Butuh Bantuan untuk Pemula

zedn

Greeting all pfsense master,

butuh bantuan ni gan pfsense+mikrotik  untuk squid.conf:

Do not edit manually !

http_port 192.168.2.2:3128
http_port 127.0.0.1:3128 transparent
icp_port 0

pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/pbi/squid-i386/etc/squid/errors/English
icon_directory /usr/pbi/squid-i386/etc/squid/icons
visible_hostname zednet
cache_mgr zednet@zednet
access_log /dev/null
cache_log /var/squid/logs/cache.log
cache_store_log none
logfile_rotate 0
shutdown_lifetime 3 seconds

Allow local network(s) on interface(s)

acl localnet src  192.168.2.0/255.255.255.252
uri_whitespace strip

cache_mem 1024 MB
maximum_object_size_in_memory 128 KB
memory_replacement_policy heap LFUDA
cache_replacement_policy heap LFUDA
cache_dir aufs /var/squid/cache 70000 16 256
minimum_object_size 0 KB
maximum_object_size 256000 KB
offline_mode off
cache_swap_low 90
cache_swap_high 95

No redirector configured

Setup some default acls

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 100 3128 1025-65535 80
acl sslports port 443 563 100 443
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin ?
acl allowed_subnets src 192.168.1.0/28 192.168.2.0/30
cache deny dynamic
http_access allow manager localhost

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

Always allow localhost connections

http_access allow localhost

request_body_max_size 0 KB
reply_body_max_size 0 deny all
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
delay_access 1 allow all

Custom options

tcp_outgoing_tos 0x30 all
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136

Setup allowed acls

Allow local network(s) on interface(s)

http_access allow allowed_subnets
http_access allow localnet

Default block all to be sure

http_access deny all

pas browsing keluar :
ERROR
The requested URL could not be retrieved
While trying to process the request:
GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:33.0) Gecko/20100101 Firefox/33.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive
The following error was encountered:
Invalid Request
Some aspect of the HTTP Request is invalid. Possible problems:
Missing or unknown request method
Missing URL
Missing HTTP Identifier (HTTP/1.0)
Request is too large
Content-Length missing for POST or PUT requests
Illegal character in hostname; underscores are not allowed

udah coba pake pfsense 2.1.1, 2.1.2 dan 2.1.5 squid 2.7 sama aja error browsing sebelumnya pake pfsense 2.0.3 lusca cache boy dengan setingan mikrotik yg sama dan lancar jaya.

Ket:
local 192.168.1.0/28
proxy 192.168.2.0/30
public 192.168.10.0/29
using rb750 + pfsense 2.1.1 squid 2.7

topologi

192.168.10.1        192.168.1.1          192.168.1.1-192.168.1.12
internet –------------rb750----------------client
                                  |
                            pfsense
                        192.168.2.2
Betulin ya kalo salah
trims

agixdota

modenya nat atau route pak?

zedn

masalahnya dah kelar ternyata di firewall filternya mikrotik, thanks ya rekan2