Minggu, 15 Juli 2012

Install Squid Cache Version 3.2.0.17 di ubuntu 11.10

Bagi teman2 yang mengalami kesulitan untuk mengkompilasi squid versi 3.2.7 sampai versi terbaru saat ini yaitu 3.2.0.17 di ubuntu server khususnya. dikarenakan untuk mengkompile squid versi 3.2.7 s/d 3.2.0.17 saat ini memerlukan lib openssl pada proses kompilasi. Sehingga kita perlu menginstall terlebih dahulu beberapa paket (libldap2-dev libpam0g-dev libdb-dev dpatch cdbs libsasl2-dev debhelper libcppunit-dev libkrb5-dev comerr-dev libcap2-dev libexpat1-dev libxml2-dev libcap2-dev dpkg-dev curl libssl-dev libssl0.9.8 libssl0.9.8-dbg libcurl4-openssl-dev) dengan cara mengetikkan perintah:

root@ProxyServer:/home/hong# apt-get install build-essential libldap2-dev libpam0g-dev
 
Kemudian download dan ekstrak squid versi 3.2.0.17:
 
root@ProxyScan:/home/hong# wget http://www.squid-cache.org/Versions/v3/3.2/squid-3.2.0.17.tar.gz 
root@ProxyScan:/home/hong# tar xvf squid-3.2.0.17.tar.gz 
 
Kemudian Compile dengan menggunakan config:
 
CHOST=”i686-pc-linux-gnu”

CFLAGS=”-march=pentium4 -O2 -pipe -fomit-frame-pointer”

CXXFLAGS=”${CFLAGS}”

./configure \

–prefix=/usr \

–includedir=${prefix}/include \

–mandir=${prefix}/share/man \

–infodir=${prefix}/share/info \

–sysconfdir=/etc \

–localstatedir=/var \

–libexecdir=${prefix}/lib/squid \

–disable-maintainer-mode \

–disable-dependency-tracking \

–srcdir=. \

–datadir=/usr/share/squid \

–sysconfdir=/etc/squid \

–mandir=/usr/share/man \

–enable-inline \

–enable-async-io=24 \

–enable-storeio=aufs \

–enable-removal-policies=”lru,heap” \

–enable-delay-pools \

–enable-cache-digests \

–enable-underscores \

–enable-kill-parent-hack \

–enable-icap-client \

–with-dl \

–with-aio \

–enable-zph-qos \

–disable-ipv6 \

–disable-unlinkd \

–disable-wccp \

–disable-wccpv2 \

–disable-ident-lookups \

–disable-auth \

–enable-follow-x-forwarded-for \

–enable-arp-acl \

–enable-esi \

–disable-translation \

–with-logdir=/var/log/squid \

–with-pidfile=/var/run/squid.pid \

–with-filedescriptors=65536 \

–with-large-files \

–with-default-user=proxy \

–enable-ltdl-convenience 
Parameter “CFLAGS” silahkan disesuaikan dengan jenis prosesor yang kalian gunakan. silahkan kunjungi infonya Disini.

Setelah di configure, lalu dilanjukan dengan perintah make dan make install

root@ProxyScan:/home/hong# squid -v
Squid Cache: Version 3.2.0.17
configure options:  '--prefix=/usr' '--includedir=/include' '--mandir=/share/man' '--infodir=/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=/lib/squid' '--disable-maintainer-mode' '--disable-dependency-tracking' '--srcdir=.' '--datadir=/usr/share/squid' '--sysconfdir=/etc/squid' '--mandir=/usr/share/man' '--enable-inline' '--enable-async-io=24' '--enable-storeio=aufs' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-cache-digests' '--enable-underscores' '--enable-kill-parent-hack' '--enable-icap-client' '--with-dl' '--with-aio' '--enable-zph-qos' '--disable-ipv6' '--disable-unlinkd' '--disable-wccp' '--disable-wccpv2' '--disable-ident-lookups' '--disable-auth' '--enable-follow-x-forwarded-for' '--enable-arp-acl' '--enable-esi' '--disable-translation' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid.pid' '--with-filedescriptors=65536' '--with-large-files' '--with-default-user=proxy' '--enable-ltdl-convenience'
root@ProxyScan:/home/hong#
Konfigurasi squid.conf

acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines

acl SSL_ports port 443          # https
acl SSL_ports port 563          # snews
acl SSL_ports port 873          # rsync
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl Safe_ports port 631         # cups
acl Safe_ports port 873         # rsync
acl Safe_ports port 901         # SWAT
acl Safe_ports port 182         # uploadic
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localnet
http_access deny manager
http_access allow purge localnet
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access deny all
icp_access allow localnet
icp_access deny all
http_port 8080 
 
hierarchy_stoplist (afs.dat|update.txt|version.list|vdf.info.gz|captcha|reset.css|gamenotice|patchinfo.bin|latest-version.xml|start*.txt|server_patch.cfg.iop|patchinfo.xml|PatchTimeCheck.dat|PatchPath.dat)
acl QUERY urlpath_regex -i \.(ini|ui|lst|inf|mh-|sc-)
acl QUERY urlpath_regex -i (afs.dat|captcha|reset.css|update.txt|version.list|gamenotice|vdf.info.gz|patchinfo.bin|latest-version.xml|start*.txt|server_patch.cfg.iop|patchinfo.xml|PatchTimeCheck.dat|PatchPath.dat)
cache deny QUERY
 
#================================================= ========
# TAG: Refresh Pattern
#================================================= ========
# 1 year = 525600 mins, 1 month = 43200 mins, 1 day = 1440
#================================================= ========

refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?) 1440 90% 43200 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern (get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?) 1440 90% 43200 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale 
 
refresh_pattern \.(ico|video-stats) 1440 90% 43200 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth override-lastmod ignore-must-revalidate store-stale 
refresh_pattern \.etology\? 1440 90% 43200 override-expire ignore-reload ignore-no-cache store-stale 
refresh_pattern galleries\.video(\?|sz) 1440 90% 43200 override-expire ignore-reload ignore-no-cache store-stale 
refresh_pattern brazzers\? 1440 90% 43200 override-expire ignore-reload ignore-no-cache store-stale 
refresh_pattern patch.gemscool.*\.npz\? 1440 90% 43200 override-expire ignore-reload ignore-no-cache store-stale 
refresh_pattern ^.*cp.*GrandChase/.* 43200 100% 43200  override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private store-stale 
refresh_pattern \.adtology\? 1440 90% 43200 override-expire ignore-reload ignore-no-cache store-stale 
refresh_pattern fetch\.softnyx\.co\.id\/fetch.dll\? 1440 90% 43200 override-expire ignore-reload ignore-no-cache store-stale 
refresh_pattern \.gstatic.com\/images\?*\.(jpg|jpeg|tiff|bmp|gif|png) 1440 90% 43200 override-expire ignore-reload ignore-no-cache store-stale 
refresh_pattern ^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 43200 20% 43200 ignore-no-cache ignore-no-store ignore-private override-expire ignore-reload ignore-auth ignore-must-revalidate store-stale max-stale=10 
refresh_pattern ^.*safebrowsing.*google 1440 90% 43200 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-must-revalidate store-stale 
refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.uk|\.id) 1440 90% 43200 override-expire ignore-reload ignore-private store-stale
refresh_pattern ytimg\.com.*\.jpg 1440 90% 43200 override-expire ignore-reload store-stale
refresh_pattern images\.friendster\.com.*\.(png|gif) 1440 90% 43200 override-expire ignore-reload store-stale
refresh_pattern garena\.com 1440 90% 43200 override-expire reload-into-ims store-stale
refresh_pattern photobucket.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 1440 90% 43200 override-expire ignore-reload store-stale
refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\? 1440 90% 43200 ignore-no-cache override-expire override-lastmod store-stale
refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 1440 90% 43200 reload-into-ims override-expire ignore-private store-stale
refresh_pattern ^http:\/\/images|pics|thumbs[0-9]\. 1440 90% 43200 reload-into-ims ignore-no-cache  ignore-reload override-expire store-stale
refresh_pattern ^http:\/\/www.onemanga.com.*\/ 1440 90% 43200 reload-into-ims ignore-no-cache  ignore-reload override-expire store-stale
refresh_pattern ^http://v\.okezone\.com/get_video\/([a-zA-Z0-9]) 1440 90% 43200 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth override-lastmod store-stale
 
# ANTI VIRUS
refresh_pattern guru.avg.com/.*\.(bin) 1440 90% 10080 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern (avgate|avira).*(idx|gz)$ 1440 90% 10080 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern kaspersky.*\.avc$ 1440 90% 10080 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern kaspersky 1440 90% 10080 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern update.nai.com/.*\.(gem|zip|mcs) 1440 90% 10080 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern ^http:\/\/liveupdate.symantecliveupdate.com.*\(zip) 1440 90% 10080 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
 
#Windows Update
refresh_pattern windowsupdate.com/.*\.(cab|exe) 10080 90% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale 
refresh_pattern update.microsoft.com/.*\.(cab|exe) 10080 90% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale 
refresh_pattern download.microsoft.com/.*\.(cab|exe) 10080 90% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale 
 
#images facebook
refresh_pattern -i \.facebook.com.*\.(jpg|png|gif) 1440 90% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale 
refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3) 1440 90% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale 
refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png) 1440 90% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale 
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png) 1440 90% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale 
 
#games facebook
refresh_pattern ^http:\/\/apps.facebook.com.*\/ 10080 90% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern -i \.zynga.com.*\/ 10080 90% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern -i \.farmville.com.*\/ 10080 90% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern -i \.ninjasaga.com.*\/ 10080 90% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern -i \.mafiawars.com.*\/ 10080 90% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern -i \.crowdstar.com.*\/ 10080 90% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern -i \.popcap.com.*\/ 10080 90% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
 
#banner IIX
refresh_pattern ^http:\/\/openx.*\.(jp(e?g|e|2)|gif|pn[pg]|swf|ico|css|tiff?) 1440 90% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/ads(1|2|3).kompas.com.*\/ 43200 90% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/img.ads.kompas.com.*\/ 43200 90% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern .kompasimages.com.*\.(jpg|gif|png|swf) 43200 90% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/openx.kompas.com.*\/ 43200 90% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern kaskus\.us.*\.(jp(e?g|e|2)|gif|png|swf) 43200 90% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/img.kaskus.us.*\.(jpg|gif|png|swf) 43200 90% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
 
#IIX DOWNLOAD
refresh_pattern ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(mp3|rar|zip|flv|wmv|3gp|mp(4|3)|exe|msi|zip) 43200 90% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale ignore-auth
 
#All File
refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt|kom) 1440 90% 43200 ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar) 1440 90% 43200 ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 1440 999999% 43200 ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 1440 90% 43200 ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 1440 999999% 43200 ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale
 
#ONLINE GAMES

refresh_pattern -i (/cgi-bin/|\?)  0  0%  0
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern ^ftp:           10080   95% 43200 override-lastmod reload-into-ims store-stale
refresh_pattern .               0     95% 43200 override-lastmod reload-into-ims store-stale
 
#THE CACHE 40GB MAX
cache_dir aufs /var/spool/squid 40000 32 512
pid_filename /var/run/squid.pid
coredump_dir /var/spool/squid
error_directory /usr/share/squid/errors/id-id
icon_directory /usr/share/squid/icons
mime_table /etc/squid/mime.conf
visible_hostname Hong.web.id
cache_mgr Ricky@net
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
cache_mem 8 MB
maximum_object_size 200 MB
maximum_object_size_in_memory 32 KB
quick_abort_min 0 KB
quick_abort_max 0 KB
range_offset_limit 0
icap_206_enable off
quick_abort_pct 100
ipcache_size 4096
ipcache_low 98
ipcache_high 99
fqdncache_size 4096
pipeline_prefetch on
shutdown_lifetime 1 second
 
 
#DELAY-POOL
acl download src 192.168.0.1 192.168.0.2 192.168.0.3 192.168.0.4 192.168.0.5 192.168.0.6 192.168.0.7 192.168.0.8 192.168.0.9 192.168.0.10 192.168.0.11 192.168.0.12 192.168.0.13 192.168.0.14 192.168.0.15 192.168.0.100
delay_pools 2
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_class 2 2
delay_parameters 2 -1/128000 19200/128000
delay_access 2 allow download
delay_access 2 deny all
delay_access 1 deny download
delay_access 1 allow all
 
#TIMEOUT
request_timeout 1 minute
negative_ttl 2 minutes
 
cache_effective_user proxy
cache_effective_group proxy
Jika Sudah Restart Squidnya Dengan perintah :
/etc/init.d/squid restart

Tidak ada komentar:

Posting Komentar