Download source squid steable yang terbaru di www.squid-cache.org
Jika anda setuju Simpan file anda di direktori /usr/local/src, dan jika tidak itu berarti terserah anda,
Mari kita mulai ekstrak dan kompile squid
[nanang@oprex src]# tar xvfz squid-2.5.STABLE14.tar.gz
[nanang@oprex src]# cd squid-2.5.STABLE14
[nanang@oprex squid-2.5.STABLE14]# ./configure –enable-delay-pools –enable-ipf-transparent –enable-storeio=diskd,ufs –enable-storeio=diskd,ufs –disable-ident-lookups –enable-snmp –enable-removal-policies
[nanang@oprex squid-2.5.STABLE14]# make all
[nanang@oprex squid-2.5.STABLE14]# make install
add group dan user untuk squid
[nanang@oprex squid-2.5.STABLE14]# groupadd squid
[nanang@oprex squid-2.5.STABLE14]# useradd squid -g squid -d /dev/null -s /nonexistent
Bikin direktori untuk access.log dan cache.log
[nanang@oprex squid -2.5.STABLE14]# mkdir /var/log/squid
[nanang@oprex squid -2.5.STABLE14]# cd /var/log/squid
[nanang@oprex squid]# touch access.log
[nanang@oprex squid]# touch cache.log
[nanang@oprex squid]# cd /
[nanang@oprex /]# chown squid:squid cache
[nanang@oprex ]# chown squid:squid *
[nanang@oprex squid]# ll
total 0
-rw-r–r– 1 squid squid 0 Des 1 22:46 access.log
-rw-r–r– 1 squid squid 0 Des 1 22:46 cache.log
Set squid.conf di direktori /usr/local/squid/etc/squid.conf
Source squid.conf bisa anda kopi hasil editan saya
#tambahkan menjadi “http_port 3128 transparent” untuk transparent proxy
#kalau anda tidak suka port 3128 sebagai port default proxy silahkan ganti
http_port 3128
icp_port 3130
icp_query_timeout 0
maximum_icp_query_timeout 5000
mcast_icp_query_timeout 2000
dead_peer_timeout 10 seconds
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 128 MB
cache_swap_low 98
cache_swap_high 99
maximum_object_size 10240 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 4096 KB
ipcache_size 2048
ipcache_low 94
ipcache_high 95
cache_replacement_policy lru
memory_replacement_policy lru
# gunakan max 70 % Dari size partisi cache jika partisi cache anda 10 Gb maka gunkan 7 gb saja , maka dengan demikian squid akan mengisi log hanya sampai 7 Gb ( aotomatis remove)
cache_dir diskd /cache 7000 16 256 Q1=64 Q2=72
cache_access_log /squid/access.log
cache_log /squid/cache.log
cache_store_log none
emulate_httpd_log off
log_ip_on_direct on
ftp_user support@Gellora.com
wais_relay_port 0
request_header_max_size 20 KB
request_body_max_size 10 MB
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95
negative_ttl 5 minutes
positive_dns_ttl 6 hours
negative_dns_ttl 5 minutes
range_offset_limit 0 KB
# sebelumnya simpan dulu situs2 bokep di /usr/local/squid/etc/bokep & situs no bokep di usr/local/squid/etc/nobokep
acl porn url_regex “/usr/local/squid/etc/bokep”
acl noporn url_regex “/usr/local/squid/etc/nobokep”
acl XYZZY url_regex .yahoo.com
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl ip kita src 200.80.250.0/24
acl IIX src 202.0.0.0/255.0.0.0
acl SSL_ports port 443 563 6667 7000
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777 110
acl Safe_ports port 10001
acl CONNECT method CONNECT
no_cache deny XYZZY
http_access deny porn !noporn
http_access allow manager localhost
http_access allow ipkita
http_access allow IIX
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
icp_access allow all
connect_timeout 5 minutes
peer_connect_timeout 120 seconds
read_timeout 20 minutes
request_timeout 120 seconds
client_lifetime 5 day
half_closed_clients on
server_persistent_connections off
client_persistent_connections off
pconn_timeout 240 seconds
shutdown_lifetime 30 seconds
cache_mgr admin
cache_effective_user squid
cache_effective_group squid
visible_hostname Gellora
logfile_rotate 10
forwarded_for on
log_icp_queries off
icp_hit_stale on
minimum_direct_hops 15
minimum_direct_rtt 400
store_avg_object_size 13 KB
store_objects_per_bucket 20
offline_mode off
client_db off
netdb_low 900
netdb_high 1000
netdb_ping_period 5 minutes
query_icmp on
test_reachability off
nonhierarchical_direct off
prefer_direct off
ignore_unknown_nameservers on
high_memory_warning 0
store_dir_select_algorithm round-robin
ie_refresh on
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_single_host off
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
#####DELAY POOLS
acl magic_words1 url_regex -i 200.80.250.
acl magic_words2 url_regex -i ftp .torrent .3gp .dat .exe .vqf .rpm .zip .rar .t ar.gz .tar.bz2 .iso .mpeg .mp3 .mpe .mpg .qt .ram .rm .raw .wav .wmv .mov .avi
delay_pools 3
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow magic_words1
delay_class 2 2
delay_parameters 2 100000/500000 100000/500000
delay_access 2 allow magic_words2
Note: previllage direktori untuk cache harus kepunyaan squid
Membuat direktori swap, gunakan perintah :
[nanang@oprex /]# /usr/local/squid/sbin/squid –z
Apabila tidak ada error, jalankan squid menggunakan perintah :
[nanang@oprex /]# /usr/local/squid/sbin/squid –D
Lihat service squid yg sedang running
[nanang@oprex /]# ps ax|grep squid
10952 ? S 0:00 /usr/local/squid/sbin/squid -D
10954 ? S 0:00 (squid) -D
10961 pts/0 S 0:00 grep squid
Selamat Anda sudah sukses menginstall Proxy Server
Selamat Mencoba, Semoga Berhasil
Langkah Instal Proxy sebagai cache log
Leave a Reply
Tags:
UBUNTU
0 komentar: