_size 0 deny alldelay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100Throttle extensions matched in the url
acl throttle_exts urlpath_regex -i "/var/squid/acl/throttle_exts.acl"
delay_access 1 allow throttle_exts
delay_access 1 deny allCustom options
zph_mode tos
zph_local 0x04
zph_parent 0
zph_option 136Allow local network(s) on interface(s)
http_access allow localnet
http_access allow allowed_subnetsDefault block all to be sure
http_access deny all
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
spek LUSCA dan 13User : AMD Athlon 64 X2 Dual Core Processor 4800+ PCI exp 256MB, ram 1gb.klo lusca ram2gb
sy pasang 1 mega paket shared 202.51.207.27 Rp.750rb.dan yg satunya paket 1mega spidol spek LUSCA dan user pc-chip onboard ram 512mb, klo lusca2gb. 10user bisa juga
-
ping Ijo –-> Gipangdee
ini yg maen lagi rame
![PB ping ijo.JPG](/public/imported_attachments/1/PB ping ijo.JPG)
![PB ping ijo.JPG_thumb](/public/imported_attachments/1/PB ping ijo.JPG_thumb) -
hanya menambahkan saja
untuk games, klo bandwidth kita kecil kita harus di manage cekek buat browsing,download dll.. pentingkan untuk games
liat pembagiannya misal 1mb speedy untuk berapa client user?… test dulu, kebagi ga? klo ga kebagi berarti kecilkan untuk browser (kalo perlu ga bisa browsing... he..he..)
makanya kalo awal runing lusca buka aja dulu biar cepet banyak cachenya, tar baru di throttle (limit per user)test yang dibawah ini:
delay_pools
delay_body
throttle ...seperti pak moderator bilang spek hardware vga dll disisi client penting. di cache juga penting.
karena walaupun ping hijau di PB klo spek vga kurang (apalagi onboard) maen nyangkut terus.... -
gan, di warnet ane banyak yang main seafight, biar loadingnya cepet gmn ngaturnya ya? lusca g bisa neg cache seafight ya? kl youtube bisa di cache.
-
untuk bagi bandwitchnya gmna yach antara game, browsing ma download…
supaya semuanya kebagian sesuai porsinya..
terima kasih.. -
Untuk rekan2 newbie yg menggunakan squid transparent gagal patch ayodance harap dicoba cara ini menggunakan putty console
squidclient -p 80 -m PURGE http://122.102.49.132/audition/Update.ini
semoga bermanfaat
suskes pfsense indonesia -
Tambahan lagi … Untuk rekan2 newbie yg menggunakan squid transparent gagal patch crossfire atau ada error spt gmbr dibawah ini :
harap dicoba cara ini menggunakan putty consolesquidclient -p 80 -m PURGE http://patch.crossfire.web.id/download/version.ini
semoga bermanfaat
suskes pfsense indonesia
-
Tambahan lagi … Untuk rekan2 newbie yg menggunakan squid transparent gagal patch sealindo harap dicoba cara ini menggunakan putty console
squidclient -p 80 -m PURGE http://patch.sealindo.com/patch/normal/version.ini
semoga bermanfaat
suskes pfsense indonesia -
bro… saya sdh ikutin settingan dari halaman pertama.. agar kita tau lusca sudah berjalan dengan baik, caranya bagaimana>
Om_antoDIGIT tolong diterawang file /tmp/rules.debug saya doong.
#System aliases
loopback = "{ lo0 }"
WAN = "{ pppoe0 }"
LAN = "{ rl0 }"#SSH Lockout Table
table <sshlockout>persist
table <webconfiguratorlockout>persist
#pfSnortSam tables
table <snort2c>table <pfsnortsamout>table <pfsnortsamin>table <virusprot># User Aliases
Port_game_TCP = "{ 18900:18910 1818 39100:39220 49100 40000:40010 7777 19101 27780 29000 22100 5121 6000:6152 2001 9601:9602 8085 11011:11041 13413 19000 5105 10009 5340:5352 6000:6001 29200 10402 9600 15000:15002 16402:16502 3010 11031 4300 11005 6900 6112 14800 23800 13008:13009 16666 28012 5126 15001:15002 12011 12110 1202 7341:7350 7451 8421 6215:6217 12009 14004 }"
Port_game_UDP = "{ 40000:40010 9601:9602 11100:11125 11440:11460 12110 15002 7808:30000 12020:12080 13000:13080 42051:42052 }"Gateways
GWwan = " route-to ( pppoe0 125.161.156.1 ) "
set loginterface rl0
set optimization normal
set limit states 46000
set limit src-nodes 46000set skip on pfsync0
scrub in on $WAN all fragment reassemble
scrub in on $LAN all fragment reassemblenat-anchor "natearly/"
nat-anchor "natrules/"Outbound NAT rules
Subnets to NAT
tonatsubnets = "{ 192.168.222.0/29 127.0.0.0/8 }"
nat on $WAN from $tonatsubnets port 500 to any port 500 -> 125.161.159.233/32 port 500
nat on $WAN from $tonatsubnets to any -> 125.161.159.233/32 port 1024:65535Load balancing anchor
rdr-anchor "relayd/*"
TFTP proxy
rdr-anchor "tftp-proxy/*"
table <direct_networks>{ 125.161.159.233/32 192.168.222.0/29 }Setup Squid proxy redirect
rdr on rl0 proto tcp from any to !(rl0) port 80 -> 127.0.0.1 port 80
UPnPd rdr anchor
rdr-anchor "miniupnpd"
anchor "relayd/*"
#–-------------------------------------------------------------------------default deny rules
#---------------------------------------------------------------------------
block in log all label "Default deny rule"
block out log all label "Default deny rule"We use the mighty pf, we cannot be fooled.
block quick proto { tcp, udp } from any port = 0 to any
block quick proto { tcp, udp } from any to any port = 0Block all IPv6
block in quick inet6 all
block out quick inet6 allpfSnortSam
block quick from <snort2c>to any label "Block snort2c hosts"
block quick from any to <snort2c>label "Block snort2c hosts"
block quick from <pfsnortsamout>to any label "Block pfSnortSamOut hosts"
block quick from any to <pfsnortsamin>label "Block pfSnortSamIn hosts"SSH lockout
block in log quick proto tcp from <sshlockout>to any port 22 label "sshlockout"
webConfigurator lockout
block in log quick proto tcp from <webconfiguratorlockout>to any port 80 label "webConfiguratorlockout"
block in quick from <virusprot>to any label "virusprot overload table"
table <bogons>persist file "/etc/bogons"block bogon networks
http://www.cymru.com/Documents/bogon-bn-nonagg.txt
block in log quick on $WAN from <bogons>to any label "block bogon networks from WAN"
antispoof for pppoe0block anything from private networks on interfaces with the option set
antispoof for $WAN
block in log quick on $WAN from 10.0.0.0/8 to any label "block private networks from wan block 10/8"
block in log quick on $WAN from 127.0.0.0/8 to any label "block private networks from wan block 127/8"
block in log quick on $WAN from 172.16.0.0/12 to any label "block private networks from wan block 172.16/12"
block in log quick on $WAN from 192.168.0.0/16 to any label "block private networks from wan block 192.168/16"
antispoof for rl0loopback
pass in on $loopback all label "pass loopback"
pass out on $loopback all label "pass loopback"let out anything from the firewall host itself and decrypted IPsec traffic
pass out all keep state allow-opts label "let out anything from firewall host itself"
