Installasi squid 2.7 STABLE9 di Ubuntu Server 12.04 LTS

Asumsi router pada ubuntu server berjalan dengan baik

buka Putty kemudian masuk sebagai root
kemudian ketikan perintah-perintah dibawah ini atau copas aja biar ga ribet

install paket yg di butuhkan
sudo apt-get update
sudo apt-get install gcc
sudo apt-get install ccze
sudo apt-get install iptraf
sudo apt-get install build-essential
sudo apt-get install sharutils
sudo apt-get install libzip-dev
sudo apt-get install automake1.9

wget https://dl.dropbox.com/s/7tkdooexrrbr596/squid-2.7.STABLE9.tar.gz
tar -zxvf squid-2.7.STABLE9.tar.gz

cd squid-2.7.STABLE9

kemudian compile, contoh menggunakan proc intel pentium4

CHOST="i686-pc-linux-gnu" CFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer"

./configure --prefix=/usr --exec_prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --datadir=/etc/squid --libexecdir=/usr/libexec --sysconfdir=/etc/squid --localstatedir=/var/spool/squid --enable-async-io --with-pthreads --enable-storeio=aufs,coss,null --enable-linux-netfilter --enable-arp-acl --enable-epoll --enable-removal-policies=lru,heap --enable-snmp --enable-delay-pools --enable-htcp --enable-cache-digests --enable-referer-log --enable-useragent-log --enable-follow-x-forwarded-for --with-large-files --enable-large-cache-files --enable-truncate --disable-ident-lookups --with-maxfd=65536

hapus file squid.conf dan penambahan file storeurl.pl
rm /etc/squid/squid.conf
cd /etc/squid
wget https://dl.dropbox.com/s/s9k2ssw3osp367j/squid.conf
wget https://dl.dropbox.com/s/ws5nd3lnnlr9j3w/storeurl.pl
catatan : sesuaikan direktori cache_dir dan ip local yg berada di squid.conf sesuai dengan kebutuhan anda

buat direktori & file log
mkdir /var/log/squid
touch /var/log/squid/access.log
touch /var/log/squid/store.log
touch /var/log/squid/cache.log

berikan hak akses pada dir cache, file log & storeurl.pl
chown proxy:proxy /cache
chown proxy:proxy /etc/squid/storeurl.pl
chown proxy:proxy /var/log/squid/access.log
chown proxy:proxy /var/log/squid/store.log
chown proxy:proxy /var/log/squid/cache.log
chmod +x /cache
chmod +x /etc/squid/storeurl.pl
chmod +x /var/log/squid/access.log
chmod +x /var/log/squid/store.log
chmod +x /var/log/squid/cache.log

agar squid bisa menggunakan perintah service (start|restart|stop)
cd /etc/init.d
wget https://dl.dropbox.com/s/f8z2c68keniu3ii/squid
chown proxy:proxy /etc/init.d/squid
chmod +x /etc/init.d/squid

pengalihan port 80 ke port default squid 3128
nano /etc/rc.local
tambahkan baris di bawah sebelum baris exit 0 yg berada di baris paling bawah
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128
catatan : jika squid tidak auto start up, bisa menambahkan baris
"squid start" di bawah-nya tanpa kutip

cek konfigurasi pada squid.conf
squid -k parse
jika tidak ada pemberitahuan lanjutkan membuat dir swap cache
squid -z
jika tidak ada pemberitahuan cek + jalankan squid
squid -d1

perintah-perintah pada squid
squid -k shutdown atau service squid stop    "stop squid"
squid -d1 atau service squid start            "start squid"
tail -f /var/log/squid/access.log|ccze        "cek log akses"
tail -f /var/log/squid/cache.log|ccze        "cek log cache"
tail -f /var/log/squid/store.log|ccze        "cek log store"
tail -f /var/log/squid/access.log|grep HIT "cek HIT log saja"

untuk catatan download tutor installasi squid 2.7 STABLE9 manual yg telah saya buat di sini

ok sampai disini mudah-mudahan bisa membantu

konfigurasi Jaringan
====================

                       port ethernet no.3 ------- SQUID
Klien ---- Switch ---- port ethernet no.2
                       port ethernet no.1-------Modem

Konfigurasi di MikroTik
=======================

#copy paste command dibawah ini menggunakan menu New Terminal di Winbox#
--------------------------------------------------------------------------
kasi nama interface dan IP address
----------------------------------
/interface ethernet
set 2 name=ether3-proxy

/ip address
add address=192.168.5.1/24 interface=ether3-proxy

Mangle dan Routing TPROXY
-------------------------
/ip firewall mangle
add action=mark-routing chain=prerouting comment="TPROXY ROUTING" disabled=yes dst-port=80,443 in-interface=ether2-local new-routing-mark=tproxy_rm passthrough=no \
    protocol=tcp
add action=mark-connection chain=prerouting disabled=yes dst-port=80,443 in-interface=ether3-proxy new-connection-mark=tproxy_cm passthrough=yes protocol=tcp \
    src-address=!192.168.5.2
add action=mark-routing chain=prerouting connection-mark=tproxy_cm disabled=yes in-interface=!ether3-proxy new-routing-mark=tproxy_rm passthrough=no

add disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=192.168.5.2 routing-mark=tproxy_rm scope=30 target-scope=10

Instalasi pada PC Proxy
=======================

--Instalasi Web Proxy di Ubuntu Server 12.04 part 1 - Instalasi Ubuntu Server 12.04---

Hardware (silahkan disesuaikan)
========
- Proc Core 2 Duo
- HDD 40 GB
- RAM 1 GB
- CD/DVD RW

Software
========
- Download Ubuntu Server ver 12.04 (iso)
- Download & Install Putty Installer
- Download & Install WinSCP Installer

Persiapan
=========
- Install NIAT terlebih dahulu :-)
- Burn iso file ke CD /DVD
- Set BIOS PC untuk First Boot melalui CD/DVD

Instalasi Ubuntu Server ver 12.04 Lts
=====================================

Silahkan ikuti petunjuk instalasi dibawah ini. Jumlah cache dan besaran cache sila disesuaikan

---- Configure Language, Location, locales ----
- English [ Tekan Enter ]
- Install Ubuntu Server [ Tekan Enter ]
- English [ Tekan Enter ]
- Other [ Tekan Enter ]
- Asia [ Tekan Enter ]
- Indonesia [ Tekan Enter ]
- United States [ Tekan Enter ]

----Configure the keyboard----
- No [ Tekan Enter ]
- English (US) [ Tekan Enter ]
- English (US) [ Tekan Enter ]

---- Configure the network ----
- Continue [ Tekan Enter ]
- Configure Network Manually [ Tekan Enter ]
- IP Address : 192.168.5.2 [ Tekan Enter ]
- Netmask : 255.255.255.0 [ Tekan Enter ]
- Gateway : 192.168.5.1 [ Tekan Enter ]
- Name Server address : 192.168.5.1 [ Tekan Enter ]
- Hostname : BelajarJaringan [ Tekan Enter ]
- Domain name : [ Tekan Enter ]
- Full name for new user : Belajar Jaringan [ Tekan Enter ]
- username for your account : belajar [ Tekan Enter ]
- choose a password for the new user : passwordku [ Tekan Enter ]
- Re-enter password to verify : passwordku [ Tekan Enter ]
- Encrypt your home directory? : No [ Tekan Enter ]

---- Configure the clock ----
- Jakarta

---- Partition disk ----
- Manual
- SCSI1 (0,0,0) (sda) - 42.9 GB [ Tekan Enter ]
- Create New Partition table on this device ? Yes [ Tekan Enter ]

- pri/log 42.9 GB FREE SPACE [ Tekan Enter ]
- Create a New Partition
- New Partition size : 1 GB [ Tekan Enter ]
- Type for the new partition : Primary [ Tekan Enter ]
- Location for the new partition : Beginning [ Tekan Enter ]
- Pilih Mount point [ Tekan Enter ]
- Pilih /boot - static files of the boot loader [ Tekan Enter ]
- Pilih Mount options [ Tekan Enter ]
- Pilih Noatime [Tekan Tombol Spacebar] [ Tekan Enter ]
- Pilih Bootable flag [ Tekan Enter ]
- Pilih Done setting up the partition [ Tekan Enter ]

- pri/log 41.9 GB FREE SPACE [ Tekan Enter ]
- Create a New Partition
- New Partition size : 2 GB [ Tekan Enter ]
- Type for the new partition : Primary [ Tekan Enter ]
- Location for the new partition : Beginning [ Tekan Enter ]
- Pilih Use [ Tekan Enter ]
- Pilih swap area [ Tekan Enter ]
- Pilih Done setting up the partition [ Tekan Enter ]

- pri/log 39.9 GB FREE SPACE [ Tekan Enter ]
- Create a New Partition
- New Partition size : 19.9 GB [ Tekan Enter ] ------------------> Saya sisakan 20 GB untuk cache dir
- Type for the new partition : Primary [ Tekan Enter ]
- Location for the new partition : Beginning [ Tekan Enter ]
- Pilih Mount point [ Tekan Enter ]
- Pilih / - the root file system [ Tekan Enter ]
- Pilih Mount options [ Tekan Enter ]
- Pilih Noatime [Tekan Tombol Spacebar] [ Tekan Enter ]
- Pilih Done setting up the partition [ Tekan Enter ]

- pri/log 20 GB FREE SPACE [ Tekan Enter ]
- Create a New Partition
- New Partition size : 20 GB [ Tekan Enter ]
- Type for the new partition : Logical [ Tekan Enter ]
- Location for the new partition : Beginning [ Tekan Enter ]
- Pilih Use [ Tekan Enter ]
- Pilih ReiserFS journaling file system
- Pilih Mount point [ Tekan Enter ]
- Pilih Enter manually [ Tekan Enter ]
- Hapus /Home ganti menjadi /cache1 [ Tekan Enter ]
- Pilih Mount options [ Tekan Enter ]
- Pilih Noatime [Tekan Tombol Spacebar], Pilih Notail [Tekan Tombol Spacebar] [ Tekan Enter ]
- Pilih Done setting up the partition [ Tekan Enter ]

- Pilih Finish partitioning and write changes to disk [ Tekan Enter ]
- Write the changes to disks : Yes [ Tekan Enter ]

--- Configure the package manager ----
- HTTP proxy information (blank for none) : [ Tekan Enter ]

--- Configure tasksel ---
- How do you want to manage upgrade on this system? : No automatic updates [ Tekan Enter ]

--- Software selection ---
- Pilih OpenSSH Server [Tekan Tombol Spacebar] [ Tekan Enter ]

--- Install the GRUB boot loader on a hard disk---
- Install the GRUB boot loader to the master boot record? : Yes [ Tekan Enter ]

--- [!!] Finish the installation ---
- Pilih Continue [ Tekan Enter ]
- keluarkan CD Installer

Mengganti Password root
=======================
1. Login ke Proxy melalui WinSCP/ Putty dengan login yg Anda buat sewaktu install
2. ketik perintah dibawah ini
sudo su [tekan ENTER]
(masukkan password user yang anda buat sewaktu install)
3. ketik lagi
passwd root [tekan ENTER]
ENTER new UNIX password : (masukkan password baru untuk root)
Retype new UNIX password : (masukkan kembali password yang sama)

pastikan muncul tulisan : passwd : password updated successfully

Instalasi Squid 3 HEAD
======================
Petunjuk:z
--------------
- Login ke Program WinSCP menggunakan user root
- Copy Paste Perintah-Perintah dibawah ini melalui Putty (Copy lalu Klik kanan pada putty tekan Enter) :

apt-get update
apt-get install devscripts build-essential openssl libssl-dev fakeroot libcppunit-dev libsasl2-dev cdbs ccze libfile-readbackwards-perl libcap2 libcap-dev libcap2-dev
apt-get install sysv-rc-conf

wget http://www1.it.squid-cache.org/Versions/v3/3.HEAD/squid-3.HEAD-20130527-r12855.tar.gz
tar xzvf squid-3.HEAD-20130527-r12855.tar.gz

cd squid-3.HEAD-20130527-r12855

./configure --prefix=/usr \
--bindir=/usr/bin --sbindir=/usr/sbin \
--libexecdir=/usr/lib/squid3 --sysconfdir=/etc/squid3 \
--localstatedir=/var --libdir=/usr/lib --includedir=/usr/include --datadir=/usr/share/squid3 \
--infodir=/usr/share/info --mandir=/usr/share/man \
--disable-dependency-tracking --enable-storeio=ufs,aufs,diskd --enable-removal-policies=lru,heap --enable-icmp --enable-esi --enable-icap-client \
--disable-wccp --disable-wccpv2 \
--enable-kill-parent-hack --enable-cache-digests --enable-follow-x-forwarded-for --enable-x-accelerator-vary --enable-zph-qos \
--with-default-user=proxy --with-logdir=/var/log/squid3 --with-pidfile=/var/run/squid3.pid --with-large-files --enable-ltdl-convenience --with-filedescriptors=65536 \
--enable-ssl --enable-ssl-crtd --disable-auth --build=i486-linux-gnu build_alias=i486-linux-gnu
make && make install

chown -R proxy:proxy /cache1
chown -R proxy:proxy /var/log/squid3

## Copy 2 file berikut menggunakan Program WinSCP
=================================================
- File "squid.conf" (sila download di http://pastebin.com/PKZkLfpD) yang telah diubah dan disesuaikan dengan kebutuhan ke folder: /etc/squid3/
- File "squid" (sila download di http://pastebin.com/8xLYXZQC)ke folder: /etc/init.d/

ijin execute squid
==========================
chmod +x /etc/init.d/squid

Setup SSL Bump
==============
cd /etc/squid3
mkdir ssl_cert
cd ssl_cert
openssl req -new -newkey rsa:1024 -days 365 -nodes -x509 -keyout myCA.pem -out myCA.pem
openssl x509 -in myCA.pem -outform DER -out myCA.der
chown -R nobody /var/squid3/lib/ssl_db/
/usr/lib/squid3/ssl_crtd -c -s /var/squid3/lib/ssl_db/certs

swap dir
========
squid -z

Copy Paste Perintah-Perintah dibawah ini pada file /etc/rc.local
================================================================
modprobe xt_TPROXY
modprobe xt_socket
modprobe nf_tproxy_core
modprobe xt_mark
modprobe nf_nat
modprobe nf_conntrack_ipv4
modprobe nf_conntrack
modprobe nf_defrag_ipv4
modprobe ipt_REDIRECT
modprobe iptable_nat

iptables -t mangle -F
iptables -t mangle -X

iptables -t mangle -N DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
iptables -t mangle -A INPUT -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A PREROUTING ! -d 192.168.5.2/32 -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3129

/sbin/ip rule add fwmark 1 lookup 100
/sbin/ip route add local 0.0.0.0/0 dev lo table 100

echo 0 > /proc/sys/net/ipv4/conf/lo/rp_filter
echo 1 > /proc/sys/net/ipv4/ip_forward
exit 0

---------------------------------------------------------------------------------------------
Selesai. Hasil test bisa dilihat disini >> http://www.flickr.com/photos/96503603@N07/

proxy server ubuntu

World's best beaches

Rihanna shows off

Retail 3D printing

Tasty pizza recipes

Explore Singapore

Cheeseburger recipes

Sabtu, 02 November 2013

ubuntu vs squid 2.7 stable 9

Installasi squid 2.7 STABLE9 di Ubuntu Server 12.04 LTS

Senin, 28 Oktober 2013

proxy squid

Popular Posts

Join us on Facebook

Followers

Mengenai Saya

Arsip Blog

About

Poll