INSTALASI DAN KONFIGURASI LUSCA PROXy

(1)

Install squid bawaan CentOS terlebih dahulu

Code:

[root@lusca-proxy ~]# yum install squid Loaded plugins: fastestmirror

Loading mirror speeds from cached hostfile

Resolving Dependencies

--> Running transaction check

---> Package squid.i386 7:2.6.STABLE21-6.el5 set to be updated --> Processing Dependency: perl(URI::URL) for package: squid --> Running transaction check

---> Package perl-URI.noarch 0:1.35-3 set to be updated --> Finished Dependency Resolution

Dependencies Resolved

============================================================================== ==

Package Arch Version Repository Size ============================================================================== ==

Installing:

squid i386 7:2.6.STABLE21-6.el5 base 1.3 M Installing for dependencies:

perl-URI noarch 1.35-3 base 116 k

Transaction Summary

============================================================================== ==

Install 2 Package(s) Upgrade 0 Package(s)

(2)

Setelah terinstall maka kita remove lagi

Code:

[root@lusca-proxy ~]# yum remove squid Loaded plugins: fastestmirror

Setting up Remove Process Resolving Dependencies

---> Package squid.i386 7:2.6.STABLE21-6.el5 set to be erased --> Finished Dependency Resolution

============================================================================== ==

Removing:

squid i386 7:2.6.STABLE21-6.el5 installed 3.5 M

Transaction Summary

============================================================================== ==

Remove 1 Package(s) Reinstall 0 Package(s) Downgrade 0 Package(s)

Is this ok [y/N]: y

Setelah itu kita install paket yang di butuhkan untuk kompilasi LUSCA yaitu :

- automake

- gcc

- glibc-devel

- e2fsprogs-devel

- sharutils

Code:

[root@lusca-proxy ~]# yum install automake gcc glibc-devel e2fsprogs-devel sharutils

Loaded plugins: fastestmirror

Loading mirror speeds from cached hostfile Setting up Install Process

Resolving Dependencies

---> Package automake.noarch 0:1.9.6-2.3.el5 set to be updated --> Processing Dependency: autoconf >= 2.58 for package: automake ---> Package e2fsprogs-devel.i386 0:1.39-23.el5_5.1 set to be updated --> Processing Dependency: e2fsprogs-libs = 1.39-23.el5_5.1 for package:

(3)

---> Package gcc.i386 0:4.1.2-48.el5 set to be updated

--> Processing Dependency: cpp = 4.1.2-48.el5 for package: gcc --> Processing Dependency: libgomp >= 4.1.2-48.el5 for package: gcc ---> Package glibc-devel.i386 0:2.5-49.el5_5.7 set to be updated

--> Processing Dependency: headers = 2.5-49.el5_5.7 for package: glibc-dev el

--> Processing Dependency: glibc = 2.5-49.el5_5.7 for package: glibc-devel --> Processing Dependency: glibc-headers for package: glibc-devel

---> Package sharutils.i386 0:4.6.1-2 set to be updated --> Running transaction check

---> Package autoconf.noarch 0:2.59-12 set to be updated --> Processing Dependency: imake for package: autoconf ---> Package cpp.i386 0:4.1.2-48.el5 set to be updated

--> Processing Dependency: e2fsprogs-libs = 1.39-23.el5 for package: e2fsprogs ---> Package e2fsprogs-libs.i386 0:1.39-23.el5_5.1 set to be updated

--> Processing Dependency: glibc = 2.5-49 for package: nscd ---> Package glibc.i686 0:2.5-49.el5_5.7 set to be updated

--> Processing Dependency: glibc-common = 2.5-49.el5_5.7 for package: glibc ---> Package glibc-headers.i386 0:2.5-49.el5_5.7 set to be updated

--> Processing Dependency: kernel-headers >= 2.2.1 for package: glibc-headers --> Processing Dependency: kernel-headers for package: glibc-headers

---> Package libgomp.i386 0:4.4.0-6.el5 set to be updated --> Running transaction check

---> Package e2fsprogs.i386 0:1.39-23.el5_5.1 set to be updated ---> Package glibc-common.i386 0:2.5-49.el5_5.7 set to be updated ---> Package imake.i386 0:1.0.2-3 set to be updated

---> Package kernel-headers.i386 0:2.6.18-194.26.1.el5 set to be updated ---> Package nscd.i386 0:2.5-49.el5_5.7 set to be updated

--> Finished Dependency Resolution

============================================================================== ==

Installing:

automake noarch 1.9.6-2.3.el5 base 476 k e2fsprogs-devel i386 1.39-23.el5_5.1 updates 569 k gcc i386 4.1.2-48.el5 base 5.2 M glibc-devel i386 2.5-49.el5_5.7 updates 2.0 M sharutils i386 4.6.1-2 base 201 k Installing for dependencies:

autoconf noarch 2.59-12 base 647 k cpp i386 4.1.2-48.el5 base 2.6 M glibc-headers i386 2.5-49.el5_5.7 updates 602 k imake i386 1.0.2-3 base 319 k kernel-headers i386 2.6.18-194.26.1.el5 updates 1.1 M libgomp i386 4.4.0-6.el5 base 70 k Updating for dependencies:

(4)

Transaction Summary

============================================================================== ==

Install 11 Package(s) Upgrade 5 Package(s)

Total download size: 37 M Is this ok [y/N]:y

Duduk tenang selesai install paket-paket di atas kemudian download LUSCA nya dari google

Code:

[root@lusca-proxy ~]#wget http://lusca-cache.googlecode.com/files/LUSCA_HEAD-r14809.tar.gz

Setelah itu di extrak

Code:

[root@lusca-proxy ~]# tar -zxvf LUSCA_HEAD-r14809.tar.gz

Pindah ke dalam direktori lusca, naikkan filedescriptors, dan kemudian configure menggunakan

opsi-opsi di bawah ini

Code:

[root@lusca-proxy ~]# cd LUSCA_HEAD-r14809 [root@lusca-proxy ~]# ulimit -n 8192

[root@lusca-proxy LUSCA_HEAD-r14809]# ./configure --prefix=/usr/local/squid --exec-prefix=/usr/local/squid --enable-delay-pools --enable-cache-digests --enable-poll --enable-linux-netfilter --enable-removal-policies --with-maxfd=8192 --enable-storeio=aufs --disable-wccp --enable-x-accelerator-vary --enable-kill-parent-hack --enable-async-io=30 --disable-ident-lookups

semua file instalasi terletak di /usr/local/squid/ jadi kita tidak akan repot-repot mencari-cari file

squid

Kemudian install

Code:

[root@lusca-proxy LUSCA_HEAD-r14809]# make all && make install

Duduk tenang menunggu instalasi selesai sekarang waktu nya Konfigurasi.

- Pindah ke direktori /usr/local/squid/etc

Code:

[root@lusca-proxy LUSCA_HEAD-r14809]# cd /usr/local/squid/etc/

kemudian config squid nya kaya gini nih,..

Code:

##start of config

http_port 3128 transparent icp_port 0

#icp_port 3130

(5)

#error_directory /usr/share/squid/errors/templates #icon_directory /usr/share/squid/icons

visible_hostname lusca.net cache_mgr admin@localhost access_log /cache1/access.log cache_log /cache1/cache.log cache_store_log none

logfile_rotate 1

shutdown_lifetime 10 seconds

#################################################################### # Allow local network(s) on interface(s)

# Example rule allowing access from your local networks.

# Adapt to list your (internal) IP networks from where browsing # should be allowed

#acl localnet src 10.0.0.0/8 # RFC1918 possible internal network #acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.25.0/24 # RFC1918 possible internal network ####################################################################

uri_whitespace strip #dns_nameservers

#dns_testnames 127.0.0.1

cache_mem 8 MB

maximum_object_size_in_memory 128 MB memory_replacement_policy heap GDSF cache_replacement_policy heap LFUDA

cache_dir aufs /cache1 32768 64 256

minimum_object_size 512 bytes maximum_object_size 128000 KB offline_mode off

cache_swap_low 98 cache_swap_high 99

# No redirector configured

# Setup some default acls acl all src 0.0.0.0/0.0.0.0

acl localhost src 127.0.0.1/255.255.255.255

acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535

acl sslports port 443 563 81 acl manager proto cache_object acl purge method PURGE

acl connect method CONNECT

#acl dynamic urlpath_regex cgi-bin \?

http_access allow manager localhost http_access deny manager

http_access allow purge localhost http_access deny purge

http_access deny !safeports

(6)

# Always allow localhost connections http_access allow localhost

# Allow local network(s) on interface(s) http_access allow localnet

# Default block all to be sure http_access deny all

#include /usr/local/squid/etc/storeurl-el5.pl include /usr/local/squid/etc/tunning.conf

##end of config

terus save.as storeurl.pl

Code:

#!/usr/bin/perl5.8.8

# by chudy_fernandez@yahoo.com # Updates at

http://wiki.squid-cache.org/ConfigExamples/DynamicContent/YouTube/Discussion $|=1;

while (<>) { @X = split;

$X[1] =~ s/&sig=.*//; $x = $X[0] . " "; $_ = $X[1];

$u = $X[1];

# compatibility for old cached get_video?video_id if (m/^http:\/\/([0-9.]

{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com).*? (videoplayback\?id=.*?|video_id=.*?)\&(.*?)/) {

$z = $2; $z =~ s/video_id=/get_video?video_id=/;

print $x . "http://video-srv.youtube.com.SQUIDINTERNAL/" . $z . "\n";

# youtube HD itag=22 } elsif (m/^http:\/\/([0-9.]

{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com).*?\&(itag=22 ).*?\&(id=[a-zA-Z0-9]*)/) {

print $x . "http://video-srv.youtube.com.SQUIDINTERNAL/" . $2 . "&" . $3 . "\n";

# youtube Normal screen always HD itag 35, Normal screen never HD itag 34, itag=18 <--normal?

} elsif (m/^http:\/\/([0-9.]

{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com).*?\&(itag=[0 -9]*).*?\&(id=[a-zA-Z0-9]*)/) {

print $x . "http://video-srv.youtube.com.SQUIDINTERNAL/" . $3 . "\n";

} elsif (m/^http:\/\/www\.google-analytics\.com\/__utm\.gif\?.*/) { print $x . "http://www.google-analytics.com/__utm.gif\n";

(7)

(\.doubleclick\.net|\.quantserve\.com|\.googlesyndication\.com)(.*)/) { $y = $3;$z = $2;

for ($y) {

s/pixel;.*/pixel/;

s/activity;.*/activity/; s/(imgad[^&]*).*/\1/; s/;ord=[?0-9]*//;

s/;&timestamp=[0-9]*//; s/[&?]correlator=[0-9]*//; s/&cookie=[^&]*//;

s/&ga_hid=[^&]*//; s/&u_his=[^&]*//; s/&dt=[^&]*//; s/&lmt=[^&]*//;

s/(&alternate_ad_url=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/; s/(&url=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;

s/(&ref=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/; s/(&cookie=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/; s/[;&?]ord=[?0-9]*//;

s/[;&]mpvid=[^&;]*//; }

print $x . "http://" . $1 . $2 . $y . "\n";

#cache high latency ads } elsif (m/^http:\/\/(.*?)\/(ads)\?(.*?)/) { print $x . "http://" . $1 . "/" . $2 . "\n";

# spicific servers starts here....

} elsif (m/^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*?)/) { print $x . "http://" . $1 . "\n";

# # indowebster added by fahmi[at]airputih.or.id #} elsif (($u =~ /indowebster/) && (m/^http:\/\/www[0-9][0-9]\.indowebster.com.*\/(.*?)/)) {

# print $x . "http://cdn.indowebster.com/" . $2 . "\n";

#cdn, varialble 1st path

} elsif (($u =~ /filehippo/) && (m/^http:\/\/(.*?)\.(.*?)\/(.*?)\/(.*)\.([a-z0-9]{3,4})(\?.*)?/)) {

@y = ($1,$2,$4,$5);

$y[0] =~ s/[a-z0-9]{2,5}/cdn./;

print $x . "http://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";

#rapidshare

} elsif (($u =~ /rapidshare/) && (m/^http:\/\/(([A-Za-z]+[0-9-.]+)*?)([a-z]*\. [^\/]{3}\/[a-z]*\/[0-9]*)\/(.*?)\/([^\/\?\&]{4,})$/)) {

print $x . "http://cdn." . $3 . "/SQUIDINTERNAL/" . $5 . "\n";

} elsif (($u =~ /maxporn/) && (m/^http:\/\/([^\/]*?)\/(.*?)\/([^\/]*?)(\?.*)? $/)) {

print $x . "http://" . $1 . "/SQUIDINTERNAL/" . $3 . "\n";

#like porn hub variables url and center part of the path, filename etention 3 or 4 with or withour ? at the end

(8)

+)*?)\.([a-z]*[0-9]?\.[^\/]{3}\/[a-z]*)(.*?)((\/[a-z]*)?(\/[^\/]*){4}\.[^\/\?] {3,4})(\?.*)?$/)) {

print $x . "http://cdn." . $3 . $5 . "\n"; #...spicific servers end here.

#general purpose for cdn servers. add above your specific servers. } elsif (m/^http:\/\/([0-9.]*?)\/\/(.*?)\.(.*)\?(.*?)/) {

print $x . "http://squid-cdn-url//" . $2 . "." . $3 . "\n";

#for yimg.com doubled

} elsif (m/^http:\/\/(.*?)\.yimg\.com\/(.*?)\.yimg\.com\/(.*?)\?(.*)/) { print $x . "http://cdn.yimg.com/" . $3 . "\n";

#for yimg.com with &sig=

} elsif (m/^http:\/\/(.*?)\.yimg\.com\/(.*)/) { @y = ($1,$2);

$y[0] =~ s/[a-z]+[0-9]+/cdn/; $y[1] =~ s/&sig=.*//;

print $x . "http://" . $y[0] . ".yimg.com/" . $y[1] . "\n";

#generic http://variable.domain.com/path/filename."ext" or "exte" with or withour "?"

} elsif (m/^http:\/\/(.*)([^\.\-]*?\..*?)\/(.*)\.([^\/\?\&]{3,4})(\?.*)?$/) { @y = ($1,$2,$3,$4);

$y[0] =~ s/(([a-zA-A-]+[0-9-]+)|(.*cdn.*)|(.*cache.*))/cdn/;

print $x . "http://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";

# generic http://variable.domain.com/...

} elsif (m/^http:\/\/(([A-Za-z]+[0-9-]+)*?|.*cdn.*|.*cache.*)\.(.*?)\.(.*?)\/ (.*)$/) {

print $x . "http://cdn." . $3 . "." . $4 . "/" . $5 . "\n";

# spicific extention that ends with ?

} elsif (m/^http:\/\/(.*?)\/(.*?)\.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv| on2)\?(.*)/) {

print $x . "http://" . $1 . "/" . $2 . "." . $3 . "\n";

# all that ends with ;

} elsif (m/^http:\/\/(.*?)\/(.*?)\;(.*)/) {

print $x . "http://" . $1 . "/" . $2 . "\n";

} else {

print $x . $_ . "\n"; }

}

save as lagi tunning.conf

Code:

acl store_rewrite_list urlpath_regex \/(get_video|videoplayback\? id|videoplayback.*id)

acl store_rewrite_list urlpath_regex \.(jp(e?g|e|2)|gif|png|tiff?| bmp|ico|flv|wmv|3gp|mp(4|3)|exe|msi|zip|on2|mar)\?

acl store_rewrite_list_domain url_regex ^http:\/\/([a-zA-Z-]+[0-9-] +)\.[A-Za-z]*\.[A-Za-z]*

(9)

acl store_rewrite_list_path urlpath_regex \.(jp(e?g|e|2)|gif|png|tiff?| bmp|ico|flv|avc|zip|mp3|3gp|rar|on2|mar|exe)$

acl store_rewrite_list_domain_CDN url_regex \.rapidshare\.com.*\/[0-9]*\/.*\/[^\/]* ^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*)

\.doubleclick\.net.*

acl store_rewrite_list_domain_CDN url_regex ^http:\/\/[.a-z0-9]*\.photobucket\.com.*\.[a-z]{3}$ quantserve\.com

acl store_rewrite_list_domain_CDN url_regex ^http:\/\/[a-z]+[0-9]\.google\.co(m|\.id)

acl store_rewrite_list_domain_CDN url_regex

^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(rar|zip|flv|wm(a|v)|3gp|mp(4|3)|exe|msi|avi|(mp(e? g|a|e|1|2|3|4))|cab|exe)

acl dontrewrite url_regex redbot\.org \.php acl getmethod method GET

storeurl_access deny dontrewrite storeurl_access deny !getmethod

storeurl_access allow store_rewrite_list_domain_CDN storeurl_access allow store_rewrite_list

storeurl_access allow store_rewrite_list_domain storeurl_access allow store_rewrite_list_path storeurl_access deny all

storeurl_rewrite_program /usr/local/squid/etc/storeurl.pl storeurl_rewrite_children 7

storeurl_rewrite_concurrency 0

# 1 year = 525600 mins, 1 month = 43800 mins

refresh_pattern imeem.*\.flv 0 0% 0 override-lastmod override-expire store-stale

refresh_pattern \.rapidshare.*\/[0-9]*\/.*\/[^\/]* 161280 90% 161280 ignore-reload store-stale

refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale

refresh_pattern (get_video\?|videoplayback\?id|videoplayback.*id|

videodownload\?|\.flv?) 129600 999999% 129600 cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-no- store-stale

#refresh_pattern -i (get_video\?|videoplayback\?id|videoplayback.*id||

videodownload\?|\.flv?) 129600 999999% 129600 cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-no- store-stale

refresh_pattern \.(ico|video-stats) 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth override-lastmod ignore-must-revalidate negative-ttl=10080 store-stale refresh_pattern \.etology\? 129600 999999% 129600 override-expire ignore-reload ignore-no-cache store-stale refresh_pattern galleries\.video(\?|sz) 129600 999999% 129600 override-expire ignore-reload ignore-no-cache store-stale refresh_pattern brazzers\? 129600 999999%

129600 override-expire ignore-reload ignore-no-cache store-stale refresh_pattern \.adtology\? 129600 999999% 129600 override-expire ignore-reload ignore-no-cache store-stale refresh_pattern ^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|

(10)

ad\.trafficmp\.com|ads\.cubics\.com|

refresh_pattern ^.*safebrowsing.*google 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth

ignore-must-revalidate negative-ttl=10080 store-stale

refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.uk) 129600 999999% 129600 override-expire ignore-reload ignore-private store-stale negative-ttl=10080

refresh_pattern ytimg\.com.*\.jpg 129600 999999% 129600 override-expire ignore-reload store-stale

refresh_pattern images\.friendster\.com.*\.(png|gif) 129600 999999% 129600 override-expire ignore-reload store-stale

refresh_pattern garena\.com 129600 999999% 129600 override-expire reload-into-ims store-stale

refresh_pattern photobucket.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 129600 999999% 129600 override-expire ignore-reload store-stale

refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\? 129600 999999% 129600 ignore-no-cache override-expire override-lastmod store-stale

refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif| png) 129600 999999% 129600 reload-into-ims override-expire ignore-private store-stale

refresh_pattern ^http:\/\/images|pics|thumbs[0-9]\. 129600 999999% 129600 reload-into-ims ignore-no-cache ignore-no-store ignore-reload override-expire store-stale

refresh_pattern ^http:\/\/www.onemanga.com.*\/ 129600 999999% 129600 reload-into-ims ignore-no-cache ignore-no-store ignore-reload override-expire store-stale

# ANTI VIRUS

refresh_pattern guru.avg.com/.*\.(bin) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

refresh_pattern (avgate|avira).*(idx|gz)$ 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

refresh_pattern kaspersky.*\.avc$ 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

refresh_pattern kaspersky 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

refresh_pattern update.nai.com/.*\.(gem|zip|mcs) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

refresh_pattern ^http:\/\/liveupdate.symantecliveupdate.com.*\(zip) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

refresh_pattern windowsupdate.com/.*\.(cab|exe)

43200 999999% 129600 no-cache no-store ignore-reload ignore-reload-into-ims store-stale

(11)

refresh_pattern download.microsoft.com/.*\.(cab|exe)

#images facebook

refresh_pattern ((facebook.com)|(85.131.151.39)).*\.(jpg|png|gif) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|

mp3) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png) 12960 0 999999% 129600 ignore-reload override-expire cache ignore-no-store ignore-no-store-stale

refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

#banner IIX

refresh_pattern ^http:\/\/openx.*\.(jp(e?g|e|2)|gif|pn[pg]|swf|ico|css|tiff?) 129600 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

refresh_pattern ^http:\/\/ads(1|2|3).kompas.com.*\/ 43200 99999% 129600 reload-into-ims reload override-expire no-cache ignore-no-store store-stale

refresh_pattern ^http:\/\/img.ads.kompas.com.*\/ 43200 99999% 129600 reload-into-ims ignore-reload override-expire cache ignore-no-store ignore-no-store-stale

refresh_pattern .kompasimages.com.*\.(jpg|gif|png|swf) 43200 99999% 129600 reload-into-ims reload override-expire no-cache ignore-no-store store-stale

refresh_pattern ^http:\/\/openx.kompas.com.*\/ 43200 99999% 129600 reload-into-ims ignore-reload override-expire cache ignore-no-store ignore-no-store-stale

refresh_pattern kaskus.\us.*\.(jp(e?g|e|2)|gif|png|swf) 43200 99999% 129600 reload-into-ims reload override-expire no-cache ignore-no-store store-stale

refresh_pattern ^http:\/\/img.kaskus.us.*\.(jpg|gif|png|swf) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

#IIX DOWNLOAD

refresh_pattern ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(mp3|rar|zip| flv|wmv|3gp|mp(4|3)|exe|msi|zip) 43200 99999% 129600 reload-into-ims reload override-expire no-cache no-store store-stale ignore-auth

#All File

refresh_pattern -i

\.(3gp|7z|ace|asx|avi|bin|cab|dat|deb|divx|dvr-ms) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale

refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|

v)) 129600 999999% 129600 no-cache no-store ignore-private override-expire override-lastmod reload-into-ims store-stale

(12)

129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale

refresh_pattern -i \.(mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rar| rm|r(a|p)m|snd|vob|wav) 129600 999999% 129600 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims store-stale

refresh_pattern -i \.(pp(s|t)|wax|wm(a|v)|wmx|wpl|zip|cb(r|z|t)) 129600 999999% 43200 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims store-stale

refresh_pattern (cgi-bin|\?) 0 0% 0 refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern ^ftp: 10080 95% 43200 override-lastmod reload-into-ims store-stale

refresh_pattern . 180 95% 43200 override-lastmod reload-into-ims store-stale

global_internal_static off max_stale 10 years

retry_on_error on buffered_logs on read_ahead_gap 32 KB

header_access Accept-Encoding deny all client_persistent_connections off

server_persistent_connections on half_closed_clients off

strip_query_terms off quick_abort_min 0 KB quick_abort_max 0 KB quick_abort_pct 100 vary_ignore_expire on reload_into_ims on pipeline_prefetch on #range_offset_limit 50 KB read_timeout 30 minutes client_lifetime 6 hours negative_ttl 30 seconds positive_dns_ttl 6 hours negative_dns_ttl 60 seconds pconn_timeout 15 seconds request_timeout 1 minute store_avg_object_size 13 KB log_icp_queries off

ipcache_size 16384 ipcache_low 98 ipcache_high 99 log_fqdn off

fqdncache_size 16384 memory_pools off forwarded_for on

zph_mode tos zph_local 0x30 zph_parent 0 zph_option 136

(13)

cachemgr_passwd none all client_db on

max_filedescriptors 4096 n_aiops_threads 24

#client_socksize 16 MB load_check_stopen on load_check_stcreate on

download_fastest_client_speed on

– Buat direktori untuk nampung cache di /cache1,

– kemudian ubah permission nya untuk squid

– kemudian ubah permission file tunning.conf dan storeurl.pl agar bisa di exekusi

Code:

[root@lusca-proxy etc]# mkdir /cache1

[root@lusca-proxy etc]# chown squid:squid /cache1

[root@lusca-proxy etc]# chmod 777 tunning.conf storeurl.pl

Building cache dir squid

Code:

[root@lusca-proxy etc]# /usr/local/squid/sbin/squid -z

edit localnet pada squid.conf. sesuaikan network client kita :

potongan squid.conf

Code:

[root@lusca-proxy etc]# nano -c squid.conf ...

#################################################################### # Allow local network(s) on interface(s)

# Example rule allowing access from your local networks.

# Adapt to list your (internal) IP networks from where browsing # should be allowed

#acl localnet src 10.0.0.0/8 # RFC1918 possible internal network #acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 7.7.9.0/24 # RFC1918 possible internal network ####################################################################

Cek apakah ada config error di squid dan apabila tidak ada error Jalankan squid sebagai daemon

Code:

[root@lusca-proxy etc]# /usr/local/squid/sbin/squid -k parse [root@lusca-proxy etc]# /usr/local/squid/sbin/squid -NDd1 &

Testing. Silahkan arahkan browser menggunakan proxy ke server LUSCA dengan port 3128

Code:

[root@lusca-proxy etc]# tail -f /cache1/access.log

catatan :

buat ngecek idup apa ngga di nmap saja liat port nya kebuka atau ngga

jika ketemu error Filedescriptors blabla, edit di file

Code:

(14)

pada bagian paling atas

Code:

#!/usr/bin/perl5.8.8 <===== edit menjadi "#!/usr/bin/perl" tanpa tanda kutip

# by chudy_fernandez@yahoo.com # Updates at

http://wiki.squid-cache.org/ConfigExamples/DynamicContent/YouTube/D iscussion

$|=1;

...

untuk menjalankan lusca setiap abis restart secara otomatis ketik perintah ini di console

Code:

[root@lusca-proxy ~]# echo "/usr/local/squid/sbin/squid -NDd1 &" >> /etc/rc.local