Install Squid
apt-get install squid
Setelah itu, konfigurasi squid seperti contoh ( ubah sesuai konfigurasi kamu)
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 # https, snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWATacl purge method PURGE
acl purge method PURGE
acl CONNECT method CONNECT
#############################################################################
acl whitelist url_regex -i "/etc/squid/whitelist.txt"
acl kompi1 src 193.16.16.0/24
#acl user_1 src 193.16.16.213
acl user_1 arp 0C:0C:0B:14:CD:98 # MAc ini punya ip 213 sering donlot
acl situs_khusus url_regex -i "/etc/squid/situs_khusus.txt"
acl situs_dewasa url_regex -i "/etc/squid/situs_dewasa.txt"
acl block_mac arp "/etc/squid/block_mac.txt"
acl jam_tayang time "/etc/squid/jam_tayang.txt"
acl andrew src 193.16.16.222
acl teknisi src 193.16.16.234
acl choir src 193.16.16.90
acl lukas src 193.16.16.244
acl roy src 193.16.16.60
acl fandy src 193.16.16.108
acl arif src 193.16.16.125
acl laser arp 00:1B:FC:1A:54:83
acl download url_regex -i ftp .exe .mp3 .vqf .tar.gz .gz .tar .rpm .zip .rar .avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav .mov .msi .mp4
acl sementara src 193.16.16.233 #buat donlot sql server
#acl jam_tidur "/etc/squid/jam_tidur.txt"
http_access allow whitelist
http_access allow andrew
http_access allow teknisi
http_access allow choir
http_access allow fandy
http_access allow roy
http_access allow lukas
http_access allow sementara
#HTTP_ACCESS#
#Delay Pools#
#delay_pools 1
#delay_class 1 1
#delay_access 1 allow user_1
#delay_access 1 deny all
#delay_parameters 1 8000/8000
http_access deny user_1
http_access allow arif
http_access allow situs_khusus !jam_tayang
http_access deny situs_khusus
http_access deny situs_dewasa
http_access allow kompi1 !jam_tidur
#BLOCK MAC ADDRESS#
http_access deny block_mac
########reply_body_max_size 30000000 allow download
############################################################################
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow all
icp_access allow all
http_port 3128 transparent
visible_hostname localhost
hierarchy_stoplist cgi-bin ?
cache_dir ufs /usr/local/squid/cache 1024 16 256
access_log /usr/local/squid/access.log
cache_log /usr/local/squid/cache.log
cache_store_log none
emulate_httpd_log on
cache_mem 512 MB
cache_swap_low 94
cache_swap_high 96
maximum_object_size 64 MB
minimum_object_size 4 KB
maximum_object_size_in_memory 2048 KB
fqdncache_size 1024
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
extension_methods REPORT MERGE MKACTIVITY CHECKOUT
hosts_file /etc/hosts
coredump_dir /var/spool/squid
cache_mgr admin
cachemgr_passwd admin all
cache_effective_user squid
cache_effective_group squid
#dns_nameservers 202.134.1.10 202.93.40.174
Konfigurasi diatas membutuhkan file block_mac.txt,jam_tayang.txt,situs_dewasa.txt,situs_khusus.txt,whitelist.txt. Jika perlu kamu bisa download semua file itu disini
Buat user squid.
#useradd squid
Kemudian pastikan folder dan file didalam squid masuk ke dalam milik user squid
#chown -R squid.squid /etc/squid
Buat folder baru
#mkdir /usr/local/squid
#mkdir /usr/local/squid/cache
#chown -R /usr/local/squid
Setelah itu jalankan perintah berikut
#squid -z
#/etc/init.d/squid start
Seharusnya tidak ada error dan squid berjalan lancar.
Silakan diujicoba,semoga berhasil
apt-get install squid
Setelah itu, konfigurasi squid seperti contoh ( ubah sesuai konfigurasi kamu)
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 # https, snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWATacl purge method PURGE
acl purge method PURGE
acl CONNECT method CONNECT
#############################################################################
acl whitelist url_regex -i "/etc/squid/whitelist.txt"
acl kompi1 src 193.16.16.0/24
#acl user_1 src 193.16.16.213
acl user_1 arp 0C:0C:0B:14:CD:98 # MAc ini punya ip 213 sering donlot
acl situs_khusus url_regex -i "/etc/squid/situs_khusus.txt"
acl situs_dewasa url_regex -i "/etc/squid/situs_dewasa.txt"
acl block_mac arp "/etc/squid/block_mac.txt"
acl jam_tayang time "/etc/squid/jam_tayang.txt"
acl andrew src 193.16.16.222
acl teknisi src 193.16.16.234
acl choir src 193.16.16.90
acl lukas src 193.16.16.244
acl roy src 193.16.16.60
acl fandy src 193.16.16.108
acl arif src 193.16.16.125
acl laser arp 00:1B:FC:1A:54:83
acl download url_regex -i ftp .exe .mp3 .vqf .tar.gz .gz .tar .rpm .zip .rar .avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav .mov .msi .mp4
acl sementara src 193.16.16.233 #buat donlot sql server
#acl jam_tidur "/etc/squid/jam_tidur.txt"
http_access allow whitelist
http_access allow andrew
http_access allow teknisi
http_access allow choir
http_access allow fandy
http_access allow roy
http_access allow lukas
http_access allow sementara
#HTTP_ACCESS#
#Delay Pools#
#delay_pools 1
#delay_class 1 1
#delay_access 1 allow user_1
#delay_access 1 deny all
#delay_parameters 1 8000/8000
http_access deny user_1
http_access allow arif
http_access allow situs_khusus !jam_tayang
http_access deny situs_khusus
http_access deny situs_dewasa
http_access allow kompi1 !jam_tidur
#BLOCK MAC ADDRESS#
http_access deny block_mac
########reply_body_max_size 30000000 allow download
############################################################################
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow all
icp_access allow all
http_port 3128 transparent
visible_hostname localhost
hierarchy_stoplist cgi-bin ?
cache_dir ufs /usr/local/squid/cache 1024 16 256
access_log /usr/local/squid/access.log
cache_log /usr/local/squid/cache.log
cache_store_log none
emulate_httpd_log on
cache_mem 512 MB
cache_swap_low 94
cache_swap_high 96
maximum_object_size 64 MB
minimum_object_size 4 KB
maximum_object_size_in_memory 2048 KB
fqdncache_size 1024
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
extension_methods REPORT MERGE MKACTIVITY CHECKOUT
hosts_file /etc/hosts
coredump_dir /var/spool/squid
cache_mgr admin
cachemgr_passwd admin all
cache_effective_user squid
cache_effective_group squid
#dns_nameservers 202.134.1.10 202.93.40.174
Konfigurasi diatas membutuhkan file block_mac.txt,jam_tayang.txt,situs_dewasa.txt,situs_khusus.txt,whitelist.txt. Jika perlu kamu bisa download semua file itu disini
Buat user squid.
#useradd squid
Kemudian pastikan folder dan file didalam squid masuk ke dalam milik user squid
#chown -R squid.squid /etc/squid
Buat folder baru
#mkdir /usr/local/squid
#mkdir /usr/local/squid/cache
#chown -R /usr/local/squid
Setelah itu jalankan perintah berikut
#squid -z
#/etc/init.d/squid start
Seharusnya tidak ada error dan squid berjalan lancar.
Silakan diujicoba,semoga berhasil
No comments:
Post a Comment