Squid Proxy Server (Squid3)



  • Brothers… Aku udah konfigurasi squid. tapi kenapa semua situs terblokir ya? termasuk google, gmail,dll. seharusnya kan hanya situs2 tertentu yang diblokir..
    mohon pencerahannya :)



  • di Squid 3 coba kolom dns gak usah diisi (dikosongin saja)..



  • skrip configurasi untuk blokir situs posisinya di barisan mana ya bang?



  • Konfigurasiku kayak gini bang..
    google sudah bisa diakses, tapi dia ga bisa membaca perintah blokir situsnya..
    dibantu yaaaaaaaa..  8)

    Port

    http_port 8080
    icp_port 3030
    prefer_direct off

    ###server_http11 on

    Cache

    cache_mem 8 MB
    cache_swap_low 98
    cache_swap_high 99

    max_filedesc 8192

    maximum_object_size 128 MB
    minimum_object_size 0 KB
    maximum_object_size_in_memory 128 KB

    ipcache_size 1024
    ipcache_low 98
    ipcache_high 99
    fqdncache_size 4096
    cache_replacement_policy heap LFUDA
    memory_replacement_policy heap GDSF

    cache_dir aufs /cache1 40000 94 256
    cache_dir aufs /cache2 40000 94 256
    cache_dir aufs /cache3 40000 94 256
    cache_dir aufs /cache4 40000 94 256

    cache_access_log /var/log/squid3/access.log
    cache_log /var/log/squid3/cache.log
    ##cache_store_log none
    ##pid_filename /var/run/squid.pid
    ##cache_swap_log /var/log/squid/swap.state
    ##dns_nameservers /etc/resolv.conf
    ##emulate_httpd_log off
    ##hosts_file /etc/hosts
    ##half_closed_clients off
    negative_ttl 1 minutes

    ###acl all src 0.0.0.0/0.0.0.0
    acl nosite url_regex "/etc/squid3/forbidden.txt"
    acl nofrase url_regex "/etc/squid3/forbiddenfrase.txt"
    ##acl manager proto cache_object
    acl localhost src 192.168.100.14/255.255.255.0
    acl to_localhost dst 192.168.100.14/255.255.255.0
    acl anggiserver src 192.168.103.1/24 #IP lokal kamu
    acl SSL_ports port 443 563 873 # https snews rsync
    acl Safe_ports port 80 # http
    acl Safe_ports port 20 21 # ftp
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 631 # cups
    acl Safe_ports port 10000 # webmin
    acl Safe_ports port 901 # SWAT
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl Safe_ports port 873 # rsync
    acl Safe_ports port 110 # POP3
    acl Safe_ports port 25 # SMTP
    acl Safe_ports port 2095 2096 # webmail from cpanel
    acl Safe_ports port 2082 2083 # cpanel
    acl purge method PURGE
    acl CONNECT method CONNECT

    ALLOWED ACCESS

    http_access allow localhost
    http_reply_access allow all
    http_access deny nosite
    http_access deny nofrase
    ##http_access allow manager localhost
    ##http_access deny manager
    http_access allow anggiserver
    http_access deny all
    http_access allow purge localhost
    http_access deny purge
    http_access deny !Safe_ports !SSL_ports
    http_access deny CONNECT !SSL_ports !Safe_ports

    icp_access allow anggiserver
    icp_access allow localhost
    icp_access deny all
    always_direct deny all

    ###acl waktu_pagi time M T W H F 07:15-11:30
    ###acl waktu_sore time M T W H F 13:30-16:00

    pictures & images

    refresh_pattern -i .(class|css|js|gif|jpg)$ 10080 100% 43200
    refresh_pattern -i .(jpe|jpeg|png|bmp|tif)$ 10080 100% 43200
    refresh_pattern -i .(tiff|mov|avi|qt|mpeg)$ 10080 100% 43200
    refresh_pattern -i .(mpg|mpe|wav|au|mid)$ 10080 100% 43200
    refresh_pattern -i .(zip|gz|arj|lha|lzh)$ 10080 100% 43200
    refresh_pattern -i .(rar|tgz|tar|exe|bin)$ 10080 100% 43200
    refresh_pattern -i .(hqx|pdf|rtf|doc|swf)$ 10080 100% 43200
    refresh_pattern -i .(inc|cab|ad|txt|dll)$ 10080 100% 43200

    refresh_pattern ^http://.google./.* 720 100% 4320
    refresh_pattern ^http://.facebook./.* 720 100% 4320
    refresh_pattern ^http://.yahoo./.* 720 100% 4320
    refresh_pattern ^http://.gmail./.* 720 100% 4320
    refresh_pattern ^http://.detik./.* 720 100% 4320
    refresh_pattern ^http://.viva./.* 720 100% 4320

    #default option
    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern -i (/cgi-bin/|?) 0 0% 0
    refresh_pattern . 0 20% 4320

    cache_mgr support@unirow.ac.id
    visible_hostname anggiproxy.unirow.ac.id
    cache_effective_user proxy
    cache_effective_group proxy
    coredump_dir /var/spool/squid3
    shutdown_lifetime 10 seconds
    logfile_rotate 14



  • @anggraeni.pratiwi:

    google sudah bisa diakses, tapi dia ga bisa membaca perintah blokir situsnya..
    dibantu yaaaaaaaa..  8)

    Untuk memblokir situs yang relative efektive pakai squid guard atau pfbloker



  • iya bang.. aku pake squidguard juga. udah beres kok squid sama squidguardnya..


Log in to reply