Moslem, Indonesian, Deputy Head of Curriculum SMK Anwarul Maliki Sukorejo Pasuruan, East Java Indonesia
Home
 

Membuat Proxy Server dengan Squid pada Ubuntu 10.04 Server

Squid adalah sebuah daemon yang digunakan sebagai proxy server dan web cache yang tersedia secara opensource. Squid memiliki banyak jenis penggunaan,mulai dari mempercepat server web dengan melakukan caching permintaan yang berulang-ulang, caching DNS, caching situs web, jadi apabila sebuah situs pernah dibuka oleh salah satu anggota jaringan, maka Squid akan menyimpan konten situs tersebut kedalam hard disk atau memori dari komputer, sehingga jika salah satu anggota jaringan membuka situs yang sama, anggota jaringan tersebut tidak perlu mengakses ke internet, dia hanya perlu mengkases cache yang sudah disimpan oleh Squid tadi, yang berakibat proses dalam membuka situs akan menjadi lebih cepat dan tentunya akan menghemat bandwidth.

Kita asumsikan di server telah terinstall squid, maka kita hanya perlu melakukan konfigurasi di squid.conf dan partisi untuk penyimpanan cache.

Berikut langkah-langkahnya:
Mount Partisi cache yang sudah ada, dengan masuk ke fstab ketik perintah dibawah ini :

1. Masuk terminal :

Sudo su

Password : sudah tau ya..

2. masuk fstab;

gedit /etc/fstab

masukan tulisan ini tulisan paling bawah di file fstab

/dev/sda13 /cache reiserfs noatime,notail 0 0

setelah itu restart pc kita …

Selanjutnya kita konfigurasi file squid.conf

ulangi langkah 1 (masuk terminal sebagai root)

3. Backup file squid.conf ( untuk antisipasi kalau terjadi kesalahan )

cp /etc/squid/squid.conf /etc/squid/squid.conf.backup

4. Edit file squid.conf

gedit /etc/squid/squid.conf

rubah konfigurasi squid.conf seperti contoh squid.conf dibawah ini :

#=======================================================#
# KONFIGURASI SQUID2.7 STABLE7 #
# Warnet PLIK …….. #
# Generated: By………. #
#=======================================================#

#=======================================================
#Definisi Network
#=======================================================
http_port 3128 transparent
server_http11 on
icp_port 0

#=======================================================
# Cache & Object
#=======================================================
cache_mem 6 MB
cache_swap_low 90
cache_swap_high 95

max_filedesc 8192

maximum_object_size 512 MB
minimum_object_size 0 bytes
maximum_object_size_in_memory 128 KB

ipcache_size 16384
ipcache_low 90
ipcache_high 99

fqdncache_size 16384

cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_dir aufs /cache 30000 70 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
cache_swap_log /var/log/squid/swap.state
access_log /var/log/squid/access.log squid

#=====================================================
# Options DNS
#=====================================================
# bisa ditambahkan untuk dns memakai dns kita
dns_nameservers 8.8.8.8 208.67.222.222 208.67.220.220

#=======================================================
# Rules: Safe Port & SSL Port
#=======================================================

acl all src 0.0.0.0/0
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8

acl SSL_ports port 443 563 # https, snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 5666 # nrpe
acl Safe_ports port 22 # ssl
acl Safe_ports port 3306 # mysql
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT

acl purge method PURGE
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports !Safe_ports

#========================================================
# HIERARCHY (BYPASS CGI)
#========================================================
hierarchy_stoplist cgi-bin ? .js .jsp
acl QUERY urlpath_regex cgi-bin \? .js .jsp
no_cache deny QUERY

#========================================================
# SNMP
#========================================================
snmp_port 3401
acl snmpsquid snmp_community public
snmp_access allow snmpsquid localhost
snmp_access deny all

#========================================================
# DEFINISI NETWORKS
#========================================================
acl lan_a src 192.168.1.0/255.255.255.0
acl lan_b src ……………
# untuk acl lan_b, jika ip lan server 10.100.1.21 berarti titik tersebut kita isi : 10.100.1.20/28
#========================================================
# ALLOWED ACCESS
#========================================================

http_access allow lan_a
http_access allow lan_b
http_access allow localhost
http_access deny all
icp_access allow all
always_direct deny all

#========================================================
# Cache CGI & Administrative
#========================================================

cache_mgr ………..@gmail.com
visible_hostname PLIK_Kecamatan_……….
cache_effective_user proxy
cache_effective_group proxy
coredump_dir /var/spool/squid
shutdown_lifetime 10 seconds
logfile_rotate 1
cachemgr_passwd none all
pid_filename /var/run/squid.pid

acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
connect_timeout 5 minute

#=======================================================
# TAG: Extra Tuning Configuration
#=======================================================

client_persistent_connections off
server_persistent_connections on
half_closed_clients off
strip_query_terms off

memory_pools off
buffered_logs off
log_icp_queries off

store_dir_select_algorithm round-robin
log_fqdn off
forwarded_for off
icp_hit_stale on
query_icmp on
reload_into_ims on
emulate_httpd_log off
negative_ttl 30 seconds
positive_dns_ttl 6 hours
negative_dns_ttl 60 seconds
pconn_timeout 15 seconds
request_timeout 1 minute
store_avg_object_size 13 KB
log_icp_queries off
pipeline_prefetch on
vary_ignore_expire on
half_closed_clients off
high_page_fault_warning 2
nonhierarchical_direct on
prefer_direct off
client_db on
max_filedescriptors 8192
redirector_bypass on
dns_testnames google.com
offline_mode off
quick_abort_min 0 KB
quick_abort_max 0 KB

# Marking ZPH for b/w management
zph_mode tos
zph_local 0×04
zph_parent 0
zph_option 136

#=======================================================
# TAG: Caching you tube
#=======================================================

acl youtube dstdomain .youtube.com
cache allow youtube
cache allow all

acl videocache_allow_url url_regex -i \.youtube\.com\/get_video\?
acl videocache_allow_url url_regex -i \.youtube\.com\/videoplayback \.youtube\.com\/videoplay \.youtube\.com\/get_video\?
acl videocache_allow_url url_regex -i \.youtube\.[a-z][a-z]\/videoplayback \.youtube\.[a-z][a-z]\/videoplay \.youtube\.[a-z][a-z]\/get_video\?
acl videocache_allow_url url_regex -i \.googlevideo\.com\/videoplayback \.googlevideo\.com\/videoplay \.googlevideo\.com\/get_video\?
acl videocache_allow_url url_regex -i \.google\.com\/videoplayback \.google\.com\/videoplay \.google\.com\/get_video\?
acl videocache_allow_url url_regex -i \.google\.[a-z][a-z]\/videoplayback \.google\.[a-z][a-z]\/videoplay \.google\.[a-z][a-z]\/get_video\?
acl videocache_allow_url url_regex -i proxy[a-z0-9\-][a-z0-9][a-z0-9][a-z0-9]?\.dailymotion\.com\/
acl videocache_allow_url url_regex -i vid\.akm\.dailymotion\.com\/
acl videocache_allow_url url_regex -i [a-z0-9][0-9a-z][0-9a-z]?[0-9a-z]?[0-9a-z]?\.xtube\.com\/(.*)flv
acl videocache_allow_url url_regex -i \.vimeo\.com\/(.*)\.(flv|mp4)
acl videocache_allow_url url_regex -i va\.wrzuta\.pl\/wa[0-9][0-9][0-9][0-9]?
acl videocache_allow_url url_regex -i \.youporn\.com\/(.*)\.flv
acl videocache_allow_url url_regex -i \.msn\.com\.edgesuite\.net\/(.*)\.flv
acl videocache_allow_url url_regex -i \.tube8\.com\/(.*)\.(flv|3gp)
acl videocache_allow_url url_regex -i \.mais\.uol\.com\.br\/(.*)\.flv
acl videocache_allow_url url_regex -i \.blip\.tv\/(.*)\.(flv|avi|mov|mp3|m4v|mp4|wmv|rm|ram|m4v)
acl videocache_allow_url url_regex -i \.break\.com\/(.*)\.(flv|mp4)
acl videocache_allow_url url_regex -i redtube\.com\/(.*)\.flv
acl videocache_allow_dom dstdomain .mccont.com .metacafe.com .cdn.dailymotion.com
acl videocache_deny_dom dstdomain .download.youporn.com .static.blip.tv

acl speedtest_allow_url url_regex -i \.speedtest\.net\/ speedtest
acl speedtest_allow_url url_regex ^http:\/\/speedtest\.*
acl speedtest_allow_dom dstdomain .speedtest.net
acl dontrewrite url_regex redbot\.org \.php
acl getmethod method GET

storeurl_access deny dontrewrite
storeurl_access deny !getmethod
storeurl_access deny videocache_deny_dom
storeurl_access allow videocache_allow_url
storeurl_access allow videocache_allow_dom
storeurl_access allow speedtest_allow_url
storeurl_access allow speedtest_allow_dom
storeurl_access deny all

storeurl_rewrite_program /etc/squid/storeurl.pl
storeurl_rewrite_children 7
storeurl_rewrite_concurrency 100

acl store_rewrite_list urlpath_regex -i \/(get_video\?|videodownload\?|videoplayback.*id)
acl store_rewrite_list urlpath_regex -i \.flv$ \.mp3$ \.mp4$ \.swf$ \
storeurl_access allow store_rewrite_list
storeurl_access deny all

#=======================================================
# Definisi refresh patern
#=======================================================
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern ^ftp: 10080 95% 10080 override-lastmod reload-into-ims
refresh_pattern . 1440 95% 10000 override-lastmod reload-into-ims

refresh_pattern -i \.flv$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.mp3$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.mp4$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.swf$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.gif$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.jpg$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.jpeg$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.exe$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth

#=========================================================
# 1 year = 525600 mins, 1 month = 10080 mins, 1 day = 1440
#=========================================================
refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?) 10080 80% 10080 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims
refresh_pattern (get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?) 10080 80% 10080 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims
refresh_pattern \.(ico|video-stats) 10080 80% 10080 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth override-lastmod negative-ttl=10080
refresh_pattern \.etology\? 10080 80% 10080 override-expire ignore-reload ignore-no-cache
refresh_pattern galleries\.video(\?|sz) 10080 80% 10080 override-expire ignore-reload ignore-no-cache
refresh_pattern brazzers\? 10080 80% 10080 override-expire ignore-reload ignore-no-cache
refresh_pattern \.adtology\? 10080 80% 10080 override-expire ignore-reload ignore-no-cache
refresh_pattern ^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 10080 20% 10080 ignore-no-cache ignore-private override-expire ignore-reload ignore-auth negative-ttl=40320 max-stale=10
refresh_pattern ^.*safebrowsing.*google 10080 80% 10080 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth negative-ttl=10080
refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.uk) 10080 80% 10080 override-expire ignore-reload ignore-private negative-ttl=10080
refresh_pattern ytimg\.com.*\.jpg 10080 80% 10080 override-expire ignore-reload
refresh_pattern images\.friendster\.com.*\.(png|gif) 10080 80% 10080 override-expire ignore-reload
refresh_pattern garena\.com 10080 80% 10080 override-expire reload-into-ims
refresh_pattern photobucket.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 10080 80% 10080 override-expire ignore-reload
refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\? 10080 80% 10080 ignore-no-cache override-expire override-lastmod
refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 10080 80% 10080 reload-into-ims override-expire ignore-private
refresh_pattern ^http:\/\/images|pics|thumbs[0-9]\. 10080 80% 10080 reload-into-ims ignore-no-cache ignore-reload override-expire
refresh_pattern ^http:\/\/www.onemanga.com.*\/ 10080 80% 10080 reload-into-ims ignore-no-cache ignore-reload override-expire
refresh_pattern ^http://v\.okezone\.com/get_video\/([a-zA-Z0-9]) 10080 80% 10080 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth override-lastmod negative-ttl=10080

#================================================
#Jejaring sosial
#================================================
refresh_pattern -i \.facebook.com.*\.(jpg|png|gif) 10080 80% 10080 ignore-reload override-expire ignore-no-cache
refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3) 10080 80% 10080 ignore-reload override-expire ignore-no-cache
refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png) 10080 80% 10080 ignore-reload override-expire ignore-no-cache
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png) 10080 80% 10080 ignore-reload override-expire ignore-no-cache
refresh_pattern -i \.twitter.com.*\.(jpg|png|swf|gif) 10080 80% 10080 ignore-reload override-expire ignore-no-cache
refresh_pattern -i \.yahoo.com.*\.(jpg|png|swf|gif) 10080 80% 10080 ignore-reload override-expire ignore-no-cache

#================================================
#Semua File
#================================================
refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims

#==================================================
#Permainan
#==================================================
refresh_pattern ^http:\/\/apps.facebook.com.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache reload-into-ims
refresh_pattern -i \.zynga.com.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache reload-into-ims
refresh_pattern -i \.igg.com.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache override-lastmod reload-into-ims
refresh_pattern -i \.farmville.com.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache override-lastmod reload-into-ims
refresh_pattern -i \.ninjasaga.com.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache override-lastmod reload-into-ims
refresh_pattern -i \.popcap.com.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache override-lastmod reload-into-ims
refresh_pattern -i \.idants.boyaagame.com.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache override-lastmod reload-into-ims
refresh_pattern -i \.games.co.id.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache override-lastmod reload-into-ims
refresh_pattern -i \.frk.gamib.net.*\/ 10080 999999% 43200 ignore-reload override-expire ignore-no-cache override-lastmod reload-into-ims

#========================================
#IIX DOWNLOAD
#========================================
refresh_pattern ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(mp3|rar|zip|flv|wmv|3gp|mp(4|3)|exe|msi|zip) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-auth
refresh_pattern ^http:\/\/\.www[0-9][0-9]\.4shared\.com\/(.*)(mp3|rar|zip|flv|wmv|3gp|mp(4|3)|exe|msi|zip) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-auth
refresh_pattern ^http:\/\/\.www[0-9][0-9]\.ziddu\.com\/(.*)(mp3|rar|zip|flv|wmv|3gp|mp(4|3)|exe|msi|zip) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-auth

# SquidGuard
# redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf

ga mau report …. copy pasta aja … he..he…

5. buat file storeurl.pl

gedit /etc/squid/storeurl.pl

copy pasta konfigurasi storeurl.pl dibawah ini :

#!/usr/bin/perl
# This script is NOT written or modified by me, I only copy pasted it from the internet.
# It was First originally Writen by chudy_fernandez@yahoo.com
# & Have been modified by various persons over the net to fix/add various functions.
# For Example this ver was modified by member of comstuff.net to satisfy common and dynamic content.
# th30nly @comstuff.net a.k.a invisible_theater ,
# For more info, http://wiki.squid-cache.org/ConfigExamples/DynamicContent/YouTube
$|=1;
while (<>) {
@X = split;
# $X[1] =~ s/&sig=.*//;
$x = $X[0] . ” “;
$_ = $X[1];
$u = $X[1];

#speedtest
if (m/^http:\/\/(.*)\/speedtest\/(.*\.(jpg|txt))\?(.*)/) {
print $x . “http://www.speedtest.net.SQUIDINTERNAL/speedtest/” . $2 . “\n”;

#mediafire
}elsif (m/^http:\/\/199\.91\.15\d\.\d*\/\w{12}\/(\w*)\/(.*)/) {
print $x . “http://www.mediafire.com.SQUIDINTERNAL/” . $1 .”/” . $2 . “\n”;

#fileserve
}elsif (m/^http:\/\/fs\w*\.fileserve\.com\/file\/(\w*)\/[\w-]*\.\/(.*)/) {
print $x . “http://www.fileserve.com.SQUIDINTERNAL/” . $1 . “./” . $2 . “\n”;

#filesonic
}elsif (m/^http:\/\/s[0-9]*\.filesonic\.com\/download\/([0-9]*)\/(.*)/) {
print $x . “http://www.filesonic.com.SQUIDINTERNAL/” . $1 . “\n”;

#4shared
}elsif (m/^http:\/\/[a-zA-Z]{2}\d*\.4shared\.com(:8080|)\/download\/(.*)\/(.*\..*)\?.*/) {
print $x . “http://www.4shared.com.SQUIDINTERNAL/download/$2\/$3\n”;

#4shared preview
}elsif (m/^http:\/\/[a-zA-Z]{2}\d*\.4shared\.com(:8080|)\/img\/(\d*)\/\w*\/dlink__2Fdownload_2F(\w*)_3Ftsid_3D[\w-]*\/preview\.mp3\?sId=\w*/) {
print $x . “http://www.4shared.com.SQUIDINTERNAL/$2\n”;

#photos-X.ak.fbcdn.net where X a-z
}elsif (m/^http:\/\/photos-[a-z](\.ak\.fbcdn\.net)(\/.*\/)(.*\.jpg)/) {
print $x . “http://photos” . $1 . “/” . $2 . $3 . “\n”;

#YX.sphotos.ak.fbcdn.net where X 1-9, Y a-z
} elsif (m/^http:\/\/[a-z][0-9]\.sphotos\.ak\.fbcdn\.net\/(.*)\/(.*)/) {
print $x . “http://photos.ak.fbcdn.net/” . $1 .”/”. $2 . “\n”;

#maps.google.com
} elsif (m/^http:\/\/(cbk|mt|khm|mlt|tbn)[0-9]?(.google\.co(m|\.uk|\.id).*)/) {
print $x . “http://” . $1 . $2 . “\n”;

# compatibility for old cached get_video?video_id
} elsif (m/^http:\/\/([0-9.]{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com).*?(videoplayback\?id=.*?|video_id=.*?)\&(.*?)/) {
$z = $2; $z =~ s/video_id=/get_video?video_id=/;
print $x . “http://video-srv.youtube.com.SQUIDINTERNAL/” . $z . “\n”;

# youtube fix
} elsif (m/^http:\/\/([0-9.]{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com)\/videoplayback\?(.*)/) {
$p_str = $2;
$tag = “”;
$alg = “”;
$id = “”;
$range = “”;
if ($p_str =~ m/(itag=[0-9]*)/){$tag = “&”.$1}
if ($p_str =~ m/(algorithm=[a-z]*\-[a-z]*)/){$alg = “&”.$1}
if ($p_str =~ m/(id=[a-zA-Z0-9]*)/){$id = “&”.$1}
if ($p_str =~ m/(range=[0-9\-]*)/){$range = “&”.$1; $range =~ s/-//; $range =~ s/range=//; }
print $x . “http://video-srv.youtube.com.SQUIDINTERNAL/” . $tag . “&” . $alg . “&” . $id . “&” . $range . “\n”;

} elsif (m/^http:\/\/www\.google-analytics\.com\/__utm\.gif\?.*/) {
print $x . “http://www.google-analytics.com/__utm.gif\n”;

#Cache High Latency Ads
} elsif (m/^http:\/\/([a-z0-9.]*)(\.doubleclick\.net|\.quantserve\.com|\.googlesyndication\.com|yieldmanager|cpxinteractive)(.*)/) {
$y = $3;$z = $2;
for ($y) {
s/pixel;.*/pixel/;
s/activity;.*/activity/;
s/(imgad[^&]*).*/\1/;
s/;ord=[?0-9]*//;
s/;&timestamp=[0-9]*//;
s/[&?]correlator=[0-9]*//;
s/&cookie=[^&]*//;
s/&ga_hid=[^&]*//;
s/&ga_vid=[^&]*//;
s/&ga_sid=[^&]*//;
# s/&prev_slotnames=[^&]*//
# s/&u_his=[^&]*//;
s/&dt=[^&]*//;
s/&dtd=[^&]*//;
s/&lmt=[^&]*//;
s/(&alternate_ad_url=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
s/(&url=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
s/(&ref=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
s/(&cookie=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
s/[;&?]ord=[?0-9]*//;
s/[;&]mpvid=[^&;]*//;
s/&xpc=[^&]*//;
# yieldmanager
s/\?clickTag=[^&]*//;
s/&u=[^&]*//;
s/&slotname=[^&]*//;
s/&page_slots=[^&]*//;
}
print $x . “http://” . $1 . $2 . $y . “\n”;

#cache high latency ads
} elsif (m/^http:\/\/(.*?)\/(ads)\?(.*?)/) {
print $x . “http://” . $1 . “/” . $2 . “\n”;

# spicific servers starts here….
} elsif (m/^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*?)/) {
print $x . “http://” . $1 . “\n”;

#cdn, varialble 1st path
} elsif (($u =~ /filehippo/) && (m/^http:\/\/(.*?)\.(.*?)\/(.*?)\/(.*)\.([a-z0-9]{3,4})(\?.*)?/)) {
@y = ($1,$2,$4,$5);
$y[0] =~ s/[a-z0-9]{2,5}/cdn./;
print $x . “http://” . $y[0] . $y[1] . “/” . $y[2] . “.” . $y[3] . “\n”;

#rapidshare
} elsif (($u =~ /rapidshare/) && (m/^http:\/\/(([A-Za-z]+[0-9-.]+)*?)([a-z]*\.[^\/]{3}\/[a-z]*\/[0-9]*)\/(.*?)\/([^\/\?\&]{4,})$/)) {
print $x . “http://cdn.” . $3 . “/SQUIDINTERNAL/” . $5 . “\n”;

} elsif (($u =~ /maxporn/) && (m/^http:\/\/([^\/]*?)\/(.*?)\/([^\/]*?)(\?.*)?$/)) {
print $x . “http://” . $1 . “/SQUIDINTERNAL/” . $3 . “\n”;

#like porn hub variables url and center part of the path, filename etention 3 or 4 with or without ? at the end
} elsif (($u =~ /tube8|pornhub|xvideos/) && (m/^http:\/\/(([A-Za-z]+[0-9-.]+)*?(\.[a-z]*)?)\.([a-z]*[0-9]?\.[^\/]{3}\/[a-z]*)(.*?)((\/[a-z]*)?(\/[^\/]*){4}\.[^\/\?]{3,4})(\?.*)?$/)) {
print $x . “http://cdn.” . $4 . $6 . “\n”;
#…spicific servers end here.

#photos-X.ak.fbcdn.net where X a-z
} elsif (m/^http:\/\/photos-[a-z].ak.fbcdn.net\/(.*)/) {
print $x . “http://photos.ak.fbcdn.net/” . $1 . “\n”;

#for yimg.com video
} elsif (m/^http:\/\/(.*yimg.com)\/\/(.*)\/([^\/\?\&]*\/[^\/\?\&]*\.[^\/\?\&]{3,4})(\?.*)?$/) {
print $x . “http://cdn.yimg.com//” . $3 . “\n”;

#for yimg.com doubled
} elsif (m/^http:\/\/(.*?)\.yimg\.com\/(.*?)\.yimg\.com\/(.*?)\?(.*)/) {
print $x . “http://cdn.yimg.com/” . $3 . “\n”;

#for yimg.com with &sig=
} elsif (m/^http:\/\/(.*?)\.yimg\.com\/(.*)/) {
@y = ($1,$2);
$y[0] =~ s/[a-z]+[0-9]+/cdn/;
$y[1] =~ s/&sig=.*//;
print $x . “http://” . $y[0] . “.yimg.com/” . $y[1] . “\n”;

#youjizz. We use only domain and filename
} elsif (($u =~ /media[0-9]{2,5}\.youjizz/) && (m/^http:\/\/(.*)(\.[^\.\-]*?\..*?)\/(.*)\/([^\/\?\&]*)\.([^\/\?\&]{3,4})((\?|\%).*)?$/)) {
@y = ($1,$2,$4,$5);
$y[0] =~ s/(([a-zA-A]+[0-9]+(-[a-zA-Z])?$)|(.*cdn.*)|(.*cache.*))/cdn/;
print $x . “http://” . $y[0] . $y[1] . “/” . $y[2] . “.” . $y[3] . “\n”;

#general purpose for cdn servers. add above your specific servers.
} elsif (m/^http:\/\/([0-9.]*?)\/\/(.*?)\.(.*)\?(.*?)/) {
print $x . “http://squid-cdn-url//” . $2 . “.” . $3 . “\n”;

#generic http://variable.domain.com/path/filename.”ex” “ext” or “exte” with or withour “? or %”
} elsif (m/^http:\/\/(.*)(\.[^\.\-]*?\..*?)\/(.*)\.([^\/\?\&]{2,4})((\?|\%).*)?$/) {
@y = ($1,$2,$3,$4);
$y[0] =~ s/(([a-zA-A]+[0-9]+(-[a-zA-Z])?$)|(.*cdn.*)|(.*cache.*))/cdn/;
print $x . “http://” . $y[0] . $y[1] . “/” . $y[2] . “.” . $y[3] . “\n”;

# generic http://variable.domain.com/…
} elsif (m/^http:\/\/(([A-Za-z]+[0-9-]+)*?|.*cdn.*|.*cache.*)\.(.*?)\.(.*?)\/(.*)$/) {
print $x . “http://cdn.” . $3 . “.” . $4 . “/” . $5 . “\n”;

# spicific extention that ends with ?
} elsif (m/^http:\/\/(.*?)\/(.*?)\.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|on2)(.*)/) {
print $x . “http://” . $1 . “/” . $2 . “.” . $3 . “\n”;

# all that ends with ;
} elsif (m/^http:\/\/(.*?)\/(.*?)\;(.*)/) {
print $x . “http://” . $1 . “/” . $2 . “\n”;

} else {
print $x . $_ . “sucks\n”;
}
}

6. buat hak hak akses proxy untuk folder cache dan file storeurl ; ketik perintah-perintah dibawah ini di terminal

chown proxy:proxy /cache
chown proxy:proxy /etc/squid/storeurl.pl
chmod 777 /etc/squid/storeurl.pl
chmod 777 /cache

7. cek konfigurasi squid dengan perintah

squid -k parse

Jika tidak ada erorr lanjut dengan ;

squid -f /etc/squid/squid.conf -z

8. restart squid

service squid restart –> untuk restart squid

service squid start –> untuk start squid

service squid stop –> untuk stop squid

9. redirect akses dengan port 80 ke squid, ketikan perintah dibawah ini :

untuk tcp : iptables -t nat -I PREROUTING -i eth1 -p tcp -m tcp –dport 80 -j REDIRECT –to-ports 3128

Keterangan eth1 adalah : Ethernet LAN

untuk udp :
iptables -t nat -I PREROUTING -i eth1 -p udp -m udp –dport 80 -j REDIRECT –to-ports 3128

10. supaya nat tersebut jalan saat startup, masukan perintah diatas di rc.local diatas exit 0

gedit /etc/rc.local

11. install ccze

apt-get install ccze

12. untuk melihat LOG squid :

tail -f /var/log/squid/access.log

atau

tail -f /var/log/squid/access.log | ccze

Apabila berhasil maka akan terdapat tampilan di bawah ini:

screenshot

Selamat berlatih :)

Print Friendly

October 6, 2013 This post was written by Categories: LinuxTutorial No comments yet


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>