Squid Proxy Server (Squid3)

anggraeni.pratiwi

Brothers… Aku udah konfigurasi squid. tapi kenapa semua situs terblokir ya? termasuk google, gmail,dll. seharusnya kan hanya situs2 tertentu yang diblokir..
mohon pencerahannya :)

pfz

di Squid 3 coba kolom dns gak usah diisi (dikosongin saja)..

anggraeni.pratiwi

skrip configurasi untuk blokir situs posisinya di barisan mana ya bang?

anggraeni.pratiwi

Konfigurasiku kayak gini bang..
google sudah bisa diakses, tapi dia ga bisa membaca perintah blokir situsnya..
dibantu yaaaaaaaa..  8)

Port

http_port 8080
icp_port 3030
prefer_direct off

###server_http11 on

Cache

cache_mem 8 MB
cache_swap_low 98
cache_swap_high 99

max_filedesc 8192

maximum_object_size 128 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 128 KB

ipcache_size 1024
ipcache_low 98
ipcache_high 99
fqdncache_size 4096
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF

cache_dir aufs /cache1 40000 94 256
cache_dir aufs /cache2 40000 94 256
cache_dir aufs /cache3 40000 94 256
cache_dir aufs /cache4 40000 94 256

cache_access_log /var/log/squid3/access.log
cache_log /var/log/squid3/cache.log
##cache_store_log none
##pid_filename /var/run/squid.pid
##cache_swap_log /var/log/squid/swap.state
##dns_nameservers /etc/resolv.conf
##emulate_httpd_log off
##hosts_file /etc/hosts
##half_closed_clients off
negative_ttl 1 minutes

###acl all src 0.0.0.0/0.0.0.0
acl nosite url_regex "/etc/squid3/forbidden.txt"
acl nofrase url_regex "/etc/squid3/forbiddenfrase.txt"
##acl manager proto cache_object
acl localhost src 192.168.100.14/255.255.255.0
acl to_localhost dst 192.168.100.14/255.255.255.0
acl anggiserver src 192.168.103.1/24 #IP lokal kamu
acl SSL_ports port 443 563 873 # https snews rsync
acl Safe_ports port 80 # http
acl Safe_ports port 20 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 631 # cups
acl Safe_ports port 10000 # webmin
acl Safe_ports port 901 # SWAT
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 873 # rsync
acl Safe_ports port 110 # POP3
acl Safe_ports port 25 # SMTP
acl Safe_ports port 2095 2096 # webmail from cpanel
acl Safe_ports port 2082 2083 # cpanel
acl purge method PURGE
acl CONNECT method CONNECT

ALLOWED ACCESS

http_access allow localhost
http_reply_access allow all
http_access deny nosite
http_access deny nofrase
##http_access allow manager localhost
##http_access deny manager
http_access allow anggiserver
http_access deny all
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports !Safe_ports

icp_access allow anggiserver
icp_access allow localhost
icp_access deny all
always_direct deny all

###acl waktu_pagi time M T W H F 07:15-11:30
###acl waktu_sore time M T W H F 13:30-16:00

pictures & images

refresh_pattern -i .(class|css|js|gif|jpg)$ 10080 100% 43200
refresh_pattern -i .(jpe|jpeg|png|bmp|tif)$ 10080 100% 43200
refresh_pattern -i .(tiff|mov|avi|qt|mpeg)$ 10080 100% 43200
refresh_pattern -i .(mpg|mpe|wav|au|mid)$ 10080 100% 43200
refresh_pattern -i .(zip|gz|arj|lha|lzh)$ 10080 100% 43200
refresh_pattern -i .(rar|tgz|tar|exe|bin)$ 10080 100% 43200
refresh_pattern -i .(hqx|pdf|rtf|doc|swf)$ 10080 100% 43200
refresh_pattern -i .(inc|cab|ad|txt|dll)$ 10080 100% 43200

refresh_pattern ^http://.google./.* 720 100% 4320
refresh_pattern ^http://.facebook./.* 720 100% 4320
refresh_pattern ^http://.yahoo./.* 720 100% 4320
refresh_pattern ^http://.gmail./.* 720 100% 4320
refresh_pattern ^http://.detik./.* 720 100% 4320
refresh_pattern ^http://.viva./.* 720 100% 4320

#default option
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|?) 0 0% 0
refresh_pattern . 0 20% 4320

cache_mgr support@unirow.ac.id
visible_hostname anggiproxy.unirow.ac.id
cache_effective_user proxy
cache_effective_group proxy
coredump_dir /var/spool/squid3
shutdown_lifetime 10 seconds
logfile_rotate 14

pfz

@anggraeni.pratiwi:

google sudah bisa diakses, tapi dia ga bisa membaca perintah blokir situsnya..
dibantu yaaaaaaaa..  8)

Untuk memblokir situs yang relative efektive pakai squid guard atau pfbloker

anggraeni.pratiwi

iya bang.. aku pake squidguard juga. udah beres kok squid sama squidguardnya..