Previously, make sure the internet gateway (routing) is already running on this computer.eth0 is used for internet ipeth1, ip LAN
1. InstallationFirst of all first install squid via synaptic or via the command prompt with:# Apt-get install squidOnce completed then Squid can be configured directly by:# Vi / etc / squid / squid.confBut before the first edit the original file for backup if damaged can be returned to the default:# Cp / etc / squid / squid.conf / etc / squid / squid.conf.bak
2. Configuring SquidFurthermore Squid configuration script:# Vim / etc / squid / squid.confSquid configuration file will appear very long, following the steps that must be considered ....a. HTTP Port: A port used to run Squid# Http_port 3128http_port 192.168.10.1:8080# Log and erroraccess_log / var / log / squid / access.log squiderror_directory / usr / share / squid / errorslogfile_rotate 7
b. Visible Host Name: So that if an error occurs Squid can find a valid hostnamevisible_hostname localhostlocalhost can be replaced with the IP (eg 192.168.10.254) or domain such as proxykoe.comc. Cache Manager: To define the email address of the Squid Cache Managercache_mgr admin@domain.comd. Squid Cache Directory: Defining the location and magnitude squid directory.Figures 500 show directory size in MBFigures 16 shows the number of sub-directory level 1Figures 256 show the number of subdirectories subdirectory level 2 from level 1The number above the higher the bettercache_dir ufs / var / spool / squid 500 16 256e. Filtering: This is an important part of the Squid, by this we can mngatur rule-rule, from anyone who can access the Internet through websites what is allowed to be accessed.
Access List (acl): Anyone who can access the Internetacl all src allacl manager proto cache_objectacl localnet src 192.168.10.1/255.255.255.0################################################## ############ # # BANDWIDTH MANAGEMENT################################################## ############acl admin src "/ etc / squid / adminacl url_regex site "/ etc / squid / site"acl download urlpath_regex "/ etc / squid / download"################################################## ###############acl denied_domains dstdomain "/ etc / squid / denied_domains.acl"
http_access allow manager localhosthttp_access deny manager# Only allow purge requests from localhosthttp_access allow purge localhosthttp_access deny purgehttp_access allow localhosthttp_access allow adminhttp_access deny workhours denied_domainshttp_access allow localnethttp_access deny all# Deny requests to unknown portshttp_access deny! Safe_ports# Deny CONNECT to other ports Than SSLhttp_access allow CONNECT! SSL_ports
# Delay pools 0, for bandwidth managementdelay_pools 3delay_class 1 1delay_class 2 1delay_class 3 1# Unlimitted access to admindelay_parameters 1 -1/-1delay_access 1 allow admindelay_access 1 deny all# Restrictions speed access to "sites" where the maximum speed 2kbps only if # the site more than 64kbdelay_parameters 2 2000/64000delay_access two sites allowdelay_access 2 deny all# Restrictions on access speed to "download", where the maximum speed 1kbps only if # the download more than 32KBdelay_parameters 3 1000/320003 delay_access allow downloaddelay_access 3 deny all
exit the squid.conf and save that have been altered with the command: Wq
how and what we have stated limit access command and the Access List,acl admin src "/ etc / squid / adminthen first we have to do is create and write what in "admin", by:vim / etc / squid / admin
192.168.10.26192.168.10.5192.168.10.4192.168.10.100192.168.10.102192.168.10.157192.168.10.249192.168.10.250192.168.10.15192.168.10.14
Exit and save, with the command,: wqSo on top of IP-IP, is IP that gets full rights as an admin.
