MSquid Server
1.
instalasi :
#apt-get
install squid
2.
Setelah instalasi tambahkan perintah pada file :
#nano
/etc/squid/squid.conf
acl
all src 0.0.0.0/0.0.0.0
acl
labl src 192.168.1.0/255.255.255.0
acl
manager proto cache_object
acl
localhost src 127.0.0.1/255.255.255.255
acl
to_localhost dst 127.0.0.0/8
acl
SSL_ports port 443 # https
acl
SSL_ports port 563 # snews
acl
SSL_ports port 873 # rsync
acl
Safe_ports port 80 # http
acl
Safe_ports port 21 # ftp
acl
Safe_ports port 443 # https
acl
Safe_ports port 70 # gopher
acl
Safe_ports port 210 # wais
acl
Safe_ports port 1025-65535 # unregistered ports
acl
Safe_ports port 280 # http-mgmt
acl
Safe_ports port 488 # gss-http
acl
Safe_ports port 591 # filemaker
acl
Safe_ports port 777 # multiling http
acl
Safe_ports port 631 # cups
acl
Safe_ports port 873 # rsync
acl
Safe_ports port 901 # SWAT
acl
purge method PURGE
acl
CONNECT method CONNECT
_DAN_
#
INSERT YOUR OWN RULE (S) HERE TO ALLOE ACCESS FROM YOUR CLIENTS
#
Example rule allowing access from your local networks. Adapt
#
to list your (internal) IP network from where browsing should
#
be allowed
#acl
our_networks src 192.168.1.0/24 192.168.2.0/24
#http_access
allow localhost
http_access
allow localhost
http_access
deny tidak
http_access
allow labl
_DAN_
#
TAG: visible_hostname
#
If you want to present a special hostname in error messages, etc,
#
define this. Otherwise, the return value of gethostname()
#
will be used. If you have multiple caches in a cluster and
#
get errors about IP-forwarding you must set them to have individual
#
names with this setting.
#
#Default:
3.
Restart Squid server :
#/etc/init.d/squid
restart
6.
Pengecekan :
-
Pada computer client :
Internet
Explorer > tools > internet options > connections > LAN setting
> centang use automatic configuration script > pada address ketik DNS
server.
Centang
use a proxy server for your LAN > pada address ketik DNS server > pada
port ketik port proxy server kita.
-
Kembali ke Internet Explorer, pada address ketik website yang kita block. Jika
website yang kita block tidak bisa, maka Squid server berhasil.
Transparent Proxy Server
1.
Konfigurasi, edit file squid.conf :
#nano
/etc/squid/squid.conf
visible_hostname
proxy.setyo.web.id
cache_mgr
proxy.setyo.web.id
http_port
3128 transparent
always_direct
allow all
cache_dir
ufs /var/spool/squid 500 16 256
2.
Buat the cache directory :
#squid
-z
3.
Restart squid :
#/etc/init.d/squid
restart
4.
Kita telah set transparan proxy. Sekarang kita melakukan penyettingan :
#echo
1 > /proc/sys/net/ipv4/ip_forward
5.
Lakukan metode enabling IP forwarding
6.
Tambahkan script pada startup scripts. Sekarang kita telah menambahkan
masquerading method dan kemudain kita bisa forward the connection :
#
apt-get install ipmasq
7.
Terakhir :
#
iptables -A PREROUTING -t nat -p tcp –dport 80 -j REDIRECT –to-port 3128
8.
Restart squid :
#/etc/init.d/squid
start
Kalo
kamu ga’ bisa pake cara ini dan ga’ berhasil, kamu bisa pake cara lain. Aq
belum pernah nyoba sebelumnya. ^_^
Coba
dengan cara ini :
1.
Hanya menambahkan script pada file squid.conf :
httpd_accel_host
virtual
httpd_accel_port
80
httpd_accel_with_proxy
on
httpd_accel_uses_host_header
on
Atau
always_direct
allow all
0 komentar:
Posting Komentar