saya mw sedikit share tentang Lusca proxy di CentOS yang memiliki kelebihan yaitu :
Lusca bertujuan untuk memperbaiki kekurangan-2 dalam basis kode sementara squid, serta menjaga kestabilan fungsionalitas dan stabilitas Squid.
mendukung mayoritas HTTP/1.1 HTTP/1.0
Mendukung protokol dan caching untuk merekonstruksi : konten load balancing HTTP, kegagalan, permintaan cerdas / jawaban routing, memori dengan kinerja tinggi dan cache disk, sistem kontrol akses yang fleksibel
Peningkatan kinerja yang lebih cepat karena memperbaiki kelemahan squid proxy
Menangani local cache Content dynamic
web proxy / cache platform dengan kinerja lebih stabil, fitur lebih banyak dan skalabilitas yang dynamis.
mendukung cpu single core ataupun multicore
Lusca terus meliputi perbaikan dan perkembangan dari proyek Squid
Berikut ini cara install Lusca Proxy dan Tunning nya
1. Linux yang di gunakan adalah CentOS 5.5 dengan mode TEXT
Instalasi LINUX mode TEXT dapat di lihat di SINI
2. Setelah Instalasi selesai pertama-tama kita ubah dahulu repository nya ke repository indonesia agar instalasi jauh lebih cepat. Cara nya dapat di lihat di SINI dan kemudian Matikan firewall dan disable selinux. Caranya dapat di lihat di SINI
3. Install squid bawaan CentOS terlebih dahulu menggunakan “YUM” dan kemudian remove kembali.
Karena asli nya LUSCA adalah pengembangan squid, maka untuk memasukkan paket-paket yang di butuhkan LUSCA cara yang paling cepat adalah dengan menginstall squid dan kemudian me-remove nya kembali
[root@lusca-proxy ~]# yum install squid Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile addons | 951 B 00:00 addons/primary | 202 B 00:00 base | 2.1 kB 00:00 base/primary_db | 1.6 MB 00:02 extras | 2.1 kB 00:00 extras/primary_db | 188 kB 00:00 updates | 1.9 kB 00:00 updates/primary_db | 840 kB 00:01 Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package squid.i386 7:2.6.STABLE21-6.el5 set to be updated --> Processing Dependency: perl(URI::URL) for package: squid --> Running transaction check ---> Package perl-URI.noarch 0:1.35-3 set to be updated --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: squid i386 7:2.6.STABLE21-6.el5 base 1.3 M Installing for dependencies: perl-URI noarch 1.35-3 base 116 k Transaction Summary ================================================================================ Install 2 Package(s) Upgrade 0 Package(s) Total download size: 1.4 M Is this ok [y/N]: y3. Setelah terinstall maka kita remove lagi
[root@lusca-proxy ~]# yum remove squid Loaded plugins: fastestmirror Setting up Remove Process Resolving Dependencies --> Running transaction check ---> Package squid.i386 7:2.6.STABLE21-6.el5 set to be erased --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Removing: squid i386 7:2.6.STABLE21-6.el5 installed 3.5 M Transaction Summary ================================================================================ Remove 1 Package(s) Reinstall 0 Package(s) Downgrade 0 Package(s) Is this ok [y/N]: y4. Setelah itu kita install paket yang di butuhkan untuk kompilasi LUSCA yaitu :
- automake
- gcc
- glibc-devel
- e2fsprogs-devel
- sharutils
[root@lusca-proxy ~]# yum install automake gcc glibc-devel e2fsprogs-devel sharutils Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package automake.noarch 0:1.9.6-2.3.el5 set to be updated --> Processing Dependency: autoconf >= 2.58 for package: automake ---> Package e2fsprogs-devel.i386 0:1.39-23.el5_5.1 set to be updated --> Processing Dependency: e2fsprogs-libs = 1.39-23.el5_5.1 for package: e2fspro gs-devel ---> Package gcc.i386 0:4.1.2-48.el5 set to be updated --> Processing Dependency: cpp = 4.1.2-48.el5 for package: gcc --> Processing Dependency: libgomp >= 4.1.2-48.el5 for package: gcc ---> Package glibc-devel.i386 0:2.5-49.el5_5.7 set to be updated --> Processing Dependency: glibc-headers = 2.5-49.el5_5.7 for package: glibc-dev el --> Processing Dependency: glibc = 2.5-49.el5_5.7 for package: glibc-devel --> Processing Dependency: glibc-headers for package: glibc-devel ---> Package sharutils.i386 0:4.6.1-2 set to be updated --> Running transaction check ---> Package autoconf.noarch 0:2.59-12 set to be updated --> Processing Dependency: imake for package: autoconf ---> Package cpp.i386 0:4.1.2-48.el5 set to be updated --> Processing Dependency: e2fsprogs-libs = 1.39-23.el5 for package: e2fsprogs ---> Package e2fsprogs-libs.i386 0:1.39-23.el5_5.1 set to be updated --> Processing Dependency: glibc = 2.5-49 for package: nscd ---> Package glibc.i686 0:2.5-49.el5_5.7 set to be updated --> Processing Dependency: glibc-common = 2.5-49.el5_5.7 for package: glibc ---> Package glibc-headers.i386 0:2.5-49.el5_5.7 set to be updated --> Processing Dependency: kernel-headers >= 2.2.1 for package: glibc-headers --> Processing Dependency: kernel-headers for package: glibc-headers ---> Package libgomp.i386 0:4.4.0-6.el5 set to be updated --> Running transaction check ---> Package e2fsprogs.i386 0:1.39-23.el5_5.1 set to be updated ---> Package glibc-common.i386 0:2.5-49.el5_5.7 set to be updated ---> Package imake.i386 0:1.0.2-3 set to be updated ---> Package kernel-headers.i386 0:2.6.18-194.26.1.el5 set to be updated ---> Package nscd.i386 0:2.5-49.el5_5.7 set to be updated --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: automake noarch 1.9.6-2.3.el5 base 476 k e2fsprogs-devel i386 1.39-23.el5_5.1 updates 569 k gcc i386 4.1.2-48.el5 base 5.2 M glibc-devel i386 2.5-49.el5_5.7 updates 2.0 M sharutils i386 4.6.1-2 base 201 k Installing for dependencies: autoconf noarch 2.59-12 base 647 k cpp i386 4.1.2-48.el5 base 2.6 M glibc-headers i386 2.5-49.el5_5.7 updates 602 k imake i386 1.0.2-3 base 319 k kernel-headers i386 2.6.18-194.26.1.el5 updates 1.1 M libgomp i386 4.4.0-6.el5 base 70 k Updating for dependencies: e2fsprogs i386 1.39-23.el5_5.1 updates 977 k e2fsprogs-libs i386 1.39-23.el5_5.1 updates 118 k glibc i686 2.5-49.el5_5.7 updates 5.3 M glibc-common i386 2.5-49.el5_5.7 updates 16 M nscd i386 2.5-49.el5_5.7 updates 166 k Transaction Summary ================================================================================ Install 11 Package(s) Upgrade 5 Package(s) Total download size: 37 M Is this ok [y/N]:y5. Duduk tenang selesai install paket-paket di atas kemudian download LUSCA nya dari google
[root@lusca-proxy ~]#wget http://lusca-cache.googlecode.com/files/LUSCA_HEAD-r14809.tar.gz6. Setelah itu di extrak
[root@lusca-proxy ~]# tar -zxvf LUSCA_HEAD-r14809.tar.gz7. Pindah ke dalam direktori lusca, naikkan filedescriptors, dan kemudian configure menggunakan opsi-opsi di bawah ini
[root@lusca-proxy ~]# cd LUSCA_HEAD-r14809 [root@lusca-proxy ~]# ulimit -n 8192 [root@lusca-proxy LUSCA_HEAD-r14809]# ./configure --prefix=/usr/local/squid --exec-prefix=/usr/local/squid --enable-delay-pools --enable-cache-digests --enable-poll --enable-linux-netfilter --enable-removal-policies --with-maxfd=8192 --enable-storeio=aufs --disable-wccp --enable-x-accelerator-vary --enable-kill-parent-hack --enable-async-io=30 --disable-ident-lookupssemua file instalasi terletak di /usr/local/squid/ jadi kita tidak akan repot-repot mencari-cari file squid
8. Kemudian install
[root@lusca-proxy LUSCA_HEAD-r14809]# make all && make install9. Duduk tenang menunggu instalasi selesai sekarang waktu nya Konfigurasi.
- Pindah ke direktori /usr/local/squid/etc
[root@lusca-proxy LUSCA_HEAD-r14809]# cd /usr/local/squid/etc/- ambil file squid.conf menggunakan wget dari website ini
[root@lusca-proxy etc]# wget http://www.hendraarif.web.id/wp-content/uploads/2011/02/squid.conf --2011-02-25 01:43:23-- http://www.hendraarif.web.id/wp-content/uploads/2011/02/squid.conf Resolving www.hendraarif.web.id... 192.168.0.137 Connecting to www.hendraarif.web.id|192.168.0.137|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 2141 (2.1K) [text/plain] Saving to: `squid.conf.1' 100%[====================================================>] 2,141 --.-K/s in 0s 2011-02-25 01:43:23 (207 MB/s) - `squid.conf.1' saved [2141/2141]10. copy squid.conf.1 ke squid.conf
[root@lusca-proxy etc]# cp squid.conf.1 squid.conf cp: overwrite `squid.conf'? y11. ambil storeurl di website ini :
[root@lusca-proxy etc]# wget http://www.hendraarif.web.id/wp-content/uploads/2011/02/storeurl.pl --2011-02-25 01:46:35-- http://www.hendraarif.web.id/wp-content/uploads/2011/02/storeurl.pl Resolving www.hendraarif.web.id... 192.168.0.137 Connecting to www.hendraarif.web.id|192.168.0.137|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 4799 (4.7K) [text/plain] Saving to: `storeurl.pl' 100%[====================================================>] 4,799 --.-K/s in 0s 2011-02-25 01:46:35 (311 MB/s) - `storeurl.pl' saved [4799/4799]12. Ambil file tunning.conf di website ini
[root@lusca-proxy etc]# wget http://www.hendraarif.web.id/wp-content/uploads/2011/02/tunning.conf --2011-02-25 01:48:16-- http://www.hendraarif.web.id/wp-content/uploads/2011/02/tunning.conf Resolving www.hendraarif.web.id... 192.168.0.137 Connecting to www.hendraarif.web.id|192.168.0.137|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 11047 (11K) [text/plain] Saving to: `tunning.conf' 100%[============================================================>] 11,047 --.-K/s in 0s 2011-02-25 01:48:16 (425 MB/s) - `tunning.conf' saved [11047/11047]13. – Buat direktori untuk nampung cache di /cache1,
– kemudian ubah permission nya untuk squid
– kemudian ubah permission file tunning.conf dan storeurl.pl agar bisa di exekusi
[root@lusca-proxy etc]# mkdir /cache1 [root@lusca-proxy etc]# chown squid:squid /cache1 [root@lusca-proxy etc]# chmod 777 tunning.conf storeurl.pl14. Building cache dir squid
[root@lusca-proxy etc]# /usr/local/squid/sbin/squid -z15. edit localnet pada squid.conf. sesuaikan network client kita :
potongan squid.conf
...... [root@lusca-proxy etc]# nano -c squid.conf ....................... #################################################################### # Allow local network(s) on interface(s) # Example rule allowing access from your local networks. # Adapt to list your (internal) IP networks from where browsing # should be allowed #acl localnet src 10.0.0.0/8 # RFC1918 possible internal network #acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 7.7.9.0/24 # RFC1918 possible internal network ####################################################################16. Cek apakah ada config error di squid dan apabila tidak ada error Jalankan squid sebagai daemon
[root@lusca-proxy etc]# /usr/local/squid/sbin/squid -k parse [root@lusca-proxy etc]# /usr/local/squid/sbin/squid -NDd1 &17. Testing. Silahkan arahkan browser menggunakan proxy ke server LUSCA dengan port 3128
[root@lusca-proxy etc]# tail -f /cache1/access.log 1298574413.127 154 7.7.9.2 TCP_MISS/302 839 GET http://www.google.com/search?q=wordpress+file+upload+plugins&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a - DIRECT/209.85.175.147 text/html 1298574413.813 365 7.7.9.2 TCP_MISS/200 14796 GET http://www.google.co.id/search?q=wordpress+file+upload+plugins&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a - DIRECT/209.85.175.103 text/html 1298574414.419 122 7.7.9.2 TCP_MISS/204 267 GET http://clients1.google.co.id/generate_204 - DIRECT/209.85.175.113 text/html 1298574414.838 106 7.7.9.2 TCP_MISS/204 357 GET http://www.google.co.id/csi?v=3&s=web&action=&e=17259,17311,27495,28454,28589,28903,28940&ei=3qpmTchQhvCtB6LhqNoK&expi=17259,17311,27495,28454,28589,28903,28940&imc=4&imn=4&imp=0&rt=xjsls.417,prt.419,xjses.484,xjsee.549,xjs.568,ol.869,iml.419 - DIRECT/209.85.175.99 text/html 1298574424.075 2804 7.7.9.2 TCP_MISS/200 547 POST http://www.hendraarif.web.id/wp-admin/admin-ajax.php - DIRECT/192.168.0.137 text/xmlPerlu di ingat tunning hardware berbanding terbalik dengan kemampuan hardware. jika di paksa bekerja terlalu keras maka alat akan cepat rusak.
update
catatan :
1. buat ngecek idup apa ngga di nmap saja liat port nya kebuka atau ngga
2. jika ketemu error Filedescriptors blabla, edit di file
[root@lusca-proxy ~]# nano -c /usr/local/squid/etc/storeurl.plpada bagian paling atas
#!/usr/bin/perl5.8.8 <===== edit menjadi "#!/usr/bin/perl" tanpa tanda kutip # by chudy_fernandez@yahoo.com # Updates at http://wiki.squid-cache.org/ConfigExamples/DynamicContent/YouTube/D iscussion $|=1; .............................3. untuk menjalankan lusca setiap abis restart secara otomatis ketik perintah ini di console
[root@lusca-proxy ~]# echo "/usr/local/squid/sbin/squid -NDd1 &" >> /etc/rc.local
Sekian dari saya..
Terima kasih.. :)
Source : http://www.hendraarif.web.id/
0 komentar:
Posting Komentar