Pages

Minggu, 29 Mei 2011

How to configure squid to use a separate hard drive as its cache

 from : http://forum.pfsense.org/index.php/topic,21573.0.html

I've spent literally weeks trying to get my pfsense/squid setup finished... and its finally nearly complete! I tell you what, if someone was paying me only $7.00/hour to get this thing set up, they would be spending hundreds.

Before I get into anything, I'll just say that I'm trying to make this as noob proof as possible. That said, I hope this will help those who are new to FreeBSD/pfsense.

The hardest part for me was that I was having a very hard time configuring squid to use a different hard drive. As some of you know, using a separate hard drive is faster... and you usually get more space that way too. The problem is, however, that caching on a separate hard drive is not officially supported by pfsense. Therefore, you might run into problems and you might have to spend hours reading the freeBSD handbook and searching through threads, maybe even posting threads... sometimes getting "RTF's." Nevertheless, I think the process is quite straightforward and its definitely worth a try!

Here it is:

If you've not done so already, connect your hard drive and configure jumper settings (master, slave) if needed.

You will need to delete all data from the drive. Then you have to create a slice, or partition. You can do this manually in the console but I've personally ran into many problems doing it that way. A much better way, I've found is to use a pfsense liveCD.

Insert the CD and reboot the computer. When you get to the part where it asks if you want to enter Recovery Mode or Installer Mode, hit "I" to enter the installer. When you get to the man install screen and it asks you if you want to do a quick install or a custom install, hit 'custom install.' We will not be installing pfsense now, but just partitioning the hard drive.

Next, it will ask you what hard drive you want to install it on. Be sure to choose the right one. If your drive is a IDE like mine and its a slave, then it will be ad1.  Just keep continuing through the setups... it will go to the disk geometry screen, and you hit "accept this geometry." And then it will want you to create a slice (I think thats what its called), so you'll create one. Then it will want you to install bootblocks. You should just skip this step. Then it will want you to partition it. When you get to this screen, you need to delete the default swap partition and change the mount point to something like /squid/cache or /cache/squid. Or, it might just work with /cache. Then you will hit continue...

At this point, it will want to format the partition and begin the installation of pfsense. I've found that for some reason, pfsense does not format the partition correctly and it comes back with an error. This might be because it is confused because there is no swap partition, I don't know. But, this problem is easily remedied by manually formatting the hard drive.

So,  at this point you need to keep on hitting the "return to..." buttons until you are back to the main install page. There you will hit 'reboot' and once its rebooted, remove the CD. Then, it should load back into your pfsense HD install.

From there, you'll need to hit 8 to enter the shell where you can type in commands. Here, you need to type
Code:
newfs /dev/ad1s1a
Replace the '/dev/ad1s1a' with the proper name for your hard drive and the slice on your hard drive.

After that is finished, we need to edit /etc/fstab. Type "ee /etc/fstab" (without quotes) and add the following line:
Code:
/dev/ad1s1a            /cache/squid/    ufs     rw              1       1
Again, change the "/cache/squid" to match the mountpoint that you want to set for your squid cache.

Create the /cache directory (for pfsense to mount your hard drive on). Do that with
Code:
mkdir /cache/squid
again, chaning the "/cache/squid" so that it matches your setup.

Mount the hard drive by typing
Code:
mount -a
. Then type in df -h to make sure its mounted. it should look something like this:
Code:
# df -h
Filesystem     Size    Used   Avail Capacity  Mounted on
/dev/ad0s1a    1.9G    177M    1.6G    10%    /
devfs          1.0K    1.0K      0B   100%    /dev
/dev/md0       3.6M     28K    3.3M     1%    /var/run
devfs          1.0K    1.0K      0B   100%    /var/dhcpd/dev
/dev/ad1s1a     54G     22M     50G     0%    /cache/squid

Now all thats left to do is to enter your pfsense GUI as you normally would, and go to Services --> Squid --> Cache Management. Where it asks you where the cache is to be stored, enter "cache/squid"

Now, if all went well, you should be done! Check and make sure that there are no errors in your System Log... Satus --> System Logs. It may be necessary for you to manually create the swap directories. In which case, go back to the command prompt and type in
Code:
squid -z
.

Its also a good idea to check and make sure that it create your swap directories. Of course, if squid-z comes back with an error, then it obviously did not. But, if it did then typing in ls /cache/squid will show you something like this:
Code:
# ls /cache/squid
.snap  05  0B  11  17  1D
00  06  0C  12  18  1E
01  07  0D  13  19  1F
02  08  0E  14  1A  swap.state
03  09  0F  15  1B
04  0A  10  16  1C

If it did not work, it will only show .snap and nothing else. So, if ls /cache/squid shows the above then congratulations! Now the only thing left for you to do is to delete your other squid cache by typing
Code:
rm -R /var/squid/cache/*

Some Troubleshooting:

If you were unable to create swap directories (as I was), it might say something like this:
Code:
# squid -z
2009/12/24 20:56:44| parseConfigFile: squid.conf:62 unrecognized: 'delay_pools'
2009/12/24 20:56:44| parseConfigFile: squid.conf:63 unrecognized: 'delay_class'
2009/12/24 20:56:44| parseConfigFile: squid.conf:64 unrecognized: 'delay_parameters'
2009/12/24 20:56:44| parseConfigFile: squid.conf:65 unrecognized: 'delay_initial_bucket_level'
2009/12/24 20:56:44| parseConfigFile: squid.conf:66 unrecognized: 'delay_access'
2009/12/24 20:56:44| Creating Swap Directories
FATAL: Failed to make swap directory /cache/squid/00: (13) Permission denied
Squid Cache (Version 2.7.STABLE7): Terminated abnormally.
CPU Usage: 0.001 seconds = 0.001 user + 0.000 sys
Maximum Resident Size: 3664 KB
Page faults with physical i/o: 0

Also, I was getting tons of errors in my system log. Things like:
Code:
Dec 24 20:53:07  squid[43341]: Squid Parent: child process 43504 started
Dec 24 20:53:08  squid[43504]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Dec 24 20:53:08  kernel: pid 43504 (squid), uid 62: exited on signal 6
Dec 24 20:53:08  squid[43341]: Squid Parent: child process 43504 exited due to signal 6
Dec 24 20:53:08  squid[43341]: Exiting due to repeated, frequent failures
Dec 24 20:53:55  Squid_Alarm[43599]: Squid has exited. Reconfiguring filter.
Dec 24 20:53:55  Squid_Alarm[43601]: Attempting restart...
Dec 24 20:53:55  squid[43608]: Squid Parent: child process 43611 started
Dec 24 20:53:55  squid[43611]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Dec 24 20:53:55  kernel: pid 43611 (squid), uid 62: exited on signal 6
Dec 24 20:53:55  squid[43608]: Squid Parent: child process 43611 exited due to signal 6
Dec 24 20:53:58  Squid_Alarm[43615]: Reconfiguring filter...
Dec 24 20:53:58  squid[43608]: Squid Parent: child process 43618 started
Dec 24 20:53:58  squid[43618]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Dec 24 20:53:58  kernel: pid 43618 (squid), uid 62: exited on signal 6
Dec 24 20:53:58  squid[43608]: Squid Parent: child process 43618 exited due to signal 6
Dec 24 20:53:59  Squid_Alarm[43693]: Squid has resumed. Reconfiguring filter.
Dec 24 20:54:01  squid[43608]: Squid Parent: child process 43763 started
Dec 24 20:54:02  squid[43763]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Dec 24 20:54:02  kernel: pid 43763 (squid), uid 62: exited on signal 6
Dec 24 20:54:02  squid[43608]: Squid Parent: child process 43763 exited due to signal 6
Dec 24 20:54:05  squid[43608]: Squid Parent: child process 43768 started
Dec 24 20:54:05  squid[43768]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Dec 24 20:54:05  kernel: pid 43768 (squid), uid 62: exited on signal 6
Dec 24 20:54:05  squid[43608]: Squid Parent: child process 43768 exited due to signal 6
Dec 24 20:54:08  squid[43608]: Squid Parent: child process 43772 started
Dec 24 20:54:08  squid[43772]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Dec 24 20:54:08  kernel: pid 43772 (squid), uid 62: exited on signal 6
Dec 24 20:54:08  squid[43608]: Squid Parent: child process 43772 exited due to signal 6
Dec 24 20:54:08  squid[43608]: Exiting due to repeated, frequent failures
Dec 24 20:54:55  Squid_Alarm[43880]: Squid has exited. Reconfiguring filter.
Dec 24 20:54:55  Squid_Alarm[43882]: Attempting restart...
Dec 24 20:54:56  squid[43889]: Squid Parent: child process 43892 started
Dec 24 20:54:56  squid[43892]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Dec 24 20:54:56  kernel: pid 43892 (squid), uid 62: exited on signal 6
Dec 24 20:54:56  squid[43889]: Squid Parent: child process 43892 exited due to signal 6
Dec 24 20:54:59  Squid_Alarm[43896]: Reconfiguring filter...
Dec 24 20:54:59  squid[43889]: Squid Parent: child process 43899 started
Dec 24 20:54:59  squid[43899]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Dec 24 20:54:59  kernel: pid 43899 (squid), uid 62: exited on signal 6

For this, it might be worthwhile to read the squid faq page where it talks about this: http://wiki.squid-cache.org/SquidFaq/TroubleShooting.

For me, however, that did not solve my problem. I simply had to change privileges of the file by typing in
Code:
chown proxy:proxy /cache/squid
. After that, I was able to do squid -z properly and everything went smoothly!

So, I hope this will help other people. I'm sorry, I'm not very good at making how-tos but hopefully this will work. If someone wants to rewrite it and post it in with the pfsense tutorials and howtos then be my guest!

squid untuk menggunakan hard drive yang terpisah sebagai cache

Cara mengkonfigurasi squid untuk menggunakan hard drive yang terpisah sebagai cache nya
from : http://forum.pfsense.org/index.php/topic,29816.0.html

Here it is: Ini dia:
Setting  pengaturan jumper (master, slave) jika diperlukan.

Anda akan perlu menghapus semua data dari drive. Kemudian Anda harus membuat slice, atau partisi. Anda dapat melakukannya secara manual di konsol tapi aku pribadi berlari ke dalam banyak masalah melakukannya dengan cara itu. Cara yang lebih baik, aku telah menemukan adalah dengan menggunakan liveCD pfsense.

Masukkan CD dan reboot komputer. Ketika Anda masuk ke bagian mana menanyakan apakah Anda ingin memasukkan Recovery Mode atau Installer Mode, tekan "I" untuk memasukkan installer. Ketika Anda sampai pada pilihan menginstal yang tertera di layar dan menanyakan apakah Anda ingin melakukan instalasi cepat atau custom install, tekan 'kustom instal. Kami tidak akan menginstal pfsense sekarang, tetapi hanya partisi hard drive.

Berikutnya, Anda akan ditanya apa hard drive Anda ingin menginstalnya pada. Pastikan untuk memilih yang benar. Jika drive anda adalah IDE seperti master dan slave, maka itu akan ad1. Hanya terus berlanjut melalui pembuatan  itu akan dibawa ke layar geometri disk, dan menekan "menerima geometri ini. Dan kemudian akan ingin Anda untuk membuat slice (saya pikir thats apa yang disebut perusahaan), sehingga Anda akan membuat satu. Maka Anda akan ingin menginstal bootblocks. Anda hanya harus mengabaikan langkah ini. Maka akan ingin kau partisi itu. Saat Anda masuk ke layar ini, Anda perlu menghapus partisi swap default dan mengubah titik mount untuk sesuatu seperti / squid / cache atau / cache / squid. Or, it might just work with /cache. Atau, ia hanya bisa bekerja dengan / cache. Then you will hit continue... Kemudian Anda akan memukul terus ...

Pada titik ini, akan ingin memformat partisi dan memulai instalasi pfsense. Saya telah menemukan bahwa untuk beberapa alasan, pfsense tidak memformat partisi dengan benar dan ia datang kembali dengan kesalahan. Ini mungkin karena bingung karena tidak ada partisi swap, saya tidak tahu. Namun, masalah ini mudah diatasi dengan secara manual memformat hard drive.

Jadi, pada titik ini Anda perlu terus memukul kembali tombol sampai Anda menginstal kembali ke halaman utama. Di sana Anda akan tekan 'reboot' dan sekali reboot, lepas CD. Kemudian, harus memuat kembali ke Anda menginstal HD pfsense.

Dari sana, Anda akan perlu menekan 8 untuk memasuki shell di mana Anda dapat mengetikkan perintah. Di sini, Anda perlu mengetik
Code: Kode:

newfs /dev/ad1s1a newfs / dev/ad1s1a
Ganti '/ dev/ad1s1a' dengan nama yang tepat untuk hard drive dan slice pada hard drive Anda.

Setelah itu selesai, kita perlu mengedit "ee / etc / fstab" (tanpa tanda kutip) dan tambahkan baris berikut:
Code: Kode:
/dev/ad1s1a    /cache/squid/   UFS      rw     1    1


ex: punya saya

# Device                Mountpoint      FStype   Options     Dump    Pass#
/dev/ad0s1a             /                 ufs         rw            1         1
/dev/ad0s1b             none            swap      sw            0         0
/dev/ad0s1d             /var/squid/log         ufs     rw,noatime      2
/dev/ad1s1a             /cache0                 ufs     rw,noatime      2
/dev/ad2s1a             /cache1                 ufs     rw,noatime      2
/dev/ad3s1a             /cache2                 ufs     rw,noatime      2


Sekali lagi, mengubah "/ cache / squid" agar sesuai dengan mountpoint yang ingin Anda tetapkan untuk cache squid Anda.

Buat direktori cache / (untuk pfsense untuk me-mount hard drive Anda). Lakukan itu dengan
Code: Kode:

mkdir /cache/squid
sesuaikan pemilihan nama (ingat ini hanya example) "/cache/ squid" sehingga cocok dengan milik Anda.

setelah semua itu dilakukan kemudian ketikkan

mount-a

Kemudian ketik df-h untuk memastikan yang terpasang.

 # df -h # Df-h
 Filesystem     Size    Used   Avail Capacity  Mounted on Ukuran Filesystem Digunakan Kapasitas Tersedia Di Mount pada
 /dev/ad0s1a    1.9G    177M    1.6G    10%    / / Dev/ad0s1a 1.9G 177M 1.6G 10% /
 devfs          1.0K    1.0K      0B   100%    /dev devfs 1.0K 1.0K 0B 100% / dev
 /dev/md0       3.6M     28K    3.3M     1%    /var/run / Dev/md0 28K 3.6M 3.3M 1% / var / run
 devfs          1.0K    1.0K      0B   100%    /var/dhcpd/dev 1.0K devfs 1.0K 0B 100% / var / dhcpd / dev
 /dev/ad1s1a     54G     22M     50G     0%    /cache/squid / Dev/ad1s1a 22m 54g 50g 0% / cache / squid

