hostname -f
harus mengembalikan nama lengkap (termasuk domain). Jika tidak, maka berkas /etc/hosts
harus disunting agar memuat nama lengkap dari sistem (misalnya, arrakis.falcot.com
). Nama resmi komputer harus divalidasi dengan administrator jaringan untuk menghindari kemungkinan konflik nama.
/etc/squid/squid.conf
configuration file and allowing machines from the local network to run queries through the proxy. The following example shows the modifications made by the Falcot Corp administrators:
Contoh 11.22. The /etc/squid/squid.conf
file (excerpts)
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # include /etc/squid/conf.d/* # Example rule allowing access from your local networks. # Adapt localnet in the ACL section to list your (internal) IP networks # from where browsing should be allowed acl our_networks src 192.168.1.0/24 192.168.2.0/24 http_access allow our_networks http_access allow localhost # And finally deny all other access to this proxy http_access deny all
squid
itself does not perform the filtering; this action is delegated to squidGuard
. The former must then be configured to interact with the latter. This involves adding the following directive to the /etc/squid/squid.conf
file:
url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
/usr/lib/cgi-bin/squidGuard.cgi
CGI program also needs to be installed, using /usr/share/doc/squidguard/examples/squidGuard.cgi.gz
as a starting point. Required modifications to this script are the $proxy
and $proxymaster
variables (the name of the proxy and the administrator's contact email, respectively). The $image
and $redirect
variables should point to existing images representing the rejection of a query.
service squid reload
command. However, since the squidguard package does no filtering by default, it is the administrator's task to define the policy. This can be done by creating the /etc/squid/squidGuard.conf
file (using /etc/squidguard/squidGuard.conf.default
as template if required).
update-squidguard
setelah setiap perubahan berkas konfigurasi squidGuard
(atau salah satu daftar domain atau URL yang disebutkan). Sintaks berkas konfigurasi didokumentasikan pada situs web berikut: