On Wed, 24 May 2006 10:52:50 +0700 hadi sumarsono <[EMAIL PROTECTED]> wrote:
> On Wed, 24 May 2006 08:39:59 +0700 > yo2k <[EMAIL PROTECTED]> wrote: > > > On 5/21/06, hadi sumarsono <[EMAIL PROTECTED]> wrote: > > > On Sat, 20 May 2006 13:29:14 +0700 > > > hadi sumarsono <[EMAIL PROTECTED]> wrote: > > > > > > > On Fri, 19 May 2006 11:53:34 +0800 > > > > Nyoman D <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > > > > cara cepat dan secure, buat proxy/squid cuma listen di IP local aja > > > > > http_port 192.168.xxx.xx:3128 > > > > > > > > > > Nyoman. > > > > > > > > Ok, kucoba dulu ya, mudah-mudah solved. > > > > Memang sih baru kuperhatikan baru-baru ini, karena tersedot saat > > > > browsing > > > sendirian > > > > jadi terasa sekali. Kalo lagi dipakai client kan nggak tahu, barangkali > > > ada yg download ....?8( > > > > > > > Ehm... tetap aja tuh kena sedot ! > > > Mungkin ada saran lain dari rekan linuxer ..... > > > Soalnya yg nyedot juga lumayan seram nih (baca:mirror ISP). > > > Berarti sdh dua kali ini ketemu di-kuda-in pihak lain (begitu putus & dial > > > lagi, ternyata > > > nggak ada client yg komplain, berarti siapa ya yg nyedot ............. ?8o > > > Mohon bantuan-nya. > > > > > > > > > > Cuba di paste-in squid.cinf nya, ato cuba monitor access.log > > # tail -f /lokasi/file/acces.log > > > > Mungkin membantu... > > -- > > Salam hormat, > > > > > > yo2k > Ok mas Yo2k, ini saya tempelkan squid.conf -nya > (saya newbie -baru lekat erat dgn Slackware 5 bulan ini-, > sebelumnya aktif membaca & coba rupa2 Distro, > konfigurasi dibuat untuk KSS -Kiosnet Sangat Sederhana-) > > --------------------------------------------------------------------- > hierarchy_stoplist cgi-bin ? .js .jsp localhost > acl QUERY urlpath_regex cgi-bin \? .js .jsp localhost > no_cache deny QUERY > cache_mem 6 MB > cache_swap_low 98 > cache_swap_high 99 > maximum_object_size 60 MB > ipcache_size 2048 > ipcache_low 98 > ipcache_high 99 > cache_replacement_policy heap LFUDA > memory_replacement_policy heap GDSF > cache_dir aufs /squid/cache 750 8 128 > ##pid_filename none > cache_store_log none > refresh_pattern ^ftp: 5040 95% 15120 > refresh_pattern . 120 95% 5040 > quick_abort_min 0 > quick_abort_max 0 > quick_abort_pct 98 > ##connect_timeout 3 minutes > half_closed_clients off > shutdown_lifetime 10 seconds > redirect_rewrites_host_header off > dns_nameservers 202.134.1.10 203.130.196.5 202.159.32.3 202.159.33.3 > ################ access_list setup ################ > acl all src 0.0.0.0/0.0.0.0 > acl manager proto cache_object > acl localhost src 127.0.0.1/255.255.255.255 > ##acl to_localhost dst 127.0.0.0/8 > acl SSL_ports port 443 563 > acl Safe_ports port 80 21 443 563 70 210 777 > acl Safe_ports port 1025-65535 280 488 591 > acl CONNECT method CONNECT > http_access allow manager localhost > http_access deny manager > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > ##http_access deny to_localhost > always_direct allow localhost > ##always_direct allow to_localhost > always_direct deny all > ############ own rule access_list ################ > acl porn url_regex -i "/etc/squid/porn" > acl noporn url_regex -i "/etc/squid/noporn" > http_access deny porn !noporn > no_cache deny porn > ############## its my network ##################### > acl MASTER src 192.168.0.7 > acl wjr1 src 192.168.0.1 > acl wjr2 src 192.168.0.2 > acl wjr3 src 192.168.0.3 > acl wjr4 src 192.168.0.4 > http_access allow MASTER > ##### --Hilangkan tanda #,agar client konek-- ##### > #-------------------------->client_ke-1 > #http_access allow wjr1 > #-------------------------->client_ke-2 > #http_access allow wjr2 > #-------------------------->client_ke-3 > #http_access allow wjr3 > #-------------------------->client_ke-4 > #http_access allow wjr4 > ################################################### > http_access deny all > log_icp_queries off > icp_hit_stale on > query_icmp on > buffered_logs on > reload_into_ims on > ### "Some site require Referer & User-Agent to function properly" > header_access Referer deny all > header_access User-Agent deny all > header_access Server deny all > header_access From deny all > header_access WWW-Authenticate deny all > header_access Link deny all > header_access Via deny all > header_access Warning deny all > header_access ETag deny all > header_access Accept-Encoding deny all > header_access Allow allow all > forwarded_for off > ################## delay pools ################### > memory_pools_limit 60 KB > delay_pools 3 > delay_initial_bucket_level 35 > ###>>> donlot <<<################################# > delay_class 1 2 > delay_parameters 1 6000/60000 1500/60000 > acl akses_donlot url_regex -i .zip .iso .bin .cab .rar .swf > acl akses_donlot url_regex -i .mdb .ppt .rtf .xls .doc .pdf > acl akses_donlot url_regex -i .exe .dll .rpm .tar .tgz .tar.gz .bz2 > acl akses_donlot url_regex -i .jpg .bmp .gif .avi .mpg .mov .ram .rm .mp3 > delay_access 1 allow akses_donlot > delay_access 1 deny all > ###>>> biasa <<<################################## > delay_class 2 2 > delay_parameters 2 6000/60000 2500/60000 > acl akses_biasa url_regex -i www ftp 192.168.0 > delay_access 2 allow akses_biasa > delay_access 2 deny all > ###>>> email & freq.ask.site <<<################## > delay_class 3 2 > delay_parameters 3 6000/60000 3500/60000 > acl akses_emil url_regex -i .google.co.id .friendster.com > acl akses_emil url_regex -i .telkom.net .plasa.com > acl akses_emil url_regex -i .yahoo.com .yimg.com > delay_access 3 allow akses_emil > delay_access 3 deny all > ######################################## > pipeline_prefetch on > vary_ignore_expire on > ####### batalkan akses tdk sah ########## > http_access deny all > -------------------------------------------------------------------- > Mohon saran & Trim's atas bantuannya. > Oke, sudah ketemu kawan. Ternyata di client, cron.weekly-nya kesiangan. Jadi ......... sewaktu browsing, clamav ambil update-nya. Sayangnya saya lupa kalo ada perubahan setting tsb. Makasih banyak sebelumnya kawan.
pgp7nlgxTAjyC.pgp
Description: PGP signature
