Professional Documents
Culture Documents
Install Squid Head
Install Squid Head
04 ATAU SE ATASNYA
KEMUDIAN IKUTI LANGKAH DI BAWAH INI DENGAN TRIAL ERROR
## update & instal repo ##
file di bawah ini copas dan paste di nano /etc/apt/sources.list # dgn catatan yg
bawaan di hapuss
===========================
deb http://kambing.ui.ac.id/ubuntu/ precise-proposed main restricted universe mu
ltiverse
deb http://kambing.ui.ac.id/ubuntu/ precise-security main restricted universe mu
ltiverse
deb http://kambing.ui.ac.id/ubuntu/ precise-updates main restricted universe mul
tiverse
deb http://kambing.ui.ac.id/ubuntu/ precise main restricted universe multiverse
paket update ubuntunya
======================
apt-get update -y && apt-get install devscripts -y && apt-get install build-esse
ntial -y && apt-get install openssl -y && apt-get install libssl-dev -y && apt-g
et install fakeroot -y && apt-get install libcppunit-dev -y && apt-get install l
ibsasl2-dev -y && apt-get install cdbs -y && apt-get install ccze -y && apt-get
install libfile-readbackwards-perl -y && apt-get install libcap2 -y && apt-get i
nstall libcap-dev -y && apt-get install libcap2-dev -y && apt-get install sysv-r
c-conf -y
##donwlod squid ke web langusng
=========================================
buat folder dulu
mkdir /squid3
kemudian cd /squid3 lalu
copas bawah ini ke terminal..
wget http://www.squid-cache.org/Versions/v3/3.5/squid-3.HEAD-20140903-r13573.tar
.gz #sesudah down finish
extract file nya...
tar xzvf squid-3.HEAD-20140903-r13573.tar.gz #sesudah di extract
kemudian
squid-3.HEAD-20140903-r13573
setelah itu di compile
=====================================
config compile bisa di tambahkan opsi opsi tergantung kita mau di tambahkan apa
sesuia kebutuhan
================================================================================
====================
./configure --prefix=/usr --bindir=/usr/bin \
--sbindir=/usr/sbin --libexecdir=/usr/lib/squid \
--sysconfdir=/etc/squid --localstatedir=/var \
--includedir=/usr/include --datadir=/usr/share/squid \
--infodir=/usr/share/info --mandir=/usr/share/man \
--srcdir=. --disable-dependency-tracking \
--disable-strict-error-checking --enable-storeio=ufs,aufs,diskd \
--enable-removal-policies=lru,heap --disable-ipv6 \
--disable-wccp --disable-wccpv2 --enable-kill-parent-hack \
--enable-snmp --enable-cachemgr-hostname=proxy \
--enable-cache-digests --disable-select \
--enable-http-violations --enable-linux-netfilter \
--enable-follow-x-forwarded-for --disable-ident-lookups \
--disable-auth-basic --enable-x-accelerator-vary \
--enable-zph-qos --enable-ssl-crtd --with-openssl --without-gnutls --with-defaul
t-user=proxy --with-logdir=/var/log/squid \
--with-pidfile=/var/run/squid.pid --with-swapdir=/var/spool/squid \
--with-aufs-threads=32 --with-dl --with-large-files --enable-ltdl-convenience \
--with-filedescriptors=65536
make && make install
permision folder cache sesuai folder chace yg di buat
=====================================================
contoh bawah ini folder cache proxy saya
cd
chown proxy.proxy /c1 && chown proxy.proxy /c2 && chown proxy.proxy /c3 && chmod
777 /c1 && chmod 777 /c2 && chmod 777 /c3
umask 027
ulimit -n 65535
cd $cache_dir
start-stop-daemon --quiet --start \
--pidfile $PIDFILE \
--exec $DAEMON -- $SQUID_ARGS < /dev/null
return $?
}
stop () {
PID=`cat $PIDFILE 2>/dev/null`
start-stop-daemon --stop --quiet --pidfile $PIDFILE --exec $DAEMON
#
#
Now we have to wait until squid has _really_ stopped.