pass out route-to ( pppoe0 125.161.156.1 ) from 125.161.159.233 to !125.161.159.233/32 keep state allow-opts label "let out anything from firewall host itself"make sure the user cannot lock himself out of the webConfigurator or SSH
pass in quick on rl0 proto tcp from any to (rl0) port { 80 22 } keep state label "anti-lockout rule"
User-defined rules follow
pass out proto udp from any to any queue (qVoIP) label "USER_RULE: DiffServ/Lowdelay/Upload"
pass out proto tcp from any to any port 6880 >< 7000 queue (qP2P) label "USER_RULE: m_P2P BitTorrent outbound"
pass out proto udp from any to any port 6880 >< 7000 queue (qP2P) label "USER_RULE: m_P2P BitTorrent outbound"
pass out proto tcp from any to any port 3389 queue (qOthersDefault,qACK) label "USER_RULE: m_Other MSRDP outbound"
pass out proto tcp from any to any port 5899 >< 5931 queue (qOthersDefault,qACK) label "USER_RULE: m_Other VNC outbound"
pass out proto tcp from any to any port 3283 queue (qOthersDefault,qACK) label "USER_RULE: m_Other AppleRemoteDesktop1 outbound"
pass out proto tcp from any to any port 5900 queue (qOthersDefault,qACK) label "USER_RULE: m_Other AppleRemoteDesktop2 outbound"
pass out proto udp from any to any port 3283 queue (qOthersDefault) label "USER_RULE: m_Other AppleRemoteDesktop3 outbound"
pass out proto udp from any to any port 5900 queue (qOthersDefault) label "USER_RULE: m_Other AppleRemoteDesktop4 outbound"
pass out proto tcp from any to any port 5631 queue (qOthersDefault,qACK) label "USER_RULE: m_Other pcany1 outbound"
pass out proto udp from any to any port 5632 queue (qOthersDefault) label "USER_RULE: m_Other pcany2 outbound"
pass out proto tcp from any to any port 6666 >< 6671 queue (qOthersDefault,qACK) label "USER_RULE: m_Other IRC outbound"
pass out proto tcp from any to any port 5222 queue (qOthersDefault,qACK) label "USER_RULE: m_Other IRC outbound"
pass out proto tcp from any to any port 5223 queue (qOthersDefault,qACK) label "USER_RULE: m_Other IRC outbound"
pass out proto tcp from any to any port 5269 queue (qOthersDefault,qACK) label "USER_RULE: m_Other IRC outbound"
pass out proto tcp from any to any port 5190 queue (qOthersDefault,qACK) label "USER_RULE: m_Other ICQ1 outbound"
pass out proto udp from any to any port 5190 queue (qOthersDefault) label "USER_RULE: m_Other ICQ2 outbound"
pass out proto tcp from any to any port 5190 queue (qOthersDefault,qACK) label "USER_RULE: m_Other AIM outbound"
pass out proto tcp from any to any port 1863 queue (qOthersDefault,qACK) label "USER_RULE: m_Other MSN1 outbound"
pass out proto tcp from any to any port 6890 >< 6901 queue (qOthersDefault,qACK) label "USER_RULE: m_Other MSN2 outbound"
pass out proto tcp from any to any port 6901 queue (qOthersDefault,qACK) label "USER_RULE: m_Other MSN3 outbound"
pass out proto udp from any to any port 6901 queue (qOthersDefault) label "USER_RULE: m_Other MSN4 outbound"
pass out proto tcp from any to any port 14534 queue (qOthersDefault,qACK) label "USER_RULE: m_Other teamspeak1 outbound"
pass out proto tcp from any to any port 51234 queue (qOthersDefault,qACK) label "USER_RULE: m_Other teamspeak2 outbound"
pass out proto udp from any to any port 8766 >< 8769 queue (qOthersDefault) label "USER_RULE: m_Other teamspeak3 outbound"
pass out proto tcp from any to any port 1723 queue (qOthersDefault,qACK) label "USER_RULE: m_Other PPTP outbound"
pass out proto gre from any to any queue (qOthersDefault) label "USER_RULE: m_Other PPTPGRE outbound"
pass out proto udp from any to any port 500 queue (qOthersDefault) label "USER_RULE: m_Other IPSEC outbound"
