MY SQUID.CONF

Diskusi tentang Ubuntu Server baik webserver, database server, samba server dan service lainnya serta jaringan menggunakan Sistem Operasi Ubuntu.
Post Reply
User avatar
Mario
Contact:

MY SQUID.CONF

Post 27 May 2010, 12:46

http_port 192.168.0.2:8080 transparent
icp_port 0
hierarchy_stoplist cgi-bin ? *.ac.id
acl QUERY urlpath_regex cgi-bin \? *.ac.id
no_cache deny QUERY
server_http11 on
cache_mem 8 MB
maximum_object_size 10 MB
cache_swap_low 90
cache_swap_high 95
ipcache_size 4096
ipcache_low 98
ipcache_high 99
fqdncache_size 4096
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir aufs /cache1 150000 469 256 <== HDD 250 GB di pake untuk squid 150GB aja
log_fqdn off
log_icp_queries off
buffered_logs on
log_mime_hdrs on
emulate_httpd_log off
cache_access_log none
cache_log none
cache_store_log none
mime_table /usr/share/squid/mime.conf
pid_filename /var/run/squid.pid
coredump_dir /var/spool/squid/
ftp_list_width 32
ftp_passive on
ftp_sanitycheck on

dns_nameservers 203.130.206.250
dns_nameservers 202.134.0.155
dns_nameservers 208.67.222.222
dns_nameservers 208.67.220.220

refresh_pattern -i \.(gif|png|jp?g|ico|bmp|tiff?)$ 10080 95% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(html|htm|css|js)$ 1440 75% 40320
refresh_pattern -i \.index.(html|htm)$ 0 75% 10080
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern -i \.(class|css|js|tif)(\?.*)?$ 1440 95% 100000080 reload-into-ims override-lastmod
refresh_pattern -i \.(jpe|jpg|jpeg|png|bmp|gif)(\?.*)?$ 0 95% 1000000080 reload-into-ims override-lastmod
refresh_pattern -i \.(asp|acgi|pl|shtml|php3|php)(\?.*)?$ 2 20% 432000 reload-into-ims override-lastmod
refresh_pattern -i \.(ini)(\?.*)?$ 2 5% 10800 reload-into-ims override-lastmod
refresh_pattern ^http://*.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.static.ak.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://apps.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://facebook.poker.zynga.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://statics.poker.static.zynga.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://profile.ak.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://static-facebook.farmville.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://static.farmville.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://zbar.static.zynga.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Package(.gz)*)$ 0 20% 2880
refresh_pattern . 0 20% 4320



quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 100%
icp_hit_stale on
reload_into_ims on
pipeline_prefetch on
vary_ignore_expire on


acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl lan src 192.168.1.23-192.168.1.111/24
acl wifi src 192.168.4.100-192.168.4.200/24
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
acl download url_regex -i \.mpg$ \.mpeg$ \.avi$ \.dat$ \.exe$ \.vqf$ \.tar.gz$ \.gz$ \.rpm$
acl download url_regex -i \.zip$ \.bz2$ \.rar$ \.qt$ \.ram$ \.rm$ \.iso$ \.raw$ \.wav$ \.mov$ \.cab$
http_access allow manager localhost
http_access allow localhost
http_access allow manager lan
http_access allow lan
http_access allow manager wifi
http_access allow wifi
http_reply_access allow all
always_direct allow all
icp_access allow all
miss_access allow all
cache deny download
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny manager
http_access deny download
http_access deny all


negative_ttl 2 minutes
client_persistent_connections on
server_persistent_connections on
update_headers on
redirect_rewrites_host_header off
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
extension_methods REPORT MERGE MKACTIVITY CHECKOUT
connect_timeout 1 minute
read_timeout 1 minutes
request_timeout 1 minutes
persistent_request_timeout 2 minutes
half_closed_clients on
ignore_unknown_nameservers on
shutdown_lifetime 10 second
memory_pools off
forwarded_for off
half_closed_clients off
high_page_fault_warning 2
nonhierarchical_direct off
prefer_direct off
cache_mgr mylaponet@ymail.com
cache_effective_user squid
cache_effective_group squid
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136

Saya merasa ada yang salah nih dg squid.conf saya.
sepertinya masih lambat,
P4 478
Real memory 1.47 GB total, 83.26 MB used
SQUID di instal di HDD 10gb
cache di HDD 250GB di gunakan 150 gb aja untuk cache
topologi

============================wifi
=============================|
=============================|
========speedy(bridge)====mikrotik(pppoe)===LAN
=============================|
=============================|
=============================|
==================Squid 9.10 server squid

Tolong denh teman apa yang salah dengen squid saya itu
1 lagi kenapa kalo buka situs
snmptn.ac.id
http://penerimaan.spmb.or.id/
http://www.semanggi51.com/ <== waktu penerimaan jamsosetk itu
saya harus buat rule di NAT untuk bypass situs tersebut agar tidak lewat squid, baru berjalan normal situs nya

Salam Hormat


User avatar
Mario
Contact:

Post 27 May 2010, 12:53

gimana yang cara mengatasi situs yg gak bisa di cache squid


User avatar
sipelaut
Contact:

Post 28 May 2010, 13:38

> cache_dir aufs /cache1 150000 469 256

kalo pengalaman saya. squid saya pernah gak bisa ngecache sama sekali (selalu miss) akhirnya saya coba nambahin lagi tempat cachenya. mending ditambah lagi tempat penyimpanannya
3 atau 4 lagi. dan untuk alokasinya diperkecil saja bisa dibuat 10000 16 256
maaf saya juga lgi belajar nichh. munkin ada yg bisa nambahin lagi.??
CMIIW


User avatar
Rh354
Contact:

Post 28 May 2010, 14:33

cache_dir aufs /cache1 150000 469 256 -----> buset....tipe HDD nya apaan nich SCSI ato IDE

bakalan lambat ni squidnya(ga' responsif)

Hal yang perlu di ingat adalah jangan membuat cache dir lebih dari 20GB per partisi mengingat spindle head HDD demi terjaganya aliran data. (kecuali SCSI HDD bisa dibuat maksimal 100GB per partisi)

AFAIK mending lo buat cache 20Gb dengan 5 HDD daripada lo pake cache besar di satu HDD dengan kapasitas yg besar...


misal lo buat dengan cache 20Gb

berarti cachenya

cache_dir aufs /cache 20000 48 256

klo SCSI mo dibuat 100Gb jg bs

cache_dir aufs /cache 100000 235 256
===================================================
refresh_pattern -i \.(ini)(\?.*)?$ 2 5% 10800 reload-into-ims override-lastmod
refresh_pattern ^http://*.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.static.ak.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://apps.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://facebook.poker.zynga.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://statics.poker.static.zynga.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://profile.ak.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://static-facebook.farmville.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://static.farmville.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://zbar.static.zynga.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth

refresh pattern yg 100% lebih baik dikurangin menjadi 90 ato 95% aja kasian yg maen poker..(klo 100 menyebabkan sitenya ga' update contoh klo buka kompas dsb)

======================

ga' normalnya gimana bro site2 diatas gw buka normal koq..

==========================

di mikrotik udah diatur rulesnya bro

============================

klo diliat speknya udah lebih dari cukup buat squid ngacir,squidnya dedicated khan bro...

trus tipe partisinya seperti apa

apakah ext4 ato reiserfs

==========================

udah coba optimalkan kernelnya


contoh settingan warnet temen gw

# HIGH PERFORMANCE SQUID 2.7
# ApisTECH IT Development
# Config date : 19 Februari 2010
###########################################

# ACCESS CONTROLS
#----------------

acl QUERY urlpath_regex -i cgi-bin \? \.php$ \.asp$ \.shtml$ \.cfm$ \.cfml$ \.phtml$ \.php3$ localhost
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl SSL_ports port 443 563 81
acl Safe_ports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535
acl CONNECT method CONNECT
acl purge method PURGE
acl ApisTECH src 192.168.2.0/27

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow ApisTECH
http_access allow localnet
http_access deny all

# NETWORK OPTIONS
#----------------

http_port 3128 transparent
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136

icp_port 0
htcp_port 0
icp_access deny all
htcp_access deny all

snmp_port 0
snmp_access deny all

# OPTIONS WHICH AFFECT THE CACHE SIZE
#------------------------------------

cache_mem 8 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir aufs /cache1 7500 16 256
cache_dir aufs /cache2 7500 16 256
cache_dir aufs /cache3 7500 16 256
store_dir_select_algorithm least-load
maximum_object_size 128000 KB
cache_swap_low 90
cache_swap_high 95
update_headers off

# LOGFILE PATHNAMES AND CACHE DIRECTORIES
#----------------------------------------

access_log none
cache_log /dev/null
cache_store_log none
logfile_rotate 5
log_ip_on_direct off
log_icp_queries off
buffered_logs off
netdb_filename none
pid_filename /var/run/squid.pid

# OPTIONS FOR TUNING THE CACHE
#-----------------------------

cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i \.(gif|png|jp?g|ico|bmp|tiff?)$ 10080 95% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(rpm|cab|deb|exe|msi|msu|zip|tar|gz|tgz|rar|bin|7z|doc?|xls?|ppt?|pdf|nth|psd|sis)$ 10080 90% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(avi|iso|wav|mid|mp?|mpeg|mov|3gp|wm?|swf|flv|x-flv|axd)$ 43200 95% 432000 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(html|htm|css|js)$ 1440 75% 40320
refresh_pattern -i \.index.(html|htm)$ 0 75% 10080
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 1440 90% 10080

quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 98
store_avg_object_size 13 KB

# HTTP OPTIONS
#-------------

server_http11 on
collapsed_forwarding on
vary_ignore_expire on
header_access From deny all
header_access Server deny all
header_access Link deny all
header_access Via deny all
header_access X-Forwarded-For deny all

# TIMEOUTS
#---------

forward_timeout 240 seconds
connect_timeout 30 second
peer_connect_timeout 5 seconds
read_timeout 600 second
request_timeout 60 second
persistent_request_timeout 60 seconds
client_lifetime 86400 second
half_closed_clients off
pconn_timeout 60 second
shutdown_lifetime 10 second

# ADMINISTRATIVE PARAMETERS
#--------------------------

cache_mgr ApisTECH
cache_effective_user squid
cache_effective_group squid
httpd_suppress_version_string on
visible_hostname ApisTECH

# DELAY POOL PARAMETERS
#----------------------

# ADVANCED NETWORKING OPTIONS
#---------------------------

max_filedescriptors 4096

# DNS OPTIONS
#-----------

check_hostnames off
dns_timeout 10 seconds
dns_nameservers 125.160.4.82 203.130.196.155 203.130.196.5 222.124.204.34 202.134.0.61 8.8.4.4 8.8.8.8
hosts_file /etc/hosts
ipcache_size 8192
ipcache_low 90
ipcache_high 95
fqdncache_size 4096

# MISCELLANEOUS
#--------------

memory_pools off
forwarded_for off
reload_into_ims on
coredump_dir /cache1
pipeline_prefetch on
offline_mode off
# -=EoF=-

Code: Select all

http://apistech.wordpress.com/2010/03/28/tuning-high-performance-squid-cache/
klo mo ngeblock ato batesin download tinggal pake delaypools parameter :D


User avatar
zitux
Contact:

Post 28 May 2010, 19:47

Rh354 wrote:
AFAIK mending lo buat cache 20Gb dengan 5 HDD daripada lo pake cache besar di satu HDD dengan kapasitas yg besar...


misal lo buat dengan cache 20Gb

berarti cachenya

cache_dir aufs /cache 20000 48 256

klo SCSI mo dibuat 100Gb jg bs

cache_dir aufs /cache 100000 235 256
klo misal pake 2 hardisk ? gimana bro ?
1hardisk untuk linux nya ( OS)
1hardisk untuk cache nya ?
misal hardisk untuk chace dikasih 160GB dari jawaban diatas kan mending dibuat bnayk partisi dari pada 1 partisi besar

klo misal dari 160GB tak buat cache 8GB an jadi = ada 20 partisi untuk chace

di chown -R proxy.proxy /letak_partisi = sebanyak 20kali ???

trus waktu jalanin squid -z cuma 1x <---- bener ndak ?

trus cara kerja squid nya gimana ?
maksutnya squid itu milih nya partisi yg mana dulu
misal sad1 sda1 sda3 sda4
sda1 dulu dikerjain sampe penuh setelah penuh dia beralih ke sda2 dst ??

atau squid milih cache nya bersamaan dibagi rata sda1,sda2,sda3dst secara bersamaan jadi penuh nya bareng2 :confused:


1 lagi bro
1 gb cache membutuhkan 10 mb ram.
berarti klo pake 160GB bearti membutuhkan 16GB ram/memory :grin:
terima kash


User avatar
deny26

Post 28 May 2010, 20:23

kalau 1 GB butuh 10 MB
berarti 160 GB butuh 160x10 = 1600 = 1,6 GB


User avatar
Rh354
Contact:

Post 29 May 2010, 00:27

zitux wrote:
Rh354 wrote:
AFAIK mending lo buat cache 20Gb dengan 5 HDD daripada lo pake cache besar di satu HDD dengan kapasitas yg besar...


misal lo buat dengan cache 20Gb

berarti cachenya

cache_dir aufs /cache 20000 48 256

klo SCSI mo dibuat 100Gb jg bs

cache_dir aufs /cache 100000 235 256
klo misal pake 2 hardisk ? gimana bro ?
1hardisk untuk linux nya ( OS)
1hardisk untuk cache nya ?
misal hardisk untuk chace dikasih 160GB dari jawaban diatas kan mending dibuat bnayk partisi dari pada 1 partisi besar

klo misal dari 160GB tak buat cache 8GB an jadi = ada 20 partisi untuk chace

di chown -R proxy.proxy /letak_partisi = sebanyak 20kali ???

trus waktu jalanin squid -z cuma 1x <---- bener ndak ?

trus cara kerja squid nya gimana ?
maksutnya squid itu milih nya partisi yg mana dulu
misal sad1 sda1 sda3 sda4
sda1 dulu dikerjain sampe penuh setelah penuh dia beralih ke sda2 dst ??

atau squid milih cache nya bersamaan dibagi rata sda1,sda2,sda3dst secara bersamaan jadi penuh nya bareng2 :confused:


1 lagi bro
1 gb cache membutuhkan 10 mb ram.
berarti klo pake 160GB bearti membutuhkan 16GB ram/memory :grin:
terima kash
klo mo bagus bro lebih baik partisi system root dibedakan HDDnya dengan partisi cache

tp klo ga' pake dua HDD gpp asal beda partisi..yg penting partisi cache jgn disatuin ama partisi root..

1gb cache membutuhkan 10 mb ram. Jadi silahkan dikira2 berapa cache yg layak ditambah berapa ram yg digunakan utk servis lainya (kernel sytem,driver,servis dll)

Jika hnya 1 disk. Gunakan 1 sj partisi cache. Jika lebih dr satu, squid jd kurang responsif. Partis cache sbaiknya stelah partisi system /, dan satu lg perhitungan L1 & L2 hrs seimbang dgn nilai L2=256 & rata2 object cache 13 kb.

rumusnya menghitung cache_dir :

http://rhesa.itvps.org/node/88


User avatar
Mario
Contact:

Post 29 May 2010, 01:31

Terimakasih untuk semua info nya bro, sebenarnya aku ttg ubuntu squid ini aku kayak nya kurang banyak teman cuma bermodal google aja. Teman2 pada sukses semua jadi dihubungi sibuk kantor katanya dan metting lah :D. No have friend for linux.
Jadi teman aku skr kalian2 ini ama google lah, thanks untuk forum ini.

Kalo masalah instalasi, ubuntu aku install di HDD jadul 10GB dan cache aku buat di HDD 250GB aku pake 150GB aja untuk cache dan hanya HDD 250GB itu aku buat reiserfs kalo HDD 10 GB untuk instalasi ubuntu 9.10 server itu gak reiserfs karena mesti apt-get reiserfs dolo baru ada program reiserfs nya.
memory 512*3

kalo menurutku ini cara terbaik kalo bisa install ubuntu nya di hdd 4GB tapi masih layak pake, baru cache nya di hdd yg agak besar, mungkin ada versi lain, monggo :D

Saya akan coba rubah refresh_pattern seperti saran di atas dan besok lihat hasil perubahan nya :D
Untuk hari ini ini saya kasih info kerja squid saya

warnet sudah tutup 2 jam lalu tinggal wifi 3 org yg OL.

Cache information for squid:
Request Hit Ratios: 5min: 9.2%, 60min: 19.1%
Byte Hit Ratios: 5min: -0.9%, 60min: 4.8%
Request Memory Hit Ratios: 5min: 11.9%, 60min: 9.5%
Request Disk Hit Ratios: 5min: 46.3%, 60min: 46.1%
Storage Swap size: 2575292 KB
Storage Mem size: 8084 KB
Mean Object Size: 10.90 KB

Kalo menurut saya sih dah lumayan nih squid loading poker gak sampe 1 menit kondisi full atau tidak.
Tapi apakah ini sudah maksimal atau ada yg kurang atau lebih sehingga squid nya bisa di maksimal lagi, tapi feeling saya ini blom maksimal, sama seperti jatuh cinta ama cewek dulu suka tapi sepertinya ada yg kurang srek tapi suka.

optimalkan kernelnya <-- blom pernah coba sih tapi ada niat kesana, apa2 aja bro untuk optimalkan kernelnya.
Penulisan ACL itu sudah benar apa gak bro.
Katanya penulisan squid.con itu berurutan dari atas ke bawah.
Urutan yg benar gimana bro, seperti contoh di atas dari warnet teman itu ?


User avatar
Rh354
Contact:

Post 29 May 2010, 02:31

Mario wrote:Terimakasih untuk semua info nya bro, sebenarnya aku ttg ubuntu squid ini aku kayak nya kurang banyak teman cuma bermodal google aja. Teman2 pada sukses semua jadi dihubungi sibuk kantor katanya dan metting lah :D. No have friend for linux.
Jadi teman aku skr kalian2 ini ama google lah, thanks untuk forum ini.

