Instalasi Dan Konfigurasi Lusca Proxy

INSTALASI DAN KONFIGURASI LUSCA PROXy
Install squid bawaan CentOS terlebih dahulu

Code:
[root@lusca-proxy ~]# yum install squid
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
addons
| 951 B
addons/primary
| 202 B
base
| 2.1 kB
base/primary_db
| 1.6 MB
extras
| 2.1 kB
extras/primary_db
| 188 kB
updates
| 1.9 kB
updates/primary_db
| 840 kB
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package squid.i386 7:2.6.STABLE21-6.el5 set to be updated
--> Processing Dependency: perl(URI::URL) for package: squid
---> Package perl-URI.noarch 0:1.35-3 set to be updated
--> Finished Dependency Resolution
00:00
00:00
00:00
00:02
00:00
00:00
00:00
00:01
Dependencies Resolved
=============================================================================
===
Package
Arch
Version
Repository
Size
=============================================================================
===
Installing:
squid
i386
7:2.6.STABLE21-6.el5
base
1.3
M
Installing for dependencies:
perl-URI
noarch
1.35-3
base
116
k
Transaction Summary
=============================================================================
===
Install
2 Package(s)
Upgrade
0 Package(s)
Total download size: 1.4 M
Is this ok [y/N]: y
Setelah terinstall maka kita remove lagi

Code:
[root@lusca-proxy ~]# yum remove squid
Setting up Remove Process
---> Package squid.i386 7:2.6.STABLE21-6.el5 set to be erased
=============================================================================
===
Package
Arch
Version
Repository
Siz
e
=============================================================================
===
Removing:
squid
i386
7:2.6.STABLE21-6.el5
installed
3.5
M
Transaction Summary
=============================================================================
===
Remove
1 Package(s)
Reinstall
0 Package(s)
Downgrade
0 Package(s)
Is this ok [y/N]: y
Setelah itu kita install paket yang di butuhkan untuk kompilasi LUSCA yaitu :
- automake
- gcc
- glibc-devel
- e2fsprogs-devel
- sharutils
Code:
[root@lusca-proxy ~]# yum install automake gcc glibc-devel e2fsprogs-devel
sharutils
Loading mirror speeds from cached hostfile
Setting up Install Process
---> Package automake.noarch 0:1.9.6-2.3.el5 set to be updated
--> Processing Dependency: autoconf >= 2.58 for package: automake
---> Package e2fsprogs-devel.i386 0:1.39-23.el5_5.1 set to be updated

--> Processing Dependency: e2fsprogs-libs = 1.39-23.el5_5.1 for package:
e2fspro
gs-devel
---> Package gcc.i386 0:4.1.2-48.el5 set to be updated
--> Processing Dependency: cpp = 4.1.2-48.el5 for package: gcc
--> Processing Dependency: libgomp >= 4.1.2-48.el5 for package: gcc
---> Package glibc-devel.i386 0:2.5-49.el5_5.7 set to be updated
--> Processing Dependency: glibc-headers = 2.5-49.el5_5.7 for package: glibcdev
el
--> Processing Dependency: glibc = 2.5-49.el5_5.7 for package: glibc-devel
--> Processing Dependency: glibc-headers for package: glibc-devel
---> Package sharutils.i386 0:4.6.1-2 set to be updated
---> Package autoconf.noarch 0:2.59-12 set to be updated
--> Processing Dependency: imake for package: autoconf
---> Package cpp.i386 0:4.1.2-48.el5 set to be updated
--> Processing Dependency: e2fsprogs-libs = 1.39-23.el5 for package:
e2fsprogs
---> Package e2fsprogs-libs.i386 0:1.39-23.el5_5.1 set to be updated
--> Processing Dependency: glibc = 2.5-49 for package: nscd
---> Package glibc.i686 0:2.5-49.el5_5.7 set to be updated
--> Processing Dependency: glibc-common = 2.5-49.el5_5.7 for package: glibc
---> Package glibc-headers.i386 0:2.5-49.el5_5.7 set to be updated
--> Processing Dependency: kernel-headers >= 2.2.1 for package: glibc-headers
--> Processing Dependency: kernel-headers for package: glibc-headers
---> Package libgomp.i386 0:4.4.0-6.el5 set to be updated
---> Package e2fsprogs.i386 0:1.39-23.el5_5.1 set to be updated
---> Package glibc-common.i386 0:2.5-49.el5_5.7 set to be updated
---> Package imake.i386 0:1.0.2-3 set to be updated
---> Package kernel-headers.i386 0:2.6.18-194.26.1.el5 set to be updated
---> Package nscd.i386 0:2.5-49.el5_5.7 set to be updated
=============================================================================
===
Package
Arch
Version
Repository
Siz
e
=============================================================================
===
Installing:
automake
noarch
1.9.6-2.3.el5
base
476
k
e2fsprogs-devel
i386
1.39-23.el5_5.1
updates
569
k
gcc
i386
4.1.2-48.el5
base
5.2
M
glibc-devel
i386
2.5-49.el5_5.7
updates
2.0
M
sharutils
i386
4.6.1-2
base
201
k
Installing for dependencies:
autoconf
noarch
2.59-12
base
647
k
cpp
i386
M
glibc-headers
i386
k
imake
i386
k
kernel-headers
i386
M
libgomp
i386
k
Updating for dependencies:
e2fsprogs
i386
k
e2fsprogs-libs
i386
k
glibc
i686
M
glibc-common
i386
M
nscd
i386
k
4.1.2-48.el5
base
2.6
2.5-49.el5_5.7
updates
602
1.0.2-3
base
319
2.6.18-194.26.1.el5
updates
1.1
4.4.0-6.el5
base
1.39-23.el5_5.1
updates
977
1.39-23.el5_5.1
updates
118
2.5-49.el5_5.7
updates
5.3
2.5-49.el5_5.7
updates
16
2.5-49.el5_5.7
updates
166
70
Transaction Summary
=============================================================================
===
Install
11 Package(s)
Upgrade
5 Package(s)
Total download size: 37 M
Is this ok [y/N]:y
Duduk tenang selesai install paket-paket di atas kemudian download LUSCA nya dari google
Code:
[root@lusca-proxy ~]#wget http://lusca-cache.googlecode.com/files/LUSCA_HEADr14809.tar.gz
Setelah itu di extrak

Code:
[root@lusca-proxy ~]# tar -zxvf LUSCA_HEAD-r14809.tar.gz
Pindah ke dalam direktori lusca, naikkan filedescriptors, dan kemudian configure menggunakan
opsi-opsi di bawah ini
Code:
[root@lusca-proxy ~]# cd LUSCA_HEAD-r14809
[root@lusca-proxy ~]# ulimit -n 8192
[root@lusca-proxy LUSCA_HEAD-r14809]# ./configure --prefix=/usr/local/squid -exec-prefix=/usr/local/squid --enable-delay-pools --enable-cache-digests -enable-poll --enable-linux-netfilter --enable-removal-policies --withmaxfd=8192 --enable-storeio=aufs --disable-wccp --enable-x-accelerator-vary -enable-kill-parent-hack --enable-async-io=30 --disable-ident-lookups
semua file instalasi terletak di /usr/local/squid/ jadi kita tidak akan repot-repot mencari-cari file
squid
Kemudian install
Code:
[root@lusca-proxy LUSCA_HEAD-r14809]# make all && make install
Duduk tenang menunggu instalasi selesai sekarang waktu nya Konfigurasi.

- Pindah ke direktori /usr/local/squid/etc
Code:
[root@lusca-proxy LUSCA_HEAD-r14809]# cd /usr/local/squid/etc/
kemudian config squid nya kaya gini nih,..

Code:
##start of config
http_port 3128 transparent
icp_port 0
#icp_port 3130
pid_filename /var/run/squid.pid
cache_effective_user squid
cache_effective_group squid
#error_directory /usr/share/squid/errors/templates
#icon_directory /usr/share/squid/icons
visible_hostname lusca.net
cache_mgr admin@localhost
access_log /cache1/access.log
cache_log /cache1/cache.log
cache_store_log none
logfile_rotate 1
shutdown_lifetime 10 seconds
####################################################################
# Allow local network(s) on interface(s)
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
#acl localnet src 10.0.0.0/8
# RFC1918 possible internal network
#acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.25.0/24 # RFC1918 possible internal network
####################################################################
uri_whitespace strip
#dns_nameservers
#dns_testnames 127.0.0.1
cache_mem 8 MB
maximum_object_size_in_memory 128 MB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir aufs /cache1 32768 64 256
minimum_object_size 512 bytes
maximum_object_size 128000 KB
offline_mode off
cache_swap_low 98
cache_swap_high 99
# No redirector configured
# Setup some default acls
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 102565535
acl sslports port 443 563 81
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
#acl dynamic urlpath_regex cgi-bin \?
http_access
http_access
http_access
http_access
http_access
http_access
allow manager localhost

deny manager
allow purge localhost
deny purge
deny !safeports
deny CONNECT !sslports
# Always allow localhost connections

http_access allow localhost
http_access allow localnet
# Default block all to be sure
http_access deny all
#include /usr/local/squid/etc/storeurl-el5.pl
include /usr/local/squid/etc/tunning.conf
##end of config
terus save.as storeurl.pl

Code:
#!/usr/bin/perl5.8.8
# by chudy_fernandez@yahoo.com
# Updates at http://wiki.squidcache.org/ConfigExamples/DynamicContent/YouTube/Discussion
$|=1;
while (<>) {
@X = split;
$X[1] =~ s/&sig=.*//;
$x = $X[0] . " ";
$_ = $X[1];
$u = $X[1];
# compatibility for old cached get_video?video_id
if (m/^http:\/\/([09.]{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com).*?(video
playback\?id=.*?|video_id=.*?)\&(.*?)/) {
$z = $2; $z =~ s/video_id=/get_video?video_id=/;
print $x . "http://video-srv.youtube.com.SQUIDINTERNAL/" . $z . "\n";
# youtube HD itag=22
} elsif (m/^http:\/\/([09.]{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com).*?\&(ita
g=22).*?\&(id=[a-zA-Z0-9]*)/) {
print $x . "http://video-srv.youtube.com.SQUIDINTERNAL/" . $2 . "&" . $3
. "\n";
# youtube Normal screen always HD itag 35, Normal screen never HD
itag 34, itag=18 <--normal?
} elsif (m/^http:\/\/([09.]{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com).*?\&(ita
g=[0-9]*).*?\&(id=[a-zA-Z0-9]*)/) {
print $x . "http://video-srv.youtube.com.SQUIDINTERNAL/" . $3 . "\n";
} elsif (m/^http:\/\/www\.google-analytics\.com\/__utm\.gif\?.*/) {
print $x . "http://www.google-analytics.com/__utm.gif\n";
#Cache High Latency Ads
} elsif (m/^http:\/\/([a-z09.]*)(\.doubleclick\.net|\.quantserve\.com|\.googlesyndication\.com)(.*)/) {
$y = $3;$z = $2;
for ($y) {
s/pixel;.*/pixel/;
s/activity;.*/activity/;
s/(imgad[^&]*).*/\1/;
s/;ord=[?0-9]*//;
s/;&timestamp=[0-9]*//;
s/[&?]correlator=[0-9]*//;
s/&cookie=[^&]*//;
s/&ga_hid=[^&]*//;
s/&u_his=[^&]*//;
s/&dt=[^&]*//;
s/&lmt=[^&]*//;
s/(&alternate_ad_url=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
s/(&url=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
s/(&ref=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
s/(&cookie=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
s/[;&?]ord=[?0-9]*//;
s/[;&]mpvid=[^&;]*//;
}
print $x . "http://" . $1 . $2 . $y . "\n";
#cache high latency ads
} elsif (m/^http:\/\/(.*?)\/(ads)\?(.*?)/) {
print $x . "http://" . $1 . "/" . $2 . "\n";
# spicific servers starts here....
} elsif (m/^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*?)/) {
print $x . "http://" . $1 . "\n";
#
# indowebster added by fahmi[at]airputih.or.id
#} elsif (($u =~ /indowebster/) && (m/^http:\/\/www[0-9][09]\.indowebster.com.*\/(.*?)/)) {
print $x . "http://cdn.indowebster.com/" . $2 . "\n";
#cdn, varialble 1st path

} elsif (($u =~ /filehippo/) && (m/^http:\/\/(.*?)\.(.*?)\/(.*?)\/(.*)\.([az0-9]{3,4})(\?.*)?/)) {
@y = ($1,$2,$4,$5);
$y[0] =~ s/[a-z0-9]{2,5}/cdn./;
print $x . "http://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";
#rapidshare
} elsif (($u =~ /rapidshare/) && (m/^http:\/\/(([A-Za-z]+[0-9-.]+)*?)([az]*\.[^\/]{3}\/[a-z]*\/[0-9]*)\/(.*?)\/([^\/\?\&]{4,})$/)) {
print $x . "http://cdn." . $3 . "/SQUIDINTERNAL/" . $5 . "\n";
} elsif (($u =~ /maxporn/) &&
(m/^http:\/\/([^\/]*?)\/(.*?)\/([^\/]*?)(\?.*)?$/)) {
print $x . "http://" . $1 . "/SQUIDINTERNAL/" . $3 . "\n";
#like porn hub variables url and center part of the path,
filename etention 3 or 4 with or withour ? at the end
} elsif (($u =~ /tube8|pornhub|xvideos/) && (m/^http:\/\/(([A-Za-z]+[0-9.]+)*?)\.([a-z]*[0-9]?\.[^\/]{3}\/[a-z]*)(.*?)((\/[az]*)?(\/[^\/]*){4}\.[^\/\?]{3,4})(\?.*)?$/)) {
print $x . "http://cdn." . $3 . $5 . "\n";
#...spicific servers end here.
#general purpose for cdn servers. add above your specific
servers.
} elsif (m/^http:\/\/([0-9.]*?)\/\/(.*?)\.(.*)\?(.*?)/) {
print $x . "http://squid-cdn-url//" . $2 . "." . $3 . "\n";
#for yimg.com doubled
} elsif (m/^http:\/\/(.*?)\.yimg\.com\/(.*?)\.yimg\.com\/(.*?)\?(.*)/) {
print $x . "http://cdn.yimg.com/" . $3 . "\n";
#for yimg.com with &sig=
} elsif (m/^http:\/\/(.*?)\.yimg\.com\/(.*)/) {
@y = ($1,$2);
$y[0] =~ s/[a-z]+[0-9]+/cdn/;
$y[1] =~ s/&sig=.*//;
print $x . "http://" . $y[0] . ".yimg.com/"
. $y[1] . "\n";
#generic http://variable.domain.com/path/filename."ext" or "exte"

with or withour "?"
} elsif (m/^http:\/\/(.*)([^\.\-]*?\..*?)\/(.*)\.([^\/\?\&]{3,4})(\?.*)?$/) {
@y = ($1,$2,$3,$4);
$y[0] =~ s/(([a-zA-A-]+[0-9-]+)|(.*cdn.*)|(.*cache.*))/cdn/;
print $x . "http://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";
# generic http://variable.domain.com/...
} elsif (m/^http:\/\/(([A-Za-z]+[0-9]+)*?|.*cdn.*|.*cache.*)\.(.*?)\.(.*?)\/(.*)$/) {
print $x . "http://cdn." . $3 . "." . $4 . "/" . $5 .
# spicific extention that ends with ?
} elsif
"\n";
(m/^http:\/\/(.*?)\/(.*?)\.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|on2)\?(.*)/
) {
print $x . "http://" . $1 . "/" . $2 . "." . $3 . "\n";
# all that ends with ;
} elsif (m/^http:\/\/(.*?)\/(.*?)\;(.*)/) {
print $x . "http://" . $1 . "/" . $2 . "\n";
} else {
print $x . $_ . "\n";
}
}
save as lagi tunning.conf

Code:
acl store_rewrite_list
urlpath_regex
\/(get_video|videoplayback\?id|videoplayback.*id)
acl store_rewrite_list
urlpath_regex
\.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|wmv|3gp|mp(
4|3)|exe|msi|zip|on2|mar)\?
acl store_rewrite_list_domain url_regex
^http:\/\/([a-zA-Z-]+[0-9]+)\.[A-Za-z]*\.[A-Za-z]*
acl store_rewrite_list_domain url_regex
(([a-z]{1,2}[0-9]{1,3})|([09]{1,3}[a-z]{1,2}))\.[a-z]*[0-9]?\.[a-z]{3}
acl store_rewrite_list_path urlpath_regex
\.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|avc|zip|mp3|3gp|rar|on2|mar|exe)$
acl store_rewrite_list_domain_CDN url_regex
\.rapidshare\.com.*\/[09]*\/.*\/[^\/]* ^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*)
\.doubleclick\.net.*
^http:\/\/[.a-z09]*\.photobucket\.com.*\.[a-z]{3}$ quantserve\.com
^http:\/\/[a-z]+[09]\.google\.co(m|\.id)
^http:\/\/\.www[0-9][09]\.indowebster\.com\/(.*)(rar|zip|flv|wm(a|v)|3gp|mp(4|3)|exe|msi|avi|(mp(e?
g|a|e|1|2|3|4))|cab|exe)
acl dontrewrite url_regex redbot\.org \.php
acl getmethod method GET
storeurl_access
storeurl_access
storeurl_access
storeurl_access
storeurl_access
storeurl_access
storeurl_access
deny dontrewrite
deny !getmethod
allow store_rewrite_list_domain_CDN
allow store_rewrite_list
allow store_rewrite_list_domain
allow store_rewrite_list_path
deny all
storeurl_rewrite_program /usr/local/squid/etc/storeurl.pl
storeurl_rewrite_children 7
storeurl_rewrite_concurrency 0
# 1 year = 525600 mins, 1 month = 43800 mins
refresh_pattern imeem.*\.flv 0 0% 0
override-lastmod override-expire
store-stale
refresh_pattern \.rapidshare.*\/[0-9]*\/.*\/[^\/]*
161280
90%
161280
ignore-reload store-stale
refresh_pattern
(get_video\?|videoplayback\?|videodownload\?|\.flv?)
129600 999999% 129600
ignore-no-cache ignore-no-store ignore-private override-expire overridelastmod reload-into-ims store-stale
refresh_pattern
(get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?)
1
29600 999999% 129600 ignore-no-cache ignore-no-store ignore-private overrideexpire override-lastmod reload-into-ims store-stale
#refresh_pattern -i
(get_video\?|videoplayback\?id|videoplayback.*id||videodownload\?|\.flv?)
129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private
override-expire override-lastmod reload-into-ims store-stale
refresh_pattern \.(ico|video-stats) 129600 999999% 129600
override-expire
ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth
override-lastmod ignore-must-revalidate negative-ttl=10080 store-stale
refresh_pattern \.etology\?
129600 999999%
129600
override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern galleries\.video(\?|sz)
129600 999999%
129600
refresh_pattern brazzers\?
129600 999999%
129600
refresh_pattern \.adtology\?
129600 999999%
129600
refresh_pattern
^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbri
te\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedi
a\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|gameadvertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserv
ing\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 129600 20%
129600 ignore-no-cache ignore-no-store ignore-private override-expire ignorereload ignore-auth ignore-must-revalidate store-stale negative-ttl=40320 maxstale=10
refresh_pattern ^.*safebrowsing.*google 129600 999999% 129600 overrideexpire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-mustrevalidate negative-ttl=10080 store-stale
refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.uk) 129600
999999% 129600 override-expire ignore-reload
ignore-private store-stale
negative-ttl=10080
refresh_pattern ytimg\.com.*\.jpg
129600 999999%
129600
override-expire ignore-reload
store-stale
refresh_pattern images\.friendster\.com.*\.(png|gif)
129600 999999%
129600
store-stale
refresh_pattern garena\.com
129600 999999%
129600
override-expire reload-into-ims store-stale
refresh_pattern photobucket.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 129600
999999% 129600
store-stale
refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\?
129600 999999%
129600 ignore-no-cache override-expire override-lastmod store-stale
refresh_pattern
mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png)
129600 999999%
129600 reload-into-ims override-expire ignore-private
store-stale
refresh_pattern ^http:\/\/images|pics|thumbs[0-9]\.
129600 999999%
129600 reload-into-ims ignore-no-cache ignore-no-store ignore-reload
override-expire store-stale
refresh_pattern ^http:\/\/www.onemanga.com.*\/
129600 999999%
129600 reload-into-ims ignore-no-cache ignore-no-store ignore-reload
override-expire store-stale
# ANTI VIRUS
refresh_pattern guru.avg.com/.*\.(bin)
43200 999999%
43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims storestale
refresh_pattern (avgate|avira).*(idx|gz)$
43200
999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims
store-stale
refresh_pattern kaspersky.*\.avc$
43200
store-stale
refresh_pattern kaspersky
43200
store-stale
refresh_pattern update.nai.com/.*\.(gem|zip|mcs)
43200
store-stale
refresh_pattern ^http:\/\/liveupdate.symantecliveupdate.com.*\(zip)
43200
store-stale
refresh_pattern windowsupdate.com/.*\.(cab|exe)
43200 999999% 129600 ignore-no-cache ignore-no-store ignorereload reload-into-ims store-stale
refresh_pattern update.microsoft.com/.*\.(cab|exe)
refresh_pattern download.microsoft.com/.*\.(cab|exe)
#images facebook
refresh_pattern ((facebook.com)|(85.131.151.39)).*\.(jpg|png|gif)
129600
999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store
store-stale
refresh_pattern -i
\.fbcdn.net.*\.(jpg|gif|png|swf|mp3)
129600 999999% 129600
ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png)
1296
00 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-nostore store-stale
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png)
129600
999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store
store-stale
#banner IIX
refresh_pattern ^http:\/\/openx.*\.(jp(e?g|e|2)|gif|pn[pg]|swf|ico|css|tiff?)
129600 99999% 129600 reload-into-ims ignore-reload override-expire ignoreno-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/ads(1|2|3).kompas.com.*\/
43200 99999%
129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignoreno-store store-stale
refresh_pattern ^http:\/\/img.ads.kompas.com.*\/
43200 99999%
refresh_pattern .kompasimages.com.*\.(jpg|gif|png|swf)
43200 99999%

refresh_pattern ^http:\/\/openx.kompas.com.*\/
43200 99999% 129600
reload-into-ims ignore-reload override-expire ignore-no-cache ignore-nostore store-stale
refresh_pattern kaskus.\us.*\.(jp(e?g|e|2)|gif|png|swf)
43200 99999%
refresh_pattern ^http:\/\/img.kaskus.us.*\.(jpg|gif|png|swf)
43200
99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache
ignore-no-store store-stale
#IIX DOWNLOAD
refresh_pattern ^http:\/\/\.www[0-9][09]\.indowebster\.com\/(.*)(mp3|rar|zip|flv|wmv|3gp|mp(4|3)|exe|msi|zip) 43200
99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache
ignore-no-store store-stale ignore-auth
#All File
refresh_pattern -i \.(3gp|7z|ace|asx|avi|bin|cab|dat|deb|divx|dvrms)
refresh_pattern -i
\.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v))
129600 999999% 129600
ignore-no-cache ignore-no-store ignore-private override-expire overridelastmod reload-into-ims store-stale
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)
refresh_pattern -i
\.(mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rar|rm|r(a|p)m|snd|vob|w
av) 129600 999999% 129600 ignore-no-cache ignore-private override-expire
override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(pp(s|t)|wax|wm(a|v)|wmx|wpl|zip|cb(r|z|t))
129600
999999% 43200 ignore-no-cache ignore-private override-expire override-lastmod
reload-into-ims store-stale
refresh_pattern
refresh_pattern
refresh_pattern
reload-into-ims
refresh_pattern
ims store-stale
(cgi-bin|\?)
0
0%
0
^gopher:
1440
0%
1440
^ftp:
10080
95%
43200 override-lastmod
store-stale
.
180
95% 43200 override-lastmod reload-into-
global_internal_static off
max_stale 10 years
retry_on_error on
buffered_logs on
read_ahead_gap 32 KB
header_access Accept-Encoding deny
client_persistent_connections off
server_persistent_connections on
half_closed_clients off
strip_query_terms off
quick_abort_min 0 KB
quick_abort_max 0 KB
all
quick_abort_pct 100
vary_ignore_expire on
reload_into_ims on
pipeline_prefetch on
#range_offset_limit 50 KB
read_timeout 30 minutes
client_lifetime 6 hours
negative_ttl 30 seconds
positive_dns_ttl 6 hours
negative_dns_ttl 60 seconds
pconn_timeout 15 seconds
request_timeout 1 minute
store_avg_object_size 13 KB
log_icp_queries off
ipcache_size 16384
ipcache_low 98
ipcache_high 99
log_fqdn off
fqdncache_size 16384
memory_pools off
forwarded_for on
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136
#cachemgr_passwd none info
cachemgr_passwd none all
client_db on
max_filedescriptors 4096
n_aiops_threads 24
#client_socksize 16 MB
load_check_stopen on
load_check_stcreate on
download_fastest_client_speed on
Buat direktori untuk nampung cache di /cache1,

kemudian ubah permission nya untuk squid
kemudian ubah permission file tunning.conf dan storeurl.pl agar bisa di exekusi
Code:
[root@lusca-proxy etc]# mkdir /cache1
[root@lusca-proxy etc]# chown squid:squid /cache1
[root@lusca-proxy etc]# chmod 777 tunning.conf storeurl.pl
Building cache dir squid

Code:
[root@lusca-proxy etc]# /usr/local/squid/sbin/squid -z
edit localnet pada squid.conf. sesuaikan network client kita :

potongan squid.conf
Code:
[root@lusca-proxy etc]# nano -c squid.conf
.......................
####################################################################
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
#acl localnet src 10.0.0.0/8
# RFC1918 possible internal network
#acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 7.7.9.0/24 # RFC1918 possible internal network
####################################################################
Cek apakah ada config error di squid dan apabila tidak ada error Jalankan squid sebagai daemon
Code:
[root@lusca-proxy etc]# /usr/local/squid/sbin/squid -k parse
[root@lusca-proxy etc]# /usr/local/squid/sbin/squid -NDd1 &
Testing. Silahkan arahkan browser menggunakan proxy ke server LUSCA dengan port 3128
Code:
[root@lusca-proxy etc]# tail -f
/cache1/access.log
catatan :
buat ngecek idup apa ngga di nmap saja liat port nya kebuka atau ngga
jika ketemu error Filedescriptors blabla, edit di file
Code:
[root@lusca-proxy ~]# nano -c
/usr/local/squid/etc/storeurl.pl
pada bagian paling atas

Code:
#!/usr/bin/perl5.8.8
<===== edit menjadi "#!/usr/bin/perl"
tanpa tanda kutip
# by chudy_fernandez@yahoo.com
# Updates at http://wiki.squidcache.org/ConfigExamples/DynamicContent/YouTube/D
iscussion
$|=1;
.............................
untuk menjalankan lusca setiap abis restart secara otomatis ketik perintah ini di console
Code:
[root@lusca-proxy ~]# echo "/usr/local/squid/sbin/squid -NDd1 &" >>
/etc/rc.local
Sumber : http://devilzc0de.org/forum/thread-7222.html

Instalasi Dan Konfigurasi Lusca Proxy

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Instalasi Dan Konfigurasi Lusca Proxy

Caricato da

Copyright:

Formati disponibili

INSTALASI DAN KONFIGURASI LUSCA PROXy

Install squid bawaan CentOS terlebih dahulu

Setelah terinstall maka kita remove lagi

---> Package e2fsprogs-devel.i386 0:1.39-23.el5_5.1 set to be updated

Setelah itu di extrak

Duduk tenang menunggu instalasi selesai sekarang waktu nya Konfigurasi.

kemudian config squid nya kaya gini nih,..

allow manager localhost

# Always allow localhost connections

terus save.as storeurl.pl

print $x . "http://cdn.indowebster.com/" . $2 . "\n";

#cdn, varialble 1st path

#generic http://variable.domain.com/path/filename."ext" or "exte"

save as lagi tunning.conf

129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignoreno-store store-stale

Buat direktori untuk nampung cache di /cache1,

Building cache dir squid

edit localnet pada squid.conf. sesuaikan network client kita :

pada bagian paling atas

Potrebbero piacerti anche