Install squid versi penguin :d

Install squid versi penguin :d
siapkan configurasi squid yg sudah di edit dan simpan di direktori /home/ atau tergantung anda
ini adalah contoh squid.conf dari seseorang yang mengajarkan saya tentang squid ini,
mudah-mudahan beliau ridho squid hasil configurenya dipublish..semoga aja [-o<

[root@penguin /]# cat /home/ghian/squid.conf.ghian
# squid.conf – Squid Object Cache configuration file
http_port 3128
cache_mem 10 MB
========================================
#acl blok url_regex -i “/etc/squid/DENIED”
#http_access deny blok
========================================
cache_swap_low 85
cache_swap_high 89
========================================
cache_dir diskd /cache 720 16 64 Q1=72 Q2=64
#cache_dir diskd /cache1 720 16 64 Q1=72 Q2=64
========================================
store_dir_select_algorithm round-robin
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
========================================
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
========================================
logfile_rotate 1
pid_filename /var/run/squid.pid
hierarchy_stoplist ? cgi
acl QUERY urlpath_regex cgi \?
no_cache deny QUERY
========================================
# quick abort:
# always finish if less than 10k
# finish if more than 50%
# always abort if more tan 1024k
quick_abort_min 20 kb
quick_abort_pct 50%
quick_abort_max 1024 kb
========================================
emulate_httpd_log off
minimum_object_size 0 KB
maximum_object_size 20 MB
========================================
#read_timeout 30 minutes
#client_lifetime 3 hours
#pconn_timeout 15 seconds
#request_timeout 1 minute
shutdown_lifetime 10 seconds
positive_dns_ttl 53 seconds
negative_dns_ttl 29 seconds
========================================
ipcache_size 10240
ipcache_low 98
ipcache_high 99
========================================
cache_mgr admin@penguin.net
cache_effective_user squid
cache_effective_group squid
visible_hostname penguin.cartoonet.net
========================================
log_fqdn off
#ident_lookup off
memory_pools off
forwarded_for on
icp_hit_stale on
logfile_rotate 2
#referer_log /usr/local/squid/var/logs/referer.log
========================================
store_objects_per_bucket 10
store_avg_object_size 13 kb
netdb_high 10000
netdb_low 9900
netdb_ping_period 30 seconds
========================================
#log_icp_queries off
#test_reachability off
#query_icmp on
debug_options ALL,1 98,2
max_open_disk_fds 100
========================================
high_memory_warning 400 mb
high_response_time_warning 2000
high_page_fault_warning 2
========================================
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
========================================
strip_query_terms off
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_single_host off
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
========================================
#####
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl Purge method PURGE
acl localhost src 127.0.0.1/255.255.255.255
acl penguin src 192.168.1.0/255.255.255.0
acl master dst 192.168.0.99
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 81 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 1002 # qplex
acl CONNECT method CONNECT
========================================
acl blok url_regex -i xml.opera.com/update
acl blok url_regex -i autoupdate.windowsmedia.com/update/update.asp
acl blok url_regex -i cgi.sexlist.com/counter.cgi?
acl blok url_regex -i download.microsoft.com msnsrch.dlservice.microsoft.com
acl blok url_regex -i hosted.by.alphared.com
acl blok url_regex -i deploy.akamaitechnologies.com
acl blok url_regex -i graphics.adultfriendfinder.com
acl blok url_regex -i apps.kompas.com
acl blok url_regex -i avi$ mpg$
=========================================
http_access deny blok
http_access allow manager localhost
http_access allow Purge localhost
http_access allow penguin
http_access allow master
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
========================================
##SNMP CONF
snmp_port 3401
acl snmppublic snmp_community public
snmp_access allow snmppublic localhost
========================================
#start delay
acl browze url_regex -i “/etc/squid/video”
acl sibuk time 10:01-23:59
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 16000/6000
delay_access 1 allow browze sibuk all
#end delay
========================================
ie_refresh on

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i \.(class|css|js|gif|jpg)$ 100000 500% 99000000 ignore-reload override-expire
refresh_pattern -i \.(jpe|jpeg|png|bmp|tif)$ 100000 500% 99000000 ignore-reload override-expire
refresh_pattern -i \.(tiff|mov|avi|qt|mpeg)$ 100000 500% 99000000 ignore-reload override-expire
refresh_pattern -i \.(mpg|mpe|wav|au|mid)$ 100000 500% 99000000 ignore-reload override-expire
refresh_pattern -i \.(zip|gz|arj|lha|lzh)$ 100000 500% 99000000 ignore-reload override-expire
refresh_pattern -i \.(rar|tgz|tar|exe|bin)$ 100000 500% 99000000 ignore-reload override-expire
refresh_pattern -i \.(hqx|pdf|rtf|doc|swf)$ 100000 500% 99000000 ignore-reload override-expire
refresh_pattern -i \.(inc|cab|ad|txt|dll)$ 100000 500% 99000000 ignore-reload override-expire
#refresh_pattern -i . 43200 95% 86400
#refresh_pattern -i . 0 0% 4320
refresh_pattern -i . 180 20% 4320

# END configuration
=========================================
pindahkan file squid.conf ini /etc/squid/squid.conf [root@penguin /]# cp /home/ghian/squid.conf.ghian /etc/squid/squid.conf
cp: overwrite `/etc/squid/squid.conf’? yes
ubah kepemilikan direktori cache misal disimpan di /cache
[root@penguin /]# chown -R squid:root /cache/
lalu check dengan perintah ls -la
[root@penguin /]# ls -al /
total 172
drwxr-xr-x 24 root root 4096 Sep 26 15:27 .
drwxr-xr-x 24 root root 4096 Sep 26 15:27 ..
drwxrwxrwx 19 squid root 4096 Sep 26 19:58 cache <<—
menjalankan pertama kali squid yaitu dengan perintah
[root@penguin /]# squid -k parse
[root@penguin /]# squid -z
2006/09/26 20:45:13| Creating Swap Directories
[root@penguin /]# /etc/init.d/squid start
Starting squid: . [ OK ]
check squidnya jalan atau tidak dengan mengetik:
[root@penguin /]# netstat -pln | grep squid
tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 9080/(squid)
udp 0 0 0.0.0.0:3130 0.0.0.0:* 9080/(squid)
udp 0 0 0.0.0.0:3401 0.0.0.0:* 9080/(squid)
udp 0 0 0.0.0.0:32980 0.0.0.0:* 9080/(squid)

berarti squid sudah jalan, sekrang tinggal test di browser dan check acces.log nya di :
[root@penguin /]# tail -f /var/log/squid/access.log
udah deh selsai..
setiap selsei edit squid ketik
[root@penguin /]# squid -k reconfigure
agar client langsung bisa browsing lewat squid maka di set transparen proxy pake iptables
[root@penguin /]# /etc/init.d/iptables stop
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: nat filter [ OK ]
Unloading iptables modules: [ OK ]
[root@penguin /]# /sbin/iptables -t nat -A PREROUTING -i eth1 -p tcp -s 192.168.1.0/255.255.255.0 –dport 80 -j DNAT –to 192.168.1.1:3128
[root@penguin /]# /sbin/iptables-save
# Generated by iptables-save v1.3.0 on Tue Sep 26 20:59:49 2006
*nat
:OUTPUT ACCEPT [1:72]
:POSTROUTING ACCEPT [1:72]
:PREROUTING ACCEPT [4:629]
-A PREROUTING -s 192.168.1.0/255.255.255.0 -i eth1 -p tcp -m tcp –dport 80 -j DNAT –to-destination 192.168.1.1:3128
COMMIT
# Completed on Tue Sep 26 20:59:49 2006

hatur nuhun kanggo kang Deden

One thought on “Install squid versi penguin :d

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s