RSS

KOnfigurasi SQUID di UBUNTU Server

16 Jul

Konfigurasi SQUID di UBUNTU server V.8.04

Caranya :

  1. Login sebagai Super Administrator → sudo su

  2. Jangan Lupa siapkan koneksi internet dan lakukan instalasi Squid dengan perintah :

    sudo apt-get install squid

  3. Jika sudah selesai jangan lupa back up file squid.conf dengan perintah :
    cp /etc/squid/squid.conf /etc/squid/squid.conf.original

  4. konfigurasi file squid.conf menjadi seperti di bawah ini :

http_port 8080 transparent

#icp_port 0

#icp_query_timeout 0

#maximum_icp_query_timeout 2000

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin \?

cache deny QUERY

acl apache rep_header Server ^Apache

broken_vary_encoding allow apache

cache_mem 8 MB

cache_swap_low 90

cache_swap_high 95

maximum_object_size 4096 KB

#minimum_object_size 0 KB

#cache directories

cache_dir ufs /var/spool/squid 5000 9 256

access_log /var/log/squid/access.log squid

cache_log /var/log/squid/cache.log

cache_store_log /var/log/squid/store.log

emulate_httpd_log off

log_ip_on_direct on

client_netmask 255.255.255.255

# OPTIONS FOR TUNING THE CACHE

#wais_relay_port 0

request_header_max_size 20 KB

request_body_max_size 0 KB

refresh_pattern ^ftp: 1440 20% 10080

refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern . 0 20% 4320

# ACCESS CONTROLS

acl all src 0.0.0.0/0.0.0.0

acl manager proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl to_localhost dst 127.0.0.0/8

# variavel localnet… seluruh jaringan 1.0 ke sbawah menggunakan proxi ini

acl localnet src 192.168.1.0/255.255.255.0

acl porn url_regex -i “/etc/squid/porn.txt”

#Acl waktuKerja time SMTWHF 08:00-13:00

acl SSL_ports port 443

acl Safe_ports port 80 # http

acl Safe_ports port 21 # ftp

acl Safe_ports port 443 # https

acl Safe_ports port 70 # gopher

acl Safe_ports port 210 # wais

acl Safe_ports port 1025-65535 # unregistered ports

acl Safe_ports port 280 # http-mgmt

acl Safe_ports port 488 # gss-http

acl Safe_ports port 591 # filemaker

acl Safe_ports port 777 # multiling http

acl CONNECT method CONNECT

# Allowing or Denying access based on defined access lists

http_access allow manager localhost

http_access deny porn

http_access deny manager

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports

http_access deny to_localhost

#http_access deny bad

# mengizinkan variabel localnet di atas

http_access allow localnet

http_access allow localhost

http_access deny all

http_reply_access allow all

#icp_access allow all

# ADMINISTRATIVE PARAMETERS

cache_mgr ds@polteklampung.net

visible_hostname proxy@polteklampung.net

#Delay Pools

#acl local url_regex -i 192.168

#acl downloadFile url_regex -i \.exe$

#acl downloadFile url_regex -i \.mp3$

#acl downloadFile url_regex -i \.3gp$

#acl downloadFile url_regex -i \.vqf$

#acl downloadFile url_regex -i \.gz$

#acl downloadFile url_regex -i \.rpm$

#acl downloadFile url_regex -i \.zip$

#acl downloadFile url_regex -i \.rar$

#acl downloadFile url_regex -i \.avi$

#acl downloadFile url_regex -i \.mpeg$

#acl downloadFile url_regex -i \.mpe$

#acl downloadFile url_regex -i \.mpq$

#acl downloadFile url_regex -i \.qt$

#acl downloadFile url_regex -i \.ram$

#acl downloadFile url_regex -i \.iso$

#acl downloadFile url_regex -i \.raw$

#acl downloadFile url_regex -i \.wav$

#delay_pools 2

#Pools untuk binabangsa

#delay_class 1 2

#delay_parameters 1 -1/-1 8000/8000

#delay_access 1 allow local

#delay_access 1 deny all

#pools untuk type file download

#delay_class 2 3

#delay_parameters 2 32000/32000 1500/1500 250/250

#delay_access 2 allow downloadFile

#delay_access 2 deny all

catatan : konfigurasi proxy karya http://hendraarif.web.id

  1. Buat file porn.txt (isikan daftar situs porno yang tidak boleh diakses) dan letakkan di /etc/squid/

  2. restart squid dengan perintah : /etc/init.d/squid restart

  3. Buat NAT dan Tranparan Proxy di /etc/rc.local dengan script berikut ini :

    echo 1 > /proc/sys/net/ipv4/ip_forward

    #iptables -t nat -A POSTROUTING -j MASQUERADE

    iptables -A PREROUTING -t nat -p tcp -s 192.168.1.0/24 -i eth1 -d \! 192.168.1.0/24 –dport 80 -j REDIRECT –to 8080

    iptables -t nat -A POSTROUTING -j MASQUERADE

    exit 0

  4. Restart Server dengan perintha : shutdonw -r now

  5. Selanjutnya coba lakukan bowsing dari client…

  6. Gunakan perintah #tail -f /var/log/squid/access.log untuk melihat situs yang di akses oleh client. Jika ini berjalan berarti squid kita telah berhasil di buat.

  7. Selamat Mencoba.

About these ads
 
4 Komentar

Ditulis oleh pada 16 Juli 2008 in Linux, Ubuntu

 

4 responses to “KOnfigurasi SQUID di UBUNTU Server

  1. sakti..

    6 Januari 2010 at 2:08 PM

    wah terimakasih postingane sungguh bermanfaat.

    lok instalasi selengkapnya bisa di liat dimana ya

    setelah instal ubuntu.. terus langkahnya pa aja biar, bisa konek dengan proxi nya..

     
    • abunabiha

      22 Mei 2011 at 2:50 AM

      kalo mengalami kesulitan coba ke howtoforge.com mas

       
  2. randi

    5 Mei 2010 at 7:08 AM

    mas saya punya kendala squidnya pas di restart ada kata2 seperti

    rather tahn invoking init scripts through /etc/init.d, use the service(8)
    utility, e.g. service squid restart

    since the script you are attempting to onvoke has been converted to an upstart job, you may also use the

    restart(8) utility, e.g. restart squid
    start: Job failed to start

    itu kesalaha di apa nya yah mas mohon bantuan nya

     

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Logout / Ubah )

Twitter picture

You are commenting using your Twitter account. Logout / Ubah )

Facebook photo

You are commenting using your Facebook account. Logout / Ubah )

Google+ photo

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s

 
Ikuti

Get every new post delivered to your Inbox.

%d bloggers like this: