Download Latest Version
patch.tar.gz (3.3 kB)
Get an email when there's a new version of proxy-helper
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| squid | 2013-10-05 | 3.7 kB | |
| README.md | 2013-10-05 | 14.2 kB | |
| squid.conf | 2013-09-29 | 9.3 kB | |
| inComum.conf | 2013-09-29 | 8.2 kB | |
| inComum | 2013-09-29 | 86.4 kB | |
| inComum.0.4RC.tar.gz | 2013-09-28 | 53.7 kB | |
| LUSCA_HEAD-patch.tar.gz | 2013-09-27 | 9.9 kB | |
| LUSCA_HEAD-r14809.tar.gz | 2013-09-27 | 2.3 MB | |
| storeurl.pl | 2013-09-27 | 8.9 kB | |
| Totals: 9 Items | 2.5 MB | 2 | |
Installasi PROXY SERVER LUSCA
Installasi paket standart
apt-get -y install gcc build-essential sharutils ccze automake1.9 make apt-get install squid /etc/init.d/squid stop
why squid? installasi squid adalah cara paling sederhana untuk membuat squid yg autorun dan untuk keperluan defendensi. Hanya bisa berjalan di Debian karena default squid menggunakan versi 2.7 (ubuntu menggunakan versi 3).
Ssl only
apt-get -y install zlib1g-dev libreadline-dev libssl-dev libcurl4-openssl-dev
Install Lusca
cd /usr/src wget http://aarnet.dl.sourceforge.net/project/proxyhelper/lusca-head/LUSCA_HEAD-r14809.tar.gz; tar xzvf LUSCA_HEAD-r14809.tar.gz; chmod 777 LUSCA_HEAD-r14809; cd LUSCA_HEAD-r14809; wget http://aarnet.dl.sourceforge.net/project/proxyhelper/lusca-head/LUSCA_HEAD-patch.tar.gz; tar -xvzf LUSCA_HEAD-patch.tar.gz; patch -p0 < 3xx-loop.diff; patch -p0 < async-issue.diff; patch -p0 < http-gzip.diff; patch -p0 < ignore-must-revalidate.diff; patch -p0 < improve-nn-parser.diff; patch -p0 < lusca-vary.diff; patch -p0 < segmentation-fault.diff ./bootstrap.sh
configure squid
./configure --prefix=/usr --exec_prefix=/usr \ --bindir=/usr/sbin --sbindir=/usr/sbin \ --libexecdir=/usr/lib/squid --sysconfdir=/etc/squid \ --localstatedir=/var/spool/squid \ --datadir=/usr/share/squid --enable-async-io --with-pthreads \ --enable-storeio=aufs,coss,null --enable-linux-netfilter \ --enable-arp-acl --enable-epoll --enable-removal-policies=lru,heap \ --enable-snmp --enable-delay-pools --enable-cache-digests \ --enable-referer-log --enable-useragent-log \ --with-aio --with-dl --enable-cache-digests \ --enable-stacktraces --enable-truncate \ --with-large-files --enable-http-violations \ --enable-follow-x-forwarded-for \ --enable-large-cache-files --enable-stacktraces \ --enable-truncate --disable-ssl \ --disable-select --disable-poll \ --disable-unlinkd --disable-dependency-tracking \ --disable-htcp --disable-auth --disable-ident-lookups \ --disable-wccp --disable-wccpv2 --with-maxfd=65536 \ --build=amd64-debian-linux --host=amd64-debian-linux \ --target=amd64-debian-linux build_alias=amd64-debian-linux \ host_alias=amd64-debian-linux target_alias=amd64-debian-linux
Jika tidak ada error
make; make install
untuk suport SSL ganti --disable-ssl
--enable-ssl --with-openssl=/usr/lib
lokasi --with-openssl=/usr/lib option
find / -name libssl.so*
Jika perlu tproxy
apt-get install libcap2-dev dan tambahkan "--enable-linux-tproxy4"
Bagian ini sesuaikan dengan versi linux
--build=amd64-debian-linux --host=amd64-debian-linux \ --target=amd64-debian-linux build_alias=amd64-debian-linux \ host_alias=amd64-debian-linux target_alias=amd64-debian-linux
rename or delete old config
rm /etc/squid/squid.conf touch /etc/squid/squid.conf chmod +x /etc/squid/squid.conf chown proxy.proxy /etc/squid/squid.conf
nano /etc/squid/squid.conf or echo or download
download simple config tanpa ssl dan tproxy
wget http://aarnet.dl.sourceforge.net/project/proxyhelper/lusca-head/squid.conf
echo
echo "http_port 3128 transparent pid_filename /var/run/squid.pid cache_effective_user proxy cache_effective_group proxy error_directory /usr/share/squid/errors/English icon_directory /usr/share/squid/icons visible_hostname www.hade.war.net cache_mgr admin@localhost access_log /var/log/squid/access.log cache_log /var/log/squid/cache.log cache_store_log none logfile_rotate 1 shutdown_lifetime 10 seconds cache_mem 128 MB maximum_object_size_in_memory 32 KB memory_replacement_policy heap GDSF cache_replacement_policy heap LFUDA cache_dir aufs /cache-1 15000 20 256 dns_nameservers 8.8.8.8 8.8.4.4 dns_testnames 127.0.0.1 minimum_object_size 128 bytes maximum_object_size 128000 KB offline_mode off cache_swap_low 98 cache_swap_high 99 acl all src 0.0.0.0/0.0.0.0 acl localhost src 127.0.0.1/255.255.255.255 acl Safe_ports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535 acl SSL_ports port 443 563 81 acl manager proto cache_object acl purge method PURGE acl connect method CONNECT acl snmppublic snmp_community public acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9] acl apache rep_header Server ^Apache acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network # include /etc/squid/inComum.conf broken_vary_encoding allow apache upgrade_http0.9 deny shoutcast http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access allow localnet # Default block all to be sure http_access deny all # REFRESH PATTERN TUNNING refresh_pattern \.gemscool.com.*\.(exe|dll|cab|zip|iop|npz|swf)$ 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale refresh_pattern \.crossfire.web.id.*\.(cab|zip|exe|rar|dat|swf)$ 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale refresh_pattern \.cabalonline.co.id.*\.(cab|zip|exe|rar|dat|swf) 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale refresh_pattern \.megaxus.com.*\.(cab|zip|exe|rar|dat|swf) 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale refresh_pattern \.lytogame.com.*\.(cab|zip|exe|rar|dat|swf) 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale refresh_pattern -i \/speedtest\/.*\.(txt|jpg|png|swf) 0 99% 14400 override-expire ignore-reload ignore-private ignore-reload override-lastmod reload-into-ims refresh_pattern .pixieimage\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 1440 99% 14400 override-expire ignore-reload ignore-private ignore-reload override-lastmod reload-into-ims refresh_pattern .blogspot\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 1440 99% 14400 override-expire ignore-reload ignore-private ignore-reload override-lastmod reload-into-ims refresh_pattern .multiply\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 1440 99% 14400 override-expire ignore-reload ignore-private ignore-reload override-lastmod reload-into-ims refresh_pattern .((pikawarnet\.com)|(blogspot\.com)|(pixieimage\.com)|(multiply\.com)).* 60 30% 240 # sensitive site refresh_pattern -i \.(sc-|dl-|ex-|mh-|dll|da-) 0 2% 50 reload-into-ims refresh_pattern -i \.(mst|Xtp|iop)$ 0 50% 1440 reload-into-ims refresh_pattern -i (index.php|autoup.exe|main.exe|xtrap.xt|autoupgrade.exe|update.exe|grandchase.exe|FSLauncher.exe|FreeStyle_Setup.exe|grandchase.exe|filelist.zip)$ 0 50% 1440 refresh_pattern -i (UpdaterModifier.exe|FreeStyle.exe|PBLauncher.exe|update.exe|NewLauncher.exe|NewAvalon.exe|hon.exe.zip|cabal.exe)$ 0 50% 1440 refresh_pattern -i (PointBlank.exe.zip|HSUpdate.exe.zip|PBConfig.exe.zip) 0 50% 1440 refresh_pattern -i (wks_avira-win32-en-pecl.info.gz|wks_avira10-win32-en-pecl.info.gz|servers.def.vpx)$ 0 50% 1440 refresh_pattern -i (setup.exe.gz|avscan.exe.gz|avguard.exe.gz|filelist.zip|AvaClient.exe) 0 50% 1440 refresh_pattern -i (livescore.com|goal.com|bobet) 0 50% 60 # Facebook refresh_pattern \.facebook\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 1440 99% 14400 override-expire ignore-reload ignore-private refresh_pattern \.facebook\.com.* 240 50% 480 refresh_pattern \.fbcdn\.net.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 1440 99% 14400 override-expire ignore-reload ignore-private store-stale refresh_pattern \.gstatic\.com/images\? 1440 99% 14400 override-expire override-lastmod ignore-reload ignore-private ignore-must-revalidate refresh_pattern \.(akamaihd|edgecastcdn|spilcdn|zgncdn|(tw|y|yt)img)\.com.*\.(jp(e?g|e|2)|gif|png|swf|mp(3|4)) 1440 99% 14400 override-expire override-lastmod ignore-reload ignore-private refresh_pattern (gstatic|diggstatic)\.com/.* 1440 99% 14400 override-expire ignore-reload ignore-private refresh_pattern (photobucket|pbsrc|flickr|yimg|ytimg|twimg|gravatar)\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 1440 99% 14400 override-expire ignore-reload ignore-private refresh_pattern (zynga|ninjasaga|mafiawars|cityville|farmville|crowdstar|spilcdn|agame|popcap)\.com/.* 1440 99% 14400 override-expire ignore-reload ignore-private refresh_pattern ^http:\/\/images|image|img|pics|openx|thumbs[0-9]\. 1440 99% 14400 override-expire ignore-reload ignore-private refresh_pattern ^.*safebrowsing.*google 1440 99% 14400 override-expire ignore-reload ignore-private ignore-auth ignore-must-revalidate refresh_pattern ^http://.*\.squid\.internal\/.* 10080 100% 79900 override-expire override-lastmod ignore-reload ignore-no-store ignore-must-revalidate ignore-private ignore-auth max-stale=10000 store-stale refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv\?|\.fid\?) 43200 99% 43200 override-expire ignore-reload ignore-must-revalidate ignore-private # ads refresh_pattern ^.*(streamate.doublepimp.com.*\.js\?|utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 1440 99% 14400 ignore-private override-expire ignore-reload ignore-auth negative-ttl=40320 max-stale=1440 refresh_pattern \.(ico|video-stats) 1440 99% 14400 override-expire ignore-reload ignore-private ignore-auth override-lastmod ignore-must-revalidate refresh_pattern ^http://((cbk|mt|khm|mlt|tbn)[0-9]?)\.google\.co(m|\.uk|\.id) 1440 99% 14400 override-expire override-lastmod ignore-reload ignore-private ignore-auth ignore-must-revalidate refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\? 1440 99% 14400 override-expire override-lastmod refresh_pattern galleries\.video(\?|sz) 1440 99% 14400 override-expire ignore-reload ignore-must-revalidate ignore-private refresh_pattern \.wikimapia\.org\/? 1440 99% 14400 override-expire override-lastmod ignore-reload ignore-private # Generic files refresh_pattern \.(jp(e?g|e|2)|tiff?|bmp|gif|png) 2629742 999999% 2629742 override-expire ignore-no-cache ignore-no-store reload-into-ims ignore-private store-stale refresh_pattern \.(z(ip|[0-9]{2})|r(ar|[0-9]{2})|jar|bz2|gz|tar|rpm|vpu) 2629742 999999% 2629742 override-expire reload-into-ims store-stale ignore-must-revalidate refresh_pattern \.(mp3|wav|og(g|a)|flac|midi?|rm|aac|wma|mka|ape) 2629742 999999% 2629742 override-expire reload-into-ims ignore-reload ignore-must-revalidate store-stale refresh_pattern \.(kom|nzp|iop|exe|msi|dmg|bin|xpi|iso|swf|mar|psf|cab) 2629742 999999% 2629742 override-expire reload-into-ims ignore-no-cache ignore-must-revalidate store-stale refresh_pattern \.(mpeg|ra?m|avi|mp(g|e|4)|mov|divx|asf|wmv|m\dv|rv|vob|asx|ogm|flv|3gp|on2) 2629742 9999999% 2629742 override-expire reload-into-ims ignore-must-revalidate ignore-private ignore-no-store store-stale refresh_pattern -i (mrtg|graph) 0 0% 0 refresh_pattern -i \.(php|lst|ui|ini|list)$ 0 0% 0 refresh_pattern (update.ini|Update.ini|version.list|Version.list|update.1st|update.exe|autoup.exe) 0 0% 0 refresh_pattern (hackshield|nprotect) 240 100% 420 override-expire override-lastmod reload-into-ims refresh_pattern -i .(html|htm|css|js)$ 1440 75% 40320 refresh_pattern -i .index.(html|htm)$ 0 75% 10080 refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (cgi-bin|hackshield|xtrap|Loader|login) 0 0% 0 refresh_pattern \.(php|jsp|cgi|asx|js|jsp)\? 0 0% 0 refresh_pattern . 0 50% 2629742 store-stale # flow qos mark HIT zph_mode tos zph_local 0x30 zph_parent 0 zph_option 136 # SNMP enable for MRTG snmp_port 3401 snmp_access allow snmppublic all # Option Tunning max_filedescriptors 65536 range_offset_limit 128 KB read_ahead_gap 32 KB reload_into_ims on strip_query_terms on negative_dns_ttl 1 second negative_ttl 1 second maximum_single_addr_tries 2 retry_on_error on vary_ignore_expire on client_db on ipcache_size 10240 fqdncache_size 1024 pipeline_prefetch on half_closed_clients off buffered_logs on download_fastest_client_speed off n_aiops_threads 32" >> /etc/squid/squid.conf
terakhir
mkdir /cache-1; chown proxy.proxy /cache-1; chmod -R 777 /cache-1; squid -z; reboot
Jika mau ditambah inComum uncomment
include /etc/squid/inComum.conf
Install inComum
cd /usr/src wget http://aarnet.dl.sourceforge.net/project/proxyhelper/lusca-head/inComum.0.4RC.tar.gz tar xzvf inComum.0.4RC.tar.gz cd /usr/src/inComum/incomum-code make all cp ./inComum /usr/lib/squid/ cd /etc/squid/ wget http://aarnet.dl.sourceforge.net/project/proxyhelper/lusca-head/inComum.conf chmod +x /usr/lib/squid/inComum chown proxy.proxy /usr/lib/squid/inComum chown proxy.proxy /etc/squid/inComum.conf
