Setting Proxy Slackware ~ Selamat

- pertamadownload paket squid
root@proxyserver:~# wget http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE17.tar.gz

- kopikan file squid-2.6.STABLE17.tar.gz ke direktori /usr/local/
root@proxyserver:~# cp squid-2.6.STABLE17.tar.gz /usr/local/

- masuk ke direktori /usr/local/
root@proxyserver:~# cd /usr/local/

- ekstrak file squid-2.6.STABLE17.tar.gz ke direktori /usr/local
root@proxyserver:/usr/local# tar -zxvf squid-2.6.STABLE17.tar.gz

- masuk ke direktori squid-2.6.STABLE17
root@proxyserver:cd /usr/local/squid-2.6.STABLE17

- konfigurasi squid
root@proxyserver:/usr/local/squid-2.6.STABLE17# ./configure

- kompile dan install squid
root@proxyserver:/usr/local/squid-2.6.STABLE17# make && make install

- buat user dan group squid
root@proxyserver:/usr/local/squid-2.6.STABLE17# groupadd squid
root@proxyserver:/usr/local/squid-2.6.STABLE17# useradd -c "SQUID PROXY CACHE" -d /dev/null -s /bin/false -g squid squid

- buat cache direktori dan rubah kepemilikan
root@proxyserver:/usr/local/squid-2.6.STABLE17# mkdir /var/spool/squid
root@proxyserver:/usr/local/squid-2.6.STABLE17# chown -R squid.squid /var/spool/squid

- buat file squid.pid dan rubah kepemilikan
root@proxyserver:/usr/local/squid-2.6.STABLE17# touch /var/run/squid.pid
root@proxyserver:/usr/local/squid-2.6.STABLE17# chown -R squid.squid /var/run/squid.pid

- buat direktori untuk file access.log dan rubah kepmilikan
root@proxyserver:/usr/local/squid-2.6.STABLE17# mkdir /var/log/squid
root@proxyserver:/usr/local/squid-2.6.STABLE17# touch /var/log/squid/access.log
root@proxyserver:/usr/local/squid-2.6.STABLE17# chown -R squid.squid /var/log/squid/access.log

- edit squid.conf nya
root@proxyserver:~# pico /usr/local/squid/etc/squid.conf

isi dari squid.conf adalah sebagai berikut:
http_port 8181
icp_port 3130

udp_incoming_address 0.0.0.0
udp_outgoing_address 255.255.255.255
icp_query_timeout 0
maximum_icp_query_timeout 2000
mcast_icp_query_timeout 2000
dead_peer_timeout 10 seconds
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 8 MB
cache_swap_low 90%
cache_swap_high 95%
maximum_object_size 1024 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 32 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
cache_replacement_policy lru
memory_replacement_policy lru
#cache_peer 127.0.0.1 parent 8080 3130 default
#cache_peer 10.1.3.1 parent 8181 3130 proxy-only
#cache_peer 10.1.1.1 sibling 8181 3130 proxy-only
cache_dir ufs /usr/local/squid/var/cache 20000 19 256
cache_access_log /usr/local/squid/var/logs/access.log
cache_log /usr/local/squid/var/logs/cache.log
cache_store_log /usr/local/squid/var/logs/store.log
emulate_httpd_log on
#log_ip_on_direct on
mime_table /usr/local/squid/etc/mime.conf
pid_filename /usr/local/squid/var/logs/squid.pid
#debug_options ALL,1
client_netmask 255.255.255.0
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
dns_nameservers 127.0.0.1 10.1.3.1 202.134.2.5 202.134.1.10 202.134.0.155 168.215.210.50
request_header_max_size 20 KB
request_body_max_size 0 KB
#refresh_pattern ^ftp: 1440 20% 10080
#refresh_pattern ^gopher: 1440 0% 1440
#refresh_pattern . 0 20% 4320
client_lifetime 1 day

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl localnet src 192.168.10.0/24

acl SSL_ports port 445 443 441 563
acl Safe_ports port 80 # http
acl Safe_ports port 81 # smoothwall http
acl Safe_ports port 21 # ftp
#acl Safe_ports port 445 443 441 563# https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access allow !Safe_ports
http_access allow CONNECT !SSL_ports
http_access allow localnet
http_access deny all
#http_reply_access allow all
icp_access deny all
icp_access allow localnet
cache_mgr slackids@blitarnet.com
cache_effective_user squid
cache_effective_group squid
visible_hostname slack1ds@yahoo.com
#httpd_accel_single_host off
#httpd_accel_host virtual
#httpd_accel_port 80
#httpd_accel_with_proxy on
#httpd_accel_uses_host_header on

#acl localnet1 url_regex -i 192.168.10.0/255.255.255.0
#acl localnet2 url_regex -i .exe .fvl .ftp .rar .iso .zip .avi .mpeg .mpe .mp3 .doc .ppt .ram .rm .3gp .tar .7z .tgz .wmf $

#delay_pools 2

#delay_class 1 1
#delay_parameters 1 -1/-1
#delay_access 1 allow localnet1
#delay_access 1 deny all

#delay_class 2 1
#delay_parameters 2 1000/64000
#delay_access 2 allow localnet2
#delay_access 2 deny all

- buat direktori swapnya (jalankan hanya satu kali saja)
root@proxyserver:~# /usr/local/squid/sbin/squid -z

- cek konfigurasi squid sudah benar atau belum (jika tidak ada pesan error brarti udah bener)
root@proxyserver:~# /usr/local/squid/sbin/squid -k parse

- menjalankan squid
root@proxyserver:~# /usr/local/squid/sbin/squid -D

- cek squid udah jalan ato belum
root@proxyserver:~# ps -x | grep squid

- karena pada konfigurasi squid menggunakan mode transparen pada port 8181 maka disini hanya perlu untuk membuat direct dari port 80 (http) ke port 8080 (transparent proxy)
iptables -t nat -A PREROUTING -i eth1 -p tcp -dport80 -j REDIRECT -to-port8181

Selamat

tv

Recent Posts

Blog Archive

Download

link

My friend

Kamis, 17 Maret 2011

Setting Proxy Slackware

0 komentar:

Posting Komentar

Blogger Tricks

Blogger Themes

Followers

Follow Us

Recomended

Instructions