Install Squid Proxy Di Linux

You are here:

Anda dapat menggunakan Squid proxy, Untuk menginstal dan mengkonfigurasi Squid di Server Ubuntu (dan distribusi Linux berbasis Debian serupa), ikuti langkah-langkah di bawah ini:

1. Install the Squid package:

sudo apt-get install squid

2. pindahkan squid.conf  /etc/squid/squid.conf menjadi squid.conf.bak :
mv /etc/squid/squid.conf /etc/squid/squid.conf.bak

3. Buat file squid.conf
nano /etc/squid/squid.conf copy paste script di bawah dari #Welcome sampai End Konfigurasi di dalam squid.conf :

# —— Konfigurasi Squid ————

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 53

#Cache_peer di isi IP Proxy Utama Chaining ke Proxy Utama, jika tidak ada chaining hilangkan command di bawah ini
cache_peer parent 3128 0 no-query

prefer_direct off
never_direct allow all

# Deny requests to certain unsafe ports
http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports

# Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager
#detection Update
acl allowed dstdomain um01.$
#pico update
acl allowed dstdomain
#product installers updates
acl allowed dstdomain
#expire date
acl allowed dstdomain
#support request
acl allowed dstdomain
#allow communication with ESET Secure Authentication
acl allowed dstdomain
#ESET Live Grid
acl allowed dstdomain c.eset.eset
#Advanced Machine Learning:
acl allowed dstdomain
#To submit suspicious files and anonymous statistical information to ESET’s Threat Lab:
acl allowed dstdomain
#To use the Parental Control module (ESET Smart Security only):
acl allowed dstdomain
#To use ESET Password Manager
acl allowed dstdomain
#To use the Antispam module
acl allowed dstdomain h5-ars01-v.eset$
acl allowed dstdomain
#To ensure proper functionality of linking and redirection from your ESET product’s graphical user interface:
acl allowed dstdomain
#active mobile security
acl allowed dstdomain

#ESET Data Framework (Anti-Theft, ESET License Administrator, Parental control, Web control):
acl allowed dstdomain h1-arse02$
#ERA/ESMC Repository – (ESET Remote Administrator 6.x and ESET Security Management Center 7):
acl allowed dstdomain
#push notification
acl allowed dstdomain h3-e$
acl allowed dstdomain
#Services (activation, expiration, IP location, trace, versioncheck, redirector, in-product images & messages, SSL certificate check):
acl allowed dstdomain$
#Online help and Knowledgebase:
acl allowed dstdomain
acl allowed dstdomain
#DNS load balancers
acl allowed dstdomain
acl allowed dstdomain

http_access allow allowed
http_access deny all
# Squid normally listens to port 3128
http_port 3130

# Uncomment and adjust the following to add a disk cache directory.
cache_dir ufs /var/spool/squid 5000 16 256 max-size=200000000

# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid

# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
# example lin deb packages
#refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600
refresh_pattern . 0 20% 4320

# ——————- End Konfigurasi Squid ———————–

Ubah Squid default untuk port default 3128 menjadi 3130 atau bisa di sesuaikan dengan kebutuhan.
http_port 3130

5.Restart the squid service:

sudo systemctl restart squid
sudo systemctl enable squid

6.Silahkan test proxy tersebut dengan perintah sbb :
wget -e use_proxy=yes -e http_proxy=localhost:3130
muncul seperti di bawah proxy berjalan dengan benar
Resolving localhost (localhost)… ::1,
Connecting to localhost (localhost)|::1|:3130… connected.
Proxy request sent, awaiting response… 403 Forbidden
2020-03-12 03:13:44 ERROR 403: Forbidden.