Berikut
ini cara install Lusca Proxy dan Tunning nya
1.
Linux yang di gunakan adalah CentOS 5.5 dengan settingan default alias standar.
2. Install squid bawaan CentOS terlebih dahulu menggunakan “YUM” dan kemudian remove kembali.
Karena
asli nya LUSCA adalah pengembangan squid, maka untuk memasukkan
paket-paket yang di butuhkan LUSCA cara yang paling cepat adalah
dengan menginstall squid dan kemudian me-remove nya kembali
[root@lusca-proxy
~]# yum
install squid
Loaded
plugins: fastestmirror
Loading
mirror speeds from cached hostfile
addons
| 951 B 00:00
addons/primary
| 202 B 00:00
base
| 2.1 kB
00:00
base/primary_db
| 1.6 MB 00:02
extras
| 2.1 kB
00:00
extras/primary_db
| 188 kB 00:00
updates
| 1.9 kB 00:00
updates/primary_db
| 840 kB 00:01
Setting
up Install Process
Resolving
Dependencies
-->
Running transaction check
--->
Package squid.i386 7:2.6.STABLE21-6.el5 set to be updated
-->
Processing Dependency: perl(URI::URL) for package: squid
-->
Running transaction check
--->
Package perl-URI.noarch 0:1.35-3 set to be updated
-->
Finished Dependency Resolution
Dependencies
Resolved
================================================================================
Package
Arch Version Repository
Size
================================================================================
Installing:
squid
i386 7:2.6.STABLE21-6.el5 base
1.3 M
Installing
for dependencies:
perl-URI
noarch 1.35-3 base
116 k
Transaction
Summary
================================================================================
Install
2 Package(s)
Upgrade
0 Package(s)
Total
download size: 1.4 M
Is
this ok [y/N]: y
4.
Setelah terinstall maka kita remove lagi
[root@lusca-proxy
~]# yum
remove squid
Loaded
plugins: fastestmirror
Setting
up Remove Process
Resolving
Dependencies
-->
Running transaction check
--->
Package squid.i386 7:2.6.STABLE21-6.el5 set to be erased
-->
Finished Dependency Resolution
Dependencies
Resolved
================================================================================
Package
Arch Version Repository
Size
================================================================================
Removing:
squid
i386 7:2.6.STABLE21-6.el5 installed
3.5 M
Transaction
Summary
================================================================================
Remove
1 Package(s)
Reinstall
0 Package(s)
Downgrade
0 Package(s)
Is
this ok [y/N]: y
5.
Setelah itu kita install paket yang di butuhkan untuk kompilasi LUSCA
yaitu :
-
automake
-
gcc
-
glibc-devel
-
e2fsprogs-devel
-
sharutils
[root@lusca-proxy
~]# yum
install automake gcc glibc-devel e2fsprogs-devel sharutils
Loaded
plugins: fastestmirror
Loading
mirror speeds from cached hostfile
Setting
up Install Process
Resolving
Dependencies
-->
Running transaction check
--->
Package automake.noarch 0:1.9.6-2.3.el5 set to be updated
-->
Processing Dependency: autoconf >= 2.58 for package: automake
--->
Package e2fsprogs-devel.i386 0:1.39-23.el5_5.1 set to be updated
-->
Processing Dependency: e2fsprogs-libs = 1.39-23.el5_5.1 for package:
e2fspro
gs-devel
--->
Package gcc.i386 0:4.1.2-48.el5 set to be updated
-->
Processing Dependency: cpp = 4.1.2-48.el5 for package: gcc
-->
Processing Dependency: libgomp >= 4.1.2-48.el5 for package: gcc
--->
Package glibc-devel.i386 0:2.5-49.el5_5.7 set to be updated
-->
Processing Dependency: glibc-headers = 2.5-49.el5_5.7 for package:
glibc-dev
el
-->
Processing Dependency: glibc = 2.5-49.el5_5.7 for package:
glibc-devel
-->
Processing Dependency: glibc-headers for package: glibc-devel
--->
Package sharutils.i386 0:4.6.1-2 set to be updated
-->
Running transaction check
--->
Package autoconf.noarch 0:2.59-12 set to be updated
-->
Processing Dependency: imake for package: autoconf
--->
Package cpp.i386 0:4.1.2-48.el5 set to be updated
-->
Processing Dependency: e2fsprogs-libs = 1.39-23.el5 for package:
e2fsprogs
--->
Package e2fsprogs-libs.i386 0:1.39-23.el5_5.1 set to be updated
-->
Processing Dependency: glibc = 2.5-49 for package: nscd
--->
Package glibc.i686 0:2.5-49.el5_5.7 set to be updated
-->
Processing Dependency: glibc-common = 2.5-49.el5_5.7 for package:
glibc
--->
Package glibc-headers.i386 0:2.5-49.el5_5.7 set to be updated
-->
Processing Dependency: kernel-headers >= 2.2.1 for package:
glibc-headers
-->
Processing Dependency: kernel-headers for package: glibc-headers
--->
Package libgomp.i386 0:4.4.0-6.el5 set to be updated
-->
Running transaction check
--->
Package e2fsprogs.i386 0:1.39-23.el5_5.1 set to be updated
--->
Package glibc-common.i386 0:2.5-49.el5_5.7 set to be updated
--->
Package imake.i386 0:1.0.2-3 set to be updated
--->
Package kernel-headers.i386 0:2.6.18-194.26.1.el5 set to be updated
--->
Package nscd.i386 0:2.5-49.el5_5.7 set to be updated
-->
Finished Dependency Resolution
Dependencies
Resolved
================================================================================
Package
Arch Version Repository
Size
================================================================================
Installing:
automake
noarch 1.9.6-2.3.el5 base
476 k
e2fsprogs-devel
i386 1.39-23.el5_5.1 updates 569 k
gcc
i386 4.1.2-48.el5
base 5.2 M
glibc-devel
i386 2.5-49.el5_5.7 updates
2.0 M
sharutils
i386 4.6.1-2 base
201 k
Installing
for dependencies:
autoconf
noarch 2.59-12 base
647 k
cpp
i386 4.1.2-48.el5
base 2.6 M
glibc-headers
i386 2.5-49.el5_5.7 updates 602 k
imake
i386 1.0.2-3
base 319 k
kernel-headers
i386 2.6.18-194.26.1.el5 updates 1.1 M
libgomp
i386 4.4.0-6.el5 base
70 k
Updating
for dependencies:
e2fsprogs
i386 1.39-23.el5_5.1 updates
977 k
e2fsprogs-libs
i386 1.39-23.el5_5.1 updates 118 k
glibc
i686 2.5-49.el5_5.7
updates 5.3 M
glibc-common
i386 2.5-49.el5_5.7 updates 16 M
nscd
i386 2.5-49.el5_5.7
updates 166 k
Transaction
Summary
================================================================================
Install
11 Package(s)
Upgrade
5 Package(s)
Total
download size: 37 M
Is
this ok [y/N]:y
6.
Duduk tenang selesai install paket-paket di atas kemudian download
LUSCA nya dari google
[root@lusca-proxy
~]#wget
http://lusca-cache.googlecode.com/files/LUSCA_HEAD-r14809.tar.gz
7.
Setelah itu di extrak
[root@lusca-proxy
~]# tar
-zxvf LUSCA_HEAD-r14809.tar.gz
8.
Pindah ke dalam direktori lusca, naikkan filedescriptors, dan
kemudian configure menggunakan opsi-opsi di bawah ini
[root@lusca-proxy
~]# cd
LUSCA_HEAD-r14809
[root@lusca-proxy
~]# ulimit
-n 8192
[root@lusca-proxy
LUSCA_HEAD-r14809]#
./configure --prefix=/usr/local/squid --exec-prefix=/usr/local/squid
--enable-delay-pools --enable-cache-digests --enable-poll
--enable-linux-netfilter --enable-removal-policies --with-maxfd=8192
--enable-storeio=aufs --disable-wccp --enable-x-accelerator-vary
--enable-kill-parent-hack --enable-async-io=30
--disable-ident-lookups
semua
file instalasi terletak di /usr/local/squid/ jadi kita tidak akan
repot-repot mencari-cari file squid
9.
Kemudian install
[root@lusca-proxy
LUSCA_HEAD-r14809]# make
all && make install
10.
Duduk tenang menunggu instalasi selesai sekarang waktu nya
Konfigurasi.
-
Pindah ke direktori /usr/local/squid/etc
[root@lusca-proxy
LUSCA_HEAD-r14809]# cd
/usr/local/squid/etc/
-
ambil file squid.conf menggunakan wget dari website ini
[root@lusca-proxy
etc]# wget
http://www.hendraarif.web.id/wp-content/uploads/2011/02/squid.conf
--2011-02-25
01:43:23--
http://www.hendraarif.web.id/wp-content/uploads/2011/02/squid.conf
Resolving
www.hendraarif.web.id... 192.168.0.137
Connecting
to www.hendraarif.web.id|192.168.0.137|:80... connected.
HTTP
request sent, awaiting response... 200 OK
Length:
2141 (2.1K) [text/plain]
Saving
to: `squid.conf.1'
100%[====================================================>]
2,141 --.-K/s in 0s
2011-02-25
01:43:23 (207 MB/s) - `squid.conf.1' saved [2141/2141]
11.
copy squid.conf.1 ke squid.conf
[root@lusca-proxy
etc]# cp
squid.conf.1 squid.conf
cp:
overwrite `squid.conf'? y
12.
ambil storeurl di website ini :
[root@lusca-proxy
etc]# wget
http://www.hendraarif.web.id/wp-content/uploads/2011/02/storeurl.pl
--2011-02-25
01:46:35--
http://www.hendraarif.web.id/wp-content/uploads/2011/02/storeurl.pl
Resolving
www.hendraarif.web.id... 192.168.0.137
Connecting
to www.hendraarif.web.id|192.168.0.137|:80... connected.
HTTP
request sent, awaiting response... 200 OK
Length:
4799 (4.7K) [text/plain]
Saving
to: `storeurl.pl'
100%[====================================================>]
4,799 --.-K/s in 0s
2011-02-25
01:46:35 (311 MB/s) - `storeurl.pl' saved [4799/4799]
13.
Ambil file tunning.conf di website ini
[root@lusca-proxy
etc]# wget
http://www.hendraarif.web.id/wp-content/uploads/2011/02/tunning.conf
--2011-02-25
01:48:16--
http://www.hendraarif.web.id/wp-content/uploads/2011/02/tunning.conf
Resolving
www.hendraarif.web.id... 192.168.0.137
Connecting
to www.hendraarif.web.id|192.168.0.137|:80... connected.
HTTP
request sent, awaiting response... 200 OK
Length:
11047 (11K) [text/plain]
Saving
to: `tunning.conf'
100%[============================================================>]
11,047 --.-K/s in 0s
2011-02-25
01:48:16 (425 MB/s) - `tunning.conf' saved [11047/11047]
14.
– Buat direktori untuk nampung cache di /cache1,
– kemudian
ubah permission nya untuk squid
– kemudian
ubah permission file tunning.conf dan storeurl.pl agar bisa di
exekusi
[root@lusca-proxy
etc]# mkdir
/cache1
[root@lusca-proxy
etc]# chown
squid:squid /cache1
[root@lusca-proxy
etc]# chmod
777 tunning.conf storeurl.pl
15.
Building cache dir squid
[root@lusca-proxy
etc]# /usr/local/squid/sbin/squid
-z
16.
edit localnet pada squid.conf. sesuaikan network client kita :
potongan
squid.conf
......
[root@lusca-proxy
etc]# nano
-c squid.conf
.......................
####################################################################
#
Allow local network(s) on interface(s)
#
Example rule allowing access from your local networks.
#
Adapt to list your (internal) IP networks from where browsing
#
should be allowed
#acl
localnet src 10.0.0.0/8 # RFC1918 possible internal network
#acl
localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl
localnet src 7.7.9.0/24 # RFC1918 possible internal network
####################################################################
17.
Cek apakah ada config error di squid dan apabila tidak ada error
Jalankan squid sebagai daemon
[root@lusca-proxy
etc]# /usr/local/squid/sbin/squid
-k parse
[root@lusca-proxy
etc]# /usr/local/squid/sbin/squid
-NDd1 &
18.
Testing. Silahkan arahkan browser menggunakan proxy ke server LUSCA
dengan port 3128
[root@lusca-proxy
etc]# tail
-f /cache1/access.log
1298574413.127
154 7.7.9.2 TCP_MISS/302 839 GET
http://www.google.com/search?q=wordpress+file+upload+plugins&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a
- DIRECT/209.85.175.147 text/html
1298574413.813
365 7.7.9.2 TCP_MISS/200 14796 GET
http://www.google.co.id/search?q=wordpress+file+upload+plugins&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a
- DIRECT/209.85.175.103 text/html
1298574414.419
122 7.7.9.2 TCP_MISS/204 267 GET
http://clients1.google.co.id/generate_204 - DIRECT/209.85.175.113
text/html
1298574414.838
106 7.7.9.2 TCP_MISS/204 357 GET
http://www.google.co.id/csi?v=3&s=web&action=&e=17259,17311,27495,28454,28589,28903,28940&ei=3qpmTchQhvCtB6LhqNoK&expi=17259,17311,27495,28454,28589,28903,28940&imc=4&imn=4&imp=0&rt=xjsls.417,prt.419,xjses.484,xjsee.549,xjs.568,ol.869,iml.419
- DIRECT/209.85.175.99 text/html
1298574424.075
2804 7.7.9.2 TCP_MISS/200 547 POST
http://www.hendraarif.web.id/wp-admin/admin-ajax.php -
DIRECT/192.168.0.137 text/xml
Perlu
di ingat tunning hardware berbanding terbalik dengan kemampuan
hardware. jika di paksa bekerja terlalu keras maka alat akan cepat
rusak.
update
catatan
:
1.
buat ngecek idup apa ngga di nmap saja liat port nya kebuka atau ngga
2.
jika ketemu error Filedescriptors blabla, edit di file
[root@lusca-proxy
~]# nano
-c /usr/local/squid/etc/storeurl.pl
pada
bagian paling atas
#!/usr/bin/perl5.8.8
<===== edit menjadi "#!/usr/bin/perl"
tanpa tanda kutip
# by
chudy_fernandez@yahoo.com
#
Updates at
http://wiki.squid-cache.org/ConfigExamples/DynamicContent/YouTube/D
iscussion
$|=1;
.............................
3.
untuk menjalankan lusca setiap abis restart secara otomatis ketik
perintah ini di console
[root@lusca-proxy
~]# echo
"/usr/local/squid/sbin/squid -NDd1 &" >>
/etc/rc.local
Beres
deh... gampang kan ? selamat mencoba
Tidak ada komentar:
Posting Komentar