Tutorial PROXY SERVER



CARA MEMBUAT PROXY SERVER

Perintah untuk membuat Proxy server


Setting Static IP
(eth0=external LAN, eth1=internal LAN)

1. Disable Network Manager

    sudo update-rc.d -f NetworkManager remove
    sudo apt-get remove network-manager network-manager-gnome

2. Edit File /etc/network/interfaces >>

#  sudo gedit /etc/network/interfaces
  
   lalu masukkan parameter2 berikut :

auto eth0
iface eth0 inet static
address 192.168.1.100
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1

auto eth1
iface eth1 inet static
address 192.168.50.1
netmask 255.255.255.0
network 192.168.50.0
broadcast 192.168.50.255


3. Edit File /etc/resolv.conf >>

#  sudo gedit /etc/resolv.conf

  lalu masukkan parameter2 berikut :

nameserver 202.134.1.10
nameserver 202.134.0.155

4. Restart Network >> sudo /etc/init.d/networking restart

5. Test >> ping google.com

Instalasi Squide :
1. instal squid
#  sudo apt-get install squid

Cara Updates (update dilakukan apa bila dinstal tidak bisa, diinstal terlebih dahulu)
  cara update
# sudo apt-get update


2. first backup file squid.conf

# sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.bak

3. Edit  file  squid.conf

# sudo gedit /etc/squid/squid.conf

isi dari jendela perintah squid :

http_port 192.168.50.1:3128 transparent
visible_hostname www.smkn1baureno.sch.id
hierarchy_stoplist cgi-bin ?
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl lan src 192.168.50.0/24
acl blokpornourl url_regex -i "/etc/squid/pornourl.txt"
http_access deny blokpornourl
http_access allow manager localhost
http_access allow lan
http_access deny manager
http_access deny all
cache_dir ufs /usr/local/squid/cache 1024 16 256
access_log /usr/local/squid/access.log
cache_log /usr/local/squid/cache.log
cache_store_log none
cache_mem 1024 MB
cache_swap_low 94
cache_swap_high 96
maximum_object_size 16384 KB
minimum_object_size 4 KB
maximum_object_size_in_memory 2048 KB
fqdncache_size 1024
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
hosts_file /etc/hosts
coredump_dir /var/spool/squid
cache_mgr nama@smkn1baureno.sch.id
cache_effective_user squid
cache_effective_group squid


4. Creating user and group squid

# sudo adduser squid

5. Make a directory used for Squid

# sudo mkdir /usr/local/squid

6. Creating cache directory

# sudo mkdir /usr/local/squid/cache

7. Making a log cache file which function to monitor activity of client computer

# sudo touch /usr/local/squid/cache.log

8. Making a log cache file which function to monitor activity of server computer

# sudo touch /usr/local/squid/access.log

9. Changing the file permissions on the directory squid

# chown -Rf squid.squid /usr/local/squid
# sudo chown squid.squid /var/spool/squid -Rf
# sudo chown squid.squid -Rf /ec/squid

10. Create cache directory structure, should be as user root

# sudo su
# cd /etc/squid
# squid -z

11. Test squid

# squid -d l -D

12. Running Squid

# squid -sYD

13. Viewing events from client computer

# tail -f/ usr/local/squid/access.log


14. restart squid

# sudo /etc/init.d/squid restart

15. kalau terjadi fatal harus di chmod seperti dibawah

#  sudo chmod -R 777 /usr/local/squid

lalu

16. masuk dan edit rc lokal

# sudo gedit /etc/rc.local
  isikan dibawah ini.......
iptables -A FORWARD -i eth0 -o eth1 -s 192.168.0.0/24 -m conntrack --ctstate NEW -j ACCEPT
iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.50.1:3128
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
iptables -A POSTROUTING -t nat -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j  REDIRECT --to-ports 3128

17. restart squid

# sudo /etc/init.d/squid restart

18. masuk jendela yang berisi alamat web yang akan di blokir

# sudo gedit /etc/squid/pornourl.txt

19. setelah di isi alamat yang akan di blokir, klik save kemudian close.

20.lalu restart squid.

# sudo /etc/init.d/squid restart.


Komentar

Postingan populer dari blog ini

Memahami Karakteristik Perangkat Jaringan Nirkabel

pengertian Session Initiation Protocol (SIP) dan Instalasi server softwitch berbasis SIP

Pengertian Pbx (Private Branch Exchange) Serta Proses kerja Server Softwitch