Banner

Jumat, 08 November 2013

Install Squid

17.40    No comments
  • Buka file konfigurasi squid3 di direktori /etc/squid3 dengan editor nano :
    nano /etc/squid3/squid.conf
  • Setelah terbuka samakan isi-nya atau buat atau seperti file konfigurasi jadi squid3 saya di bawah ini :

    # WELCOME TO SQUID 3.0.STABLE18
    # powered by citeureup foundation
    # -------------------------------
    acl manager proto cache_object
    acl localhost src 127.0.0.1/32
    acl to_localhost dst 127.0.0.0/8
    acl lokal src 192.168.0.0/24
    #
    acl SSL_ports port 443 # https
    acl SSL_ports port 563 # snews
    acl SSL_ports port 873 # rsync
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 # https
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl Safe_ports port 631 # cups
    acl Safe_ports port 873 # rsync
    acl Safe_ports port 901 # SWAT
    acl purge method PURGE
    acl CONNECT method CONNECT
    #
    http_access allow manager localhost
    http_access deny manager
    http_access allow purge localhost
    http_access deny purge
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access allow lokal
    http_access allow localhost
    http_access deny all
    #
    http_reply_access allow all
    icp_access allow lokal
    icp_access deny all
    #
    http_port 3128 transparent
    #
    dead_peer_timeout 10 seconds
    hierarchy_stoplist cgi-bin ?
    #
    cache_mem 64 MB
    maximum_object_size_in_memory 512 KB
    memory_replacement_policy lru
    #
    cache_replacement_policy lru
    cache_dir aufs /home/proxy 25000 72 256
    maximum_object_size 20000 KB
    #
    cache_swap_low 80
    cache_swap_high 85
    #
    access_log /var/log/squid3/access.log squid
    cache_log /var/log/squid3/cache.log
    #
    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
    refresh_pattern (Release|Package(.gz)*)$ 0 20% 2880
    refresh_pattern . 0 20% 4320
    refresh_pattern /.gif 4320 50% 43200
    refresh_pattern /.jpg 4320 50% 43200
    refresh_pattern /.jpeg 4320 50% 43200
    refresh_pattern /.png 4320 50% 43200
    refresh_pattern ^http://www.kaskus.us/.* 720 100% 10080
    refresh_pattern ^http://www.indowebmaster.com/.* 720 100% 10080
    refresh_pattern ^http://www.twitter.com/.* 720 100% 10080
    refresh_pattern ^http://www.friendster.com/.* 720 100% 10080
    refresh_pattern ^http://mail.yahoo.com/.* 720 100% 10080
    refresh_pattern ^http://*.yahoo.*/.* 720 100% 7200
    refresh_pattern ^http://*.google.com/.* 720 100% 10080
    refresh_pattern ^http://www.telkomspeedy.com/.* 720 100% 28800
    refresh_pattern ^http://*.blogsome.com/.* 720 80% 10080
    refresh_pattern ^http://*.wordpress.com/.* 720 80% 10080
    refresh_pattern ^http://detik.com/.* 720 90% 2880
    #
    quick_abort_min 16 KB
    quick_abort_max 16 KB
    quick_abort_pct 95
    #
    read_ahead_gap 16 KB
    negative_ttl 2 minutes
    negative_dns_ttl 1 minute
    minimum_expiry_time 30 seconds
    store_avg_object_size 13 KB
    #
    acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
    ie_refresh on
    extension_methods REPORT MERGE MKACTIVITY CHECKOUT
    #
    forward_timeout 1 minutes
    connect_timeout 1 minute
    peer_connect_timeout 30 seconds
    read_timeout 1 minutes
    request_timeout 1 minutes
    persistent_request_timeout 2 minutes
    client_lifetime 1 day
    half_closed_clients on
    shutdown_lifetime 30 seconds
    #
    cache_mgr citeureupfoundation
    #
    error_directory /usr/share/squid3/errors/templates
    hosts_file /etc/hosts
    #
    coredump_dir /var/spool/squid
- Save (Ctrl+O) dan keluar dari nano (Ctrl+X) - lakukan reload/reconfigurasi 
/etc/init.d/squid3 reload
- Check terlebih dahulu apakah benar-tidaknya konfigurasi di squid 
squid3 -k parse
- Buat swap cache untuk menerapkan direktory cache dari squid 
squid3 -z
- Restart squid3 
/etc/init.d/squid3 restart
  • Menerapkan aturan iptables
    iptables -t nat -A PREROUTING -i eth3 -p tcp --dport 80 -j REDIRECT --to-port 3128

    Copykan juga ke /etc/rc.local hingga terlihat seperti berikut supaya tidak hilang sekalipun komputer server di reboot

    #!/bin/sh -e
    #
    # rc.local
    #
    # This script is executed at the end of each multiuser runlevel.
    # Make sure that the script will "exit 0" on success or any other
    # value on error.
    #
    # In order to enable or disable this script just change the execution
    # bits.
    #
    # By default this script does nothing.

    iptables -t nat -A PREROUTING -i eth3 -p tcp --dport 80 -j REDIRECT --to-port 3128
    exit 0

Selesai, selamat mencoba!!

0 komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)