Cari

Lintang Sumunar

Ojo Turu Sore kaki….ono dewo nglanglang jagad….

Kategori

Linux,….pecas ndahe

acer one 10 bios update failed

Pernah mengalami laptop mungil ini gak bis booting, hanya masuk bios dan ada notif flashing failed dan reboot 5 detik selnjutnya seperti gambar dibawah ini

ini bisa disebabkan karena proses update bios yang salah (gak baca readme), atau proses update windows yang tidak berjalan sempurna

jangan panik dulu, tarik nafas, bikin kopi dulu…. baca baik2 ya

pada saat dinyalakan laptop akan muncul logo acer, nah tekan tombol esc berkali-kali sampai masuk bios dan muncul pop up exit without save, sampai pada tahap ini, tarik nafas lagi, sedot rokoknya dulu…hembuskan hehehhe

arahkan kursor ke yes lalu letakkan telunjuk kiri di tombol enter dan telunjuk kanan pada tombol back, jangan dipencet dulu ya…

lalu tekan tombol enter diikuti tombol back berkali-kali sambil berdoa….heheheh

kalo timingnya tepat laptop akan langsung booting dan masuk windows… ucapkan alhamdulillah, apabila gagal ulangi lagi tahap2 di atas…

setelah masuk windows, download bios dari acer website dan lakukan update bios, ingat baca readme ya…flash bios sesuai petunjuk readme….

masalah selesai, habiskan kopi dan bakar sebatang rokok lagi

Bypass Internet Positif

di server linux, cukup jalankan script iptables ini

iptables -t nat -A PREROUTING -i eth0 -p udp --dport 53 -j DNAT --to 208.67.222.222:443

ganti eth0 dengan interface yang mengarah ke klien…

Untuk Mikrotik

/ip firewall nat
add action=dst-nat chain=dstnat disabled=yes dst-port=53 protocol=udp \
to-addresses=208.67.220.220 to-ports=443

 

HIJRAH MENUJU KEBAIKAN

“Barangsiapa berhijrah di jalan Allah, niscaya mereka mendapati di muka bumi ini tempat hijrah yg luas dan rezeki yg banyak……”
(QS An-Nisa: 100)
Hijrah menuju kebaikan hanya bisa dilakukan oleh mereka yg ber-sungguh2 untuk berubah. Jika hijrahnya setengah2, sama artinya dengan mngharapkan hasil yg setengah2.
Maka luruskan niat bhw hijrah menuju kebaikan ini hanya krn Allah semata. Dengan hijrah seca ra total ini, mk keba ikan yg anda panen nanti jg akan total. 
Semoga Allah selalu memberikan keba ikan didunia dan akhirat. Amin

Removing Individual Objects squid cache

ada komplain dari klien kalo situs blogger setiap kali dibuka selalu masuk akun orang lain, urak-atik beberapa lama belum bisa juga padahal di squid.conf udah ada konfigurasi biar blogger.com tidak dicache

ternyata solusinya harus remove dulu blogger.com dari cache, gini caranya

buka /etc/squid/squid.conf

lalu masukkan

acl AdminBoxes src 127.0.0.1 172.16.0.1 192.168.0.1 #(sesuaikan dengan IP yg digunakan)

acl Purge method PURGE

http_access allow AdminBoxes Purge

http_access deny Purge

setelah itu save dan di terminal as root
squid -k reconfigure

sekarang tinggal menjalankan perintah
squidclient -m PURGE http://www.blogger.com/

masalah selesai....

tranparent proxy coovachilli di ubuntu 10.04 (yfi hotspot)

upgrade server ke ubuntu server 10.04 ,  squid transparent dengan iptables mengikuti http://sourceforge.net/apps/trac/hotcakes/wiki/yfi_setup_nas_coova pada bagian Firewall transparent proxy, ternyata dapat dibobol dengan mudah hanya dengan mengisi proxy langsung di browser, padahal di ubuntu 8.04 (iptables 1.3) firewall tersebut cukup aman, setelah googling akhirnya ketemu solusinya, mengganti script warna merah dengan warna biru diatasnya

#Transparent proxy rules
iptables -A FORWARD -i tun0 -p tcp -m tcp –dport 3128 –syn -j DROP
iptables -t mangle -A PREROUTING -i tun0 -p tcp -m tcp –dport 3128 –syn -j DROP

#iptables -A PREROUTING -t nat -p tcp -s 10.1.0.0/24 -d 10.1.0.1 –dport 3128 -j DROP
iptables -t nat -A PREROUTING -i tun0 -p tcp -m tcp -d 10.1.0.0/24 –dport 80 -j RETURN
iptables -A PREROUTING -t nat -i tun0 -p tcp -s 10.1.0.0/24 -d ! 10.1.0.1 –dport 80 -j REDIRECT –to 3128

bagi-bagi bandwidth buat klien Biroe Hotspot

ngelola hotspot hampir 1 tahun lebih, ternyata selain banyak penyusup, masalah utama adalah pembagian bandwidth. pake htb susah karena user dapat ip dhcp dan gak fix jumlahnya. pake attribute coova chilli untuk uploadnya berhasil, download juga berhasil, tapi semuanya kena dalam arti cache hit dari squid pun kena limit, wah lak percuma ya di kasih proxy…..

akhirnya untuk upload tetep pake attribute coova chilli (Chillispot-Bandwidth-Max-Up), dan untuk download menggunakan delaypool dari squid (IDM pun gak bisa tembus he..he), lumayan bisa tidur nyenyak sekarang…

tiba-tiba dapat komplain dari klien kalo koneksi lemot banget, sempat bingung kenapa ya, dilihat pake sqstat (buat lihat user yang konek lewat squid) gak ada yang aneh…kenapa ya kok bisa lemot…pengen nangis jadinya

keesokan harinya nemu tool buat monitor jaringan di ubuntu namanya tcptrack, dari sini ketahuan ada user yang konek tapi jarang make port-port yang umum (port 80, 443 dsb), ternyata user ini setelah ditanya langsung menggunakan software FrostWire, wah ini kan software buat p2p dan teman-temannya…masalah baru nih, asli mumet…browsing-browsing  dapat tutorial selanjutnya dipraktekkan..sampai-sampai patching kernel segala  dan hasilnya gagal maning-gagal maning…mumet, jangankan buat nglimit, ngeblock aja gak bisa wakaka….

break dulu beberapa hari gak ngoprek  dan kebetulan klien yang pake software itu lagi pulkam, jadi klien yang lain masih bisa internetan dengan nyaman….gak sengaja ketemu script buat traffic shapping namanya supershaper, dicoba masih bobol

pelan-pelan dicoba terus, awalnya shaper itu diletakkan di interface yang ke internet (ditempatku eth0) , coba-coba dipindah ke eth1 (ke klien) masih tetep bablas, gak ngefek sama sekali malah, coba di pindah ke tun0 dan ada perkembangan yang bagus, ketika utak-atik nilai buat bulk traffic, bandwidth p2p ikut berupa, setiap nilai dinaikan bandwidth p2p naik begitu juga sebaliknya….ketemu nih…girang sekali….

ini scriptnya

#!/bin/bash

#

# SuperShaper-SOHO 1.4

#

# Bandwidth shaper for SOHO DSL connection.

#

# Copyright (C) 2005-2009 Robin Smidsrød <robin@smidsrod.no>

#

# This program is free software; you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation; either version 2 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License along

# with this program; if not, write to the Free Software Foundation, Inc.,

# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

#

# Please consider donating if you find this script helpful.

#

# If you need help setting up this script, or have other

# problems related to Linux networking, I’m available

# for contracting. Contact me at robin@smidsrod.no or see

# contact information on http://www.smidsrod.no.

#

# This script is designed to shape your upstream bandwidth to

# minimize latency for interactive applications like SSH and making

# sure P2P applications doesn’t saturate your upstream. Standard surfing/mail

# software is also given priority over P2P to make them snappy.

# VoIP is given maximum priority (SIP/RTP) (only surpassed by TCP ACKs) to make

# sure IP telephony doesn’t suffer even on a very congested link.

#

# Ingress filtering is not applied at all, since it would have little

# effect on the final result. Let’s stick to egress which works.

#

# This script needs iproute2 (tc) and HTB/SFQ netfilter schedulers (linux kernel >=2.4.20)

# This script has been verified to work out of the box on IPCop-1.3.0_fixes9,

# which is the preferred deployment platform.

#

# Please verify the ports for P2P software if they’re non-standard.

#

# Queue classes are set up to handle this kind of traffic in prioritized order:

#

# 10: TCP/ACK

# 20: VoIP (sip tos 0x68/rtp tos 0xb8)

# 30: tos_minimum_delay 0x10 / tos_maximum_reliability 0x04

# 40: ICMP/DNS/Shoutcast/tos_minimum_cost 0x02/IMAP/SMTP/POP3/HTTP/FTP/Usenet/SSH/tos_maximum_throughput 0x08

# 50: P2P (BitTorrent/eMule/DirectConnect/Kazaa/Gnutella)

# 60: default / bulk traffic

#

# Change these values to reflect your own setup

# Your outbound interface

DEV=tun0

# Your upstream capacity in kbit

#UPLINK_REAL=704

#UPLINK_REAL=612

UPLINK_REAL=5000

#3400

# DSL modems usually have large queues. That breaks latency. Set this as high as your DSL

# modem can handle without queuing packets itself. This value is in percent.

# I usually saturate the upstream with traffic/uploads and use iptraf to measure the outbound traffic

# on the interface to determine when the shaping takes effect. If iptraf reports higher bandwidth than

# your calculated bandwidth (see UPLINK below) you modem is probably still queuing packets. This can

# only be set by trial an error, but 90% is probably a good ballpark number.

UPLINK_PERCENT=90

# Calculate actual max bandwidth

UPLINK=$[UPLINK_PERCENT*UPLINK_REAL/100]

# Set how much bandwidth to use for each class

UPLINK_10_R=$UPLINK

UPLINK_20_R=$UPLINK

UPLINK_30_R=$UPLINK

UPLINK_40_R=$[9*UPLINK/10]

UPLINK_50_R=$[1*UPLINK/10]

UPLINK_60_R=$[5*UPLINK/10]

# The same as above, but here you set the ceiling, ie. how much a class is allowed to borrow from another

UPLINK_10_C=$UPLINK

UPLINK_20_C=$UPLINK

UPLINK_30_C=$UPLINK

UPLINK_40_C=$[9*UPLINK/10]

UPLINK_50_C=$[5*UPLINK/10]

UPLINK_60_C=$[8*UPLINK/10]

# DirectConnection port

# In newer versions of DC++ there is no default.

# Please set your port used in DC++ here.

PORT_DC=20000

# Additional BitTorrent port

# The standard BitTorrent port is already defined.

PORT_BT=50000

# Additional ED2K ports

# The standard ED2K and Kademelia ports are already defined.

PORT_ED2K_TCP=30000

PORT_ED2K_UDP=40000

# Set full path to TC command, unless it’s in PATH

TC=tc

################### Nothing to change below this line unless you’re adventurous ###############

function start_me {

echo “Turning on packet shaping”

# Remove existing qdisc

$TC qdisc del dev $DEV root 2>&1 >/dev/null

################### QUEUE DISCIPLINES

# Add root qdisc

$TC qdisc add dev $DEV root handle 1: htb default 60

# Add master qdisc

$TC class add dev $DEV parent 1: classid 1:1 htb rate ${UPLINK}kbit

# Add prio 0 queue (highest)

$TC class add dev $DEV parent 1:1 classid 1:10 htb rate ${UPLINK_10_R}kbit ceil ${UPLINK_10_C}kbit prio 0

$TC qdisc add dev $DEV parent 1:10 handle 10: sfq perturb 10

# Add prio 1 queue

$TC class add dev $DEV parent 1:1 classid 1:20 htb rate ${UPLINK_20_R}kbit ceil ${UPLINK_20_C}kbit prio 1

$TC qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10

# Add prio 2 queue

$TC class add dev $DEV parent 1:1 classid 1:30 htb rate ${UPLINK_30_R}kbit ceil ${UPLINK_30_C}kbit prio 2

$TC qdisc add dev $DEV parent 1:30 handle 30: sfq perturb 10

# Add prio 3 queue

$TC class add dev $DEV parent 1:1 classid 1:40 htb rate ${UPLINK_40_R}kbit ceil ${UPLINK_40_C}kbit prio 3

$TC qdisc add dev $DEV parent 1:40 handle 40: sfq perturb 10

# Add prio 4 queue (lowest)

$TC class add dev $DEV parent 1:1 classid 1:50 htb rate 10bit ceil 64kbit prio 10

