Cara Menginstal dan Konfigurasi Lusca sebagai Proxy Server di Ubuntu Server 12.04
server proxy adalah server yang (sistem komputer atau aplikasi) yang bertindak sebagai perantara permintaan dari klien mencari sumber daya dari server lain. Seorang klien terhubung ke server proxy, meminta beberapa layanan, seperti file, koneksi, halaman web, atau sumber daya lain yang tersedia dari server yang berbeda dan server proxy mengevaluasi permintaan sebagai cara untuk menyederhanakan dan mengontrol kompleksitasnya. Proxy diciptakan untuk menambah struktur dan enkapsulasi untuk sistem terdistribusi. Saat ini, kebanyakan proxy adalah proxy web, memfasilitasi akses ke konten di World Wide Web dan menyediakan anonimitas.
Manfaat Proxy Server
Secara umum manfaat proxy server ada dua macam, yaitu sebagai berikut:1. Meningkatkan kinerja jaringan
Dengan kemampuan server proxy untuk menyimpan data permintaan dari aplikasi client, permintaan yang sama dengan permintaan sebelumnya hanya akan diambilkan dari simpanan server proxy. Jika seorang pengguna internet sudah pernah membuka situs yang sama, tidak perlu dihubungkan langsung pada situs sumbernya, tetapi cukup diambilkan dari simpanan server proxy. Dengan cara demikian, koneksi langsung pada server sumbernya dapat dikurangi. Dengan demikian, penggunaan bandwidth internet untuk koneksi langsung menjadi berkurang.2. Filter permintaan
Server proxy juga dapat digunakan sebagai filter terhadap permintaan data dari suatu situs. Dalam hal ini, server proxy menjadi filter terhadap situs yang boleh atau tidak boleh dikunjungi. Selain itu, server proxy juga dapat sebagai filter terhadap aplikasi client yang dapat menggunakan akses terhadap internet. Dalam hal ini server proxy berlaku sebagai filter terhadap gangguan internet.Fungsi Proxy Server
Proxy Server meupakan pihak ketiga yang menjadi perantara antara kedua pihak yang saling berhubungan, dalam hal ini adalah jaringan lokal dan jaringan internet. Secara prinsip pihak pertama dan pihak kedua tidak langsung berhubungan, akan tetapi masing-masing berhubungan degan pihak ketiga yaitu proxy.Tiga fungsi utama proxy server adalah:
1. Connection sharing
Bertindak sebagai gateway yang menjadi batas antara jaringan lokal dan jaringan luar. Gateway juga bertindak sebagai titik dimana sejumlah koneksi dari pengguna lokal akan terhubung kepadanya dan koneksi jaringan luar juga terhubung kepadanya. Dengan demikian koneksi dari jaringan lokal ke internet akan menggunakan sambungan yang dimiliki oleh gateway secara bersama-sama (connecion sharing).2. Filtering
Bekerja pada layar aplikasi sehingga berfungsi sebagai Firewalll paket filtering yang digunakan untuk melindungi jaringan lokal terhadap gangguan atau serangan dari jaringan luar. Dapat dikonfigurasi untuk menolak situs web tertenu pada waktu-waktu tertentu.3. Caching
Proxy Server memiliki mekanisme penyimpanan obyek-obyek yang sudah diminta dari server-server di internet. Mekanisme caching akan menyimpan obyek-obyek yang merupakan permintaan dari para pengguna yang di dapat dari iternet.Keuntungan Proxy Server
Keuntungan proxy server dalam suatu jaringan TCP/IP adalah:- Keamanan jaringan lebih terjaga, karena adanya proxy sebagai pembatas antara jaringan lokal dan jaringan luar (internet)
- Pengaksesan kembali terhadap situs-situs yang telah diakses sebelumnya menjadi lebih cepat, karena pengaksesan tidak perlu ke jaringan luar (internet) melainkan ada pada direktori cache proxy.
- Terdapat fasilitas filtering, baik filtering pengguna, content dan waktu akses.
Kekurangan Proxy Server
Kekurangan proxy server dalam suatu jaringan TCP/IP adalah:- Pengaksesan terhadap situs yang belum pernah dibuka sebelumnya akan menjadi lebih lambat, karena client harus meminta terlebih dahulu ke pada proxy, setelah itu baru proxy yang akan meminta request dari client tersebut ke pada penyedia layanan internet.
- Bila proxy server terlambat melakukan update cache, maka client akan mendapatkan content yang belum update ketika melakukan request content tersebut.
1. Kita install dulu server nya menggunakan OS ubuntu 12.04 server
Tutorialnya install nya bisa baca di sini
Yang beda cuma partisi nya menggunakan manual
karena server akan digunakan sebagai proxy
2. Partisinya menggunakan manual saja.
3. Kemudian partisinya di isi dibawah ini , penting partisi dibawah ini disesuaikan dengan ukuran hardisk pc anda kalau yang menggunakan partisi dibawah ini ukuran hardisk nya - + 240-250 GB.
Type | Size | Location | FileSystem | Mount |
Primary | 30 GB | Beginning | ext4 | / |
Primary | 500 MB | Beginning | ext4 | /boot |
Primary | 8192 MB | Beginning | swap | swap |
Logical | 25 GB | End | btrfs | /cache-1 |
Logical | 25 GB | End | btrfs | /cache-2 |
Logical | 25 GB | End | btrfs | /cache-3 |
Logical | 25 GB | End | btrfs | /cache-4 |
Logical | 25 GB | End | btrfs | /cache-5 |
Logical | 46 GB | End | ext4 | /home |
Logical | 5 GB | End | ext4 | /opt |
Logical | 5 GB | End | ext4 | /srv |
Logical | 5 GB | End | ext4 | /tmp |
Logical | 5 GB | End | ext4 | /usr |
Logical | 5 GB | End | ext4 | /usr/local |
4. Hal hal yang harus dilakukan setelah install ubuntu server 12.04
kita bisa melakukan configurasi dengan cara diremote servernya syaratnya satu jaringan , remote nya menggunakan ssh, caranya:
ssh proxy[hostname computer]@ip server anda masukan sandi server anda
lalu enter anda sudah masuk ke system nya server ,Misal
ssh proxy@192.168.12.38untuk ubuntu 12.04 server kalau login belum masuk root, anda harus masuk root dulu
sudo sumasukan password server
#hostname dan hostname -f nya harus sama
cara ngecek nya
hostnameproxy
hostname -fproxy
# arahkan repository
nano /etc/apt/sources.list
Misalnya saya arah kan repository nya ke kambing :
deb http://kambing.ui.ac.id/ubuntu/ precise main restricted
deb-src http://kambing.ui.ac.id/ubuntu/ precise main restricted
deb http://kambing.ui.ac.id/ubuntu/ precise universe
deb-src http://kambing.ui.ac.id/ubuntu/ precise universe
deb http://kambing.ui.ac.id/ubuntu/ precise multiverse
deb-src http://kambing.ui.ac.id/ubuntu/ precise multiverse
deb http://security.ubuntu.com/ubuntu precise-security main restricted# update dan upgrade
deb-src http://security.ubuntu.com/ubuntu precise-security main restricted
deb http://security.ubuntu.com/ubuntu precise-security universe
deb-src http://security.ubuntu.com/ubuntu precise-security universe
untuk ubuntu server kita login belum masuk root
anda masuk dulu sebagai root
apt-get update && dist-upgrade -ylangkah ini akan memakan waktu lama karena akan mendownload dan memasang paket paket yang dibutuhkan pc anda, waktu nya tergantung dengan kecepatan bandwite anda.
5. kita install paket lusca untuk konfigurasi proxynya
apt-get install lusca squidclient squid-cgi ccze6. Pindah konfigurasi awal lusca
mv /etc/lusca/squid.conf /etc/lusca/squid.conf.original7. Buat configurasi lusca baru
touch /etc/lusca/squid.conf
nano /etc/lusca/squid.conf# Tambah kan baris baris berikut:
#=============================================# Edit perintah yang bercetak tebal diatas sesuai kebutuhan anda
# Port and Transparent
#=============================================
http_port 3128 transparent
server_http11 on
icp_port 0
#=============================================
# Lusca Cache Directory
#=============================================
cache_dir aufs /cache-1/ 25000 15 256
cache_dir aufs /cache-2/ 25000 15 256
cache_dir aufs /cache-3/ 25000 15 256
cache_dir aufs /cache-4/ 25000 15 256
cache_dir aufs /cache-5/ 25000 15 256
cache_replacement_policy heap LFUDA
memory_replacement_policy heap LFUDA
#=============================================
# Lusca Log Options
#=============================================
emulate_httpd_log on
logformat squid %tl %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
log_fqdn off
logfile_rotate 14
debug_options ALL,1
cache_access_log /var/log/lusca/access.log
cache_log /var/log/lusca/cache.log
cache_store_log /var/log/lusca/store.log
#=============================================
# DNS and FTP option
#=============================================
#I used DNSAMSQ service for fast dns resolving
#so install by using "apt-get install dnsmasq" first
dns_nameservers 192.168.4.1 127.0.0.1 221.132.112.8
ftp_user anonymous@
ftp_list_width 32
ftp_passive on
ftp_sanitycheck on
#=============================================
# Access Control List (ACL) Option
#=============================================
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl localnet src 192.168.88.0/24
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 # https, snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow localnet
http_access allow all
http_reply_access allow all
icp_access allow all
#=============================================
# Administrative Parameters
#=============================================
# I used Ubuntu Server so user and group is proxy
cache_effective_user proxy
cache_effective_group proxy
cache_mgr ubuntucontrib@gmail.com
visible_hostname proxy.precise.net
unique_hostname ubuntucontrib@gmail.com
#=============================================
# Accelerator Options
#=============================================
half_closed_clients off
quick_abort_min 0 KB
quick_abort_max 0 KB
vary_ignore_expire on
reload_into_ims on
log_fqdn off
memory_pools off
cache_swap_low 98
cache_swap_high 99
max_filedescriptors 65536
fqdncache_size 16384
retry_on_error on
offline_mode off
pipeline_prefetch on
# If you want to hide your proxy machine from being detected at various site use following
via off
#=============================================
# Options Which Affect The Cache Size
#=============================================
# If you have 4GB memory in Squid box, we will use formula of 1/3
# You can adjust it according to your need. IF squid is taking too much of RAM
# Then decrease it to 128 MB or even less.
cache_mem 8 MB
minimum_object_size 0 bytes
maximum_object_size 100 MB
maximum_object_size_in_memory 128 KB
#=============================================
# SNMP , if you want to generate graphs for -
# SQUID via MRTG
#=============================================
#acl snmppublic snmp_community gl
#snmp_port 3401
#snmp_access allow snmppublic all
#snmp_access allow all
#=============================================
# ZPH Option
#=============================================
tcp_outgoing_tos 0x30 all
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136
#=============================================
# ACL Caching Youtube
#=============================================
acl videocache_allow_url url_regex -i \.youtube\.com\/get_video\?
acl videocache_allow_url url_regex -i \.youtube\.com\/videoplayback \.youtube\.com\/videoplay \.youtube\.com\/get_video\?
acl videocache_allow_url url_regex -i \.youtube\.[a-z][a-z]\/videoplayback \.youtube\.[a-z][a-z]\/videoplay \.youtube\.[a-z][a-z]\/get_video\?
acl videocache_allow_url url_regex -i \.googlevideo\.com\/videoplayback \.googlevideo\.com\/videoplay \.googlevideo\.com\/get_video\?
acl videocache_allow_url url_regex -i \.google\.com\/videoplayback \.google\.com\/videoplay \.google\.com\/get_video\?
acl videocache_allow_url url_regex -i \.google\.[a-z][a-z]\/videoplayback \.google\.[a-z][a-z]\/videoplay \.google\.[a-z][a-z]\/get_video\?
acl videocache_allow_url url_regex -i proxy[a-z0-9\-][a-z0-9][a-z0-9][a-z0-9]?\.dailymotion\.com\/
acl videocache_allow_url url_regex -i vid\.akm\.dailymotion\.com\/
acl videocache_allow_url url_regex -i [a-z0-9][0-9a-z][0-9a-z]?[0-9a-z]?[0-9a-z]?\.xtube\.com\/(.*)flv
acl videocache_allow_url url_regex -i \.vimeo\.com\/(.*)\.(flv|mp4)
acl videocache_allow_url url_regex -i va\.wrzuta\.pl\/wa[0-9][0-9][0-9][0-9]?
acl videocache_allow_url url_regex -i \.youporn\.com\/(.*)\.flv
acl videocache_allow_url url_regex -i \.msn\.com\.edgesuite\.net\/(.*)\.flv
acl videocache_allow_url url_regex -i \.tube8\.com\/(.*)\.(flv|3gp)
acl videocache_allow_url url_regex -i \.mais\.uol\.com\.br\/(.*)\.flv
acl videocache_allow_url url_regex -i \.blip\.tv\/(.*)\.(flv|avi|mov|mp3|m4v|mp4|wmv|rm|ram|m4v)
acl videocache_allow_url url_regex -i \.apniisp\.com\/(.*)\.(flv|avi|mov|mp3|m4v|mp4|wmv|rm|ram|m4v)
acl videocache_allow_url url_regex -i \.break\.com\/(.*)\.(flv|mp4)
acl videocache_allow_url url_regex -i redtube\.com\/(.*)\.flv
acl videocache_allow_dom dstdomain .mccont.com .metacafe.com .cdn.dailymotion.com
acl videocache_deny_dom dstdomain .download.youporn.com .static.blip.tv
acl dontrewrite url_regex redbot\.org \.php
acl getmethod method GET
storeurl_access deny dontrewrite
storeurl_access deny !getmethod
storeurl_access deny videocache_deny_dom
storeurl_access allow videocache_allow_url
storeurl_access allow videocache_allow_dom
storeurl_access deny all
storeurl_rewrite_program /etc/squid/storeurl.pl
storeurl_rewrite_children 7
storeurl_rewrite_concurrency 100
acl store_rewrite_list urlpath_regex -i \/(get_video\?|videodownload\?|videoplayback.*id)
acl store_rewrite_list urlpath_regex -i \.flv$ \.mp3$ \.mp4$ \.swf$ \
storeurl_access allow store_rewrite_list
storeurl_access deny all
#=============================================
# Refresh Pattern Options
#=============================================
refresh_pattern -i \.flv$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.mp3$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.mp4$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.swf$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.gif$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.jpg$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.jpeg$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.exe$ 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
# 1 year = 525600 mins, 1 month = 10080 mins, 1 day = 1440
refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?) 10080 80% 10080 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims
refresh_pattern (get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?) 10080 80% 10080 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims
refresh_pattern \.(ico|video-stats) 10080 80% 10080 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth override-lastmod negative-ttl=10080
refresh_pattern \.etology\? 10080 80% 10080 override-expire ignore-reload ignore-no-cache
refresh_pattern galleries\.video(\?|sz) 10080 80% 10080 override-expire ignore-reload ignore-no-cache
refresh_pattern brazzers\? 10080 80% 10080 override-expire ignore-reload ignore-no-cache
refresh_pattern \.adtology\? 10080 80% 10080 override-expire ignore-reload ignore-no-cache
refresh_pattern ^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 10080 20% 10080 ignore-no-cache ignore-private override-expire ignore-reload ignore-auth negative-ttl=40320 max-stale=10
refresh_pattern ^.*safebrowsing.*google 10080 80% 10080 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth negative-ttl=10080
refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.uk) 10080 80% 10080 override-expire ignore-reload ignore-private negative-ttl=10080
refresh_pattern ytimg\.com.*\.jpg 10080 80% 10080 override-expire ignore-reload
refresh_pattern images\.friendster\.com.*\.(png|gif) 10080 80% 10080 override-expire ignore-reload
refresh_pattern garena\.com 10080 80% 10080 override-expire reload-into-ims
refresh_pattern photobucket.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 10080 80% 10080 override-expire ignore-reload
refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\? 10080 80% 10080 ignore-no-cache override-expire override-lastmod
refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 10080 80% 10080 reload-into-ims override-expire ignore-private
refresh_pattern ^http:\/\/images|pics|thumbs[0-9]\. 10080 80% 10080 reload-into-ims ignore-no-cache ignore-reload override-expire
refresh_pattern ^http:\/\/www.onemanga.com.*\/ 10080 80% 10080 reload-into-ims ignore-no-cache ignore-reload override-expire
refresh_pattern ^http://v\.okezone\.com/get_video\/([a-zA-Z0-9]) 10080 80% 10080 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth override-lastmod negative-ttl=10080
# Images Facebook
refresh_pattern -i \.facebook.com.*\.(jpg|png|gif) 10080 80% 10080 ignore-reload override-expire ignore-no-cache
refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3) 10080 80% 10080 ignore-reload override-expire ignore-no-cache
refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png) 10080 80% 10080 ignore-reload override-expire ignore-no-cache
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png) 10080 80% 10080 ignore-reload override-expire ignore-no-cache
# All File
refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 10080 80% 10080 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern ^ftp: 10080 95% 10080 override-lastmod reload-into-ims
refresh_pattern . 1440 95% 10080 override-lastmod reload-into-ims
#=============================================
dns_nameservers 192.168.4.1 127.0.0.1 221.132.112.8Misalnya diedit seperti dibawah ini :
dns_nameservers 192.168.40.1 127.0.0.1 8.8.8.8Maksud nya : # 192.168.40.1 : gateway mikrotix
# 127.0.0.1 : localhost
#8.8.8.8 : dns google
# Edit localnet alamat ip yang bisa dibaca oleh proxy.
acl localnet src 192.168.40.0/24Maksudnya : # /24 berarti Jumlah Ip nya 254
# syaratnya harus satu subnet dengan dns nameserver tadi.
8. Beri hak akses pada configura squid.conf
chown proxy:proxy /etc/lusca/squid.conf9. Buat konfigurasi storeurl.pl
mkdir /etc/squid/
touch /etc/squid/storeurl.pl
nano /etc/squid/storeurl.pl# Tambah kan baris baris berikut:
#!/usr/bin/perl10 . Ubah hak akses pada storeurl.pl
# ==========================================================================
# $Rev$
# by chudy_fernandez@yahoo.com
# Updates at http://wiki.squid-cache.org/ConfigExamples/DynamicContent/YouTube/Discussion
# ==========================================================================
$|=1;
while (<>) {
@X = split;
# $X[1] =~ s/&sig=.*//;
$x = $X[0] . " ";
$_ = $X[1];
$u = $X[1];
# ==========================================================================
# Speedtest
# ==========================================================================
#if (m/^http:\/\/(.*)\/speedtest\/(.*\.(jpg|txt))\?(.*)/) {
# print $x . "http://www.speedtest.net.SQUIDINTERNAL/speedtest/" . $2 . "\n";
# ==========================================================================
# Mediafire
# ==========================================================================
#} elseif
if (m/^http:\/\/199\.91\.15\d\.\d*\/\w{12}\/(\w*)\/(.*)/) {
print $x . "http://www.mediafire.com.SQUIDINTERNAL/" . $1 ."/" . $2 . "\n";
# ==========================================================================
# Fileserve
# ==========================================================================
} elsif (m/^http:\/\/fs\w*\.fileserve\.com\/file\/(\w*)\/[\w-]*\.\/(.*)/) {
print $x . "http://www.fileserve.com.SQUIDINTERNAL/" . $1 . "./" . $2 . "\n";
# ==========================================================================
# Filesonic
# ==========================================================================
} elsif (m/^http:\/\/s[0-9]*\.filesonic\.com\/download\/([0-9]*)\/(.*)/) {
print $x . "http://www.filesonic.com.SQUIDINTERNAL/" . $1 . "\n";
# ==========================================================================
# 4shared
# ==========================================================================
} elsif (m/^http:\/\/[a-zA-Z]{2}\d*\.4shared\.com(:8080|)\/download\/(.*)\/(.*\..*)\?.*/) {
print $x . "http://www.4shared.com.SQUIDINTERNAL/download/$2\/$3\n";
# ==========================================================================
# 4shared preview
# ==========================================================================
} elsif (m/^http:\/\/[a-zA-Z]{2}\d*\.4shared\.com(:8080|)\/img\/(\d*)\/\w*\/dlink__2Fdownload_2F(\w*)_3Ftsid_3D[\w-]*\/preview\.mp3\?sId=\w*/) {
print $x . "http://www.4shared.com.SQUIDINTERNAL/$2\n";
# ==========================================================================
# Photos-X.ak.fbcdn.net where X a-z
# ==========================================================================
} elsif (m/^http:\/\/photos-[a-z](\.ak\.fbcdn\.net)(\/.*\/)(.*\.jpg)/) {
print $x . "http://photos" . $1 . "/" . $2 . $3 . "\n";
# ==========================================================================
# YX.sphotos.ak.fbcdn.net where X 1-9, Y a-z
# ==========================================================================
} elsif (m/^http:\/\/[a-z][0-9]\.sphotos\.ak\.fbcdn\.net\/(.*)\/(.*)/) {
print $x . "http://photos.ak.fbcdn.net/" . $1 ."/". $2 . "\n";
# ==========================================================================
# maps.google.com
# ==========================================================================
} elsif (m/^http:\/\/(cbk|mt|khm|mlt|tbn)[0-9]?(.google\.co(m|\.uk|\.id).*)/) {
print $x . "http://" . $1 . $2 . "\n";
# ==========================================================================
# Compatibility for old cached get_video?video_id
# ==========================================================================
} elsif (m/^http:\/\/([0-9.]{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com).*?(videoplayback\?id=.*?|video_id=.*?)\&(.*?)/) {
$z = $2; $z =~ s/video_id=/get_video?video_id=/;
print $x . "http://video-srv.youtube.com.SQUIDINTERNAL/" . $z . "\n";
# ==========================================================================
# Youtube fix
# ==========================================================================
} elsif (m/^http:\/\/([0-9.]{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com)\/videoplayback\?(.*)/) {
$p_str = $2;
$tag = "";
$alg = "";
$id = "";
$range = "";
if ($p_str =~ m/(itag=[0-9]*)/){$tag = "&".$1}
if ($p_str =~ m/(algorithm=[a-z]*\-[a-z]*)/){$alg = "&".$1}
if ($p_str =~ m/(id=[a-zA-Z0-9]*)/){$id = "&".$1}
if ($p_str =~ m/(range=[0-9\-]*)/){$range = "&".$1; $range =~ s/-//; $range =~ s/range=//; }
print $x . "http://video-srv.youtube.com.SQUIDINTERNAL/" . $tag . "&" . $alg . "&" . $id . "&" . $range . "\n";
# ==========================================================================
# Google Analytic
# ==========================================================================
} elsif (m/^http:\/\/www\.google-analytics\.com\/__utm\.gif\?.*/) {
print $x . "http://www.google-analytics.com/__utm.gif\n";
# ==========================================================================
# Cache High Latency Ads
# ==========================================================================
} elsif (m/^http:\/\/([a-z0-9.]*)(\.doubleclick\.net|\.quantserve\.com|\.googlesyndication\.com|yieldmanager|cpxinteractive)(.*)/) {
$y = $3;$z = $2;
for ($y) {
s/pixel;.*/pixel/;
s/activity;.*/activity/;
s/(imgad[^&]*).*/\1/;
s/;ord=[?0-9]*//;
s/;×tamp=[0-9]*//;
s/[&?]correlator=[0-9]*//;
s/&cookie=[^&]*//;
s/&ga_hid=[^&]*//;
s/&ga_vid=[^&]*//;
s/&ga_sid=[^&]*//;
# s/&prev_slotnames=[^&]*//
# s/&u_his=[^&]*//;
s/&dt=[^&]*//;
s/&dtd=[^&]*//;
s/&lmt=[^&]*//;
s/(&alternate_ad_url=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
s/(&url=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
s/(&ref=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
s/(&cookie=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
s/[;&?]ord=[?0-9]*//;
s/[;&]mpvid=[^&;]*//;
s/&xpc=[^&]*//;
# yieldmanager
s/\?clickTag=[^&]*//;
s/&u=[^&]*//;
s/&slotname=[^&]*//;
s/&page_slots=[^&]*//;
}
print $x . "http://" . $1 . $2 . $y . "\n";
# ==========================================================================
# Cache high latency ads
# ==========================================================================
} elsif (m/^http:\/\/(.*?)\/(ads)\?(.*?)/) {
print $x . "http://" . $1 . "/" . $2 . "\n";
# ==========================================================================
# spicific servers starts here....
# ==========================================================================
} elsif (m/^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*?)/) {
print $x . "http://" . $1 . "\n";
# ==========================================================================
# cdn, varialble 1st path
# ==========================================================================
} elsif (($u =~ /filehippo/) && (m/^http:\/\/(.*?)\.(.*?)\/(.*?)\/(.*)\.([a-z0-9]{3,4})(\?.*)?/)) {
@y = ($1,$2,$4,$5);
$y[0] =~ s/[a-z0-9]{2,5}/cdn./;
print $x . "http://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";
# ==========================================================================
# Rapidshare
# ==========================================================================
} elsif (($u =~ /rapidshare/) && (m/^http:\/\/(([A-Za-z]+[0-9-.]+)*?)([a-z]*\.[^\/]{3}\/[a-z]*\/[0-9]*)\/(.*?)\/([^\/\?\&]{4,})$/)) {
print $x . "http://cdn." . $3 . "/SQUIDINTERNAL/" . $5 . "\n";
} elsif (($u =~ /maxporn/) && (m/^http:\/\/([^\/]*?)\/(.*?)\/([^\/]*?)(\?.*)?$/)) {
print $x . "http://" . $1 . "/SQUIDINTERNAL/" . $3 . "\n";
# ==========================================================================
# like porn hub variables url and center part of the path, filename etention 3 or 4 with or without ? at the end
# ==========================================================================
} elsif (($u =~ /tube8|pornhub|xvideos/) && (m/^http:\/\/(([A-Za-z]+[0-9-.]+)*?(\.[a-z]*)?)\.([a-z]*[0-9]?\.[^\/]{3}\/[a-z]*)(.*?)((\/[a-z]*)?(\/[^\/]*){4}\.[^\/\?]{3,4})(\?.*)?$/)) {
print $x . "http://cdn." . $4 . $6 . "\n";
#...spicific servers end here.
