• jl. raya labuan km.05 kadulisung pandeglang http://smkn1pandeglang.sch.id
  • 1.Kevin Mitnick Kevin 2.Linus Torvalds 3.John Draper 4.Mark Abene 5.Robert Morris 6.Richard Stallman 7.Kevin Poulsen 8.Ian Murphy Ian Muphy 9.Vladimir Levin Lulusan 10.Steve Wozniak 11.Tsutomu Shimomura 12.Dennis Ritchie dan Ken Thomson Dennis 13.Eric Steven Raymond 14.Johan Helsingius
  • Linus Benedict Torvalds : lahir di Helsinki, Finlandia, 28 Desember 1969; umur 39 tahun.
Monday, July 26, 2010
KOnfigurasi SQUID di UBUNTU Server

Konfigurasi SQUID di UBUNTU server V.8.04

Caranya :

1. Login sebagai Super Administrator → sudo su
2. Jangan Lupa siapkan koneksi internet dan lakukan instalasi Squid dengan perintah :
      sudo apt-get install squid
3. Jika sudah selesai jangan lupa back up file squid.conf dengan perintah :
      cp /etc/squid/squid.conf /etc/squid/squid.conf.original
4. konfigurasi file squid.conf menjadi seperti di bawah ini :

http_port 8080 transparent

#icp_port 0

#icp_query_timeout 0

#maximum_icp_query_timeout 2000

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin \?

cache deny QUERY

acl apache rep_header Server ^Apache

broken_vary_encoding allow apache

cache_mem 8 MB

cache_swap_low 90

cache_swap_high 95

maximum_object_size 4096 KB

#minimum_object_size 0 KB

#cache directories

cache_dir ufs /var/spool/squid 5000 9 256

access_log /var/log/squid/access.log squid

cache_log /var/log/squid/cache.log

cache_store_log /var/log/squid/store.log

emulate_httpd_log off

log_ip_on_direct on

client_netmask 255.255.255.255

# OPTIONS FOR TUNING THE CACHE

#wais_relay_port 0

request_header_max_size 20 KB

request_body_max_size 0 KB

refresh_pattern ^ftp: 1440 20% 10080

refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern . 0 20% 4320

# ACCESS CONTROLS

acl all src 0.0.0.0/0.0.0.0

acl manager proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl to_localhost dst 127.0.0.0/8

# variavel localnet… seluruh jaringan 1.0 ke sbawah menggunakan proxi ini

acl localnet src 192.168.1.0/255.255.255.0

acl porn url_regex -i “/etc/squid/porn.txt”

#Acl waktuKerja time SMTWHF 08:00-13:00

acl SSL_ports port 443

acl Safe_ports port 80 # http

acl Safe_ports port 21 # ftp

acl Safe_ports port 443 # https

acl Safe_ports port 70 # gopher

acl Safe_ports port 210 # wais

acl Safe_ports port 1025-65535 # unregistered ports

acl Safe_ports port 280 # http-mgmt

acl Safe_ports port 488 # gss-http

acl Safe_ports port 591 # filemaker

acl Safe_ports port 777 # multiling http

acl CONNECT method CONNECT

# Allowing or Denying access based on defined access lists

http_access allow manager localhost

http_access deny porn

http_access deny manager

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports

http_access deny to_localhost

#http_access deny bad

# mengizinkan variabel localnet di atas

http_access allow localnet

http_access allow localhost

http_access deny all

http_reply_access allow all

#icp_access allow all

# ADMINISTRATIVE PARAMETERS

cache_mgr ds@polteklampung.net

visible_hostname proxy@polteklampung.net

#Delay Pools

#acl local url_regex -i 192.168

#acl downloadFile url_regex -i \.exe$

#acl downloadFile url_regex -i \.mp3$

#acl downloadFile url_regex -i \.3gp$

#acl downloadFile url_regex -i \.vqf$

#acl downloadFile url_regex -i \.gz$

#acl downloadFile url_regex -i \.rpm$

#acl downloadFile url_regex -i \.zip$

#acl downloadFile url_regex -i \.rar$

#acl downloadFile url_regex -i \.avi$

#acl downloadFile url_regex -i \.mpeg$

#acl downloadFile url_regex -i \.mpe$

#acl downloadFile url_regex -i \.mpq$

#acl downloadFile url_regex -i \.qt$

#acl downloadFile url_regex -i \.ram$

#acl downloadFile url_regex -i \.iso$

#acl downloadFile url_regex -i \.raw$

#acl downloadFile url_regex -i \.wav$

#delay_pools 2

#Pools untuk binabangsa

#delay_class 1 2

#delay_parameters 1 -1/-1 8000/8000

#delay_access 1 allow local

#delay_access 1 deny all

#pools untuk type file download

#delay_class 2 3

#delay_parameters 2 32000/32000 1500/1500 250/250

#delay_access 2 allow downloadFile

#delay_access 2 deny all

catatan : konfigurasi proxy karya http://hendraarif.web.id

1. Buat file porn.txt (isikan daftar situs porno yang tidak boleh diakses) dan letakkan di /etc/squid/
2. restart squid dengan perintah : /etc/init.d/squid restart
3. Buat NAT dan Tranparan Proxy di /etc/rc.local dengan script berikut ini :

echo 1 > /proc/sys/net/ipv4/ip_forward

#iptables -t nat -A POSTROUTING -j MASQUERADE

iptables -A PREROUTING -t nat -p tcp -s 192.168.1.0/24 -i eth1 -d \! 192.168.1.0/24 –dport 80 -j REDIRECT –to 8080

iptables -t nat -A POSTROUTING -j MASQUERADE

exit 0
4. Restart Server dengan perintha : shutdonw -r now

5. Selanjutnya coba lakukan bowsing dari client…
6. Gunakan perintah #tail -f /var/log/squid/access.log untuk melihat situs yang di akses oleh client. Jika ini  berjalan berarti squid kita telah berhasil di buat.

Selamat Mencoba.

Ditulis dalam Linux, Ubuntu
Read more
Share |
 
talKinG talKing © 2010 | Designed by Blogger Hacks | Blogger Template by ColorizeTemplates