My Weblog

Just another WordPress.com weblog

Instalasi Squid, Banner Filter, Porn Filter, Limit Bandwith, Transparan Proxy

Instalasi Squid, Banner Filter, Porn Filter, Limit Bandwith, Transparan Proxy

1. Instalasi Banner Filter

Penempatan direktori Banner Filter harus didalam direktori www kita. misal saya di /usr/local/apache/htdocs .

download souce di http://phroggy.com/files/unix/bannerfilter-1.21.tar.gz

# wget http://phroggy.com/files/unix/bannerfilter-1.21.tar.gz

Ekstrak source bannerfilter-1.21.tar.gz :

[root@PROXYhanny]# tar -xzvf bannerfilter-1.21.tar.gz

Kemudian pindahkan hasil exstrak bannerfilter-1.21.tar.gz ke dalam /usr/local/apache/htdocs

# mv bannerfilter-1.21 /usr/local/apache/htdocs/bannerfilter

# cd /usr/local/apache/htdocs/bannerfilter

Edit file bannerfilter.conf

[root@PROXY bannerfilter]# mv bannerfilter.conf /etc

[root@PROXY bannerfilter]# vi /etc/bannerfilter.conf

Contoh isi bannerfilter.conf saya :

# Path to the directory containing the data files:

$DATA=’/usr/local/apache/htdocs/bannerfilter’;

# URL of the directory containing the HTML and graphics files

# (this must be accessible by the machine running Squid; it does

# not need to be accessible to the client machines):

$WWW=’http://www.rsds.or.id/bannerfilter/www’;

# Path to the banner log file if you want one, or leave empty (if

# specified, Squid must have write access to this file):

$LOG=”;

# $LOG=’/tmp/bannerlog.txt’;

# If you prefer not to see “Blocked”, use null.gif instead of

# banner.gif:

$BANNERGIF=’banner.gif’;

Penambahan script bannerfilter nantinya akan diletakan didalam squid.conf

redirect_program /usr/local/apache/htdocs/bannerfilter/redirector.pl

Didalam file squid.conf.hanny, sudah saya tambahkan script untuk menjalankan Banner Filter dan Porn Filter :

redirect_program /usr/local/apache/htdocs/bannerfilter/redirector.pl

acl porn url_regex “/usr/local/squid/etc/porn.txt”

http_access deny porn

“Jika anda tidak menginginkan Banner Filter atau Porn Filter berjalan, maka pada awal script Banner Filter atau Porn Filter dalam file squid.conf.hanny harus di beri tanda ” # ” :

#redirect_program /usr/local/apache/htdocs/bannerfilter/redirector.pl

#acl porn url_regex “/usr/local/squid/etc/porn.txt”

#http_access deny porn

3. Limit Bandwith

Dalam file squid.conf.hanny, juga sudah saya tambahkan script untuk menggunakan delay pool :

#———————— DELAY POLL KONFIGURASI HANNY —————————

#This is the most important part for shaping incoming traffic with Squid

#For detailed description see squid.conf file or docs at http://www.squid-cache.org

#We don’t want to limit downloads on our local network

acl magic_words1 url_regex -i 192.168.

#We want to limit downloads of these type of files

#Put this all in one line

acl magic_words2 url_regex -i ftp .exe .mp3 .vqf .tar.gz .gz .rpm .zip .rar .avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav

#We don’t block .html, .gif, .jpg and similar files, because they

#generally don’t consume much bandwith

#We have two different delay_pools

delay_pools 2

#First delay pool

#W don’t want to delay our local traffic

#There are three pool classes; here we will deal only with the second

delay_class 1 2

#-1/-1 mean that there are no limits

delay_parameters 1 -1/-1 -1/-1

#magic_words1: 192.168

delay_access 1 allow magic_words1

#Second delay pool

#we want to delay downloading files mentioned in magic_words2

delay_class 2 2

#The numbers here are values in bytes;

#we must remember that Squid doesn’t consider start/stop bits

#5000/150000 are values for the whole network

#5000/120000 are values for the single IP

#after downloaded files exceed about 150000 bytes,

#(or even twice or three times as much)

#they will continue to download at about 5000 bytes/s

delay_parameters 2 5000/150000 5000/120000

delay_access 2 allow magic_words2

#——————————————————————————–

“Jika anda tidak menginginkan Limit Bandwith berjalan, maka pada awal script delay poll dalam file squid.conf.hanny harus diberi tanda ” # “

#———————— DELAY POLL KONFIGURASI HANNY —————————

#This is the most important part for shaping incoming traffic with Squid

#For detailed description see squid.conf file or docs at http://www.squid-cache.org

#We don’t want to limit downloads on our local network

#acl magic_words1 url_regex -i 192.168.

#We want to limit downloads of these type of files

#Put this all in one line

acl magic_words2 url_regex -i ftp .exe .mp3 .vqf .tar.gz .gz .rpm .zip .rar .avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav

#We don’t block .html, .gif, .jpg and similar files, because they

#generally don’t consume much bandwith

#We have two different delay_pools

#delay_pools 2

#First delay pool

#W don’t want to delay our local traffic

#There are three pool classes; here we will deal only with the second

#delay_class 1 2

#-1/-1 mean that there are no limits

#delay_parameters 1 -1/-1 -1/-1

#magic_words1: 192.168

#delay_access 1 allow magic_words1

#Second delay pool

#we want to delay downloading files mentioned in magic_words2

#delay_class 2 2

#The numbers here are values in bytes;

#we must remember that Squid doesn’t consider start/stop bits

#5000/150000 are values for the whole network

#5000/120000 are values for the single IP

#after downloaded files exceed about 150000 bytes,

#(or even twice or three times as much)

#they will continue to download at about 5000 bytes/s

#delay_parameters 2 5000/150000 5000/120000

#delay_access 2 allow magic_words2

#——————————————————————————–

Merubah nama file squid..conf yang asli dari komputer anda ke nama file lain. (sebagai back-up)

Dan merubah squid.conf.hanny menjadi squid.conf

# mv squid.conf squid.conf.punyaku

# mv squid.conf.hanny squid.conf

4. Instalasi Porn Filter

Buatlah terlebih dahulu file dengan nama porn.txt

# touch porn.txt

Isikan file porn.txt dengan site-site yang hendak anda tutup, misal http://www.17tahun.com

# vi porn.txt

isikan dengan kata 17tahun

Menjalankan squid

Memberi hak direktori squid dan bannerfilter agar proses berjalan lancar :

# chown -R squid.squid /usr/local/squid

# chown -R squid.squid /usr/local/apache/htdocs/bannerfilter

Jalankan daemon squid anda :

# /usr/local/squid/sbin/squid

Cek squid anda apakah jalan atau tidak :

# netstat -pln | grep squid

tcp 0 0 0.0.0.0 :8080 0.0.0.0:* LISTEN 777/(squid)

udp 0 0 0.0.0.0 :32771 0.0.0.0:* 777/(squid)

udp 0 0 0.0.0.0 :3130 0.0.0.0:* 777/(squid)

Jika keluar seperti hal diatas, maka squid anda telah berjalan !! rokokan dulu ah…: )

Test Squid Dari Komputer Client

Lakukan penge-test ping antar network anda, misal server anda mempunyai ip 192.168.0.1 dan ip windows client anda 192.1

Source : http://efnet.linux.or.id/docs

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: