Squid Server

1. instalasi :

#apt-get install squid

2. Setelah instalasi tambahkan perintah pada file :

#nano /etc/squid/squid.conf

acl all src 0.0.0.0/0.0.0.0

acl labl src 192.168.1.0/255.255.255.0

acl tidak dstdomain http://www.friendster.com

acl manager proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl to_localhost dst 127.0.0.0/8

acl SSL_ports port 443 # https

acl SSL_ports port 563 # snews

acl SSL_ports port 873 # rsync

acl Safe_ports port 80 # http

acl Safe_ports port 21 # ftp

acl Safe_ports port 443 # https

acl Safe_ports port 70 # gopher

acl Safe_ports port 210 # wais

acl Safe_ports port 1025-65535 # unregistered ports

acl Safe_ports port 280 # http-mgmt

acl Safe_ports port 488 # gss-http

acl Safe_ports port 591 # filemaker

acl Safe_ports port 777 # multiling http

acl Safe_ports port 631 # cups

acl Safe_ports port 873 # rsync

acl Safe_ports port 901 # SWAT

acl purge method PURGE

acl CONNECT method CONNECT

 

_DAN_

 

# INSERT YOUR OWN RULE (S) HERE TO ALLOE ACCESS FROM YOUR CLIENTS

# Example rule allowing access from your local networks. Adapt

# to list your (internal) IP network from where browsing should

# be allowed

#acl our_networks src 192.168.1.0/24 192.168.2.0/24

#http_access allow localhost

http_access allow localhost

http_access deny tidak

http_access allow labl

 

_DAN_

 

#  TAG: visible_hostname

# If you want to present a special hostname in error messages, etc,

# define this.  Otherwise, the return value of gethostname()

# will be used. If you have multiple caches in a cluster and

# get errors about IP-forwarding you must set them to have individual

# names with this setting.

#

#Default:

visible_hostname http://www.etha.com

3. Restart Squid server :

#/etc/init.d/squid restart

6. Pengecekan :

– Pada computer client :

Internet Explorer > tools > internet options > connections > LAN setting > centang use automatic configuration script > pada address ketik DNS server.

Centang use a proxy server for your LAN > pada address ketik DNS server > pada port ketik port proxy server kita.

– Kembali ke Internet Explorer, pada address ketik website yang kita block. Jika website yang kita block tidak bisa, maka Squid server berhasil.

 

Transparent Proxy Server

 

1. Konfigurasi, edit file squid.conf :

#nano /etc/squid/squid.conf

  visible_hostname proxy.setyo.web.id

  cache_mgr proxy.setyo.web.id

  http_port 3128 transparent

  always_direct allow all

  cache_dir ufs /var/spool/squid 500 16 256

2. Buat the cache directory :

  #squid -z

3. Restart squid :

  #/etc/init.d/squid restart

4. Kita telah set transparan proxy. Sekarang kita melakukan penyettingan :

  #echo 1 > /proc/sys/net/ipv4/ip_forward

5. Lakukan metode enabling IP forwarding

6. Tambahkan script pada startup scripts. Sekarang kita telah menambahkan masquerading method dan kemudain kita bisa forward the connection :

 # apt-get install ipmasq

7. Terakhir :

  # iptables -A PREROUTING -t nat -p tcp –dport 80 -j REDIRECT –to-port 3128

 8. Restart squid :

  #/etc/init.d/squid start

 

Kalo kamu ga bisa pake cara ini dan ga berhasil, kamu bisa pake cara lain. Coz aq belum nyoba sebelumnya. ^_^

Coba dengan cara ini :

1. Hanya menambahkan script pada file squid.conf :

httpd_accel_host virtual

httpd_accel_port 80

httpd_accel_with_proxy on

httpd_accel_uses_host_header on

 

Atau

 

always_direct allow all

 

Restart squid :

#/etc/init.d/squid restart

^_^

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: