squid-3.1.10 on slackware 13.1

Bismillahirrahmanirrahim...
Berikut ini saya akan membagi pengalaman saya dalam penginstalan squid-3.1.10 di slackware 13.1. squid-3.1.10 bisa Anda download langsung di sini :)

Berikut ini adalah tahap-tahap pemasangan squid :

1. Extract Packet squid dan masuk ke dalam folder hasil Extractnya
# tar -zxvf squid-3.1.10-20110119.tar.gz
# cd squid-3.1.10-20110119

2. Saatnya mengcompile paket squid

# ./configure --prefix=/usr/local/squid --enable-removal-policies=heap --enable-linux-netfilter --enable-delay-pools
# make all
# make install

3. Membuat user dan group khusus buat squid
# groupadd proxy
# userad proxy -g proxy -d /usr/local/squid -s /usr/bin/nologin

4. Menguabah owner cache
# chown -R proxy.proxy /usr/local/squid/var/cache

5.Konfigurasi squid.conf
# vi /usr/local/squid/etc/squid.conf

Ini ada contoh squid.conf yang saya punya, Anda tinggal sesuaikan dengan kebutuhan Anda

http_port 3128 transparent
prefer_direct off

cache_mem 8 MB
cache_swap_low 98 #95
cache_swap_high 99 #97
max_filedesc 8192

maximum_object_size 128 MB
minimum_object_size 0 bytes
maximum_object_size_in_memory 32 KB
ipcache_size 16384 #4096
ipcache_low 98 #95
ipcache_high 99 #97
fqdncache_size 16384 #4096
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF

cache_dir ufs /usr/local/squid/var/cache 100 16 256

cache_access_log /usr/local/squid/var/logs/access.log
cache_log /usr/local/squid/var/logs/cache.log
cache_store_log none

dns_nameservers 10.1.1.254

emulate_httpd_log off
hosts_file /etc/hosts
acl apache rep_header Server ^Apache

redirector_bypass on

refresh_pattern ^ftp: 10080 95% 241920
refresh_pattern . 180 95% 120960

quick_abort_min 0
quick_abort_max 0
quick_abort_pct 98

acl manager proto cache_object
acl localhost src 127.0.0.1/32

acl SSL_ports port 443 563 # https, snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT

acl inputIP url_regex ^http://[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/$
acl inputIP url_regex ^http://[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$

acl ymregex url_regex yupdater.yim ymsgr myspaceim
acl ym dstdomain .messenger.yahoo.com .psq.yahoo.com
acl ym dstdomain .us.il.yimg.com .msg.yahoo.com .pager.yahoo.com
acl ym dstdomain .rareedge.com .ytunnelpro.com .chat.yahoo.com
acl ym dstdomain .voice.yahoo.com
acl ym dstdomain .skype.com .imvu.com
acl pointblank src 203.89.146.0/24

acl downloadlimit url_regex -i ftp .mp3 .rm .mpg .mpeg .avi .dat .rar .tar.gz .tar.bz2 .tgz .txz .flv .rpm .deb .001 .002 .003 .004 .005 .006
acl downloadlimit url_regex -i ftp .007 .008 .009 .010 .iso .nrg .mp4 .ogg .mkv
acl downloadlimit url_regex -i \.avi$ \.mpg$ \.mpeg$ \.rm$ \.iso$ \.wav$ \.mov$ \.dat$ \.mpe$ \.mid$
acl downloadlimit url_regex -i \.midi$ \.rmi$ \.wma$ \.wmv$ \.ogg$ \.ogm$ \.m1v$ \.mp2$ \.mpa$ \.wax$
acl downloadlimit url_regex -i \.m3u$ \.asx$ \.wpl$ \.wmx$ \.dvr-ms$ \.snd$ \.au$ \.aif$ \.asf$ \.m2v$
acl downloadlimit url_regex -i \.m2p$ \.ts$ \.tp$ \.trp$ \.div$ \.divx$ \.mod$ \.vob$ \.aob$ \.dts$
acl downloadlimit url_regex -i \.ac3$ \.cda$ \.vro$ \.deb$ \.mkv$ \.001$ \.002$ \.003$ \.004$ \.005$ \.006$ \.007$

acl domain_terlarang dstdomain "/usr/local/squid/etc/domain_terlarang.txt"
http_access deny domain_terlarang

# DOWNLOAD LIMITER
# ----------------

delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 1000/16000
delay_access 1 allow downloadlimit
delay_access 1 deny ALL

http_access allow pointblank localhost
http_access deny pointblank

http_access deny ym
http_access deny ymregex

http_access allow manager localhost
http_access deny manager

acl LAN src 10.1.1.0/24
http_access allow LAN

cache_mgr upa-04.net
visible_hostname upa-04
cache_effective_user proxy
cache_effective_group proxy
coredump_dir /usr/local/squid/var/cache
pid_filename /usr/local/squid/var/run/squid.pid
shutdown_lifetime 10 seconds
logfile_rotate 1

log_fqdn off
memory_pools off
reload_into_ims on
pipeline_prefetch on
vary_ignore_expire on
client_db on

tcp_outgoing_tos 0x30 all

error_directory /usr/local/squid/share/errors/en/

6. Khusu untuk acl domain_terlarang diatas, buatkan file "domain_terlarang.txt" di /usr/local/squid/etc/domain_terlarang.txt, berikut contoh dan isinya
# vi /usr/local/squid/etc/domain_terlarang.txt
isikan dengan :
.facebook.com
.youtube.com
.yahoo.com

6. Tambahkan perintah iptables ini untuk mendukung squid Anda
# /usr/sbin/iptables -t nat -A PREROUTING -p tcp -s 10.1.1.0/24 --dport 80 -j REDIRECT --to-port 3128

7. Jalankan squid Anda
# /usr/local/squid/sbin/squid -z
# /usr/local/squid/sbin/squid start

8. Melihat access.log
# tail -f /usr/local/squid/var/logs/access.log

9. Selesai

Lebih dan kurangnya mohon di maafkan, saya masih membutuhkan saran dan kritik dari Anda demi kesempurnaan tulisan di atas... :)