$TC qdisc add dev $DEV parent 1:50 handle 50: sfq perturb 10

# Add prio 5 queue (default queue)

$TC class add dev $DEV parent 1:1 classid 1:60 htb rate 64kbit ceil 64kbit prio 5

$TC qdisc add dev $DEV parent 1:60 handle 60: sfq perturb 10

# $TC class add dev $DEV parent 1:1 classid 1:60 htb rate ${UPLINK_60_R}kbit ceil ${UPLINK_60_C}kbit prio 5

# $TC qdisc add dev $DEV parent 1:60 handle 60: sfq perturb 10

echo ” Add prio 6 squid”

$TC class add dev $DEV parent 1:1 classid 1:80 htb rate 100Mbit ceil 100Mbit prio 6

echo ” test”

$TC qdisc add dev $DEV parent 1:80 handle 80: sfq perturb 10

################### FILTERS

# CLASS 10: TCP/ACK

$TC filter add dev $DEV protocol ip parent 1: prio 1 u32 match ip protocol 6 0xff match u8 0x05 0x0f at 0 \

match u16 0x0000 0xffc0 at 2 match u8 0x10 0xff at 33 flowid 1:10

# CLASS 20: VoIP (prio 1) (SIP/skinny packets)

# $TC filter add dev $DEV parent 1: protocol ip prio 1 u32 match ip tos 0x68 0xff flowid 1:20

# $TC filter add dev $DEV parent 1: protocol ip prio 1 u32 match ip tos 0x58 0xff flowid 1:20

# $TC filter add dev $DEV parent 1: protocol ip prio 1 u32 match ip tos 0x28 0xff flowid 1:20

# $TC filter add dev $DEV parent 1: protocol ip prio 1 u32 match ip tos 0x38 0xff flowid 1:20

# $TC filter add dev $DEV parent 1: protocol ip prio 1 u32 match ip sport 5060 0xffff flowid 1:20

# CLASS 20: VideoConferencing (prio 1) (SquidCam)

# $TC filter add dev $DEV parent 1: protocol ip prio 1 u32 match ip sport 16967 0xffff flowid 1:20

# $TC filter add dev $DEV parent 1: protocol ip prio 1 u32 match ip sport 16968 0xffff flowid 1:20

# $TC filter add dev $DEV parent 1: protocol ip prio 1 u32 match ip sport 16969 0xffff flowid 1:20

# CLASS 20: VoIP (prio 2) (RTP data)

# $TC filter add dev $DEV parent 1: protocol ip prio 2 u32 match ip tos 0xb8 0xff flowid 1:20

# $TC filter add dev $DEV parent 1: protocol ip prio 2 u32 match ip sport 16384 0xffff flowid 1:20

# CLASS 30: IP TOS 0x10 (prio 1) (minimum delay)

$TC filter add dev $DEV parent 1: protocol ip prio 1 u32 match ip tos 0x10 0xff flowid 1:30

# CLASS 30: IP TOS 0x04 (prio 2) (maximum reliability)

$TC filter add dev $DEV parent 1: protocol ip prio 2 u32 match ip tos 0x04 0xff flowid 1:30

# CLASS 30: World Of Warcraft (prio 3) (TCP/3724 and TCP/6112)

$TC filter add dev $DEV parent 1: protocol ip prio 3 u32 match ip dport 3724 0xffff flowid 1:30

$TC filter add dev $DEV parent 1: protocol ip prio 3 u32 match ip dport 6112 0xffff flowid 1:30

# CLASS 40: ICMP (prio 1)

$TC filter add dev $DEV parent 1: protocol ip prio 1 u32 match ip protocol 1 0xff flowid 1:40

# CLASS 40: DNS (prio 2)

$TC filter add dev $DEV parent 1: protocol ip prio 2 u32 match ip dport 53 0xffff flowid 1:40

# CLASS 40: Shoutcast (prio 3)

$TC filter add dev $DEV parent 1: protocol ip prio 3 u32 match ip dport 8000 0xffff flowid 1:40

# CLASS 40: IP TOS 0x02 (prio 4) (minimum cost)

$TC filter add dev $DEV parent 1: protocol ip prio 4 u32 match ip tos 0x02 0xff flowid 1:40

# CLASS 40: IMAP (prio 5) (with and without SSL)

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip dport 143 0xffff flowid 1:40

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip dport 220 0xffff flowid 1:40

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip dport 993 0xffff flowid 1:40

# CLASS 40: SMTP (prio 6) (with and without SSL)

$TC filter add dev $DEV parent 1: protocol ip prio 6 u32 match ip dport 25 0xffff flowid 1:40

$TC filter add dev $DEV parent 1: protocol ip prio 6 u32 match ip dport 465 0xffff flowid 1:40

# CLASS 40: POP (prio 7) (with and without SSL)

$TC filter add dev $DEV parent 1: protocol ip prio 7 u32 match ip dport 106 0xffff flowid 1:40

$TC filter add dev $DEV parent 1: protocol ip prio 7 u32 match ip dport 109 0xffff flowid 1:40

$TC filter add dev $DEV parent 1: protocol ip prio 7 u32 match ip dport 110 0xffff flowid 1:40

$TC filter add dev $DEV parent 1: protocol ip prio 7 u32 match ip dport 995 0xffff flowid 1:40

$TC filter add dev $DEV parent 1: protocol ip prio 7 u32 match ip dport 1109 0xffff flowid 1:40

# CLASS 40: HTTP (prio 8) (with and without SSL)

$TC filter add dev $DEV parent 1: protocol ip prio 8 u32 match ip dport 80 0xffff flowid 1:40

$TC filter add dev $DEV parent 1: protocol ip prio 8 u32 match ip dport 443 0xffff flowid 1:40

# CLASS 50: FTP (prio 9) (with and without SSL)

$TC filter add dev $DEV parent 1: protocol ip prio 9 u32 match ip dport 20 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 9 u32 match ip dport 21 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 9 u32 match ip dport 115 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 9 u32 match ip dport 2431 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 9 u32 match ip dport 2433 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 9 u32 match ip sport 20 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 9 u32 match ip sport 21 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 9 u32 match ip sport 115 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 9 u32 match ip sport 2431 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 9 u32 match ip sport 2433 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 9 u32 match ip sport 8888 0xffff flowid 1:80

$TC filter add dev $DEV parent 1: protocol ip prio 9 u32 match ip dport 8888 0xffff flowid 1:80

# CLASS 40: Usenet (prio 10)

$TC filter add dev $DEV parent 1: protocol ip prio 10 u32 match ip dport 119 0xffff flowid 1:40

# CLASS 40: SSH (prio 11) (without tos bit set, caters for buggy clients like PuTTY and ssh.com windows client)

$TC filter add dev $DEV parent 1: protocol ip prio 11 u32 match ip dport 22 0xffff mat ip tos 0x00 0xff flowid 1:40

# CLASS 40: IP TOS  0x08  (prio 12) (maximum throughput)

$TC filter add dev $DEV parent 1: protocol ip prio 12 u32 match ip tos 0x08 0xff flowid 1:40

# CLASS 40: HTTP outbound (prio 13)

$TC filter add dev $DEV parent 1: protocol ip prio 13 u32 match ip sport 80 0xffff flowid 1:40

# CLASS 50: BitTorrent (prio 1)

$TC filter add dev $DEV parent 1: protocol ip prio 1 u32 match ip sport 6881 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 1 u32 match ip sport $PORT_BT 0xffff flowid 1:50

# CLASS 50: eMule (prio 2)

$TC filter add dev $DEV parent 1: protocol ip prio 2 u32 match ip sport 4661 0xffff flowid 1:50 # eMule TCP

$TC filter add dev $DEV parent 1: protocol ip prio 2 u32 match ip sport 4662 0xffff flowid 1:50 # eMule TCP

$TC filter add dev $DEV parent 1: protocol ip prio 2 u32 match ip sport 4663 0xffff flowid 1:50 # eMule TCP

$TC filter add dev $DEV parent 1: protocol ip prio 2 u32 match ip sport 4672 0xffff flowid 1:50 # eMule UDP

$TC filter add dev $DEV parent 1: protocol ip prio 2 u32 match ip sport 4711 0xffff flowid 1:50 # eMule Webserver

$TC filter add dev $DEV parent 1: protocol ip prio 2 u32 match ip sport 5768 0xffff flowid 1:50 # Overnet

$TC filter add dev $DEV parent 1: protocol ip prio 2 u32 match ip sport $PORT_ED2K_TCP 0xffff flowid 1:50 # eMule TCP – custom

$TC filter add dev $DEV parent 1: protocol ip prio 2 u32 match ip sport $PORT_ED2K_UDP 0xffff flowid 1:50 # eMule UDP – custom

# CLASS 50: DirectConnect (prio 3)

$TC filter add dev $DEV parent 1: protocol ip prio 3 u32 match ip dport 411 0xffff flowid 1:50 # Hub connection

$TC filter add dev $DEV parent 1: protocol ip prio 3 u32 match ip sport 1412 0xffff flowid 1:50 # Default transfer/search port

$TC filter add dev $DEV parent 1: protocol ip prio 3 u32 match ip sport $PORT_DC 0xffff flowid 1:50 # Custom transfer/search port

# CLASS 50: Kazaa (prio 4)

$TC filter add dev $DEV parent 1: protocol ip prio 4 u32 match ip sport 6699 0xffff flowid 1:50

# CLASS 50: Gnutella (prio 5)

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip sport 6346 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip sport 6881 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip sport 6882 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip sport 6883 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip sport 6884 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip sport 6885 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip sport 6886 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip sport 6887 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip sport 6888 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip sport 6889 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip sport 6347 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip sport 411 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip sport 1025 0xffff flowid 1:50

$TC filter add dev $DEV parent 1: protocol ip prio 5 u32 match ip sport 6346 0xffff flowid 1:50

echo “squid hit”

$TC filter add dev $DEV parent 1:0 protocol ip prio 1 u32 match ip protocol 0x6 0xff match ip tos 0x30 0xff flowid 1:80

$TC filter add dev $DEV parent 1:0 protocol ip prio 1 u32 match ip protocol 0x6 0xff match ip tos 0x04 0xff flowid 1:80

$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 match ip src 10.1.0.0/24 match ip dst 10.56.5.1/24 classid 1:80

$TC qdisc add dev $DEV handle ffff: ingress

$TC filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate ${UPLINK}kbit burst 10k drop flowid :1

}

function stop_me {

echo “Turning off packet shaping”

# Remove existing qdisc

$TC qdisc del dev $DEV root 2>&1 >/dev/null

}

function status_me {

# Report settings

echo “************************* QDISC ******************************”

$TC qdisc show dev $DEV

echo “************************* CLASS ******************************”

$TC class show dev $DEV

# Disabled cause output is quite cryptic, anyone now a more readable way to report this?

#echo “************************* FILTER *****************************”

#$TC filter show dev $DEV

}

case “$1” in

start)

start_me

status_me

;;

stop)

stop_me

status_me

;;

status)

status_me

;;

*)

echo “Usage: $0 {start|stop|status}” >&2

exit 1

esac

exit 0

Hotspot Bondo Nekat

awalnya langganan speedy office, dipake sendiri ternyata kok berlebih ya bandhwidthnya, akhirnya aku tawarin sama tetangga untuk urunan biaya bulanan dan speedy dipake bareng-bareng.

oprek-oprek linux dan browsing-browsing tiap hari , ketemu easyhotspot versi 1.0, karena terkendala dengan simultanous use (satu user bisa dipake rame-rame) dan belum menemukan cara yang ampuh buat ngatasinnya akhirnya coba belajar hotcakes hotspot manager, lumayan bagus dan mulai menghasilkan income,

ndilalah suatu malam iseng-iseng ngecek billing kok banyak user aneh ya di billing, ternyata billing hotcake gampang sekali di hack, hanya dengan memasukkan kode ‘ – ‘ pada username dan password, eh bisa masuk ke billing dan bisa create voucher sakenake udel…he..he

dengan terpaksa belajar install yfi hotspot manager, wah ini billing hotspot yang bagus, aman dan sampai sekarang masih dipakai oleh biroe hotspot

dikatakan nekat karena awal mulanya hanya menggunakan beberapa hardware bekas, misalnya server pakae amd duron jadul, access point bekas (dapet dari langganan internet dari isp local), dan tiang buat masang antenanya pake bambu he..he, nekat kan…

sudah lebih dari setahun bisnis ini berjalan, dengan mempunyai beberapa repeater tetapi nekatnya tiang antena masih tetep pake bambu…bener-bener nekat..he..he

mau lihat foto-fotonya, ini linknya

http://www.facebook.com/album.php?aid=2021476&l=ba61f3f852&id=1373438338

Clearing cache memory pada Ubuntu 9.10 menggunakan sysctl

Dua minggu ini server Hotspot saya upgrade dari Ubuntu 9.04 ke 9.10, alasannya Ubuntu 9.10 sepertinya lebih cepat bootingnya.

Upgrade selesai dan mulus, semua aplikasi bisa berjalan lancar, tetapi setiap pagi banyak user yang komplain gak bisa akses hotspot…we… lhadalah..blaen iki….langsung cek server, ternyata di server pun gak bisa konek ke internet, kenapa nih..karena pusing gak tau penyebabnya akhirnya server di restart, semua bisa berjalan lagi….

Keesokan harinya, telpon berdering lagi dengan komplain yang sama…wah mumet ki…kenapa setiap server hidup selama 24 jam kok networknya jadi drop…..utak-atik sampai botak akhirnya ketemu juga penyebabnya..ternyata setelah di cek di konsole dengan perintah free -m, memory di server habis..he..he..service apa ya yang rakus memori…?

coba pake perintah top, hasilnya semuanya normal dalam arti gak ada program yang rakus memory..wah tambah mumet ini…dua minggu berlalu server jalan tapi tiap pagi harus direstart…lha kalo ditinggal pergi2 gimana dong….

browsing cari solusi, utak-atik..sampai mumet…dapat kesimpulan kalo masalahnya ada di cache memory…

nyerah….he..he..

santai-santai di rumah coba browsing-browsing lagi dan menemukan link http://duopetalflower.blogspot.com/2009/09/clearing-cache-memory-in-linux-using.html

coba ah siapa tau bisa dan ternyata berhasil..he..he….

ternyata solusinya tinggal kasih perintah di konsole as root seperti ini

sync && sudo sysctl -w vm.drop_caches=3 && sudo sysctl -w vm.drop_caches=0

dan masukkan perintah tersebut dengan cron agar dijalankan setiap jam sekali..dan sekarang serverku lancar lagi ..gak pake reboot kalo pagi…suwun..thanx for Sankaran Raman for clue on your blog……

sebelum diclear

setelah di clear

Quick fix for simultaneous on Easyhotspot

sebelumnya suwun buat mas Rafee atas distro dan trik2 yang telah diberikan

biasanya satu user bisa dibuat login rame2 oleh beberapa user sekaligus, wah bisa bangkrut dong lama…he..he, untung mas Rafee ngasih trik ini (tak comot dari blognya)

for quick fix please replace your “/var/www/system/application/models/billingplanmodel.php” file with http://pastebin.com/f3ceb50d7
and replace your “/var/www/system/application/models/postpaidmodel.php with http://pastebin.com/f6b5e1485

cuman setelah diterapkan, kok masih bablas aja ya….satu user masih bisa di buat login oleh beberapa orang, karena penasaran, utak-atik sampai di satru istri gara2 dicuekin katanya ( he..he), akhirnya ketemu juga, tinggal buka pagar aja difile /etc/freeradius/sql.conf, pada baris…

#######################################################################
# Simultaneous Use Checking Queries
#######################################################################
# simul_count_query - query for the number of current connections
# - If this is not defined, no simultaneouls use checking
# - will be performed by this module instance
# simul_verify_query - query to return details of current connections for verification
# - Leave blank or commented out to disable verification step
# - Note that the returned field order should not be changed.
#######################################################################

# Uncomment simul_count_query to enable simultaneous use checking
hilangkan pagar disini----> simul_count_query = "SELECT COUNT(*) FROM ${acct_table1} WHERE UserName='%{SQL-User-Name}' AND AcctStopTime = 0"
simul_verify_query = "SELECT RadAcctId, AcctSessionId, UserName, NASIPAddress, NASPortId, FramedIPAddress, CallingStationId, FramedProtocol FROM ${acct_table1} WHERE UserName='%{SQL-User-Name}' AND AcctStopTime = 0"

habis itu restart pc, dan coba…..
semoga berhasil

Blog di WordPress.com.

Atas ↑