Sekarang yang harus anda lakukan adalah untuk memasukkan GUI pfsense seperti biasa, dan pergi ke Jasa -> Squid -> Manajemen Cache. Dimana meminta Anda untuk cache akan disimpan, digui pilih "cache / squid"

Sekarang, jika semuanya berjalan dengan baik, yang anda harus lakukan adalah... Periksa dan pastikan bahwa tidak ada kesalahan pada Anda System Log ... Satus --> System Logs. Satus - Sistem> Log. Mungkin perlu bagi Anda untuk secara manual menciptakan direktori swap. Dalam kasus ini, kembali ke command prompt dan ketik
Code: Kode:

 squid -z

. .
juga ide yang baik untuk memeriksa dan memastikan bahwa Anda membuat direktori swap. Tentu saja, jika squid-z datang kembali dengan kesalahan, maka jelas tidak. But, if it did then typing in ls /cache/squid will show you something like this: Tapi, jika hal itu kemudian mengetikkan ls / cache / squid akan menunjukkan sesuatu seperti ini:
Code: Kode:

 # ls /cache/squid # ls / cache / squid
 .snap  05  0B  11  17  1D snap 05 11 17 1D 0B.
 00  06  0C  12  18  1E 00 06 0C 12 18 1E
 01  07  0D  13  19  1F 01 07 0D 13 19 1F
 02  08  0E  14  1A  swap.state 02 08 0E 14 1A swap.state
 03  09  0F  15  1B 03 09 0F 15 1B
 04  0A  10  16  1C 04 10 16 1C 0A


Jika tidak berhasil, itu hanya akan ditampilkan. Snap dan apa-apa lagi. So, if ls /cache/squid shows the above then congratulations! Jadi, jika ls / cache / squid menunjukkan di atas maka selamat! Sekarang satu-satunya yang tersisa untuk Anda lakukan adalah menghapus cache lain cumi Anda dengan mengetikkan
Code: Kode:

 rm -R /var/squid/cache/*

Beberapa Masalah:

Jika Anda tidak dapat membuat direktori swap (seperti saya), mungkin mengatakan sesuatu seperti ini:
Code: Kode:

 # squid -z
 2009/12/24 20:56:44| parseConfigFile: squid.conf:62 unrecognized: 'delay_pools' 2009/12/24 20:56:44 | parseConfigFile: squid.conf: '62 yang belum diakui:' delay_pools
 2009/12/24 20:56:44| parseConfigFile: squid.conf:63 unrecognized: 'delay_class' 2009/12/24 20:56:44 | parseConfigFile: squid.conf: '63 yang belum diakui:' delay_class
 2009/12/24 20:56:44| parseConfigFile: squid.conf:64 unrecognized: 'delay_parameters' 2009/12/24 20:56:44 | parseConfigFile: squid.conf: '64 yang belum diakui:' delay_parameters
 2009/12/24 20:56:44| parseConfigFile: squid.conf:65 unrecognized: 'delay_initial_bucket_level' 2009/12/24 20:56:44 | parseConfigFile: squid.conf: 65 yang belum diakui: 'delay_initial_bucket_level'
 2009/12/24 20:56:44| parseConfigFile: squid.conf:66 unrecognized: 'delay_access' 2009/12/24 20:56:44 | parseConfigFile: squid.conf: 66 yang belum diakui: 'delay_access'
 2009/12/24 20:56:44| Creating Swap Directories 2009/12/24 20:56:44 | Swap Menciptakan Direktori
 FATAL: Failed to make swap directory /cache/squid/00: (13) Permission denied Fatal: Gagal untuk membuat direktori swap / cache/squid/00: (13) Izin ditolak
 Squid Cache (Version 2.7.STABLE7): Terminated abnormally. Squid Cache (Version 2.7.STABLE7): Dihentikan normal.
 CPU Usage: 0.001 seconds = 0.001 user + 0.000 sys CPU Usage: 0,001 detik = 0,001 + 0,000 pengguna sys
 Maximum Resident Size: 3664 KB Residen Maksimum Ukuran: 3664 KB
 Page faults with physical i/o: 0 Halaman kesalahan dengan fisik i / o: 0

Hal-hal seperti:
Code: Kode:

Dec 24 20:53:07  squid[43341]: Squid Parent: child process 43504 started Desember 24 20:53:07 squid [43341]: Squid Parent: Proses anak mulai 43.504
 Dec 24 20:53:08  squid[43504]: Failed to verify one of the swap directories, Check cache.log for details. Desember 24 20:53:08 squid [43504]: Gagal memverifikasi salah satu direktori swap, Check cache.log untuk rincian. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time. Run 'squid-z' untuk menciptakan direktori swap jika diperlukan, atau jika menjalankan Squid untuk pertama kalinya.
 Dec 24 20:53:08  kernel: pid 43504 (squid), uid 62: exited on signal 6 Desember 24 20:53:08 kernel: pid 43504 (cumi), uid 62: keluar pada sinyal 6
 Dec 24 20:53:08  squid[43341]: Squid Parent: child process 43504 exited due to signal 6 Desember 24 20:53:08 squid [43341]: Squid Parent: Proses 43.504 anak keluar karena sinyal 6
 Dec 24 20:53:08  squid[43341]: Exiting due to repeated, frequent failures Desember 24 20:53:08 squid [43341]: Keluar karena diulang, kegagalan sering
 Dec 24 20:53:55  Squid_Alarm[43599]: Squid has exited. 24 Desember 20:53:55 Squid_Alarm [43599]: Squid telah keluar. Reconfiguring filter. Mengkonfigurasi filter.
 Dec 24 20:53:55  Squid_Alarm[43601]: Attempting restart... 24 Desember 20:53:55 Squid_Alarm [43601]: restart Mencoba ...
 Dec 24 20:53:55  squid[43608]: Squid Parent: child process 43611 started Desember 24 20:53:55 squid [43608]: Squid Parent: Proses anak mulai 43.611
 Dec 24 20:53:55  squid[43611]: Failed to verify one of the swap directories, Check cache.log for details. Desember 24 20:53:55 squid [43611]: Gagal memverifikasi salah satu direktori swap, Check cache.log untuk rincian. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time. Run 'squid-z' untuk menciptakan direktori swap jika diperlukan, atau jika menjalankan Squid untuk pertama kalinya.
 Dec 24 20:53:55  kernel: pid 43611 (squid), uid 62: exited on signal 6 Desember 24 20:53:55 kernel: pid 43611 (cumi), uid 62: keluar pada sinyal 6
 Dec 24 20:53:55  squid[43608]: Squid Parent: child process 43611 exited due to signal 6 Desember 24 20:53:55 squid [43608]: Squid Parent: Proses 43.611 anak keluar karena sinyal 6
 Dec 24 20:53:58  Squid_Alarm[43615]: Reconfiguring filter... 24 Desember 20:53:58 Squid_Alarm [43615]: Mengkonfigurasi filter ...
 Dec 24 20:53:58  squid[43608]: Squid Parent: child process 43618 started Desember 24 20:53:58 squid [43608]: Squid Parent: Proses anak mulai 43.618
 Dec 24 20:53:58  squid[43618]: Failed to verify one of the swap directories, Check cache.log for details. Desember 24 20:53:58 squid [43618]: Gagal memverifikasi salah satu direktori swap, Check cache.log untuk rincian. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time. Run 'squid-z' untuk menciptakan direktori swap jika diperlukan, atau jika menjalankan Squid untuk pertama kalinya.
 Dec 24 20:53:58  kernel: pid 43618 (squid), uid 62: exited on signal 6 Desember 24 20:53:58 kernel: pid 43618 (cumi), uid 62: keluar pada sinyal 6
 Dec 24 20:53:58  squid[43608]: Squid Parent: child process 43618 exited due to signal 6 Desember 24 20:53:58 squid [43608]: Squid Parent: Proses 43.618 anak keluar karena sinyal 6
 Dec 24 20:53:59  Squid_Alarm[43693]: Squid has resumed. 24 Desember 20:53:59 Squid_Alarm [43693]: Squid telah melanjutkan. Reconfiguring filter. Mengkonfigurasi filter.
 Dec 24 20:54:01  squid[43608]: Squid Parent: child process 43763 started Desember 24 20:54:01 squid [43608]: Squid Parent: Proses anak mulai 43.763
 Dec 24 20:54:02  squid[43763]: Failed to verify one of the swap directories, Check cache.log for details. Desember 24 20:54:02 squid [43763]: Gagal memverifikasi salah satu direktori swap, Check cache.log untuk rincian. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time. Run 'squid-z' untuk menciptakan direktori swap jika diperlukan, atau jika menjalankan Squid untuk pertama kalinya.
 Dec 24 20:54:02  kernel: pid 43763 (squid), uid 62: exited on signal 6 Desember 24 20:54:02 kernel: pid 43763 (cumi), uid 62: keluar pada sinyal 6
 Dec 24 20:54:02  squid[43608]: Squid Parent: child process 43763 exited due to signal 6 Desember 24 20:54:02 squid [43608]: Squid Parent: Proses 43.763 anak keluar karena sinyal 6
 Dec 24 20:54:05  squid[43608]: Squid Parent: child process 43768 started Desember 24 20:54:05 squid [43608]: Squid Parent: Proses anak mulai 43.768
 Dec 24 20:54:05  squid[43768]: Failed to verify one of the swap directories, Check cache.log for details. Desember 24 20:54:05 squid [43768]: Gagal memverifikasi salah satu direktori swap, Check cache.log untuk rincian. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time. Run 'squid-z' untuk menciptakan direktori swap jika diperlukan, atau jika menjalankan Squid untuk pertama kalinya.
 Dec 24 20:54:05  kernel: pid 43768 (squid), uid 62: exited on signal 6 Desember 24 20:54:05 kernel: pid 43768 (cumi), uid 62: keluar pada sinyal 6
 Dec 24 20:54:05  squid[43608]: Squid Parent: child process 43768 exited due to signal 6 Desember 24 20:54:05 squid [43608]: Squid Parent: Proses 43.768 anak keluar karena sinyal 6
 Dec 24 20:54:08  squid[43608]: Squid Parent: child process 43772 started Desember 24 20:54:08 squid [43608]: Squid Parent: Proses anak mulai 43.772
 Dec 24 20:54:08  squid[43772]: Failed to verify one of the swap directories, Check cache.log for details. Desember 24 20:54:08 squid [43772]: Gagal memverifikasi salah satu direktori swap, Check cache.log untuk rincian. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time. Run 'squid-z' untuk menciptakan direktori swap jika diperlukan, atau jika menjalankan Squid untuk pertama kalinya.
 Dec 24 20:54:08  kernel: pid 43772 (squid), uid 62: exited on signal 6 Desember 24 20:54:08 kernel: pid 43772 (cumi), uid 62: keluar pada sinyal 6
 Dec 24 20:54:08  squid[43608]: Squid Parent: child process 43772 exited due to signal 6 Desember 24 20:54:08 squid [43608]: Squid Parent: Proses 43.772 anak keluar karena sinyal 6
 Dec 24 20:54:08  squid[43608]: Exiting due to repeated, frequent failures Cumi-cumi Desember 24 20:54:08 [43608]: Keluar karena diulang, kegagalan sering
 Dec 24 20:54:55  Squid_Alarm[43880]: Squid has exited. 24 Desember 20:54:55 Squid_Alarm [43880]: Squid telah keluar. Reconfiguring filter. Mengkonfigurasi filter.
 Dec 24 20:54:55  Squid_Alarm[43882]: Attempting restart... 24 Desember 20:54:55 Squid_Alarm [43882]: restart Mencoba ...
 Dec 24 20:54:56  squid[43889]: Squid Parent: child process 43892 started Desember 24 20:54:56 squid [43889]: Squid Parent: Proses anak mulai 43.892
 Dec 24 20:54:56  squid[43892]: Failed to verify one of the swap directories, Check cache.log for details. Desember 24 20:54:56 squid [43892]: Gagal memverifikasi salah satu direktori swap, Check cache.log untuk rincian. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time. Run 'squid-z' untuk menciptakan direktori swap jika diperlukan, atau jika menjalankan Squid untuk pertama kalinya.
 Dec 24 20:54:56  kernel: pid 43892 (squid), uid 62: exited on signal 6 Desember 24 20:54:56 kernel: pid 43892 (cumi), uid 62: keluar pada sinyal 6
 Dec 24 20:54:56  squid[43889]: Squid Parent: child process 43892 exited due to signal 6 Desember 24 20:54:56 squid [43889]: Squid Parent: Proses 43.892 anak keluar karena sinyal 6
 Dec 24 20:54:59  Squid_Alarm[43896]: Reconfiguring filter... 24 Desember 20:54:59 Squid_Alarm [43896]: Mengkonfigurasi filter ...
 Dec 24 20:54:59  squid[43889]: Squid Parent: child process 43899 started Desember 24 20:54:59 squid [43889]: Squid Parent: Proses anak mulai 43.899
 Dec 24 20:54:59  squid[43899]: Failed to verify one of the swap directories, Check cache.log for details. Desember 24 20:54:59 squid [43899]: Gagal memverifikasi salah satu direktori swap, Check cache.log untuk rincian. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time. Run 'squid-z' untuk menciptakan direktori swap jika diperlukan, atau jika menjalankan Squid untuk pertama kalinya.
 Dec 24 20:54:59  kernel: pid 43899 (squid), uid 62: exited on signal 6 Desember 24 20:54:59 kernel: pid 43899 (cumi), uid 62: keluar pada sinyal 6

Untuk ini, mungkin ada baiknya untuk membaca halaman faq cumi mana berbicara tentang ini: http://wiki.squid-cache.org/SquidFaq/TroubleShooting .

Namun, itu tidak memecahkan masalah saya. menurut Aku hanya harus mengubah hak istimewa dari file dengan mengetikkan
Code: Kode:

 chown proxy:proxy /cache/squid

Setelah itu, saya bisa lakukan squid-z dengan baik dan semuanya berjalan dengan lancar!

Maka, saya berharap ini akan membantu orang lain. Maaf, saya tidak pandai membuat cara-KL tapi mudah-mudahan ini akan berhasil.

Sabtu, 28 Mei 2011

Throttle other extensions (acl)

Buat yang membutuhkan untuk di inject ke "/var/squid/acl/throttle_exts.acl" atau melalui  Throttle other extensions pada Proxy server: Traffic management

aif$;\.rmi$;\.snd$;\.wav$;\.aifc$;\.aiff$;\.au$;\.mid$;\.midi$;\.mp3$;\.wma$;\.vqf$;\.aaf$; \.ogg$;\.asf$;\.x-flv$;\.mpe$;\.mpeg$;\.mpg$;\.mpv2$;\.avi$;\.m1v$;\.mp2$;\.mp2v$;\.mpa$;\.flv$; \.wmv$;\.dat$;\.mkv$;\.div$;\.divx$;\.ac3$;\.dts$;\.vob$;\.dvr-ms$;\.mp4$;\.m2v$;\.m4v$;\.m2ts$; \.bup$;\.3gpp$;\.3g2$;\.3gp2$;\.vro$;\.rm$;\.3gp$;\.ram$;\.raw$;\.qt$;\.mov$;\.svcd$;\.xdiv$;\.3mm$; \.aep$;\.ajp$;\.amv$;\.avs$;\.d2v$;\.d3v$;\.dmb$;\.dxr$;\.amx$;\.arf$;\.asf$;\.dvx$;\.f4v$;\.dv$; \.bsf$;\.rmvb$;\.rv$;\.srf$;\.hdf$;\.wbmp$;\.wmf$;\.x3f$;\.xbm$;\.xpm$;\.cr2$;\.crw$;\.dcr$;\.tga$; \.djvu$;\.emf$;\.fpx$;\.icl$;\.icn$;\.plp$;\.ppm$;\.raf$;\.ras$;\.raw$;\.mrw$;\.nef$;\.orf$;\.pbm$; \.pcd$;\.pef$;\.pgm$;\.rs$;\.rpm$;\.bin$;\.dmg$;\.exe$;\.msi$;\.cab$;\.ace$;\.arj$;\.bzip2$;\.gz$; \.jar$;\.tgz$;\.uue$;\.iso$;\.7-zip$;\.rar$;\.alz$;\.nrg$;\.zip$;\.cab$;\.gzip$;\.lzh$;\.lzw$;\.tar$;\.tbz$

from : http://forum.pfsense.org/index.php/topic,28291.msg147286.html#msg147286

pfSense snapshot server

pfSense snapshot server

LiveCD/Installer ISOs
Bootable LiveCD images with the installer, for full system (i.e. not embedded) installs.

NanoBSD (embedded) Images
Disk images in various sizes (512MB, 1GB, 2GB, 4GB) that can be imaged to media (CF, SSD, HDD, other flash). Note: No VGA output, only Serial.

Update Files (For full installs AND for NanoBSD images)
Update images that can be loaded from the GUI or Console to stay current without reinstalling.

pfSense 2.0 Untuk Hotspot, Warnet, Game nline


TIPS : OPTIMASI PFSENSE 2.0 UTK HOTSPOT-WARNET/GAME ONLINE

Berikut ini beberapa Cara Praktis dan cepat, modifikasi untuk PFsense 2 agar berfungsi optimal sebagai proxy server, BW management, captiveportal, DNS/DHCP server, proxy filter dalam satu mesin, Cukup satu mesin solusi hemat utk warnet / hotspot ... hemat hardware, hemat energi, hemat waktu (utk instalasi, maintenance)

A. Tunning Performance Proxy : Lusca

B. Hotspot captiveportal Logout popup window : - Counter waktu koneksi - Menampilkan Informasi :

   1. username

   2. bandwidth up / down,

   3. MAC address,

   4. IP address,

C. Penambahan fitur squid utk Memblok : url berpotensi merusak dan yg mengandung virus conficker, sesuai  www.malwarepatrol.net, serta penambahan "safesearch" di beberapa search engine.

D. Bandwidth Limiter dengan Squid ZPH (Zero Penalty Hit) berlaku utk semua user yang melalui CP, "allowed IP" address dan "allowed mac address". Untuk mengaktifkan fitur bandwidth limiter wajib mengaktifkan captiveportal, walaupun tidak menggunakan login page.

E. Traffic Shapping dan list port dalam bentuk alias untuk Game Online.

F. Penyempurnaan safesearch pada squidGuard http://forum.pfsense.org/index.php/topic,26862.0.html


Persyaratan : Pfsense beta5 snapshot 32 / 64 bit februari atau pfsense 2.0 RC1 dengan paket yang wajib diinstall :

1. Lusca-cache http://code.google.com/p/pfsense-cacheboy/wiki/Pfsense_Lusca

2. backup


Untuk hasil terbaik, rekomendasi paket lain yang diinstall :

1. lightsquid

2. squidGuard

3. unbound dns

4. srg

Hardware minimal : Intel P4 RAM 1GB, dengan HDD 80GB, 2 NIC Recommendasi : Dual Core, 2GB, 2HDD SATA.

Topologi : ADSL --(WAN) -- pfsense --(LAN) --- Switch --- akses point /client

Cara Penggunaan : Download PFsense 2.0 RC1 http://snapshots.pfsense.org/FreeBSD_RELENG_8_1/i386/pfSense_HEAD/

Instalasi awal lihat di http://forum.pfsense.org/index.php/topic,18932.0.html

1. Install dari package manager : --> 1. squid 2. squidGuard , lalu Install lusca chuddy sesuai dengan petunjuk http://code.google.com/p/pfsense-cacheboy/wiki/Pfsense_Lusca


Setting proxy server

- proxy interface LAN

- Allow users on interface : v

- Transparent proxy : v

- Log store directory : /var/squid/log

- Transparent X-Forward : v

- Disable VIA : v

- Use alternate DNS-servers for the proxy-server : 127.0.0.1

- Custom Options :

    zph_mode tos;zph_local 0x04;zph_parent 0;zph_option 136;

Proxy server: Traffic management --> disable dellay pool

Untuk menambah extra HDD khusus untuk proxy, supaya lebih garang, bisa mengikuti tutorial di
http://doc.pfsense.org/index.php/Local_Disk_Storage_on_Embedded_(soekris)

Setting squidGuard

    Blacklist : v

    Blacklist URL : http://squidguard.mesd.k12.or.us/blacklists.tgz

    Common ACL : Target Rules -- > Default access : allow, yang lain terserah kebutuhan...

2. Aktifkan DNS forwarder (terlebih dulu masukkan IP DNS pada System:General Setup)

    atau bisa menggunakan unbound DNS

    Jika memasang paket unbound DNS, pastikan set : Enable Unbound dan Services: DNS forwarder disable

        - network interface : pilih loopback dan LAN.

        - Enable DNSSEC

        - Private Address support

        - Register DHCP static mappings


    DHCP server, masukkan

          dns server dan gateway : IP sisi LAN dari pfsense.

3. Update Paket File
silakan download di sini http://pfsense-zph.googlecode.com/files/pfsense.bak.1mar2011.tgz
UPDATE TERAKHIR : http://code.google.com/p/pfsense-zph/downloads/list

Kemudian melalui package manager install "BACKUP"

Diagnostic -- > Backup File/Dir -- > browse masukkan file pfsense.bak.tgz (file yg telah didownload) ---> upload --- > restore ...

4. Aktifkan captiveportal. "Enable logout popup window" dan "Enable per-user bandwidth restriction" isi BW upload dan downloadnya .. Kosongkan "Logout page contents"

Untuk WARNET, jika menginginkan PC client tidak mau ada halaman login, maka masukkan IP atau MAC addressnya ke allowed IP / MAC, lengkapi dengan pengaturan banwidthnya. Lakukan juga untuk PC billing

Setelah itu restart squid dan captiveportal atau dng reboot system.

5. Traffic shapper dan Rule firewall : (butuh 3x restore dan reboot), di sini juga sudah termasuk rule untuk memblok port 3128 (utk mencegah captiveportal dan BW management terbypass)
5.1. Rule firewall ---> http://pfsense-zph.googlecode.com/files/filter-config-pfsense.xml
WEBGUI: Diagnostic -- > Backup/Restore
Restore configuration
Restore area --> firewall rule
Reboot

5.2. Traffic Shapping --> http://pfsense-zph.googlecode.com/files/shaper-config-pfsense.xml
WEBGUI: Diagnostic -- > Backup/Restore
Restore configuration
Restore area --> Traffic shapper
Reboot

5.3. alias utk game online -- > http://pfsense-zph.googlecode.com/files/aliases-config-pfsense-game-online.xml
WEBGUI: Diagnostic -- > Backup/Restore
Restore configuration
Restore area --> alias
Reboot


6. Setiap kali install ulang paket lusca / squid / squidGuard ataupun update snapshot, pastikan setelah itu update patch-nya lagi
Silakan cek kalau youtube masuk proxy seharusnya di traffic graph akan menembus batas kecepatan dari captiveportalnya. (lihat di gbr)
Tampilkan Status: ---> Queues untuk melihat bahwa traffic shapping bekerja ..

Di bawah ada gambarnya, tapi hanya utk member, makanya daftar dan login dulu forum.pfsense.org ...

Silahkan daftar di sini :  http://forum.pfsense.org/index.php/board,51.0.html
    


* install paket.jpg (38.51 KB, 291x392 - viewed 161 times.)

* restore.jpg (36.56 KB, 566x228 - viewed 122 times.)

* proxy.jpg (81.88 KB, 421x483 - viewed 157 times.)

* captiveportal.jpg (88.4 KB, 253x752 - viewed 178 times.)



* CP_allowed_IP.jpg (76.83 KB, 603x416 - viewed 97 times.)

* CP_pass-through_MAC.jpg (61.52 KB, 591x328 - viewed 80 times.)

* unbound_DNS.jpg (67.75 KB, 275x662 - viewed 112 times.)

* squidGuard_general.jpg (64.73 KB, 417x533 - viewed 104 times.)
« Last Edit: February 19, 2011, 06:22:45 am by anto_DIGIT »

LINK Untuk Panduan PFSENSE Bagi Pemula

Instalasi pfSense dan Settingan Awalnya
  http://forum.pfsense.org/index.php/topic,18932.0.html

OPTIMASI PFSENSE 2.0 UTK HOTSPOT-WARNET/GAME ONLINE
  http://forum.pfsense.org/index.php/topic,29019.0.html

Mempercantik halaman Login Captive portal
  http://forum.pfsense.org/index.php/topic,22105.0.html

file ekstension untuk squid delay pool
  http://forum.pfsense.org/index.php/topic,28291.0.html


Install Squid+Lusca-Chudy (praktis)
  http://forum.pfsense.org/index.php/topic,34348.0.html

DUAL WAN Loadbalance/Failover Pfsense 2.0 Beta
  http://forum.pfsense.org/index.php/topic,29676.0.html


Petunjuk Install Loadbalance + Squid dalam 1 Mesin PFSENSE
  http://forum.pfsense.org/index.php/topic,34413.0.html