Config setelah Install FreeBSD Proxy Server

Langsung aja kita ambil alat masak sama bumbunya, yang pasti ports sudah terupdate dan kernel sudah tercompile ( gak di compile juga gapapa kalo cuman jadi proxy server ).

Yang kudu kita lakuin adalah melakukan instalasi squid , di sini Saya pake Squid 2.7-STABLE9. Selama ini Saya ngrasain versi ini sudah cukup 

Code:

#cd /usr/ports/shells/bash && make BATCH=yes install clean; \
#cd /usr/ports/editors/nano && make BATCH=yes install clean; \
#cd /usr/ports/security/sudo && make BATCH=yes install clean; \
#cd /usr/ports/www/squid && make BATCH=yes install clean; \
#cd /usr/ports/net/ifstat && make BATCH=yes install clean; \
#cd /usr/ports/ftp/wget && make BATCH=yes install clean; \

Biarin dah sampe selese, kalo uda selese kita lanjoott….

Rubah dulu shell kita

Code:

#chsh -s bash; rehash; bash

Rubah editor jadi nano, capek kalo pake ee

Code:

#ee /root/.bashrc

tambahkan

Code:

export EDITOR=nano

Install Squidnya

Code:

#pkg_delete squid-2.7.9

download squid versi terbaru, misal :

Code:

#wget http://202.57.29.252/download/squid/2.7/squid-2.7.STABLE9.tar.gz
#tar -zxvf squid-2.7.STABLE9.tar.gz
#cd squid-2.7.STABLE9
#./configure '--enable-http-violations' '--sysconfdir=/etc/squid' '--enable-gnuregex' \
'--enable-removal-policies=lru,heap' '--enable-storeio=null,diskd,ufs,aufs' '--enable-delay-pools' \
'--disable-cache-digests' '--disable-wccp' '--disable-wccpv2' '--enable-underscores' \
'--enable-pf-transparent' '--enable-auth=basic' '--enable-basic-auth-helpers=NCSA' \
'--disable-follow-x-forwarded-for' '--enable-large-cache-files' '--enable-default-languages=English' \
'--enable-err-languages=English' '--disable-ssl' '--disable-ident-lookups' '--disable-hostname-checks' \
'--enable-async-io' '--with-pthreads' '--with-aio' '--disable-htcp' '--enable-icp' '--enable-poll' \
'--with-large-files' '--with-maxfd=65536'
#make && make install clean

edit configurasi => squid.conf

Code:

#rm /etc/squid/squid.conf
#nano /etc/squid/squid.conf

squid.conf kaya gini boss…

Code:

http_port 127.0.0.1:8080 transparent
http_port 192.168.0.1:8080
server_http11 on

dns_nameservers 127.0.0.1 202.134.1.10

dead_peer_timeout 30 seconds
peer_connect_timeout 30 seconds
icp_query_timeout 5000

acl QUERY urlpath_regex cgi-bin \?
acl nocache-domain dstdomain .login.yahoo.com
cache deny QUERY
cache deny nocache-domain

always_direct allow nocache-domain
always_direct allow QUERY

cache_mem 64 MB
cache_dir aufs /cache01 11000 64 128
cache_dir aufs /cache02 11000 64 128

maximum_object_size 100 MB
minimum_object_size 4 KB
maximum_object_size_in_memory 16 KB
ipcache_size 4096
fqdncache_size 4096

cache_access_log none
cache_log /var/squid/logs/cache.log
cache_store_log none
pid_filename /var/squid/logs/squid.pid

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i \.gif$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.jpg$ 10080 100% 43200 ignore-reload ignore-no-cache ignore-private
refresh_pattern -i \.jpeg$ 10080 100% 43200 ignore-reload ignore-no-cache ignore-private
refresh_pattern -i \.bmp$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.css$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.mid$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.wav$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.ico$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.yim$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.jar$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.ldict$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.swf$ 10080 100% 43200 ignore-reload ignore-no-cache ignore-private
refresh_pattern -i \.cab$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.js$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.exe$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.tgz$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.tar$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.rar$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.zip$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.iso$ 10080 100% 43200 reload-into-ims ignore-no-cache ignore-private
refresh_pattern . 10 100% 10080 reload-into-ims

negative_ttl 5 minutes
positive_dns_ttl 6 hours
negative_dns_ttl 1 minute

connect_timeout 60 seconds
request_timeout 3 minutes
persistent_request_timeout 1 minute
read_timeout 15 minutes
client_lifetime 1 day
half_closed_clients off
pconn_timeout 2 minutes
shutdown_lifetime 1 seconds

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl user src 192.168.0.0/24

http_access allow user
http_access deny all

http_reply_access allow user
http_reply_access deny all

icp_access allow user
icp_access deny all

miss_access allow user
miss_access deny all

cache_mgr kramotak@kamarkotor.web.id
cache_effective_user _squid
cache_effective_group _squid
visible_hostname proxy.warnetku
coredump_dir /cache01

forwarded_for off
log_icp_queries off

via off

server_persistent_connections on
client_persistent_connections on

###KHUSUS PROXY EXT. MIKROTIK####
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136

Code:

#mkdir /var/squid
#mkdir /var/squid/logs
#chmod 777 /var/squid/logs/
#chmod 777 /cache01
#chmod 777 /cache02
#chmod 777 /cache03
#chmod 777 /cache04
#chmod 777 /cache05
#chmod 777 /cache06

Jalankan Squidnya

Code:

#/usr/local/squid/sbin/squid -z

#/usr/local/squid/sbin/squid -D