house of sysadmin
login::signup
we::blog

proxy transparent

install squid yg incl. di RH 7.2 
edit file /etc/squid/squid.conf 
http_port 8080 
cache_mem 80 MB 
#Recommended minimum configuration: 
acl all src 0.0.0.0/0.0.0.0 
acl manager proto cache_object 
acl localhost src 127.0.0.1/255.255.255.255 
acl localnet src 192.168.2.0/255.255.255.0 
acl SSL_ports port 443 563 
acl Safe_ports port 80 # http 
acl Safe_ports port 21 # ftp 
acl Safe_ports port 443 563 # https, snews 
acl Safe_ports port 70 # gopher 
acl Safe_ports port 210 # wais 
acl Safe_ports port 1025-65535 # unregistered ports 
acl Safe_ports port 280 # http-mgmt 
acl Safe_ports port 488 # gss-http 
acl Safe_ports port 591 # filemaker 
acl Safe_ports port 777 # multiling http 
acl CONNECT method CONNECT 
# Only allow cachemgr access from localhost 
http_access allow manager localhost 
http_access deny manager 
# And finally deny all other access to this proxy 
http_access allow localhost 
http_access allow localnet 
http_access deny all 
cache_mgr info@cakrawalamultimedia.com 
visible_hostname www.cakrawalamultimedia.com 
#setting utk transparent proxy 
httpd_accel_host virtual 
httpd_accel_port 80 
httpd_accel_with_proxy on 
httpd_accel_uses_host_header on 
 
##lalu setting di file /etc/rc.d/rc.local 
#iptables 
/sbin/modprobe ipt_LOG 
/sbin/modprobe ipt_REJECT 
/sbin/modprobe ipt_MASQUERADE 
#menjalankan ip forward 
echo "1" > /proc/sys/net/ipv4/ip_forward 
echo "1" > /proc/sys/net/ipv4/ip_dynaddr 
 
#hapus filter lama 
/sbin/iptables -P INPUT ACCEPT 
/sbin/iptables -P FORWARD ACCEPT 
/sbin/iptables -P OUTPUT ACCEPT 
#hapus aturan lama 
/sbin/iptables -t nat -P PREROUTING ACCEPT 
/sbin/iptables -t nat -P POSTROUTING ACCEPT 
/sbin/iptables -t nat -P OUTPUT ACCEPT 
 
#batalkan semua filter dan nat 
/sbin/iptables -F 
/sbin/iptables -t nat -F 
 
#jalankan forward dan masguerading 
/sbin/iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE 
 
#jalankan proxy transparan 
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080 
#JALANKAN MASQUERADE 
#jika tidak pake proxy maka ini di uncomment 
#/sbin/iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -d 0/0 -j MASQUERADE 
#touch /var/lock/subsys/local 
#### 
## buat swap file squid 
squid -z 
lalu jalan kan squid dgn perintah 
squid start 
#### coba jalankan #### 
sudah berjalan di server gili trawangan burnoc dan di superstart senggigi the fastest internet

last modified Nov 27, 2005 at 16:15


[ add a comment ]