Langkah Instal Proxy sebagai cache log

Download source squid steable yang terbaru di http://www.squid-cache.org
Jika anda setuju Simpan file anda di direktori /usr/local/src, dan jika tidak itu berarti terserah anda,
Mari kita mulai ekstrak dan kompile squid

[apris@oprex src]# tar xvfz squid-2.5.STABLE14.tar.gz
[apris@oprex src]# cd squid-2.5.STABLE14
[apris@oprex squid-2.5.STABLE14]# ./configure –enable-delay-pools –enable-ipf-transparent –enable-storeio=diskd,ufs –enable-storeio=diskd,ufs –disable-ident-lookups –enable-snmp –enable-removal-policies
[apris@oprex squid-2.5.STABLE14]# make all
[apris@oprex squid-2.5.STABLE14]# make install

add group dan user untuk squid

[apris@oprex squid-2.5.STABLE14]# groupadd squid
[apris@oprex squid-2.5.STABLE14]# useradd squid -g squid -d /dev/null -s /nonexistent
Bikin direktori untuk access.log dan cache.log

[apris@oprex squid -2.5.STABLE14]# mkdir /var/log/squid
[apris@oprex squid -2.5.STABLE14]# cd /var/log/squid
[apris@oprex squid]# touch access.log
[apris@oprex squid]# touch cache.log
[apris@oprex squid]# cd /
[apris@oprex /]# chown squid:squid cache
[apris@oprex ]# chown squid:squid *
[apris@oprex squid]# ll
total 0
-rw-r–r– 1 squid squid 0 Des 1 22:46 access.log
-rw-r–r– 1 squid squid 0 Des 1 22:46 cache.log

Set squid.conf di direktori /usr/local/squid/etc/squid.conf
Source squid.conf bisa anda kopi hasil editan saya

#tambahkan menjadi “http_port 3128 transparent” untuk transparent proxy
#kalau anda tidak suka port 3128 sebagai port default proxy silahkan ganti

http_port 3128
icp_port 3130

icp_query_timeout 0
maximum_icp_query_timeout 5000
mcast_icp_query_timeout 2000
dead_peer_timeout 10 seconds

hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

cache_mem 128 MB
cache_swap_low 98
cache_swap_high 99

maximum_object_size 10240 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 4096 KB

ipcache_size 2048
ipcache_low 94
ipcache_high 95

cache_replacement_policy lru
memory_replacement_policy lru

# gunakan max 70 % Dari size partisi cache jika partisi cache anda 10 Gb maka gunkan 7 gb saja , maka dengan demikian squid akan mengisi log hanya sampai 7 Gb ( aotomatis remove)

cache_dir diskd /cache 7000 16 256 Q1=64 Q2=72

cache_access_log /squid/access.log
cache_log /squid/cache.log
cache_store_log none

emulate_httpd_log off
log_ip_on_direct on
ftp_user support@Gellora.com
wais_relay_port 0

request_header_max_size 20 KB
request_body_max_size 10 MB

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95

negative_ttl 5 minutes
positive_dns_ttl 6 hours
negative_dns_ttl 5 minutes
range_offset_limit 0 KB

# sebelumnya simpan dulu situs2 bokep di /usr/local/squid/etc/bokep & situs no bokep di usr/local/squid/etc/nobokep

acl porn url_regex “/usr/local/squid/etc/bokep”
acl noporn url_regex “/usr/local/squid/etc/nobokep”

acl XYZZY url_regex .yahoo.com
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl ip kita src 200.80.250.0/24
acl IIX src 202.0.0.0/255.0.0.0
acl SSL_ports port 443 563 6667 7000
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777 110
acl Safe_ports port 10001
acl CONNECT method CONNECT

no_cache deny XYZZY
http_access deny porn !noporn
http_access allow manager localhost
http_access allow ipkita
http_access allow IIX
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
icp_access allow all

connect_timeout 5 minutes
peer_connect_timeout 120 seconds
read_timeout 20 minutes
request_timeout 120 seconds
client_lifetime 5 day
half_closed_clients on
server_persistent_connections off
client_persistent_connections off
pconn_timeout 240 seconds
shutdown_lifetime 30 seconds

cache_mgr admin
cache_effective_user squid
cache_effective_group squid
visible_hostname Gellora

logfile_rotate 10
forwarded_for on
log_icp_queries off
icp_hit_stale on
minimum_direct_hops 15
minimum_direct_rtt 400
store_avg_object_size 13 KB
store_objects_per_bucket 20
offline_mode off

client_db off
netdb_low 900
netdb_high 1000
netdb_ping_period 5 minutes

query_icmp on
test_reachability off
nonhierarchical_direct off
prefer_direct off
ignore_unknown_nameservers on
high_memory_warning 0
store_dir_select_algorithm round-robin
ie_refresh on

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_single_host off
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

#####DELAY POOLS
acl magic_words1 url_regex -i 200.80.250.
acl magic_words2 url_regex -i ftp .torrent .3gp .dat .exe .vqf .rpm .zip .rar .t ar.gz .tar.bz2 .iso .mpeg .mp3 .mpe .mpg .qt .ram .rm .raw .wav .wmv .mov .avi
delay_pools 3
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow magic_words1
delay_class 2 2
delay_parameters 2 100000/500000 100000/500000
delay_access 2 allow magic_words2

Note: previllage direktori untuk cache harus kepunyaan squid

Membuat direktori swap, gunakan perintah :

[nanang@oprex /]# /usr/local/squid/sbin/squid –z

Apabila tidak ada error, jalankan squid menggunakan perintah :

[nanang@oprex /]# /usr/local/squid/sbin/squid –D

Lihat service squid yg sedang running

[nanang@oprex /]# ps ax|grep squid

10952 ? S 0:00 /usr/local/squid/sbin/squid -D
10954 ? S 0:00 (squid) -D
10961 pts/0 S 0:00 grep squid

Selamat Anda sudah sukses menginstall Proxy Server

Selamat Mencoba, Semoga Berhasil

Sumber : http://www.diqie.wordpress.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: