Selamat datang di blog saya ... : blog yang masih berantakan: ...

Kamis, 16 Juni 2011

proxy server

iseng2 buka-buka ubuntu eh ternyata bisa ya...

Squid is a caching proxy for the Web supporting HTTP, HTTPS and FTP

Home: http://www.squid-cache.org/

After installing and configuring Squid you must configure your system to use a proxy cache. Change relevant Internet user applications to access the Internet through the proxy: localhost:8080.

The following procedure describes How To install the Squid software package in Ubuntu Linux (8.04 LTS)

1. Install & Configure Squid

a) install:

* sudo apt-get install squid

b) configure:


#-----------------------------------#

# Proxy Server V.3

# by BL4CK3R5

# update 11 Juni 2011

#-----------------------------------#



#---------------------------------------------------------------#

# Port

#---------------------------------------------------------------#

http_port 3128 transparent

icp_port 3130

prefer_direct off

#---------------------------------------------------------------#

# Cache & Object

#---------------------------------------------------------------#

cache_mem 32 MB

cache_swap_low 95

cache_swap_high 98

max_filedesc 8192

maximum_object_size 20480 KB

minimum_object_size 0 KB

maximum_object_size_in_memory 4 bytes

ipcache_size 4096

ipcache_low 98

ipcache_high 99

fqdncache_size 4096

cache_replacement_policy heap LFUDA

memory_replacement_policy heap GDSF

#----------------------------------------------------------------#

# cache_dir

#----------------------------------------------------------------#

cache_dir ufs /home/proxy1 7000 16 256

cache_dir ufs /home/proxy2 7000 16 256

cache_dir ufs /home/proxy3 7000 16 256



cache_access_log /var/log/squid/access.log

cache_log /var/log/squid/cache.log

cache_store_log none

pid_filename /var/run/squid.pid

cache_store_log /var/log/squid/store.log

client_netmask 255.255.255.255

cache_swap_log /var/log/squid/swap.state

dns_nameservers /etc/resolv.conf

emulate_httpd_log off

hosts_file /etc/hosts

half_closed_clients off

negative_ttl 1 minutes

#---------------------------------------------------------------#

# Rules: Safe Port

#---------------------------------------------------------------#

acl all src all

acl manager proto cache_object

acl localhost src 127.0.0.1/32

acl to_localhost dst 127.0.0.0/8 0.0.0.0/32



acl localnet src 10.0.0.0/8 # RFC1918 possible internal network

acl localnet src 172.16.0.0/12 # RFC1918 possible internal network

acl localnet src 192.168.9.0/24 # RFC1918 possible internal network

acl localnet src 192.168.11.0/24



acl SSL_ports port 443 # https

acl SSL_ports port 563 # snews

acl SSL_ports port 873 # rsync

acl Safe_ports port 80 # http

acl Safe_ports port 21 # ftp

acl Safe_ports port 443 # https

acl Safe_ports port 70 # gopher

acl Safe_ports port 210 # wais

acl Safe_ports port 1025-65535 # unregistered ports

acl Safe_ports port 280 # http-mgmt

acl Safe_ports port 488 # gss-http

acl Safe_ports port 591 # filemaker

acl Safe_ports port 777 # multiling http

acl Safe_ports port 631 # cups

acl Safe_ports port 873 # rsync

acl Safe_ports port 901 # SWAT

acl purge method PURGE

acl CONNECT method CONNECT



http_access allow manager localhost

http_access deny manager

http_access allow purge localhost

http_access deny purge

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports

#---------------------------------------------------------------#

# Refresh Pattern

#---------------------------------------------------------------#

refresh_pattern -i \.(gif|png|jpg|jpeg|ico|tiff|tif|bmp)$ 10080 50% 43200 override-expire ignore-no-cache reload-into-ims

refresh_pattern -i \.(swf|rm|rmvb|avi|mpeg|mpg|flv|x-flv|mov|3gp)$ 43200 70% 432000 override-expire ignore-no-cache

refresh_pattern -i \.(wav|mp3|mp4|au|mid)$ 10080 50% 43200 override-expire ignore-no-cache

refresh_pattern -i \.(deb|rpm|exe|ram|bin|pdf|ppt|doc|docx|txt)$ 10080 85% 43200 override-expire ignore-no-cache ignore-auth

refresh_pattern -i \.(zip|gz|arj|lha|lzh|tar|tgz|cab|rar|iso|tar|cab)$ 10080 75% 43200 override-expire ignore-no-cache ignore-auth

refresh_pattern -i \.(css|js|html|htm|php|asp|aspx|cgi|xml) 10080 100% 43200 override-expire ignore-no-cache



refresh_pattern ^ftp: 1440 20% 10080

refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern . 0 20% 4320



#---------------------------------------------------------------#

# SNMP

#---------------------------------------------------------------#

snmp_port 3401

acl snmpsquid snmp_community public

snmp_access allow snmpsquid localhost

snmp_access deny all

#---------------------------------------------------------------#

# ALLOWED ACCESS

#---------------------------------------------------------------#

http_access allow localhost

http_access allow localnet

http_access deny all

http_reply_access allow all

icp_access allow all

htcp_access allow localnet

acl localhost src 192.168.2.0/24

#---------------------------------------------------------------#

# Cache CGI & Administrative

#---------------------------------------------------------------#

cache_mgr blackers147@gmail.com

visible_hostname 127.0.0.1

coredump_dir /var/spool/squid

logfile_rotate 14

#-----------------------------------------------------------------#

#tcp_outgoing_tos 0x30 localnet

#-----------------------------------------------------------------#

zph_mode tos

zph_local 0x30

zph_parent 0

zph_option 136


semoga bermanfaat ya...
Diposting oleh profil saya di 17.57

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)