» »Unlabelled » TUTORIAL Setting Squid Ubuntu + Mikrotik
Sunday, 20 June 2010

08:14
1
Setting Squid Ubuntu + Mikrotik
Menggunakan :- Mikrotik V.3.20- Ubuntu intrepid ibex ( 8.10 )
TUTORIAL Setting Squid Ubuntu + Mikrotik

 IP Modem : 192.168.1.1/24
IP Mikrotik : 3 Interface
- Publick : 192.168.1.2/24
- Local : 192.168.10.1/24
- Proxy : 192.168.5.1/24
IP Proxy : 192.168.5.2/24
Mikrotik :
- Setting IP :
/ip address
add address=192.168.1.2/24 broadcast=192.168.1.255 comment="IP Modem" \
disabled=no interface=Wan network=192.168.1.0
add address=192.168.10.1/24 broadcast=192.168.10.255 comment="IP Client" \
disabled=no interface=Local-Wirelles network=192.168.10.0
add address=192.168.5.1/24 broadcast=192.168.5.255 comment="Squid Box" \
disabled=no interface=Proxy network=192.168.5.0
- Setting NAT :
/ip firewall nat
add action=masquerade chain=srcnat comment="" disabled=no out-interface=Wan
add action=redirect chain=dstnat comment=Squid_Proxy_External disabled=no \
dst-port=80 protocol=tcp src-address=!192.168.5.0/24 to-ports=8080
- Setting Firewall :
/ip firewall filter
add action=accept chain=forward comment=Squid-Port disabled=no protocol=tcp \
src-address=192.168.5.2
add action=accept chain=input comment="" disabled=no protocol=tcp \
src-address=192.168.5.2
( Biar si SQUID tak di kenali oleh MIKROTIK sebagai brutus maupun flooding )
dan yang terakhir kita setting web proxy MIKROTIK Laughing
- Setting Web Proxy :
/ip proxy
set always-from-cache=yes cache-administrator=Globalusaha.com cache-hit-dscp=\
12 cache-on-disk=yes enabled=yes max-cache-size=unlimited \
max-client-connections=950 max-fresh-time=3d max-server-connections=950 \
parent-proxy=192.168.5.2 parent-proxy-port=3128 port=8080 \
serialize-connections=no src-address=0.0.0.0

( Masukan ip proxy SQUID sebagai parent proxy MIKROTIK dan tentukan port si SQUID )

SQUID PROXY CONFIGURATION :
http_port 3128 transparent
icp_port 3130
icp_query_timeout 100
cache_mem 6 MB
cache_swap_low 98
cache_swap_high 99
maximum_object_size 128 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 32 bytes
ipcache_size 2048
ipcache_low 98
ipcache_high 99
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_dir diskd /var/spool/squid/global/globalusaha-1 4000 10 256 Q1=72 Q2=64
cache_dir diskd /var/spool/squid/global/globalusaha-2 4000 10 256 Q1=72 Q2=64
cache_dir diskd /var/spool/squid/global/globalusaha-3 4000 10 256 Q1=72 Q2=64
cache_dir diskd /var/spool/squid/global/globalusaha-4 4000 10 256 Q1=72 Q2=64
store_avg_object_size 13 KB
store_objects_per_bucket 10
request_header_max_size 20 KB
connect_timeout 5 second
peer_connect_timeout 5 seconds
read_timeout 40 second
request_timeout 20 second
half_closed_clients off
shutdown_lifetime 10 second ( Sangat penting sekali untuk relasi sibling proxy )
Untuk Refresh Pattern - nya :
refresh_pattern -i .gif$ 1440 500% 262800
refresh_pattern -i .jpg$ 1440 700% 262800
refresh_pattern -i .htm$ 20 40% 40320
refresh_pattern -i .html$ 20 40% 40320
refresh_pattern /$ 15 25% 20160
refresh_pattern -i .exe$ 2880 1000% 262800
refresh_pattern -i .zip$ 2880 1000% 262800
refresh_pattern -i .mpg$ 2880 1000% 262800
refresh_pattern -i .mov$ 2880 1000% 262800
refresh_pattern -i .pdf$ 2880 1000% 262800
refresh_pattern -i .avi$ 2880 1000% 262800
refresh_pattern -i .swf$ 2880 1000% 262800
refresh_pattern ^ftp: 10080 95% 241920
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
Untuk TOS si SQUID :
tcp_outgoing_tos 0x30 localnet
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136
( zph atau zero penalty hit di atas untuk menentukan paket TCP_HIT yang akan di baypass oleh MIKROTIK )
Posted by at 08:14
Newer Post
Previous
This is the last post.

1 comments:

Subscribe to: Post Comments (Atom)