Tue 2 Jun 2009
Install Squid di FreeBSD
Posted by admin under FreeBSD
No Comments
Installasi squid di FreeBSD
Perangkat yang digunakan untuk ngoprek
Pentium III 300MHz, RAM 128, HD 20GB dengan partisi sebagai berikut :
/swap : 256MB
/cache : 16000MB
/ : Sisanya
Langkah Kerja
Instal Squid
sarangku# tar -zxvf squid-2.5.STABLE5.tar.gz
sarangku# cd squid-2.5.STABLE5
./configure –enable-delay-pools –enable-ipf-transparent –enable-storeio=diskd,ufs –enable-storeio=diskd,ufs –disable-ident-lookups –enable-snmp –enable-removal-policies
sarangku# make
sarangku# make install
sarangku# pw useradd squid
sarangku# pw addgroup squid
sarangku# cd /
sarangku# chown squid:squid cache
sarangku# cd /usr/local/squid/var/logs
sarangku# touch access.log
sarangku# touch cache.log
sarangku# chown squid:squid *
sarangku# mkdir /usr/local/squid/cache
sarangku# cd /usr/local/squid/
sarangku# chown nobody:nogroup cache
sarangku# cd /usr/local/squid/etc/
sarangku# cp squid.conf squid.conf.old
sarangku# rm -rf squid.conf
sarangku# touch squid.conf
sarangku# ee /usr/local/squid/etc/squid.conf
Contoh Konfigurasi squid.conf
http_port 192.168.0.14:8080
icp_port 3130
icp_query_timeout 0
maximum_icp_query_timeout 5000
mcast_icp_query_timeout 2000
dead_peer_timeout 10 seconds
hierarchy_stoplist cgi-bin ? js
acl QUERY urlpath_regex cgi-bin ?
no_cache deny QUERY
cache_mem 64 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 8 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
cache_replacement_policy lru
memory_replacement_policy lru
cache_dir diskd /cache 16000 16 256 Q1=72 Q2=64
cache_access_log /usr/local/squid/var/logs/access.log
cache_log /usr/local/squid/var/logs/cache.log
cache_store_log none
emulate_httpd_log off
log_ip_on_direct on
ftp_user support@pdg.asiamaya.net
wais_relay_port 0
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95
negative_ttl 5 minute
positive_dns_ttl 6 hour
negative_dns_ttl 5 minute
range_offset_limit 0 KB
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl IIX dst_as 7713 4622 4795 7597 4787 4795 4800
acl sarangku src 192.168.0.0/24
acl SSL_ports port 443 563
acl irc_ports port 6667
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
http_access allow manager localhost
http_access allow sarangku
http_access allow IIX
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow CONNECT !irc_ports
http_access deny all
icp_access allow all
connect_timeout 2 minute
peer_connect_timeout 30 seconds
read_timeout 15 minute
request_timeout 30 second
client_lifetime 5 day
pconn_timeout 120 second
shutdown_lifetime 30 second
cache_mgr support@pdg.asiamaya.net
cache_effective_user squid
cache_effective_group squid
visible_hostname proxy.pdg.asiamaya.net
logfile_rotate 10
forwarded_for on
log_icp_queries off
icp_hit_stale off
minimum_direct_hops 4
minimum_direct_rtt 400
store_avg_object_size 13 KB
store_objects_per_bucket 20
client_db off
netdb_low 900
netdb_high 1000
netdb_ping_period 5 minutes
query_icmp on
test_reachability on
nonhierarchical_direct off
prefer_direct on
ignore_unknown_nameservers on
high_memory_warning 0
store_dir_select_algorithm round-robin
ie_refresh on
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
Backup Kernel Anda
sarangku# cd /usr/src/sys/i386/conf
sarangku# cp GENERIC SARANGKU
sarangku# ee SARANGKU
Ganti ident GENERIC menjadi SARANGKU
ident SARANGKU
maxusers 0
#makeoptions DEBUG=-g #Build kernel with gdb(1) debug symbols
#Mengaktifkan NatD dan IPFW
options IPFIREWALL
options IPDIVERT
options IPFIREWALL_DEFAULT_TO_ACCEPT
#DiskD
options SYSVMSG
options MSGMNB=8192 # max # of bytes in a queue
options MSGMNI=40 # number of message queue identifiers
options MSGSEG=512 # number of message segments per queue
options MSGSSZ=64 # size of a message segment
options MSGTQL=2048 # max messages in system
options SYSVSHM
options SHMSEG=16 # max shared mem id’s per process
options SHMMNI=32 # max shared mem id’s per system
options SHMMAX=2097152 # max shared memory segment size (bytes)
options SHMALL=4096 # max amount of shared memory (pages)
#Transparent Proxy
options IPFIREWALL_VERBOSE #print information about
# Dropped Packets
options IPFIREWALL_FORWARD #enable transparent proxy support
options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity
Kompile Kernel Anda
sarangku# config SARANGKU
sarangku# cd ../../compile/SARANGKU
sarangku# make depend && make && make install && reboot
Buat Startup Script
sarangku# touch /usr/local/etc/rc.d/squid.sh
sarangku# chmod +x /usr/local/etc/rc.d/squid.sh
sarangku# ee /usr/local/etc/rc.d/squid.sh
#!/bin/sh
echo -n ‘Proxy Server’
case “$1″ in
start)
/usr/local/squid/sbin/squid -D
;;
stop)
/usr/local/squid/sbin/squid -k shutdown
;;
restart)
/usr/local/squid/sbin/squid -k reconfigure
;;
*)
echo “Usage: `basename $0` {start|stop|restart}”
;;
esac
Jalankan Squid
sarangku# /usr/local/squid/sbin/squid -z
ini akan membuat swap direktori
sarangku# /usr/local/etc/rc.d/squid.sh start atau
sarangku# /usr/local/squid/sbin/squid -D
Mengecek Squid di Background
sarangku# ps ax | grep squid
15 ?? Is 0:00.01 /usr/local/squid/sbin/squid -D
162 ?? S 1:57.06 (squid) -D (squid)
567 p0 S+ 0:00.00 grep squid
Bila sudah muncul seperti tampilan diatas sewaktu menjalankan squid -D, berarti Squid Anda sudah berjalan
Mengecek Access Log-nya
sarangku# tail -f /usr/local/squid/var/logs/access.log
1082023675.284 9457 192.168.1.7 TCP_MISS/200 1528 GET http://www.jpegworld.com/index2.shtml – DIRECT/64.237.52.26 text/html
1082023676.844 8242 192.168.1.9 TCP_MISS/403 1488 GET http://xxxfantasy.cheapbw.com/pg1/asian.jpg – DIRECT/69.90.63.91 text/html
1082023678.712 12044 192.168.1.7 TCP_MISS/200 4372 GET http://66.111.39.232/julove/2240f53u.jpg – DIRECT/66.111.39.232 image/jpeg
Pastikan bahwa tulisan seperti diatas selalu bergerak bila usernya sedang membuka situs. Supaya script diatas selalu tersimpan waktu mesin di reboot, bisa dimasukkan dalam file startup
sarangku# touch /etc/rc.local
sarangku# ee /etc/rc.local
#Running Proxy Server
/usr/local/etc/rc.d/squid.sh start
#Forwarding
/sbin/ipfw add 350 fwd 192.168.0.14,8080 tcp from 192.168.0.0/24 to any www
/usr/local/snmp/sbin/snmpd
Selamat Mencoba, Semoga Berhasil
No Responses to “ Install Squid di FreeBSD ”