su -c # atau su root install squid menggunakan apt-get apt-get install squid apache2 sekarang saatnya untuk mengkonfigurasi squid, file konfigurasi squid berada di /etc/squid/squid.conf, tambahkan dibawah #auth_param basic credentialsttl 2 hours
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours dibawah # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
acl ncsaauth proxy_auth REQUIRED http_access allow ncsaauth
header_access Allow allow all header_access Authorization allow all header_access WWW-Authenticate allow all header_access Proxy-Authorization allow all header_access Proxy-Authenticate allow all header_access Cache-Control allow all header_access Content-Encoding allow all header_access Content-Length allow all header_access Content-Type allow all header_access Date allow all header_access Expires allow all header_access Host allow all header_access If-Modified-Since allow all header_access Last-Modified allow all header_access Location allow all header_access Pragma allow all header_access Accept allow all header_access Accept-Charset allow all header_access Accept-Encoding allow all header_access Accept-Language allow all header_access Content-Language allow all header_access Mime-Version allow all header_access Retry-After allow all header_access Title allow all header_access Connection allow all header_access Proxy-Connection allow all header_access User-Agent allow all header_access Cookie allow all header_access All deny all
file konfigurasi tersebut telah selesai, sekarang buat file untuk menyimpan username dan password untuk squid touch /etc/squid/squid_passwd htpasswd /etc/squid/squid_passwd gratisproxy anda akan dimin Find the following line in the file /etc/squid3/squid.conf: #acl localnet src 10.0.0.0/8 This line create an acl (access control list) with name localnet, declaring as ip belonging to this rule all those in the LAN 10.0.0.0/8 Now you have 2 choice: 1) If you have a public IP you can just use it, if your IP it’s 1.2.3.4 change the above configuration in: acl localnet src 1.2.3.4 Anonymous Browsing By default squid forwards the client IP to the respective website, but to set up an anonymous proxy we will disable it to hide client IPs and send only IPs which are configured on the squid server. Find the following line in the file /etc/squid3/squid.conf: forwarded_for on Change it to: forwarded_for off And add at the bottom of the squid.conf file the following
instructions: request_header_access Allow allow all request_header_access Authorization allow all request_header_access WWW-Authenticate allow all request_header_access Proxy-Authorization allow all request_header_access Proxy-Authenticate allow all request_header_access Cache-Control allow all request_header_access Content-Encoding allow all request_header_access Content-Length allow all request_header_access Content-Type allow all request_header_access Date allow all request_header_access Expires allow all request_header_access Host allow all request_header_access If-Modified-Since allow all request_header_access Last-Modified allow all request_header_access Location allow all request_header_access Pragma allow all request_header_access Accept allow all request_header_access Accept-Charset allow all request_header_access Accept-Encoding allow all request_header_access Accept-Language allow all request_header_access Content-Language allow all request_header_access Mime-Version allow all request_header_access Retry-After allow all request_header_access Title allow all request_header_access Connection allow all request_header_access Proxy-Connection allow all request_header_access User-Agent allow all request_header_access Cookie allow all request_header_access All deny all All done, save the file and restart squid with the command:
/etc/init.d/squid restart setelah selesai, proxy siap digunakan, dengan port 3128
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours dibawah # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
acl ncsaauth proxy_auth REQUIRED http_access allow ncsaauth
header_access Allow allow all header_access Authorization allow all header_access WWW-Authenticate allow all header_access Proxy-Authorization allow all header_access Proxy-Authenticate allow all header_access Cache-Control allow all header_access Content-Encoding allow all header_access Content-Length allow all header_access Content-Type allow all header_access Date allow all header_access Expires allow all header_access Host allow all header_access If-Modified-Since allow all header_access Last-Modified allow all header_access Location allow all header_access Pragma allow all header_access Accept allow all header_access Accept-Charset allow all header_access Accept-Encoding allow all header_access Accept-Language allow all header_access Content-Language allow all header_access Mime-Version allow all header_access Retry-After allow all header_access Title allow all header_access Connection allow all header_access Proxy-Connection allow all header_access User-Agent allow all header_access Cookie allow all header_access All deny all
file konfigurasi tersebut telah selesai, sekarang buat file untuk menyimpan username dan password untuk squid touch /etc/squid/squid_passwd htpasswd /etc/squid/squid_passwd gratisproxy anda akan dimin Find the following line in the file /etc/squid3/squid.conf: #acl localnet src 10.0.0.0/8 This line create an acl (access control list) with name localnet, declaring as ip belonging to this rule all those in the LAN 10.0.0.0/8 Now you have 2 choice: 1) If you have a public IP you can just use it, if your IP it’s 1.2.3.4 change the above configuration in: acl localnet src 1.2.3.4 Anonymous Browsing By default squid forwards the client IP to the respective website, but to set up an anonymous proxy we will disable it to hide client IPs and send only IPs which are configured on the squid server. Find the following line in the file /etc/squid3/squid.conf: forwarded_for on Change it to: forwarded_for off And add at the bottom of the squid.conf file the following
instructions: request_header_access Allow allow all request_header_access Authorization allow all request_header_access WWW-Authenticate allow all request_header_access Proxy-Authorization allow all request_header_access Proxy-Authenticate allow all request_header_access Cache-Control allow all request_header_access Content-Encoding allow all request_header_access Content-Length allow all request_header_access Content-Type allow all request_header_access Date allow all request_header_access Expires allow all request_header_access Host allow all request_header_access If-Modified-Since allow all request_header_access Last-Modified allow all request_header_access Location allow all request_header_access Pragma allow all request_header_access Accept allow all request_header_access Accept-Charset allow all request_header_access Accept-Encoding allow all request_header_access Accept-Language allow all request_header_access Content-Language allow all request_header_access Mime-Version allow all request_header_access Retry-After allow all request_header_access Title allow all request_header_access Connection allow all request_header_access Proxy-Connection allow all request_header_access User-Agent allow all request_header_access Cookie allow all request_header_access All deny all All done, save the file and restart squid with the command:
/etc/init.d/squid restart setelah selesai, proxy siap digunakan, dengan port 3128
0 comments:
Post a Comment