=====ClearOS sebagai standalone server=====
Modem : 192.168.1.1
Cos : 192.168.2.1
LAN Client : 192.168.88.10-192.168.88.18
Mikrotik
Lan Modem : 192.168.1.2 (eth1)
Lan COS : 192.168.2.2 (eth3)
Lan ke Switch : 192.168.88.1(eth2)
Masuk ke Mikrotik
via WINBOXPilih New Terminal >
/ip dns static
add address=192.168.2.1 comment="" disabled=yes name=proxy ttl=1d
/ip firewall nat
add action=dst-nat chain=dstnat comment="TRANSPARENT DNS" disabled=no dst-port=53 \
in-interface=LAN protocol=tcp to-ports=53
add action=src-nat chain=srcnat comment="1. DNS nat LAN" disabled=yes \
dst-address=0.0.0.0/0 out-interface="WAN" protocol=tcp src-address=\
192.168.88.0/24 to-addresses=192.168.1.2 to-ports=0-65535
add action=src-nat chain=srcnat comment="2. LINK PROXY " disabled=yes \
dst-address=0.0.0.0/0 out-interface="WAN" protocol=tcp src-address=\
192.168.2.0/24 to-addresses=192.168.1.2 to-ports=0-65535
add action=dst-nat chain=dstnat comment="3. TRANSPROXY lan" disabled=yes \
dst-port=80,8080 in-interface="LAN" protocol=tcp src-address=\
!192.168.2.1 to-addresses=192.168.2.1 to-ports=3128
add action=dst-nat chain=dstnat comment="4. Trans Proxy DNS" disabled=yes \
dst-port=53 in-interface="COS" protocol=tcp to-ports=53
KET :
Status Script MT diatas pada posisi disable, jika smua langkah dlm tutorial ini telahdilakukan dgn berurut & sukses silahkan tuk meng-enable script diatas pada MT
LOGIN MENGGUKAN Winscp
1.
Masuk ke Direktory
/etc/firewall-scriptsCari tulisan
SQUID_TRANSPARENT="off"
SQUID_FILTER_PORT=""
Ubah
SQUID_TRANSPARENT="0n"
SQUID_FILTER_PORT=""
2.
Masuk ke Direktory
/etc/resolv.conf
-scripts
Cari tulisan
nameserver 8.8.8.8nameserver 8.8.4.4
Ubah
nameserver 202.134.1.10
nameserver 203.130.209.242
nameserver 8.8.8.8
nameserver 8.8.4.4
Isikan DNS kesayangan Anda. Dst
3.
Masuk ke Direktory/etc/sysconfig/network-scripts
EDIT
DEVICE=eth0
TYPE="Ethernet"
ONBOOT="yes"
USERCTL="no"
BOOTPROTO="static"
IPADDR="192.168.2.1"
NETMASK="255.255.255.0"
HWADDR="00:50:da:93:4c:53"
GATEWAY="192.168.2.2"
4.
Masuk Ke COShttps://IPCOS:81 Masuk ke Menu :
Gateway>Protocol Filter>WebProxy
ubah klik start dan buat automatic
5.
Masuk ke menu : Gateway>Bandwith and Qos>Bandwith
Input Upload dan Download kecepatan BW anda kemudian klik
update
6.
Buat Access Control tiap kelas IP (kelas tuk client)
Masuk ke
Menu :
Gateway>Protocol Filter>Acces Control
add time periods
Beri nama : NonStop
centang semua hari - set time 00:00 24:00
7. Kemudian masuk
di menu Access Control list
Name : LAN
ACL Type : Allow
Time-of-Day ACL : NonStop
Restriction : Within time restrictions
Method of Identification : IP Address
Apply ACL to IP Address : 192.168.88.1
Update
Selebihnya silahkan buat Access Control buat kelas IP lain yg membutuhkan
7.
Login Menggunakan PuttySebagai Root
[root@system ~]# system squid restart
8.
Login kembali ke
Mikrotik anda.
IP>Firewall>NAT
enable kan direct yang tadicaranya Klik kanan Enable«
9.
TES PROXY ANDA JIKA SUDAH
BERJALAN
a.
http://www.lagado.com/proxy-test
b.
Via Putty : # tail -f /var/log/squid/access.log
c.
Stafaband.info
d.
WEBCONFIG
Reports>Gateway>
Web Proxy Report
Modem : 192.168.1.1
Cos : 192.168.2.1
LAN Client : 192.168.88.10-192.168.88.18
Mikrotik
Lan Modem : 192.168.1.2 (eth1)
Lan COS : 192.168.2.2 (eth3)
Lan ke Switch : 192.168.88.1(eth2)
Masuk ke Mikrotik
via WINBOXPilih New Terminal >
/ip dns static
add address=192.168.2.1 comment="" disabled=yes name=proxy ttl=1d
/ip firewall nat
add action=dst-nat chain=dstnat comment="TRANSPARENT DNS" disabled=no dst-port=53 \
in-interface=LAN protocol=tcp to-ports=53
add action=src-nat chain=srcnat comment="1. DNS nat LAN" disabled=yes \
dst-address=0.0.0.0/0 out-interface="WAN" protocol=tcp src-address=\
192.168.88.0/24 to-addresses=192.168.1.2 to-ports=0-65535
add action=src-nat chain=srcnat comment="2. LINK PROXY " disabled=yes \
dst-address=0.0.0.0/0 out-interface="WAN" protocol=tcp src-address=\
192.168.2.0/24 to-addresses=192.168.1.2 to-ports=0-65535
add action=dst-nat chain=dstnat comment="3. TRANSPROXY lan" disabled=yes \
dst-port=80,8080 in-interface="LAN" protocol=tcp src-address=\
!192.168.2.1 to-addresses=192.168.2.1 to-ports=3128
add action=dst-nat chain=dstnat comment="4. Trans Proxy DNS" disabled=yes \
dst-port=53 in-interface="COS" protocol=tcp to-ports=53
KET :
Status Script MT diatas pada posisi disable, jika smua langkah dlm tutorial ini telahdilakukan dgn berurut & sukses silahkan tuk meng-enable script diatas pada MT
LOGIN MENGGUKAN Winscp
1.
Masuk ke Direktory
/etc/firewall-scriptsCari tulisan
SQUID_TRANSPARENT="off"
SQUID_FILTER_PORT=""
Ubah
SQUID_TRANSPARENT="0n"
SQUID_FILTER_PORT=""
2.
Masuk ke Direktory
/etc/resolv.conf
-scripts
Cari tulisan
nameserver 8.8.8.8nameserver 8.8.4.4
Ubah
nameserver 202.134.1.10
nameserver 203.130.209.242
nameserver 8.8.8.8
nameserver 8.8.4.4
Isikan DNS kesayangan Anda. Dst
3.
Masuk ke Direktory/etc/sysconfig/network-scripts
EDIT
DEVICE=eth0
TYPE="Ethernet"
ONBOOT="yes"
USERCTL="no"
BOOTPROTO="static"
IPADDR="192.168.2.1"
NETMASK="255.255.255.0"
HWADDR="00:50:da:93:4c:53"
GATEWAY="192.168.2.2"
4.
Masuk Ke COShttps://IPCOS:81 Masuk ke Menu :
Gateway>Protocol Filter>WebProxy
ubah klik start dan buat automatic
5.
Masuk ke menu : Gateway>Bandwith and Qos>Bandwith
Input Upload dan Download kecepatan BW anda kemudian klik
update
6.
Buat Access Control tiap kelas IP (kelas tuk client)
Masuk ke
Menu :
Gateway>Protocol Filter>Acces Control
add time periods
Beri nama : NonStop
centang semua hari - set time 00:00 24:00
7. Kemudian masuk
di menu Access Control list
Name : LAN
ACL Type : Allow
Time-of-Day ACL : NonStop
Restriction : Within time restrictions
Method of Identification : IP Address
Apply ACL to IP Address : 192.168.88.1
Update
Selebihnya silahkan buat Access Control buat kelas IP lain yg membutuhkan
7.
Login Menggunakan PuttySebagai Root
[root@system ~]# system squid restart
8.
Login kembali ke
Mikrotik anda.
IP>Firewall>NAT
enable kan direct yang tadicaranya Klik kanan Enable«
9.
TES PROXY ANDA JIKA SUDAH
BERJALAN
a.
http://www.lagado.com/proxy-test
b.
Via Putty : # tail -f /var/log/squid/access.log
c.
Stafaband.info
d.
WEBCONFIG
Reports>Gateway>
Web Proxy Report
ClearOS sebagai standalone server