Cara membuat Proxy Pada Ubuntu



Setelah login Ubuntu lalu Install Paket
- sudo apt-get update
- sudo apt-get install squid
- sudo apt-get install squid squidclient squid-cgi
- sudo apt-get install ccze

setelah selesai install paket lakukan edit squid.conf " biar mudah pakai saja software WINSCP & PUTTY

squid.conf
- hapus isi squid.conf kamu dan ganti dg isi squid.conf di bawah ini...

#-----------------------------------#
# Proxy Server Versi 2.7.Stable7
#-----------------------------------#

#---------------------------------------------------------------#
# Port
#---------------------------------------------------------------#

http_port 3128 transparent
icp_port 3130
prefer_direct off

#---------------------------------------------------------------#
# Mengatasi Facebook Blank setelah login
#---------------------------------------------------------------#

server_http11 on

#---------------------------------------------------------------#
# Cache & Object
#---------------------------------------------------------------#

cache_mem 8 MB
cache_swap_low 98
cache_swap_high 99
max_filedesc 8192
maximum_object_size 128 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 128 KB

ipcache_size 4096
ipcache_low 98
ipcache_high 99
fqdncache_size 4096
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF

#----------------------------------------------------------------#
# cache_dir
#----------------------------------------------------------------#

cache_dir aufs /home/proxy1 7000 16 256
cache_dir aufs /home/proxy2 7000 16 256
cache_dir aufs /home/proxy3 7000 16 256

cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
pid_filename /var/run/squid.pid
cache_swap_log /var/log/squid/swap.state
dns_nameservers /etc/resolv.conf
emulate_httpd_log off
hosts_file /etc/hosts
half_closed_clients off
negative_ttl 1 minutes

#---------------------------------------------------------------#
# Rules: Safe Port
#---------------------------------------------------------------#

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 873 # https snews rsync
acl Safe_ports port 80 # http
acl Safe_ports port 20 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 631 # cups
acl Safe_ports port 10000 # webmin
acl Safe_ports port 901 # SWAT
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 873 # rsync
acl Safe_ports port 110 # POP3
acl Safe_ports port 25 # SMTP
acl Safe_ports port 2095 2096 # webmail from cpanel
acl Safe_ports port 2082 2083 # cpanel

acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports !Safe_ports

#---------------------------------------------------------------#
# Refresh Pattern
#---------------------------------------------------------------#

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|mpg|swf|flv|x-flv)$ 43200 90% 432000 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(deb|rpm|exe|ram|bin|pdf|ppt|doc|tiff)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(zip|gz|arj|lha|lzh|tar|tgz|cab|rar)$ 10080 95% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(html|htm|css|js|php|asp|aspx|cgi) 1440 40% 40320
refresh_pattern . 0 20% 4320

#---------------------------------------------------------------#
# SNMP
#---------------------------------------------------------------#

snmp_port 3401
acl snmpsquid snmp_community public
snmp_access allow snmpsquid localhost
snmp_access deny all

#---------------------------------------------------------------#
# ALLOWED ACCESS
#---------------------------------------------------------------#

acl proxyku src 172.19.196.0/24
http_access allow proxyku
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow proxyku
icp_access allow localhost
icp_access deny all
always_direct deny all

#---------------------------------------------------------------#
# Cache CGI & Administrative
#---------------------------------------------------------------#

cache_mgr superbejo_354@host.net
cache_effective_user proxy
cache_effective_group proxy
coredump_dir /var/spool/squid
shutdown_lifetime 10 seconds
logfile_rotate 14

#-----------------------------------------------------------------#
#tcp_outgoing_tos 0x30 localnet
#-----------------------------------------------------------------#

zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136











Langkah selanjutnya

stop squid dengan perintah : /etc/init.d/squid stop (ubuntu 9.10) atau squid stop (ubuntu 10.04)

Memberikan permission pada folder cache
chown -R proxy.proxy /home/proxy1
chown -R proxy.proxy /home/proxy2
chown -R proxy.proxy /home/proxy3
chown -R proxy.proxy /var/log/squid/access.log

Membuat folder-folder swap/cache di dalam folder cache yang telah ditentukan dg perintah :
squid -f /etc/squid/squid.conf -z

Restart squid.
/etc/init.d/squid restart (ubuntu 9.10) atau squid restart (ubuntu 10.04)


• Buat rule iptables agar port HTTP (80) dari client dibelokkan ke port Proxy (3128).

iptables -t nat -I PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
iptables -t nat -I PREROUTING -i eth0 -p udp -m udp --dport 80 -j REDIRECT --to-ports 3128
Previous
Next Post »

NOTE :

* Silahkan berkomentar dengan SOPAN,SANTUN dan BIJAK
* Jika anda tidak memiliki akun Google anda bisa gunakan Name/URL
- isi Name dengan Nama Anda
- isi URL dengan link/url profile Facebook Anda atau Twitter Anda atau yang lainnya
* Mohon jangan menyisipkan Link Hidup!!! ConversionConversion EmoticonEmoticon