Cara Konfigurasi squid Proxy Pada Ubuntu

Senin, 14 November 2011

Share this history on :



Posting konfigurasi squid Proxy @http://www.smkbinamandiri.net/
Hal pertama yang harus anda lakukan install squid nya terlebih dahulu
#apt-get install squid

Lalu masukan perintah
nano /etc/squid/squid.conf

Hapus seluruh tulisan yang ada, lalu ganti dngan tulisan di bawah ini:


##start of config


# ===============================================================================
# NETWORK OPTIONS
# ===============================================================================

http_port 3128 transparent
server_http11 on
icp_port 3130




#
===============================================================================
# File Squid
# ===============================================================================
pid_filename /var/run/squid.pid
coredump_dir /var/spool/squid/

icon_directory /usr/share/squid/icons
mime_table /usr/share/squid/mime.conf

#==============================================
# Cache Manager
#==============================================
visible_hostname ODIE RIYANTO
cache_mgr odiecundrafield.co.cc
cache_effective_user proxy
cache_effective_group proxy

#===========================================================================
# Log Squid
#===========================================================================
access_log /var/log/squid/access.log
cache_log /dev/null
cache_store_log /dev/null

#===========================================================================
# Beberapa log yg tidak signifikan karena opsi2-nya jarang digunakan.
#===========================================================================
log_fqdn off
log_icp_queries off
buffered_logs off
emulate_httpd_log off

#===========================================================================
# TAG: FTP section
#===========================================================================
# Selalu gunakan opsi ini untuk mengurangi beban trafik. FTP mode pasif
# menyebabkan client tidak berhubungan langsung dengan FTP Server tujuan
# dan menggunakan squid sebagai relay sehingga bandwidth utk koneksi FTP
# bisa dikontrol mungkin dengan kombinasi IP filtering (PF (BSD)/ IPTABLES).
#===========================================================================
ftp_list_width 32
ftp_passive on
ftp_sanitycheck on

#===================================================================
# TAG: ACL Section
#===================================================================
# Allow local network(s) on interface(s)
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
#===================================================================

#===================================================================
# CLIENT PROXY
#===================================================================
acl localnet src 193.168.0.0/24
acl localnet src 10.10.10.0/24

#===================================================================
# ACL BLOCK SITUS & KONTENT PORNO
#===================================================================
acl situsporno url_regex "/etc/squid/situsporno"
acl kataporno url_regex "/etc/squid/kataporno"
acl situsgabener url_regex "/etc/squid/situsgabener"
#===================================================================
# ACL WAKTU BOLEH DAN TIDAK BLOCK SITUS & KONTENT PORNO
#===================================================================
acl waktu time MTWHFA 07:00-16:00
acl all src 0.0.0.0/0

uri_whitespace strip
#===================================================================
# ACL DOWNLOAD FILE EXTENSION
#===================================================================
acl download url_regex -i \.rm$ \.mpg$ \.mpeg$ \.avi$ \.dat$ \.exe$ \.vqf$ \.tar.gz$ \.gz$ \.rpm$
acl download url_regex -i \.zip$ \.bz2$ \.rar$ \.qt$ \.ram$ \.rm$ \.iso$ \.raw$ \.wav$ \.mov$ \.cab$

#DNS NAMESERVER
#===================================================================
# PORT YG DI ATUR
#===================================================================
# Setup some default acls
acl localhost src 127.0.0.1/32
acl safeports port 21 70 80 81 210 280 443 488 563 591 631 777 901 3128 1025-65535
acl sslports port 443 563 81
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin \?
acl videocache_allow_url url_regex -i \.youtube\.com\/get_video\?


#===================================================================
# MEMORY CACHE OPTIONS
#===================================================================

cache_mem 42 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF



#===================================================================
# DISK CACHE OPTIONS
#===================================================================
cache_dir aufs /cache 14000 16 256

minimum_object_size 8 KB
maximum_object_size 10240 KB
offline_mode off
cache_swap_low 98
cache_swap_high 99


#===================================================================
# HTTP BLOCK SITUS & KONTENT PORNO BERDASARKAN WAKTU
#===================================================================
http_access deny situsporno waktu
http_access allow situsporno
http_access deny kataporno waktu
http_access allow kataporno
http_access deny situsgabener

# ======================================================
# HTTP ACESS
# ======================================================
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports



# ======================================================
# HTTP ACESS ALOW LOCAL NET (IP MIKROTIK)
# ======================================================
# Allow local network(s) on interface(s)
http_access allow localnet
http_access allow localhost

# ======================================================
# BLOK SEMUA YANG TIDAK ADA DI ACL
# ======================================================
http_access deny all


header_access X-Forwarded-For deny all
#follow_x_forwarded_for allow localnet
#follow_x_forwarded_for allow localhost

#=====================================================
# TAG: ZPH
#=====================================================
tcp_outgoing_tos 0x30 localnet
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136




# ===============================================================================
# OPTIONS FOR TUNING THE CACHE (REFRESH PATERN)
# ===============================================================================


# ANTI VIRUS
# ===============================================================================
# update kaspersky #
# ===============================================================================
refresh_pattern ^http://dnl-00.geo.kaspersky.com/diffs/bases/wmuf/ 720 100% 7200
refresh_pattern ^http://dnl-01.geo.kaspersky.com/diffs/bases/wmuf/ 720 100% 7200
refresh_pattern ^http://dnl-03.geo.kaspersky.com/diffs/bases/wmuf/ 720 100% 7200
refresh_pattern ^http://dnl-04.geo.kaspersky.com/diffs/bases/av/kdb/i386/ 720 100% 7200
refresh_pattern ^http://dnl-08.geo.kaspersky.com/diffs/bases/wmuf/ 720 100% 7200
refresh_pattern ^http://dnl-14.geo.kaspersky.com/diffs/bases/wmuf/ 720 100% 7200
refresh_pattern ^http://dnl-17.geo.kaspersky.com/diffs/bases/wmuf/ 720 100% 7200
refresh_pattern ^http://dnl-19.geo.kaspersky.com/diffs/bases/wmuf/ 720 100% 7200



# ===============================================================================
# YAHOO
# ===============================================================================
refresh_pattern ^http://www.yahoo.com/.* 720 95% 4320 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://id.yahoo.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://mail.yimg.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.yahoo.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://mail.yahoo.com/.* 720 100% 4320 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth

# ===============================================================================
# GOOGLE
# ===============================================================================
refresh_pattern ^http://www.google.com/.* 720 95% 4320 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.google.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://mail.google.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth

# ===============================================================================
# FACEBOOK & GAME #
# ===============================================================================

refresh_pattern ^http://*.facebook.com/.* 720 95% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://apps.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://profile.ak.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://statics.poker.static.zynga.com/.* 720 95% 4320 override-expire override-lastmod reload-into-ims
refresh_pattern ^http://b.static.ak.fbcdn.net/.* 720 95% 4320 override-expire override-lastmod reload-into-ims
refresh_pattern ^http://static.ak.facebook.com/.* 720 95% 4320 override-expire override-lastmod reload-into-ims
refresh_pattern ^http://platform.ak.fbcdn.net/.* 720 95% 4320 override-expire override-lastmod reload-into-ims
refresh_pattern ^http://creative.ak.fbcdn.net/.* 720 95% 4320 override-expire override-lastmod reload-into-ims
refresh_pattern ^http://profile.ak.fbcdn.net/.* 720 95% 4320 override-expire override-lastmod reload-into-ims
refresh_pattern ^http://static.farmville.com/.* 720 95% 4320 override-expire override-lastmod reload-into-ims
refresh_pattern ^http://static-facebook.farmville.com/.* 720 95% 4320 override-expire override-lastmod reload-into-ims
refresh_pattern ^http://fb-2.farmville.com/.* 720 95% 4320 override-expire override-lastmod reload-into-ims
refresh_pattern ^http://zbar.zynga.com/.* 720 95% 4320 override-expire override-lastmod reload-into-ims
refresh_pattern ^http://zbar.static.zynga.com/.* 720 95% 4320 override-expire override-lastmod reload-into-ims
refresh_pattern ^http://external.ak.fbcdn.net/.* 720 95% 4320 override-expire override-lastmod reload-into-ims

# ===============================================================================
# SITUS SERING DI BUKA
# ===============================================================================
refresh_pattern ^http://*.forummikrotik.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.indowebster.com.*/.* 720 95% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth
refresh_pattern ^http://*.blogspot.com/.* 720 95% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.wordpress.com/.* 720 95% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache
refresh_pattern ^http://*.photobucket.com/.* 720 95% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.imageshack.us/.* 720 95% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.kaskus.*/.* 720 95% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://www.kaskus.com/.* 720 95% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.detik.*/.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.detiknews.*/*.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://video.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://static.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.linux.or.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.sawomatang.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.sawomatang.*/.* 720 95% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.forums.sawomatang.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth


# ===============================================================================
# EXTENSION
# ===============================================================================
refresh_pattern -i \.tar.gz$ 10080 90% 10080 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mp3$ 10080 90% 10080 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.zip$ 10080 90% 10080 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.png$ 10080 90% 10080 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.swf$ 10080 90% 10080 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.3gp$ 10080 90% 10080 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.rm$ 10080 90% 10080 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.wma$ 10080 90% 10080 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mpeg$ 10080 90% 10080 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(gif|jp?g|xbm|png|swf|bmp)$ 21600 90% 43200 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(mov|avi|qtm|mp?)$ 21600 90% 43200 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(3gp|wmv|wma|mpg|mpeg|mpga|rm|rv|vgp)$ 21600 90% 43200 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(zip|exe|gz|Z|lha||rar|arj)$ 21600 90% 43200 override-expire override-lastmod reload-into-ims

# ===============================================================================
# pictures & images
# ===============================================================================
refresh_pattern -i \.(gif|png|jpeg|jpg|bmp|tif|tiff|ico)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(xml|html|htm|js|txt|css|php)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims

# ===============================================================================
#sound, video multimedia
# ===============================================================================
refresh_pattern -i \.(flv|x-flv|mov|avi|qt|mpg|mpeg|swf)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(wav|mp3|mp4|au|mid)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims

# ===============================================================================
# files
# ===============================================================================
refresh_pattern -i \.(iso|deb|rpm|zip|tar|tgz|ram|rar|bin|ppt|doc)$ 10080 90% 43200 ignore-no-cache ignore-auth
refresh_pattern -i \.(zip|gz|arj|lha|lzh)$ 10080 95% 43200 override-expire ignore-no-cache ignore-auth
refresh_pattern -i \.(rar|tgz|tar|exe|bin)$ 10080 95% 43200 override-expire ignore-no-cache ignore-auth
refresh_pattern -i \.(hqx|pdf|rtf|doc|swf)$ 10080 95% 43200 override-expire ignore-no-cache ignore-auth
refresh_pattern -i \.(inc|cab|ad|txt|dll)$ 10080 95% 43200 override-expire ignore-no-cache ignore-auth


#refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
#refresh_pattern ^gopher: 1440 0% 1440
#refresh_pattern ^ftp: 10080 95% 43200 override-lastmod reload-into-ims store-stale
#refresh_pattern .0 95% 43200 override-lastmod reload-into-ims store-stale


#==============================================
# TAG: Extra Tuning Configuration
#==============================================
header_access Accept-Encoding deny all
client_persistent_connections off
server_persistent_connections on
half_closed_clients off
strip_query_terms off
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 100
vary_ignore_expire on
reload_into_ims on
pipeline_prefetch on
range_offset_limit 512 KB
read_timeout 30 minutes
client_lifetime 6 hours
negative_ttl 30 seconds
positive_dns_ttl 6 hours
negative_dns_ttl 60 seconds
pconn_timeout 15 seconds
request_timeout 1 minute
store_avg_object_size 13 KB
log_icp_queries off
ipcache_size 16384
ipcache_low 98
ipcache_high 99
log_fqdn off
fqdncache_size 16384
memory_pools off
forwarded_for on
logfile_rotate 3
store_dir_select_algorithm round-robin
max_filedescriptors 8192


##end of config
# ===============================================================================
# ERROR PAGE OPTIONS
# ===============================================================================
deny_info http://odiecundrafield.co.cc situsporno
deny_info http://odiecundrafield.co.cc kataporno
deny_info http://odiecundrafield.co.cc situsgabener
#error_directory /usr/share/squid/errors/en/



Copy Paste Tulisannya, lalu lakukan sedikit editing script untuk menyesuaikan dengan komputer atau keinginan anda ..

SEMOGA BERHASIL GAN&SIST ...
@SUMBER : http://smkbinamandiri.net/-- http://www.nurdensoes.co.cc/
Thank you for visited me, Have a question ? Contact on : youremail@gmail.com.
Please leave your comment below. Thank you and hope you enjoyed...

0 komentar:

Poskan Komentar

harap para penguna blogger jangan menggunakan komentar yang tidak jelas.tapi yang lebih mendukung