Oke udah lama saya tidak update Blog ini . kali ini saya akan Membahas Cara Instalasi dan Konfigurasi Proxy Squid pada Linux Ubuntu 10.04 . Sebelumnya Saya mau Bercerita sedikit tentang Tutorial ini kenapa sampai Saya Tulis padahal Sudah ada di internet Dari dulu .
Sebelumnya saya mau Memberitahu Banyak Tutorial di internet Tentang Squid Ubuntu ini Tapi Kebanyak adalah Copy Paste Alias tidak Di uji coba Terlebih Dahulu . nah dalam Tutorial kali ini saya akan Menjelaskan dan sudah pasti Berhasil Jika gagal Bisa commen masalhnya dimana BIar saya jelaskan .
kali ini Saya mengunakan LINUX UBUNTU 10.04 . kenapa saya mengunakan Linux model itu karena Sudah Banyak review Atau Pendapat Para Pakar Networking Kalo Proxy ini lebih handal dalam melakukan Cache .
Hal yang harus di Perhatiin adalah sebagai berikut :
1. Linux harus 10.04 atau 10.10
2. Koneksi Lumayan Cepat agar tidak tersendat dalam konfigurasi
3. Harddisk PC Minimal 80 GB
4. Paham Dasar-Dasar linux
5. Doa Kepada yang maha Kuasa
Berikut Pembagian partisi harddisk di ubuntu server dengan ukuran HDD 80GB:
1. /boot -----> 1Gb ext4 Boot Flag on
2. / ------> 3Gb ext4 (ROot)
3. /usr -----> 5Gb ext4
4. /var -----> 5Gb ext4
5. swap -----> 2Gb (2 x RAM di PC)
6. /cache -----> 50Gb ReiserFS (intel) atau BTRFS (AMD)
7. /home ------> sisanya jika ada
Setelah selesai Instalasi Ubuntu 10.04 langusng Koneksiin internet PC Yang akan akan menjadi Server Proxy . Jangan Lupa merbah Repository Ke lokal agar proses instalasi Paket ny lebih cepat .
Langka-langkah:
1. Login ubuntu
2. Jika belum membuat user root, ketik "sudo su", masukkan password ubuntu kamu, kemudian ketik "passwd" dan isikan password baru untuk root.
3. Silahkan copas sintak
sudo apt-get update
sudo apt-get install squid
sudo apt-get install squid squidclient squid-cgi
sudo apt-get install ccze
4. Stop squid-nya dengan perintah:
"squid stop" atau "/etc/init.d/squid stop" atau "service squid stop" jika tidak mau restart dulu PC-nya.
5. Edit squid.conf memakai winscp atau dengan perintah:
nano /etc/squid/squid.conf
Kemudian Copy-Paste isi squid.conf di bawah ini (sebelumnya backup dulu squid.conf yang asli:
# Port
http_port 3128 transparent
icp_port 3130
prefer_direct off
server_http11 on
# Cache
cache_mem 8 MB
cache_swap_low 98
cache_swap_high 99
max_filedesc 8192
maximum_object_size 128 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 128 KB
ipcache_size 10240
ipcache_low 98
ipcache_high 99
fqdncache_size 4096
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_dir aufs /cache 30000 16 256 # untuk partisi /cache 50GB
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
pid_filename /var/run/squid.pid
cache_swap_log /var/log/squid/swap.state
dns_nameservers /etc/resolv.conf
emulate_httpd_log off
hosts_file /etc/hosts
half_closed_clients off
negative_ttl 1 minutes
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 873 # https snews rsync
acl Safe_ports port 80 # http
acl Safe_ports port 20 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 631 # cups
acl Safe_ports port 10000 # webmin
acl Safe_ports port 901 # SWAT
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 873 # rsync
acl Safe_ports port 110 # POP3
acl Safe_ports port 25 # SMTP
acl Safe_ports port 2095 2096 # webmail from cpanel
acl Safe_ports port 2082 2083 # cpanel
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports !Safe_ports
# pictures & images
refresh_pattern -i \.(gif|png|jpeg|jpg|bmp|tif|tiff|ico)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth ignore-private
refresh_pattern -i \.(xml|html|htm|js|txt|css|php)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth
#sound & video
refresh_pattern -i \.(flv|x-flv|mov|avi|qt|mpg|mpeg|swf)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache
refresh_pattern -i \.(wav|mp3|mp4|au|mid)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth ignore-private
# files
refresh_pattern -i \.(iso|deb|rpm|zip|tar|tgz|ram|rar|bin|ppt|doc)$ 10080 90% 43200 ignore-no-cache ignore-auth
refresh_pattern -i \.(zip|gz|arj|lha|lzh)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth
refresh_pattern -i \.(rar|tgz|tar|exe|bin)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth
refresh_pattern -i \.(hqx|pdf|rtf|doc|swf)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth
refresh_pattern -i \.(inc|cab|ad|txt|dll)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth
# -- refresh pattern for specific sites -- #
refresh_pattern ^http://*.jobstreet.com.*/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache
refresh_pattern ^http://*.indowebster.com.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth
refresh_pattern ^http://*.21cineplex.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth
refresh_pattern ^http://*.atmajaya.*/.* 720 100% 10080 override-expire ignore-no-cache ignore-auth
refresh_pattern ^http://*.kompas.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.theinquirer.*/.* 720 100% 10080 override-expire ignore-no-cache ignore-auth
refresh_pattern ^http://*.blogspot.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.wordpress.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache
refresh_pattern ^http://*.photobucket.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.tinypic.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.imageshack.us/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.kaskus.*/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://www.kaskus.com/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.detik.*/.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.detiknews.*/*.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://video.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://static.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.friendster.com/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache ignore-auth
refresh_pattern ^http://*.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://apps.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://profile.ak.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://static.playspoon.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://cooking.game.playspoon.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern -i http://[^a-z\.]*onemanga\.com/? 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://media?.onemanga.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.yahoo.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.google.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.forummikrotik.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.linux.or.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
#default option
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
# ALLOWED ACCESS
acl localnet src 192.168.1.0/24 #IP lokal kamu
http_access allow localnet
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow localnet
icp_access allow localhost
icp_access deny all
always_direct deny all
cache_mgr admin@Bombercomputer.blogspot.com
visible_hostname Proxy Create @Bombercomputer
cache_effective_user proxy
cache_effective_group proxy
coredump_dir /var/spool/squid
shutdown_lifetime 10 seconds
logfile_rotate 14
#-----------------------------------------------------------------#
#tcp_outgoing_tos 0x30 localnet
#-----------------------------------------------------------------#
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136
Kode di atas lebih baik copy dulu ke notepad.
6. Stop lagi squid-nya dengan perintah:
"squid stop" atau "/etc/init.d/squid stop" atau "service squid stop" jika tidak mau restart dulu PC-nya.
7. Memberikan permission, ketik pada putty:
chown -R proxy.proxy /cache
chown proxy.proxy /var/log/squid/access.log
8. Membuat swap, ketik pada putty:
squid -f /etc/squid/squid.conf -z
atau
squid -z
9. Restart squid-nya:
"squid restart" atau "service squid restart" atau "/etc/init.d/squid restart", jika tidak bisa restart PC-nya.
10. Buka www.whatismyip.com, jika berhasil akan tertera keterangan IP public dengan proxy detected squid 2.7 stable.
Oke sudah selesai untuk Menghitung Partisi /cache Kalian bisa mengunakan Kalkulator cache di Google tersebar banyak Oke terimkasih . kalo yang mau tanya tanya bisa lewat twitter atau bisa comen langsung di bawah ini .
0 comments:
Post a Comment