# ==========================================================================
# Photos-X.ak.fbcdn.net where X a-z
# ==========================================================================
} elsif (m/^http:\/\/photos-[a-z].ak.fbcdn.net\/(.*)/) {
print $x . "http://photos.ak.fbcdn.net/" . $1 . "\n";
# ==========================================================================
# For yimg.com video
# ==========================================================================
} elsif (m/^http:\/\/(.*yimg.com)\/\/(.*)\/([^\/\?\&]*\/[^\/\?\&]*\.[^\/\?\&]{3,4})(\?.*)?$/) {
print $x . "http://cdn.yimg.com//" . $3 . "\n";
# ==========================================================================
# For yimg.com doubled
# ==========================================================================
} elsif (m/^http:\/\/(.*?)\.yimg\.com\/(.*?)\.yimg\.com\/(.*?)\?(.*)/) {
print $x . "http://cdn.yimg.com/" . $3 . "\n";
# ==========================================================================
# For yimg.com with &sig=
# ==========================================================================
} elsif (m/^http:\/\/(.*?)\.yimg\.com\/(.*)/) {
@y = ($1,$2);
$y[0] =~ s/[a-z]+[0-9]+/cdn/;
$y[1] =~ s/&sig=.*//;
print $x . "http://" . $y[0] . ".yimg.com/" . $y[1] . "\n";
# ==========================================================================
# Youjizz. We use only domain and filename
# ==========================================================================
} elsif (($u =~ /media[0-9]{2,5}\.youjizz/) && (m/^http:\/\/(.*)(\.[^\.\-]*?\..*?)\/(.*)\/([^\/\?\&]*)\.([^\/\?\&]{3,4})((\?|\%).*)?$/)) {
@y = ($1,$2,$4,$5);
$y[0] =~ s/(([a-zA-A]+[0-9]+(-[a-zA-Z])?$)|(.*cdn.*)|(.*cache.*))/cdn/;
print $x . "http://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";
# ==========================================================================
# General purpose for cdn servers. add above your specific servers.
# ==========================================================================
} elsif (m/^http:\/\/([0-9.]*?)\/\/(.*?)\.(.*)\?(.*?)/) {
print $x . "http://squid-cdn-url//" . $2 . "." . $3 . "\n";
# ==========================================================================
# Generic http://variable.domain.com/path/filename."ex" "ext" or "exte" with or withour "? or %"
# ==========================================================================
} elsif (m/^http:\/\/(.*)(\.[^\.\-]*?\..*?)\/(.*)\.([^\/\?\&]{2,4})((\?|\%).*)?$/) {
@y = ($1,$2,$3,$4);
$y[0] =~ s/(([a-zA-A]+[0-9]+(-[a-zA-Z])?$)|(.*cdn.*)|(.*cache.*))/cdn/;
print $x . "http://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";
# ==========================================================================
# generic http://variable.domain.com/...
# ==========================================================================
} elsif (m/^http:\/\/(([A-Za-z]+[0-9-]+)*?|.*cdn.*|.*cache.*)\.(.*?)\.(.*?)\/(.*)$/) {
print $x . "http://cdn." . $3 . "." . $4 . "/" . $5 . "\n";
# ==========================================================================
# spicific extention that ends with ?
# ==========================================================================
} elsif (m/^http:\/\/(.*?)\/(.*?)\.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|on2)(.*)/) {
print $x . "http://" . $1 . "/" . $2 . "." . $3 . "\n";
# ==========================================================================
# all that ends with ;
# ==========================================================================
} elsif (m/^http:\/\/(.*?)\/(.*?)\;(.*)/) {
print $x . "http://" . $1 . "/" . $2 . "\n";
} else {
print $x . $_ . "sucks\n";
}
}
#=================================EOF=======================================
chown proxy:proxy /etc/squid/storeurl.pl
chmod +x /etc/squid/storeurl.pl
11. Ubah hak akses pada cache
chown proxy:proxy /cache-{1,2,3,4,5}
chmod 777 /cache-{1,2,3,4,5}12. ikuti perintah dibawah ini:
lusca -d113. Restart lusca nya
/etc/init.d/lusca restart
14. Untuk memonitorix nya atau melihat kinerja client menggunakan perintah dibawah ini :
tail -f /var/log/lusca/access.log | ccze
sumber : ubuntuserverguide
sumber : wikipedia.org
sumber : kajianpustaka.com
Komentar