Squid Proxy Server (Squid3)
-
Brothers… Aku udah konfigurasi squid. tapi kenapa semua situs terblokir ya? termasuk google, gmail,dll. seharusnya kan hanya situs2 tertentu yang diblokir..
mohon pencerahannya :) -
di Squid 3 coba kolom dns gak usah diisi (dikosongin saja)..
-
skrip configurasi untuk blokir situs posisinya di barisan mana ya bang?
-
Konfigurasiku kayak gini bang..
google sudah bisa diakses, tapi dia ga bisa membaca perintah blokir situsnya..
dibantu yaaaaaaaa.. 8)Port
http_port 8080
icp_port 3030
prefer_direct off###server_http11 on
Cache
cache_mem 8 MB
cache_swap_low 98
cache_swap_high 99max_filedesc 8192
maximum_object_size 128 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 128 KBipcache_size 1024
ipcache_low 98
ipcache_high 99
fqdncache_size 4096
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSFcache_dir aufs /cache1 40000 94 256
cache_dir aufs /cache2 40000 94 256
cache_dir aufs /cache3 40000 94 256
cache_dir aufs /cache4 40000 94 256cache_access_log /var/log/squid3/access.log
cache_log /var/log/squid3/cache.log
##cache_store_log none
##pid_filename /var/run/squid.pid
##cache_swap_log /var/log/squid/swap.state
##dns_nameservers /etc/resolv.conf
##emulate_httpd_log off
##hosts_file /etc/hosts
##half_closed_clients off
negative_ttl 1 minutes###acl all src 0.0.0.0/0.0.0.0
acl nosite url_regex "/etc/squid3/forbidden.txt"
acl nofrase url_regex "/etc/squid3/forbiddenfrase.txt"
##acl manager proto cache_object
acl localhost src 192.168.100.14/255.255.255.0
acl to_localhost dst 192.168.100.14/255.255.255.0
acl anggiserver src 192.168.103.1/24 #IP lokal kamu
acl SSL_ports port 443 563 873 # https snews rsync
acl Safe_ports port 80 # http
acl Safe_ports port 20 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 631 # cups
acl Safe_ports port 10000 # webmin
acl Safe_ports port 901 # SWAT
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 873 # rsync
acl Safe_ports port 110 # POP3
acl Safe_ports port 25 # SMTP
acl Safe_ports port 2095 2096 # webmail from cpanel
acl Safe_ports port 2082 2083 # cpanel
acl purge method PURGE
acl CONNECT method CONNECTALLOWED ACCESS
http_access allow localhost
http_reply_access allow all
http_access deny nosite
http_access deny nofrase
##http_access allow manager localhost
##http_access deny manager
http_access allow anggiserver
http_access deny all
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports !Safe_portsicp_access allow anggiserver
icp_access allow localhost
icp_access deny all
always_direct deny all###acl waktu_pagi time M T W H F 07:15-11:30
###acl waktu_sore time M T W H F 13:30-16:00pictures & images
refresh_pattern -i .(class|css|js|gif|jpg)$ 10080 100% 43200
refresh_pattern -i .(jpe|jpeg|png|bmp|tif)$ 10080 100% 43200
refresh_pattern -i .(tiff|mov|avi|qt|mpeg)$ 10080 100% 43200
refresh_pattern -i .(mpg|mpe|wav|au|mid)$ 10080 100% 43200
refresh_pattern -i .(zip|gz|arj|lha|lzh)$ 10080 100% 43200
refresh_pattern -i .(rar|tgz|tar|exe|bin)$ 10080 100% 43200
refresh_pattern -i .(hqx|pdf|rtf|doc|swf)$ 10080 100% 43200
refresh_pattern -i .(inc|cab|ad|txt|dll)$ 10080 100% 43200refresh_pattern ^http://.google./.* 720 100% 4320
refresh_pattern ^http://.facebook./.* 720 100% 4320
refresh_pattern ^http://.yahoo./.* 720 100% 4320
refresh_pattern ^http://.gmail./.* 720 100% 4320
refresh_pattern ^http://.detik./.* 720 100% 4320
refresh_pattern ^http://.viva./.* 720 100% 4320#default option
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|?) 0 0% 0
refresh_pattern . 0 20% 4320cache_mgr support@unirow.ac.id
visible_hostname anggiproxy.unirow.ac.id
cache_effective_user proxy
cache_effective_group proxy
coredump_dir /var/spool/squid3
shutdown_lifetime 10 seconds
logfile_rotate 14 -
google sudah bisa diakses, tapi dia ga bisa membaca perintah blokir situsnya..
dibantu yaaaaaaaa.. 8)Untuk memblokir situs yang relative efektive pakai squid guard atau pfbloker
-
iya bang.. aku pake squidguard juga. udah beres kok squid sama squidguardnya..