Squid tidak bisa mengerti protocol irc. kalau protocol tcp (spt https, http), Intanst Messenging( spt ym, msn) bisa.
contoh nya gini: define dulu port yang di allow # ----------------------------------------------------------------------------- # Access Controls List # ----------------------------------------------------------------------------- acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 4343 acl Safe_ports port 3390 acl CONNECT method CONNECT acl PURGE method PURGE acl POST method POST acl GETONLY method GET acl VIRUS urlpath_regex "/etc/squid/contents/VIRUS" trus define address nya : acl staffs src "/etc/squid/contents/staffs-ip" acl dosen src "/etc/squid/contents/dosen-ip" acl mahasiswa src "/etc/squid/contents/mahasiswa-ip" acl lab src "/etc/squid/contents/lab-ip" acl deny-ip src "/etc/squid/contents/deny-ip" acl hotspot src <ip hidden> acl bms src "/etc/squid/contents/bms-ip" acl admin src "/etc/squid/contents/admin" acl allnetwork src "/etc/squid/contents/allnetwork-ip" acl microsoft dstdomain "/etc/squid/contents/microsoft" acl yahoomess url_regex -i "/etc/squid/contents/yahoomess" acl msnmess url_regex -i "/etc/squid/contents/msnmess" acl files-block urlpath_regex -i "/etc/squid/contents/files-block" acl url-block dstdomain "/etc/squid/contents/url-block" acl url-allow dstdomain "/etc/squid/contents/url-allow" acl local-domain dstdomain "/etc/squid/contents/local-domain" acl vpn dstdomain "/etc/squid/contents/vpn" always_direct allow localhost always_direct allow local-domain always_direct allow vpn always_direct deny all terakhir baru access list nya : header_access Accept-Encoding deny all http_access allow manager localhost http_access allow server http_access allow staffs !microsoft !url-block !files-block http_access allow dosen !microsoft !yahoomess !msnmess !url-block !files-block http_access allow mahasiswa !microsoft !yahoomess !msnmess !url-block !files-block http_access allow lab !microsoft !yahoomess !msnmess !url-block !files-block http_access allow hotspot !microsoft !yahoomess !msnmess !url-block !files-block http_access allow bms !microsoft http_access allow all url-allow http_access allow deny-ip url-allow http_access allow deny-ip local-domain http_access allow admin #http_access allow yahoomess staffs #http_access allow yahoomess dosen #http_access allow yahoomess bms http_reply_access allow all setiap ip/address di buat di dalam 1 file, supaya mempermudah editing. iptables nya harus di allow access ke gateway nya. tergantung setting network nya. kalau di kami, firewall cuma di buka untuk akses dari squid. jadi tanpa squid, tidak bisa internet an. semoga membantu Muhammad Ichsan wrote: >> >> Kalo menurut hemat saya, HTTPS masih termasuk "web" traffic, toh >> dalemnya HTTPS masih HTTP juga. Yang saya gak suka itu biasanya kalo >> yg maksa semua traffic IP dilewatin squid, seperti irc, ym, torrent, >> ftp, email, dst. >> > > Ok, jadi bagaimana dengan sisanya seperti irc, ym, torrent? Apakah > langsung ditembuskan saja dengan nat? > > Jika iya, di mana saya bisa mengatur penggunaan traffic internet? > Apakah saya harus menyaring paket kelas tertentu dengan iptables juga? > Mohon pencerahannya. > > Trims > >> Squid kan sebenernya punya dua fungsi utama: cache dan proxy. Yg jadi >> perantara traffic itu fungsi proxy. Yg cache itu utk menyimpan object2 >> yg dimengerti. Kalo HTTPS ya diproxy aja ama dia gak dicache harusnya >> yah. Mohon koreksinya kalo salah. >> >> Ronny >> >> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.3 (GNU/Linux) >> >> iD8DBQFFiFX15SWXjR7RGaARArSYAJ41PWgG9pOYOxVdlbzmFqFbEIoehwCfR0qW >> YBA4lsS51mZeS86EvoR7PY0= >> =MXUL >> -----END PGP SIGNATURE----- >> >> >> > -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [EMAIL PROTECTED] Arsip dan info milis selengkapnya di http://linux.or.id/milis
