Linux Inspirations

Install squid versi penguin :d

Posted on: 29 September, 2007

SquidSiapkan configurasi squid yg sudah di edit dan simpan di direktori /home/ atau tergantung anda
ini adalah contoh squid.conf dari seseorang yang mengajarkan saya tentang squid ini,
mudah-mudahan beliau ridho squid hasil configurenya dipublish..semoga aja [-o<

[root@penguin /]# cat /home/ghian/squid.conf.ghian
# squid.conf – Squid Object Cache configuration file
http_port 3128
cache_mem 10 MB
========================================
#acl blok url_regex -i “/etc/squid/DENIED”
#http_access deny blok
========================================
cache_swap_low 85
cache_swap_high 89
========================================
cache_dir diskd /cache 720 16 64 Q1=72 Q2=64
#cache_dir diskd /cache1 720 16 64 Q1=72 Q2=64
========================================
store_dir_select_algorithm round-robin
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
========================================
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
========================================
logfile_rotate 1
pid_filename /var/run/squid.pid
hierarchy_stoplist ? cgi
acl QUERY urlpath_regex cgi \?
no_cache deny QUERY
========================================
# quick abort:
# always finish if less than 10k
# finish if more than 50%
# always abort if more tan 1024k
quick_abort_min 20 kb
quick_abort_pct 50%
quick_abort_max 1024 kb
========================================
emulate_httpd_log off
minimum_object_size 0 KB
maximum_object_size 20 MB
========================================
#read_timeout 30 minutes
#client_lifetime 3 hours
#pconn_timeout 15 seconds
#request_timeout 1 minute
shutdown_lifetime 10 seconds
positive_dns_ttl 53 seconds
negative_dns_ttl 29 seconds
========================================
ipcache_size 10240
ipcache_low 98
ipcache_high 99
========================================
cache_mgr
admin@penguin.net
cache_effective_user squid
cache_effective_group squid
visible_hostname penguin.cartoonet.net
========================================
log_fqdn off
#ident_lookup off
memory_pools off
forwarded_for on
icp_hit_stale on
logfile_rotate 2
#referer_log /usr/local/squid/var/logs/referer.log
========================================
store_objects_per_bucket 10
store_avg_object_size 13 kb
netdb_high 10000
netdb_low 9900
netdb_ping_period 30 seconds
========================================
#log_icp_queries off
#test_reachability off
#query_icmp on
debug_options ALL,1 98,2
max_open_disk_fds 100
========================================
high_memory_warning 400 mb
high_response_time_warning 2000
high_page_fault_warning 2
========================================
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
========================================
strip_query_terms off
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_single_host off
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
========================================
#####
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl Purge method PURGE
acl localhost src 127.0.0.1/255.255.255.255
acl penguin src 192.168.1.0/255.255.255.0
acl master dst 192.168.0.99
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 81 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 1002 # qplex
acl CONNECT method CONNECT
========================================
acl blok url_regex -i xml.opera.com/update
acl blok url_regex -i autoupdate.windowsmedia.com/update/update.asp
acl blok url_regex -i cgi.sexlist.com/counter.cgi?
acl blok url_regex -i download.microsoft.com msnsrch.dlservice.microsoft.com
acl blok url_regex -i hosted.by.alphared.com
acl blok url_regex -i deploy.akamaitechnologies.com
acl blok url_regex -i graphics.adultfriendfinder.com
acl blok url_regex -i apps.kompas.com
acl blok url_regex -i avi$ mpg$
=========================================
http_access deny blok
http_access allow manager localhost
http_access allow Purge localhost
http_access allow penguin
http_access allow master
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
========================================
##SNMP CONF
snmp_port 3401
acl snmppublic snmp_community public
snmp_access allow snmppublic localhost
========================================
#start delay
acl browze url_regex -i “/etc/squid/video”
acl sibuk time 10:01-23:59
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 16000/6000
delay_access 1 allow browze sibuk all
#end delay
========================================
ie_refresh on

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i \.(class|css|js|gif|jpg)$ 100000 500% 99000000 ignore-reload override-expire
refresh_pattern -i \.(jpe|jpeg|png|bmp|tif)$ 100000 500% 99000000 ignore-reload override-expire
refresh_pattern -i \.(tiff|mov|avi|qt|mpeg)$ 100000 500% 99000000 ignore-reload override-expire
refresh_pattern -i \.(mpg|mpe|wav|au|mid)$ 100000 500% 99000000 ignore-reload override-expire
refresh_pattern -i \.(zip|gz|arj|lha|lzh)$ 100000 500% 99000000 ignore-reload override-expire
refresh_pattern -i \.(rar|tgz|tar|exe|bin)$ 100000 500% 99000000 ignore-reload override-expire
refresh_pattern -i \.(hqx|pdf|rtf|doc|swf)$ 100000 500% 99000000 ignore-reload override-expire
refresh_pattern -i \.(inc|cab|ad|txt|dll)$ 100000 500% 99000000 ignore-reload override-expire
#refresh_pattern -i . 43200 95% 86400
#refresh_pattern -i . 0 0% 4320
refresh_pattern -i . 180 20% 4320

# END configuration
=========================================
pindahkan file squid.conf ini /etc/squid/squid.conf [root@penguin /]# cp /home/ghian/squid.conf.ghian /etc/squid/squid.conf
cp: overwrite `/etc/squid/squid.conf’? yes
ubah kepemilikan direktori cache misal disimpan di /cache
[root@penguin /]# chown -R squid:root /cache/
lalu check dengan perintah ls -la
[root@penguin /]# ls -al /
total 172
drwxr-xr-x 24 root root 4096 Sep 26 15:27 .
drwxr-xr-x 24 root root 4096 Sep 26 15:27 ..
drwxrwxrwx 19 squid root 4096 Sep 26 19:58 cache <<—
menjalankan pertama kali squid yaitu dengan perintah
[root@penguin /]# squid -k parse
[root@penguin /]# squid -z
2006/09/26 20:45:13| Creating Swap Directories
[root@penguin /]# /etc/init.d/squid start
Starting squid: . [ OK ]
check squidnya jalan atau tidak dengan mengetik:
[root@penguin /]# netstat -pln | grep squid
tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 9080/(squid)
udp 0 0 0.0.0.0:3130 0.0.0.0:* 9080/(squid)
udp 0 0 0.0.0.0:3401 0.0.0.0:* 9080/(squid)
udp 0 0 0.0.0.0:32980 0.0.0.0:* 9080/(squid)

berarti squid sudah jalan, sekrang tinggal test di browser dan check acces.log nya di :
[root@penguin /]# tail -f /var/log/squid/access.log
udah deh selsai..
setiap selsei edit squid ketik
[root@penguin /]# squid -k reconfigure
agar client langsung bisa browsing lewat squid maka di set transparen proxy pake iptables
[root@penguin /]# /etc/init.d/iptables stop
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: nat filter [ OK ]
Unloading iptables modules: [ OK ]
[root@penguin /]# /sbin/iptables -t nat -A PREROUTING -i eth1 -p tcp -s 192.168.1.0/255.255.255.0 –dport 80 -j DNAT –to 192.168.1.1:3128
[root@penguin /]# /sbin/iptables-save
# Generated by iptables-save v1.3.0 on Tue Sep 26 20:59:49 2006
*nat
:OUTPUT ACCEPT [1:72]
:POSTROUTING ACCEPT [1:72]
:PREROUTING ACCEPT [4:629]
-A PREROUTING -s 192.168.1.0/255.255.255.0 -i eth1 -p tcp -m tcp –dport 80 -j DNAT –to-destination 192.168.1.1:3128
COMMIT
# Completed on Tue Sep 26 20:59:49 2006

hatur nuhun kanggo kang Deden

http://ngoprek-penguin.blogspot.com/2006_09_01_archive.html

2 Tanggapan to "Install squid versi penguin :d"

boss…mo tanya neh
waktu install MRTG buat squidnya , knp yah gak bisa kasih
command ./configure –snmp-enable, ==> pesannya no such file or directory…bisa kasih pencerahan boss ???

salam.

Tinggalkan Balasan

Please log in using one of these methods to post your comment:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s

ABout Me!


WordPress ini sengaja saya buat untuk menulis apa yang telah saya lakukan agar saya selalu ingat, tulisan yang saya buat kebanyakan dalam bentuk tutorials configurasi linux dari hasil uji coba saya dan sebahagian di kutip dari beberapa website lain yang saya anggap perlu untuk saya tulis disini. Mudah-mudahan tutorial yang saya buat ini berguna buat pencinta linux yang lain. Salam Sejahtera.

Blog Stats

  • 120,467 hits

Linux Inspiration

%d blogger menyukai ini: