Instalasi dan Konfigurasi Squid Proxy pada CentOS Server 6

Berikut ini adalah langkah-langkah untuk instalasi Squid.

Pertama pastikan pengguna telah meng-update CentOS Server, apabila belum maka lakukanlah command berikut ini:

yum -y update

Setelah proses upgrade selesai, langkah selanjutnya adalah instalasi squid. Lakukan command berikut ini:

yum -y install squid

Secara default file konfigurasi squid berada ada direktori "/etc/squid/squid.conf" yang berisi fitur konfigurasi minimum dan fitur caching yang disarankan akan bekerja tanpa melakukan perubahan. Konfigurasi minimum yang disarankan akan terlihat seperti di bawah ini:

#
# Recommended minimum configuration:
#
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
 
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
 
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT
 
#
# Recommended minimum Access Permission configuration:
#
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
 
# Deny requests to certain unsafe ports
http_access deny !Safe_ports
 
# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
 
# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost
 
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
http_access allow localnet
http_access allow localhost
 
# And finally deny all other access to this proxy
http_access deny all
 
# Squid normally listens to port 3128
http_port 3128
 
# We recommend you to use at least the following line.
hierarchy_stoplist cgi-bin ?
 
# Uncomment and adjust the following to add a disk cache directory.
#cache_dir ufs /var/spool/squid 100 16 256
 
# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid
 
# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|?) 0     0%      0
refresh_pattern .               0       20%     4320

Sekarang Jalankan Squid Proxynya dengan melakukan command berikut:

service squid start

Dan jalankan Squid Proxynya secara otomatis dengan melakukan command berikut:

chkconfig --levels 235 squid on

Setelah itu, Setting browser anda agar menggunakan proxy. 

Firefox : Options / Preferences » Advanced » Network » Settings » Choose “Manual proxy configuration ” » Type your Proxy server ip ("IP Anda) and port no 3128.

Selanjutnya. cobalah browsing menggunakan browser yang telah di setting proxynya, dan liat lah log pada sisi server. dengan melakukan command berikut ini:

cat /var/log/squid/access.log

maka, output yang akan dikeluarkan akan seperti ini:

1343759484.331   1828 192.168.1.15 TCP_MISS/200 7005 GET http://www.krizna.com/ - DIRECT/216.172.163.231 text/html
1343759484.645    265 192.168.1.15 TCP_MISS/304 477 GET http://platform.twitter.com/widgets.js - DIRECT/23.64.79.144 application/javascript
1343759484.681    309 192.168.1.15 TCP_MISS/304 839 GET http://apis.google.com/js/plusone.js - DIRECT/173.194.36.36 -
1343759485.005    178 192.168.1.15 TCP_MISS/200 495 GET http://www.google-analytics.com/__utm.gif? - DIRECT/74.125.236.142 image/gif
1343759502.763  20292 192.168.1.15 TCP_MISS/200 1898 CONNECT s-static.ak.facebook.com:443 - DIRECT/23.64.66.110 -
1343759502.765  20292 192.168.1.15 TCP_MISS/200 1898 CONNECT s-static.ak.facebook.com:443 - DIRECT/23.64.66.110 -
1343759723.040 240567 192.168.1.15 TCP_MISS/200 2904 CONNECT plusone.google.com:443 - DIRECT/173.194.36.41 -
1343759933.642    958 192.168.1.15 TCP_MISS/304 394 GET http://www.krizna.com/ - DIRECT/216.172.163.231 -
1343759934.518    459 192.168.1.15 TCP_MISS/200 495 GET http://www.google-analytics.com/__utm.gif? - DIRECT/173.194.36.8 image/gif
1343759943.131   2186 192.168.1.15 TCP_MISS/200 8343 CONNECT www.facebook.com:443 - DIRECT/66.220.146.94 -
1343759943.266  10616 192.168.1.15 TCP_MISS/200 2790 CONNECT apis.google.com:443 - DIRECT/74.125.236.128 -
1343759943.267  10615 192.168.1.15 TCP_MISS/200 2228 CONNECT ssl.gstatic.com:443 - DIRECT/74.125.236.143 -
1343759950.875   2596 192.168.1.15 TCP_MISS/200 32219 CONNECT www.facebook.com:443 - DIRECT/66.220.146.94 -
1343759961.388  20443 192.168.1.15 TCP_MISS/200 1911 CONNECT s-static.ak.fbcdn.net:443 - DIRECT/23.64.77.177 -

 


Share this Post:

We provide best consulting services. Meet our Experts and Get Free Consulting! Contact Now