SERVER

Thursday, 3 October 2013

MEMBERSIHKAN CACHE PROXY MANUAL

Sebenarnya cache proxy tidak perlu di kosongkan, karena secara otomatis akan

menghapus sendiri cache yang sudah lama jika mencapai parameter tertentu,

tetapi adakalanya kita ingin membersihkan cache secara manual

1. Matikan squid yang sedang berjalan

Code:

#service squid stop

2. Bersihkan cache nya

Code:

#rm –rf /direktori_cache
Contoh : # rm –rf /var/spool/squid

3. Buat swapnya lagi

Code:

#squid –z

4. Jalankan squid

Code:

#service squid start

Selesai ... :D

See more at: http://www.mr-ekoapriadi.net

SETTING MIKROTIK UNTUK GAME ONLINE DAN BROWSING

19:13 setting dasar mikrotik, setting mikrotik, setting mikrotik watnet No comments

Pada tutor kali ini saya coba uraikan settingan mikrotik untuk game online dicampur dengan kepentingan browsing agar berjalan serasi dan seimbang.

Note:

Script di bawah hanya berjalan pada mikrotik versi 3.30 ke atas. Bandwidth yang diimplementasikan 1Mbps/256Kbps

SET INTERFACE MIKROTIK

/interface
set 1 name= Public

set 2 name= Local

SET IP ADDRESS

/ip address
add address=192.168.1.1/24 interface=Public

add address=192.168.0.0/24 interface=Local

SET ROUTE

/ip route
add gateway=192.168.1.1

SET DNS

/ip dns
set primary-dns=8.8.8.8,222.124.204.34,202.134.0.155
set allow-remote-requests=yes

SET NAT

/ip fi nat
add chain=srcnat action=masquerade out-interface= Public

ROUTING UNTUK GAME ONLINE:

/ip firewall mangle \
add action=mark-connection chain=prerouting \
comment="GAME ONLINE" dst-port=\
"1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6001,6000-6152,7777" \
new-connection-mark="zar-goc" passthrough=yes protocol=tcp
/ip firewall mangle \
add action=mark-connection chain=prerouting \
disabled=no dst-port="7341-7350,7451,8085,9600,9601-9602,9300,9400,9700,93\
76-9377,10001-10011,40000" \
new-connection-mark="zar-goc" passthrough=yes protocol=tcp
/ip firewall mangle \
add action=mark-connection chain=prerouting \
dst-port="10009,13008,16666,28012,11011-11041,10402,11031,12011,12110,13413,15000-15002,15001,15002" \
new-connection-mark="zar-goc" \
passthrough=yes protocol=tcp
/ip firewall mangle \
add action=mark-connection chain=prerouting \
disabled=no dst-port="16402-16502,18901-18909,19000,19101,22100,27780,29000,29200,39100,39110,39220,39190,49100" \
new-connection-mark="zar-goc" passthrough=yes protocol=tcp
/ip firewall mangle \
add action=mark-connection chain=prerouting \
dst-port=14009-14010 new-connection-mark="zar-goc" \
passthrough=yes protocol=tcp
/ip firewall mangle \
add action=mark-connection chain=prerouting \
dst-port="1293,1479,6100-6152,7777-7977,9401,9600-9602,12020-12080,30000,40000-40010" \
new-connection-mark="zar-goc" passthrough=yes protocol=udp
/ip firewall mangle \
add action=mark-connection chain=prerouting \
dst-port=42051-42052,11100-11125,11440-11460 \
new-connection-mark="zar-goc" passthrough=yes protocol=udp
/ip firewall mangle \
add action=mark-connection chain=prerouting \
dst-port=14009-14010 new-connection-mark="zar-goc" \
passthrough=yes protocol=udp

GAME DIBUAT PREROUTING AGAR TIDAK BERLIKU DI TUBUH ROUTER

/ip firewall mangle \
add action=mark-packet chain=prerouting \
connection-mark="zar-goc" \
new-packet-mark="zar-gopd" passthrough=no

INI ROUTING UNTUK GAME FACEBOOK

/ip firewall mangle \
add action=mark-connection chain=prerouting \
comment="GAME FACEBOOK" dst-port=843,9339 \
new-connection-mark="zar-gfc" passthrough=yes \
protocol=tcp
/ip firewall mangle \
add action=mark-packet chain=forward \
connection-mark="zar-gfc" disabled=no \
dst-address=192.168.0.0/24 new-packet-mark="zar-gfpd" \
passthrough=no
/ip firewall mangle \
add action=mark-packet chain=forward \
connection-mark="zar-gfc" new-packet-mark="zar-gfpu"\
passthrough=no src-address=192.168.0.0/24

PCQ UNTUK SPEED BAGI RATA

/queue type \
add kind=pcq name=DOWN \
pcq-classifier=dst-address,dst-port
/queue type \
add kind=pcq name=UP \
pcq-classifier=src-address,src-port

INI QUEUE UNTUK GAME ONLINE

/queue tree \
add name="2.GAME DOWN" \
parent=global-out priority=2
/queue tree \
add name="3.GAME UPLOAD" \
parent= ether2-Widuri priority=2
/queue tree \
add name="1.GAME ONLINE DOWN" \
packet-mark="zar-gopd" \
parent="2.GAME DOWN" priority=2 queue=DOWN
/queue tree \
add max-limit=256000 \
name="2.GAME FACEBOOK DOWN" \
packet-mark="zar-gfpd" \
parent="2.GAME DOWN" priority=3 queue=DOWN
/queue tree \
add name="1.GAME ONLINE UPLOAD" \
packet-mark="zar-gopd" \
parent="3.GAME UPLOAD" priority=2 queue=UP
/queue tree \
add limit-at=0 max-limit=128000 \
name="2.GAME FACEBOOK UPLOAD" \
packet-mark="zar-gfpu" \
parent="3.GAME UPLOAD" priority=3 queue=UP

LIMIT FILE EXTENSI, SEPERTI .EXE .RAR .YOUTUBE, DLL

/ip firewall layer7-protocol
add name="YOUTUBE DOWNLOAD" \
regexp="http/(0\\.9|1\\.0|1\\.1) \
[\\x09-\\x0d ][1-5][0-9][0-9] \
[\\x09-\\x0d -~]*(content-type: video)"
add name=EXE regexp="\\.(exe)"
add name=RAR regexp="\\.(rar)"
add name=ZIP regexp="\\.(zip)"
add name=7z regexp="\\.(7z)"
add name=WMV regexp="\\.(wmv)"
add name=MPG regexp="\\.(mpg)"
add name=MPEG regexp="\\.(mpeg)"
add name=AVI regexp="\\.(avi)"
add name=FLV regexp="\\.(flv)"
add name=WAV regexp="\\.(wav)"
add name=MP3 regexp="\\.(mp3)"
add name=MP4 regexp="\\.(mp4)"
add name=ISO regexp="\\.(iso)"
add name=3GP regexp="\\.(3gp)"
add name=MOV regexp="\\.(mov)"
add name=MKV regexp="\\.(mkv)"
add name="YOUTUBE STREAMING" regexp=youtube
add name=PORN regexp=porn
add name=TUBE regexp=tube
add name=VIDEO regexp=video
add name=MOVIE regexp=movie

ROUTING UNTUK EXTENSI

/ip firewall mangle
add action=mark-packet chain=forward \
comment="LIMIT EXTENTION" disabled=no \
layer7-protocol="YOUTUBE DOWNLOAD" \
new-packet-mark="YOUTUBE DOWNLOAD" \
passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol="YOUTUBE STREAMING" \
new-packet-mark="YOUTUBE STREAMING" \
passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=TUBE \
new-packet-mark=PORN1 passthrough=no
add action=mark-packet chain=forward disabled=no \
layer7-protocol=PORN \
new-packet-mark=PORN2 passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=VIDEO \
new-packet-mark=PORN3 passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MOVIE \
new-packet-mark=PORN4 passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MKV \
new-packet-mark=MKV passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MP3 \
new-packet-mark=MP3 passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MP4 \
new-packet-mark=MP4 passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=ZIP \
new-packet-mark=ZIP passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=EXE \
new-packet-mark=EXE passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=FLV \
new-packet-mark=FLV passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=ISO \
new-packet-mark=ISO passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MOV \
new-packet-mark=MOV passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MPEG \
new-packet-mark=MPEG passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=MPG \
new-packet-mark=MPG passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=RAR \
new-packet-mark=RAR passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=WAV \
new-packet-mark=WAV passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=WMV \
new-packet-mark=WMV passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=ISO \
new-packet-mark=3GP passthrough=no
add action=mark-packet chain=forward \
disabled=no layer7-protocol=7z \
new-packet-mark=7z passthrough=no

ROUTING UNTUK BROWSING (DOWNLOAD/UPLOAD)

/ip firewall mangle \
add action=mark-connection chain=prerouting \
comment=HTTP dst-port=21,80 \
new-connection-mark="browsing-con" passthrough=yes protocol=tcp
/ip firewall mangle \
add action=mark-packet chain=forward \
connection-mark="browsing-con" disabled=no \
dst-address=192.168.0.0/24 \
new-packet-mark="download" passthrough=no
/ip firewall mangle \
add action=mark-packet chain=forward \
connection-mark="browsing-con" disabled=no \
new-packet-mark="upload" \
passthrough=no src-address=192.168.0.0/24

INI QUEUE UNTUK KEGIATAN BROWSING-DOWNLOAD-UPLOAD

/queue tree \
add max-limit=128000 \
name="UPLOAD-BROWSING" \
packet-mark="upload" parent=Public \
priority=4 queue=UP
/queue tree \
add max-limit=750000 \
name="1.2 HTTP-DOWN" \
parent=global-out priority=2
/queue tree \
add max-limit=750000 \
name="1.3 BROWSING DOWN" \
packet-mark="download" \
parent="1.2 HTTP-DOWN" \
priority=4 queue=DOWN
/queue tree \
add max-limit=512000 \
name="1.4 LIMIT EXTENTION" \
parent="1.2 HTTP-DOWN" priority=5
/queue tree
add name=YOUTUBE \
parent="1.4 LIMIT EXTENTION" priority=5
add name="YOUTUBE STREAMING" \
packet-mark="YOUTUBE STREAMING" \
parent=YOUTUBE priority=5 queue=DOWN
add name=MKV packet-mark=MKV \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=MP3 packet-mark=MP3 \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=MP4 packet-mark=MP4 \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=ZIP packet-mark=ZIP \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=EXE packet-mark=EXE \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=ISO packet-mark=ISO \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=AVI packet-mark=AVI \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=MOV packet-mark=MOV \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=MPEG packet-mark=MPEG \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=MPG packet-mark=MPG \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=RAR packet-mark=RAR \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=WAV packet-mark=WAV \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=WMV packet-mark=WMV \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=3GP packet-mark=3GP \
parent="1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=7z packet-mark=7z \
parent="1.4 LIMIT EXTENTION" priority=5 \
queue=DOWN
add name="YOUTUBE DOWNLOAD" \
packet-mark="YOUTUBE DOWNLOAD" \
parent=YOUTUBE priority=5 queue=DOWN
add name=PORN \
parent="1.4 LIMIT EXTENTION" priority=5
add name=PORN1 \
packet-mark=PORN1 parent=PORN \
priority=5 queue=DOWN
add name=PORN2 packet-mark=PORN2 \
parent=PORN priority=5 queue=DOWN
add name=PORN3 packet-mark=PORN3 \
parent=PORN priority=5 queue=DOWN
add name="MIVO TV" \
packet-mark="MIVO TV" parent=\
"1.4 LIMIT EXTENTION" \
priority=5 queue=DOWN
add name=PORN4 packet-mark=PORN4 \
parent=PORN priority=5 queue=DOWN

Catatan:

Game online dirouting langsung ke alamat port game online dan menggunakan bandwith maksimal (unlimited) karena tidak terlalu memakan bandwith sekalipun game PB hanya butuh koneksi dengan trafic yang mulus.
Browsing dirouting pada port 80 dan 21 dan diberikan bandwith maksimal 750Kbps untuk download dan 128Kbps untuk upload dan tidak boleh melebihi dari itu atau game online akan nge-lag.
Limit Extensi dirouting berdasarkan layer 7 protocol dan diberikan maksimal bandwidth 512Kbps dan tidak boleh lebih dari itu atau browsing dan game online akan terganggu.

PERHATIAN:
Tutorial di atas untuk 10 PC saja dengan Bandwidthnya 1Mbps,. Jika PC lebih dari 10 dan BW tetap 1 MBPS, maka pada queue tree download menjadi 512Kbps dan limit extensi menjadi 256Kbps.
Jika mempunyai BW 2Mbps ke atas, silahkan 2x lipatkan saja pada queue tree-nya atau gunakan logika anda sendiri.

Terimakasih kepada warnet-speedy.blogspot.com

Cara install Webmin di Ubuntu Proxy Server 12.04 LTS

20:14 proxy server, ubuntu 12.04, webmin No comments

Webmin adalah user friendly dan antarmuka berbasis web untuk administrasi sistem ringan untuk linux / unix. berjalan pada browser yang mendukung tabel dan bentuk (dan Jawa untuk modul File Manager). webmin memungkinkan Anda untuk Mengelola dan mengkonfigurasi account pengguna, server Web, server DNS, Squid Server, server DHCP file sharing dll

Webmin terdiri dari sebuah server web sederhana, dan sejumlah program CGI yang langsung memperbarui sistem file seperti / etc / inetd.conf dan / etc / passwd. Web server dan semua program CGI yang ditulis dalam Perl versi 5, dan tidak menggunakan modul Perl non-standar

Instalasi Webmin Pada Ubuntu Server 12.04 LTS

Dalam tutorial ini saya akan menunjukkan Anda bagaimana untuk menginstal webmin di ubuntu server yang 12,04, Ada dua metode untuk menginstal webmin. Metode 1: menginstal melalui APT, metode 2: Instalasi manual. sebelum menginstal webmin Anda harus terlebih dahulu menginstal beberapa perpustakaan perl terkait yang dibutuhkan oleh webmin:

sudo apt-get install perl libnet-ssleay-perl libauthen-pam-perl libpam-runtime

openssl libio-pty-perl apt-show-versions python

Method 1: Install webmin via APT

sudo -i

Tambahkan repositori Webmin di ubuntu server dengan perintah berikut

cat >> /etc/apt/sources.list <<-EOF
deb http://download.webmin.com/download/repository sarge contrib
deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib
EOF

Logout dari root:

exit

Impor kunci GPG, Update source list kemudian instal webmin

wget http://www.webmin.com/jcameron-key.asc && sudo apt-key add jcameron-key.asc

sudo apt-get update
sudo apt-get install webmin

Method 2: Installing Manualy

Download terbaru webmin arsip (ini mungkin berubah dalam waktu) dan memilih paket debian

wget http://www.webmin.com/download/deb/webmin-current.deb

Install webmin dengan perintah berikut:

sudo dpkg --install webmin-current.deb

untuk mengakses webmin buka browser Anda dan masukkan: http://host:10000/

Reverensi : http://ubuntuserverguide.com

Lusca sebagai Proxy Server di Ubuntu Server 12.04

17:55 Lusca, proxy server, ubuntu 12.04 1 comment

Panduan ini akan menunjukkan Anda bagaimana untuk menginstal dan mengkonfigurasi server proxy dengan lusca di Ubuntu Server 12.04. Lusca adalah garpu dari Squid-2 perkembangan pohon. Proyek Lusca bertujuan untuk memperbaiki kekurangan dalam Squid-2 basis kode sementara mempertahankan fungsi Squid-2 dan stabilitas. Proyek ini menyediakan ada Squid-2 pengguna dengan jalur migrasi ke basis kode aktif dikembangkan dan pengguna baru dengan, produk software diprediksi stabil untuk menyebarkan - lusca.org.Instalasi dan konfigurasi dari lusca di Ubuntu Server 12,04 sangat mudah. Sekarang, paket Lusca tersedia pada repositori ubuntu resmi. Lusca dianjurkan diinstal pada instalasi segar ubuntu server.Langkah-langkah Instalasi dan Konfigurasi Lusca sebagai Proxy Server di Ubuntu Server 12.04

Langkah 1.

Install Ubuntu Server 12.04 dan menggunakan partisi secara manual dengan tabel partisi berikut (Dalam hal ini saya harus 250 GB HDD dan RAM 4 GB)

Type	Size	Location	FileSystem	Mount
Primary	30 GB	Beginning	ext4	/
Primary	500 MB	Beginning	ext4	/boot
Primary	8192 MB	Beginning	swap	swap
Logical	25 GB	End	btrfs	/cache-1
Logical	25 GB	End	btrfs	/cache-2
Logical	25 GB	End	btrfs	/cache-3
Logical	25 GB	End	btrfs	/cache-4
Logical	25 GB	End	btrfs	/cache-5
Logical	46 GB	End	ext4	/home
Logical	5 GB	End	ext4	/opt
Logical	5 GB	End	ext4	/srv
Logical	5 GB	End	ext4	/tmp
Logical	5 GB	End	ext4	/usr
Logical	5 GB	End	ext4	/usr/local

Langkah 2.
Pastikan Anda update paket ubuntu dan program yang diinstal.

sudo apt-get update -y && sudo apt-get upgrade -y

Langkah 3.
Instal Lusca dan paket lainnya

sudo apt-get install lusca squidclient squid-cgi ccze

Langkah 4.
Buat file konfigurasi lusca:

sudo /etc/lusca/squid.conf /etc/lusca/squid.conf.original

sudo touch /etc/lusca/squid.conf

sudo nano /etc/lusca/squid.conf

Gunakan File Konfigurasi Lusca berikut:


#=============================================
# Port and Transparent
#=============================================
http_port 3128 transparent
server_http11 on
icp_port 0
#=============================================
# Lusca Cache Directory
#=============================================
cache_dir aufs /cache-1/ 25000 15 256
cache_dir aufs /cache-2/ 25000 15 256
cache_dir aufs /cache-3/ 25000 15 256
cache_dir aufs /cache-4/ 25000 15 256
cache_dir aufs /cache-5/ 25000 15 256
cache_replacement_policy heap LFUDA
memory_replacement_policy heap LFUDA
#=============================================
# Lusca Log Options
#=============================================
emulate_httpd_log on
logformat squid %tl %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
log_fqdn off
logfile_rotate 14
debug_options ALL,1
cache_access_log /var/log/lusca/access.log
cache_log /var/log/lusca/cache.log
cache_store_log /var/log/lusca/store.log
#=============================================
# DNS and FTP option
#=============================================
#I used DNSAMSQ service for fast dns resolving
#so install by using "apt-get install dnsmasq" first
dns_nameservers 192.168.4.1 127.0.0.1 221.132.112.8
ftp_user anonymous@
ftp_list_width 32
ftp_passive on
ftp_sanitycheck on
#=============================================
# Access Control List (ACL) Option
#=============================================
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl localnet src 192.168.88.0/24
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 # https, snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow localnet
http_access allow all
http_reply_access allow all
icp_access allow all
#=============================================
# Administrative Parameters
#=============================================
# I used Ubuntu Server so user and group is proxy
cache_effective_user proxy
cache_effective_group proxy
cache_mgr ubuntucontrib@gmail.com
visible_hostname proxy.precise.net
unique_hostname ubuntucontrib@gmail.com
#=============================================
# Accelerator Options
#=============================================
half_closed_clients off
quick_abort_min 0 KB
quick_abort_max 0 KB
vary_ignore_expire on
reload_into_ims on
log_fqdn off
memory_pools off
cache_swap_low 98
cache_swap_high 99
max_filedescriptors 65536
fqdncache_size 16384
retry_on_error on
offline_mode off
pipeline_prefetch on
# If you want to hide your proxy machine from being detected at various site use following
via off
#=============================================
# Options Which Affect The Cache Size
#=============================================
# If you have 4GB memory in Squid box, we will use formula of 1/3
# You can adjust it according to your need. IF squid is taking too much of RAM
# Then decrease it to 128 MB or even less.
cache_mem 8 MB
minimum_object_size 0 bytes
maximum_object_size 100 MB
maximum_object_size_in_memory 128 KB
#=============================================
# SNMP , if you want to generate graphs for -
# SQUID via MRTG
#=============================================
#acl snmppublic snmp_community gl
#snmp_port 3401
#snmp_access allow snmppublic all
#snmp_access allow all
#=============================================
# ZPH Option
#=============================================
tcp_outgoing_tos 0x30 all
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136
#=============================================
# ACL Caching Youtube
#=============================================
acl videocache_allow_url url_regex -i \.youtube\.com\/get_video\?
acl videocache_allow_url url_regex -i \.youtube\.com\/videoplayback \.youtube\.com\/videoplay \.youtube\.com\/get_video\?
acl videocache_allow_url url_regex -i \.youtube\.[a-z][a-z]\/videoplayback \.youtube\.[a-z][a-z]\/videoplay \.youtube\.[a-z][a-z]\/get_video\?
acl videocache_allow_url url_regex -i \.googlevideo\.com\/videoplayback \.googlevideo\.com\/videoplay \.googlevideo\.com\/get_video\?
acl videocache_allow_url url_regex -i \.google\.com\/videoplayback \.google\.com\/videoplay \.google\.com\/get_video\?
acl videocache_allow_url url_regex -i \.google\.[a-z][a-z]\/videoplayback \.google\.[a-z][a-z]\/videoplay \.google\.[a-z][a-z]\/get_video\?
acl videocache_allow_url url_regex -i proxy[a-z0-9\-][a-z0-9][a-z0-9][a-z0-9]?\.dailymotion\.com\/
acl videocache_allow_url url_regex -i vid\.akm\.dailymotion\.com\/
acl videocache_allow_url url_regex -i [a-z0-9][0-9a-z][0-9a-z]?[0-9a-z]?[0-9a-z]?\.xtube\.com\/(.*)flv
acl videocache_allow_url url_regex -i \.vimeo\.com\/(.*)\.(flv|mp4)
acl videocache_allow_url url_regex -i va\.wrzuta\.pl\/wa[0-9][0-9][0-9][0-9]?
acl videocache_allow_url url_regex -i \.youporn\.com\/(.*)\.flv
acl videocache_allow_url url_regex -i \.msn\.com\.edgesuite\.net\/(.*)\.flv
acl videocache_allow_url url_regex -i \.tube8\.com\/(.*)\.(flv|3gp)
acl videocache_allow_url url_regex -i \.mais\.uol\.com\.br\/(.*)\.flv
acl videocache_allow_url url_regex -i \.blip\.tv\/(.*)\.(flv|avi|mov|mp3|m4v|mp4|wmv|rm|ram|m4v)
acl videocache_allow_url url_regex -i \.apniisp\.com\/(.*)\.(flv|avi|mov|mp3|m4v|mp4|wmv|rm|ram|m4v)
acl videocache_allow_url url_regex -i \.break\.com\/(.*)\.(flv|mp4)
acl videocache_allow_url url_regex -i redtube\.com\/(.*)\.flv
acl videocache_allow_dom dstdomain .mccont.com .metacafe.com .cdn.dailymotion.com
acl videocache_deny_dom dstdomain .download.youporn.com .static.blip.tv
acl dontrewrite url_regex redbot\.org \.php
acl getmethod method GET
storeurl_access deny dontrewrite
storeurl_access deny !getmethod
storeurl_access deny videocache_deny_dom
storeurl_access allow videocache_allow_url
storeurl_access allow videocache_allow_dom
storeurl_access deny all
storeurl_rewrite_program /etc/squid/storeurl.pl
storeurl_rewrite_children 7
storeurl_rewrite_concurrency 100
acl store_rewrite_list urlpath_regex -i \/(get_video\?|videodownload\?|videoplayback.*id)
acl store_rewrite_list urlpath_regex -i \.flv$ \.mp3$ \.mp4$ \.swf$ \
storeurl_access allow store_rewrite_list
storeurl_access deny all
#=============================================
# Refresh Pattern Options
#=============================================
refresh_pattern -i \.flv$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.mp3$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.mp4$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.swf$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.gif$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.jpg$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.jpeg$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.exe$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
# 1 year = 525600 mins, 1 month = 10080 mins, 1 day = 1440
refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?) 10080 80% 10080 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims
refresh_pattern (get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?) 10080 80% 10080 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims
refresh_pattern \.(ico|video-stats) 10080 80% 10080 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth override-lastmod negative-ttl=10080
refresh_pattern \.etology\? 10080 80% 10080 override-expire ignore-reload ignore-no-cache
refresh_pattern galleries\.video(\?|sz) 10080 80% 10080 override-expire ignore-reload ignore-no-cache
refresh_pattern brazzers\? 10080 80% 10080 override-expire ignore-reload ignore-no-cache
refresh_pattern \.adtology\? 10080 80% 10080 override-expire ignore-reload ignore-no-cache
refresh_pattern ^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 10080 20% 10080 ignore-no-cache ignore-private override-expire ignore-reload ignore-auth negative-ttl=40320 max-stale=10
refresh_pattern ^.*safebrowsing.*google 10080 80% 10080 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth negative-ttl=10080
refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.uk) 10080 80% 10080 override-expire ignore-reload ignore-private negative-ttl=10080
refresh_pattern ytimg\.com.*\.jpg 10080 80% 10080 override-expire ignore-reload
refresh_pattern images\.friendster\.com.*\.(png|gif) 10080 80% 10080 override-expire ignore-reload
refresh_pattern garena\.com 10080 80% 10080 override-expire reload-into-ims
refresh_pattern photobucket.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 10080 80% 10080 override-expire ignore-reload
refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\? 10080 80% 10080 ignore-no-cache override-expire override-lastmod
refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 10080 80% 10080 reload-into-ims override-expire ignore-private
refresh_pattern ^http:\/\/images|pics|thumbs[0-9]\. 10080 80% 10080 reload-into-ims ignore-no-cache ignore-reload override-expire
refresh_pattern ^http:\/\/www.onemanga.com.*\/ 10080 80% 10080 reload-into-ims ignore-no-cache ignore-reload override-expire
refresh_pattern ^http://v\.okezone\.com/get_video\/([a-zA-Z0-9]) 10080 80% 10080 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth override-lastmod negative-ttl=10080
# Images Facebook
refresh_pattern -i \.facebook.com.*\.(jpg|png|gif) 10080 80% 10080 ignore-reload override-expire ignore-no-cache
refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3) 10080 80% 10080 ignore-reload override-expire ignore-no-cache
refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png) 10080 80% 10080 ignore-reload override-expire ignore-no-cache
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png) 10080 80% 10080 ignore-reload override-expire ignore-no-cache
# All File
refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern ^ftp: 10080 95% 10080 override-lastmod reload-into-ims
refresh_pattern . 1440 95% 10080 override-lastmod reload-into-ims
#=============================================

Mengatur file /etc/lusca/squid.conf to user and group proxy
sudo chown proxy:proxy /etc/lusca/squid.conf

Langkah 5. Buat Url File Konfigurasi:

sudo mkdir /etc/squid/

sudo touch /etc/squid/storeurl.pl

sudo nano /etc/squid/storeurl.pl

Gunakan konfigurasi url berikut:

 
#!/usr/bin/perl
# ==========================================================================
# $Rev$
# by chudy_fernandez@yahoo.com
# Updates at http://wiki.squid-cache.org/ConfigExamples/DynamicContent/YouTube/Discussion
# ==========================================================================
$|=1;
while (<>) {
 @X = split;
# $X[1] =~ s/&sig=.*//;
 $x = $X[0] . " ";
 $_ = $X[1];
 $u = $X[1];
# ==========================================================================
# Speedtest
# ==========================================================================
#if (m/^http:\/\/(.*)\/speedtest\/(.*\.(jpg|txt))\?(.*)/) {
# print $x . "http://www.speedtest.net.SQUIDINTERNAL/speedtest/" . $2 . "\n";
# ==========================================================================
# Mediafire
# ==========================================================================
#} elseif
if (m/^http:\/\/199\.91\.15\d\.\d*\/\w{12}\/(\w*)\/(.*)/) {
 print $x . "http://www.mediafire.com.SQUIDINTERNAL/" . $1 ."/" . $2 . "\n";
# ==========================================================================
# Fileserve
# ==========================================================================
} elsif (m/^http:\/\/fs\w*\.fileserve\.com\/file\/(\w*)\/[\w-]*\.\/(.*)/) {
 print $x . "http://www.fileserve.com.SQUIDINTERNAL/" . $1 . "./" . $2 . "\n";
# ==========================================================================
# Filesonic
# ==========================================================================
} elsif (m/^http:\/\/s[0-9]*\.filesonic\.com\/download\/([0-9]*)\/(.*)/) {
 print $x . "http://www.filesonic.com.SQUIDINTERNAL/" . $1 . "\n";
# ==========================================================================
# 4shared
# ==========================================================================
} elsif (m/^http:\/\/[a-zA-Z]{2}\d*\.4shared\.com(:8080|)\/download\/(.*)\/(.*\..*)\?.*/) {
 print $x . "http://www.4shared.com.SQUIDINTERNAL/download/$2\/$3\n";
# ==========================================================================
# 4shared preview
# ==========================================================================
} elsif (m/^http:\/\/[a-zA-Z]{2}\d*\.4shared\.com(:8080|)\/img\/(\d*)\/\w*\/dlink__2Fdownload_2F(\w*)_3Ftsid_3D[\w-]*\/preview\.mp3\?sId=\w*/) {
 print $x . "http://www.4shared.com.SQUIDINTERNAL/$2\n";
# ==========================================================================
# Photos-X.ak.fbcdn.net where X a-z
# ==========================================================================
} elsif (m/^http:\/\/photos-[a-z](\.ak\.fbcdn\.net)(\/.*\/)(.*\.jpg)/) {
 print $x . "http://photos" . $1 . "/" . $2 . $3 . "\n";
# ==========================================================================
# YX.sphotos.ak.fbcdn.net where X 1-9, Y a-z
# ==========================================================================
} elsif (m/^http:\/\/[a-z][0-9]\.sphotos\.ak\.fbcdn\.net\/(.*)\/(.*)/) {
 print $x . "http://photos.ak.fbcdn.net/" . $1 ."/". $2 . "\n";
# ==========================================================================
# maps.google.com
# ==========================================================================
} elsif (m/^http:\/\/(cbk|mt|khm|mlt|tbn)[0-9]?(.google\.co(m|\.uk|\.id).*)/) {
 print $x . "http://" . $1 . $2 . "\n";
# ==========================================================================
# Compatibility for old cached get_video?video_id
# ==========================================================================
} elsif (m/^http:\/\/([0-9.]{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com).*?(videoplayback\?id=.*?|video_id=.*?)\&(.*?)/) {
 $z = $2; $z =~ s/video_id=/get_video?video_id=/;
 print $x . "http://video-srv.youtube.com.SQUIDINTERNAL/" . $z . "\n";
# ==========================================================================
# Youtube fix
# ==========================================================================
} elsif (m/^http:\/\/([0-9.]{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com)\/videoplayback\?(.*)/) {
 $p_str = $2;
 $tag = "";
 $alg = "";
 $id = "";
 $range = "";
 if ($p_str =~ m/(itag=[0-9]*)/){$tag = "&".$1}
 if ($p_str =~ m/(algorithm=[a-z]*\-[a-z]*)/){$alg = "&".$1}
 if ($p_str =~ m/(id=[a-zA-Z0-9]*)/){$id = "&".$1}
 if ($p_str =~ m/(range=[0-9\-]*)/){$range = "&".$1; $range =~ s/-//; $range =~ s/range=//; }
 print $x . "http://video-srv.youtube.com.SQUIDINTERNAL/" . $tag . "&" . $alg . "&" . $id . "&" . $range . "\n";
# ==========================================================================
# Google Analytic
# ==========================================================================
} elsif (m/^http:\/\/www\.google-analytics\.com\/__utm\.gif\?.*/) {
 print $x . "http://www.google-analytics.com/__utm.gif\n";
# ==========================================================================
# Cache High Latency Ads
# ==========================================================================
} elsif (m/^http:\/\/([a-z0-9.]*)(\.doubleclick\.net|\.quantserve\.com|\.googlesyndication\.com|yieldmanager|cpxinteractive)(.*)/) {
 $y = $3;$z = $2;
 for ($y) {
 s/pixel;.*/pixel/;
 s/activity;.*/activity/;
 s/(imgad[^&]*).*/\1/;
 s/;ord=[?0-9]*//;
 s/;&timestamp=[0-9]*//;
 s/[&?]correlator=[0-9]*//;
 s/&cookie=[^&]*//;
 s/&ga_hid=[^&]*//;
 s/&ga_vid=[^&]*//;
 s/&ga_sid=[^&]*//;
 # s/&prev_slotnames=[^&]*//
 # s/&u_his=[^&]*//;
 s/&dt=[^&]*//;
 s/&dtd=[^&]*//;
 s/&lmt=[^&]*//;
 s/(&alternate_ad_url=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
 s/(&url=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
 s/(&ref=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
 s/(&cookie=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
 s/[;&?]ord=[?0-9]*//;
 s/[;&]mpvid=[^&;]*//;
 s/&xpc=[^&]*//;
 # yieldmanager
 s/\?clickTag=[^&]*//;
 s/&u=[^&]*//;
 s/&slotname=[^&]*//;
 s/&page_slots=[^&]*//;
}
 print $x . "http://" . $1 . $2 . $y . "\n";
# ==========================================================================
# Cache high latency ads
# ==========================================================================
} elsif (m/^http:\/\/(.*?)\/(ads)\?(.*?)/) {
 print $x . "http://" . $1 . "/" . $2 . "\n";
# ==========================================================================
# spicific servers starts here....
# ==========================================================================
} elsif (m/^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*?)/) {
 print $x . "http://" . $1 . "\n";
# ==========================================================================
# cdn, varialble 1st path
# ==========================================================================
} elsif (($u =~ /filehippo/) && (m/^http:\/\/(.*?)\.(.*?)\/(.*?)\/(.*)\.([a-z0-9]{3,4})(\?.*)?/)) {
 @y = ($1,$2,$4,$5);
 $y[0] =~ s/[a-z0-9]{2,5}/cdn./;
 print $x . "http://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";
# ==========================================================================
# Rapidshare
# ==========================================================================
} elsif (($u =~ /rapidshare/) && (m/^http:\/\/(([A-Za-z]+[0-9-.]+)*?)([a-z]*\.[^\/]{3}\/[a-z]*\/[0-9]*)\/(.*?)\/([^\/\?\&]{4,})$/)) {
 print $x . "http://cdn." . $3 . "/SQUIDINTERNAL/" . $5 . "\n";
} elsif (($u =~ /maxporn/) && (m/^http:\/\/([^\/]*?)\/(.*?)\/([^\/]*?)(\?.*)?$/)) {
 print $x . "http://" . $1 . "/SQUIDINTERNAL/" . $3 . "\n";
# ==========================================================================
# like porn hub variables url and center part of the path, filename etention 3 or 4 with or without ? at the end
# ==========================================================================
} elsif (($u =~ /tube8|pornhub|xvideos/) && (m/^http:\/\/(([A-Za-z]+[0-9-.]+)*?(\.[a-z]*)?)\.([a-z]*[0-9]?\.[^\/]{3}\/[a-z]*)(.*?)((\/[a-z]*)?(\/[^\/]*){4}\.[^\/\?]{3,4})(\?.*)?$/)) {
 print $x . "http://cdn." . $4 . $6 . "\n";
#...spicific servers end here.
# ==========================================================================
# Photos-X.ak.fbcdn.net where X a-z
# ==========================================================================
} elsif (m/^http:\/\/photos-[a-z].ak.fbcdn.net\/(.*)/) {
 print $x . "http://photos.ak.fbcdn.net/" . $1 . "\n";
# ==========================================================================
# For yimg.com video
# ==========================================================================
} elsif (m/^http:\/\/(.*yimg.com)\/\/(.*)\/([^\/\?\&]*\/[^\/\?\&]*\.[^\/\?\&]{3,4})(\?.*)?$/) {
 print $x . "http://cdn.yimg.com//" . $3 . "\n";
# ==========================================================================
# For yimg.com doubled
# ==========================================================================
} elsif (m/^http:\/\/(.*?)\.yimg\.com\/(.*?)\.yimg\.com\/(.*?)\?(.*)/) {
 print $x . "http://cdn.yimg.com/" . $3 . "\n";
# ==========================================================================
# For yimg.com with &sig=
# ==========================================================================
} elsif (m/^http:\/\/(.*?)\.yimg\.com\/(.*)/) {
 @y = ($1,$2);
 $y[0] =~ s/[a-z]+[0-9]+/cdn/;
 $y[1] =~ s/&sig=.*//;
 print $x . "http://" . $y[0] . ".yimg.com/" . $y[1] . "\n";
# ==========================================================================
# Youjizz. We use only domain and filename
# ==========================================================================
} elsif (($u =~ /media[0-9]{2,5}\.youjizz/) && (m/^http:\/\/(.*)(\.[^\.\-]*?\..*?)\/(.*)\/([^\/\?\&]*)\.([^\/\?\&]{3,4})((\?|\%).*)?$/)) {
 @y = ($1,$2,$4,$5);
 $y[0] =~ s/(([a-zA-A]+[0-9]+(-[a-zA-Z])?$)|(.*cdn.*)|(.*cache.*))/cdn/;
 print $x . "http://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";
# ==========================================================================
# General purpose for cdn servers. add above your specific servers.
# ==========================================================================
} elsif (m/^http:\/\/([0-9.]*?)\/\/(.*?)\.(.*)\?(.*?)/) {
 print $x . "http://squid-cdn-url//" . $2 . "." . $3 . "\n";
# ==========================================================================
# Generic http://variable.domain.com/path/filename."ex" "ext" or "exte" with or withour "? or %"
# ==========================================================================
} elsif (m/^http:\/\/(.*)(\.[^\.\-]*?\..*?)\/(.*)\.([^\/\?\&]{2,4})((\?|\%).*)?$/) {
 @y = ($1,$2,$3,$4);
 $y[0] =~ s/(([a-zA-A]+[0-9]+(-[a-zA-Z])?$)|(.*cdn.*)|(.*cache.*))/cdn/;
 print $x . "http://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";
# ==========================================================================
# generic http://variable.domain.com/...
# ==========================================================================
} elsif (m/^http:\/\/(([A-Za-z]+[0-9-]+)*?|.*cdn.*|.*cache.*)\.(.*?)\.(.*?)\/(.*)$/) {
 print $x . "http://cdn." . $3 . "." . $4 . "/" . $5 . "\n";
# ==========================================================================
# spicific extention that ends with ?
# ==========================================================================
} elsif (m/^http:\/\/(.*?)\/(.*?)\.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|on2)(.*)/) {
 print $x . "http://" . $1 . "/" . $2 . "." . $3 . "\n";
# ==========================================================================
# all that ends with ;
# ==========================================================================
} elsif (m/^http:\/\/(.*?)\/(.*?)\;(.*)/) {
 print $x . "http://" . $1 . "/" . $2 . "\n";
} else {
 print $x . $_ . "sucks\n";
}
}
#=================================EOF=======================================

Buat permision file /etc/squid/storeurl.pl

sudo chown proxy:proxy /etc/squid/storeurl.pl sudo chmod +x /etc/squid/storeurl.pl

Langkah 6. Mengubah izin direktori cache lusca

sudo chown proxy:proxy /cache-{1,2,3,4,5}

sudo chmod 777 /cache-{1,2,3,4,5}

Langkah 7. Debug lusca, untuk memeriksa setiap erros dengan perintah berikut

lusca -d1

Langkah 8. JIKA ada kesalahan Restart lusca daemon dengan perintah berikut

sudo /etc/init.d/lusca restart

Atau

sudo service lusca restart

Langkah 9. Pemantauan lusca access.log:

sudo tail -f /var/log/lusca/access.log | ccze

Anda juga dapat memantau lusca menggunakan perintah:

squidclient mgr:info

Link reference: http://ubuntuserverguide.com

SERVER

CEDET2WELL

CEDET2WELL

CEDET2WELL

CEDET2WELL

CEDET2WELL

Thursday, 3 October 2013

MEMBERSIHKAN CACHE PROXY MANUAL

Saturday, 28 September 2013

SETTING MIKROTIK UNTUK GAME ONLINE DAN BROWSING

Saturday, 4 May 2013

Cara install Webmin di Ubuntu Proxy Server 12.04 LTS

Instalasi Webmin Pada Ubuntu Server 12.04 LTS

Method 1: Install webmin via APT

Method 2: Installing Manualy

Lusca sebagai Proxy Server di Ubuntu Server 12.04

Arsip

Labels

Blog Archive

Categories

Blogger news

Blogroll

About