Sekedar Kumpulan Catatan Dan Informasi: Oktober 2012

Minggu, 28 Oktober 2012

FreeBSD + ZFS + Lusca Head

Assalamualaikum Wr.Wb
dengan terkantuk" ane buat postingan ini...ada yang minta sih ..makanya tak buatin tutorialnya disini aja.
sebelum nya ane jelasin, ini tutorial ane comot", baca sana baca sini...jadi bukan murni konfigurasi dari ane.
banyakan dari agan Revanthem.

baiklah kita mulai ajah,, langkah awal sediain cd os nya dulu...kalo belum ada download disini
gak gede kok isonya..cuma 83Mb aja. jgn lupa di bakar ya gan,,,hehehe (burning ke cd maksudnya)

ok starting installasi:
Boot Cd.

lalu pertama cek partisi Hard disk

#gpart show

hapus semua partisi, misalkan ada 3 partisi

#gpart delete -i 1 ad0
#gpart delete -i 2 ad0
#gpart delete -i 3 ad0

ane jelasin sedikit disini, ad0 ini nama hardisk nya. tergantung di masing-masing kompi agan, ada ad0,ad1 atau ad5. ini tergantung posisi hdd di mesin anda, sesuaikan aja.
setelah semua partisi dihapus. jangan lupa hapus geometrynya.

#gpart destroy ad0

ok, saat ini hdd agan sudah polos tanpa geometry dan partisi.
lanjut, kita mount cdrom

#mount_cd9660 /dev/acd0 /cdrom

ok lanjut ke install filesystem zfs dan copy source ke hdd

#zfsinstall -d /dev/ad0 -t /cdrom/8.2-RELEASE-i386.tar.xz -s 2G -V 28

ingat gan,, jgn main copas aja lihat nama harddisk nya, sesuaikan dengan punya agan
cek di #gpart show
sedikit penjelasan mengenai perintah diatas :
sesuaikan ad0 , kalo dilaptop ane ad0.
8.2-RELEASE-i386.tar.xz = tergantung image yang didownload tadi. cara gampangnya pas sampe /cdrom/8. < teken tab aja gan
-s 2G = ngeset 2Gb untuk partisi swap. kalau pengen dikecilin atau dibesarin ubah aja
V 28 = ngeset versi ZFS ke versi 28.

disini perintah penginstallan zfs, jadi membutuhkan waktu beberapa detik , kalo di laptop ane sih ..
pokok nya sampai prompt "#"

setelah proses install selesai, lanjut ke dir root

#chroot /mnt

oke agan uda berhasil menginstall setan merah dengan zfs filesystem. eits.. masih ada beberapa config yang perlu kita lakukan, lanjutt

#passwd root

masukkan password dua kali
config ssh dulu, ini guna nya untuk mengkonfigurasi mesin nya via remote

#ee /etc/ssh/sshd_config

ane jelasin perintah diatas :
ee = perintah untuk membuka, mengedit, menghapus isi dari file di freebsd
oke akan muncul promp sshd_config
ada beberapa script yang perlu di ubah , yaitu :

Port 22
PermissionRootLogin no

ilangin tanda "#" nya gan , setelah itu save dengan tekan esc lalu tekan a 2x
script diatas itu maksudnya untuk menentukan port dari ssh dan mengizinkan user "root" login via ssh
selanjutnya konfigurasi ip address

# echo 'defaultrouter="192.168.199.65"' >> /etc/rc.conf
# echo 'gateway_enable="YES"' >> /etc/rc.conf
# echo 'hostname="next.host"' >> /etc/rc.conf
# echo 'ifconfig_el0="inet 192.168.199.67 netmask 255.255.255.0"' >> /etc/rc.conf
# echo 'sshd_enable="YES"' >> /etc/rc.conf
# echo 'nameserver 192.168.20.3' >> /etc/resolv.conf
# echo 'nameserver 124.81.213.1' >> /etc/resolv.conf

ane jelasin sedikit :
yang di bold kan itu ip router ane, kl agan sesuaikan aja
el0 adalah NIC di mesin ane. cara cek nama NIC di mesin agan dengan ifconfig
hostname ganti sesuai keinginan agan
nameserver : dns isp agan, sesuaikan aja.

ok, sampai sini selesai, reboot dulu kompi agan.

lanjutt, install dan config lusca nya
sebelumnya agan download dulu ini
setelah download file config nya, install perl, karena storeurl yang kita gunakan pake perl

# setenv PACKAGEROOT "ftp://ftp.itb.ac.id"
# pkg_add -rv perl
# rehash

proses installasi perl, tunggu sampe selesai, dan pastikan sudah ter install cek di #pkg_info | grep perl
ok, lanjutt lagi gan ..

# cd /tmp
# fetch http://doni-nextel.googlecode.com/files/LUSCA_HEAD.tar.bz2
# tar xzvf LUSCA_HEAD.tar.bz2
# cd /LUSCA_HEAD

lakukan compile.

# make clean
# ./configure --prefix=/usr --exec-prefix=/usr --bindir=/usr/sbin --sbindir=/usr/sbin --libexecdir=/usr/libexec/squid --sysconfdir=/usr/local/etc/squid --localstatedir=/var/log/squid --datadir=/usr/share/squid --enable-async-io=24 --with-aufs-threads=24 --with-pthreads --enable-storeio=aufs,coss,null --disable-linux-netfilter --enable-kqueue --enable-arp-acl --enable-linux-tproxy --disable-epoll --enable-removal-policies=heap --with-aio --with-dl --enable-snmp --enable-delay-pools --enable-htcp --enable-cache-digests --disable-unlinkd --enable-large-cache-files --with-large-files --enable-err-languages=English --enable-default-err-language=English --with-maxfd=65536
# make && make install
# rehash

oke. ini memakan waktu beberapa saat. tunggu sampai selesai.
selanjutnya lakukan create partition

# zfs create tank/next-disk-1
# zfs create tank/next-disk-2
# zfs set mountpoint=/next-disk-1 tank/next-disk-1
# zfs set mountpoint=/next-disk-2 tank/next-disk-2
# zfs set atime=off tank/next-disk-1
# zfs set atime=off tank/next-disk-2
# zfs set quota=80G tank/next-disk-1
# zfs set quota=80G tank/next-disk-2

ane jelasin sedikit disini
ane make mesin dengan Harddisk 250Gb
sesuaikan aja gan
oke, selanjutnya buat log file dan buat permission file

# touch /var/log/squid/access.log
# chown -R proxy:proxy /var/log/squid/access.log
# chown -R proxy:proxy /next-disk-1
# chown -R proxy:proxy /next-disk-2

setelah itu lakukan transfer file yang di download tadi, ada 3 buah file
copy file squid.conf ke /usr/local/etc/squid
copy storeurl.pl ke /usr/share/squid
copy squid.sh ke /usr/local/etc/rc.d/ menggunakan winscp
squid.conf itu oprek" dari ane, kalo agan mau ngubah sesuai dengan tuning agan,silahkan edit

oh iya ane lupa jelasin, transfer file nya menggunakan winscp gan download disini
lanjut gan setting permission file nya

# chmod +x /usr/share/squid/storeurl.pl
# chmod 555 /usr/local/etc/rc.d/squid.sh

mendekati finish, cek konfigurasi dengan perintah : #squid -k parse
kalau tidak ada pesan error. lanjut buat swap files di dir cache : # squid -z
setelah itu jalankan squidnya : #squid -D atau # /usr/local/etc/rc.d/squid.sh start
untuk lihat squid nya jalan apa gak cek disini : ps -ax | grep squid
oke, sampai disini agan telah berhasil memasang squid lusca ke kompi agan
oh iya satu lagi, install ccze (ini optional sih) untuk mempercantik tulisan terminal

# pkg_add -rv ccze
#rehash

atau
#pkg_add -v http://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-8.2-release/sysutils/ccze-0.2.1_2.tbz

jadi kalo agan mau lihat hit proxy nya dengan perintah ini :
#tail -f /var/log/squid/access.log | ccze
tampilan nya seperti ini gan

sumber : http://arandale.blogspot.com/2011/06/freebsd-zfs-lusca-head.html

Cara Menambah Swap di FreeBSD

Jika suatu sistem kehabisan swap, maka akan berakibat buruk terhadap system tersebut. Jalan satu-satunya adalah menambahkan partisi swap baik itu di partisi harddisk yang belum terpakai maupun dengan menambahkan harddisk baru kemudian dilakukan membuat partisi swap.
Untuk mengetahui kondisi swap system yang sedang berjalan adalah dengan perintah swapinfo

# swapinfo  
Device 1K-blocks Used Avail Capacity 
/dev/da0p10 4194304 0 4194304 0%

Dari perintah tersebut terlihat system mempunyai swap sebesar 4GB pada partisi /dev/da0p10
Nah untuk menambah ukuran swap kita lakukan langkah-langkah sebagai berikut.
Lihat kondisi paritisi sekarang dengan menggunakan perintah

 # gpart show
=>       34  286739262  da0  GPT  (136G)
         34        128    1  freebsd-boot  (64k)
        162    4194304    2  freebsd-ufs  (2.0G)
    4194466   20971520    3  freebsd-ufs  (10G)
   25165986   16777216    4  freebsd-ufs  (8.0G)
   41943202    2097152    5  freebsd-ufs  (1.0G)
   44040354   20971520    6  freebsd-ufs  (10G)
   65011874   62914560    7  freebsd-ufs  (30G)
  127926434   62914560    8  freebsd-ufs  (30G)
  190840994   62914560    9  freebsd-ufs  (30G)
  253755554    8388608   10  freebsd-swap  (4.0G)
  262144162   24595134       - free -  (11G)

=>       34  286739262  da1  GPT  (136G)
         34   62914560    1  freebsd-ufs  (30G)
   62914594   62914560    2  freebsd-ufs  (30G)
  125829154   62914560    3  freebsd-ufs  (30G)
  188743714   62914560    4  freebsd-ufs  (30G)
  251658274    26692414   5  - free -  (16G)

Kemudian akan ditambahkan partisi swap pada harddisk da1 dengan perintah

# gpart add -t freebsd-swap -s 4G da1
# gpart show
=>       34  286739262  da0  GPT  (136G)
         34        128    1  freebsd-boot  (64k)
        162    4194304    2  freebsd-ufs  (2.0G)
    4194466   20971520    3  freebsd-ufs  (10G)
   25165986   16777216    4  freebsd-ufs  (8.0G)
   41943202    2097152    5  freebsd-ufs  (1.0G)
   44040354   20971520    6  freebsd-ufs  (10G)
   65011874   62914560    7  freebsd-ufs  (30G)
  127926434   62914560    8  freebsd-ufs  (30G)
  190840994   62914560    9  freebsd-ufs  (30G)
  253755554    8388608   10  freebsd-swap  (4.0G)
  262144162   24595134       - free -  (11G)

=>       34  286739262  da1  GPT  (136G)
         34   62914560    1  freebsd-ufs  (30G)
   62914594   62914560    2  freebsd-ufs  (30G)
  125829154   62914560    3  freebsd-ufs  (30G)
  188743714   62914560    4  freebsd-ufs  (30G)
  251658274    8388608    5  freebsd-swap  (4.0G)
  260046882   26692414       - free -  (12G)

Untuk mengaktifkan partisi swap yang baru lakukan dengan perintah

 # swapon /dev/da1p5

Untuk mengecek apakah swap telah bertambah lakukan perintah berikut

# swapinfo
Device          1K-blocks     Used    Avail Capacity
/dev/da0p10       4194304        0  4194304     0%
/dev/da1p5        4194304        0  4194304     0%
Total

sumber : http://blog.uny.ac.id/arif/2012/01/17/cara-menambah-swap-di-freebsd/

storeurl.pl - lusca

#!/usr/bin/perl
# $Rev$
# by chudy_fernandez@yahoo.com
# Youtube updates at http://wiki.squid-cache.org/ConfigExamples/DynamicContent/YouTube/Discussion
$|=1;
while (<>) {
    @X = split;
#    $X[1] =~ s/&sig=.*//;
    $x = $X[0] . " ";
    $_ = $X[1];
    $u = $X[1];

            #photos-X.ak.fbcdn.net where X a-z
if (m/^http:\/\/photos-[a-z]?(.ak.fbcdn.net.*)/) {
    print $x . "http://photos" . $1 . "\n";

            #maps.google.com
} elsif (m/^http:\/\/(khm|mt)[0-9]?(.google.com.*)/) {
    print $x . "http://" . $1 . $2 . "\n";

            # compatibility for old cached get_video?video_id
} elsif (m/^http:\/\/([0-9.]{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com).*?(videoplayback\?id=.*?|video_id=.*?)\&(.*?)/) {
    $z = $2; $z =~ s/video_id=/get_video?video_id=/;
    print $x . "http://video-srv.youtube.com.SQUIDINTERNAL/" . $z . "\n";

            # youtube 1024p HD itag=37, 720p HD itag=22
} elsif (m/^http:\/\/([0-9.]{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com).*?\&(itag=37|itag=22).*?\&(id=[a-zA-Z0-9]*)/) {
    print $x . "http://video-srv.youtube.com.SQUIDINTERNAL/" . $2 . "&" . $3 . "\n";

            # youtube 360p itag=34 ,480p itag=35 and others
} elsif (m/^http:\/\/([0-9.]{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com).*?\&(itag=[0-9]*).*?\&(id=[a-zA-Z0-9]*)/) {
    print $x . "http://video-srv.youtube.com.SQUIDINTERNAL/" . $3 . "\n";

} elsif (m/^http:\/\/www\.google-analytics\.com\/__utm\.gif\?.*/) {
    print $x . "http://www.google-analytics.com/__utm.gif\n";

            #Cache High Latency Ads
} elsif (m/^http:\/\/([a-z0-9.]*)(\.doubleclick\.net|\.quantserve\.com|\.googlesyndication\.com|yieldmanager|cpxinteractive)(.*)/) {
    $y = $3;$z = $2;
    for ($y) {
    s/pixel;.*/pixel/;
    s/activity;.*/activity/;
    s/(imgad[^&]*).*/\1/;
    s/;ord=[?0-9]*//;
    s/;&timestamp=[0-9]*//;
    s/[&?]correlator=[0-9]*//;
    s/&cookie=[^&]*//;
    s/&ga_hid=[^&]*//;
    s/&ga_vid=[^&]*//;
    s/&ga_sid=[^&]*//;
    # s/&prev_slotnames=[^&]*//
    # s/&u_his=[^&]*//;
    s/&dt=[^&]*//;
    s/&dtd=[^&]*//;
    s/&lmt=[^&]*//;
    s/(&alternate_ad_url=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
    s/(&url=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
    s/(&ref=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
    s/(&cookie=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
    s/[;&?]ord=[?0-9]*//;
    s/[;&]mpvid=[^&;]*//;
    s/&xpc=[^&]*//;
    # yieldmanager
    s/\?clickTag=[^&]*//;
    s/&u=[^&]*//;
    s/&slotname=[^&]*//;
    s/&page_slots=[^&]*//;
    }
    print $x . "http://" . $1 . $2 . $y . "\n";

            #cache high latency ads
} elsif (m/^http:\/\/(.*?)\/(ads)\?(.*?)/) {
    print $x . "http://" . $1 . "/" . $2 . "\n";

} elsif (m/^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*?)/) {
    print $x . "http://" . $1 . "\n";

            #cdn, varialble 1st path
} elsif (($u =~ /filehippo/) && (m/^http:\/\/(.*?)\.(.*?)\/(.*?)\/(.*)\.([a-z0-9]{3,4})(\?.*)?/)) {
    @y = ($1,$2,$4,$5);
    $y[0] =~ s/[a-z0-9]{2,5}/cdn./;
    print $x . "http://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";

            #rapidshare
} elsif (($u =~ /rapidshare/) && (m/^http:\/\/(([A-Za-z]+[0-9-.]+)*?)([a-z]*\.[^\/]{3}\/[a-z]*\/[0-9]*)\/(.*?)\/([^\/\?\&]{4,})$/)) {
    print $x . "http://cdn." . $3 . "/SQUIDINTERNAL/" . $5 . "\n";

} elsif (($u =~ /maxporn/) && (m/^http:\/\/([^\/]*?)\/(.*?)\/([^\/]*?)(\?.*)?$/)) {
    print $x . "http://" . $1 . "/SQUIDINTERNAL/" . $3 . "\n";

            #domain/path/.*/path/filename
} elsif (($u =~ /fucktube/) && (m/^http:\/\/(.*?)(\.[^\.\-]*?[^\/]*\/[^\/]*)\/(.*)\/([^\/]*)\/([^\/\?\&]*)\.([^\/\?\&]{3,4})(\?.*?)$/)) {
    @y = ($1,$2,$4,$5,$6);
    $y[0] =~ s/(([a-zA-A]+[0-9]+(-[a-zA-Z])?$)|([^\.]*cdn[^\.]*)|([^\.]*cache[^\.]*))/cdn/;
    print $x . "http://" . $y[0] . $y[1] . "/" . $y[2] . "/" . $y[3] . "." . $y[4] . "\n";

            #like porn hub variables url and center part of the path, filename etention 3 or 4 with or without ? at the end
} elsif (($u =~ /tube8|pornhub|xvideos/) && (m/^http:\/\/(([A-Za-z]+[0-9-.]+)*?(\.[a-z]*)?)\.([a-z]*[0-9]?\.[^\/]{3}\/[a-z]*)(.*?)((\/[a-z]*)?(\/[^\/]*){4}\.[^\/\?]{3,4})(\?.*)?$/)) {
    print $x . "http://cdn." . $4 . $6 . "\n";

            #for yimg.com video
} elsif (m/^http:\/\/(.*yimg.com)\/\/(.*)\/([^\/\?\&]*\/[^\/\?\&]*\.[^\/\?\&]{3,4})(\?.*)?$/) {
    print $x . "http://cdn.yimg.com//" . $3 . "\n";

            #for yimg.com doubled
} elsif (m/^http:\/\/(.*?)\.yimg\.com\/(.*?)\.yimg\.com\/(.*?)\?(.*)/) {
    print $x . "http://cdn.yimg.com/" . $3 . "\n";

            #for yimg.com with &sig=
} elsif (m/^http:\/\/([^\.]*)\.yimg\.com\/(.*)/) {
    @y = ($1,$2);
    $y[0] =~ s/[a-z]+([0-9]+)?/cdn/;
    $y[1] =~ s/&sig=.*//;
    print $x . "http://" . $y[0] . ".yimg.com/" . $y[1] . "\n";

            #youjizz. We use only domain and filename
} elsif (($u =~ /media[0-9]{1,5}\.youjizz/) && (m/^http:\/\/(.*?)(\.[^\.\-]*?\.[^\/]*)\/(.*)\/([^\/\?\&]*)\.([^\/\?\&]{3,4})(\?.*?)$/)) {
    @y = ($1,$2,$4,$5);
    $y[0] =~ s/(([a-zA-A]+[0-9]+(-[a-zA-Z])?$)|([^\.]*cdn[^\.]*)|([^\.]*cache[^\.]*))/cdn/;
    print $x . "http://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";

            #general purpose for cdn servers. add above your specific servers.
} elsif (m/^http:\/\/([0-9.]*?)\/\/(.*?)\.(.*)\?(.*?)/) {
    print $x . "http://squid-cdn-url//" . $2 . "." . $3 . "\n";

            # spicific extention
# } elsif (m/^http:\/\/(.*?)\.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|wmv|3gp|mp(4|3)|exe|msi|zip|on2|mar|swf).*?/) {
    # @y = ($1,$2);
    # $y[0] =~ s/((cache|cdn)[-\d]*)|([a-zA-A]+-?[0-9]+(-[a-zA-Z]*)?)/cdn/;
    # print $x . "http://" . $y[0] . "." . $y[1] . "\n";

            #generic http://variable.domain.com/path/filename."ex", "ext" or "exte"
            #http://cdn1-28.projectplaylist.com
            #http://s1sdlod041.bcst.cdn.s1s.yimg.com
} elsif (m/^http:\/\/(.*?)(\.[^\.\-]*?\..*?)\/([^\?\&\=]*)\.([\w\d]{2,4})\??.*$/) {
    @y = ($1,$2,$3,$4);
    $y[0] =~ s/([a-z][0-9][a-z]dlod[\d]{3})|((cache|cdn)[-\d]*)|([a-zA-A]+-?[0-9]+(-[a-zA-Z]*)?)/cdn/;
    print $x . "storeurl://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";

            # all that ends with ;
} elsif (m/^http:\/\/(.*?)\/(.*?)\;(.*)/) {
    print $x . "http://" . $1 . "/" . $2 . "\n";

} else {
    print $x . $_ . "\n";
}
}

include.conf - lusca

# $Rev$
acl store_rewrite_list urlpath_regex \/(get_video|videoplayback\?id|videoplayback.*id) \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|wmv|3gp|mp(4|3)|exe|msi|zip|on2|mar|swf|fid)\?
acl store_rewrite_list_domain url_regex ^http:\/\/([a-zA-Z-]+[0-9-]+)\.[A-Za-z]*\.[A-Za-z]*
acl store_rewrite_list_domain url_regex (([a-z]{1,2}[0-9]{1,3})|([0-9]{1,3}[a-z]{1,2}))\.[a-z]*[0-9]?\.[a-z]{3}
acl store_rewrite_list_path urlpath_regex \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|avc|zip|mp3|3gp|rar|on2|mar|exe)$
acl store_rewrite_list_domain_CDN url_regex (khm|mt)[0-9]?.google.com streamate.doublepimp.com.*\.js\? photos-[a-z].ak.fbcdn.net \.rapidshare\.com.*\/[0-9]*\/.*\/[^\/]* ^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*) \.doubleclick\.net.* yieldmanager cpxinteractive ^http:\/\/[.a-z0-9]*\.photobucket\.com.*\.[a-z]{3}$ quantserve\.com

#acl rapidurl url_regex \.rapidshare\.com.*\/[0-9]*\/[0-9]*\/[^\/]*
#acl video urlpath_regex \.((mpeg|ra?m|avi|mp(g|e|4)|mov|divx|asf|qt|wmv|m\dv|rv|vob|asx|ogm|flv|3gp)(\?.*)?)$ (get_video\?|videoplayback\?|videodownload\?|\.flv(\?.*)?)
#acl html url_regex \.((html|htm|php|js|css|aspx)(\?.*)?)$ \.com\/$ \.com$
#acl images urlpath_regex \.((jp(e?g|e|2)|gif|png|tiff?|bmp|ico)(\?.*)?)$

acl dontrewrite url_regex redbot\.org (get_video|videoplayback\?id|videoplayback.*id).*begin\=[1-9][0-9]* \.php\? threadless.*\.jpg\?r=
acl getmethod method GET

storeurl_access deny dontrewrite
storeurl_access deny !getmethod
storeurl_access allow store_rewrite_list_domain_CDN
storeurl_access allow store_rewrite_list
storeurl_access allow store_rewrite_list_domain store_rewrite_list_path
storeurl_access deny all
storeurl_rewrite_program /usr/local/etc/squid/storeurl.pl
storeurl_rewrite_children 1
storeurl_rewrite_concurrency 99

acl snmppublic snmp_community public
cachemgr_passwd none config reconfigure

#work around for fragment videos of msn
acl msnvideo url_regex QualityLevel.*Fragment
http_access deny msnvideo

#always_direct allow html
#cache_peer localhost parent 4001 0 carp login=PASS name=backend-1
max_stale 10 years

include /usr/local/etc/squid/refresh.conf

#acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
#upgrade_http0.9 deny shoutcast
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache

#read_ahead_gap 0 KB

#ie_refresh on
reload_into_ims on

strip_query_terms off
deny_info TCP_RESET localnet
negative_dns_ttl 1 second
negative_ttl 1 second
snmp_port 3401
snmp_access allow snmppublic all
maximum_single_addr_tries 2
retry_on_error on
n_aiops_threads 64
#request_header_max_size 128 KB
#reply_header_max_size 128 KB
#range_offset_limit 10 MB
vary_ignore_expire on
#client_db off # this needs to be on for acl maxconn to work
ipcache_size 4096
fqdncache_size 20
#tcp_recv_bufsize 64 KB
pipeline_prefetch on
#half_closed_clients off

# 0x10 no delay, 0x08 throughput, 0x04 reliability
# 0x10       10000    (minimize delay)           Use delay metric
# 0x08       01000    (maximize throughput)      Use default metric
# 0x04       00100    (maximize reliability)     Use reliability metric
# 0x02       00010    (minimize monetary cost)   Use cost metric
# dscp    squidtos+ECN
# 56    0xE0    11100000
# 48    0xc0    11000000
# 08    0x20    00100000
# 32    0x80    10000000
# 16    0x40    01000000
#tcp_outgoing_tos 0x03 video
#tcp_outgoing_tos 0xb8 html
#tcp_outgoing_tos 0x20 images
#tcp_outgoing_tos 0x02 all

#zph_mode tos
#zph_local 0xb8
#zph_parent 0x08

#acl monitor url_regex avira
#logformat chudy %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %mt http%rv Rq[%>h] Rp[%<h]
#access_log /var/squid/log/access2.log chudy monitor

#buffered_logs on
#download_fastest_client_speed on
#acl text rep_header Content-Type -i text\/
#acl hit rep_header X-Cache -i hit
#acl partial rep_header Content-Range .*
#log_access deny partial
#log_access deny php
#log_access deny text
#log_access deny hit
#log_access deny html
#log_access deny !getmethod
high_page_fault_warning 50
#log_access deny manager

refresh.conf - lusca

Ringkasan ini tidak tersedia. Harap klik di sini untuk melihat postingan.

squid.conf (1)

http_port 3128 transparent
icp_port 3130
udp_incoming_address 0.0.0.0
udp_outgoing_address 255.255.255.255
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

cache_mem 256 MB
cache_swap_low 90
cache_swap_high 95
connect_timeout 1 minutes
negative_ttl 5 minutes
read_timeout 15 minutes
request_timeout 5 minutes
persistent_request_timeout 1 minutes
client_lifetime 5 day
pconn_timeout 120 seconds
shutdown_lifetime 30 seconds

maximum_object_size 20480 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 4096 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
cache_replacement_policy lru
memory_replacement_policy lru
#penyimpanan chache nya
cache_dir ufs /var/spool/squid 15000 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
log_ip_on_direct on
debug_options ALL,1
client_netmask 255.255.255.255

ftp_user Squid@
ftp_list_width 32
ftp_passive on
ftp_sanitycheck on
ftp_telnet_protocol on
redirect_children 10

acl ym dstdomain .messenger.yahoo.com .psq.yahoo.com
acl ym dstdomain .us.il.yimg.com .msg.yahoo.com .pager.yahoo.com
acl ym dstdomain .rareedge.com .ytunnelpro.com .chat.yahoo.com
acl ym dstdomain .voice.yahoo.com
acl ymregex url_regex yupdater.yim ymsgr myspaceim
acl ym dstdomain .skype.com .imvu.com

#refresh_pattern ^http\:\/\/*\.facebook\.com\/ 10080 80% 43200 reload-into-ims
#refresh_pattern ^http\:\/\/*\.kaskus\.us\/ 10080 80% 43200 reload-into-ims
#refresh_pattern ^http\:\/\/*\.google\.co\*.*/ 10080 90% 43200 reload-into-ims
#refresh_pattern ^http\:\/\/*\.yahoo\.co*\.*/ 10080 90% 43200 reload-into-ims
#refresh_pattern ^http\:\/\/.*\.windowsupdate\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
#refresh_pattern ^http\:\/\/office\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
#refresh_pattern ^http\:\/\/windowsupdate\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
#refresh_pattern ^http\:\/\/w?xpsp[0-9]\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
#refresh_pattern ^http\:\/\/w2ksp[0-9]\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
#refresh_pattern ^http\:\/\/download\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
#refresh_pattern ^http\:\/\/download\.macromedia\.com\/ 10080 80% 43200 reload-into-ims
#refresh_pattern ^ftp\:\/\/ftp\.nai\.com/ 10080 80% 43200 reload-into-ims
#refresh_pattern ^http\:\/\/ftp\.software\.ibm\.com\/ 10080 80% 43200 reload-into-ims
#refresh_pattern ^http\:\/\/*\.friendster\.com\/ 10080 80% 43200 reload-into-ims
#refresh_pattern ^http\:\/\/*\.detik\.com\/ 10080 80% 43200 reload-into-ims
#refresh_pattern ^http\:\/\/*\.kaskus\.us\/ 10080 80% 43200 reload-into-ims
#refresh_pattern ^http\:\/\/*\.google\.co\*.*/ 10080 90% 43200 reload-into-ims
#refresh_pattern ^http\:\/\/*\.yahoo\.co*\.*/ 10080 90% 43200 reload-into-ims

#refresh_pattern ^http://*.google.*/.* 720 100% 4320 reload-into-ims override-lastmod
#refresh_pattern ^http://*.facebook.com.*/.* 720 100% 4320 reload-into-ims override-lastmod
#refresh_pattern ^http://*korea.*/.* 720 100% 4320 reload-into-ims override-lastmod
#refresh_pattern ^http://*.akamai.*/.* 720 100% 4320 reload-into-ims override-lastmod
#refresh_pattern ^http://*.windowsmedia.*/.* 720 100% 4320 reload-into-ims override-lastmod
#refresh_pattern ^http://*.googlesyndication.*/.* 720 100% 4320 reload-into-ims override-lastmod
#refresh_pattern ^http://*.plasa.*/.* 720 100% 4320 reload-into-ims override-lastmod
#refresh_pattern ^http://*.telkom.*/.* 720 100% 4320 reload-into-ims override-lastmod
#refresh_pattern ^http://*.friendster.com/.* 720 100% 4320 reload-into-ims override-lastmod
#refresh_pattern ^http://mail.yahoo.com/.* 720 100% 4320 reload-into-ims override-lastmod
#refresh_pattern ^http://*.yahoo.*/.* 720 100% 4320 reload-into-ims override-lastmod
#refresh_pattern ^http://*.yimg.*/.* 720 100% 4320 reload-into-ims override-lastmod
#refresh_pattern ^http://*.gmail.*/.* 720 100% 4320 reload-into-ims override-lastmod
#refresh_pattern ^http://*.detik.*/.* 720 100% 4320 reload-into-ims override-lastmod
#refresh_pattern ^http://kaskus.us*/.* 720 100% 4320 reload-into-ims override-lastmod

#refresh_pattern ^http://*.apps.facebook.*/.* 720 80% 4320
#refresh_pattern ^http://*.profile.ak.fbcdn.net/.* 720 80% 4320
#refresh_pattern ^http://*.creative.ak.fbcdn.net/.* 720 80% 4320
#refresh_pattern ^http://*.static.ak.fbcdn.net/.* 720 80% 4320
#refresh_pattern ^http://*.google.*/.* 720 100% 4320
#refresh_pattern ^http://*.facebook.poker.zynga.com/.* 720 80% 4320
#refresh_pattern ^http://*.statics.poker.static.zynga.com/.* 720 80% 4320
#refresh_pattern ^http://*.zynga.*/.* 720 80% 4320
#refresh_pattern ^http://*.cityville.*/.* 720 80% 4320
#refresh_pattern ^http://*.texas_holdem.*/.* 720 80% 4320
#refresh_pattern ^http://*.google.*/.* 720 80% 4320
#refresh_pattern ^http://*.indowebster.*/.* 720 80% 4320
#refresh_pattern ^http://*.4shared.*/.* 720 80% 4320
#refresh_pattern ^http://*.yahoo.com/.* 720 80% 4320
#refresh_pattern ^http://*.yimg.*/.* 720 80% 4320
#refresh_pattern ^http://*.plasa.com/.* 720 80% 4320
#refresh_pattern ^http://*.boleh.*/.* 720 80% 4320
#refresh_pattern ^http://*.detik.*/.* 180 80% 4320
#refresh_pattern ^http://*.detikinet.*/.* 180 80% 4320
#refresh_pattern ^http://*.detikhot.*/.* 180 80% 4320
#refresh_pattern ^http://*.detiportal.*/.* 180 80% 4320
#refresh_pattern ^http://*.kompas.*/.* 180 80% 4320
#refresh_pattern ^http://*.kapanlagi.*/.* 720 80% 4320
#refresh_pattern ^http://*.google-analytics.*/.* 720 80% 4320

#refresh_pattern -i \.gz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.cab$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.bzip2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.bz2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.gz2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.tgz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.tar.gz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.zip$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.rar$ 1008000 90% 99999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.tar$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.ace$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.7z$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

#refresh_pattern -i \.xls$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.doc$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.xlsx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.docx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.pdf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.ppt$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.pptx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.rtf\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

#refresh_pattern -i \.mid$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.wav$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.viv$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.mpg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.mov$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.avi$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.asf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.qt$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.rm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.rmvb$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.mpeg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.wmp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.3gp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.mp3$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.mp4$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

# web content
#refresh_pattern -i \.js$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.psf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.html$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.htm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.css$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.swf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.js\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.css\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.xml$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

# images
#refresh_pattern -i \.gif$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.jpg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.png$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.jpeg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.bmp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.psd$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.ad$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.gif\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.jpg\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.png\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.jpeg\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.psd\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

# application
#refresh_pattern -i \.deb$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.rpm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.msi$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.exe$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.dmg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

# misc
#refresh_pattern -i \.dat$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.qtm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

# itunes
#refresh_pattern -i \.m4p$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
#refresh_pattern -i \.mpa$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

#refresh_pattern ^http://(.*?)/get_video\? 10080 90% 999999 override-expire ignore-no-cache ignore-private
#refresh_pattern ^http://(.*?)/videoplayback\? 10080 90% 999999 override-expire ignore-no-cache ignore-private
#refresh_pattern -i (get_video\?|videoplayback\?id|videoplayback.*id) 161280 50000% 525948 override-expire ignore-reload
#refresh_pattern -i \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv)(\?|$) 161280 3000% 525948 override-expire reload-into-ims

# . refresh pattern for specific sites . #
refresh_pattern ^http://*.devilzc0de.*/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.jobstreet.com.*/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache
refresh_pattern ^http://*.indowebster.com.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload   ignore-no-cac$
refresh_pattern ^http://*.21cineplex.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache   ig$
refresh_pattern ^http://*.atmajaya.*/.* 720 100% 10080 override-expire ignore-no-cache ignore-auth
refresh_pattern ^http://*.kompas.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.theinquirer.*/.* 720 100% 10080 override-expire ignore-no-cache ignore-auth
refresh_pattern ^http://*.blogspot.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.wordpress.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache
refresh_pattern ^http://*.tsm00.eset.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache
refresh_pattern ^http://*.stmik-amik-riau.*/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.photobucket.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.tinypic.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.4shared.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.imageshack.us/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.kaskus.*/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://www.kaskus.com/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.detik.*/.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.detiknews.*/*.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://video.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://static.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache   ignore-auth
refresh_pattern ^http://*.friendster.com/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache ignore-auth
refresh_pattern ^http://*.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.yahoo.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.google.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.linux.or.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignor
refresh_pattern ^http://*.games.co.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignor
refresh_pattern ^http://*.game.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignor

#rev-c0de special for fb
refresh_pattern ^http://*.facebook.com*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.apps.facebook.com*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.profile.ak.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.creative.ak.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.static.ak.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.facebook.poker.zynga.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.statics.poker.static.zynga.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.zynga.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.texas_holdem.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.static.facebook.mafiawar.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.static.farmville.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.nav3.zynga.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.ninjasaga.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.farmville.net./.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth

refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?)    129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern (get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?)    129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
#refresh_pattern -i (get_video\?|videoplayback\?id|videoplayback.*id||videodownload\?|\.flv?)       129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern \.(ico|video-stats) 129600 999999% 129600    override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth override-lastmod ignore-must-revalidate negative-ttl=10080 store-stale
refresh_pattern \.etology\?                       129600 999999% 129600    override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern galleries\.video(\?|sz)               129600 999999% 129600    override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern brazzers\?                       129600 999999% 129600    override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern \.adtology\?                      129600 999999% 129600    override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern ^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 129600 20% 129600 ignore-no-cache ignore-no-store ignore-private override-expire ignore-reload ignore-auth ignore-must-revalidate store-stale negative-ttl=40320 max-stale=10
refresh_pattern ^.*safebrowsing.*google 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-must-revalidate negative-ttl=10080 store-stale
refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.uk) 129600 999999% 129600 override-expire ignore-reload   ignore-private store-stale negative-ttl=10080
refresh_pattern ytimg\.com.*\.jpg                   129600 999999% 129600    override-expire ignore-reload   store-stale
refresh_pattern images\.friendster\.com.*\.(png|gif)           129600 999999% 129600    override-expire ignore-reload   store-stale
refresh_pattern garena\.com                                   129600 999999% 129600     override-expire reload-into-ims store-stale
refresh_pattern photobucket.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 129600 999999% 129600     override-expire ignore-reload   store-stale
refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\?           129600 999999% 129600 ignore-no-cache override-expire override-lastmod store-stale
refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png)    129600 999999% 129600 reload-into-ims override-expire ignore-private    store-stale
refresh_pattern ^http:\/\/images|pics|thumbs[0-9]\.      129600 999999% 129600 reload-into-ims ignore-no-cache ignore-no-store ignore-reload override-expire store-stale
refresh_pattern ^http:\/\/www.onemanga.com.*\/           129600 999999% 129600 reload-into-ims ignore-no-cache ignore-no-store ignore-reload override-expire store-stale

# ANTI VIRUS
refresh_pattern guru.avg.com/.*\.(bin)                      43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern (avgate|avira).*(idx|gz)$                           43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern kaspersky.*\.avc$                                   43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern kaspersky                                           43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern update.nai.com/.*\.(gem|zip|mcs)                    43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern ^http:\/\/liveupdate.symantecliveupdate.com.*\(zip)     43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

refresh_pattern windowsupdate.com/.*\.(cab|exe)             43200 999999% 129600 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern update.microsoft.com/.*\.(cab|exe)             43200 999999% 129600 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern download.microsoft.com/.*\.(cab|exe)             43200 999999% 129600 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

#images facebook
refresh_pattern ((facebook.com)|(85.131.151.39)).*\.(jpg|png|gif)      129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3)                  129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png)                  129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png)      129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

#banner IIX
refresh_pattern ^http:\/\/openx.*\.(jp(e?g|e|2)|gif|pn[pg]|swf|ico|css|tiff?) 129600 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/ads(1|2|3).kompas.com.*\/           43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/img.ads.kompas.com.*\/           43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern .kompasimages.com.*\.(jpg|gif|png|swf)       43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/openx.kompas.com.*\/           43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern kaskus.\us.*\.(jp(e?g|e|2)|gif|png|swf)        43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/img.kaskus.us.*\.(jpg|gif|png|swf)       43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

#IIX DOWNLOAD
refresh_pattern ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(mp3|rar|zip|flv|wmv|3gp|mp(4|3)|exe|msi|zip) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale ignore-auth

#All File
refresh_pattern -i \.(3gp|7z|ace|asx|avi|bin|cab|dat|deb|divx|dvr-ms)      129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v))          129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)     129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rar|rm|r(a|p)m|snd|vob|wav) 129600 999999% 129600 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(pp(s|t)|wax|wm(a|v)|wmx|wpl|zip|cb(r|z|t))     129600 999999% 43200 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(iso|deb|rpm|zip|tar|tgz|ram|rar|bin|ppt|doc)$ 10080 90% 43200 ignore-no-cache ignore-auth
refresh_pattern -i \.(zip|gz|arj|lha|lzh)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth
refresh_pattern -i \.(rar|tgz|tar|exe|bin)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth
refresh_pattern -i \.(hqx|pdf|rtf|doc|swf)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth
refresh_pattern -i \.(inc|cab|ad|txt|dll)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 6667 7000
acl Safe_ports port 80
acl Safe_ports port 81
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777 110
acl Safe_ports port 4461
acl Safe_ports port 5050
acl CONNECT method CONNECT
http_access allow manager localhost
acl jaringan src 192.168.66.0/24
# ini bisa diganti sesuai ip lokal yang dipake
http_access allow jaringan
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
http_reply_access allow all
icp_access allow all
miss_access allow all
cache_mgr gmble@kaskus.us # ketik nama kamu disini.
visible_hostname domainkamu.com
logfile_rotate 10
buffered_logs off
snmp_port 3401
snmp_access allow localhost
snmp_access deny all
snmp_access deny all
coredump_dir /var/spool/squid
ie_refresh on

acl download url_regex -i ftp \.exe$ \.mp3$ \.mp4$ \.tar.gz$ \.gz$ \.tar.bz2$ \.rpm$ \.zip$ \.rar$
acl download url_regex -i \.avi$ \.mpg$ \.mpeg$ \.rm$ \.iso$ \.wav$ \.mov$ \.dat$ \.mpe$ \.mid$
acl download url_regex -i \.midi$ \.rmi$ \.wma$ \.wmv$ \.ogg$ \.ogm$ \.m1v$ \.mp2$ \.mpa$ \.wax$
acl download url_regex -i \.m3u$ \.asx$ \.wpl$ \.wmx$ \.dvr-ms$ \.snd$ \.au$ \.aif$ \.asf$ \.m2v$
acl download url_regex -i \.m2p$ \.ts$ \.tp$ \.trp$ \.div$ \.divx$ \.mod$ \.vob$ \.aob$ \.dts$
acl download url_regex -i \.ac3$ \.cda$ \.vro$ \.deb$
delay_pools 1
delay_class 1 1
delay_parameters 1 16000/32000
delay_access 1 allow download
delay_access 1 deny all

Partisi Harddisk di FreeBSD

u/ melihat isi ataupun partisi dari hdd kedua,ketiga dst

#df -h

# gpart show
=> 34 312581741 ad6 GPT (149G)
34 128 1 freebsd-boot (64K)
162 4194304 2 freebsd-swap (2.0G)
4194466 308387309 3 freebsd-zfs (147G)

hapus isi semua partisi dan konten didalam hdd
# gpart delete -i 1 ad6
# gpart delete -i 2 ad6
# gpart delete -i 3 ad6
gpart delete adalah perintah untuk menghapus semua partisi (catatan : ad6 adalah system hd yang terlihat oleh mfsbsd, jika yang terlihat di tempat anda adalah ad0 silahkan sesuaikan. ganti ad6 dengan ad0)

hapus geometry dari hdd ad6
# gpart destroy ad6

mounting cdrom
# mount_cd9660 /dev/acd0 /cdrom

untuk instalasi zfs
*intel
# zfsinstall -d /dev/ad6 -t /cdrom/8.2-RELEASE-i386.tar.xz -s 2G -V 28
*amd
# zfsinstall -d /dev/ad6 -t /cdrom/8.2-RELEASE-amd64.tar.xz -s 2G -V 28

tunggu hingga proses instalasi zfs selesai lalu edit file2 yang diperlukan...

# chroot /mnt

# passwd root <=== masukkan password root

agar box bsd bisa diremote melalui putty/ winscp
# ee /etc/ssh/sshd_config <=== edit ssh
edit baris kata dan hilangkan tanda pagar didepannya
#Port 22 ganti menjadi Port 22
#PermissionRootLogin no ganti menjadi PermissionRootLogin yes
#PasswordAuthentication no ganti menjadi PasswordAuthentication yes

konfigurasi ip jaringan bsd box
# echo 'defaultrouter="192.168.3.1"' >> /etc/rc.conf
# echo 'gateway_enable="YES"' >> /etc/rc.conf
# echo 'hostname="metrohaus.info"' >> /etc/rc.conf
# echo 'ifconfig_fxp0="inet 192.168.3.10 netmask 255.255.255.0"' >> /etc/rc.conf <=== fxp0 adalah lancard yang terdeteksi di bsd saya jika ditempat anda berbeda silahkan disesuaikan dengan menggunakan perintah "ifconfig"
# echo 'sshd_enable="YES"' >> /etc/rc.conf
# echo 'nameserver 192.168.3.1' >> /etc/resolv.conf
# exit
# reboot <== instalasi freebsd dengan zfs system selesai

Buka putty dan remote box bsd anda di 192.168.3.10 port 22
instalasi lusca
download file pendukung http://metrohauslocalserver.googleco...sca_config.zip
# cd /tmp
# setenv PACKAGESITE http://ftp.itb.ac.id/pub/FreeBSD/ports/amd64/packages-8.2-release/Latest/
# pkg_add -rv perl
# rehash
# fetch http://metrohauslocalserver.googlecode.com/files/LUSCA_HEAD.tar.bz2
# tar xzvf LUSCA_HEAD.tar.bz2
# cd LUSCA_HEAD-r14809/
Compile LUSCA

# make clean
# ./configure --prefix=/usr --exec-prefix=/usr --bindir=/usr/sbin --sbindir=/usr/sbin --libexecdir=/usr/libexec/squid --sysconfdir=/usr/local/etc/squid --localstatedir=/var/log/squid --datadir=/usr/share/squid --enable-async-io=24 --with-aufs-threads=24 --with-pthreads --enable-storeio=aufs,coss,null --disable-linux-netfilter --enable-kqueue --enable-arp-acl --disable-linux-tproxy --disable-epoll --enable-removal-policies=heap --with-aio --with-dl --enable-snmp --enable-delay-pools --enable-htcp --enable-cache-digests --disable-unlinkd --enable-large-cache-files --with-large-files --enable-err-languages=English --enable-default-err-language=English --with-maxfd=65536
# make && make install
# rehash

buat partisi cache untuk proxy lusca

Code:

# df -h
Filesystem           Size    Used   Avail Capacity Mounted on
tank/root            144G    3.6G    140G     3%    /
devfs                1.0K    1.0K      0B   100%    /dev
tank/root/tmp        140G     26K    140G     0%    /tmp
tank/root/var        140G     92M    140G     0%    /var

# zfs create tank/root/cache-1
# zfs create tank/root/cache-2

atau menggunakan perintah berikut (masukkan dari om NEO)
Code:

# zfs create -o atime=off tank/root/cache-1
# zfs create -o atime=off tank/root/cache-2

reges

zfs create -o compression=gzip-9 -o atime=off -o mountpoint=/cache1 -o quota=20 tank/cache1

cek kembali apakah zfs /cache-1 dan /cache-2 sudah terbentuk dengan perintah df -h atau zfs list

Code:

# touch /var/log/squid/access.log
# touch /var/log/squid/cache.log
# chown -R proxy:proxy /var/log/squid/*
# chown -R proxy:proxy /cache-*

* kopi file squid.conf dan refresh.conf ke /usr/local/etc/squid dan storeurl.pl ke /usr/share/squid dan squid.sh ke /usr/local/etc/rc.d/ menggunakan winscp
* edit squid.conf dan sesuaikan dengan kebutuhan jaringan anda

Code:

# chmod +x /usr/share/squid/storeurl.pl
# chmod +x /usr/local/etc/rc.d/squid.sh
# squid -z <===== membuat swap squid
# squid -k parse <==== cek konfig squid
# squid -DF         <==== perintah menjalankan squid atau
# /usr/local/etc/rc.d/squid.sh start
# sockstat -4      <===== perintah untuk melihat berjalan atau tidaknya squid

reges squid

Langkah terakhir beberes config, pertama edit rc.conf
# ee /etc/rc.conf
tambahkan entry berikut:
1    sendmail_enable="NO"
2    sendmail_submit_enable="NO"
3    sendmail_outbound_enable="NO"
4    sendmail_msp_queue_enable="NO"

edit juga loader.conf
# ee /boot/loader.conf
tambahkan entry berikut:
(ingat ram minimal 1G)
1    vm.kmem_size="512M"
2    vm.kmem_size_max="512M"
3    vfs.zfs.arc_max="40M"
4    vfs.zfs.vdev.cache.size="5M"

dan membuat start-up untuk squidnya
# ee /usr/local/etc/rc.d/squid.sh
copas entry berikut:
1    #!/bin/sh
2    /usr/local/sbin/squid

lalu
# chmod 755 /usr/local/etc/rc.d/squid.sh

# setenv PACKAGEROOT “ftp://ftp.itb.ac.id”
# pkg_add -r cvsup-without-gui
# rehash

kita edit dulu csup untuk mirror ke link lokal (IIX) biar proses update port lebih cepat
# cp /usr/share/examples/cvsup/ports-supfile /etc
# ee /etc/ports-supfile
cari string berikut "*default host=CHANGE_THIS.FreeBSD.org"
lalu edit menjadi "*default host=cvsup.itb.ac.id"
exit dari editor dan simpan lalu jalankan perintah berikut:
# cvsup -L 2 -g /etc/ports-supfile
# cd /usr/ports/www/squid
# make config

Selasa, 23 Oktober 2012

http://www.jibas.net/content/index/index.php
JARINGAN INFORMASI BERSAMA ANTAR SEKOLAH (JIBAS)

Pages

Minggu, 28 Oktober 2012

Selasa, 23 Oktober 2012