PROXY SERVER

INSTALL SQUID DI FREEBSD SERVER

sq

1. SPESIFIKASI PARTISI SERVER UNTUK PROXY
512M    /tmp
1024M   swap
5G      /var
15G     /usr
58G    /cache

2. UPDATE SERVER FREEBSD VIA PORTS
root@proxy#portsnap fetch update
3. INSTALL SQUID
root@proxy#cd /usr/ports/www/squid
root@proxy# make install clean
root@proxy# rehash;
4. EDIT FILE rc.conf
root@proxy# echo ‘squid_enable=”YES”‘ >> /etc/rc.conf
atau
root@proxy#cd /etc
root@proxy:/etc#ee rc.conf
tambahkan :
squid_enable=”YES”
5. COPY squid.conf.default menjadi squid.conf
root@proxy:/usr/local/etc/squid#cp squid.conf.default squid.conf
6. EDIT FILE squid.conf
root@proxy:/usr/local/etc/squid#ee squid.conf
######CONFIG START
http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin ?
no_cache deny QUERY
cache_mem 8 MB
maximum_object_size 50960 KB
maximum_object_size_in_memory 16 KB
cache_dir diskd /squidcache/squid/cache 80000 16 256
cache_access_log /var/log/squid/access.log
cache_log none
cache_store_log none
pid_filename /var/run/squid.pid
hosts_file /etc/hosts
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 10080
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 8080 #also http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl blacklist dstdomain “/usr/local/etc/squid/blacklist.txt”
http_access deny blacklist
http_access allow manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
# 172.16.2.0 sesuai kan dengan LAN IP address
acl our_networks src 172.16.2.0/24
http_access allow our_networks
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all
cache_mgr webmaster@ltsppos.net
cache_effective_user squid
visible_hostname proxy.ltsppos.net
cachemgr_passwd secret all
coredump_dir /squid/coredump
######CONFIG END
7. BUAT DIRECKTORI SEPERTI PERINTAH DIBAWAH INI
root@proxy# mkdir /squid
root@proxy# mkdir /squid/coredump/
root@proxy# mkdir /squid/coredump/cache
root@proxy# mkdir /var/log/squid
root@proxy# touch /usr/local/etc/squid/blacklist.txt
root@proxy# touch /var/run/squid.pid
root@proxy# echo ‘.hacker.ru’ >> /usr/local/etc/squid/blacklist.txt
root@proxy# chown -R squid:squid /usr/local/etc/squid/blacklist.txt
root@proxy# chown -R squid:squid /var/log/squid
root@proxy# chown -R squid:squid /var/run/squid.pid
root@proxy# chown -R squid:squid /squid

root@proxy#squid -z

root@proxy#init 6
8. BUKA WEBROWSER CLIENT TAMBAHKAN URL
proxy.ltsppos.net:3128
root@proxy# tail -f /var/log/squid/access.log
root@proxy#squid -k reconfigure
9. EDIT loader.conf
root@proxy:/boot#touch loader.conf
root@proxy:/boot#ee loader.conf
kern.ipc.msgmnb=8192
kern.ipc.msgmni=40
kern.ipc.msgseg=512
kern.ipc.msgssz=64
kern.ipc.msgtql=2048
root@proxy:/boot#init 6
10. JALANKAN PERINTAH SQUID
root@proxy#/usr/local/etc/rc.d/squid start
11. LIHAT PROSES SQUID YANG BERJALAN
root@proxy#ps aux|grep squid
SELAMAT MENCOBA !!!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s