catatan installl lusca r14809 di ubuntu server 12.

04 cache_dir aufs di /usr/var/cache1

*** Install ububuntu 11.10 sudah sempurna sudo sudo sudo sudo sudo sudo sudo sudo sudo sudo sudo apt-get apt-get apt-get apt-get apt-get apt-get apt-get apt-get apt-get apt-get apt-get update install install install install install install install install install install squid -y squid squidclient squid-cgi squid-common squid-langpack -y gcc -y build-essential -y sharutils -y ccze -y libzip-dev -y automake1.9 -y acpid multitail -y

atau $sudo apt-get update $sudo apt-get install squid squidclient squid-cgi gcc build-essential sharutils ccze libzip-dev automake1.9 acpid multitail sudo apt-get install squid squidclient squid-cgi gcc build-essential sharutils c cze libzip-dev automake1.9 acpid multitail -y *** Install tool monitor wget http://squidmon.googlecode.com/svn/trunk/squidmon.py sudo chmod +x squidmon.py wget http://www.pixelbeat.org/scripts/ps_mem.py sudo chmod +x ps_mem.py 2. ==================================== *** Instalasi LUSCA *** Daftar Web LUSCA http://code.google.com/p/lusca-cache/downloads/list *** Download file LUSCA dibawah ini wget http://lusca-cache.googlecode.com/files/LUSCA_HEAD-r14809.tar.gz *** Seteleah selesai ekstrak filenya tar xzvf LUSCA_HEAD-r14809.tar.gz cd LUSCA_HEAD-r14809/ ***ketik

com/files/sysctl.conf /etc/squid/squid.d/squid.backup && sudo mv /etc/init.sh Jika menggunakan Ubuntu Server 64/bit.com/files/E RR_ACCESS_DENIED 5. ======================= compile lusca CHOST="i686-pc-Linux-gnu" CFLAGS="-march=prescott -O2 -pipe -fomit-frame-pointer" CXXFLAGS="${CFLAGS}" . masukkan perintah : make distclean 3.pl && wget http://ouziel-lusca.googlecode./configure --prefix=/usr --exec_prefix=/usr --bindir=/usr/sbin --sbindir=/usr/s bin --libexecdir=/usr/lib/squid --sysconfdir=/etc/squid \ --localstatedir=/var/spool/squid --datadir=/usr/share/squid --enable-async-io=24 --with-aufs-threads=24 --with-pthreads --enable-storeio=aufs \ --enable-Linux-netfilter --enable-arp-acl --enable-epoll --enable-removal-polici es=heap --with-aio --with-dl --enable-snmp \ --enable-delay-pools --enable-htcp --enable-cache-digests --disable-unlinkd --en able-large-cache-files --with-large-files \ --enable-err-languages=English --enable-default-err-language=English --with-maxf d=65536 4.backup *** Salin File berikut ini.googlecode.com/files/squid.backup && sudo mv /etc/sysctl.conf.com/files/refresh .googlecode.googlecode.txt && cd /etc && wget http://ouziel-lusca.googlecode.conf /etc/sysctl.d/squid /etc/init.googlecode.========================== *** Compile *** Setelah selesai ketik dibawah ini sudo make && sudo make install *** Matikan Squid squid stop *** Backup original file sudo mv /etc/squid/squid.com/files/storeurl.=============== .conf && cd /usr/share/squid/errors/en && wget http://ouziel-lusca.conf && cd /etc/init.conf && wget http://ouziel-l usca.d && wget http://ouziel-lusca. dengan mengetikkan pada putty (blok dan paste lewat putty cd /etc/squid && wget http://ouziel-lusca../bootstrap.conf.com/files/porno.com/files/squid && cd /usr/local/etc/squid && wget http://ouziel-lusca.googlecode.

conf # Memberikan permission pada folder cache squid tidak jalan.2.pl 755 /etc/squid/tunning-ubuntu.proxy /etc/squid/tunning-ubuntu. # apt-get install havp squid squid-common squid-cgi squidclient chown chmod chown chmod proxy:proxy /cache 777 /cache proxy:proxy /etc/squid/storeurl.log && 777 /etc/squid/storeurl.conf -R proxy.0/24 (sesuaikan dengan IP warnet anda) ls -all /cache1 *** cek konfigurasi squid squid -z sudo squid -k parse squid -k reconfigure ##cek squid.log untuk melihat koneksi client di proxy dan informasinya: .168.d/squid Memberikan permission pada folder cache # # # # # # # chown chown chown chmod chmod chown chown -R proxy.pl -R proxy.proxy /squid-3 755 /etc/squid/storeurl-ubuntu.***Buat folder cache sudo sudo sudo sudo sudo sudo sudo squid chown chown chown chown chmod chmod start && proxy:proxy /cache1 /cache2 /cache3 /cache4 && proxy:proxy /etc/squid/storeurl.log && proxy:proxy /var/log/squid/cache..conf monitoring proxy : tail -f /var/squid/log/access.d/squid sudo chmod +x /etc/init.proxy /squid-2 -R proxy.pl && proxy:proxy /var/log/squid/access.pl && 777 /cache1 /cache2 /cache3 /cache4 sudo chmod -R 775 /cache1 /cache2 /cache3 sudo chmod +x /etc/init.pl *** Buka file squid.proxy /squid-1 -R proxy.conf pada Directory /etc/squid/ edit dan sesuaikan bagian in i : cache_dir aufs /cache 7000 16 256 (sesuai dengan ukuran dan partisi cache anda) acl localnet src 192.pl 777 /etc/squid/storeurl.proxy /etc/squid/storeurl-ubuntu.

168./ps_mem.d squid defaults *** Reboot Ubuntu tail -f /var/log/messages dns_nameservers 192.conf -z tail -f /var/log/squid/access.py ps aux | grep squid .log | ccze squid -z squid -d 8 squid -k rotate squid -N -d 1 -D squid -NCd1 *** restart squid sudo squid restart /etc/init.log tail -f /var/log/squid/access.0.168.1 -p 3128 mgr:info # squidclient mgr:info Restart Mesin ubuntu adalah : sudo shutdown -r now sudo reboot ps ax | grep squid *** Jika tidak ada erorr lanjut squid -f /etc/squid/squid.1.conf -z squid -f /etc/squid/squid.# squidclient -h ip.168.un. definisikan di /etc/resolv.0.conf nameservernya dan sea rch-nya http://blog.last.d/squid restart *** set aktif saat boot sudo update-rc.2 ini ipnya dns server lokal?kl iya diganti aj dns_nameservers 127.100.fm/2007/08/30/squid-optimization-guide squidclient mgr:info sudo .tu -p 3128 mgr:info misalnya # squidclient -h 192.ub.

100.168.d/common-session session required pam_limits.0.0.0/8 172. *type this command in your teminal /usr/sbin/squid -NCd1 OPTIMALKAN partisi btrfs nya : # lsmod |grep -i btrfs # nano /etc/fstab /cache btrfs noatime.0/24 buat squid caching /usr/sbin/squid -z Running test your squid performance.conf # nano /etc/pam.0.0.conf.NET/domain/named.16.noacl 0 2 OPTIMALKAN juga kernelnya : default FD 1024 cek di console # ulimit -n cara merubah : # ulimit -HSn 65536 # echo root soft nofile 65536? >> /etc/security/limits. dan servis dns lainnya (bind/dnsmasq .cache unbound-control-setup chown unbound:root unbound_* chmod 440 unbound_* sesuaikan config /etc/unbound/unbound.conf # echo root hard nofile 65536? >> /etc/security/limits.0/12 192.INTERNIC.acl acl acl acl localnet localnet localnet localnet src src src src 10.so # modprobe ip_conntrack kemudian tambahkan ip_contrack di /etc/modules # nano /etc/modules Tambahkan kalimat berikut : ip_conntrack DNS Unbound High Performance apt-get install unbound cd /etc/unbound wget ftp://FTP.168.compress.0/24 192.

0.0.0.0.0.0.4? hide-identity: yes hide-version: yes harden-glue: yes do-not-query-address: 127.0/8 allow access-control: 127.0.168.1/8 do-not-query-localhost: yes module-config: iterator #zone localhost .0/0 refuse chroot: /etc/unbound username: unbound directory: /etc/unbound #logfile: /etc/unbound/unbound.pid root-hints: /etc/unbound/named.16.0.0.0/0 allow access-control: 192.log #use-syslog: yes logfile: use-syslog: no pidfile: /etc/unbound/unbound.0/12 allow access-control: 10.cache identity: DNS version: 1.0/16 allow access-control: 172.0.0.dll) harus di stop agar tidak bentrok) # nano server: verbosity: 1 statistics-interval: 120 statistics-cumulative: yes num-threads: 1 interface: 0.0.0.0.0/8 allow access-control: 0.0 outgoing-range: 512 num-queries-per-thread: 1024 msg-cache-size: 16m rrset-cache-size: 32m msg-cache-slabs: 4 rrset-cache-slabs: 4 cache-max-ttl: 86400 infra-host-ttl: 60 infra-lame-ttl: 120 infra-cache-numhosts: 10000 infra-cache-lame-size: 10k do-ip4: yes do-ip6: no do-udp: yes do-tcp: yes do-daemonize: yes #access-control: 0.

192.168. local-data: 2.2. static localhost.1 116. 10800 IN NS localhost.168. 2 3600 1200 604800 10800? local-data: 1. 86400 IN MX 10 mail. 86400 IN A 192.192.zoky.net.0.8. local-data: zoky.arpa.168. 86400 IN SOA zoky. 86400 IN NS ns1.2? local-data: www.net.pem control-key-file: /etc/unbound/unbound_control.arpa.192.67.222 208. hostmaster. 10800 IN NS localhost. nobody.key server-cert-file: /etc/unbound/unbound_server.arpa. local-data: 127.net.2.168.net.arpa.key control-cert-file: /etc/unbound/unbound_control.2? local-data: ns1.net.net local-zone: zoky.4 208.in-addr.67.0.168.arpa.0. static local-data: 127. forward-addr: forward-addr: forward-addr: forward-addr: forward-addr: forward-addr: forward-addr: forward-addr: 192.invalid. 86400 IN A 192.local-zone: local-data: local-data: 10800? local-data: localhost.192. static local-data: 2.168.in-addr.in-addr.2. 86400 IN TXT v=spf1 a mx ~all local-zone: 2.2? local-data: mail. nobody.zoky.zoky.zoky. static local-data: zoky. 10800 IN A 127.2? local-data: zoky.conf edit file di /etc/resolv.conf : .in-addr.net.in-addr.zoky.net. 10800 IN PTR zoky.130. forward-zone: name: .in-addr.pem lalu save di /etc/unbound/unbound.99.zoky.2.196.in-addr.168. localhost.254 202. 1 3600 1200 604800 localhost.net.conf forward-zone: sesuaikan dengan DNS ISP anda cek configure unbound : # unbound-checkconf /etc/unbound/unbound.arpa.arpa. 10800 IN SOA zoky.168. 10800 IN NS zoky. hostmaster.1? local-zone: 127. 10800 IN SOA localhost.net. 3 3600 1200 604 800 86400? local-data: zoky.5 8. 86400 IN A 192. #zone zoky.net. 10800 IN SOA localhost.2.net.4. 86400 IN A 192. 10800 IN PTR localhost. local-data: zoky.net.0.0.222.155 203.127.254.1 control-port: 953 server-key-file: /etc/unbound/unbound_server.net.in-addr.8.220.zoky.0.220 remote-control: control-enable: yes control-interface: 127.net.8 8.168.net. 4 3600 1200 604800 864000? local-data: 2.134.0.2.net.arpa.8.net.invalid.

1 edit file /etc/network/interfaces # nano /etc/network/interfaces iface eth0 inet static address 192.168.0 broadcast 192.168.2 Untuk monitor : # unbound-control stats # sudo unbound-control stats | tail -16 # sudo apt-get update # sudo apt-get install squid # nano /etc/default/squid SQUID_MAXFD=8192 # sudo apt-get install squid squidclient squid-cgi # sudo apt-get install gcc # grep -E #define\W+__FD_SETSIZE /usr/include/*.# nano /etc/resolv.0.1 Address: 127.0.in-addr.1 # dns-* options are implemented by the resolvconf package.0.0.1#53 Name: Q.0.168. if installed dns-nameservers 127.0.2.h #define __FD_SETSIZE 65536 # nano /usr/include/bits/typesizes.255.conf nameserver 127.2 netmask 255.0.net Address: 192.0.0.0.168.2.1 untuk cek apakah d jalan : # /etc/init.2 Server: 127.h # nano /usr/include/linux/posix_types.168.0.net # nslookup zoky.255 gateway 192.1#53 2.2.2.255.arpa name = zoky.2.168.h /usr/include/*/*.1 Address: 127.d/unbound restart # nslookup 192.2.net Server: 127.168.h #define __FD_SETSIZE 65536 .192.0.2.0 network 122.