acl url_regex site "/ etc / squid / site"- vim / etc / squid / sitesgudanguploadEasySharesavefilemegauploadshareboxingtubemoviefacebook
Exit and save, with the command,: wq
acl download urlpath_regex "/ etc / squid / download", edited with the command:vim / etc / squid / download, and written. / Doc $. / Exe $. / Pdf $. / Xls $. / Docx $. / Mpeg $. / Tar.gz $$ ./tar.bz2$ ./mp3. / Jpg $. / Jpeg $
Exit and save, with the command,: wq
IP Forwarding, for transparent proxy can be implemented, then we have to enable IP Forwarding by giving a value of 1 in the file "/ proc/sys/net/ipv4/ip_forward" by:
# Echo 1> / proc/sys/net/ipv4/ip_forward
But the command must be run auto startup, so if the computer squid die we do not need repot2 run the command continuously.Next we have to run ip_tables for the client to redirect ports our Squid server with the command:
# Iptables-A PREROUTING-t nat-p tcp-dport 80-j REDIRECT-to-port 8800
Then restart the proxy with the command:# / Etc / init.d / squid restart
1. InstallationFirst of all first install squid via synaptic or via the command prompt with:# Apt-get install squidOnce completed then Squid can be configured directly by:# Vi / etc / squid / squid.confBut before the first edit the original file for backup if damaged can be returned to the default:# Cp / etc / squid / squid.conf / etc / squid / squid.conf.bak
2. Configuring SquidFurthermore Squid configuration script:# Vim / etc / squid / squid.confSquid configuration file will appear very long, following the steps that must be considered ....a. HTTP Port: A port used to run Squid# Http_port 3128http_port 192.168.10.1:8080# Log and erroraccess_log / var / log / squid / access.log squiderror_directory / usr / share / squid / errorslogfile_rotate 7
b. Visible Host Name: So that if an error occurs Squid can find a valid hostnamevisible_hostname localhostlocalhost can be replaced with the IP (eg 192.168.10.254) or domain such as proxykoe.comc. Cache Manager: To define the email address of the Squid Cache Managercache_mgr admin@domain.comd. Squid Cache Directory: Defining the location and magnitude squid directory.Figures 500 show directory size in MBFigures 16 shows the number of sub-directory level 1Figures 256 show the number of subdirectories subdirectory level 2 from level 1The number above the higher the bettercache_dir ufs / var / spool / squid 500 16 256e. Filtering: This is an important part of the Squid, by this we can mngatur rule-rule, from anyone who can access the Internet through websites what is allowed to be accessed.
Access List (acl): Anyone who can access the Internetacl all src allacl manager proto cache_objectacl localnet src 192.168.10.1/255.255.255.0################################################## ############ # # BANDWIDTH MANAGEMENT################################################## ############acl admin src "/ etc / squid / adminacl url_regex site "/ etc / squid / site"acl download urlpath_regex "/ etc / squid / download"################################################## ###############acl denied_domains dstdomain "/ etc / squid / denied_domains.acl"
http_access allow manager localhosthttp_access deny manager# Only allow purge requests from localhosthttp_access allow purge localhosthttp_access deny purgehttp_access allow localhosthttp_access allow adminhttp_access deny workhours denied_domainshttp_access allow localnethttp_access deny all# Deny requests to unknown portshttp_access deny! Safe_ports# Deny CONNECT to other ports Than SSLhttp_access allow CONNECT! SSL_ports
# Delay pools 0, for bandwidth managementdelay_pools 3delay_class 1 1delay_class 2 1delay_class 3 1# Unlimitted access to admindelay_parameters 1 -1/-1delay_access 1 allow admindelay_access 1 deny all# Restrictions speed access to "sites" where the maximum speed 2kbps only if # the site more than 64kbdelay_parameters 2 2000/64000delay_access two sites allowdelay_access 2 deny all# Restrictions on access speed to "download", where the maximum speed 1kbps only if # the download more than 32KBdelay_parameters 3 1000/320003 delay_access allow downloaddelay_access 3 deny all
exit the squid.conf and save that have been altered with the command: Wq
how and what we have stated limit access command and the Access List,acl admin src "/ etc / squid / adminthen first we have to do is create and write what in "admin", by:vim / etc / squid / admin
192.168.10.26192.168.10.5192.168.10.4192.168.10.100192.168.10.102192.168.10.157192.168.10.249192.168.10.250192.168.10.15192.168.10.14
Exit and save, with the command,: wqSo on top of IP-IP, is IP that gets full rights as an admin.
acl url_regex site "/ etc / squid / site"- vim / etc / squid / sitesgudanguploadEasySharesavefilemegauploadshareboxingtubemoviefacebook
Exit and save, with the command,: wq
acl download urlpath_regex "/ etc / squid / download", edited with the command:vim / etc / squid / download, and written. / Doc $. / Exe $. / Pdf $. / Xls $. / Docx $. / Mpeg $. / Tar.gz $$ ./tar.bz2$ ./mp3. / Jpg $. / Jpeg $
Exit and save, with the command,: wq
IP Forwarding, for transparent proxy can be implemented, then we have to enable IP Forwarding by giving a value of 1 in the file "/ proc/sys/net/ipv4/ip_forward" by:
# Echo 1> / proc/sys/net/ipv4/ip_forward
But the command must be run auto startup, so if the computer squid die we do not need repot2 run the command continuously.Next we have to run ip_tables for the client to redirect ports our Squid server with the command:
# Iptables-A PREROUTING-t nat-p tcp-dport 80-j REDIRECT-to-port 8800
Then restart the proxy with the command:# / Etc / init.d / squid restart
0 comments:
Post a Comment