Beranda > Linux, Tutorial > Konfigurasi Proxy Squid “authentication ncsa”

Konfigurasi Proxy Squid “authentication ncsa”


login

req :

1. Linux ( Ubuntu, Centos. etc )

2. squid yang sudah terinstall default

ada beberapa aturan dari squid untuk dijadikan sebagai  “authentication ncsa”, diantaranya :

“authentication can’t be used in a transparently intercepting

proxy as the client then thinks it is talking to an origin server and

not the proxy. This is a limitation of bending the TCP/IP protocol to  

transparently intercepting port 80, not a limitation in Squid”

cek file “ncsa_auth” :

#  locate  ncsa_auth
/usr/lib64/squid/ncsa_auth –> jika menggunakan 64 bit

Konfigurasi squid :

# pico /etc/squid/squid.conf

#hapus komentar isi dan lengkapi

http_port xxx.xxx.xxx.xxx:3128

cache_mem 64 MB

maximum_object_size_in_memory 8 KB

cache_dir ufs /var/spool/squid 10000 16 256

minimum_object_size 512 KB

maximum_object_size 4 GB

access_log /var/log/squid/access.log

cache_log /var/log/squid/cache.log

cache_store_log /var/log/squid/store.log

visible_hostname xxx@somewhere.com

#jika menggunakan delay pool

delay_pools 2

delay_class 1 1
delay_parameters 1 -1/-1
delay_access 1 allow it-dept
delay_access 1 deny all

delay_class 2 2
delay_parameters 1 -1/-1
#delay_parameters 2 1000/1000 10000/10000
delay_access 2 allow ncsa_users
delay_access 2 deny all

auth_param basic program /usr/lib64/squid/ncsa_auth  /etc/squid/passwd
auth_param basic children 1
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive on

authenticate_ttl 1 minutes

authenticate_ip_ttl 1 minutes –> berapa lama koneski client ncsa per/ip di squid

acl all src 0.0.0.0/0.0.0.0
acl it-dept src xxx.xxx.xx.0/24
acl onlyonce max_user_ip -s 1 –> hanya satu ip/user yand dapat digunakan
acl ncsa_users proxy_auth REQUIRED

#menggunkan file regex

acl bigfile url_regex -i att get.php .\swf \.cab \.flv \.msi \.pdf \.rtf \.wav \.tif \.acx \.raw \.iso \.rm \.ram \.qt \.ocx \.mpe \.avi \.zip \.rar \.rpm \.vqf \.mov \.exe \.gz \.tar.gz \.gz2 \.tar.gz2 \.tgz \.m1v \.mpeg \.mpg \.m2v \.vob \.mpa \.mp2 \.mp3 \.aac \.dat \.bin \.asf \.wma \.asx \.wmv \.ram \.ra \.rm \.rnx \.viv \.vivo \.scr \.chm

http_access allow it-dept

http_access deny onlyonce
http_access allow ncsa_users
http_access deny all

#keterangan/fungsi dari konfigurasi tsb silahkan baca di “squid.conf”

membuat user/password ncsa : (gunakan webmin untuk memudahkan membuat user ncsa)

#htpasswd -c /etc/squid/passwd squser

masukan passwordnya.

memulai squid :

#service squid start

tes dari client  menggunakan browser, set opsi jaringan mengarah ke server squid

Iklan
Kategori:Linux, Tutorial
  1. Belum ada komentar.
  1. No trackbacks yet.

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s

%d blogger menyukai ini: