[TUTORIAL] High Performance Cache HIT Proxy Lusca
on Ubuntu Server + Configurasi Router MikroTik
Posted by Eko Apriadi Monday, March 4, 2013 17 comments
Video Install Ubuntu Server 10.04 and use Manual Partition
Type Size Location FileSystem Mount BootFlag Mount Option
Primary 25 GB Beginning ext4 / noatime [*] Primary 2 GB Beginning swap swap
Paket Install yang di Butuhkan
root@proxy:~# apt-get update
root@proxy:~# apt-get install squid -y
root@proxy:~# apt-get install squid squidclient squid-cgi -y root@proxy:~# apt-get install gcc -y
root@proxy:~# apt-get install build-essential -y root@proxy:~# apt-get install sharutils -y root@proxy:~# apt-get install ccze -y root@proxy:~# apt-get install libzip-dev -y root@proxy:~# apt-get install automake1.9 -y
Download File LUSCA_HEAD-r14809.tar.gz dengan cara sebagai berikut:
root@proxy:~# wget http://lusca-cache.googlecode.com/files/LUSCA_HEAD-r14809.tar.gz
root@proxy:~# tar xzvf LUSCA_HEAD-r14809.tar.gz root@proxy:~# cd LUSCA_HEAD-r14809
Perintah Install Compile File LUSCA_HEAD-r14809
./configure --prefix=/usr --exec_prefix=/usr --bindir=/usr/sbin --sbindir=/usr/sbin --libexecdir=/usr/lib/squid --sysconfdir=/etc/squid --localstatedir=/var/spool/squid
--datadir=/usr/share/squid --enable-http-gzip --enable-async-io=24 --with-aufs-threads=24 --with-pthreads storeio=aufs linux-netfilter arp-acl --enable-epoll --enable-removal-policies=heap --with-aio --with-dl --enable-snmp --enable-delay-pools --enable-htcp --enable-cache-digests --disable-unlinkd --enable-large-cache-files --with-large-files --enable-err-languages=English --enable-default-err-language=English --with-maxfd=65536 && make && make install
Setelah selesai andaDownload File >>--> Squid.conf
# Pada Terminal Ketik "/etc/init.d/squid stop".
Kemudian Buat Listing File storeurl Sebelumnya Download File >>--> Storeurl.pl
touch /etc/squid/storeurl.pl chmod +x /etc/squid/storeurl.pl
Buka storeurl.pl dengan winscp dan isikan dengan Script storeurl.pl yang telah anda download
Kemudian pada menu Terminal pada software putty ketik " /etc/init.d/squid stop " Masih pada menu Terminal pada software , copy-paste perintah di bawah satu-persatu
root@proxy:~# chown proxy:proxy /cache chmod 777 /cache
chown proxy:proxy /etc/squid/storeurl.pl chmod 777 /etc/squid/storeurl.pl
/etc/init.d/squid restart
Restart Komputer Kamu Monitoring Squid access.log :
root@proxy:~# tail -f /var/log/squid/access.log | ccze
=========================
PAKET INSTALL TAMBAHAN
=========================
Kalau sudah selesai anda setting mikrotiknya seperti dibawah ini : Masukkan ini di mangle :
;;; Intl-conn
/ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=packet-intl passthrough=no
/ip firewall mangle add chain=output action=mark-packet new-packet-mark=packet-intl passthrough=no
;;; PROXY-HIT
/ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=proxy-hit passthrough=no dscp=12
;;; http-conn
/ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=http-conn passthrough=yes protocol=tcp dst-port=80
/ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=http passthrough=yes connection-mark=http-conn
;;; https-conn
;;; CHANGE MMS
/ip firewall mangle add chain=forward action=change-mss new-mss=1440 tcp-flags=syn protocol=tcp in-interface=public tcp-mss=1441-65535
IP FIREWALL ADDRESS-LIST : ;;; LocalNet
LocalNet 192.168.2.0/24 — IP local sesuaikan dengan IP lokal anda
;;; PROXY
ProxyNet 192.168.2.0/24 -- IP network Proxy
DNS 202.134.1.10 -- sesuaikan DNS ISP anda DNS 202.134.0.155 -- sesuaikan DNS ISP anda GAMES 63.241.101.0/25
GAMES 74.114.8.0/21
IP FIREWALL NAT : ;;; Nat Proxy
/ip firewall add chain=dstnat action=dst-nat to-addresses=192.168.2.20 to-ports=3128 protocol=tcp src-address=!192.168.2.20 src-address-list=LocalNet dst-address-list=! ProxyNet dst-port=80,8080,3128
connection-mark=http-conn
;;; Added by webbox
/ip firewall add chain=srcnat action=masquerade out-interface=ether1-gateway
;;; Proxy Out
/ip firewall add chain=srcnat action=src-nat to-addresses=IP INTERNET ANDA/IP PUBLIC misalnya 192.168.1.2 src-address=IP LOKAL ANDA misalnya 192.168.2.1 /ip firewall add chain=dstnat action=dst-nat to-ports=53 protocol=udp dst-port=53
;;; SSH
/ip firewall add chain=dstnat action=dst-nat to-addresses=192.168.1.2 to-ports=22 protocol=tcp dst-address=IP INTERNET ANDA/IP PUBLIC dst-port=22,10000
;;; queue tree
/queue tree add name="A_HIT-Proxy" parent=lan packet-mark=proxy-hit limit-at=0 queue=default priority=8 max-limit=0 burst-limit=0 \
burst-threshold=0 burst-time=0s
Categories: Download, Linux, Lusca, Mikrotik, Networking, Squid, Tips dan Trik, Tutorial, Ubuntu