Monday, January 29, 2007

Setting Squid di Ubuntu 6.0.6

Eh Kettemu lagi kita sekarang coba lagi deh
1. Langkah pertama pasti kita download dulu pasti
# apt-get install squid ( inilah indahnya Ubuntu (jangan ditulis ya))
2. Biar aman kita copy squid.conf nya biar aman men buat jaga2
# cp /etc/squid/squid.conf /etc/squid/squid.conf.asli.men
3. Bikin folder dulu dengan nama /cache dengan perintah
# cd /
# mkdir /cache
sekarang rubah kepemilikannya biar bisa di baca tulis
# chmod 777 -R 777 /cache
tapi aku saran kan sih untuk /cache nya dipisah dari sistem biar enak mungkin dengan contoh sebagai berikut

/ = 5000M, /cache 2000M, /usr=1500M /tmp=500M /var=500M

tapi untuk = / terserah anda tergantung banyak tidak instalan

4. Sekarang untuk masanya setting squid

# vi /etc/squid/squid.conf

5. Untuk konfigurasi nya atau listing bisa copy yang dibawah ini

#
#
#
# Squid configuration for non transparent proxy
# by Muhammad Rifqi dan di edit oleh rullyuu (sedikit aja sih tapi udah minta izin kok sama masrifqi)
# http://rullyuu11.multiply.com
# rullyuu11@yahoo.com
#
# ^__^
#
#
http_port 3128
icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
#=======================================================$
#CACHE MEM
#=======================================================$
cache_mem 6 MB
cache_swap_low 98
cache_swap_high 99
maximum_object_size 32 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 128 KB
ipcache_size 2048
ipcache_low 98
ipcache_high 99
#=======================================================$
#CACHE OPTION
#=======================================================$
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_dir aufs /cache 1200 16 256
cache_access_log /dev/null
cache_log /dev/null
cache_store_log /dev/null
log_fqdn off
log_icp_queries off
#=======================================================$
#AUTH
#=======================================================$
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
#=======================================================$
#UPLOAD LIMIT
#=======================================================$
request_body_max_size 1000 KB
#=======================================================$
#REFRESH PATERN
#=======================================================$
refresh_pattern \.gif 4320 50% 43200
refresh_pattern \.jpg 4320 50% 43200
refresh_pattern \.tif 4320 50% 43200
refresh_pattern \.png 4320 50% 43200
refresh_pattern \.jpeg 4320 50% 43200
refresh_pattern ^http://www.friendster.com/.* 720 100% 4320
refresh_pattern ^http://mail.yahoo.com/.* 720 100% 4320
refresh_pattern ^http://*.yahoo.*/.* 720 100% 4320
refresh_pattern ^http://*.yimg.*/.* 720 100% 4320
refresh_pattern ^http://*.gmail.*/.* 720 100% 4320
refresh_pattern ^http://*.google.*/.* 720 100% 4320
refresh_pattern ^http://*korea.*/.* 720 100% 4320
refresh_pattern ^http://*.akamai.*/.* 720 100% 4320
refresh_pattern ^http://*.windowsmedia.*/.* 720 100% 4320
refresh_pattern ^http://*.googlesyndication.*/.* 720 100% 4320
refresh_pattern ^http://*.plasa.*/.* 720 100% 4320
refresh_pattern ^http://*.telkom.*/.* 720 100% 4320
#refresh_pattern ^ftp: 10080 95% 40320 reload-into-ims override-lastmod
#refresh_pattern . 0 20% 4320 reload-into-ims override-lastmod
refresh_pattern ^ftp:  10080 95% 241920 reload-into-ims override-lastmod
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern .  180 95% 120960 reload-into-ims override-lastmod
#============================================================$
#Quick Abort
#============================================================$
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 98
#============================================================$
#Access Control List
#============================================================$
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl lan src 192.168.1.0/24
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80  # http
acl Safe_ports port 21  # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70  # gopher
acl Safe_ports port 210  # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280  # http-mgmt
acl Safe_ports port 488  # gss-http
acl Safe_ports port 591  # filemaker
acl Safe_ports port 777  # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access allow lan
http_access deny manager
#======================================================$
# Deny requests to unknown ports
#======================================================$
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
http_reply_access allow all
icp_access allow all
icp_access allow lan
#======================================================$
#DELAY POOLS
#======================================================$
acl nolimit url_regex -i 192.168.1.1
acl limit url_regex -i ftp .exe .mpeg .mp3 .zip .rar .avi .mpg .wav .dat .mid .midi .iso .3gp .wmv .mp4 .rv .tgz .tar .tar.gz .rpm .iso
delay_pools 2
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow nolimit
delay_class 2 2
delay_parameters 2 5000/256000 5000/256000
delay_access 2 allow limit
#======================================================$
#OTHER
#======================================================$
coredump_dir /var/lib/squid/cache
query_icmp off
shutdown_lifetime 10 seconds
reload_into_ims on
pipeline_prefetch on
ie_refresh off
vary_ignore_expire on
cache_mgr rullyuu11@yahoo.com
logfile_rotate 10
memory_pools off

6. #squid -k reconfigure
7. #squid -z
untuk bikin swap directory
8. Sekarang kita restart squidnya
#/etc/init.d/squid/squid restart
9. Selamat squid nya udah jalan sekarang tinggal setting di client untuk web browsingnya
10. Selamat mencoba untuk kedpannya nanti kita bahas menganai transparan proxi
Posted by at No comments:

Sharing Internet Di Linux

cari file namanya rc.local (biasanya di /etc/rc.d/rc.local atau /etc/init.d/rc.local) lalu tambahkan baris berikut.

# Ganti device pakai sambungan Internet: ppp0, eth0 atau eth1
DEVICE=ppp0

# Ini jalur INTERNAL ke INTERNET
iptables -A FORWARD -o $DEVICE -i ! $DEVICE -j ACCEPT

# In jalur balik dari INTERNET
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -A FORWARD -f  -j ACCEPT

# Ini rahasianya internet sharing
iptables -t nat -A POSTROUTING -o $DEVICE -j MASQUERADE

# dan ini pembuka gateway-nya.
echo "1" > /proc/sys/net/ipv4/ip_forward

Kalau udah selesai simpan dan reboot linux mu
Posted by at No comments:

DHCP Setting di Ubuntu 6.0.6

Setting Dhcp di ubuntu gampang
1. apt-get install dhcp3-server
2. cp /etc/dhcp3/dhcpd.conf /etc/dhcp3/dhcpd.conf_orig
Kita copy dhcp.conf biar aman setelah di copy baru kita bermain-main dengan konfigurasinya.

3. vi /etc/dhcp3/dhcpd.conf
Kita edit dhcpnya biar enak kamu hapus aja deh semua atau kamu copy aja listing dibawah ini 
ddns-update-style none;

option domain-name-servers 145.253.2.75, 193.174.32.18; #kamu ganti dengan dns kamu/yang dikasih dari isp

default-lease-time 86400;
max-lease-time 604800;

authoritative;

subnet 192.168.0.0 netmask 255.255.255.0 {
       range 192.168.0.200 192.168.0.229;
       option subnet-mask 255.255.255.0;
       option broadcast-address 192.168.0.255;
       option routers 192.168.0.1;
}
4. Kalau untuk jaringannya terserah kamu aja deh dari mana dan sampai mana

5. Setelah kamu simpan sekarang kita restart dhcpnya
etc/init.d/dhcp3-server restart

6. UNtuk ngecek apakah jalan DHCP Kita

ps aux

atau pakai

tail -n 100 /var/log/syslog

vi /var/lib/dhcp3/dhcpd.leases

7. Kalau mau melakukan sharing secara statis biar kita enak mengetahui aktifitas user yang dikehendaki pakai perintah berikut aja

host neon {
option host-name "neon";
hardware ethernet 00:A0:AD:7B:99:AA;
fixed-adderss 192.168.0.200;
}

8.Jadi deh Selamat mencoba deh
Posted by at No comments:
Subscribe to: Comments (Atom)