KHOIRIL BLOG
this site the web

Squid Configuration

Cara Edit : Masuk ke Command / Console ketik [root@localhost] vi /etc/squid/squid.conf
Cara Simpan : Tekan “Esc” lalu ketik :wq! (Artinya : Simpan lalu keluar)
# SQUID 2.6.STABLE CONFIGURATION


# NETWORK CONFIGURATION
http_port 8080
icp_port 0
# CACHE CONFIGURATION
cache_mem 256 MB
cache_swap_low 94%
cache_swap_high 100%
maximum_object_size 16384 KB
minimum_object_size 4 KB
maximum_object_size_in_memory 2048 KB
fqdncache_size 1024
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
# LOG AND CACHE DIRECTORY
cache_dir ufs /var/spool/squid 9000 16 256
access_log /var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
cache_store_log none


# TUNING CACHE PROXY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
negative_ttl 1 minutes
# TIMEOUT
half_closed_clients off
# ACCESS CONTROL LIST
acl kataterlarang url_regex –i “/etc/squid/blacklist/kataterlarang.txt”
acl domainterlarang url_regex –i “/etc/squid/blacklist/domainterlarang.txt”
acl ipterlarang url_regex –i “/etc/squid/blacklist/ipterlarang.txt”
# DOWNLOAD FILE POLICY
acl ext_file url_regex –i ftp .exe .mp3 .vqf .tar.gz .gz .tar.bz2 .bz2 .rpm .zip .rar .avi .mpeg .qt .ram .rm .raw .wav .iso
# DOWNLOAD TIME POLICY
acl tdkbebasdownload time SMTWHFA 08:00-17:00
acl bebasdownload time SMTWHFA 17:01-17:59
# PORT POLICY
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 280 # http_mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multilink http
acl Safe_ports port 2082 # cpanel
acl Safe_ports port 7777 # LGE
acl Safe_ports port 1025-65535 # unregistered ports
acl CONNECT method CONNECT
# IPADDRESS POLICY
acl eth0 src 192.168.1.99/255.255.255.255
acl eth1 src 192.168.0.204/255.255.255.255
acl user src 192.168.0.11-192.168.0.20/255.255.255.255
acl administrator src 192.168.0.100/255.255.255.255
# RULE ACCESS DENIED
http_access deny kataterlarang
http_access deny domainterlarang
http_access deny ipterlarang
http_access deny manager
# RULE ACCESS ALLOWED
http_access allow eth0
http_access allow eth1
http_access allow user
http_access allow administrator
http_access allow localhost
# SIZE DOWNLOAD POLICY
# Cant download with file more than 25 MB (25000×1024=25600000)
reply_body_max_size 25600000 allow ext_file tdkbebasdownload
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
http_reply_access allow all
icp_access allow all
# PARAMETER ADMINISTRATOR
cache_mgr fachroe84@gmail.com
cache_effective_user squid
cache_effective_group squid
visible_hostname proxyku.domainku.com
# MESSAGE IN INDONESIAN LANGUAGE
error_directory /usr/share/squid/errors/Indonesian
# TRANSPARENT PROXY
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
memory_pools_limit 32 MB

sumber: http://informatixs.wordpress.com/2008/01/03/konfigurasi-proxy-server/

0 komentar:

Posting Komentar

 

W3C Validations

Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Morbi dapibus dolor sit amet metus suscipit iaculis. Quisque at nulla eu elit adipiscing tempor.

Usage Policies

Related Posts Plugin for WordPress, Blogger...