Demo Site

Konfigurasi Squid di Linux Slackware 14.1


Kalo ada yang salah ,,saya minta maaf ,, masih amatir di Slackware :D

1 . Membuat GROUP & USER
~# groupadd squid
~# useradd squid -g squid -d /bin/false -s /nonexistent

2. Download packet SQUID
~# wget http://ftp.arm.slackware.com/slacky/slackware-13.0/network/squid/3.0.STABLE19/squid-3.0.stable19-i486-1sl.txz

3. Install SQUID
~# installpkg squid-3.0.stable19-i486-1sl.txz

4. Memberikan permission agar squid dapat di eksekusi
~# chmod +x /etc/rc.d/rc.squid

5. Setting agar SQUID selalu jalan setiap kali server hidup
~# pico /etc/rc.d/rc.inet2
~# tambahkan script berikut dibaris paling bawah :
  # Start SQUID (Squid proxy 3.0):
     if [ -x /etc/rc.d/rc.squid ]; then
    . /etc/rc.d/rc.squid start
    fi

6. Membuat file access_log & mengubah kepemilikan file
~# touch /var/log/squid/logs/access.log
~# chown -R squid.squid /var/log/squid/logs/access.log

7. Membuat file cache_log & mengubah kepemilikan file
~# touch /var/log/squid/logs/cache.log
~# chown -R squid.squid /var/log/squid/logs/cache.log

8. Membuat file cache_store_log & mengubah kepemilikan file
~# touch /var/log/squid/logs/store.log
~# chown -R squid.squid /var/log/squid/logs/store.log

9. Membuat file pid_filename & mengubah kepemilikan file
~# touch /var/log/squid/logs/squid.pid
~# chown -R squid.squid /var/log/squid/logs/squid.pid

10. Membuat direktori cache untuk squid & merubah kepemilikan
# mkdir /var/log/squid/cache/
# chown -R squid.squid /var/log/squid/cache/

11. Edit squid.conf
~# pico /etc/squid/squid.conf

Berikut Konfigurasi yang saya terapkan :

#---------------------------------------#
#    SQUID 3.0.STABLE19            #
#---------------------------------------#

#----------------port-------------------#
http_port 3128 transparent
icp_port 3130 
prefer_direct off 

#---------------------------------------#
#         Cache & Object        #
#---------------------------------------#
cache_mem 256 MB
cache_swap_low 98
cache_swap_high 99
maximum_object_size 128 MB
minimum_object_size 0 KB

ipcache_size 10240
ipcache_low 98
ipcache_high 99
fqdncache_size 4096
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF

cache_dir aufs /var/log/squid/cache 1000 16 256
cache_access_log /var/log/squid/logs/access.log
cache_log /var/log/squid/logs/cache.log
cache_store_log /var/log/squid/logs/store.log
pid_filename /var/log/squid/logs/squid.pid
dns_nameservers /etc/resolv.conf 
emulate_httpd_log off
hosts_file /etc/hosts
half_closed_clients off


acl SSL_ports port 443 563 873 # https snews rsync
acl Safe_ports port 80 # http
acl Safe_ports port 20 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 631 # cups
acl Safe_ports port 10000 # webmin
acl Safe_ports port 901 # SWAT
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 873 # rsync
acl Safe_ports port 110 # POP3
acl Safe_ports port 25 # SMTP
acl Safe_ports port 2095 2096 # webmail from cpanel
acl Safe_ports port 2082 2083 # cpanel

acl purge method PURGE
acl CONNECT method CONNECT  
http_access deny purge
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports !Safe_ports

#----------------------------------------------#
# ALLOWED ACCESS
#----------------------------------------------#

acl localnet src 192.168.1.0/24 # IP Local
http_access allow localnet
http_access deny all 
http_reply_access allow all
icp_access allow localnet
icp_access deny all
always_direct deny all
dns_nameservers 8.8.8.8 8.8.4.4

#----------------------------------------------#
# Cache CGI & Administrative 
#----------------------------------------------#

cache_mgr sofyanxcode@gmail.com 
visible_hostname Slackware-Linux
cache_effective_user squid
cache_effective_group squid 
coredump_dir /var/spool/squid
shutdown_lifetime 10 seconds
logfile_rotate 14

12. Kalo sudah ,, sekrang membuat swap direktorinya :
~# /usr/sbin/squid -z
--------- >> kalau berhasil hasilnya akan seperti ini :
2014/05/14 5:24:31| Creating Swap Directories
2014/05/14 5:24:31| /var/log/squid/cache exists
2014/05/14 5:24:31| Making directories in /var/log/squid/cache/00
2014/05/14 5:24:31| Making directories in /var/log/squid/cache/01
2014/05/14 5:24:31| Making directories in /var/log/squid/cache/02
2014/05/14 5:24:31| Making directories in /var/log/squid/cache/03
2014/05/14 5:24:31| Making directories in /var/log/squid/cache/04
2014/05/14 5:24:31| Making directories in /var/log/squid/cache/05
2014/05/14 5:24:31| Making directories in /var/log/squid/cache/06
2014/05/14 5:24:31| Making directories in /var/log/squid/cache/07
2014/05/14 5:24:31| Making directories in /var/log/squid/cache/08
2014/05/14 5:24:31| Making directories in /var/log/squid/cache/09
2014/05/14 5:24:31| Making directories in /var/log/squid/cache/0A
2014/05/14 5:24:31| Making directories in /var/log/squid/cache/0B
2014/05/14 5:24:31| Making directories in /var/log/squid/cache/0C
2014/05/14 5:24:31| Making directories in /var/log/squid/cache/0D
2014/05/14 5:24:31| Making directories in /var/log/squid/cache/0E
2014/05/14 5:24:31| Making directories in /var/log/squid/cache/0F

13. Cek konfigurasi SQUID nya
~# /usr/sbin/squid -k parse


14. Untuk pertama kali,, jalan SQUID dengan perintah berikut
~# /usr/sbin/squid -sYD

15. Jalankan SQUID lagi
/etc/rc.d/rc.squid start
Starting Squid: /usr/sbin/squid -DF

16. Agar SQUID bisa terhubung dengan mikrotik ,, aktifkan ip_forward Slackware dengan cara
~#pkgtool
- Pilih setup
- check services
- check rc.ip_forward

17. Kemudian Edit rc.local
~# pico /etc/rc.d/rc.local
Isi iptables dibaris paling bawah

route add default gateway 192.168.10.100    #--> isi dengan gateway mikrotik
iptables -A PREROUTING -t nat -j REDIRECT -p tcp -s 192.168.1.0/24 -d 0/0 --dport 80 --to-ports 3128  # ---> 192.168.1.0/24 isi dengan ip lokal
iptables -A INPUT -p tcp -s 0.0.0.0/0 -d 192.168.10.20 -m state --state NEW,ESTABLISHED -j ACCEPT     #----> 192.168.10.20 isi dengan ip proxy
iptables -A OUTPUT -p tcp -s 192.168.10.20 --sport 3128 -d 0.0.0.0/0 -m state --state ESTABLISHED -j ACCEPT #----> 192.168.10.20 isi dengan ip proxy

Jangan lupa save konfigurasinya :

Cek Squid

~# ps -aux | grep squid
~# netstat -pln | grep squid
~# netstat -pln | grep 3128

Cek Squid di Situs www.whatismyip.com





Selamat mencoba ^_^
Refrensi : forum.linux.or.id , wiki.squid-cache.org, www.squid-cache.org , manual slackware :
Label:

1 komentar:

Langganan: Posting Komentar (Atom)
Linux Slackware