squid.conf

Diskusi tentang Ubuntu Server baik webserver, database server, samba server dan service lainnya serta jaringan menggunakan Sistem Operasi Ubuntu.
User avatar
second_line08
Posts: 175
Joined: 23 Dec 2009, 08:35
Location: Indonesia, Tangerang, banten
Contact:

squid.conf

Postby second_line08 » 11 Mar 2010, 00:45

malem all..

banyak teman2 kita termasuk saya, mecari refrensi mengenai isi file squid.conf

untuk teman2 yang punya squid.conf.. bisa share disini.. agar bisa menjadi media pembelajaran bersama...

ditunggu...thanks before..
User avatar
bleTux
Posts: 857
Joined: 07 Jan 2010, 13:59
Location: home/bleckock
Contact:

Re: squid.conf

Postby bleTux » 11 Mar 2010, 01:50

Squid adalah aplikasi proxy web cache server yang paling banyak dipakai saat ini.
langkah-langkah Install squid
$ sudo apt-get install squid squid-common
Copy file /etc/squid/squid.conf
$ sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.original
$ sudo chmod a-w /etc/squid/squid.conf.original
lalu Konfigurasikan squid tersebut
contoh: konfigurasi untuk squid 2.6
$ sudo gedit /etc/squid/squid.conf
http_port 8888 transparent
http_access allow all
cache_mem 32 MB
cache_dir ufs /var/spool/squid 1600 4 256
negative_ttl 2 minutes
maximum_object_size 1024 KB
minimum_object_size 4 KB
visible_hostname myServer
http_access allow manager localhost
cache_swap_low 80
cache_swap_high 100

Panduan setting squid dari http://www.squid-cache.org adalah:
Configuration Guide - 2.6
Configuration Guide - 3.0
Setelah konfigurasi selesai, simpan konfigurasi tersebut. Initialize cache direktori dengan squid -z

cara membuat Transparent Proxy menggunakan IPTables
Meredirect port 80 ke port squid 8888
$ sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8888
$ sudo iptables-save
untuk lebih detail mengenai transparent proxy kakak aditya bisa melihat di :
http://tldp.org/HOWTO/TransparentProxy.html

cara merestart squid : $ sudo /etc/init.d/squid restart

sekian semoga bisa membantu kakak.
pasti kakak aditya mau main petak umpet ya.... :grin:
User avatar
second_line08
Posts: 175
Joined: 23 Dec 2009, 08:35
Location: Indonesia, Tangerang, banten
Contact:

Re: squid.conf

Postby second_line08 » 11 Mar 2010, 05:14

yang saya maksud teman2 share squid.conf yang teman2 gunakan..
bukan pengertiannnya..
tapi gak pap2.. lumayan..
thanks ya dah share.. :D

nyok siapa lagi...nyang mau share
User avatar
second_line08
Posts: 175
Joined: 23 Dec 2009, 08:35
Location: Indonesia, Tangerang, banten
Contact:

Re: squid.conf

Postby second_line08 » 11 Mar 2010, 23:16

saya pake ini

#=========================== ACCESS CONTROLS ==================================
# http://www.oneminds.com admin:secondline08@gmail.com squid.conf rules
# -----------------------------------------------------------------------------
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT

# Ijinkan akses cachemgr hanya dari localhost
http_access allow manager localhost
http_access deny manager

# Ijinkan request purge hanya dari localhost
http_access allow purge localhost
http_access deny purge

# Deny request ke ports yang tidak dikenal
http_access deny !Safe_ports

# Deny CONNECT selain ke port SSL
http_access deny CONNECT !SSL_ports

# Ini adalah network LAN di kantor
acl jaringan_kantor src 192.168.1.0-192.168.1.50/24
acl jam_kerja time MTWH 08:00-12:00 # Senin s.d Kamis jam 08:00 s.d Jam 12:00
acl jam_kerja time F 08:00-11:30 # Jumat 08:00-11:30 WIB
acl jam_kerja time MTWHF 13:00-16:00 # Senin s.d Jumat jam 13:00 s.d 16:00

# memblock situs porno, kata porno, ip porno
acl "Kata Terlarang" dstdomain "/usr/local/etc/squid/porn.txt"
acl "Kata Terlarang" url_regex -i "/usr/local/etc/squid/pornword.txt
acl "Kata Terlarang" dst "/usr/local/etc/squid/pornip.txt
http_access deny "Kata Terlarang"

# memblock situs sesuai kebijakan kantor
acl rules_kantor dstdomain "/usr/local/etc/squid/ruleskantor.txt"
http_access deny rules_kantor

# manager dan boss
acl manager src 192.168.1.51 # manager keuangan
acl manager src 192.168.1.52 # manager marketing
acl manager src 192.168.1.210 # general manager
acl boss src 192.168.1.68 # si boss besar

# Buka akses internet untuk manager dan boss, tanpa batasan waktu
http_access allow manager
http_access allow boss

# Untuk karyawan lainnya, buka akses internet diluar jam kerja
http_access allow rules_kantor !jam_kerja
http_access allow jaringan_kantor
http_access allow localhost

# Dan akhirnya deny semua akses ke proxy ini
http_access deny all
icp_access deny all


# NETWORK OPTIONS
# -----------------------------------------------------------------------------

# Squid biasanya dijalankan di port 3128
http_port 3128


# DISK CACHE OPTIONS
# -----------------------------------------------------------------------------

# Saya alokasikan 2000 MB space harddisk
cache_dir ufs /var/spool/squid 2000 16 256


# LOGFILE OPTIONS
# -----------------------------------------------------------------------------
access_log /var/log/squid/access.log squid


# OPTIONS FOR TUNING THE CACHE
# -----------------------------------------------------------------------------
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320


# HTTP OPTIONS
# -----------------------------------------------------------------------------

# Apache mod_gzip and mod_deflate known to be broken so don't trust
# Apache to signal ETag correctly on such responses
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache

# TAG: extension_methods
# Squid only knows about standardized HTTP request methods.
# You can add up to 20 additional "extension" methods here.
extension_methods REPORT MERGE MKACTIVITY CHECKOUT


# MISCELLANEOUS
# -----------------------------------------------------------------------------
coredump_dir /var/spool/squid
cache_mgr second.line08@gmail.com
visible_hostname proxy.tekun.com
User avatar
c0jack
Posts: 743
Joined: 12 Jan 2010, 10:33
Location: Jogjakarta, Indonesia
Contact:

Re: squid.conf

Postby c0jack » 12 Mar 2010, 08:26

waaah siip dah bro, referensi yang berharga nih :)


regards,
c0jack
User avatar
winkoplak
Posts: 6
Joined: 10 Mar 2010, 09:21
Location: nomaden

Re: squid.conf

Postby winkoplak » 12 Mar 2010, 08:43

[quote=bleckock]Squid adalah aplikasi proxy web cache server yang paling banyak dipakai saat ini.
langkah-langkah Install squid
$ sudo apt-get install squid squid-common
Copy file /etc/squid/squid.conf
$ sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.original
$ sudo chmod a-w /etc/squid/squid.conf.original
lalu Konfigurasikan squid tersebut
contoh: konfigurasi untuk squid 2.6
$ sudo gedit /etc/squid/squid.conf
http_port 8888 transparent


ini malah berguna bgt bagi yg belajar gan
http_access allow all
cache_mem 32 MB
cache_dir ufs /var/spool/squid 1600 4 256
negative_ttl 2 minutes
maximum_object_size 1024 KB
minimum_object_size 4 KB
visible_hostname myServer
http_access allow manager localhost
cache_swap_low 80
cache_swap_high 100

Panduan setting squid dari http://www.squid-cache.org adalah:
Configuration Guide - 2.6
Configuration Guide - 3.0
Setelah konfigurasi selesai, simpan konfigurasi tersebut. Initialize cache direktori dengan squid -z

cara membuat Transparent Proxy menggunakan IPTables
Meredirect port 80 ke port squid 8888
$ sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8888
$ sudo iptables-save
untuk lebih detail mengenai transparent proxy kakak aditya bisa melihat di :
http://tldp.org/HOWTO/TransparentProxy.html

cara merestart squid : $ sudo /etc/init.d/squid restart

sekian semoga bisa membantu kakak.
pasti kakak aditya mau main petak umpet ya.... :grin: