[SHARE]Compile squidGuard 1.4

Diskusi tentang Ubuntu Server baik webserver, database server, samba server dan service lainnya serta jaringan menggunakan Sistem Operasi Ubuntu.
User avatar
q_p
Contact:

[SHARE]Compile squidGuard 1.4

Post 17 Mar 2013, 23:59

[align:center][size:17pt]Bagian i | Install Berkeley DB V.4.6.21[/size][/align]
Berkeley DB V.4.6.21 yang merupakan produk Oracle adalah tool pengolah database yang dibutuhkan oleh aplikasi semacam squidGuard. Pada Berkeley DB versi 4.7 terdapat eror saat di-compile, yang justru tidak terjadi (eror) pada versi (sampai dengan) 4.6.
  • Install tools pendukungnya, yaitu bison dan flex

Code: Select all

apt-get install bison flex
  • Download Berkeley DB V.4.6.21 beserta 4 buah file patch-nya, yaitu patch.4.6.21.1, patch.4.6.21.2, patch.4.6.21.3 dan patch.4.6.21.4. Lakukan semuanya sebagaimana dalam spoiler di bawah ini=
[spoiler]

Code: Select all

# mkdir /usr/local/BerkeleyDB
# mkdir /usr/local/src/workdir
# cd /usr/local/src/workdir
# wget http://download.oracle.com/berkeley-db/db-4.6.21.tar.gz
# tar -zxvf db-4.6.21.tar.gz
# cd db-4.6.21
# wget http://download.oracle.com/berkeley-db/patches/db/4.6.21/patch.4.6.21.1
# wget http://download.oracle.com/berkeley-db/patches/db/4.6.21/patch.4.6.21.2
# wget http://download.oracle.com/berkeley-db/patches/db/4.6.21/patch.4.6.21.3
# wget http://download.oracle.com/berkeley-db/patches/db/4.6.21/patch.4.6.21.4
# patch -p0 < patch.4.6.21.1
# patch -p0 < patch.4.6.21.2
# patch -p0 < patch.4.6.21.3
# patch -p0 < patch.4.6.21.4
# cd build_unix
# ../dist/configure --prefix=/usr/local/BerkeleyDB CC="gcc" CFLAGS="-O3 -Wall" 
# make
# make install
# make clean
# echo "/usr/local/BerkeleyDB/lib" >> /etc/ld.so.conf
# ldconfig
# cd
[/spoiler] [align:center][size:17pt]Bagian ii | Install squidGuard-1.4[/size][/align]
Sedangkan squidGuard adalah add-on Proxy Server (Squid) yang bekerja sebagai URL-redirector, digunakan untuk melakukan filtering database (database ini biasa disebut blacklist) dan semua proses-nya berjalan di dalam mesin proxy server. Saat ini sudah tersedia squidGuard version 1.5 beta untuk di download
  • Untuk refferensi bisa dilihat Official Web squidGuard dan �steps to compile�-nya silahkan ikuti spoiler di bawah ini =
[spoiler]

Code: Select all

# mkdir /usr/local/src/workdir
# cd /usr/local/src/workdir
# wget http://www.squidguard.org/Downloads/squidGuard-current.tar.gz
# tar xvzf squidGuard-current.tar.gz
# cd squidGuard-1.4
# wget http://www.squidguard.org/Downloads/Patches/1.4/squidGuard-1.4-patch-20091015.tar.gz
# wget http://www.squidguard.org/Downloads/Patches/1.4/squidGuard-1.4-patch-20091019.tar.gz
# tar xvzf squidGuard-1.4-patch-20091015.tar.gz
# tar xvzf squidGuard-1.4-patch-20091019.tar.gz
# cp squidGuard-1.4-patch-20091015/*.*  squidGuard-1.4/src
# cp  squidGuard-1.4-20091019/*.*  squidGuard-1.4/src
# export LIBS="-lpthread"
# ./configure --with-squiduser=proxy CC="gcc" CFLAGS="-O2 -march=i686 -funroll-loops" && make
[/spoiler]Langkah tersebut di atas bisa juga anda terapkan pada squidGuard-1.5 beta dengan mengganti link pada baris ke-3 dan lewati saja langkah pada baris ke 6 s/d 11.
  • Sebelum melakukan perintah make install, ada baiknya dilakukan dulu make test.

Code: Select all

# mkdir -p /usr/local/squidGuard/log
# chown -R proxy:proxy /usr/local/squidGuard/log
# make test
Output-nya seperti di dalam spoiler di bawah ini
[spoiler]

Code: Select all

making test in squidGuard-1.4
(cd test && make  test)
make[1]: Entering directory `/usr/local/src/squidGuard-1.4/test'
test1..
Database size:
  5643 blacklist/domains
  7442 blacklist/urls
 13085 total
Running test1 with 1005 requests...Done
Checking number of output lines...OK
Checking the output against the expected...OK
squidGuard initialization took 0.025 seconds
squidGuard handled 1005 requests in 0.022 seconds

test2..
Database size:
  5643 blacklist/domains
  7442 blacklist/urls
     3 blacklist/expressions
 13088 total
Running test2 with 1005 requests...Done
Checking number of output lines...OK
Checking the output against the expected...OK
squidGuard initialization took 0.027 seconds
squidGuard handled 1005 requests in 0.020 seconds

benchmark..
Database size:
  5643 blacklist/domains
  7442 blacklist/urls
 13085 total
Running benchmark test with 100500 requests...Done
squidGuard initialization took 0.025 seconds
squidGuard handled 100500 requests in 1.190 seconds
make[1]: Leaving directory `/usr/local/src/squidGuard-1.4/test'
[/spoiler]
  • Lanjutkan perintah make install

Code: Select all

# make install
[align:center][size:17pt]Bagian iii | Configure to AutoUpdate[/size][/align]
  • Edit file /usr/local/squidGuard/squidGuard.conf, di bawah ini adalah contoh-nya =
[spoiler]

Code: Select all

dbhome /usr/local/squidGuard/DB
logdir /usr/local/squidGuard/log/

dest "Kata Terlarang" {
	domainlist	"Kata Terlarang"/domains
	urllist		"Kata Terlarang"/urls
}
dest publicite {
	domainlist	publicite/domains
     	urllist		publicite/urls
}
dest malware {
        domainlist      malware/domains
        urllist         malware/urls
}

dest redirector {
	domainlist	redirector/domains
	urllist		redirector/urls
}

acl {
     	default {
	       	pass   !"Kata Terlarang" !publicite !malware !redirector all
		#redirect 302:http://192.168.0.1/squidGuard.html
	}
}
[/spoiler]baris = #redirect 302:http://192.168.0.1/squidGuard.html silahkan diganti dengan html-file kreasi anda sendiri atau dibiarkan kosong supaya menggunakan error massage-nya squid. Anda juga bisa membuatnya berbeda untuk setiap kategori, dengan meletakkannya pada baris terakhir setiap kategori.
  • Tambahkan 1 baris di bawah ini ke dalam file squid.conf =

Code: Select all

url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
  • Membuat script sederhana untuk melakukan download database. Database menggunakan ftp.univ-tlse1.fr yang benar-benar free tanpa syarat dan ketentuan

Code: Select all

touch /usr/local/squidGuard/update.sh
chmod +x /usr/local/squidGuard/update.sh
nano /usr/local/squidGuard/update.sh
Kopas script di bawah ini =
[spoiler]

Code: Select all

#!/bin/sh
SG=/usr/local/squidGuard/
DB=/usr/local/squidGuard/DB/
LOG=/usr/local/squidGuard/log/
workdir=/tmp/workdir/

if [ ! -d $workdir ]; then
        mkdir $workdir
fi

if [ ! -d  $DB ]; then
        mkdir $DB
fi

# check that everything is clean before we start.
if [ -f  $workdir/"Kata Terlarang".tar.gz ]; then
        echo "UPDATE STATUS = Old "Kata Terlarang".tar.gz found. Deleted!"
        rm $workdir/"Kata Terlarang".tar.gz
fi

if [ -f $workdir/publicite.tar.gz ]; then
        echo "UPDATE STATUS = Old publicite.tar.gz found. Deleted!"
        rm -r $workdir/publicite.tar.gz
fi

if [ -f $workdir/malware.tar.gz ]; then
        echo "UPDATE STATUS = Old malware.tar.gz found. Deleted!"
        rm -r $workdir/malware.tar.gz
fi

if [ -f $workdir/redirector.tar.gz ]; then
        echo "UPDATE STATUS = Old redirector.tar.gz found. Deleted!"
        rm -r $workdir/redirector.tar.gz
fi

# copy the recent blacklist
echo "UPDATE STATUS = Retriev and extract "Kata Terlarang".tar.gz"
wget -P $workdir 'ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/"Kata Terlarang".tar.gz' || { echo "UPDATE STATUS = Unable to download "Kata Terlarang".tar.gz" && exit 1 ; }
tar xzf $workdir/"Kata Terlarang".tar.gz -C $DB | { echo "UPDATE STATUS = extract "Kata Terlarang".tar.gz" && exit 1 ; }

echo "UPDATE STATUS = Retriev and extract publicite.tar.gz"
wget -P $workdir 'ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/publicite.tar.gz' || { echo "UPDATE STATUS = Unable to download publicite.tar.gz" && exit 1 ; }
tar xzf $workdir/publicite.tar.gz -C $DB | { echo "UPDATE STATUS = extract publicite.tar.gz" && exit 1 ; }

echo "UPDATE STATUS = Retriev and extract malware.tar.gz"
wget -P $workdir 'ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/malware.tar.gz' || { echo "UPDATE STATUS = Unable to download malware.tar.gz" && exit 1 ; }
tar xzf $workdir/malware.tar.gz -C $DB | { echo "UPDATE STATUS = extract malware.tar.gz" && exit 1 ; }

echo "UPDATE STATUS = Retriev and extract redirector.tar.gz"
wget -P $workdir 'ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/redirector.tar.gz' || { echo "UPDATE STATUS = Unable to download redirector.tar.gz" && exit 1 ; }
tar xzf $workdir/redirector.tar.gz -C $DB | { echo "UPDATE STATUS = extract redirector.tar.gz" && exit 1 ; }

echo "UPDATE STATUS = Set permisions to $DB and $LOG directory."
chown -R proxy:proxy $DB
chown -R proxy:proxy $LOG
chmod -R 750 $DB
chmod -R 750 $LOG
rm $SG/*.log

echo "UPDATE STATUS = Updating squidGuard blacklists database."
squidGuard -C all
squidGuard -u

echo "UPDATE STATUS = Reconfiguring squid."
squid -S -k reconfigure
#Jika tidak bisa, gunakan di bawah ini =
#service squid restart

echo "UPDATE STATUS = Done !"
sleep 5s
exit 0
[/spoiler]
  • Jalankan script tersebut untuk men-download, membuat database dan sekaligus menjalankan squid & squidGuard, dengan perintah =

Code: Select all

sh /usr/local/squidGuard/update.sh
  • Agar bisa auto-update, lakukan modifikasi pada update.sh sehingga menjadi seperti ini =
[spoiler]

Code: Select all

#!/bin/sh
SG=/usr/local/squidGuard/
DB=/usr/local/squidGuard/DB/
LOG=/usr/local/squidGuard/log/
workdir=/tmp/workdir/

if [ ! -d $workdir ]; then
        mkdir $workdir
fi

if [ ! -d  $DB ]; then
        mkdir $DB
fi

# check that everything is clean before we start.
rm -r $DB/*

if [ -f  $workdir/"Kata Terlarang".tar.gz ]; then
        echo "UPDATE STATUS = Old "Kata Terlarang".tar.gz found. Deleted!"
        rm $workdir/"Kata Terlarang".tar.gz
fi

if [ -f $workdir/publicite.tar.gz ]; then
        echo "UPDATE STATUS = Old publicite.tar.gz found. Deleted!"
        rm -r $workdir/publicite.tar.gz
fi

if [ -f $workdir/malware.tar.gz ]; then
        echo "UPDATE STATUS = Old malware.tar.gz found. Deleted!"
        rm -r $workdir/malware.tar.gz
fi

if [ -f $workdir/redirector.tar.gz ]; then
        echo "UPDATE STATUS = Old redirector.tar.gz found. Deleted!"
        rm -r $workdir/redirector.tar.gz
fi

# copy the recent blacklist
echo "UPDATE STATUS = Retriev and extract "Kata Terlarang".tar.gz"
wget -P $workdir 'ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/"Kata Terlarang".tar.gz' || { echo "UPDATE STATUS = Unable to download "Kata Terlarang".tar.gz" && exit 1 ; }
tar xzf $workdir/"Kata Terlarang".tar.gz -C $DB | { echo "UPDATE STATUS = Unable to extract "Kata Terlarang".tar.gz" && exit 1 ; }

echo "UPDATE STATUS = Retriev and extract publicite.tar.gz"
wget -P $workdir 'ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/publicite.tar.gz' || { echo "UPDATE STATUS = Unable to download publicite.tar.gz" && exit 1 ; }
tar xzf $workdir/publicite.tar.gz -C $DB | { echo "UPDATE STATUS = Unable to extract publicite.tar.gz" && exit 1 ; }

echo "UPDATE STATUS = Retriev and extract malware.tar.gz"
wget -P $workdir 'ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/malware.tar.gz' || { echo "UPDATE STATUS = Unable to download malware.tar.gz" && exit 1 ; }
tar xzf $workdir/malware.tar.gz -C $DB | { echo "UPDATE STATUS = Unable to extract malware.tar.gz" && exit 1 ; }

echo "UPDATE STATUS = Retriev and extract redirector.tar.gz"
wget -P $workdir 'ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/redirector.tar.gz' || { echo "UPDATE STATUS = Unable to download redirector.tar.gz" && exit 1 ; }
tar xzf $workdir/redirector.tar.gz -C $DB | { echo "UPDATE STATUS = Unable to extract redirector.tar.gz" && exit 1 ; }

echo "UPDATE STATUS = Set permisions to $DB and $LOG directory."
chown -R proxy:proxy $DB
chown -R proxy:proxy $LOG
chmod -R 750 $DB
chmod -R 750 $LOG
rm $SG/*.log

echo "UPDATE STATUS = Updating squidGuard blacklists database."
squidGuard -C all
squidGuard -u

echo "UPDATE STATUS = Reconfiguring squid."
squid -S -k reconfigure
#Jika tidak bisa, gunakan di bawah ini =
#service squid restart

echo "UPDATE STATUS = Done !"
sleep 5s
exit 0
[/spoiler]Masukkan baris berikut di cronjob agar melakukan update sebulan sekali =

Code: Select all

@monthly * * * * /usr/local/squidGuard/update.sh

[align:center][size:17pt]Bagian iv | Test Drive[/size][/align]
Ketikkan salah satu alamat situs porno (misalnya = tube8.com), dan jika hal tersebut anda lakukan di WarnetersA maka yang hadir di halaman pemirsa adalah seperti dalam skringsut di bawah ini =

[img]http://s20.postimage.org/4mrq2ansd/blokir.png[/img]

[align:center][size:17pt]BONUS | Error Massage dan Security Enhancement[/size][/align]
  • Error Massage yang di-costume bisa memudahkan pelanggan/client untuk memahami apa yang sebenarnya terjadi. Khusus untuk blacklist dalam kategori iklan (publicite/adv), sengaja dibuat blank untuk meng-akomodasi semua ukuran iklan dan memberi kesan bersih. Download lampiran, upload ke dir /var/www,ektrak dan ubah ownership-nya

Code: Select all

# cd /var/www
# tar -xzvf error_massage.tar.gz
# chown proxy:proxy *.html
# rm error_massage.tar.gz
# cd
  • Edit squidGuard.conf seperti contoh dalam spoiler, agar muncul error massage dan client anda tidak bisa melakukan bypass dengan mengganti alamat url yang termasuk dalam blacklist dengan IP-Address. Yang terakhir ini dilakukan dengan menambah option |in-addr di baris acl default
[spoiler]

Code: Select all

dbhome /usr/local/squidGuard/DB
logdir /usr/local/squidGuard/log/

dest "Kata Terlarang" {
	domainlist	"Kata Terlarang"/domains
	urllist		"Kata Terlarang"/urls
	redirect http://ip-addrees-proxy/porn.html
}
dest publicite {
	domainlist	publicite/domains
     	urllist		publicite/urls
	redirect http://ip-addrees-proxy/publicite.html
}
dest malware {
        domainlist      malware/domains
        urllist         malware/urls
	redirect http://ip-addrees-proxy/malware.html
}

dest redirector {
	domainlist	redirector/domains
	urllist		redirector/urls
	redirect http://ip-addrees-proxy/redirector.html
}

acl {
     	default {
	       	pass   !"Kata Terlarang" !publicite !malware !redirector !in-addr all
		
	}
}
[/spoiler]

Konfigur ulang squid agar membaca perubahan pada konfigurasi squidGuard yang barusan kita lakukan, dengan perintah =

Code: Select all

# squid -S -k reconfigure
Berikut tampilan youtube tanpa iklan =

[img]http://s20.postimg.org/6bc1vp1bh/minus_adv.png[/img]

[align:center][size:17pt]BONUS LAGI | Customize Database[/size][/align]
Jika sengaja atau tanpa sengaja anda menemukan situs dan anda ingin memasukkanya ke dalam blacklist, berikut ini bisa dijadikan contoh kasus. Misalnya, ingin memasukkan situs di bawah ini ke dalam daftar banner/iklan yang mau di blok =
[quote: Daftar situs banner]kad.kaskus.co.id
kad.kaskus.com
ab.kaskus.co.id
ab.kaskus.com
ad.kaskus.co.id
ad.kaskus.com
ads2.kompasads.com
ads3.kompasads.com
ads4.kompasads.com
ads5.kompasads.com
ads6.kompasads.com
openx.detik.com
ads.sittiad.com[/quote]
Selanjutnya, edit file update.sh menjadi seperti di bawah ini =
[spoiler]

Code: Select all

#!/bin/sh
SG=/usr/local/squidGuard/
DB=/usr/local/squidGuard/db/
LOG=/usr/local/squidGuard/log/
workdir=/home/warsa/workdir/

if [ ! -d $workdir ]; then
        mkdir $workdir
fi

if [ ! -d  $DB ]; then
        mkdir $DB
fi

# check that everything is clean before we start.
rm -r $DB/*
rm -r $LOG/*
rm -r $workdir/*

# copy the recent blacklist
echo "UPDATE STATUS = Retriev and extract "Kata Terlarang".tar.gz"
wget -P $workdir 'ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/"Kata Terlarang".tar.gz' || { echo "UPDATE STATUS = Unable to download "Kata Terlarang".tar.gz" && exit 1 ; }
tar xzf $workdir/"Kata Terlarang".tar.gz -C $DB | { echo "UPDATE STATUS = to extract "Kata Terlarang".tar.gz" && exit 1 ; }

echo "UPDATE STATUS = Retriev and extract phishing.tar.gz"
wget -P $workdir 'ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/phishing.tar.gz' || { echo "UPDATE STATUS = Unable to download phishing.tar.gz" && exit 1 ; }
tar xzf $workdir/phishing.tar.gz -C $DB | { echo "UPDATE STATUS = extract phishing.tar.gz" && exit 1 ; }

echo "UPDATE STATUS = Retriev and extract publicite.tar.gz"
wget -P $workdir 'ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/publicite.tar.gz' || { echo "UPDATE STATUS = Unable to download publicite.tar.gz" && exit 1 ; }
tar xzf $workdir/publicite.tar.gz -C $DB | { echo "UPDATE STATUS = extract publicite.tar.gz" && exit 1 ; }

echo "UPDATE STATUS = Retriev and extract malware.tar.gz"
wget -P $workdir 'ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/malware.tar.gz' || { echo "UPDATE STATUS = Unable to download malware.tar.gz" && exit 1 ; }
tar xzf $workdir/malware.tar.gz -C $DB | { echo "UPDATE STATUS = extract malware.tar.gz" && exit 1 ; }

echo "UPDATE STATUS = Retriev and extract redirector.tar.gz"
wget -P $workdir 'ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/redirector.tar.gz' || { echo "UPDATE STATUS = Unable to download redirector.tar.gz" && exit 1 ; }
tar xzf $workdir/redirector.tar.gz -C $DB | { echo "UPDATE STATUS = extract redirector.tar.gz" && exit 1 ; }

echo "UPDATE STATUS = Costumized to ./publicite/domains"
echo "kad.kaskus.co.id" >> $DB/publicite/domains
echo "kad.kaskus.com" >> $DB/publicite/domains
echo "ab.kaskus.co.id" >> $DB/publicite/domains
echo "ab.kaskus.com" >> $DB/publicite/domains
echo "ad.kaskus.co.id" >> $DB/publicite/domains
echo "ad.kaskus.com" >> $DB/publicite/domains
echo "ads2.kompasads.com" >> $DB/publicite/domains
echo "ads3.kompasads.com" >> $DB/publicite/domains
echo "ads4.kompasads.com" >> $DB/publicite/domains
echo "ads5.kompasads.com" >> $DB/publicite/domains
echo "ads6.kompasads.com" >> $DB/publicite/domains
echo "openx.detik.com" >> $DB/publicite/domains
echo "ads.sittiad.com" >> $DB/publicite/domains

echo "UPDATE STATUS = Updating squidGuard blacklists database."
squidGuard -C all

echo "UPDATE STATUS = Set permisions to $DB and $LOG directory."
chown -R proxy:proxy $DB/*
chown -R proxy:proxy $LOG/*
date > $LOG/update_sGdb.txt

echo "UPDATE STATUS = Reconfiguring squid."
squid -S -k reconfigure

echo "UPDATE STATUS = Done !"
exit 0
[/spoiler]

[align:center][size:17pt]Upggrade ke squidGuard-1.5-beta dengan db-4.8.30.NC
[/size][/align]
[align:center][size:17pt] Whitelist[/size][/align]
[align:center][size:17pt] Error Massage with CGI
[/size][/align]


User avatar
Malsasa
Contact:

Post 18 Mar 2013, 00:01

Saya memang tidak minat dengan jaringan, tidak juga dengan security awareness. Tapi saya minat banget sama ide-ide dan usaha baru untuk mendukung FOSS. Saya sangat senang, akang menulis ini dengan baik dan penuh cita rasa. Mohon dipertahankan posting berkualitas macam ini :)

Dukung akang!


User avatar
q_p
Contact:

Post 18 Mar 2013, 00:08

Terima kasih Cak :) Semua ini karena saya ada waktu luang dan kebetulan juga sudah ter-dokumentasi (di web lokal warnet). Jadi tidak memerlukan energi ekstra untuk menulis ulang.
Kebetulan juga di FUI masih banyak yang tanya tentang "blokir-2an", maka saya tawarkan satu alternatif yang ini. Alternatif, karena memang masih banyak cara untuk urusan "blokir-2an".


User avatar
beling
Contact:

Post 19 Mar 2013, 10:08

saya berhenti disini :
# ./configure --with-squiduser=proxy CC="gcc" CFLAGS="-O2 -march=i686 -funroll-loops" CC="gcc" CFLAGS="-O2 -march=i686 -funroll-loops" && make

itu CFLAGS nya menyesuaikan jenis/type processor atau memang harus begitu?
btw saya pakai PIV-3.00Ghz ; spertinya sama yak ... :D
#CHOST="i686-pc-linux-gnu"
#CFLAGS="-march=prescott -O2 -pipe -fomit-frame-pointer"


User avatar
q_p
Contact:

Post 19 Mar 2013, 15:33

Mohon maaf, saya salah paste (sampai dua kali)
coba anda ulang

Code: Select all

# ./configure --with-squiduser=proxy CC="gcc" CFLAGS="-O2 -march=i686 -funroll-loops" && make


User avatar
beling
Contact:

Post 22 Mar 2013, 09:29

alhamdulillah sudah berjalan dengan baik, sedikit revisi mungkin ditempat saya pada bagian ini :
[php]# cp squidGuard-1.4-patch-20091015\*.* squidGuard-1.4\src
# cp squidGuard-1.4-20091019\*.* squidGuard-1.4\src[/php]
keluar No such file / directory, akhirnya saya copy manual file tsb kedalam folder squidGuard-1.4\src menggunakan WinSCP

kemudian bagian ini :
[php]# ./configure --with-squiduser=proxy CC="gcc" CFLAGS="-O2 -march=i686 -funroll-loops" && make[/php]
sudah betul, kemarin sudah direvisi oleh mas Pragola_Pati :-D

Akhir kata, saya ucapkan terima kasih atas tutorialnya
Wassalamualaikum wr,wb


User avatar
q_p
Contact:

Post 22 Mar 2013, 14:34

@beling
Terimakasih koreksinya
Sudah saya update untuk koreksi "\" menjadi "/". Jadi yang betul

Code: Select all

# cp squidGuard-1.4-patch-20091015/*.*  squidGuard-1.4/src
# cp  squidGuard-1.4-20091019/*.*  squidGuard-1.4/src


User avatar
q_p
Contact:

Post 22 Mar 2013, 17:20

##Update###
Penambahan fitur Error Massage dan Peningkatan Keamanan


User avatar
beling
Contact:

Post 23 Mar 2013, 09:29

Selamat pagi, hari ini saya sudah mencoba "Bonus" update fitur Error Massage dan Peningkatan Keamanan, berikut reviewnya sedikit saja :
Pada bagian ini, ditempat saya error :
[spoiler]root@ubuntu:/var/www# wget http://ubuntu-indonesia.com/forums/ubbt ... age.tar.gz
--2013-03-23 15:43:21-- http://ubuntu-indonesia.com/forums/ubbt ... age.tar.gz
Resolving ubuntu-indonesia.com... 182.253.18.141
Connecting to ubuntu-indonesia.com|182.253.18.141|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: `error_massage.tar.gz'

[ ] 10,488 8.03K/s in 1.3s

2013-03-23 15:43:26 (8.03 KB/s) - `error_massage.tar.gz' saved [10488]

root@ubuntu:/var/www# tar -xzvf error_massage.tar.gz

gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Exiting with failure status due to previous errors[/spoiler]
jalan keluarnya, saya remove lagi (rm) kemudian download ulang langsung dari browser yg ada linknya di post >> http://ubuntu-indonesia.com/forums/ubbt ... age.tar.gz , kemudian saya copy manual menggunakan WinSCP alhamdulillah berhasil diekstract
[spoiler]root@ubuntu:/var/www# tar -xvzf error_massage.tar.gz
Tut/
Tut/malware.html
Tut/porn.html
Tut/publicite.html
Tut/redirector.html
root@ubuntu:/var/www# ^C[/spoiler]
Bagian kedua, youtube ditempat saya, kok ndak sama ya? ga ada banner iklannya diheader ...
[spoiler]Image[/spoiler]
yang ketiga, gimana caranya menambah daftar list berdasarkan kata, contoh untuk kata "bugil" ditempat saya masih bisa diakses, mohon bantuannya ...

Wassalam, wr,wb


User avatar
q_p
Contact:

Post 23 Mar 2013, 17:04

Terima Kasih atas koreksi-nya =
jalan keluarnya, saya remove lagi (rm) kemudian download ulang langsung dari browser yg ada linknya di post >> http://ubuntu-indonesia.com/forums/ubbt ... age.tar.gz , kemudian saya copy manual menggunakan WinSCP alhamdulillah berhasil diekstract
Untuk yang ini =
Bagian kedua, youtube ditempat saya, kok ndak sama ya? ga ada banner iklannya diheader ...
Memang begitu seharus-nya, berarti kategori publicite-nya bekerja dalam mem-filter adv/iklan/banner. Untuk membandingkan dengan atau tanpa squidGuard coba bypass squidGuard di squid.conf. Nanti akan muncul iklan/banner. Tapi Youtube memang hebat, begitu anda jalankan lagi squidGuard di proxy pada tampilan2 awal iklannya ter-filter. Berikut-nya youtube akan tampil bersih, seolah-olah youtube memang tanpa iklan.

Yang terakhir, memang tidak ada fitur phrase-list seperti yang anda maksudkan. Itu bisa di siasati dengan dengan membuat phrase-list sendiri dan memasukkannya dalam squid.conf (seperti postingan anda di trit lain, tentang blok situs porno).

Cara lain adalah dengan menambahkan reguler expression (ReGex) di squidGuard.conf. Coba anda periksa lagi lokasi penyimpanan download hasil dari file update.sh saat di-eksekusi. Silahkan di-eksplor, clue-nya ada di sini =
http://www.squidguard.org/Doc/expressionlist.html

Sebetulnya masih banyak fitur yang bisa ekplor, silahkan anda kembangkan dan tdk ada salahnya mencoba database lainnya (misalnya shallalist, bigblacklis dan kominfo)


User avatar
q_p
Contact:

Post 23 Mar 2013, 21:08

[size:17pt]update[/size]
[size:17pt]Bonus customize dataBase[/size]
###
klik top untuk kembali ke skrol ke atas :D


User avatar
Syakirah
Contact:

Post 31 Mar 2013, 20:54

tq tutor nya kang , klo blok per class ip gmna

contoh ip 10.5.50.0/24 blok situs porno
192.168.88.100-192.168.88.200 blok situs porno sisa nya open


User avatar
q_p
Contact:

Post 31 Mar 2013, 22:15

Fiture lengkapnya bisa anda eksplore sendiri mas, di link yang saya kasih di atas ada contohnya kok.
http://www.squidguard.org/Doc/sourceacl.html


User avatar
Syakirah
Contact:

Post 01 Apr 2013, 08:17

Tq atas bantuannya kang


User avatar
q_p
Contact:

Post 01 Apr 2013, 10:36

sama2 mas :)


User avatar
beling
Contact:

Post 02 Apr 2013, 12:10

jika mau mengganti dengan databasenya kominfo, step by step caranya gimana ya? apa harus menghapus database lama atau cuma pindah folder saja? thx :D


User avatar
q_p
Contact:

Post 02 Apr 2013, 13:19

Masukkan database kominfo (domains dan urls) sesuai dengan kategori masing2 ke dalam direktori blacklist di squidGuard. Atau, bikin blacklist database baru dengan nama kominfo, sesuaikan squidGuard.conf dengan databaru tadi. jika sudah, jalankan :

Code: Select all

# squidGuard -C all
# squid -S -k reconfigure
selamat ber-eksplorasi :)


User avatar
GAS

Post 11 Apr 2013, 21:08

Gan mohon pencerahan gan, sy sdh coba ikutin tutorial nya dan semua berjalan lancar tanpa ada error, sy cek di squidGuard.log juga sudah Ready

Code: Select all

squidGuard ready for requests (1365688603.261)
tapi kenapa seolah belum aktif, karena setiap sy buka situs yang termasuk pornografi msh bisa terbuka...bagaimana cara mengecek squidGuard sudal berjalan atau belum....?
terima ksh atas tutorialnya


User avatar
q_p
Contact:

Post 11 Apr 2013, 22:12

Untuk mengecek squidGuard sudah jalan atau belum, pastikan dulu di dalam squid.conf adan tag =

Code: Select all

url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
dengan CLI, jalankan =

Code: Select all

ps aux | grep squid
output dari perintah tsb kurang lebihnya seperti ini =
[spoiler]

Code: Select all

root      9279  0.0  0.0  23508   792 ?        Ss   Apr10   0:00 /usr/sbin/squid -D -YC
proxy     9282  2.9  1.1 146796 94768 ?        Sl   Apr10  41:48 (squid) -D -YC
proxy    19319  0.0  0.0  15436  7296 ?        S    17:49   0:08 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    19320  0.0  0.0  15044  6784 ?        S    17:49   0:01 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    19321  0.0  0.0  14920  6660 ?        S    17:49   0:00 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    19322  0.0  0.0  14800  6620 ?        S    17:49   0:00 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    19323  0.0  0.0  14656  6396 ?        S    17:49   0:00 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    19324  0.0  0.0  21440  3424 ?        S    17:49   0:05 /usr/bin/perl /etc/squid/storeurl.pl
proxy    19325  0.0  0.0  21308  3376 ?        S    17:49   0:00 /usr/bin/perl /etc/squid/storeurl.pl
proxy    19326  0.0  0.0  21308  3360 ?        S    17:49   0:00 /usr/bin/perl /etc/squid/storeurl.pl
proxy    19327  0.0  0.0  21308  3364 ?        S    17:49   0:00 /usr/bin/perl /etc/squid/storeurl.pl
proxy    19328  0.0  0.0  21308  3304 ?        S    17:49   0:00 /usr/bin/perl /etc/squid/storeurl.pl
root     21262  0.0  0.0   7640   976 pts/0    S+   22:11   0:00 grep --color=auto squid
[/spoiler]


User avatar
sipelaut
Contact:

Post 15 Apr 2013, 19:15

beghh.. mantep nichh
klo kek gini bisa diterapin dikantor. mudah2an punya waktu buat ngoprek2..
BTW nice posting masbro..., ane kasih bintang lagi buat ente


User avatar
q_p
Contact:

Post 15 Apr 2013, 19:22

@Si Pelaut
Isok wae Caak :D

@GAS[spoiler]
GAS wrote:Gan mohon pencerahan gan, sy sdh coba ikutin tutorial nya dan semua berjalan lancar tanpa ada error, sy cek di squidGuard.log juga sudah Ready

Code: Select all

squidGuard ready for requests (1365688603.261)
tapi kenapa seolah belum aktif, karena setiap sy buka situs yang termasuk pornografi msh bisa terbuka...bagaimana cara mengecek squidGuard sudal berjalan atau belum....?
terima ksh atas tutorialnya
1. Periksa ownersip dari path /usr/local/squidGuard/db =

Code: Select all

# ls -lah /usr/local/squidGuard/db
drwxr-xr-x 9 proxy proxy 4,0K 2013-04-18 23:47 .
drwxr-xr-x 4 proxy root  4,0K 2013-04-18 23:45 ..
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:00 ads
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:00 malware
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:00 phishing
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:01 porn
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:01 proxy
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:01 spyware
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:01 virusinfected
User dan Group sesuaiakan dengan yang ada di squid.conf, misalnya cache_effective_user proxy dan cache_effective_group proxy
Lalu jalankan

Code: Select all

# chown -R proxy:proxy /usr/local/squidGuard/db/*
# chmod 777 -R /usr/local/squidGuard/db/*
2. Pastikan di dalam squid.conf ada

Code: Select all

url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
always_direct deny all
3. Untuk mengecek-nya =

Code: Select all

# ps aux | grep squidGuard
proxy    17564  0.1  0.1  16644  8180 ?        S    14:02   0:16 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    17565  0.0  0.0  15736  7348 ?        S    14:02   0:03 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    17566  0.0  0.0  15740  7236 ?        S    14:02   0:01 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    17567  0.0  0.0  15616  7172 ?        S    14:02   0:01 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    17568  0.0  0.0  15480  7088 ?        S    14:02   0:00 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
root     19567  0.0  0.0   7640   992 pts/0    S+   16:53   0:00 grep --color=auto squidGuard
[/spoiler]


User avatar
q_p
Contact:

Post 20 Apr 2013, 00:24

^
[align:center][size:17pt]Upggrade ke squidGuard-1.5-beta dengan db-4.8.30.NC [/size][/align]
Jika melakukan upgrade ke squidGuard-1.5-beta kita berkesempatan menggunakan pengolah database db-4.8.30.NC dari Oracle. Langkah-langkahnya sama dengan di atas.
[size:17pt]1). Remove/rename squidGuard juga BerkeleyDB versi sebelumnya.[/size]

Code: Select all

# squid -k shutdown
# mv -r /usr/local/squidGuard /usr/local/squidGuard-1.4
# rm /usr/local/bin/squidGuard
# mv -r /usr/local/BerkeleyDB/ /usr/local/BerkeleyDB-4.6.21
# nano /etc/ld.so.conf
Hapus baris /usr/local/BerkeleyDB/lib

[size:17pt]2). Download dan install BerkeleyDB db-4.8.30.NC[/size]

Code: Select all

# cd workdir
# wget http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz
# tar -xzvf db-4.8.30.NC.tar.gz
# cd db-4.8.30.NC/build_unix
# ../dist/configure --prefix=/usr/local/BerkeleyDB
# echo "/usr/local/BerkeleyDB/lib" >> /etc/ld.so.conf
# ldconfig
# cd
[size:17pt]3). Download dan install squidGuard-1.5-beta[/size]

Code: Select all

# cd workdir
# wget http://www.squidguard.org/Downloads/Devel/squidGuard-1.5-beta.tar.gz
# cd squidGuard-1.5-beta
# export LIBS="-lpthread"
# ./configure --with-db=/usr/local/BerkeleyDB --with-squiduser=proxy
# mkdir -p /usr/local/squidGuard/log
# chown -R proxy:proxy /usr/local/squidGuard/log
# make test
# make
# make install
[size:17pt]4). Usefull Link[/size]
http://www.oracle.com/technetwork/produ ... 82944.html
http://www.oracle.com/technetwork/produ ... 98875.html
http://download.oracle.com/berkeley-db/ ... .NC.tar.gz
http://download.oracle.com/berkeley-db/db-4.6.21.tar.gz
http://www.squidguard.org/Downloads/Dev ... eta.tar.gz
http://urlblacklist.com/?sec=download


User avatar
0651
Contact:

Post 22 Apr 2013, 16:26

Nice post mas Pragola_Pati ;)


User avatar
chitoz

Post 02 May 2013, 21:55

Malem Pak,.
saya sudah ikuti tutorial link di atas yg bapak kasih sampai dengan Bagian iii | Configure to AutoUpdate.
setelah saya test facebook masih bisa di buka (belum terblok), akan tetapi ketika buka detik.com ngga bisa kebuka..:(

Mohon bimbingannya Pak,.. smile
Thanks


User avatar
q_p
Contact:

Post 02 May 2013, 22:35

Anda bisa mengganti database menggunakan
shalalist
urlblacklist
ftp.univ-tlse1.fr
di situ nanti ada tersedia banyak kategori, pilih sesuai dengan kebutuhan anda. misalnya games. lalu edit squidGuard.conf sesuai dengan kategori tsb.


User avatar
cah_clacap
Contact:

Post 15 May 2013, 20:20

Pragola_Pati wrote:@Si Pelaut
Isok wae Caak :D

@GAS
GAS wrote:Gan mohon pencerahan gan, sy sdh coba ikutin tutorial nya dan semua berjalan lancar tanpa ada error, sy cek di squidGuard.log juga sudah Ready

Code: Select all

squidGuard ready for requests (1365688603.261)
tapi kenapa seolah belum aktif, karena setiap sy buka situs yang termasuk pornografi msh bisa terbuka...bagaimana cara mengecek squidGuard sudal berjalan atau belum....?
terima ksh atas tutorialnya
1. Periksa ownersip dari path /usr/local/squidGuard/db =

Code: Select all

# ls -lah /usr/local/squidGuard/db
drwxr-xr-x 9 proxy proxy 4,0K 2013-04-18 23:47 .
drwxr-xr-x 4 proxy root  4,0K 2013-04-18 23:45 ..
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:00 ads
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:00 malware
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:00 phishing
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:01 porn
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:01 proxy
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:01 spyware
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:01 virusinfected
User dan Group sesuaiakan dengan yang ada di squid.conf, misalnya cache_effective_user proxy dan cache_effective_group proxy
Lalu jalankan

Code: Select all

# chown -R proxy:proxy /usr/local/squidGuard/db/*
# chmod 777 -R /usr/local/squidGuard/db/*
2. Pastikan di dalam squid.conf ada

Code: Select all

url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
always_direct deny all
3. Untuk mengecek-nya =[spoiler]

Code: Select all

# ps aux | grep squidGuard
proxy    17564  0.1  0.1  16644  8180 ?        S    14:02   0:16 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    17565  0.0  0.0  15736  7348 ?        S    14:02   0:03 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    17566  0.0  0.0  15740  7236 ?        S    14:02   0:01 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    17567  0.0  0.0  15616  7172 ?        S    14:02   0:01 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    17568  0.0  0.0  15480  7088 ?        S    14:02   0:00 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
root     19567  0.0  0.0   7640   992 pts/0    S+   16:53   0:00 grep --color=auto squidGuard
[/spoiler]

==============================================
pengin belajar ini tapi belum sempat koh ....


User avatar
q_p
Contact:

Post 15 May 2013, 21:09

@Cah Cilacap
Tidak ada salahnya luangkan waktu :)


User avatar
dja

Post 18 May 2013, 21:55

punyaku kok begini ya mas :

Code: Select all

root@djam:/usr/local/src/workdir# ls -lah /usr/local/squidGuard/db
total 8,0K
drwxr-xr-x 2 proxy root 4,0K Mei 18 02:52 .
drwxr-xr-x 5 root  root 4,0K Mei 18 02:58 ..
root@djam:/usr/local/src/workdir#
berarti blum aktif ya mas


User avatar
q_p
Contact:

Post 18 May 2013, 22:22

^
/usr/local/squidGuard/db adalah direktori tempat menyimpan database blacklist. Didalamnya ada folder2 lagi, terbagi menurut kategori-nya. misal porno, malware, ads dll. Contoh punya saya =

Code: Select all

root@warnetersa:~# ls -lah /usr/local/squidGuard/db
total 36K
drwxr-xr-x 9 proxy proxy 4,0K 2013-04-18 23:47 .
drwxr-xr-x 4 proxy root  4,0K 2013-04-18 23:45 ..
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:00 ads
drwxrwxrwx 2 proxy proxy 4,0K 2013-05-10 00:05 malware
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:00 phishing
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:01 porn
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:01 proxy
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:01 spyware
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:01 virusinfected
Setelah diisi database dan dijalankan, contoh isi direktori 'ads' =

Code: Select all

root@warnetersa:~# ls -lah /usr/local/squidGuard/db/ads
total 1,8M
drwxrwxrwx 2 proxy proxy 4,0K 2013-04-19 00:00 .
drwxr-xr-x 9 proxy proxy 4,0K 2013-04-18 23:47 ..
-rw-r--r-- 1 proxy proxy 460K 2013-04-19 13:58 domains
-rw-r--r-- 1 proxy proxy 1,2M 2013-05-16 04:39 domains.db
-rw-r--r-- 1 proxy proxy   57 2013-04-19 13:58 expressions
-rw-r--r-- 1 proxy proxy  32K 2013-04-19 13:58 urls
-rw-r--r-- 1 proxy proxy  60K 2013-05-09 08:11 urls.db


User avatar
Mr12uD1
Contact:

Post 27 May 2013, 21:31

Nice Share... ijin bookmark om...


User avatar
bayu_syahputra

Post 28 May 2013, 15:33

Salam Kenal Para Master

Saya ingin belajar lebih tentang squid guard ada yg bisa bantu
bagaimana perintah untuk melihat list web yg diblok dan bagaimana cara menambahkan serta mengedit mohon pencerahan para suhu


User avatar
q_p
Contact:

Post 28 May 2013, 15:39

bayu_syahputra wrote:Salam Kenal Para Master

Saya ingin belajar lebih tentang squid guard ada yg bisa bantu
bagaimana perintah untuk melihat list web yg diblok dan bagaimana cara menambahkan serta mengedit mohon pencerahan para suhu
Silahkan mas, baca2 dulu dari halaman pertama lalu dipraktekkkan. Kalau ada kendala, mampir lagi ke sini :)


User avatar
bayu_syahputra

Post 28 May 2013, 15:48

ok kakak

terimakasih atas pencerahannya ya
saya coba dulu


User avatar
q_p
Contact:

Post 06 Jun 2013, 06:00

Jika suatu ketika anda menemukan domains atau url yang seharusnya tidak di banned, trit ini bisa membantu anda membetulkannya.


User avatar
q_p
Contact:

Post 07 Jun 2013, 18:40

[align:center][size:17pt]whitelist [/size][/align]
Ternyata http://kaskus.co.id dengan wajah barunya tidak bisa jalan mulus dengan squidGuard. Tampilannya jadi acak-acakan. Agar bisa tampil apa adanya, masukkan ke dalam whitelist dengan membuat database baru dengan nama whitelist/domains dan membuat acl baru di squidGuard.conf.
  • Edit squidGuard.conf untuk menambahkan acl white sehingga seperti di bawah ini =

    Code: Select all

    dbhome /usr/local/squidGuard/DB
    logdir /usr/local/squidGuard/log/
    
    dest "Kata Terlarang" {
    	domainlist	"Kata Terlarang"/domains
    	urllist		"Kata Terlarang"/urls
    }
    dest publicite {
    	domainlist	publicite/domains
         	urllist		publicite/urls
    }
    dest malware {
            domainlist      malware/domains
            urllist         malware/urls
    }
    
    dest redirector {
    	domainlist	redirector/domains
    	urllist		redirector/urls
    }
    
    dest white {
    	domainlist	whitelist/domains
    }
    
    acl {
         	default {
    	       	pass  white !"Kata Terlarang" !publicite !malware !redirector all
    		#redirect 302:http://192.168.0.1/squidGuard.html
    	}
    }
  • Lanjutkan dengan membuat database baru yang bernama whitelist dan inputkan kaskus ke dalamnya =

    Code: Select all

    # mkdir /usr/local/squidGuard/db/whitelist
    # touch  /usr/local/squidGuard/db/whitelist/domains
    # chown proxy:proxy /usr/local/squidGuard/db/whitelist/domains
    # echo "kaskus.com" >> /usr/local/squidGuard/db/whitelist/domains
    # echo "kaskus.co.id" >> /usr/local/squidGuard/db/whitelist/domains
    # squidGuard -C /usr/local/squidGuard/db/whitelist/domains
    # squid -S -k reconfigure


User avatar
scepnic
Contact:

Post 12 Jul 2013, 23:59

nubie masih rada bingung cara pake nya,
so far,, salut buat agan Pragola..
semoga ilmu nya bermanfaat buat kita smua,

br,
scepnic


User avatar
q_p
Contact:

Post 14 Jul 2013, 22:23

[align:center][size:17pt]Error Massage with CGI[/size][/align]
File cgi sebenarnya sudah ada pada paket compiller-nya, yaitu pada direktori /squidGuard-1.4/samples/ jika menggunakan versi-1.4 atau pada direktori /squidGuard-1.5-beta/samples jika menggunakan versi-1.5-beta. Anda bisa meng-kopi-nya ke dir /usr/lib/cgi-bin atau menggunakan contoh di bawah ini yang sudah termodifikasi:)

Code: Select all

# touch  /usr/lib/cgi-bin/squidGuard.cgi
# chmod 755  /usr/lib/cgi-bin/squidGuard.cgi
# nano /usr/lib/cgi-bin/squidGuard.cgi
Kopas skrip di bawah ini =[spoiler]

Code: Select all

#! /usr/bin/perl
#
# Sample CGI to explain to the user that the URL is blocked and by which rule set
#
# By P�l Baltzersen 1998
# Modifications by Christine Kronberg, 2007.
#

$QUERY_STRING = $ENV{'QUERY_STRING'};
$DOCUMENT_ROOT = $ENV{'DOCUMENT_ROOT'};

# Email Adresse des Proxy Administrators:
# Edit to your requirements. Make sure to keep the @ escaped.
my $PROXYEMAIL = "support\@dns.warnetersa.net";
#
#
$clientaddr = "";
$clientname = "";
$clientuser = "";
$clientgroup = "";
$targetgroup = "";
$url = "";
$time = time;
@day = ("Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday");
@month = ("Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec");

while ($QUERY_STRING =~ /^\&?([^&=]+)=([^&=]*)(.*)/) {
  $key = $1;
  $value = $2;
  $QUERY_STRING = $3;
  if ($key =~ /^(clientaddr|clientname|clientuser|clientgroup|targetgroup|url)$/) {
    eval "\$$key = \$value";
  }
  if ($QUERY_STRING =~ /^url=(.*)/) {
    $url = $1;
    $QUERY_STRING = "";
  }
}
  if ($srcclass eq "unknown") {
    print "    <P ALIGN=RIGHT>\n";
    print "      <A HREF=\"http://www.squidguard.org/\"><IMG SRC=\"/images/your-logo.gif\"\n";
    print "         BORDER=0></A>\n      </P>\n\n";
    print "    <H1 ALIGN=CENTER>Access denied because<BR>this client is not<BR>defined on the proxy</H1>\n\n";
    print "    <TABLE BORDER=0 ALIGN=CENTER>\n";
    print "      <TR><TH ALIGN=RIGHT>Supplementary info</TH><TH ALIGN=CENTER>:</TH><TH ALIGN=LEFT> </TH></TR>\n";
    print "      <TR><TH ALIGN=RIGHT>Client address</TH><TH ALIGN=CENTER>=</TH><TH ALIGN=LEFT>$clientaddr</TH></TR>\n";
    print "      <TR><TH ALIGN=RIGHT>Client name</TH><TH ALIGN=CENTER>=</TH><TH ALIGN=LEFT>$clientname</TH></TR>\n";
    print "      <TR><TH ALIGN=RIGHT>User ident</TH><TH ALIGN=CENTER>=</TH><TH ALIGN=LEFT>$clientuser</TH></TR>\n";
    print "      <TR><TH ALIGN=RIGHT>Client group</TH><TH ALIGN=CENTER>=</TH><TH ALIGN=LEFT>$clientgroup</TH></TR>\n";
    print "    </TABLE>\n\n";
    print "    <P ALIGN=CENTER>If this is wrong, contact<BR>\n";
    print "      <A HREF=$PROXYEMAIL>$PROXYEMAIL</A>\n";
    print "    </P>\n\n";
  } elsif ($targetclass eq "in-addr") {
    print "    <P ALIGN=RIGHT>\n";
    print "      <A HREF=\"http://www.squidguard.org/\"><IMG SRC=\"/images/your-logo.gif\"\n";
    print "         BORDER=0></A>\n      </P>\n\n";
    print "    <H1 ALIGN=CENTER>IP address URLs<BR>are not allowed<BR>from this client</H1>\n\n";
    print "    <TABLE BORDER=0 ALIGN=CENTER>\n";
    print "      <TR><TH ALIGN=RIGHT>Supplementary info</TH><TH ALIGN=CENTER>:</TH><TH ALIGN=LEFT> </TH></TR>\n";
    print "      <TR><TH ALIGN=RIGHT>Client address</TH><TH ALIGN=CENTER>=</TH><TH ALIGN=LEFT>$clientaddr</TH></TR>\n";
    print "      <TR><TH ALIGN=RIGHT>Client name</TH><TH ALIGN=CENTER>=</TH><TH ALIGN=LEFT>$clientname</TH></TR>\n";
    print "      <TR><TH ALIGN=RIGHT>User ident</TH><TH ALIGN=CENTER>=</TH><TH ALIGN=LEFT>$clientuser</TH></TR>\n";
    print "      <TR><TH ALIGN=RIGHT>Client group</TH><TH ALIGN=CENTER>=</TH><TH ALIGN=LEFT>$clientgroup</TH></TR>\n";
    print "      <TR><TH ALIGN=RIGHT>URL</TH><TH ALIGN=CENTER>=</TH><TH ALIGN=LEFT>$url</TH></TR>\n";
    print "      <TR><TH ALIGN=RIGHT>Target class</TH><TH ALIGN=CENTER>=</TH><TH ALIGN=LEFT>$targetgroup</TH></TR>\n";
    print "    </TABLE>\n\n";
    print "    <P ALIGN=CENTER>No domain matching the given IP address could be found. Access to this\n";
    print "    kind of address is forbidden.<BR>\n";
    print "    If this is wrong, contact<BR>\n";
    print "    <A HREF=mailto:$PROXYEMAIL>$PROXYEMAIL</A>\n";
    print "    </P>\n\n";
  } else {
    print "    <P ALIGN=RIGHT>\n";
#    print "      <A HREF=\"http://www.squidguard.org/\"><IMG SRC=\"/images/your-logo.gif\"\n";
#    print "         BORDER=0></A>\n      </P>\n\n";
    print "    <H1 ALIGN=CENTER>MAAFKAN KAMI DOT KOM</H1>\n\n";
#    print "    <TABLE BORDER=0 ALIGN=CENTER>\n";
#    print "      <TR><TH ALIGN=RIGHT>Supplementary info</TH><TH ALIGN=CENTER>:</TH><TH ALIGN=LEFT> </TH></TR>\n";
#    print "      <TR><TH ALIGN=RIGHT>Client address</TH><TH ALIGN=CENTER>=</TH><TH ALIGN=LEFT>$clientaddr</TH></TR>\n";
#    print "      <TR><TH ALIGN=RIGHT>Client name</TH><TH ALIGN=CENTER>=</TH><TH ALIGN=LEFT>$clientname</TH></TR>\n";
#    print "      <TR><TH ALIGN=RIGHT>User ident</TH><TH ALIGN=CENTER>=</TH><TH ALIGN=LEFT>$clientuser</TH></TR>\n";
#    print "      <TR><TH ALIGN=RIGHT>Client group</TH><TH ALIGN=CENTER>=</TH><TH ALIGN=LEFT>$clientgroup</TH></TR>\n";
#    print "      <TR><TH ALIGN=RIGHT>Site-url</TH><TH ALIGN=CENTER>=</TH><TH ALIGN=LEFT>$url</TH></TR>\n";
#    print "      <TR><TH ALIGN=RIGHT>Kategori</TH><TH ALIGN=CENTER>=</TH><TH ALIGN=LEFT>$targetgroup</TH></TR>\n";
#    print "    </TABLE>\n\n";
    print "    <P ALIGN=CENTER>$url<BR>\n";
    print "    <P ALIGN=CENTER>Category Banned Site-URL : $targetgroup<BR>\n";
#    print "    <P ALIGN=CENTER>WarnetersA, Jl Kyai Saleh 29 PATI<BR>\n";
#    print "      <A HREF=mailto:$PROXYEMAIL>$PROXYEMAIL</A>\n";
    print "    </P>\n\n";
  }
  print "  </BODY>\n\n</HTML>\n";
}
exit 0;
[/spoiler]
Tambahkan ke squidGuard.conf =
[spoiler]

Code: Select all

dbhome /usr/local/squidGuard/DB
logdir /usr/local/squidGuard/log/

dest "Kata Terlarang" {
	domainlist	"Kata Terlarang"/domains
	urllist		"Kata Terlarang"/urls
        redirect http://192.168.0.1/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
}
dest publicite {
	domainlist	publicite/domains
     	urllist		publicite/urls
}
dest malware {
        domainlist      malware/domains
        urllist         malware/urls
        redirect http://192.168.0.1/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
}

dest redirector {
	domainlist	redirector/domains
	urllist		redirector/urls
        redirect http://192.168.0.1/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
}

dest white {
	domainlist	whitelist/domains
}

acl {
     	default {
	       	pass  white !"Kata Terlarang" !publicite !malware !redirector all
		
}
[/spoiler]## untuk publicite sebaiknya dibuatkan blank.html
## isi file cgi dalam contoh di atas bisa anda download di bawah ini


User avatar
otonk

Post 12 Sep 2013, 20:37

gan bisa diupload ulang file error massagenya, ane download kok 1kb terus ya gan......


User avatar
q_p
Contact:

Post 12 Sep 2013, 22:39

otonk wrote:gan bisa diupload ulang file error massagenya, ane download kok 1kb terus ya gan......
Download dengan wget mas. Misalnya file tsb mau saya download dan saya simpan pada direktori "/home/share/doc" dengan nama squidGuard-cgi =

Code: Select all

wget -O /home/share/doc/squidGuard-cgi http://ubuntu-indonesia.com/forums/ubbthreads.php/ubb/\
download/Number/2209/filename/squidGuard.txt
Untuk lebih detail, jika menggunakan wget bisa dengan menuliskan "wget -help"


User avatar
otonk

Post 19 Sep 2013, 23:37

thank gan, udah jalan squidguardnya sekarang,..... :grin:
oya kalo mo blok berdasarkan waktu gimana ya...... :confused:
umpama jam 07.00 pagi - jam 21.00 bloking porno berlaku
jam 21.00 malam - jam 07.00 pagi bloking porno tidak berlaku
dan berlaku setiap hari, itu gimana ya gan...... :confused:


User avatar
q_p
Contact:

Post 26 Sep 2013, 18:29

Sebetulnya dalam official-web squidGuard yang link-nya ada di halaman satu trit ini, ada tersedia contohnya. Tepatnya = http://www.squidguard.org/Doc/extended.html
  1. Menentukan Waktu Akses. Misalnya, tambahkan ke dalam squidGuard.conf

    Code: Select all

    time non_block {
         weekly    * 07:00-21:00   # di luar jam kerja
         weekly    sunday           # hari minggu libur kerja
         date      2013.10.13       # masukkan tanggal hari libur 
    }
  2. Untuk menerapkannya, gunakan within atau outside dalam acl (masih di squidGuard.conf)

    Code: Select all

    acl {
            all outside non_block {
                    pass none
            }
            else {
                    pass    !adv !porn !warez all
            }
            default {
                    pass    none
                    redirect http://localhost/block.html
                    }
    }
  3. cmiiw. Tolong dikoreksi ya, soalnya saya tidak pernah pakai acl dalam squidGuard :)


User avatar
otonk

Post 05 Oct 2013, 12:16

berhubung lagi bahas squid3,
ada yang tau kenapa squidguard gak jalan di squid3...???
squid3 udah running

Code: Select all

root@azalia:~# squid -NCd1
2013/10/05 11:46:30| WARNING: (B) '::/0' is a subnetwork of (A) '::/0'
2013/10/05 11:46:30| WARNING: because of this '::/0' is ignored to keep splay tree searching predictable
2013/10/05 11:46:30| WARNING: You should probably remove '::/0' from the ACL named 'all'
2013/10/05 11:46:30| WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1'
2013/10/05 11:46:30| WARNING: because of this '127.0.0.1' is ignored to keep splay tree searching predictable
2013/10/05 11:46:30| WARNING: You should probably remove '127.0.0.1' from the ACL named 'localhost'
2013/10/05 11:46:30| WARNING: (B) '127.0.0.0/8' is a subnetwork of (A) '127.0.0.0/8'
2013/10/05 11:46:30| WARNING: because of this '127.0.0.0/8' is ignored to keep splay tree searching predictable
2013/10/05 11:46:30| WARNING: You should probably remove '127.0.0.0/8' from the ACL named 'to_localhost'
2013/10/05 11:46:30| WARNING: (B) '192.168.2.0/27' is a subnetwork of (A) '192.168.2.0/27'
2013/10/05 11:46:30| WARNING: because of this '192.168.2.0/27' is ignored to keep splay tree searching predictable
2013/10/05 11:46:30| WARNING: You should probably remove '192.168.2.0/27' from the ACL named 'localnet'
2013/10/05 11:46:30| Squid is already running!  Process ID 1971
squidguard udah running

Code: Select all

2013-10-05 11:46:02 [2020] INFO: squidGuard 1.5-alpha started (1380948362.804)
2013-10-05 11:46:02 [2020] INFO: squidGuard ready for requests (1380948362.807)
squidguard.conf

Code: Select all

# CONFIG FILE FOR SQUIDGUARD
#
dbhome /usr/local/squidGuard/db
logdir /usr/local/squidGuard/log

dest porn {
domainlist porn/domains
urllist porn/urls
}
dest white {
domainlist whitelist/domains
}
acl {
default {
pass white !porn all
redirect http://google.co.id
}
}
config squidguard di squid.conf

Code: Select all

url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
ada saran gan....?
oya buildnya pake tutor agan pragola_jati :grin:


User avatar
q_p
Contact:

Post 05 Oct 2013, 12:56

@otonk
Saya bukan pengguna squid3,
  1. Untuk squid -NCd1, WARNING tsb bisa anda abaikan.
  2. Untuk squidGuard, coba anda periksa lagi ownership-nya

    Code: Select all

    ls -lah /usr/local/squidGuard/db
    Samakan dengan ownership-nya squid.

    Code: Select all

    chown -r proxy.proxy /usr/local/squidGuard/db
  3. Tambahkan satu kategori lagi ke dalam blacklist db squidGuard, yaitu proxy/redirector agar client tidak bisa memanfaatkan proxy-luar untuk mem-bypass filtering yang anda lakukan.