#
sleep 2
if test -n "$PID" && kill -0 $PID 2>/dev/null
then
log_action_begin_msg " Waiting"
cnt=0
while kill -0 $PID 2>/dev/null
do
cnt=`expr $cnt + 1`
if [ $cnt -gt 24 ]
then
log_action_end_msg 1
return 1
fi
sleep 5
log_action_cont_msg ""
done
log_action_end_msg 0
return 0
else
return 0
fi
}
case "$1" in
start)
log_daemon_msg "Starting $DESC" "$NAME"
if start ; then
log_end_msg $?
else
log_end_msg $?
fi
;;
stop)
log_daemon_msg "Stopping $DESC" "$NAME"
if stop ; then
log_end_msg $?
else
log_end_msg $?
fi
;;
reload|force-reload)
log_action_msg "Reloading $DESC configuration files"
start-stop-daemon --stop --signal 1 \
--pidfile $PIDFILE --quiet --exec $DAEMON
log_action_end_msg 0
;;
restart)
log_daemon_msg "Restarting $DESC" "$NAME"
stop
if start ; then
log_end_msg $?
else
log_end_msg $?
fi
;;
status)
status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit 3
;;
*)
echo "Usage: /etc/init.d/$NAME {start|stop|reload|force-reload|restart|s
tatus}"
exit 3
;;
esac
exit 0
## copy squid.conf & store-id PUNYA ANDA KE /etc/squid/ ##
================================
## permision squid.conf serta store-id ##
============================
chown proxy.proxy /etc/squid/squid.conf && chown proxy.proxy /etc/squid/storeid.
pl && chmod 777 /etc/squid/squid.conf && chmod 777 /etc/squid/storeid.pl
buat SSL Bump nya
==============
cd /etc/squid
mkdir ssl_cert
cd ssl_cert
openssl genrsa -out tukang-comot-indonesia.com.private 2048
openssl req -new -key tukang-comot-indonesia.com.private -out tukang-comot-indon
esia.com.csr
openssl x509 -req -days 3652 -in tukang-comot-indonesia.com.csr -signkey tukangcomot-indonesia.com.private -out tukang-comot-indonesia.com.cert
cd
mkdir /var/squid
cd /var/squid
mkdir ssl_db
cd
chown -R nobody /var/squid/ssl_db
/usr/lib/squid/ssl_crtd -c -s /var/squid/ssl_db/certs
chown -R proxy:proxy /var/squid/ssl_db
# permiss folder lognya ##
================================
chown proxy.proxy /var/log/squid && chmod 777 /var/log/squid
-b
-b
-b
-b
-b
4096
4096
4096
4096
4096
=================================================================
## untuk mangle & route ## JANGAN MAIN COPAS BUAT MANUAL SAJA
=================================================================
/ip fi ma
add chain=postrouting action=mark-connection new-connection-mark=proxy passthrou
gh=yes dscp=12
add chain=postrouting action=mark-connection new-connection-mark=proxy passthrou
gh=yes content=X-Cache: HIT
add chain=postrouting action=mark-packet new-packet-mark=proxy-hit passthrough=n
o connection-mark=proxy
add chain=prerouting action=mark-routing new-routing-mark=redirect-to-proxy pass
through=no src-address=192.168.20.0/24
* Catatan = IP 192.168.20.0/24 adalah Ip Lan
/ip route
add check-gateway=ping distance=1 gateway=192.168.10.10 routing-mark=redirect-to
-proxy
* Catatan = IP 192.168.20.0/24 adalah Ip Proxy
cek di terminal puty
======================
tail -f /var/log/squid/access.log
tail -f /var/log/squid/access.log
tail -f /var/log/squid/access.log
tail -f /var/log/squid/access.log
tail -f /var/log/squid/access.log
|
|
|
|
|
ccze
grep HIT | ccze
grep TCP_HIT
grep HIT
ccze
TAMBAHAN SILAHKAN INSTALL DNS UNBOUND SUPAYA LEBIH CEPAT DAN RESPONSIF
BISA DI CARI DI GOOGLE UNTUK TRIK UNBOUN NYA....
SEMOGA SUKSES AMINNN