1. Partisi dibagi 3 ( swap = 10GB / root = 40GB / cache = sisa )
2. Setelah installasi OS selesai lakukan command dibawah ini :
Update Paket ke Mirror Indonesia
masuk ke direktori apt ( cd /etc/apt/ )
delete sources.list
download :
#Ubuntu wget https://gemaroprek.com/xdatax/proksi/sources.list #Debian wget https://gemaroprek.com/xdatax/proksi/sources.list_ubuntu
kemudian update paket list :
#aptitude update #aptitude safe-upgrade #apt-get install ssh openssh-server vim-nox squid wget traceroute autoconf automake subversion make build-essential sharutils gcc cpp ccze squidclient #chown -R proxy:proxy /cache/ #chown -R proxy:proxy /etc/squid/storeurl.pl
3. Masuk directory squid (cd /etc/squid )
delete squid.conf (rm squid.conf)
download config squid baru dari https://gemaroprek.com/xdatax/proksi/ (jangan dari tempat lain/ link diprivate, silahkan komentar untuk request) dengan command :
#wget https://gemaroprek.com/xdatax/proksi/common.conf #wget https://gemaroprek.com/xdatax/proksi/ext-gamepatch.acl #wget https://gemaroprek.com/xdatax/proksi/mime.conf #wget https://gemaroprek.com/xdatax/proksi/squid.conf
4. edit squid.conf (nano /etc/squid/squid.conf atau vi /etc/squid/squid.conf)
Yang harus di edit di squid.conf :
cache_dir aufs /cache 76595 184 256
76595 = kapasitas avail /cache * 20% (command liat kapasitas hdd : df -ha)
contoh :
root@squid:/etc/squid# df -ha Filesystem Size Used Avail Use% Mounted on /dev/sda1 56G 16G 37G 30% / proc 0 0 0 - /proc none 0 0 0 - /sys none 0 0 0 - /sys/fs/fuse/connections none 0 0 0 - /sys/kernel/debug none 0 0 0 - /sys/kernel/security none 998M 212K 998M 1% /dev none 0 0 0 - /dev/pts none 1003M 0 1003M 0% /dev/shm none 1003M 40K 1003M 1% /var/run none 1003M 0 1003M 0% /var/lock none 1003M 0 1003M 0% /lib/init/rw /dev/sda3 395G 431M 374G 1% /cache
Ambil Avail space di /cache
kapasitas di avail /cache 374 * 1024 = 382976 (konversi ke MB) 382976 * 20% = 76595 MB
184 = cache directory yg dibuat dgn rumus :
76595 * 1024 (konversi ke KB) = 78433280 KB 78433280 / 13 (average object size) / 256 / 256 * 2 = 184
hasil : cache_dir aufs /cache 76595 184 256
visible_hostname squid@warnet.net <= ganti ke nama warnet
setelah semua di save (squid.conf)
matikan squid nya dengan command : stop squid atau /etc/init.d/squid stop
5. edit rc.local dengan command :
nano /etc/rc.local atau vi /etc/rc.local
dan tambahkan diantara exit 0 :
sysctl -w net.ipv4.ip_forward=1 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8185 rm /var/log/squid/*.log.* rm /var/log/*.gz rm /var/log/*.0 rm /var/log/*.1 rm /var/log/*.2
contoh :
root@squid:/etc/squid# vi /etc/rc.local
#!/bin/sh -e # # rc.local # # This script is executed at the end of each multiuser runlevel. # Make sure that the script will "exit 0" on success or any other # value on error. # # In order to enable or disable this script just change the execution # bits. # # By default this script does nothing. sysctl -w net.ipv4.ip_forward=1 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8185 rm /var/log/squid/*.log.* rm /var/log/*.gz rm /var/log/*.0 rm /var/log/*.1 rm /var/log/*.2 exit 0
6. Patch LUSCA
pindah ke directory dengan command : cd /usr/local/src
download patch Lusca dengan command :
#wget https://gemaroprek.com/xdatax/proksi/LUSCA_HEAD-r14809.tar.gz
Ekstrak dengan command :
#tar -zxvf LUSCA_HEAD-r14809.tar.gz
kemudian masuk ke direktori LUSCA dengan command :
#cd LUSCA_HEAD-r14809
Konfigure dan install dengan command :
./configure --prefix=/usr --exec_prefix=/usr --bindir=/usr/sbin --sbindir=/usr/sbin --libexecdir=/usr/lib/squid --sysconfdir=/etc/squid \ --localstatedir=/var/spool/squid --datadir=/usr/share/squid --enable-async-io=24 --with-aufs-threads=24 --with-pthreads --enable-storeio=aufs \ --enable-linux-netfilter --enable-arp-acl --enable-epoll --enable-removal-policies=heap --with-aio -with-dl --enable-snmp \ --enable-delay-pools --enable-htcp --enable-cache-digests --disable-unlinkd --enable-large-cache-files --with-large-files \ --enable-err-languages=English --enable-default-err-language=English --with-maxfd=65536
#make #make install jalankan perintah di atas satu per satu
lanjutkan dengan command :
#squid -z (rebuilding cache dir)
7. edit dan tambahkan config (baris paling bawah) di /etc/security/limits.conf dengan command vi/nano /etc/security/limits.conf
* - nofile 65535 * soft nofile 65535 * hard nofile 65535
contoh :
# /etc/security/limits.conf # #Each line describes a limit for a user in the form: # # # #Where: # can be: # – an user name # – a group name, with @group syntax # – the wildcard *, for default entry # – the wildcard %, can be also used with %group syntax, # for maxlogin limit # – NOTE: group and wildcard limits are not applied to root. # To apply a limit to the root user, must be # the literal username root. # # can have the two values: # – “soft” for enforcing the soft limits # – “hard” for enforcing hard limits # # can be one of the following: # – core – limits the core file size (KB) # – data – max data size (KB) # – fsize – maximum filesize (KB) # – memlock – max locked-in-memory address space (KB) # – nofile – max number of open files # – rss – max resident set size (KB) # – stack – max stack size (KB) # – cpu – max CPU time (MIN) # – nproc – max number of processes # – as – address space limit (KB) # – maxlogins – max number of logins for this user # – maxsyslogins – max number of logins on the system # – priority – the priority to run user process with # – locks – max number of file locks the user can hold # – sigpending – max number of pending signals # – msgqueue – max memory used by POSIX message queues (bytes) # – nice – max nice priority allowed to raise to values: [-20, 19] # – rtprio – max realtime priority # – chroot – change root to directory (Debian-specific) # # # #* soft core 0 #root hard core 100000 #* hard rss 10000 #@student hard nproc 20 #@faculty soft nproc 20 #@faculty hard nproc 50 #ftp hard nproc 0 #ftp – chroot /ftp #@student – maxlogins 4 * – nofile 65535 * soft nofile 65535 * hard nofile 65535 # End of file
8. edit /usr/include/bits/typesizes.h dengan command vi/nano /usr/include/bits/typesizes.h :
#define __FD_SETSIZE 65535/[sourcecode] contoh : [sourcecode language="plain"] /* bits/typesizes.h — underlying types for *_t. Generic version. Copyright (C) 2002, 2003 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. The GNU C Library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with the GNU C Library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. */ #ifndef _BITS_TYPES_H # error “Never include <bits/typesizes.h> directly; use <sys/types.h> instead.” #endif #ifndef _BITS_TYPESIZES_H #define _BITS_TYPESIZES_H 1 /* See <bits/types.h> for the meaning of these macros. This file exists so that <bits/types.h> need not vary across different GNU platforms. */ #define __DEV_T_TYPE __UQUAD_TYPE #define __UID_T_TYPE __U32_TYPE #define __GID_T_TYPE __U32_TYPE #define __INO_T_TYPE __ULONGWORD_TYPE #define __INO64_T_TYPE __UQUAD_TYPE #define __MODE_T_TYPE __U32_TYPE #define __NLINK_T_TYPE __UWORD_TYPE #define __OFF_T_TYPE __SLONGWORD_TYPE #define __OFF64_T_TYPE __SQUAD_TYPE #define __PID_T_TYPE __S32_TYPE #define __RLIM_T_TYPE __ULONGWORD_TYPE #define __RLIM64_T_TYPE __UQUAD_TYPE #define __BLKCNT_T_TYPE __SLONGWORD_TYPE #define __BLKCNT64_T_TYPE __SQUAD_TYPE #define __FSBLKCNT_T_TYPE __ULONGWORD_TYPE #define __FSBLKCNT64_T_TYPE __UQUAD_TYPE #define __FSFILCNT_T_TYPE __ULONGWORD_TYPE #define __FSFILCNT64_T_TYPE __UQUAD_TYPE #define __ID_T_TYPE __U32_TYPE #define __CLOCK_T_TYPE __SLONGWORD_TYPE #define __TIME_T_TYPE __SLONGWORD_TYPE #define __USECONDS_T_TYPE __U32_TYPE #define __SUSECONDS_T_TYPE __SLONGWORD_TYPE #define __DADDR_T_TYPE __S32_TYPE #define __SWBLK_T_TYPE __SLONGWORD_TYPE #define __KEY_T_TYPE __S32_TYPE #define __CLOCKID_T_TYPE __S32_TYPE #define __TIMER_T_TYPE void * #define __BLKSIZE_T_TYPE __SLONGWORD_TYPE #define __FSID_T_TYPE struct { int __val[2]; } #define __SSIZE_T_TYPE __SWORD_TYPE /* Number of descriptors that can fit in an `fd_set’. */ #define __FD_SETSIZE 65535
9. edit /etc/default/squid dengan command vi/nano /etc/default/squid
SQUID_MAXFD=65535
contoh:
# # /etc/default/squid Configuration settings for the Squid proxy server. # # Max. number of filedescriptors to use. You can increase this on a busy # cache to a maximum of (currently) 65536 filedescriptors. Default is 1024. SQUID_MAXFD=65535
10. Restart pc squidnya kemudian di coba.
11. liat file descriptor di squid brubah tidak (pake command)
#squidclient -p 8185 mgr:info | grep 'file descri' #squidclient -p 8185 mgr:utilization
Untuk Lebih dari 1 HDD & 1 HDD 500 GB Ke Atas
sama seperti diatas, hanya cache dir nya dibuat menjadi cache1 cache2 dan seterusnya.
contoh untuh hdd 1 TB : Partisi dibagi 7 :
swap = 10GB root = 40GB cache1 = 200GB cache2 = 200GB cache3 = 200GB cache4 = 200GB cache5 = sisa
Hasil :
# cache_dir cache_dir aufs /cache1 39321 92 256 cache_dir aufs /cache2 39321 92 256 cache_dir aufs /cache3 39321 92 256 cache_dir aufs /cache4 39321 92 256 cache_dir aufs /cache5 39321 92 256
Kenapa harus di bagi sampai 7 partisi ?
karena maksimum kedalaman directory itu 256, jadi kalo 1 TB HDD di jadikan satu partisi cachenya hasilnya tidak optimal.
(kalau kurang mengerti tolong ditanyakan ke Saya)
Konfigurasi Mikrotik
Mikrotik Versi 2.9 ( PC Router )
copy perintah berikut dan jalankan di terminal
/ip firewall mangle add chain=output content="X-Cache: HIT" action=mark-connection new-connection-mark=proxy-con passthrough=yes comment="Mark Proxy HIT" disabled=no /ip firewall mangle add chain=output connection-mark=proxy-con action=mark-packet new-packet-mark=proxy-pkt passthrough=no comment="" disabled=no /queue simple add name="proxy-HIT" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=proxy-pkt priority=8 queue=default/default limit-at=0/0 max-limit=0/0 total-queue=default disabled=no
Agustinus Gunawan
January 25, 2018maaf mau tanya, pakai ubuntu server versi berapa ?
Download link untuk squid .conf
Terima Kasih atas informasinyua.