sore rekan-rekan, sampai sekarang saya masih belum nemu solusinya tapi tetep ga nyerah. :)
kalau saya atur di iptables, apakah bisa diatur untuk port 993 dan 465 yang digunakan sebagai port IMAP & SMTP gmail untuk melewati port 3128? atau alternatif lain misalnya supaya port 993 dan 465 di bypass proxy? mohon masukannya. terima kasih. -- emmile > -----Original Message----- > From: Emmile Juniarta <[email protected]> > Date: Wed, 23 Feb 2011 15:28:10 > To: <[email protected]> > Reply-To: [email protected] > Subject: [tanya-jawab] Problem IMAP di Gmail > sore rekan-rekan, > saya mau tanya-tanya nih soal imap di gmail. ada user dari email > client mao imap ke gmail, tapi gagal terus. > > saya sudah coba buka port imap.gmail.com 993 di squid.conf ataupun di > iptables tetep belum berhasil. kira-kira dimana salahnya ya? mohon > petunjuknya. > > dibawah saya sertakan konfigurasi squid.conf dan iptablesnya. terima kasih. > -- > emmile > ---------------------------------------------------------------------------------------------------------- > http_port 3128 > > hierarchy_stoplist cgi-bin ? > acl QUERY urlpath_regex cgi-bin \? > cache deny QUERY > acl apache rep_header Server ^Apache > broken_vary_encoding allow apache > access_log /var/log/squid/access.log squid > auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd > auth_param basic realm Carsurin Proxy > auth_param basic children 20 > refresh_pattern ^ftp: 1440 20% 10080 > refresh_pattern ^gopher: 1440 0% 1440 > refresh_pattern . 0 20% 4320 > > acl all src 0.0.0.0/0.0.0.0 > acl manager proto cache_object > acl localhost src 127.0.0.1/255.255.255.255 > acl to_localhost dst 127.0.0.0/8 > acl SSL_ports port 5050 > acl SSL_ports port 443 993 485 465 > acl Safe_ports port 993 > acl Safe_ports port 485 > acl Safe_ports port 465 > acl Safe_ports port 587 > acl Safe_ports port 80 # http > acl Safe_ports port 21 # ftp > acl Safe_ports port 443 563 # https > acl Safe_ports port 70 # gopher > acl Safe_ports port 210 # wais > acl Safe_ports port 1025-65535 # unregistered ports > acl Safe_ports port 280 # http-mgmt > acl Safe_ports port 488 # gss-http > acl Safe_ports port 591 # filemaker > acl Safe_ports port 777 # multiling http > acl CONNECT method CONNECT > http_access allow manager localhost > http_access deny manager > # Deny requests to unknown ports > http_access deny !Safe_ports > # Deny CONNECT to other than SSL ports > http_access deny CONNECT !SSL_ports > acl our_networks src 192.168.0.0/24 192.168.1.0/24 > acl archives urlpath_regex "/etc/squid/squid-files.acl" > acl url_ads url_regex "/etc/squid/squid-banner-ads.acl" > acl bad_site dstdomain "/etc/squid/bad-site.txt" > acl bad_site_job dstdomain "/etc/squid/bad-site-job.txt" > acl office_hour time SMTWHFA 08:00-17:00 > acl pagi time SMTWHFA 08:00-11:59 > acl break1 time SMTWHFA 12:00-12:59 > acl siang time SMTWHFA 13:00-17:30 > acl break2 time SMTWHFA 17:31-23:59 > acl userhrd src 192.168.0.101 192.168.0.102 192.168.0.103 192.168.0.104 > 192.168.0.105 192.168.0.106 192.168.0.107 192.168.0.108 > http_access allow bad_site_job userhrd > http_access deny bad_site_job > > http_access allow bad_site break1 > http_access deny bad_site > > acl spec_ip src 192.168.0.10 192.168.1.10 192.168.0.99 > > acl direksi src 192.168.0.10 192.168.1.10 > http_access allow url_ads direksi > http_access allow url_ads spec_ip > http_access deny url_ads > > http_access allow archives spec_ip > http_access deny archives > > > #----------------------------------------------------- > # DELAY POOLS > acl admin src 192.168.0.10 192.168.0.99 > acl server src 192.168.0.10 192.168.1.10 > acl finance src 192.168.1.0/255.255.255.0 > acl umum src 192.168.0.0/255.255.255.0 > > delay_pools 9 > > delay_class 1 1 > delay_parameters 1 -1/-1 > delay_access 1 allow admin > delay_access 1 allow server > delay_access 1 deny all > > delay_class 2 1 > delay_parameters 2 32000/32000 > delay_access 2 allow finance pagi > delay_access 2 deny all > > delay_class 3 1 > delay_parameters 3 -1/-1 > delay_access 3 allow finance break1 > delay_access 3 deny all > > delay_class 4 1 > delay_parameters 4 32000/32000 > delay_access 4 allow finance siang > delay_access 4 deny all > > delay_class 5 1 > delay_parameters 5 -1/-1 > delay_access 5 allow finance break2 > delay_access 5 deny all > > delay_class 6 1 > #delay_parameters 6 16000/16000 > delay_parameters 6 48000/64000 > delay_access 6 allow umum pagi > delay_access 6 deny all > > delay_class 7 1 > delay_parameters 7 -1/-1 > delay_access 7 allow umum break1 > delay_access 7 deny all > > delay_class 8 1 > #delay_parameters 8 16000/16000 > delay_parameters 8 48000/64000 > delay_access 8 allow umum siang > delay_access 8 deny all > > delay_class 9 1 > delay_parameters 9 -1/-1 > delay_access 9 allow umum break2 > delay_access 9 deny all > #------------------------------------------------------------------- > > acl Users proxy_auth REQUIRED > http_access allow Users > > http_access allow localhost > http_access deny all > http_reply_access allow all > icp_access allow all > visible_hostname arjuna.carsurin.com > coredump_dir /var/spool/squid > ---------------------------------------------------------------------------------------------------------- > # Flush chain rules > iptables --flush > > # Allow unlimited traffic on the loopback interface > iptables -A INPUT -i lo -j ACCEPT > iptables -A OUTPUT -o lo -j ACCEPT > > # Set Default Policies > iptables --policy INPUT DROP > iptables --policy OUTPUT DROP > #iptables --policy FORWARD DROP > > # Initial > iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT > iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT > > > #---> Ijinkan Port > iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 5038 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 5050 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 4445 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT > iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 110 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 445 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 993 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 995 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 587 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 465 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 485 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 1863 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 5100 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 569 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 5000:5005 -j ACCEPT > iptables -A INPUT -p udp -m udp --dport 5000:5010 -j ACCEPT > iptables -A INPUT -p udp -m udp --dport 613 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 20 -j ACCEPT > iptables -A INPUT -p udp -m udp --dport 20 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 143 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 67 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 68 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 1863 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 5022 -j ACCEPT > iptables -A INPUT -p icmp -m icmp --icmp-type 8 -m state --state NEW -j ACCEPT > iptables -A INPUT -p icmp -m icmp --icmp-type 0 -m state --state NEW -j ACCEPT > iptables -A INPUT -p tcp -m tcp --dport 3128 -j ACCEPT > > # Drop all other traffic > iptables -A INPUT -j DROP > > # POSTROUTING > iptables -t nat -A POSTROUTING -o eth0 -s 192.168.1.0/24 -j SNAT --to-source > 192.168.0.10 > > ---------------------------------------------------------------------------------------------------------- > > -- > FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab > Unsubscribe: kirim email ke [email protected] > Arsip dan info milis selengkapnya di http://linux.or.id/milis > > -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [email protected] Arsip dan info milis selengkapnya di http://linux.or.id/milis