pass out proto ah from any to any queue (qOthersDefault) label "USER_RULE: m_Other IPSEC outbound"
pass out proto esp from any to any queue (qOthersDefault) label "USER_RULE: m_Other IPSEC outbound"
pass out proto tcp from any to any port 7999 >< 8101 queue (qOthersDefault,qACK) label "USER_RULE: m_Other STREAMINGMP3 outbound"
pass out proto tcp from any to any port 554 queue (qOthersDefault,qACK) label "USER_RULE: m_Other RTSP1 outbound"
pass out proto tcp from any to any port 80 queue (qOthersHigh,qACK) label "USER_RULE: m_Other HTTP outbound"
pass out proto tcp from any to any port 443 queue (qOthersHigh,qACK) label "USER_RULE: m_Other HTTPS outbound"
pass out proto tcp from any to any port 25 queue (qOthersLow,qACK) label "USER_RULE: m_Other SMTP outbound"
pass out proto tcp from any to any port 110 queue (qOthersLow,qACK) label "USER_RULE: m_Other POP3 outbound"
pass out proto tcp from any to any port 143 queue (qOthersLow,qACK) label "USER_RULE: m_Other IMAP outbound"
pass out proto tcp from any to any port 1352 queue (qOthersLow,qACK) label "USER_RULE: m_Other LotusNotes1 outbound"
pass out proto udp from any to any port 1352 queue (qOthersLow) label "USER_RULE: m_Other LotusNotes2 outbound"
pass out proto tcp from any to any port 53 queue (qOthersHigh,qACK) label "USER_RULE: m_Other DNS1 outbound"
pass out proto udp from any to any port 53 queue (qOthersHigh) label "USER_RULE: m_Other DNS2 outbound"
pass out inet proto icmp from any to any queue (qOthersDefault) label "USER_RULE: m_Other ICMP outbound"
pass out proto tcp from any to any port 445 queue (qOthersDefault,qACK) label "USER_RULE: m_Other SMB1 outbound"
pass out proto tcp from any to any port 136 >< 140 queue (qOthersDefault,qACK) label "USER_RULE: m_Other SMB2 outbound"
pass out proto tcp from any to any port 161 queue (qOthersDefault,qACK) label "USER_RULE: m_Other SNMP outbound"
pass out proto udp from any to any port 161 queue (qOthersDefault) label "USER_RULE: m_Other SNMP2 outbound"
pass out proto tcp from any to any port 3306 queue (qOthersDefault,qACK) label "USER_RULE: m_Other MySQL1 outbound"
pass out proto tcp from any to any port 119 queue (qOthersDefault,qACK) label "USER_RULE: m_Other NNTP1 outbound"
pass out proto udp from any to any port 119 queue (qOthersDefault) label "USER_RULE: m_Other NNTP2 outbound"
pass out proto tcp from any to any port 5999 queue (qOthersDefault,qACK) label "USER_RULE: m_Other cvsup outbound"
pass out proto tcp from any to any port 5001 queue (qOthersDefault,qACK) label "USER_RULE: m_Other Slingbox1 outbound"
pass out proto udp from any to any port 5001 queue (qOthersDefault) label "USER_RULE: m_Other Slingbox2 outbound"
pass out proto tcp from any to any port 3000 queue (qOthersDefault,qACK) label "USER_RULE: m_Other HBCI outbound"
pass in quick on $LAN proto tcp from any to any port 1972 flags S/SA keep state queue (qOthersHigh) label "USER_RULE: e-trading"
pass in quick on $LAN proto { tcp udp } from any to any port 53 keep state queue (qOthersHigh) label "USER_RULE: dns"
pass in quick on $LAN proto { tcp udp } from any to any port 5060 keep state queue (qVoIP) label "USER_RULE: nimbuzz"
pass in quick on $LAN proto udp from any to any port 4999 >< 5011 keep state queue (qVoIP) label "USER_RULE: Voice Chat "
pass in quick on $LAN proto { tcp udp } from any to any port 8877 keep state queue (qVoIP) label "USER_RULE: skype"
pass in quick on $LAN proto tcp from any to any port $Port_game_TCP flags S/SA keep state queue (qGames) label "USER_RULE"
pass in quick on $LAN proto udp from any to any port $Port_game_UDP keep state queue (qGames) label "USER_RULE"
