TRANSPARENT PROXY DENGAN SQUID DAN IPTABLES

Setting NIC-NIC yang ada di server:

tbox@root# joe /etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

# The primary network interface
auto eth1
iface eth1 inet static
        address 192.168.0.1
        netmask 255.255.255.0
        network 192.168.0.0
        broadcast 192.168.0.255
        gateway 192.168.0.1
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers 192.168.0.1
        dns-search server.net

tbox@root# /etc/init.d/networking restart

Instalasi
--------------------
tbox@root# apt-get update
tbox@root# apt-get install joe
tbox@root# apt-get install squid
tbox@root# /etc/init.d/squid stop

Hapus file cachenya

tbox@root# cd /var/spool/squid
tbox@root# rm -rf *

Konfigurasi
-------------------
> SQUID.CONF

Isi kan konfigurasi squid seperti dibawah ini (optional bisa pakai cara sendiri) :

tbox@root# joe /etc/squid/squid.conf

http_port 8080 transparent

acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
#cache_mem 194 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 20048 KB
store_avg_object_size 1024 KB
#cache_dir ufs /var/spool/squid/ 24240 56 256
cache_access_log /var/log/squid/access.log
cache_store_log none
hosts_file /etc/hosts
dns_nameservers 192.168.0.1
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl webserver src 192.168.0.1/255.255.255.255
acl irc port 6000-7000
acl kazaa port 1214
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 5050 995
acl Safe_ports port 80 # http
acl Safe_ports port 81 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 1111 # cam
acl Safe_ports port 1935 # cam
acl Safe_ports port 587 # gmail-smtp

acl CONNECT method CONNECT

######## File ini di buat di satu folder dengan squid.conf maka : ###########
acl halal url_regex -i "/etc/squid/halal"
acl haram url_regex -i "/etc/squid/haram"
acl virus url_regex -i "/etc/squid/virus"
#################################################################

#=== acl untuk client ===#
acl tbox src 192.168.0.0/24

http_access allow manager webserver
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow tbox haram
http_access deny virus all
http_access allow tbox
http_access allow localhost
http_access deny all

cache_mgr This e-mail address is being protected from spambots. You need JavaScript enabled to view it
cachemgr_passwd tbox all
cache_effective_user proxy
cache_effective_group proxy
visible_hostname proxy.tbox
forwarded_for on
buffered_logs on

> HALAL, HARAM, VIRUS

root@tbox# joe /etc/squid/halal

.*.(gmail|inbox|yahoo|mail).*

.*.msexchange.*
.*.msexcel.*
.*freetown.*
.*geek-girls.*
.*scsext.*
missingheart
documen
button
wirelessexcite
msexchange
msexcel
aids.lv
freetown
geek-girls
scsext
steen
adulteducation
sekst
newshits
glass
georgia
peet
chicag
speech
speed
speedtest
liputan6.com
expedia.com

google.co.id
.messenger.yahoo.com
.msg.yahoo.com
.scd.yahoo.com
.sc5.yahoo.com
webcam.yahoo.com
filetransfer.yahoo.com
64.4.13.0/24
mail.yahoo.com
http://www.gadis-online.com/Gaya/Cantik/Index.asp
http://us.f529.mail.yahoo.com/dc/launch?sysreq=ignore
http://us.f529.mail.yahoo.com/dc/system_requirements?browser=unsupported

root@tbox# joe /etc/squid/haram

#--------- web sex keyword ---------------------
.*.(fcs04|praline|eroticworld|orion|metasploit|h4ntu|rst.void.ru|mirc|install|download).de
.*.(theorgy|127.0|172.20|172.10|friendster|172.30.|penthousemag|playboy|lolita|sexpix|sexshop|hentai|milf|nudes|mc-nudes|stabbin|rapidshare).*
.*.(smutland|unblock|hustler.onprod|hustler2.onprod|cybervixen|asiansex|h4cky0u|hentai-drawings).*
ftp.netcom.com/pub/ac/acott
www.tvtoday.de:9600
#-last update 230605-------new blocked string--------#
.*.(carolcox|eroticbodies|xxx|myasianmassage|adult).*
#-----------end of new blocked string ---------------#
.*.(carolcox|eroticbodies|xxx|myasianmassage|adult|crack|uh-oh|mirc|.flv).*
.*.(cyberlustxxx|cyberporn|intersex).inter.net*
.*.(eroticxxx|sexy4you|dani|danni|hotsex|kinky|lesbos|porno|xpics|telanjang|pondokputri|sex).*
.*.(over21|regsex|sexnet|sextoy|smeggy|sordid).*
.*.(cybersex|hcabaret|livesex|sex4you|sexmall).*
.*.(lovesexy|nastysex|pantless|playware|showgirl).*
.*.(2xxxcite|dreamsex|futuresex|sover21sex|explaza|lesbi|h4ntu|rst.void.ru).*
.*.(xxxparadise|playbabe|celebnude|greyhawks|sexfinder|xxx-video).*
.*.(sexaphone|beate-uhse|fantasysex|sexparlor|sexnetwork).*
.*.(cybervixen|internetsex|silverotica|erotica2000|ultimatexxx).*
.*.(xxx-rawsex-xxx|amateurs|amateursweb|erotica-toys|orion-erotic).*
.*.(sexy-jewelry|hollywoodxxx|cybererotica|sexfantasy).*
.*.(danisherotica|sexy-playmates|nastyhabits|sugarandspice|kathryn).*
.*.(persiankitty|adultplayground|supernudes|playsex).*
.*.(pinupmall|porn.byus|smutland|sizzle|heavyhangers).*
.*.(hardcorjunky|fetish|adultplayhouse|pornpics|asiansex).*
.*.(hustler|freepics|wetgirls|tropixxx|sex|pixxxcity).*
.*.(4adultsonly|peepshow|voulezvous|rated-x|69pornplace).*
.*.(shavedsluts|nudepalace|xxxguide|pics-xxx|naughty|thehotzone).*
.*.(nervemag|carolcox|snatches|freeporn|playgirlmag|cyberspice|babygotboobs).*
.*.(erotica|afro-erotica|fuck|rotten|bugil).*
(teen|girls|xxxpic).*
(www.sex|pussy.bahnhof).*
(memek).*
.*.(gay|sex).*
.*.fun.nl
.*.(hentaiclubs).*
www.allinternal.com
www.myasianmassage.com
www.telanjang.com
www.playmen.it/
www.gisa.it/sex/
www.iol.it/sexol/
www.juggcash.com/
www.bigtitsatwork.com/
globall.com/j/xxx/
www.japanese-idols.info/
www.hh.nl/n-m/pic/
www.pi.net/~www.japanese-idols.info
www.oden.se/~hedback/
www.private.com/
www.megavideo.com/
aau.diasoft.ru/~hotsex/
www.donsworld.com/xadultx/
http://custom.videosz.com/
www.well.com/user/sexymate/
tour.babygotboobs.com/t3/
http://tour.brazzersnetwork.com/
ftp.zippo.com/pictures/erotica/
mm.iit.uni-miskolc.hu/Data/ladies/
drn.zippo.com/zippo-bin/wwwdecode/
pilot.msu.edu/user/rozwadow/pamela
whatfungirls.com/
#------ web sex manual --------
pageseeker.com
arsipceritaseru
freeones
vicidi
bedclip
indonona.com
exoticazza.com
dewasex.com
extrajos.com
bopekindo.com
sanggrahan.org
sanggrahan.com
grahan.com
vicidi.com
17tahun.com
ceritaseru.org
ceritapanas.com
celebdirectory.com
hiburan.web1000.com
seeasians.com
nyamuk.adultnations.com
www.webfti.com
webfti.com
lab.fti.com
fti.com
webfti.org
jp.dxlive.com
adult-power.net
#---------- web berat --------------
#microsoft
#----------- tambahan --------------
bangbus
softcore
milfseeker
#----------- iseng -------------
#proxy.guardster.com
www.xxxtoolbar.com
logitech.com
#liveupdate.symantecliveupdate.com
#----------- terbaru -----------
www.hentaiclubs.com
a248.e.akamai.net:443
tokyoporn.com
unseenjapan.com
#http://blog.indosiar.com
http://www.lalatx.com
http://www.wheelieboyz.com
#http://cosmos.bcst.yahoo.com
http://kh.google.com/flatfile
http://kh.google.com/geauth
http://www.uh-oh.com
http://static.brazzers.com/scenes/
http://www.smut.com
www.homo.co
http://www.astalavista.com/
http://www.sdsb.com
http://www123.megavideo.com/*
http://video.qooqle.jp/dl/
http://www.handy-strip.com/Buhlen/pussyass.html
http://17tahun2.com/*
http://17tahun.110mb.com/*
http://17tahun1.blogspot.com/*
http://www.modelayu.com/*
http://*.modelayu.com/*
http://72.14.235.104/search?q=cache:t4GdeA1TMhgJ:www.porneskimo.com/
http://60.191.239.191/*
http://68.180.219.134/*
http://68.180.219.137/*
http://68.180.219.132/*
http://58.53.128.72/*
http://friendster.com/*
http://www.indianxclips.com/*
http://www.lalatx.com/*
http://galleries2.porn365.com/*
http://www.mrchewsasianbeaver.com/*
http://asian4u.com/*
http://img.porn365.com/*
http://www.porntube.com/*
http://www.redtube.com/*
http://www.nipponidols.com/*
http://cewekina.net/*
http://mamatmimit.blogspot.com/*
http://www.linkbiru.com/*
http://www.ceweknakal.info/*
http://ayobugil.com/*
# WEB PROXY
http://w2.hidemyass.com/*
http://www.roccosiffredi.com/*

root@tbox# joe /etc/squid/virus

######### Daftar Virus & Trojan, WAJIB DIBLOK ###############
84.16.252.73 #W32.Downadup
.trafficconverter.biz/* #W32.Downadup
http://y.ads009.info/*
.t.yahoo3.info/*
http://web.hyj008.info/*
http://ads.vk987.info/*
http://60.191.239.191/*
http://58.53.128.140/*
http://ru.soviet-kgb.info/v.gif/*
http://tk.234132.info/*
http://ftp.db884829.info/*
http://css.db884829.info/*
http://us.soviet-kgb.info/*

setelah konfigurasi squid.conf, halal, haram dan virus selesai disimpan hal yang perlu kita lanjutkan adalah membuat direktori untuk cache (creating swap)

tbox@root# squid -f /etc/squid/squid.conf -z
tbox@root# /etc/init.d/squid start

> IPTABLES (untuk transparent proxy)

aktifkan terlebih dahulu forward ip versi 4 nya

tbox@root# joe /etc/sysctl.conf

net.ipv4.ip_forward=1

lalu simpan..

tbox@root# iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
tbox@root# iptables -t nat -A POSTROUTING -j MASQUERADE
tbox@root# iptables -A FORWARD -s 192.168.0.0/24 -d 0/0 -j ACCEPT
tbox@root# iptables-save

untuk lebih memudahkan setiap kali restart agar konfigurasi iptables selalu diload hal yang mudah untuk di lakukan salin semua iptables ke dalam rc.local sbb :

root@tbox# joe /etc/rc.local

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A POSTROUTING -j MASQUERADE
iptables -A FORWARD -s 192.168.0.0/24 -d 0/0 -j ACCEPT

kemudian simpan dan restart servernya.
Nah sekarang coba deh di client

SELAMAT MENCOBA ....