Edit squid.conf di redhat

# WELCOME TO SQUID 2
# ——————
#
http_port 192.168.10.1:3000
#———————————————————————
#cache_peer 202.134.0.135 parent 8080 3130 default no-query connect-timeout=10 weight=3
#cache_peer 202.134.1.8 parent 8080 3130 default no-query connect-timeout=10 weight=1
#cache_peer 10.99.21.1 parent 3000 3130 default
#cache_peer 202.134.0.135 sibling 8080 3130 default
#———————————————————————
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
maximum_object_size 10240 KB
cache_replacement_policy lru
memory_replacement_policy heap GDSF
cache_dir ufs /var/spool/squid 400960 64 512
#—————————————————————————
#auth_param basic program /usr/lib/squid/ncsa_auth /etc/webmin/squid/users
#auth_param basic credentialsttl 2 hours
#auth_param basic casesensitive off
#auth_param basic realm ClarkConnect Enterprise Edition – Web Proxy
#auth_param ntlm max_challenge_reuses 1
#authenticate_ttl 60 second
#authenticate_ip_ttl 60 second
#redirect_program /usr/local/bin/squid_redirect
#———————————————————————–
negative_ttl 2 minute
half_closed_clients off
#———————————————————————–
acl no-blok url_regex -i “/etc/squid/no-blok”
acl blok url_regex -i “/etc/squid/blok”
acl blok1 url_regex -i “/etc/squid/blok1”
#—————————————————————————
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
##——————————————————-
acl WAKTU time MTWHFA 08:00-13:59
acl download url_regex -i \.rm$ \.mpg$ \.mpeg$ \.avi$ \.dat$ \.exe$ \.vqf$ \.3gp$
acl download url_regex -i \.zip$ \.bz2$ \.rar$ \.qt$ \.ram$ \.rm$ \.iso$ \.raw$ \.wav$ \.mov$ \.cab$ \.wmv$
acl download url_regex -i \.rhz$ \.dat$ \.hlp$ \.psf$ \.mp3$ \.amr$ \.msi$ \.dll$
##———————————————————————————————–
#acl multiple-login-normal max_user_ip -s 1
#acl AuthorizedUsers proxy_auth
#acl maxuser max_user_ip 1 number
##——————————————————-
acl manager proto cache_object
acl localhost src 127.0.0.0/32
# webconfig: acl_start
#acl webconfig_lan src 10.99.21.0/27 10.99.13.0/29
#acl webconfig_to_lan dst 10.99.21.0/27 10.99.13.0/29
# webconfig: acl_end
##——————————————————-
acl all src 192.168.0.0/255.255.0.0
acl lapkom src 192.168.60.2/32
acl admin src 192.168.20.86/32
acl admin1 src 192.168.20.2/32
acl anik src 192.168.20.3/32
acl yuli src 192.168.20.4/32
acl andri src 192.168.20.5/32
acl darjo src 192.168.20.6/32
acl lusi src 192.168.20.7/32
acl imam src 192.168.20.8/32
acl guru src 192.168.20.9/32
acl guru1 src 192.168.20.10/32
acl kurikulum src 192.168.20.11/32
acl kurikulum1 src 192.168.20.12/32
acl kurikulum2 src 192.168.20.13/32
acl perpus1 src 192.168.40.2/32
acl perpus2 src 192.168.40.3/32
acl perpus3 src 192.168.40.4/32
acl perpus4 src 192.168.40.5/32
acl perpus5 src 192.168.40.6/32
acl perpus6 src 192.168.40.7/32
acl perpus7 src 192.168.40.8/32
acl public src 192.168.1.0/24
##——————————————————–
acl SSL_ports port 443 563
acl SSL_ports port 81 10000
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 81 82 10000 # Web-based administration tools
acl CONNECT method CONNECT
#——————————————————————
#acl ncsa_users proxy_auth REQUIRED
#acl multiple-login-normal max_user_ip -s 1
#acl maxuser max_user_ip 1 number
#——————————————————————
http_access allow manager localhost
http_access deny manager
#http_access allow webconfig_to_lan
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
##—————————————————————–
#http_access allow ncsa_users
#http_access allow multiple-login-normal
#http_access allow maxuser
#——————————————————————
http_access allow no-blok all
http_access allow no-blok lapkom
http_access allow no-blok admin
http_access allow no-blok admin1
http_access allow no-blok anik
http_access allow no-blok yuli
http_access allow no-blok andri
http_access allow no-blok darjo
http_access allow no-blok lusi
http_access allow no-blok imam
http_access allow no-blok guru
http_access allow no-blok guru1
http_access allow no-blok kurikulum
http_access allow no-blok kurikulum1
http_access allow no-blok kurikulum2
http_access allow no-blok public
http_access allow no-blok perpus1
http_access allow no-blok perpus2
http_access allow no-blok perpus3
http_access allow no-blok perpus4
http_access allow no-blok perpus5
http_access allow no-blok perpus6
http_access allow no-blok perpus7
##—————————————————————-
http_access deny blok1 lapkom
http_access deny blok admin
http_access deny blok admin1
http_access deny blok1 anik
http_access deny blok1 yuli
http_access deny blok1 andri
http_access deny blok1 darjo
http_access deny blok1 lusi
http_access deny blok1 imam
http_access deny blok1 guru
http_access deny blok1 guru1
http_access deny blok1 kurikulum
http_access deny blok1 kurikulum1
http_access deny blok1 kurikulum2
http_access deny blok1 perpus1
http_access deny blok1 perpus2
http_access deny blok1 perpus3
http_access deny blok1 perpus4
http_access deny blok1 perpus5
http_access deny blok1 perpus6
http_access deny blok1 perpus7
http_access deny blok public
##—————————————————————-
http_access allow lapkom
http_access allow admin
http_access allow admin1
http_access allow anik
http_access allow yuli
http_access allow andri
http_access allow darjo
http_access allow lusi
http_access allow imam
http_access allow guru
http_access allow guru1
http_access allow kurikulum
http_access allow kurikulum1
http_access allow kurikulum2
http_access allow perpus1
http_access allow perpus2
http_access allow perpus3
http_access allow perpus4
http_access allow perpus5
http_access allow perpus6
http_access allow perpus7
http_access allow public
#—————————————————————-
http_access allow localhost
http_access allow all
http_reply_access allow all
icp_access allow all
reply_body_max_size 0 allow all
cache_mgr Admin@smkn1-wno.sch.id
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
delay_pools 0
# webconfig: http_port_start
http_port 192.168.10.1:3000
#http_port 127.0.0.1:3128
# webconfig: http_port_end

#—————————————————————-

edit squid.conf yang ada di /etc/squid/squid.conf
buat swap dengan perintah : squid -z
restart squid : service squid restart
rekonfigure : squid -k reconfigure

edit file rc.local di /etc/rc.local

iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -j SNAT –to 192.168.1.3
iptables -A PREROUTING -t nat -j REDIRECT -p tcp -s 192.168.10.0/24 -d 0/0 –dport 80 –to-ports 3000

edit file sysctl.conf
net.ipv4.ip_forward =1 (ubah 0 menjadi 1)

edit eth0 dan 1 di
vi /etc/sysconfig/network-scripts/ifcfg-eth0
vi /etc/sysconfig/network-scripts/ifcfg-eth1

edit dns di /etc/resolv.conf
nameserver 203.130.208.18

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s