pass in quick on $LAN proto tcp from 192.168.222.0/29 to any port 80 flags S/SA keep state queue (qOthersHigh) label "USER_RULE: http not hit s"
pass in quick on $LAN inet proto icmp from 192.168.222.0/29 to any keep state queue (qOthersLow) label "USER_RULE"
pass in quick on $LAN proto tcp from 192.168.222.0/29 to any port 81 flags S/SA keep state queue (qOthersDefault) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from any to any port 20 keep state queue (qOthersDefault) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from any to any port 21 keep state queue (qOthersHigh) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from any to any port 22 keep state queue (qOthersLow) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from any to any port 23 keep state queue (qOthersLow) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from 192.168.222.0/29 to any port 25 keep state queue (qOthersLow) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from 192.168.222.0/29 to any port 465 keep state queue (qOthersLow) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from 192.168.222.0/29 to any port 993 keep state queue (qOthersLow) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from 192.168.222.0/29 to any port 587 keep state queue (qOthersLow) label "USER_RULE: smtp"
pass in quick on $LAN proto { tcp udp } from 192.168.222.0/29 to any port 110 keep state queue (qOthersLow) label "USER_RULE"
pass in quick on $LAN proto tcp from 192.168.222.0/29 to any port 443 flags S/SA keep state queue (qOthersHigh) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from 192.168.222.0/29 to any port 143 keep state queue (qOthersLow) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from 192.168.222.0/29 to any port 1755 keep state queue (qOthersLow) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from 192.168.222.0/29 to any port 7000 keep state queue (qOthersLow) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from 192.168.222.0/29 to any port 993 keep state queue (qOthersLow) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from 192.168.222.0/29 to any port 123 keep state queue (qOthersLow) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from 192.168.222.0/29 to any port 161 keep state queue (qOthersLow) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from 192.168.222.0/29 to any port 3000 keep state queue (qOthersLow) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from any to any port 5050 keep state queue (qOthersDefault) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from any to any port 8000 >< 8003 keep state queue (qOthersLow) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from any to any port 4999 >< 5002 keep state queue (qVoIP) label "USER_RULE"
pass in quick on $LAN proto tcp from any to any port 5099 >< 5102 flags S/SA keep state queue (qOthersHigh) label "USER_RULE"
pass in quick on $LAN proto { tcp udp } from 192.168.222.0/29 to any port 58999 >< 61000 keep state queue (qP2P) label "USER_RULE: alokasi port utk P2P"
block in quick on $LAN proto { tcp udp } from 192.168.222.0/29 port 9666 to any label "USER_RULE"
block in quick on $LAN proto { tcp udp } from 192.168.222.0/29 port 8084 to any label "USER_RULE"VPN Rules
anchor "tftp-proxy/*"
Setup squid pass rules for proxy
pass in quick on rl0 proto tcp from any to !(rl0) port 80 flags S/SA keep state
pass in quick on rl0 proto tcp from any to !(rl0) port 3128 flags S/SA keep state</bogons></bogons></virusprot></webconfiguratorlockout></sshlockout></pfsnortsamin></pfsnortsamout></snort2c></snort2c></direct_networks></virusprot></pfsnortsamin></pfsnortsamout></snort2c></webconfiguratorlockout></sshlockout>Mohon Pencerahannya
tks…