You are on page 1of 3

apt-get update

apt-get install devscripts build-essential openssl libssl-dev fakeroot libcppuni
t-dev libsasl2-dev cdbs ccze libfile-readbackwards-perl libcap2 libcap-dev libca
p2-dev
apt-get install devscripts build-essential openssl libssl-dev fakeroot libcppuni
t-dev libsasl2-dev cdbs ccze libfile-readbackwards-perl libcap2 libcap-dev libca
p2-dev
apt-get install sysv-rc-conf
wget http://www.squid-cache.org/Versions/v3/3.4/squid-3.4.6.tar.gz
tar xzvf squid-3.4.8.tar.gz
cd squid-3.4.8
./configure --prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin \
--libexecdir=/usr/lib/squid --sysconfdir=/etc/squid --localstatedir=/var --libdi
r=/usr/lib \
--includedir=/usr/include --datadir=/usr/share/squid --infodir=/usr/share/info
\
--mandir=/usr/share/man --disable-dependency-tracking --enable-storeio=ufs,aufs,
diskd \
--enable-removal-policies=lru,heap --enable-icmp --enable-esi --enable-icap-clie
nt --disable-wccp \
--disable-wccpv2 --enable-kill-parent-hack --enable-cache-digests --enable-follo
w-x-forwarded-for \
--enable-x-accelerator-vary --enable-zph-qos --with-default-user=proxy --with-lo
gdir=/var/log/squid \
--with-pidfile=/var/run/squid.pid --with-large-files --enable-ltdl-convenience -with-filedescriptors=65536 \
--enable-ssl --enable-ssl-crtd --disable-auth --build=amd64-linux-gnu build_alia
s=amd64-linux-gnu
make && make install
ubah pemilik file folder cache
chown
chown
chown
chown
chown
chown

-R
-R
-R
-R
-R
-R

proxy:proxy
proxy:proxy
proxy:proxy
proxy:proxy
proxy:proxy
proxy:proxy

/etc/squid/squid.conf
/etc/squid/storeid.pl
/cache1
/cache2
/cache3
/cache4

chown -R proxy:proxy /var/log/squid
chmod
chmod
chmod
chmod
chmod
chmod

777
777
777
777
777
644

/cache1
/cache2
/cache3
/cache4
/etc/squid/storeid.pl
/etc/squid/squid.conf

copy file squid ke /etc/init.d/
chmod +x /etc/init.d/squid
update-rc.d squid defaults
cd /etc/squid
mkdir ssl_cert

pem -outform DER -out myCA.0/0 dev lo table 100 echo 0 > /proc/sys/net/ipv4/conf/lo/rp_filter echo 1 > /proc/sys/net/ipv4/ip_forward exit 0 mangle pada mikrotik /ip firewall mangle add action=mark-routing chain=prerouting comment="TPROXY ROUTING" disabled=no ds t-port=80.2/32 -p tcp --dport 443 -j TPROX Y --tproxy-mark 0x1/0x1 --on-port 3127 /sbin/ip rule add fwmark 1 lookup 100 /sbin/ip route add local 0.der mkdir /var/squid cd /var/squid mkdir ssl_db cd chown -R nobody /var/squid/ssl_db/ /usr/lib/squid/ssl_crtd -c -s /var/squid/ssl_db/certs chown -R proxy:proxy /var/squid/ssl_db/ squid -z tambahkan file dibawah in pada /etc/rc.0.local modprobe modprobe modprobe modprobe modprobe modprobe modprobe modprobe modprobe modprobe xt_TPROXY xt_socket nf_tproxy_core xt_mark nf_nat nf_conntrack_ipv4 nf_conntrack nf_defrag_ipv4 ipt_REDIRECT iptable_nat iptables -t mangle -F iptables -t mangle -X iptables -t mangle -N DIVERT iptables -t mangle -A DIVERT -j MARK --set-mark 1 iptables -t mangle -A DIVERT -j ACCEPT iptables -t mangle -A INPUT -j ACCEPT iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT iptables -t mangle -A PREROUTING ! -d 192.2/32 -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3129 iptables -t mangle -A PREROUTING ! -d 192.443 in-inter .0.cd ssl_cert openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout myCA.443 in-interface=ether4-lan new-routing-mark=tproxy_rm passthrough=no \ protocol=tcp add action=mark-connection chain=prerouting disabled=no dst-port=80.3.168.3.pem -out myCA.pem openssl x509 -in myCA.168.

3.168.2 add action=mark-routing chain=prerouting connection-mark=tproxy_cm disabled=no i n-interface=!ether5-proxy new-routing-mark=tproxy_rm passthrough=no /ip route add disabled=no distance=1 dst-address=0.0.0.2 routing-mar k=tproxy_rm scope=30 target-scope=10 .0/0 gateway=192.face=ether5-proxy new-connection-mark=tproxy_cm passthrough=yes protocol=tcp \ src-address=!192.88.168.