Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Instalasi Squid 3 HEAD
- ======================
- Petunjuk:
- --------------
- - Login ke Program WinSCP menggunakan user root
- - Copy Paste Perintah-Perintah dibawah ini melalui Putty (Copy lalu Klik kanan pada putty tekan Enter) :
- apt-get update
- apt-get install devscripts build-essential openssl libssl-dev fakeroot libcppunit-dev libsasl2-dev cdbs ccze libfile-readbackwards-perl libcap2 libcap-dev libcap2-dev sysv-rc-conf
- wget http://www1.it.squid-cache.org/Versions/v3/3.HEAD/squid-3.HEAD-20130527-r12855.tar.gz
- tar xzvf squid-3.HEAD-20130527-r12855.tar.gz
- cd squid-3.HEAD-20130527-r12855
- ./configure \
- --prefix=/usr \
- --bindir=/usr/bin \
- --sbindir=/usr/sbin \
- --libexecdir=/usr/lib/squid3 \
- --sysconfdir=/etc/squid3 \
- --localstatedir=/var \
- --libdir=/usr/lib \
- --includedir=/usr/include \
- --datadir=/usr/share/squid3 \
- --infodir=/usr/share/info \
- --mandir=/usr/share/man \
- --disable-dependency-tracking \
- --enable-storeio=ufs,aufs,diskd \
- --enable-removal-policies=lru,heap \
- --enable-icmp \
- --enable-esi \
- --enable-icap-client \
- --disable-wccp \
- --disable-wccpv2 \
- --enable-kill-parent-hack \
- --enable-cache-digests \
- --enable-follow-x-forwarded-for--enable-x-accelerator-vary \
- --enable-zph-qos \
- --with-default-user=proxy \
- --with-logdir=/var/log/squid3 \
- --with-pidfile=/var/run/squid3.pid \
- --with-large-files \
- --enable-ltdl-convenience \
- --with-filedescriptors=65536 \
- --enable-ssl \
- --enable-ssl-crtd \
- --disable-auth \
- --build=i486-linux-gnu build_alias=i486-linux-gnu
- make && make install
- chown -R proxy:proxy /cache1
- chown -R proxy:proxy /var/log/squid3
- ## Copy 2 file berikut menggunakan Program WinSCP
- =================================================
- - File "squid.conf" (sila download di http://pastebin.com/PKZkLfpD) yang telah diubah dan disesuaikan dengan kebutuhan ke folder: /etc/squid3/
- - File "squid" (sila download di http://pastebin.com/8xLYXZQC)ke folder: /etc/init.d/
- ijin execute squid
- ==========================
- chmod +x /etc/init.d/squid
- Setup SSL Bump
- ==============
- cd /etc/squid3
- mkdir ssl_cert
- cd ssl_certopenssl req -new -newkey rsa:1024 -days 365 -nodes -x509 -keyout myCA.pem -outmyCA.pemopenssl x509 -in myCA.pem -outform DER -out myCA.der
- chown -R nobody /var/squid3/lib/ssl_db//usr/lib/squid3/ssl_crtd -c -s /var/squid3/lib/ssl_db/certs
- swap dir
- ========
- squid -z
- Copy Paste Perintah-Perintah dibawah ini pada file /etc/rc.local
- ================================================================
- modprobe xt_TPROXY
- modprobe xt_socket
- modprobe nf_tproxy_core
- modprobe xt_mark
- modprobe nf_nat
- modprobe nf_conntrack_ipv4
- modprobe nf_conntrack
- modprobe nf_defrag_ipv4
- modprobe ipt_REDIRECT
- modprobe iptable_nat
- iptables -t mangle -F
- iptables -t mangle -X
- iptables -t mangle -N DIVERT
- iptables -t mangle -A DIVERT -j MARK --set-mark 1
- iptables -t mangle -A DIVERT -j ACCEPT
- iptables -t mangle -A INPUT -j ACCEPT
- iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
- iptables -t mangle -A PREROUTING ! -d 192.168.5.2/32 -p tcp --dport 80 -j TPROXY--tproxy-mark 0x1/0x1 --on-port 3129
- /sbin/ip rule add fwmark 1 lookup 100
- /sbin/ip route add local 0.0.0.0/0 dev lo table 100
- echo 0 > /proc/sys/net/ipv4/conf/lo/rp_filter
- echo 1 > /proc/sys/net/ipv4/ip_forward
- exit 0
- ---------------------------------------------------------------------------------------------
- Selesai. Hasil test bisa dilihat disini >>
- http://www.flickr.com/photos/96503603@N07/
Advertisement
Add Comment
Please, Sign In to add comment
