> Install squid
# apt-get install squid
> Matikan squid dahulu :
# /etc/init.d/squid stop
> Edit squid :
#pico /etc/squid/squid.conf
cari dan tambahkan : ( hilangkan tanda # )
http_port 3128 transparent -> port default proxy
cache_mem 16 mb
cache_dir ufs /var/spool/squid 500 16 256
cache_mgr admin@princez.com
visible_hostname proxy.tkj.com -> nama visible hostname kamu
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
> Kemudian cari tulisan : acl CONNECT method CONNECT, dan tambahkan
acl situs url_regex -i “/etc/situsterlarang.txt” -> u/ blokir setiap situs
http_access deny situs
acl lan src 192.168.1.0/24
http_access allow lan
http_access allow all
> lalu save .
> Konfigurasi interfacenya :
# pico /etc/network/interface
iface lo inet loopback
iface eth0 inet static
address 192.168.123.13
netmask 255.255.255.0
gateway 192.168.123.1
iface eth2 inet static
address 192.168.1.1
netmask 255.255.255.0
broadcast 192.168.1.255
network 192.168.1.0
auto eth0 eth2
auto lo
> Lalu buat file untuk mengeblok situsnya :
# mcedit /etc/situsterlarang.txt
friendster
yahoo
> Dan save.
> Buat swap :
# squid -z
> Kemudian aktifkan ip_forwading dan tabel routing dg perintah :
# echo 1 > /proc/sys/net/ipv4/ip_forwad
# iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE
> Lalu kita REDIRECT port 80 ke port 3128 dg perintah :
# iptables -t nat -A PREROUTING -s 192.168.1.0/24 -p tcp –dport 80 -j REDIRECT –to-ports 3128
# iptables-save
> Lalu restart squid ;
# /etc/init.d/squid restart
> Cek situs yg telah di blok / dipindahkan portnya …
0 komentar:
Posting Komentar