msi semua bisa setting squid3 https caching

Kurangi Rokokmu Tambahin Sedekahmu – http://www.sedekahrombongan.com

Buka VirtualBox, Klik New. Ikuti petunjuk gambar dibawah ini :-D

Muncul error, klik Continue saja (karena network adapternya di-matikan tadi). Kita ON nanti setelah

instalasi Ubuntu Servernya selesai :-D

Isi nama komputernya

Isi full user name

Isi user name

Isi password

Isikan lagi password yang sama

Pilih No saja

Pilih Timezone

Pilih Partition Method – Guided – use entire disk

Enter saja

Tekan Enter saja

Pilih No automatic update

Tekan SPASI untuk memilih OpenSSHServer

Pilih Yes

Tekan Enter

Beres. Selesai sudah Install Ubuntu Server. Mudah bukan????.....bukaaaaaaaaaaaaaaan

Lanjut mau aktifkan Network Adapter di VirtualBox

Login lalu shutdown Ubuntu Virtual Machine

Kembali ke VirtualBox, pilih Settings dan centang Enable Network Adapter

Start kembali Ubuntu Server VirtualBox. Login dan aktifkan network adapter eth0

sudo ifconfig eth0 up

Cek apakah eth0 sudah UP atau belum. Ketik ifconfig

Lanjut, isi ip address. Ketik sudo nano /etc/network/interfaces. Isi sesuai ip address di tempatmu

Tekan tombol Ctrl+O lalu Enter

Tekan tombol Ctrl+X untuk keluar dari nano editor.

Lanjut dengan test ping ke ip address gateway

Network is unreachable..hehe…lupa restart dulu service networkingnya. Ketik sudo service networking

restart

Test ping pasti gagal juga…lupa di adapter virtualbox nya belum connect cable :-D. Poweroff dulu,

kembali ke VirtualBox Settings…Sorry pemirsa…wis tuo…hahaha

Start lagi bray..wkwkwkw

Test ping ke gateway

Ping ke www.dokter-squid-indonesia.com

Ok. Good. Koneksi internet lancar. Lanjut install squid.

Update Ubuntu Servernya terlebih dahulu

Ketik sudo apt-get update

Sabar menunggu sampai selesai…..

Kita lanjut pake Aplikasi WinSCP dan Putty (biar mudah copy pastenya)..itukan yang kamu

mau..heuheuheu. Kalau belum ada download dan install

http://winscp.net/download/winscp556setup.exe

http://the.earth.li/~sgtatham/putty/latest/x86/putty-0.63-installer.exe

Pilih Yes

Open Putty dengan meng-klik toolbar Putty

Klik Yes

Masukin password user yang tadi dibuat

Install SQUID

Copy paste command dibawah ini :

sudo su

sudo apt-get install devscripts -y

sudo apt-get install libcap-*

sudo apt-get install openssl -y

sudo apt-get install ccze -y

wget http://www.squid-cache.org/Versions/v3/3.4/squid-3.4.9.tar.gz

tar xzvf squid-3*

cd squid-3*

./configure --prefix=/usr \

--bindir=/usr/bin \

--sbindir=/usr/sbin \

--libexecdir=/usr/lib/squid \

--sysconfdir=/etc/squid \

--localstatedir=/var \

--libdir=/usr/lib \

--includedir=/usr/include \

--datadir=/usr/share/squid \

--enable-err-languages=English \

--enable-default-err-language=English \

--infodir=/usr/share/info \

--mandir=/usr/share/man \

--disable-dependency-tracking \

--enable-storeio=ufs,aufs,diskd \

--enable-removal-policies=lru,heap \

--enable-icap-client \

--disable-wccp \

--disable-wccpv2 \

--enable-follow-x-forwarded-for \

--enable-x-accelerator-vary \

--enable-zph-qos \

--enable-snmp \

--with-default-user=proxy \

--with-logdir=/var/log/squid \

--with-pidfile=/var/run/squid.pid \

--with-large-files \

--enable-underscores \

--disable-auth \

--enable-async-io \

--with-pthreads \

--disable-ipv6

make && make install

sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.asli

sudo chmod a-w /etc/squid/squid.conf.asli

mkdir /cache

chown -R proxy:proxy /cache

chown -R proxy:proxy /var/log/squid

nano etc/squid/squid.conf

EDIT bagian yang saya HIGHLIGHT KUNING(sesuaikan dengan nama folder dan besaran cache

# Recommended minimum configuration:

# Example rule allowing access from your local networks.

# Adapt to list your (internal) IP networks from where browsing

# should be allowed

acl localnet src 10.0.0.0/8 # RFC1918 possible internal network

acl localnet src fc00::/7 # RFC 4193 local private network range

acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines

acl SSL_ports port 443

acl Safe_ports port 80 # http

acl Safe_ports port 21 # ftp

acl Safe_ports port 443 # https

acl Safe_ports port 70 # gopher

acl Safe_ports port 210 # wais

acl Safe_ports port 1025-65535 # unregistered ports

acl Safe_ports port 280 # http-mgmt

acl Safe_ports port 488 # gss-http

acl Safe_ports port 591 # filemaker

acl Safe_ports port 777 # multiling http

acl CONNECT method CONNECT

# Recommended minimum Access Permission configuration:

# Deny requests to certain unsafe ports

http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports

http_access deny CONNECT !SSL_ports

# Only allow cachemgr access from localhost

http_access allow localhost manager

http_access deny manager

# We strongly recommend the following be uncommented to protect innocent

# web applications running on the proxy server who think the only

# one who can access services on "localhost" is a local user

#http_access deny to_localhost

# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS

# Example rule allowing access from your local networks.

# Adapt localnet in the ACL section to list your (internal) IP networks

# from where browsing should be allowed

http_access allow localnet

http_access allow localhost

# And finally deny all other access to this proxy

http_access deny all

# Squid normally listens to port 3128

http_port 3128

# Uncomment and adjust the following to add a disk cache directory.

cache_dir ufs /cache 3000 16 256

# Leave coredumps in the first cache dir

coredump_dir /cache

# Add any of your own refresh_pattern entries above these.

refresh_pattern ^ftp: 1440 20% 10080

refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern -i (/cgi-bin/|\?) 0 0% 0

refresh_pattern . 0 20% 4320

tekan Ctrl+o lalu ENTER untuk menyimpan perubahan

tekan Ctrl+x untuk keluar dari nano editor

lanjut copy paste command dibawah ini

squid -k parse

squid -z

tekan ENTER saja

squid start

Test Manual Proxy di Browser

Buka salah satu website misalnya detik.com

Tutup dan buka lagi website detik.com, pada Putty ketik command tail -f

/var/log/squid/access.log | ccze

Selesai untuk caching HTTP :-D ….Mudah bukan????? Bukaaaaaaaaaaaaaaaaaaaaaan….wakwow

Lanjut ke HTTPS caching

Untuk caching HTTPS kita butuh feature SSL_BUMP , DynamicSslCert. Feature ini harus diaktifkan saat

configure

--enable-ssl --enable-ssl-crtd

Ayo kita configure ulang

sudo su

Tambahkan dulu paket pendukung

apt-get install libssl-* -y

apt-get install libsasl2-dev –y

cd squid-3*

make clean

./configure --prefix=/usr \

--bindir=/usr/bin \

--sbindir=/usr/sbin \

--libexecdir=/usr/lib/squid \

--sysconfdir=/etc/squid \

--localstatedir=/var \

--libdir=/usr/lib \

--includedir=/usr/include \

--datadir=/usr/share/squid \

--enable-err-languages=English \

--enable-default-err-language=English \

--infodir=/usr/share/info \

--mandir=/usr/share/man \

--disable-dependency-tracking \

--enable-storeio=ufs,aufs,diskd \

--enable-removal-policies=lru,heap \

--enable-icap-client \

--disable-wccp \

--disable-wccpv2 \

--enable-follow-x-forwarded-for \

--enable-x-accelerator-vary \

--enable-zph-qos \

--enable-snmp \

--with-default-user=proxy \

--with-logdir=/var/log/squid \

--with-pidfile=/var/run/squid.pid \

--with-large-files \

--enable-underscores \

--disable-auth \

--enable-async-io \

--with-pthreads \

--disable-ipv6 \

--enable-ssl

--enable-ssl-crtd

make && make install

mkdir -p /etc/squid/ssl_cert

cd /etc/squid/ssl_cert

openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout myCA.pem -out myCA.pem

openssl x509 -in myCA.pem -outform DER -out myCA.der

mkdir -p /var/squid/ssl_db

/usr/lib/squid/ssl_crtd -c -s /var/squid/ssl_db/certs

chown -R proxy:proxy /var/squid/ssl_db/certs

Edit squid.conf

nano /etc/squid/squid.conf

Tambahkan directive

http_port 3127 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB

cert=/etc/squid/ssl_cert/myCA.pem

sslcrtd_program /usr/lib/squid/ssl_crtd -s /var/squid/ssl_db/certs/ -M 4MB

sslcrtd_children 5

sslproxy_cert_error allow all

sslproxy_flags DONT_VERIFY_PEER

ssl_bump server-first all

Simpan dengan menekan tombol Ctrl+o dan Enter

Keluar dengan menekan tombol Ctrl+x

Lanjut

squid -k reconfigure

reboot

squid start

Edit manual proxy browser

Test buka facebook.com

Muncul warning This Connection is Untrusted, browser ga mengenal CA yg ngeluarin certificate palsu

dari SQUID. Maka harus diimport CA certificatenya terlebih dahulu.

Di Firefox Tools > Options > Advanced > Certificates

Close browsernya dan buka lagi facebook.com

msi semua bisa setting squid3 https caching

Documents

trans caching

caching in hibernate

nvidia msi

msi ex465x

geo caching

circuitos msi

speedup your site mit caching

wordpress beine machen - bilder optimierung und caching

part 38 isa server - caching -

squid3 guard 0

msi 20 t/25 t msi 30 t/35 t - marchandise msi-20... ·...

symfony2 caching

manitou manitou manitou manitou msi 20 msi 25 msi 30 … ·...

texture caching implementation for hardware accelerated ·...

jsr 107 caching standard

caching up and down the stack

dynamic-content web caching with cooperative proxy scheme

improving the www: caching or multicast?

makalah msi

caching on the edge with symfony2