Load Balancing

Published on December 2016 | Categories: Documents | Downloads: 58 | Comments: 0 | Views: 763
of 13
Download PDF   Embed   Report

Comments

Content

Proxy dengan Ubuntu untuk Pemula Semenjak tutorial ".. Load Balancing + Proxy Eksternal (Game Poker & Poinblank LANCAR...!!) saya mendapatkan banyak email yg menanyakan cara install langkah demi langkah mesin ubuntu. Padahal menurut-ku tutorial tsb sdh sangat jelas dan mudah, tapi tdk apa lah..saya coba buat lagi cara setting ubuntu nya khusus bagi yang baru kali ini pegang cd ubuntu

langkah demi langkah Code:
µ- Pilih language english (enter) µ- Pilih instal ubuntu server (enter) µ -Tekan enter pada choose langguage english µ- Pilih united states µ- Klik no pada detect keyboard layout? µ- Klik USA pada ubuntu installer main menu µ- Klik USA pada keyboard layout µ- Klik continue pada configure the network µ- Pilih configure network manually isi ip address dg 172.19.196.100 pilih continue enter µ- Netmask 255.255.255.0 pilih continue enter µ- Gateway 172.19.196.1 terus klik continue µ- Name server addresses 172.19.196.1 pilih continue enter µ- Hotsnama : isi dg proxyku terus pilih continue enter µ- Domain name: di kosongin saja, pilih continue enter µ- Pada configure the clok pilih select from worldwide list terus cari jakarta terus enter µ- Pada menu partition disk pilih manual µ- Kita hapus partisi lama dulu : µ-Pilih partisi nya terus enter pilih delete the partion (ulangi perintah ini untuk semua partisi yg tersisa) µ-Jika telah selesai pilih Guided partitioning, kemudian pilih manual arahkan pada FREE SPACE (enter), µ- Pilih Create new partition (enter) New partition size isi 1 GB (pilih continue dan enter), pilih Primary (enter), pilih Beginning (enter), pada Mount point pilih /boot (enter), pd mount option pilih[*] noatime (pilih continue dan enter), pada Bootable Flag rubah menjadi on kemudian pilih done setting up the partition Arahkan pada FREE SPACE (enter), pilih Create new partition (enter ) new partition size isi 4 GB (pilih continue dan enter), pilih Logikal (enter), pilih Beginning (enter), pada Mount point pilih / (enter), pd mount option pilih[*] noatime (pilih continue dan enter), kemudian Pilih done setting up the partition Arahkan pada FREE SPACE (enter), pilih Create new partition (enter) new partition size isi 4 GB (pilih continue dan enter), pilih Logikal (enter),

pilih Beginning (enter), pada Mount point pilih /usr (enter), pd mount option pilih[*] noatime (pilih continue dan enter), kemudian Pilih done setting up the partition Arahkan pada FREE SPACE (enter), pilih Create new partition (enter) new partition size isi 4 GB (pilih continue dan enter), pilih Logikal (enter), pilih Beginning (enter), pada Mount point pilih /var (enter), pd mount option pilih[*] noatime (pilih continue dan enter), kemudian Pilih done setting up the partition Arahkan pada FREE SPACE (enter), pilih Create new partition (enter) new partition size isi 1 GB (pilih continue dan enter), pilih Logikal (enter), pilih Beginning (enter), pada use as pilih swap area (enter), kemudian Pilih done setting up the partition Arahkan pada FREE SPACE (enter), pilih Create new partition (enter) new partition size isi 10 GB (pilih continue dan enter), pilih Logikal (enter), pilih Beginning (enter), pada use as pilih reiserFS (enter), pada Moun point enter manually buat menjadi /home/proxy1, pd mount option pilih[*] noatime dan[*] noaktil kemudian Pilih continue dan done setting up the partition Arahkan pada FREE SPACE (enter), pilih Create new partition (enter) new partition size isi 10 GB (pilih continue dan enter), pilih Logikal (enter), pilih Beginning (enter), pada use as pilih reiserFS (enter), pada Moun point enter manually buat menjadi /home/proxy2, pd mount option pilih[*] noatime dan[*] noaktil kemudian Pilih continue dan done setting up the partition Arahkan pada FREE SPACE (enter), pilih Create new partition (enter) new partition size isi 10 GB (pilih continue dan enter), pilih Logikal (enter), pilih Beginning (enter), pada use as pilih reiserFS (enter), pada Moun point enter manually buat menjadi /home/proxy3, pd mount option pilih[*] noatime dan[*] noaktil kemudian Pilih continue dan done setting up the partition Arahkan pada FREE SPACE (enter), pilih Create new partition (enter) new partition size isi sesuai sisanya (pilih continue dan enter), pilih Logikal (enter), pilih Beginning (enter), pada Moun point enter manually buat menjadi /data kemudian Pilih continue dan done setting up the partition Kemudian pilih finis partitioning and write changes to disk write the changes to disk pilih yes pada full name for the new user isi dg proxyku, terus continue & enter pada Username for your account isi dg proxyku, terus continue & enter pada a password for the new user isi dg proxyku, terus continue & enter pada re-enter password to verify isi dg proxyku, terus continue & enter pada use weak password pilih yes pada encrypt your home directory pilih no pada HTTP proxy information KOSONGIN SAJA pada configurasi apt 43% tekan enter, juga pada 81% tekan enter pilih no automatic update pada choose software to install pilih OpenSSH server pilih continus pd finis the installation

setelah restart login dg proxyku password proxyku ketik sudo su isi proxyku ketik passwd enter new UNIX password isi dg proxyku retype new UNIX password isi proxyku

selanjutnya ikuti langkah di bagian proxy pada tutorial ini Load Balancing + Proxy Eksternal (Game Poker & Poinblank LANCAR...!!)

Load Balancing + Proxy Eksternal (Game Poker & Poinblank LANCAR...!!)

Sebelumnya terimakasih kepada Mas Imer (Mikrotik) & Mas Opik (Proxy) tutorial ini sebagai catatan pribadi saya, semoga dapat menjawab banyak pertanyaan mengenai kendala Game Online terutama PB & Poker pada Load Balancing. Code:
bahan : - RB750 VER 4.9 - 2 Line Speedy Paket Office - Ubuntu Versi 9.10 SISI MIKROTIK : /ip adrress 172.19.196.1/24 192.168.88.1/24 192.168.1.1/24 192.168.2.1/24 interface interface interface interface proxy lan modem-1 modem-2

catatan : dial lewat mikrotik dgn modem sbg brigde

PROXY HIT Code:
/ip firewall mangle add action=mark-packet chain=prerouting comment=proxy-hit disabled=no dscp=12 \ new-packet-mark=proxy-hit passthrough=yes /queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=HIT packet-mark=proxy-hit parent=global-out priority=1 \ queue=default

PCC RULE MARK ALL PPPoE CONN Code:
/ip firewall mangle add action=mark-connection chain=input comment=\ "PCC RULE ---- MARK ALL PPPoE CONN" connection-state=new disabled=no \ in-interface=pppoe_1 new-connection-mark=pppoe1_conn passthrough=yes add action=mark-connection chain=input comment="" connection-state=new \ disabled=no in-interface=pppoe_2 new-connection-mark=pppoe2_conn \ passthrough=yes add action=mark-connection chain=prerouting comment="" connection-state=\

established disabled=no in-interface=pppoe_1 new-connection-mark=\ pppoe1_conn passthrough=yes add action=mark-connection chain=prerouting comment="" connection-state=\ established disabled=no in-interface=pppoe_2 new-connection-mark=\ pppoe2_conn passthrough=yes add action=mark-connection chain=prerouting comment="" connection-state=\ related disabled=no in-interface=pppoe_1 new-connection-mark=pppoe1_conn \ passthrough=yes add action=mark-connection chain=prerouting comment="" connection-state=\ related disabled=no in-interface=pppoe_2 new-connection-mark=pppoe2_conn \ passthrough=yes add action=mark-routing chain=output comment="" connection-mark=pppoe1_conn \ disabled=no new-routing-mark=pppoe_1 passthrough=no add action=mark-routing chain=output comment="" connection-mark=pppoe2_conn \ disabled=no new-routing-mark=pppoe_2 passthrough=no

PCC RULE MARK HTTP CONN Code:
/ip firewall mangle add action=mark-connection chain=prerouting comment=\ "PCC RULE MARK HTTP CONN" connection-state=established disabled=no \ dst-address-type=!local dst-port=80 in-interface=proxy \ new-connection-mark=http_pppoe_1 passthrough=yes \ per-connection-classifier=both-addresses-and-ports:2/0 protocol=tcp add action=mark-connection chain=prerouting comment="" connection-state=\ established disabled=no dst-address-type=!local dst-port=80 ininterface=\ proxy new-connection-mark=http_pppoe_2 passthrough=yes \ per-connection-classifier=both-addresses-and-ports:2/1 protocol=tcp add action=mark-connection chain=prerouting comment="" connection-state=\ related disabled=no dst-address-type=!local dst-port=80 in-interface=\ proxy new-connection-mark=http_pppoe_1 passthrough=yes \ per-connection-classifier=both-addresses-and-ports:2/0 protocol=tcp add action=mark-connection chain=prerouting comment="" connection-state=\ related disabled=no dst-address-type=!local dst-port=80 in-interface=\ proxy new-connection-mark=http_pppoe_2 passthrough=yes \ per-connection-classifier=both-addresses-and-ports:2/1 protocol=tcp

PCC RULE MARK NON HTTP CONN Code:

/ip firewall mangle add action=mark-connection chain=prerouting comment=\ "PCC RULE ---- MARK - NON -HTTP CONN" connection-state=established \ disabled=no dst-address-type=!local dst-port=!80 in-interface=lan \ new-connection-mark=non.http_pppoe_1 passthrough=yes \ per-connection-classifier=both-addresses-and-ports:2/0 protocol=tcp add action=mark-connection chain=prerouting comment="" connection-state=\ established disabled=no dst-address-type=!local dst-port=!80 \ in-interface=lan new-connection-mark=non.http_pppoe_2 passthrough=yes \ per-connection-classifier=both-addresses-and-ports:2/1 protocol=tcp add action=mark-connection chain=prerouting comment="" connection-state=\ related disabled=no dst-address-type=!local dst-port=!80 in-interface=lan \ new-connection-mark=non.http_pppoe_1 passthrough=yes \ per-connection-classifier=both-addresses-and-ports:2/0 protocol=tcp add action=mark-connection chain=prerouting comment="" connection-state=\ related disabled=no dst-address-type=!local dst-port=!80 in-interface=lan \ new-connection-mark=non.http_pppoe_2 passthrough=yes \ per-connection-classifier=both-addresses-and-ports:2/1 protocol=tcp add action=mark-connection chain=prerouting comment="" connection-state=\ established disabled=no dst-address-type=!local in-interface=lan \ new-connection-mark=non.http_pppoe_1 passthrough=yes \ per-connection-classifier=both-addresses-and-ports:2/0 protocol=udp add action=mark-connection chain=prerouting comment="" connection-state=\ established disabled=no dst-address-type=!local in-interface=lan \ new-connection-mark=non.http_pppoe_2 passthrough=yes \ per-connection-classifier=both-addresses-and-ports:2/1 protocol=udp add action=mark-connection chain=prerouting comment="" connection-state=\ related disabled=no dst-address-type=!local in-interface=lan \ new-connection-mark=non.http_pppoe_1 passthrough=yes \ per-connection-classifier=both-addresses-and-ports:2/0 protocol=udp add action=mark-connection chain=prerouting comment="" connection-state=\ related disabled=no dst-address-type=!local in-interface=lan \ new-connection-mark=non.http_pppoe_2 passthrough=yes \ per-connection-classifier=both-addresses-and-ports:2/1 protocol=udp

PCC RULE MARK HTTP dan NON HTTP ROUTE Code:
/ip firewall mangle add action=mark-routing chain=prerouting comment=\ "PCC RULE ---- MARK - HTTP ROUTE" connection-mark=http_pppoe_1 disabled=\ no new-routing-mark=pppoe_1 passthrough=yes add action=mark-routing chain=prerouting comment="" connection-mark=\

http_pppoe_2 disabled=no new-routing-mark=pppoe_2 passthrough=yes add action=mark-routing chain=prerouting comment=\ "PCC RULE MARK NON HTTP ROUTE" connection-mark=non.http_pppoe_1 \ disabled=no new-routing-mark=pppoe_1 passthrough=yes add action=mark-routing chain=prerouting comment="" connection-mark=\ non.http_pppoe_2 disabled=no new-routing-mark=pppoe_2 passthrough=yes

NAT Code:
/ip firewall nat add action=masquerade chain=srcnat comment=MASQUERADE1 disabled=no \ out-interface=pppoe_1 add action=masquerade chain=srcnat comment=MASQUERADE2 disabled=no \ out-interface=pppoe_2 add action=masquerade chain=srcnat comment=MASQUERADE3 disabled=no \ out-interface=proxy add action=dst-nat chain=dstnat comment=TRANSPARENT-DNS disabled=no dstport=\ 53 in-interface=lan protocol=udp to-ports=53 add action=dst-nat chain=dstnat comment="" disabled=no dst-port=53 \ in-interface=lan protocol=tcp to-ports=53 add action=dst-nat chain=dstnat comment="" disabled=no dst-port=53 \ in-interface=proxy protocol=udp to-ports=53 add action=dst-nat chain=dstnat comment="" disabled=no dst-port=53 \ in-interface=proxy protocol=tcp to-ports=53 add action=dst-nat chain=dstnat comment=TRANSPARENT-proxy disabled=no \ dst-address-list=!proxyNET dst-port=80,8080,3128 in-interface=lan \ protocol=tcp to-addresses=172.19.196.100 to-ports=3128 add action=dst-nat chain=dstnat comment="REMOTE PROXY" disabled=no \ dst-address=125.165.40.xxx dst-port=22 protocol=tcp to-addresses=\ 172.19.196.100 to-ports=22

ADDRESS LIST Code:
/ip firewall address-list add address=192.168.88.0/24 comment="" disabled=no list=lanNET add address=172.19.196.0/24 comment="" disabled=no list=proxyNET

ROUTE Code:
/ip route

add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\ pppoe_1 routing-mark=pppoe_1 scope=30 target-scope=10 add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\ pppoe_2 routing-mark=pppoe_2 scope=30 target-scope=10 add check-gateway=ping comment=Default-Route-pppoe1-Distance-1 disabled=no \ distance=1 dst-address=0.0.0.0/0 gateway=pppoe_1 scope=30 target-scope=10 add check-gateway=ping comment=Default-Route-pppoe2-Distance-2 disabled=no \ distance=2 dst-address=0.0.0.0/0 gateway=pppoe_2 scope=30 target-scope=10

Kita lanjut pada sisi proxy-nya Partisi HDD Code:
Dari harddisk 160Gb dibagi sebagai berikut: /boot 1Gb ext4 Boot Flag Boot / 3Gb ext4 System /usr 4Gb ext4 Static Variable /var 4Gb ext4 Variable swap 1Gb swap (1 x besaran RAM) /home/proxy 10 Gb /ReiserFS /home/share (sisanya) FAT32 Share Documents

Install Paket Code:
sudo sudo sudo sudo apt-get apt-get apt-get apt-get update install squid install squid squidclient squid-cgi install ccze

setelah selesai install paket lakukan edit squid.conf /etc/squid/squid.conf menjadi :

SQUID.CONF Code:
#-----------------------------------# # Proxy Server Versi 2.7.Stable6 # by [email protected] # update 11 Juni 2010 #-----------------------------------# #---------------------------------------------------------------# # Port #---------------------------------------------------------------# http_port 3128 transparent

icp_port 3130 prefer_direct off #---------------------------------------------------------------# # Mengatasi Facebook Blank setelah login #---------------------------------------------------------------# server_http11 on #---------------------------------------------------------------# # Cache & Object #---------------------------------------------------------------# cache_mem 8 MB cache_swap_low 98 cache_swap_high 99 max_filedesc 8192 maximum_object_size 128 MB minimum_object_size 0 KB maximum_object_size_in_memory 128 KB ipcache_size 4096 ipcache_low 98 ipcache_high 99 fqdncache_size 4096 cache_replacement_policy heap LFUDA memory_replacement_policy heap GDSF #----------------------------------------------------------------# # cache_dir <type> <Directory-Name> <Space in Mbytes> <Level1> <Level2> <options> #----------------------------------------------------------------# cache_dir aufs /home/proxy 7000 16 256 cache_access_log /var/log/squid/access.log cache_log /var/log/squid/cache.log cache_store_log none pid_filename /var/run/squid.pid cache_swap_log /var/log/squid/swap.state dns_nameservers /etc/resolv.conf emulate_httpd_log off hosts_file /etc/hosts half_closed_clients off negative_ttl 1 minutes #---------------------------------------------------------------# # Rules: Safe Port #---------------------------------------------------------------# acl acl acl acl acl acl all src 0.0.0.0/0.0.0.0 manager proto cache_object localhost src 127.0.0.1/255.255.255.255 to_localhost dst 127.0.0.0/8 SSL_ports port 443 563 873 # https snews rsync Safe_ports port 80 # http

acl acl acl acl acl acl acl acl acl acl acl acl acl acl acl acl

Safe_ports Safe_ports Safe_ports Safe_ports Safe_ports Safe_ports Safe_ports Safe_ports Safe_ports Safe_ports Safe_ports Safe_ports Safe_ports Safe_ports Safe_ports Safe_ports

port port port port port port port port port port port port port port port port

20 21 # ftp 70 # gopher 210 # wais 1025-65535 # unregistered ports 631 # cups 10000 # webmin 901 # SWAT 280 # http-mgmt 488 # gss-http 591 # filemaker 777 # multiling http 873 # rsync 110 # POP3 25 # SMTP 2095 2096 # webmail from cpanel 2082 2083 # cpanel

acl purge method PURGE acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !Safe_ports !SSL_ports http_access deny CONNECT !SSL_ports !Safe_ports #---------------------------------------------------------------# # Refresh Pattern #---------------------------------------------------------------# # pictures & images refresh_pattern -i \.(gif|png|jpeg|jpg|bmp|tif|tiff|ico)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-nocache ignore-auth ignore-private refresh_pattern -i \.(xml|html|htm|js|txt|css|php)$ 10080 50% 43200 overrideexpire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignoreauth #sound, video multimedia refresh_pattern -i \.(flv|x-flv|mov|avi|qt|mpg|mpeg|swf)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-nocache refresh_pattern -i \.(wav|mp3|mp4|au|mid)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth ignore-private # files refresh_pattern -i \.(iso|deb|rpm|zip|tar|tgz|ram|rar|bin|ppt|doc)$ 10080 90% 43200 ignore-no-cache ignore-auth refresh_pattern -i \.(zip|gz|arj|lha|lzh)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth refresh_pattern -i \.(rar|tgz|tar|exe|bin)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth refresh_pattern -i \.(hqx|pdf|rtf|doc|swf)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth

refresh_pattern -i \.(inc|cab|ad|txt|dll)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth # -- refresh pattern for specific sites -- # refresh_pattern ^http://*.jobstreet.com.*/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache refresh_pattern ^http://*.indowebster.com.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth refresh_pattern ^http://*.21cineplex.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth refresh_pattern ^http://*.atmajaya.*/.* 720 100% 10080 override-expire ignore-no-cache ignore-auth refresh_pattern ^http://*.kompas.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://*.theinquirer.*/.* 720 100% 10080 override-expire ignore-no-cache ignore-auth refresh_pattern ^http://*.blogspot.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://*.wordpress.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache refresh_pattern ^http://*.photobucket.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://*.tinypic.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://*.imageshack.us/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://*.kaskus.*/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://www.kaskus.com/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://*.detik.*/.* 720 50% 2880 override-expire overridelastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://*.detiknews.*/*.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://video.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://static.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://*.friendster.com/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache ignore-auth refresh_pattern ^http://*.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://apps.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://*.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://profile.ak.fbcdn.net/.* 720 100% 10080 overrideexpire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://static.playspoon.com/.* 720 100% 10080 overrideexpire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://cooking.game.playspoon.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern -i http://[^a-z\.]*onemanga\.com/? 720 80% 10080 overrideexpire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://media?.onemanga.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth

refresh_pattern ^http://*.yahoo.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://*.google.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://*.forummikrotik.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth refresh_pattern ^http://*.linux.or.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth #default option refresh_pattern refresh_pattern refresh_pattern refresh_pattern ^ftp: 1440 20% 10080 ^gopher: 1440 0% 1440 -i (/cgi-bin/|\?) 0 0% 0 . 0 20% 4320

#---------------------------------------------------------------# # SNMP #---------------------------------------------------------------# snmp_port 3401 acl snmpsquid snmp_community public snmp_access allow snmpsquid localhost snmp_access deny all #---------------------------------------------------------------# # ALLOWED ACCESS #---------------------------------------------------------------# acl proxyku src 172.19.196.0/24 http_access allow proxyku http_access allow localhost http_access deny all http_reply_access allow all icp_access allow proxyku icp_access allow localhost icp_access deny all always_direct deny all #---------------------------------------------------------------# # Cache CGI & Administrative #---------------------------------------------------------------# cache_mgr [email protected] visible_hostname dns.proxyku.net cache_effective_user proxy cache_effective_group proxy coredump_dir /var/spool/squid shutdown_lifetime 10 seconds logfile_rotate 14 #-----------------------------------------------------------------# #tcp_outgoing_tos 0x30 localnet #-----------------------------------------------------------------# zph_mode tos zph_local 0x30

zph_parent 0 zph_option 136

Langkah berikut nya : Code:
stop squid dgn perintah "/etc/init.d/squid stop"

Memberikan permission pada folder cache chown -R proxy.proxy /home/proxy chown proxy.proxy /var/log/squid/access.log Membuat folder-folder swap/cache di dalam folder cache yang telah ditentukan squid -f /etc/squid/squid.conf -z Restart squid. /etc/init.d/squid restart Buat rule iptables agar port HTTP (80) dari client dibelokkan ke port Proxy (3128). iptables -t nat -I PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT -to-ports 3128 iptables -t nat -I PREROUTING -i eth0 -p udp -m udp --dport 80 -j REDIRECT -to-ports 3128

Demikian tutorial ini semoga bermanfaat... !!!

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close