Thursday, 12 January 2012

Lusca di ClearOs 5.2

Tutorial ini telah diuji di server Clearos 5.2, mode : gateway

Perhatian, simpan/backup squid.conf asli Anda sebelum melakukan perubahan, karena mungkin masih diperlukan untuk setingan delaypool.
Langkah-langkahnya :
Jalankan putty dan winscp.Masuk ke PUTTY (salin-tempel perintah dibawah ini perbaris lalu enter.

yum remove squid (jawab : y)

yum remove squid (sengaja… untuk memastikan gak ada yg tersisa)

yum install automake gcc glibc-devel e2fsprogs-devel sharutils (jawab : y)

wget http://lusca-cache.googlecode.com/files/LUSCA_HEAD-r14809.tar.gz

tar -zxvf LUSCA_HEAD-r14809.tar.gz

cd LUSCA_HEAD-r14809

ulimit -n 8192

./configure --prefix=/usr/local/squid --exec-prefix=/usr/local/squid --enable-delay-pools --enable-cache-digests --enable-poll --enable-linux-netfilter --enable-removal-policies --with-maxfd=8192 --enable-storeio=aufs --disable-wccp --enable-x-accelerator-vary --enable-kill-parent-hack --enable-async-io=30 --disable-ident-lookups

make all && make install

cd /usr/local/squid/etc/

wget http://v1.tiberias.or.id/downloads/squid.conf

wget http://v1.tiberias.or.id/downloads/storeurl.pl.conf

wget http://www.hendraarif.web.id/wp-content/uploads/2011/02/tunning.conf

(cat. jika tunning.conf gagal diundah, salin semua isi dibawah ini, lalu paste ke notepad)

acl store_rewrite_list urlpath_regex \/(get_video|videoplayback\?id|videoplayback.*id)
acl store_rewrite_list urlpath_regex \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|wmv|3gp|mp(4|3)|exe|msi|zip|on2|mar)\?
acl store_rewrite_list_domain url_regex ^http:\/\/([a-zA-Z-]+[0-9-]+)\.[A-Za-z]*\.[A-Za-z]*
acl store_rewrite_list_domain url_regex (([a-z]{1,2}[0-9]{1,3})|([0-9]{1,3}[a-z]{1,2}))\.[a-z]*[0-9]?\.[a-z]{3}

acl store_rewrite_list_path urlpath_regex \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|avc|zip|mp3|3gp|rar|on2|mar|exe)$
acl store_rewrite_list_domain_CDN url_regex \.rapidshare\.com.*\/[0-9]*\/.*\/[^\/]* ^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*) \.doubleclick\.net.*
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/[.a-z0-9]*\.photobucket\.com.*\.[a-z]{3}$ quantserve\.com
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/[a-z]+[0-9]\.google\.co(m|\.id)
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(rar|zip|flv|wm(a|v)|3gp|mp(4|3)|exe|msi|avi|(mp(e?g|a|e|1|2|3|4))|cab|exe)
acl dontrewrite url_regex redbot\.org \.php
acl getmethod method GET


storeurl_access deny dontrewrite
storeurl_access deny !getmethod
storeurl_access allow store_rewrite_list_domain_CDN
storeurl_access allow store_rewrite_list
storeurl_access allow store_rewrite_list_domain
storeurl_access allow store_rewrite_list_path
storeurl_access deny all

storeurl_rewrite_program /usr/local/squid/etc/storeurl.pl
storeurl_rewrite_children 1
storeurl_rewrite_concurrency 100

# 1 year = 525600 mins, 1 month = 43800 mins
refresh_pattern imeem.*\.flv 0 0% 0 override-lastmod override-expire store-stale
refresh_pattern \.rapidshare.*\/[0-9]*\/.*\/[^\/]* 161280 90% 161280 ignore-reload store-stale

refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern (get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i (get_video\?|videoplayback\?id|videoplayback.*id||videodownload\?|\.flv?) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern \.(ico|video-stats) 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth override-lastmod ignore-must-revalidate negative-ttl=10080 store-stale
refresh_pattern \.etology\? 129600 999999% 129600 override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern galleries\.video(\?|sz) 129600 999999% 129600 override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern brazzers\? 129600 999999% 129600 override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern \.adtology\? 129600 999999% 129600 override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern ^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 129600 20% 129600 ignore-no-cache ignore-no-store ignore-private override-expire ignore-reload ignore-auth ignore-must-revalidate store-stale negative-ttl=40320 max-stale=10
refresh_pattern ^.*safebrowsing.*google 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-must-revalidate negative-ttl=10080 store-stale
refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.uk) 129600 999999% 129600 override-expire ignore-reload ignore-private store-stale negative-ttl=10080
refresh_pattern ytimg\.com.*\.jpg 129600 999999% 129600 override-expire ignore-reload store-stale
refresh_pattern images\.friendster\.com.*\.(png|gif) 129600 999999% 129600 override-expire ignore-reload store-stale
refresh_pattern garena\.com 129600 999999% 129600 override-expire reload-into-ims store-stale
refresh_pattern photobucket.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 129600 999999% 129600 override-expire ignore-reload store-stale
refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\? 129600 999999% 129600 ignore-no-cache override-expire override-lastmod store-stale
refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 129600 999999% 129600 reload-into-ims override-expire ignore-private store-stale
refresh_pattern ^http:\/\/images|pics|thumbs[0-9]\. 129600 999999% 129600 reload-into-ims ignore-no-cache ignore-no-store ignore-reload override-expire store-stale
refresh_pattern ^http:\/\/www.onemanga.com.*\/ 129600 999999% 129600 reload-into-ims ignore-no-cache ignore-no-store ignore-reload override-expire store-stale

# ANTI VIRUS
refresh_pattern guru.avg.com/.*\.(bin) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern (avgate|avira).*(idx|gz)$ 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern kaspersky.*\.avc$ 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern kaspersky 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern update.nai.com/.*\.(gem|zip|mcs) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern ^http:\/\/liveupdate.symantecliveupdate.com.*\(zip) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

refresh_pattern windowsupdate.com/.*\.(cab|exe) 43200 999999% 129600 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern update.microsoft.com/.*\.(cab|exe) 43200 999999% 129600 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern download.microsoft.com/.*\.(cab|exe) 43200 999999% 129600 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

#images facebook
refresh_pattern ((facebook.com)|(85.131.151.39)).*\.(jpg|png|gif) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

#banner IIX
refresh_pattern ^http:\/\/openx.*\.(jp(e?g|e|2)|gif|pn[pg]|swf|ico|css|tiff?) 129600 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/ads(1|2|3).kompas.com.*\/ 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/img.ads.kompas.com.*\/ 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern .kompasimages.com.*\.(jpg|gif|png|swf) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/openx.kompas.com.*\/ 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern kaskus.\us.*\.(jp(e?g|e|2)|gif|png|swf) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/img.kaskus.us.*\.(jpg|gif|png|swf) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

#IIX DOWNLOAD
refresh_pattern ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(mp3|rar|zip|flv|wmv|3gp|mp(4|3)|exe|msi|zip) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale ignore-auth

#All File
refresh_pattern -i \.(3gp|7z|ace|asx|avi|bin|cab|dat|deb|divx|dvr-ms) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rar|rm|r(a|p)m|snd|vob|wav) 129600 999999% 129600 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(pp(s|t)|wax|wm(a|v)|wmx|wpl|zip|cb(r|z|t)) 129600 999999% 43200 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims store-stale

refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern ^ftp: 10080 95% 43200 override-lastmod reload-into-ims store-stale
refresh_pattern . 180 95% 43200 override-lastmod reload-into-ims store-stale

global_internal_static off
max_stale 10 years
retry_on_error on
buffered_logs on
read_ahead_gap 32 KB

header_access Accept-Encoding deny all
client_persistent_connections off
server_persistent_connections on
half_closed_clients off
strip_query_terms off
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 100
vary_ignore_expire on
reload_into_ims on
pipeline_prefetch on
#range_offset_limit 50 KB
read_timeout 30 minutes
client_lifetime 6 hours
negative_ttl 30 seconds
positive_dns_ttl 6 hours
negative_dns_ttl 60 seconds
pconn_timeout 15 seconds
request_timeout 1 minute
store_avg_object_size 13 KB
log_icp_queries off
ipcache_size 16384
ipcache_low 98
ipcache_high 99
log_fqdn off
fqdncache_size 16384
memory_pools off
forwarded_for on

zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136

#cachemgr_passwd none info
cachemgr_passwd none all
client_db on
max_filedescriptors 4096
n_aiops_threads 24
#client_socksize 16 MB
load_check_stopen on
load_check_stcreate on
download_fastest_client_speed on 

dengan nama : tunning.conf, lalu copykan ke /usr/local/squid/etc/ , gunakan winscp)

dilanjutkan dengan buka winscp :

masuk ke folder/directory : /usr/local/squid/etc/
ganti nama file : storeurl.pl.conf menjadi storeurl.pl (klik kanan rename)
hapus file : squid.conf (atau ganti dg nama lain)
ganti nama file : squid.conf.1 menjadi squid.conf
buka file squid.conf, untuk melakukan pengeditan. diedit.
tambahkan tanda # didepan baris offline_mode on (hasilnya : #offline_mode on)
menyesuaikan IP, cari baris perintah berikut :
acl localnet src 10.0.2.0/24 # RFC1918 possible internal network
ganti dg ip LAN kita, contoh : 10.0.2.0/24 ganti dengan 192.168.2.0/24)
ganti juga ip 10.0.2.0/24 yg berada dikelompok delaypool (digulung/scroll kebawah sampai mentok) ganti dengan IP LAN kita tadi.


kembali lagi ke…… PUTTY copas perintah berikut satu-satu: 

dengan nama : tunning.conf, lalu copykan ke /usr/local/squid/etc/ , gunakan winscp)

dilanjutkan dengan buka winscp :

masuk ke folder/directory : /usr/local/squid/etc/
ganti nama file : storeurl.pl.conf menjadi storeurl.pl (klik kanan rename)
hapus file : squid.conf (atau ganti dg nama lain)
ganti nama file : squid.conf.1 menjadi squid.conf
buka file squid.conf, untuk melakukan pengeditan. diedit.
tambahkan tanda # didepan baris offline_mode on (hasilnya : #offline_mode on)
menyesuaikan IP, cari baris perintah berikut :
acl localnet src 10.0.2.0/24 # RFC1918 possible internal network
ganti dg ip LAN kita, contoh : 10.0.2.0/24 ganti dengan 192.168.2.0/24)
ganti juga ip 10.0.2.0/24 yg berada dikelompok delaypool (digulung/scroll kebawah sampai mentok) ganti dengan IP LAN kita tadi.


kembali lagi ke…… PUTTY copas perintah berikut satu-satu: 

jika tampil tulisan : Finished rebuilding storage from disk.
bla.. bla.. bla
bla.. bla.. bla
storeLateRelease: released 0 objects.

artinya lusca berhasil ditanamkan di server anda..
tutup putty

kembali lagi ke… WINSCP :

masuk ke direktori /etc/rc.d
buka file : rc.local
hapus semua dan gantikan dengan script dibawah ini:

#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
touch /var/lock/subsys/local
/usr/local/squid/sbin/squid -NDd1 &
# This file is executed by the firewall on stop/start/restart.

Simpan, tutup.

Masuk ke folder : /etc

Buka file : firewall
Cari baris berikut :

# Squid configuration
#--------------------------
SQUID_TRANSPARENT="" ( ganti menjadi ) SQUID_TRANSPARENT="on"
SQUID_FILTER_PORT="" ( ganti menjadi ) SQUID_FILTER_PORT="3128"

Simpan, tutup.

sumber
Reaksi:

0 komentar:

Post a Comment

Komentar yang baik akan diterima secara baik juga

 
Design by Aldo Wildan Firdaus | Bloggerized by Aldo Wildan Firdaus - Premium Blogger Themes | Online Project management