---------- Pesan terusan ---------- Dari: Hery Setiawan <yellowha...@gmail.com> Tanggal: 7 Juni 2010 16:43 Subjek: Re: [tanya-jawab] tak bisa akses permatanet.com menggunakan RHEL 5 dan squid Ke: tanya-jawab@linux.or.id
coba kopikan squid.conf anda ke pastebin atau kesini, ini squid.conf-nya http_port 10.240.0.73:8080 icp_port 3130 cache_mem 6 MB cache_swap_low 98 cache_swap_high 99 maximum_object_size 128 MB maximum_object_size_in_memory 32 KB ipcache_size 2048 ipcache_low 98 ipcache_high 99 cache_replacement_policy heap LFUDA memory_replacement_policy heap GDSF access_log /usr/local/squid/var/logs/access.log cache_log /usr/local/squid/var/logs/cache.log cache_dir aufs /cache1 28000 8 256 cache_dir aufs /cache2 28000 8 256 log_fqdn off log_icp_queries off cache_log none cache_store_log none auth_param basic program /usr/local/squid/libexec/squid_ldap_auth -b o=company,c=id -f (&(uid=%s)(description=p22)) -h 10.240.0.27 auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours refresh_pattern ^ftp: 10080 95% 241920 reload-into-ims override-lastmod refresh_pattern . 180 95% 120960 reload-into-ims override-lastmod refresh_pattern -i \.gif$ 10080 90% 43200 refresh_pattern -i \.jpg$ 10080 90% 43200 refresh_pattern ^http:// 240 40% 10080 refresh_pattern ^ftp:// 240 50% 20160 refresh_pattern ^gopher:// 240 40% 10080 refresh_pattern /cgi-bin/ 0 0% 30 refresh_pattern . 240 40% 10080 quick_abort_min 0 quick_abort_max 0 quick_abort_pct 98 shutdown_lifetime 10 seconds memory_pools off icp_hit_stale on query_icmp on reload_into_ims on pipeline_prefetch on vary_ignore_expire on half_closed_clients off snmp_port 3401 acl snmppublic snmp_community public snmp_access allow snmppublic snmp_incoming_address 0.0.0.0 snmp_outgoing_address 255.255.255.255 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 19638 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl IP-SIBLING src "/usr/local/squid/etc/ip.sibling_proxy" acl IP-SOURCE src "/usr/local/squid/etc/ip.source" acl URL-LOCAL url_regex -i "/usr/local/squid/etc/url.local" acl FACEBOOK url_regex -i "/usr/local/squid/etc/url.facebook" acl IP-FACEBOOK src "/usr/local/squid/etc/ip.facebook" acl IP-VIRUS src "/usr/local/squid/etc/ip.virus" acl IP-EXCP src "/usr/local/squid/etc/ip-excp" acl IP-BLOCK src "/usr/local/squid/etc/ip.block" acl IP-NBLOCK src "/usr/local/squid/etc/ip.nblock" acl IP-DNLD src "/usr/local/squid/etc/ip.dnld" acl IP-REST src "/usr/local/squid/etc/ip.rest_time acl URL-LOCAL url_regex -i "/usr/local/squid/etc/url.local" acl URL-DNLD url_regex -i "/usr/local/squid/etc/url.dnld" acl URL-EXCP url_regex -i "/usr/local/squid/etc/url-excp" acl SEX url_regex -i "/usr/local/squid/etc/sex" acl URL-BLOCK url_regex -i "/usr/local/squid/etc/url.block" acl URL-NBLOCK url_regex -i "/usr/local/squid/etc/url.nblock" acl DOWNLOAD urlpath_regex \.exe$|\.EXE$|\.tar$|\.TAR$|\.zip$|\.ZIP$|\.z$|\.Z$|\.gz$|\.GZ$|\.gzip$|\.GZIP$|\.mp3$|\.rpm$|\.ra$|\.ram$|\.smi$|\.avi$|\.deb$|\.iso$|\.cab$|\.mpg$|\.wmv$|\.bin$|\.bz2$|\.mpeg$|\.pdf$ acl NSEX url_regex -i "/usr/local/squid/etc/nsex" acl DL-TIME1 time M T W H F A 00:00-07:29 acl DL-TIME2 time M T W H F A 12:00-12:59 acl DL-TIME3 time M T W H F A 16:30-23:59 acl OPR-TIME time M T W H F A 07:00-17:00 acl NONOPR-TIME1 time M T W H F A 18:01-23:59 acl OPR-TIME time M T W H F A 07:00-17:00 acl NONOPR-TIME1 time M T W H F A 18:01-23:59 acl NONOPR-TIME2 time M T W H F A 00:00-05:59 acl authusers proxy_auth REQUIRED http_access allow manager localhost http_access allow manager all http_access allow URL-LOCAL http_access allow manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny IP-SIBLING http_access deny IP-VIRUS http_access deny !URL-NBLOCK URL-BLOCK http_access deny !NSEX SEX http_access deny !IP-NBLOCK IP-BLOCK http_access allow IP-FACEBOOK http_access deny OPR-TIME FACEBOOK http_access deny IP-EXCP URL-EXCP http_access allow URL-DNLD http_access allow IP-DNLD http_access allow DL-TIME1 DOWNLOAD http_access allow DL-TIME2 DOWNLOAD http_access allow DL-TIME3 DOWNLOAD http_access allow IP-SOURCE http_access allow authusers http_access allow IP-EXCP http_access deny all http_reply_access allow all icp_access allow IP-SIBLING !QUERY icp_access deny all reply_body_max_size 4000000 allow OPR-TIME reply_body_max_size 0 allow NONOPR-TIME1 NONOPR-TIME2 cache_effective_user squid cache_effective_group squid visible_hostname Others-Proxy.company.co.id logfile_rotate 6 deny_info ERR_TOO_BIG OPR-TIME log_icp_queries off prefer_direct off always_direct allow URL-LOCAL always_direct allow FTP Thanks Regards -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke tanya-jawab-unsubscr...@linux.or.id Arsip dan info milis selengkapnya di http://linux.or.id/milis