Jumat, 26 Februari 2010

Install proxy di freeBSD

Membangun proxy server di mesin freeBSD

1. Download Source

http://www.cpan.org/src/5.0/perl-5.9.5.tar.gz

http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE13.tar.gz


2. Extract program squid

#tar -xzvf squid-2.6.STABLE13.tar.gz
#cd squid-2.6.STABLE13

#./configure --prefix=/usr/local/squid --disable-ident-lookups --enable-large-cache-files --enable-ipf-transparent --enable-removal-policies=lru,heap --enable-storeio=coss,aufs,ufs --enable-delay-pools

#make && make install

#cd /usr/local/squid/

#mkdir cache

#mkdir logs

#mkdir coss ( jika memakai coss / optional )

#chown - R nobody:nogroup cache

#chown -R nobody:nogroup logs

#chown –R nobody:nogroup coss

#cd /etc/

#ee squid.conf


isi squid.conf ( missal isi dibawah ini )


http_port 8080 transparent
icp_port 3130

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin \?

no_cache deny QUERY

cache_mem 8 MB

cache_swap_low 88

cache_swap_high 98

#cache_dir coss /usr/local/squid/coss 3000 max-size=256000 block-size=512

cache_dir ufs /usr/local/squid/cache 300 16 256

cache_access_log /usr/local/squid/logs/access.log

cache_log /usr/local/squid/logs/cache.log

cache_store_log none

pid_filename /usr/local/squid/logs/squid.pid

dns_nameservers 1.2.3.4 6.7.8.9 (isi DNS Server ISP )

redirect_program /usr/bin/squidGuard -c /usr/squidGuard/squidGuard.conf

#redirect_children 16

refresh_pattern ^ftp: 1440 20% 10080

refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern . 0 20% 4320

positive_dns_ttl 24 hours

memory_pools_limit 128 MB

ie_refresh on

maximum_object_size_in_memory 100 KB

quick_abort_min 0 KB

quick_abort_max 0 KB

request_header_max_size 10 KB

request_body_max_size 4796 KB

ipcache_size 8000

auth_param basic children 5

auth_param basic realm Squid proxy-caching web server

auth_param basic credentialsttl 2 hours

auth_param basic casesensitive off

client_persistent_connections on

server_persistent_connections on

forwarded_for off

acl all src 0.0.0.0/0.0.0.0

acl manager proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl coba src 10.10.10.0/25

acl SSL_ports port 443 563

acl Safe_ports port 80 # http

acl Safe_ports port 21 # ftp

acl Safe_ports port 443 563 # https, snews

acl Safe_ports port 70 # gopher

acl Safe_ports port 210 # wais

acl Safe_ports port 1025-65535 # unregistered ports

acl Safe_ports port 280 # http-mgmt

acl Safe_ports port 488 # gss-http

acl Safe_ports port 591 # filemaker

acl Safe_ports port 777 # multiling http

acl CONNECT method CONNECT

acl sendmail port 25

http_access allow manager localhost

http_access deny manager

http_access deny sendmail

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports

# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS

http_access allow coba

http_access deny all

icp_access allow coba

icp_access deny all

always_direct allow coba

visible_hostname proxy.coba.coba

cache_mgr herusm@yahoo.com

cache_effective_user nobody



# cp squid.conf /usr/local/squid/etc/squid.conf (mengcopy hasil editan squid.conf ke directori tersebut )
# cd /usr/local/squid/log (masuk directory)

# touch -f access.log (membuat file)

# touch -f cache.log

# chown -R nobody:nogroup access.log

# chown -R nobody:nogroup cache.log

# chmod 777 access.log

# chmod 777 cache.log

#/usr/local/squid/sbin/squid –z
( buat swap directory )
#/usr/local/squid/sbin/squid –sYD
( menjalankan squid )

SELAMAT MENCOBA
SEMOGA BERHASIL......

0 comment:

Posting Komentar

Lencana Facebook

 

Copyright 2009 Andy's blog. All rights reserved.
Blogger Templates created by Deluxe Templates
WordPress Themes designed by EZwpthemes