Sebel banget kl lihat client buka buka situs bokep... udah makan bandwidth banyak buat streaming... Huh.... akhirnya muncak juga ni sebel.... blokir aja url pornonya make SQUID.
Untung aja Routerku make Ubuntu Server yang bisa dengan mudah aku customize... Hehehe
meskipun kata orang enakan make router mikrotik... tapi aku lebih suka make Ubuntu yang Free....
Hehehehehhe
OK Lets Begins.....
SQUID telah terinstall saat installasi pertama ubuntu server (kalau km pilih Hehehehe....)
kalau belum keinstall install aja pake perintah:
user@router$ sudo apt-get install squid
OK sekarang waktunya konfigurasi squid.
langsung aja edit squid.conf
user@router$ sudo nano /etc/squid/squid.conf
http_port 8080 transparent
#icp_port 0
#icp_query_timeout 0
#maximum_icp_query_timeout 2000
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
cache_mem 8 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
#minimum_object_size 0 KB
#cache directories
cache_dir ufs /var/spool/squid 5000 9 256
access_log /var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
emulate_httpd_log off
log_ip_on_direct on
client_netmask 255.255.255.255
# OPTIONS FOR TUNING THE CACHE
#wais_relay_port 0
request_header_max_size 20 KB
request_body_max_size 0 KB
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
# ACCESS CONTROLS
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
# variavel localnet… seluruh jaringan 0.0 ke bawah menggunakan proxy ini
acl localnet src 192.168.0.0/255.255.255.0
acl porn url_regex -i "/etc/squid/sarubanget.txt"
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
# Allowing or Denying access based on defined access lists
http_access allow manager localhost
http_access deny porn
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
#http_access deny bad
# mengizinkan variabel localnet
http_access allow localnet
http_access allow localhost
http_access deny all
http_reply_access allow all
#icp_access allow all
# Admin
cache_mgr aga@purwokerto.biz
visible_hostname proxies.purwokerto.biz
#Delay Pools
#acl local url_regex -i 192.168
#acl downloadFile url_regex -i \.exe$
#acl downloadFile url_regex -i \.mp3$
#acl downloadFile url_regex -i \.3gp$
#acl downloadFile url_regex -i \.vqf$
#acl downloadFile url_regex -i \.gz$
#acl downloadFile url_regex -i \.rpm$
#acl downloadFile url_regex -i \.zip$
#acl downloadFile url_regex -i \.rar$
#acl downloadFile url_regex -i \.avi$
#acl downloadFile url_regex -i \.mpeg$
#acl downloadFile url_regex -i \.mpe$
#acl downloadFile url_regex -i \.mpq$
#acl downloadFile url_regex -i \.qt$
#acl downloadFile url_regex -i \.ram$
#acl downloadFile url_regex -i \.iso$
#acl downloadFile url_regex -i \.raw$
#acl downloadFile url_regex -i \.wav$
#delay_pools 2
#Pools untuk yang laen bro
#delay_class 1 2
#delay_parameters 1 -1/-1 8000/8000
#delay_access 1 allow local
#delay_access 1 deny all
#pools untuk type file download
#delay_class 2 3
#delay_parameters 2 32000/32000 1500/1500 250/250
#delay_access 2 allow downloadFile
#delay_access 2 deny all
OK.......... Next..
Dari setting diatas smua list URL yang akan di blok berada pada file /etc/squid/sarubanget.txt
buat file sarubanget.txt
dan isi dengan list URL yang akan di blok
Restart squid.....
user@router$ sudo /etc/init.d/squid restart
Waktunya Redirect port 80 ke Port 8080 (proxy) pake iptables
user@router$ sudo iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
Done......
Ayo bikin Warnet Sehat tanpa situs Porno....
:)
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment