Cara membangun proxy server dengan squid di ubuntu & debian | Boleh Network

Squid merupakan aplikasi yang dapat kita gunakan untuk membangun sebuah proxy server.  Selain dapat digunakan dilingkungan linux, squid juga dapat digunakan di lingkungan windows.

Apa sih perbedaan sebelum dan sesudah menggunakan squid ?? Tentu saja banyak :

1. Membantu mengurangi bandwith yg kita miliki jika bandwith inet kita pas2-an.

2. Membantu pemerintah untuk ikut serta gerakan anti pornograpi.

Squid ini akan lebih mumpuni jika ditambahkan plugin squidGuard.

Tanpa banyak cuap2 lagi langsung aja ya…. kita mulai, takutnya yang baca ni tulisan ada yg dah kebelet pipis

Langkah Instalasi Squid

Install Squid

# apt-get install squid

File Konfigurasi Squid

Squid configuration file

vi /etc/squid/squid.conf

Dalam file ini kita hanya akan melakukan konfigurasi dasar :

http_port 1212 transparent
# http_port 192.168.2.1:8080 transparent
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin ?
no_cache deny QUERY

cache_mem 1 MB
cache_swap_low 98
cache_swap_high 99
maximum_object_size 16 MB
minimum_object_size 0 KB

maximum_object_size_in_memory 100 KB
ipcache_size 2048
ipcache_low 90
ipcache_high 95
logformat squid %tl %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
#cache_dir ufs /var/spool/squid 4000 16 256
cache_dir ufs /var/spool/squid 70000 171 256
access_log /var/log/squid/access.log squid
#cache_log /var/spool/squid/logs/cache.log
hosts_file /etc/hosts
# cache_store_log none
logfile_rotate 0
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

refresh_pattern /.gif 4320 50% 43200
refresh_pattern /.jpg 4320 50% 43200
refresh_pattern /.jpeg 4320 50% 43200
refresh_pattern /.png 4320 50% 43200
refresh_pattern ^http://www.friendster.com/.* 720 100% 10080
refresh_pattern ^http://mail.yahoo.com/.* 720 100% 10080
refresh_pattern ^http://*.yahoo.*/.* 720 100% 7200
refresh_pattern ^http://*.google.com/.* 720 100% 10080
refresh_pattern ^http://www.facebook.com/.* 720 100% 28800
refresh_pattern ^http://*.blogsome.com/.* 720 80% 10080
refresh_pattern ^http://*.wordpress.com/.* 720 80% 10080
refresh_pattern ^http://detik.com/.* 720 90% 2880

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

negative_ttl 2 minutes
#Recommended minimum configuration:
#acl home_network src 192.168.1.0/24

#acl business_hours time M T W H F 8:30-17:30
#acl porn url_regex “/etc/squid/porn.block.txt”
#acl whitelist url_regex “/etc/squid/whitelist.txt”
#acl porn url_regex “/etc/squid/porn.block.txt”

#Tulisan warna orange tidak diaktifkan karena pengaturan akan melalui squidguard.

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl divgames src 172.16.8.0/255.255.255.0
acl to_localhost dst 127.0.0.0/8

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

#http_access deny porn
http_access allow manager localhost
#http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
http_access allow divgames
http_access deny all

http_reply_access allow all
icp_access allow all
tcp_outgoing_address 202.50.60.70 divgames

cache_mgr noc@boleh.net.id
visible_hostname Boleh-Networks

coredump_dir /var/spool/squid/cache
url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
#redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf

Squid access log file

vi /var/log/squid/access.log

Konfigurasi squidGuard.conf

vi /etc/squid/squidGuard.conf

#
# CONFIG FILE FOR SQUIDGUARD
#

dbhome /var/lib/squidguard/db/blacklists
logdir /var/log/squid

time workhours {
weekly smtwhfs 08:30 – 17:30
date *-*-01    08:30 – 17:30
}

src notoke {
ip      172.16.3.0/24

}
src oke {
ip    172.16.8.0/24

}

dest porn {
domainlist porn/domains
urllist porn/urls
}

dest drugs {
domainlist drugs/domains
urllist drugs/urls
}

dest gambling {
domainlist gambling/domains
urllist gambling/urls
}

dest spyware {
domainlist spyware/domains
urllist spyware/urls
}

dest suspect {
domainlist suspect/domains
urllist suspect/urls
}

dest violence {
domainlist violence/domains
urllist violence/urls
}

dest bad {
domainlist bad/domains
urllist bad/urls
}

dest whitelist {
domainlist whitelist/domains
}

acl {
okee {
pass whitelist !bad !porn !drugs !gambling !spyware !suspect !violence all
redirect http://localhost/index.html
}

oke {
pass whitelist !porn !drugs !gambling !spyware !suspect !violence all
redirect http://localhost/index.html
}
default {
pass none                # reject unknown clients
redirect http://localhost/index.html
}
}

setelah melakukan konfigurasi :

#squid -k reconfigure

#squidGuard -C all

Troubleshoot

/var/log/squid/access.log

/var/log/squid/squidGuard.log

Sumber :

http://www.squid-cache.org/

http://www.squidguard.org/

Selamat mencoba dan mohon maaf jika banyak kekurangan dalam penulisan.

Incoming search terms:

• squid conf untuk warnet
• konfigurasi proxy server di debian 5
• cara install squid di ubuntu server
• cara konfigurasi proxy server
• proxy server Debian 5

Artikel Sejenis:

• Crontab clean cache squid di Debian
• Cara melakukan clean cache squid di debian
• Blok Situs Berdasarkan Waktu Dengan Squid Di Debian