User avatar
otonk

Post 05 Oct 2013, 14:07

Pragola_Pati wrote:@otonk
Saya bukan pengguna squid3,
  1. Untuk squid -NCd1, WARNING tsb bisa anda abaikan.
  2. Untuk squidGuard, coba anda periksa lagi ownership-nya

    Code: Select all

    ls -lah /usr/local/squidGuard/db
    Samakan dengan ownership-nya squid.

    Code: Select all

    chown -r proxy.proxy /usr/local/squidGuard/db
  3. Tambahkan satu kategori lagi ke dalam blacklist db squidGuard, yaitu proxy/redirector agar client tidak bisa memanfaatkan proxy-luar untuk mem-bypass filtering yang anda lakukan.
thanks, gan,
1. itu yang warning" udah dipager loch gan, tapi masih tetep aja muncul....
#acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
#acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
#acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
#acl localnet src fc00::/7 # RFC 4193 local private network range
#acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
acl localnet src 192.168.2.0/27 # lokal
2. hasil ls -lah /usr/local/squidGuard/db
total 16K
drwxrwxrwx 4 proxy proxy 4.0K Oct 5 00:25 .
drwxr-xr-x 4 root root 4.0K Oct 5 00:18 ..
drwxrwxrwx 2 proxy proxy 4.0K Oct 5 00:31 porn
drwxrwxrwx 2 proxy proxy 4.0K Oct 5 00:31 whitelist
sudah di chown -R proxy.proxy /usr/local/squidGuard/db hasilnya
total 16K
drwxrwxrwx 4 proxy proxy 4.0K Oct 5 00:25 .
drwxr-xr-x 4 root root 4.0K Oct 5 00:18 ..
drwxrwxrwx 2 proxy proxy 4.0K Oct 5 00:31 porn
drwxrwxrwx 2 proxy proxy 4.0K Oct 5 00:31 whitelist
apa usr/squiGuardnya juga di chown -R proxy.proxy juga ya gan....?
3. sementara porn dulu gan, kalo udah sukses baru ditambahi lagi, lagian user ane kagak macem" kok sampe pake proxy luar segala..... :grin:
gimana ya gan, masih not working nich......???? :cry:


User avatar
q_p
Contact:

Post 05 Oct 2013, 15:34

Aneh, yang terlewatkan apa ya ? :confused: Coba anda periksa

Code: Select all

 ls -lah /usr/local/squidGuard/db/porn
Dan setiap kali melakukan editing pada file2 yang berhubungan squidGuard, jalankan cli

Code: Select all

squid -S -k reconfigure


User avatar
otonk

Post 05 Oct 2013, 18:42

Pragola_Pati wrote:Aneh, yang terlewatkan apa ya ? :confused: Coba anda periksa

Code: Select all

 ls -lah /usr/local/squidGuard/db/porn
Dan setiap kali melakukan editing pada file2 yang berhubungan squidGuard, jalankan cli

Code: Select all

squid -S -k reconfigure
aku juga bingung gan :confused:, squid jalan, squidguard jalan, trus apanya ya......
root@azalia:~# ls -lah /usr/local/squidGuard/db/porn
total 56M
drwxrwxrwx 2 proxy proxy 4.0K Oct 5 00:31 .
drwxrwxrwx 4 proxy proxy 4.0K Oct 5 00:25 ..
-rw-r--r-- 1 proxy proxy 15M Sep 10 04:32 domains
-rw-r--r-- 1 proxy proxy 36M Oct 5 03:13 domains.db
-rw-r--r-- 1 proxy proxy 1.9M Sep 9 02:55 urls
-rw-r--r-- 1 proxy proxy 4.7M Oct 5 03:13 urls.db
selalu ane reconfigure kok gan setiap abis edit" squidguard, ato squid3 gak mau kalo pake url_rewrite_program ya.....????
gak punya basic linux gan ane..... :grin:


User avatar
q_p
Contact:

Post 05 Oct 2013, 18:52

Coba anda check dengan

Code: Select all

ps aux | grep squid


User avatar
otonk

Post 05 Oct 2013, 19:27

q_p wrote:Coba anda check dengan

Code: Select all

ps aux | grep squid

Code: Select all

root@azalia:~# ps aux | grep squid
root      2862  0.0  0.1  12288  1988 ?        Ss   14:27   0:00 /usr/sbin/squid -YC -f /etc/squid3/squid.conf
proxy     2864  1.1  8.6 120788 87316 ?        Sl   14:27   3:26 (squid-1) -YC -f /etc/squid3/squid.conf
proxy     3367  0.0  0.2   5244  2188 ?        S    18:37   0:00 (ssl_crtd) -s /etc/squid3/ssl_db -M 4MB -b 4096
proxy     3368  0.0  0.1   5240  1476 ?        S    18:37   0:00 (ssl_crtd) -s /etc/squid3/ssl_db -M 4MB -b 4096
proxy     3369  0.0  0.1   5240  1472 ?        S    18:37   0:00 (ssl_crtd) -s /etc/squid3/ssl_db -M 4MB -b 4096
proxy     3370  0.0  0.1   5240  1476 ?        S    18:37   0:00 (ssl_crtd) -s /etc/squid3/ssl_db -M 4MB -b 4096
proxy     3371  0.0  0.1   5240  1476 ?        S    18:37   0:00 (ssl_crtd) -s /etc/squid3/ssl_db -M 4MB -b 4096
proxy     3372  0.0  0.1   6236  1744 ?        S    18:37   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy     3373  0.0  0.1   6236  1744 ?        S    18:37   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy     3374  0.0  0.1   6236  1744 ?        S    18:37   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy     3375  0.0  0.1   6236  1736 ?        S    18:37   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy     3376  0.0  0.1   6236  1740 ?        S    18:37   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy     3377  0.0  0.1   6236  1744 ?        S    18:37   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy     3378  0.0  0.1   6236  1480 ?        S    18:37   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy     3379  0.0  0.1   6236  1480 ?        S    18:37   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy     3380  0.0  0.1   6236  1480 ?        S    18:37   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy     3381  0.0  0.1   6236  1476 ?        S    18:37   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy     3383  0.0  0.2   5092  2332 ?        S    18:37   0:01 (squidGuard)
proxy     3384  0.0  0.2   5096  2336 ?        S    18:37   0:00 (squidGuard)
proxy     3385  0.0  0.2   4836  2072 ?        S    18:38   0:00 (squidGuard)
proxy     3386  0.0  0.2   4832  2076 ?        S    18:38   0:00 (squidGuard)
proxy     3387  0.0  0.2   4700  2072 ?        S    18:38   0:00 (squidGuard)
proxy     3388  0.0  0.1   4700  1812 ?        S    18:38   0:00 (squidGuard)
proxy     3389  0.0  0.1   4564  1808 ?        S    18:38   0:00 (squidGuard)
proxy     3393  0.0  0.1   4568  1812 ?        S    18:45   0:00 (squidGuard)
proxy     3394  0.0  0.1   4568  1812 ?        S    18:45   0:00 (squidGuard)
proxy     3395  0.0  0.1   4568  1812 ?        S    18:45   0:00 (squidGuard)
proxy     3396  0.0  0.1   4564  1808 ?        S    18:45   0:00 (squidGuard)
proxy     3397  0.0  0.1   4564  1808 ?        S    18:45   0:00 (squidGuard)
proxy     3398  0.0  0.1   4564  1808 ?        S    18:45   0:00 (squidGuard)
proxy     3399  0.0  0.1   4564  1808 ?        S    18:45   0:00 (squidGuard)
proxy     3400  0.0  0.1   4568  1812 ?        S    18:45   0:00 (squidGuard)
proxy     3401  0.0  0.1   4568  1812 ?        S    18:45   0:00 (squidGuard)
proxy     3402  0.0  0.1   4564  1812 ?        S    18:45   0:00 (squidGuard)
proxy     3403  0.0  0.1   4568  1812 ?        S    18:45   0:00 (squidGuard)
proxy     3404  0.0  0.1   4564  1812 ?        S    18:45   0:00 (squidGuard)
root      3443  0.0  0.0   4384   816 pts/0    S+   19:26   0:00 grep --color=auto squid
ada yang salah gan..?


User avatar
q_p
Contact:

Post 06 Oct 2013, 14:55

Yang ini sepertinya kurang

Code: Select all

proxy     3383  0.0  0.2   5092  2332 ?        S    18:37   0:01 (squidGuard)
Biasanya seperti ini

Code: Select all

proxy     2326  0.0  0.1  28576 11548 ?        S    10:10   0:00 /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
Coba dalam squid.conf anda ubah menjadi

Code: Select all

redirect_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
###
Apakah "ssl_crtd" adalah redirector juga ? squid tidak bisa menjalankan dua redirector sekaligus tanpa bantuan "zapchain"


User avatar
otonk

Post 06 Oct 2013, 15:24

q_p wrote:Yang ini sepertinya kurang

Code: Select all

proxy     3383  0.0  0.2   5092  2332 ?        S    18:37   0:01 (squidGuard)
Biasanya seperti ini

Code: Select all

proxy     2326  0.0  0.1  28576 11548 ?        S    10:10   0:00 /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
Coba dalam squid.conf anda ubah menjadi

Code: Select all

redirect_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
###
Apakah "ssl_crtd" adalah redirector juga ? squid tidak bisa menjalankan dua redirector sekaligus tanpa bantuan "adzapper.wrapper"
udah pake redirect_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf tetep munculnya

Code: Select all

proxy     1946  0.1  0.1   4696  1808 ?        S    15:18   0:00 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
kalo sslcrtd itu buat sslbump untuk sertifikat https di squid3 kalo gak salah gan..... :confused:
ane coba pake zapchain dulu gan.... :grin:


User avatar
q_p
Contact:

Post 06 Oct 2013, 16:08

Iya betul, maksud saya apakah "sslcrtd" termasuk dalam kategori redirector ? jika iya anda membutuhkan zapchain agar squid bisa menjalankan dua redirector sekaligus :)


User avatar
otonk

Post 06 Oct 2013, 17:03

q_p wrote:Iya betul, maksud saya apakah "sslcrtd" termasuk dalam kategori redirector ? jika iya anda membutuhkan zapchain agar squid bisa menjalankan dua redirector sekaligus :)
nah itu yang bingung ane gan termasuk redirector bukan ya..... :confused: :grin:
soalnya udah ane coba pakai zapchain tetep masih belum berfungsi tu squidguard..... :confused:
sett wrapzapp
#!/bin/sh
#
# Wrapper to set environment variables then exec the real zapper.
# The reasons for this are twofold:
# - for some reason squid doesn't preserve the original environment
# when you do a restart (or SIGHUP)
# - to avoid having to hack the squid startup script (if you have
# a presupplied one, such as ships with some linux distributions)
#
# Install in the same directory you put the zapper (just for convenience) and
# hack the pathnames below to suit.
# Note that you can skip this script and run the zapper with no environment
# settings at all and it will work fine; the variables are all set here merely
# for completeness so that customisation is easy for you.
# - Cameron Simpson 21apr2000
#

# modify this to match your install
zapper=/usr/local/bin/squid_redirect-nodata
squidguard=/usr/local/bin/squidGuard

========================

# Here, having arranged the environment, we exec the real zapper.
# If you're chaining redirectors then comment out the direct exec below and
# uncomment (and adjust) the exec of zapchain which takes care of running
# multiple redirections.

#exec "$zapper"
exec /usr/local/bin/zapchain "$zapper" "$squidguard"
set squid.conf
url_rewrite_program /usr/local/bin/wrapzap
log squidGuard

Code: Select all

2013-10-06 16:35:52 [24399] INFO: New setting: dbhome: /usr/local/squidGuard/db
2013-10-06 16:35:52 [24399] INFO: New setting: logdir: /usr/local/squidGuard/log
2013-10-06 16:35:52 [24399] init domainlist /usr/local/squidGuard/db/porn/domains
2013-10-06 16:35:52 [24399] INFO: loading dbfile /usr/local/squidGuard/db/porn/domains.db
2013-10-06 16:35:52 [24399] init urllist /usr/local/squidGuard/db/porn/urls
2013-10-06 16:35:52 [24399] INFO: loading dbfile /usr/local/squidGuard/db/porn/urls.db
2013-10-06 16:35:52 [24399] init domainlist /usr/local/squidGuard/db/whitelist/domains
2013-10-06 16:35:52 [24399] INFO: loading dbfile /usr/local/squidGuard/db/whitelist/domains.db
2013-10-06 16:35:52 [24399] INFO: squidGuard 1.5-alpha started (1381052152.862)
2013-10-06 16:35:52 [24399] INFO: squidGuard ready for requests (1381052152.866)
[spoiler=ps aux | grep squid]

Code: Select all

root      1106  0.0  0.2  12292  2076 ?        Ss   12:48   0:00 /usr/sbin/squid -YC -f /etc/squid3/squid.conf
proxy    23461  2.7  5.0  87936 50804 ?        Sl   16:32   0:35 (squid-1) -YC -f /etc/squid3/squid.conf
proxy    24364  0.0  0.2   5280  2232 ?        S    16:35   0:00 (ssl_crtd) -s /etc/squid3/ssl_db -M 4MB -b 4096
proxy    24365  0.0  0.2   5280  2232 ?        S    16:35   0:00 (ssl_crtd) -s /etc/squid3/ssl_db -M 4MB -b 4096
proxy    24366  0.0  0.2   5264  2220 ?        S    16:35   0:00 (ssl_crtd) -s /etc/squid3/ssl_db -M 4MB -b 4096
proxy    24367  0.0  0.2   5272  2184 ?        S    16:35   0:00 (ssl_crtd) -s /etc/squid3/ssl_db -M 4MB -b 4096
proxy    24368  0.0  0.2   5272  2236 ?        S    16:35   0:00 (ssl_crtd) -s /etc/squid3/ssl_db -M 4MB -b 4096
proxy    24369  0.0  0.1   4188  1476 ?        S    16:35   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy    24370  0.0  0.1   4188  1472 ?        S    16:35   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy    24371  0.0  0.1   4188  1472 ?        S    16:35   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy    24372  0.0  0.1   4188  1476 ?        S    16:35   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy    24373  0.0  0.1   4188  1480 ?        S    16:35   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy    24374  0.0  0.1   4188  1476 ?        S    16:35   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy    24375  0.0  0.1   4188  1476 ?        S    16:35   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy    24376  0.0  0.1   4188  1472 ?        S    16:35   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy    24377  0.0  0.1   4188  1480 ?        S    16:35   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy    24378  0.0  0.1   4188  1476 ?        S    16:35   0:00 /usr/bin/perl /etc/squid3/store-id.pl
proxy    24380  0.1  0.2   5028  2792 ?        S    16:35   0:02 /usr/bin/perl /usr/local/bin/zapchain /usr/local/bin/squid_redirect-nodata /usr/local/bin/squidGuard
proxy    24381  0.1  0.3   5524  3172 ?        S    16:35   0:01 /usr/bin/perl -w /usr/local/bin/squid_redirect-nodata
proxy    24382  0.0  0.2   5224  2564 ?        S    16:35   0:00 /usr/local/bin/squidGuard
proxy    24385  0.0  0.2   5028  2792 ?        S    16:35   0:00 /usr/bin/perl /usr/local/bin/zapchain /usr/local/bin/squid_redirect-nodata /usr/local/bin/squidGuard
proxy    24386  0.0  0.2   5028  2792 ?        S    16:35   0:00 /usr/bin/perl /usr/local/bin/zapchain /usr/local/bin/squid_redirect-nodata /usr/local/bin/squidGuard
proxy    24387  0.0  0.2   5028  2792 ?        S    16:35   0:00 /usr/bin/perl /usr/local/bin/zapchain /usr/local/bin/squid_redirect-nodata /usr/local/bin/squidGuard
proxy    24388  0.0  0.2   5028  2792 ?        S    16:35   0:00 /usr/bin/perl /usr/local/bin/zapchain /usr/local/bin/squid_redirect-nodata /usr/local/bin/squidGuard
proxy    24389  0.0  0.2   5028  2788 ?        S    16:35   0:00 /usr/bin/perl /usr/local/bin/zapchain /usr/local/bin/squid_redirect-nodata /usr/local/bin/squidGuard
proxy    24390  0.0  0.3   5524  3176 ?        S    16:35   0:00 /usr/bin/perl -w /usr/local/bin/squid_redirect-nodata
proxy    24391  0.0  0.2   5100  2328 ?        S    16:35   0:00 /usr/local/bin/squidGuard
proxy    24392  0.0  0.3   5524  3172 ?        S    16:35   0:00 /usr/bin/perl -w /usr/local/bin/squid_redirect-nodata
proxy    24393  0.0  0.2   4700  2072 ?        S    16:35   0:00 /usr/local/bin/squidGuard
proxy    24394  0.0  0.3   5524  3172 ?        S    16:35   0:00 /usr/bin/perl -w /usr/local/bin/squid_redirect-nodata
proxy    24395  0.0  0.2   4832  2072 ?        S    16:35   0:00 /usr/local/bin/squidGuard
proxy    24396  0.0  0.3   5524  3172 ?        S    16:35   0:00 /usr/bin/perl -w /usr/local/bin/squid_redirect-nodata
proxy    24397  0.0  0.1   4700  1816 ?        S    16:35   0:00 /usr/local/bin/squidGuard
proxy    24398  0.0  0.3   5524  3172 ?        S    16:35   0:00 /usr/bin/perl -w /usr/local/bin/squid_redirect-nodata
proxy    24399  0.0  0.2   4700  2072 ?        S    16:35   0:00 /usr/local/bin/squidGuard
root     24422  0.0  0.0   4384   812 pts/0    R+   16:54   0:00 grep --color=auto squid
[/spoiler]
ada saran gan, apa perlu sslcrtd ane masukkan ke wrapzap ya gan.... :confused:
#maklum gan ane gak punya basic linux, jadi ya mohon maaf kalo merepotkan agan" semua :grin:


User avatar
q_p
Contact:

Post 06 Oct 2013, 17:15

Target squidGuard-nya belum anda definisikan, yang ini =

Code: Select all

...
# modify this to match your install
zapper=/usr/local/bin/squid_redirect-nodata
squidguard=/usr/local/bin/squidGuard   #missing target
Ubah menjadi =

Code: Select all

# modify this to match your install
zapper=/usr/local/bin/squid_redirect-nodata
squidguard='/usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf'
atau =

Code: Select all

exec /usr/local/bin/zapchain "$zapper" "$squidguard -c /usr/local/squidGuard/squidGuard.conf"


User avatar
otonk

Post 06 Oct 2013, 18:55

udah gan, tapi masih tetep gak work juga, ini apanya yang salah ya.....? :confused:
kok gak mau redirek ya squidguardnya....... :crazy:


User avatar
rizaaal
Contact:

Post 06 Oct 2013, 22:14

pengen banget nyoba tutor-tutor keren seperti ini, tapi apa daya gak punya perangkatnya. :(


User avatar
otonk

Post 07 Oct 2013, 11:26

kayaknya squidguard gak support mode Tproxy ya gan, soalnya ane pake squid3 pake tproxy, habis tanya" om google tadi.......????


User avatar
q_p
Contact:

Post 07 Oct 2013, 11:49

@rizaal
terimakasih telah mampir ke trit ini
@otonk
otonk wrote:kayaknya squidguard gak support mode Tproxy ya gan, soalnya ane pake squid3 pake tproxy, habis tanya" om google tadi.......????
Masak sih, untuk memastikan bisa anda coba dengan disable tproxy-nya.


User avatar
otonk

Post 07 Oct 2013, 13:30

iya nich gan, soalnya ipnya gak pake ip proxy pas klient request jadi murni ip klient bukan ip proxy yang request, cos ane liat di torch mikrotik interface proxy langsung ip klient dan ip tujuan.
terus ni barusan compile squidguard pake tut disini, pake proxy lusca 10 menit langsung sukses keblokir tuh barang aneh"....... :grin:
tidak lupa CMIIW


User avatar
q_p
Contact:

Post 07 Oct 2013, 13:39

Jadi kesimpulannya, sementara squidGuard bermasalah pada squid3+tproxy+sslBump. Untuk memastikan kita tunggu warga lain yang mencoba-nya pada squid3 (tanpa fitur tproxy+sslBump).


Post Reply

Who is online

Users browsing this forum: No registered users and 36 guests