Monday, December 31, 2007

proxy server (squid-2.5.STABLE10)

Konfigurasi squid di ubuntu pake squid-2.5.STABLE10,
download dulu squid-2.5.STABLE10-20050525.tar.gz di http://www.squid-cache.org/Versions/v2/2.5/

tar xzfv squid-2.5.STABLE10-20050525.tar.gz

[root@mamat-desktop]# tar xzvf squid-2.5.STABLE2.tar.gz
[root@mamat-desktop]# cd squid-2.5.STABLE2

Buat user untuk menjalankan squid nantinya, NO ROOT untuk menjalankannya,
dan jangan beri shell (eq:/bin/bash) thd user yang menjalankanya.

[root@mamat-desktop]#useradd -d /usr/local/squid/ -r -s /dev/null squid > /dev/null 2>&1

Kompilasi dimulai,

[root@gembels squid-2.5.STABLE10]#
./configure \
--prefix=/usr/local/squid \
--exec-prefix=/usr/local/squid \
--enable-delay-pools \
--enable-cache-diggests \
--enable-poll \
--disable-ident-lookups \
--enable-snmp
[root@mamat-desktop squid-2.5.STABLE10]# make
[root@mamat-desktop squid-2.5.STABLE10]# make install

Sekarang masuk ke bagian configurasinya

[root@mamat-desktop]# nano /usr/local/squid/etc/squid.conf
[root@mamat-desktop]#nano /etc/squid/

http_port 8080
visible_hostname mamatsmpn24
cache_mgr akita_12@telkom.net
cache_dir ufs /var/spool/squid 500 16 256
cache_peer 172.16.1.1 parent 8080 0 no-query default

access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl guru src 172.16.97.1-172.16.97.20
acl siswa src 172.16.97.21-172.16.97.100
acl porno url_regex -i "/usr/local/squid/etc/porno.txt"

http_access allow localhost
http_access allow siswa
http_access deny siswa porno
http_access allow guru
http_access deny all

acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

#/etc/init.d/squid -z
#/etc/init.d/squid -D

Untuk memastikan jalan squidnya
#ps ax|grep squid
[root@mamat-desktop]# ps ax|grep squid/etc/init.d/squid restart
Untuk menambah supaya jadi transparent proxy
root@mamat-desktop:/usr/local/squid/etc# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
root@mamat-desktop:# echo 1 > /proc/sys/net/ipv4/ip_forward
root@mamat-desktop:/proc/sys/net/ipv4# iptables -t nat -I PREROUTING -i vmnet -s 172.16.97.3 -p tcp --dport 80 -j REDIRECT --to-port 8080
root@mamat-desktop:/proc/sys/net/ipv4# iptables -t nat -L -n -v

Selamat Mencoba :D

daftar pustaka : http://portal.gembels.com/ http://lug-stttelkom.co.nr/

No comments:

Post a Comment