com/wiki/Safe_Cflags/AMD # untuk INTEL http://en.html kemudian copy dengan menggunakan putty putty bisa didownload di : 4shared.com /file/16tJyvlq/putty.com /file/KlAfa3dQ/winscp428.gz jika memakai lusca FMI : # tar tar xzvf LUSCA_FMI.gentoo-wiki.com/files/LUSCA_FMI.diff /home/proxyku/LUSCA_HEAD-r14809 masuk ke foldernya : jika menggunakan lusca r14809 : # cd LUSCA_HEAD-r14809/ @ patch dulo revalidate dgn cara : patch -p0 < imr.Download Lusca download lusca r14809 lewat terminal ubuntu dengan perintah : # wget http://untuk-kita-semua.so # # # # # sudo sudo sudo sudo sudo apt-get apt-get apt-get apt-get apt-get install install install install install build-essential sharutils ccze libzip-dev automake1.gentoo-wiki.gz jika menggunakan lusca r14809 : copy file imr.googlecode.# nano /etc/pam.9 3.com/wiki/Safe_Cflags/Intel .tar.tar..diff ke /home/proxyku dengan menggunakan winscp.gz download lusca FMI lewat terminal ubuntu dengan perintah : # wget http://untuk-kita-semua.gz lalu ekstrak :masuk ke foldernya : jika memakai lusca r14809 : # tar xzvf LUSCA_HEAD-r14809.html # sudo cp /home/proxyku/imr. winscp bisa didownload di : 4shared.d/login Session required /lib/security/pam_limits. # untuk AMD http://en..tar.googlecode.com/files/LUSCA_HEAD-r14809.!! sekarang dimulai tahap compile nya : cat /proc/cpuinfo : untuk mengetahui info cpu proxy nya dan sesuaikan dengan pro cessor yang anda pakai Link untuk mengetahui CHOST dan CFLAGS .diff jika menggunakan lusca FMI : # cd LUSCA_FMI/ jika menggunakan lusca FMI di unbuntu 64 sebelum compile lakukan perintah ini di dalam folder lusca FMI : # make distclean ok.tar.

10 #copy file squid yg di download tadi ke /etc/init.sebagai contoh saya menggunakan amd x2 7750 BE : CHOST= x86_64-pc-linux-gnu \ CFLAGS= -march=amdfam10 -msse3 -O2 -pipe \ .conf -z # Restart squid sudo /etc/init. Langkah selanjutnya # Memberikan permission pada folder cache chown chmod chown chmod proxy:proxy /cache 777 /cache proxy:proxy /etc/squid/storeurl.pl # Membuat folder-folder swap/cache di dalam folder cache yang telah ditentukan d g perintah : squid -f /etc/squid/squid.conf /etc/squid sudo cp /home/proxyku/storeurl.d/squid stop #copy file squid.file-max=65536 vm.swappiness = 3 .conf fs.pl /etc/squid 4.pl yg di download tadi kedalam folder /etc/sq uid -> edit sesuai network juragan sudo cp /home/proxyku/squid. dan storeur.conf.d/squid restart # nano /etc/sysctl.d/ jgn lupa di : #sudo chmod +x /etc/init.d/squid stop jalan di ubuntu 10. ketik perintah berikut di terminal ubuntu : # make # sudo make install Edit squid.pl 777 /etc/squid/storeurl.conf agar perintah sudo /etc/init./configure prefix=/usr exec_prefix=/usr bindir=/usr/sbin sbindir=/usr/sbin libexecdi r=/usr/lib/squid sysconfdir=/etc/squid \ localstatedir=/var/spool/squid datadir=/usr/share/squid enable-async-io=24 with-aufs -threads=24 with-pthreads enable-storeio=aufs \ enable-linux-netfilter enable-arp-acl enable-epoll enable-removal-policies=heap withaio with-dl enable-snmp \ enable-delay-pools enable-htcp enable-cache-digests disable-unlinkd enable-large-cach e-files with-large-files \ enable-err-languages=English enable-default-err-language=English with-maxfd=65536 selanjutnya.drop_caches = 3 vm.d/ # sudo cp /home/proxyku/squid /etc/init.d/squid # stop dulu squidnya : sudo /etc/init.

disable_ipv6 = 1 net.default.tcp_keepalive_time = 60 net.accept_source_route = 0 kernel.netdev_max_backlog = 30000 net.conf.ip_local_port_range = 16384 65535 net.shmall = 268435456 net.ipv4./ps_mem. baru di sysctl -p catatan : utk ram 512Mb kurangi saja parameter *mem di kolom ke dua dan tiga men jadi setengahnya.ip_conntrack_max = 16777216 net.ipv4.tcp_sack = 0 net.ipv4.conf.py .wmem_max=16777216 net.core_uses_pid = 1 kernel.ipv4.ipv6.all.netfilter.tcp_keepalive_intvl = 10 net.disable_ipv6 = 1 net.tcp_max_syn_backlog = 262144 net.tcp_wmem=4096 65536 16777216 net.core.ipv4.ipv4.ipv4.tcp_tw_recycle = 1 net.disable_ipv6 = 1 setelah di save.ipv4.googlecode.py Install Squidmon : # wget http://squidmon.ipv4.ipv4.shmmax = 4294967295 kernel.tcp_rmem=4096 87380 16777216 net.ipv4.tcp_syn_retries = 2 net.msgmax = 65536 kernel.tcp_max_tw_buckets = 1440000 net.tcp_keepalive_probes = 6 net.nf_conntrack_acct= 1 net.netfilter.conf.conf.ipv6.py # chmod +x ps_mem.ipv4.tcp_synack_retries = 2 net.lo.conf.py # chmod +x squidmon.ipv4.ipv6.core.core.org/scripts/ps_mem.py # .ipv4.tcp_tw_reuse = 1 net.tcp_fin_timeout = 3 net.net.ipv4.pixelbeat.core.tcp_timestamps = 0 net.com/svn/trunk/squidmon.sysrq = 0 kernel.ipv4.rmem_max=16777216 net.default.tcp_syncookies = 0 net.ipv4.tcp_no_metrics_save=1 net.ipv4. kolom ke satu biarkan saja Reboot CPU nya tambahan : Menghitung memory yang sedang digunakan oleh aplikasi di Linux : # wget http://www.msgmnb = 65536 kernel.rp_filter = 1 net.ipv4.somaxconn = 262144 net.ipv4.default.ipv4.tcp_max_orphans = 262144 net.

6. reboot 16.conf tambahkan berikut ini : snmp_port 3401 acl snmppublic snmp_community public snmp_access allow snmppublic all 9.xxx. 5.d/squid stop sudo /etc/init.xxx.2.untuk monitor squid : # cat /var/log/squid/access.pl gather 13.log tail -n 80 /var/log/squid/cache.pl createdb 12. squidstats. apt-get install librrds-perl libsnmp-session-perl snmpd rrdtool snmp apache2 perl -MCPAN -e install Config::IniFiles wget http://jaringanwarnet.cgi Agar bias di akses dari luar buat spt ini : /ip firewall nat add action=dst-nat chain=dstnat comment=redir-squidtasq disabled=no \ dst-address=xxx./squidmon. crontab -e (kemudian copy rule dibawah ini) */5 * * * * /usr/local/bin/squidstats.log .d 15.xxx dst-port=8080 protocol=tcp to-addresses=192. cp squidstats.d/squid restart /etc/init. 4.log | . 5. 3.py # cat /var/log/squid/access.2 to-ports=80 Untuk memonitor SQUID : sudo /etc/init.tar tar -xvf squidstats-r54.d/unbound restart unbound-control stats sudo unbound-control stats | tail -16 squidclient mgr:info squidclient mgr:client_list tail -f /var/log/squid/access. make && make install 10.conf /etc/apache2/conf.pl gather >/dev/null 14.tar cd squidstats-r54 cp mib.conf /etc/snmp/ untuk squid. -y 2.168.com/downloads/squidstats-r54. snmpwalk -v 1 -c public localhost 11.log | python squidmon.txt /etc/squid/ cp snmpd.py MEMBUAT SQUIDSTATS 1.log tail -f /var/log/squid/cache. squidstats. cek hasilnya ke http://isi dg ipproxy/squidstats/graph-summary. 8.

cgi .py cat /var/log/squid/access./ps_mem.py http://192.2.2/squidstats/graph-summary.squidclient mgr:storedir cat /var/log/squid/access.log | ./squidmon.168.py .log | python squidmon.

Sign up to vote on this title
UsefulNot useful