Kalo masalah instalasi, ubuntu aku install di HDD jadul 10GB dan cache aku buat di HDD 250GB aku pake 150GB aja untuk cache dan hanya HDD 250GB itu aku buat reiserfs kalo HDD 10 GB untuk instalasi ubuntu 9.10 server itu gak reiserfs karena mesti apt-get reiserfs dolo baru ada program reiserfs nya.
memory 512*3

kalo menurutku ini cara terbaik kalo bisa install ubuntu nya di hdd 4GB tapi masih layak pake, baru cache nya di hdd yg agak besar, mungkin ada versi lain, monggo :D

Saya akan coba rubah refresh_pattern seperti saran di atas dan besok lihat hasil perubahan nya :D
Untuk hari ini ini saya kasih info kerja squid saya

warnet sudah tutup 2 jam lalu tinggal wifi 3 org yg OL.

Cache information for squid:
Request Hit Ratios: 5min: 9.2%, 60min: 19.1%
Byte Hit Ratios: 5min: -0.9%, 60min: 4.8%
Request Memory Hit Ratios: 5min: 11.9%, 60min: 9.5%
Request Disk Hit Ratios: 5min: 46.3%, 60min: 46.1%
Storage Swap size: 2575292 KB
Storage Mem size: 8084 KB
Mean Object Size: 10.90 KB

Kalo menurut saya sih dah lumayan nih squid loading poker gak sampe 1 menit kondisi full atau tidak.
Tapi apakah ini sudah maksimal atau ada yg kurang atau lebih sehingga squid nya bisa di maksimal lagi, tapi feeling saya ini blom maksimal, sama seperti jatuh cinta ama cewek dulu suka tapi sepertinya ada yg kurang srek tapi suka.

optimalkan kernelnya <-- blom pernah coba sih tapi ada niat kesana, apa2 aja bro untuk optimalkan kernelnya.
Penulisan ACL itu sudah benar apa gak bro.
Katanya penulisan squid.con itu berurutan dari atas ke bawah.
Urutan yg benar gimana bro, seperti contoh di atas dari warnet teman itu ?
settingan temen gw dah pas koq :D trus maenin di fstabnya jg :D nntinya

trus masalah kernel server silahkan kemari

http://rhesa.itvps.org/node/86

cek mgr:info nya bro pastekan kemari

sebenernya klo mau sangar silahkan dicoba konfig temen gw pasti sangar hitnya :D

gw make soalnya :D

masalah reiserfs ato ext4

reiserfs bagus utk file2 kecil, namun ext4 juga lumayan bagus utk file kecil dan lebih stabil drpd reiserfs utk file2 diatas 1 mb

klo gw sich ext4

klo reiserfs di fstabnya dikasih settingan dgn option noatime, notail

klo fstab laen lagi settingannya :D

ada yg ketinggalan untuk acl itu urutannya dari atas ke bawah...


User avatar
Rh354
Contact:

Post 29 May 2010, 02:37

ini squidclient punya gw yg personal use n baru aja gw restart

HTTP/1.0 200 OK
Server: squid
Mime-Version: 1.0
Date: Fri, 28 May 2010 19:37:39 GMT
Content-Type: text/plain
Expires: Fri, 28 May 2010 19:37:39 GMT
Last-Modified: Fri, 28 May 2010 19:37:39 GMT
X-Cache: MISS from Rh354
X-Cache-Lookup: MISS from Rh354:3128
Via: 1.0 Rh354 (squid)
Proxy-Connection: close

Squid Object Cache: Version 3.1.3
Start Time: Fri, 28 May 2010 19:10:54 GMT
Current Time: Fri, 28 May 2010 19:37:39 GMT
Connection information for squid:
Number of clients accessing cache: 0
Number of HTTP requests received: 851
Number of ICP messages received: 0
Number of ICP messages sent: 0
Number of queued ICP replies: 0
Number of HTCP messages received: 0
Number of HTCP messages sent: 0
Request failure ratio: 0.00
Average HTTP requests per minute since start: 31.8
Average ICP messages per minute since start: 0.0
Select loop called: 63174 times, 25.410 ms avg
Cache information for squid:
Hits as % of all requests: 5min: 46.3%, 60min: 64.5%
Hits as % of bytes sent: 5min: 82.3%, 60min: 63.7%
Memory hits as % of hit requests: 5min: 0.0%, 60min: 0.0%
Disk hits as % of hit requests: 5min: 42.1%, 60min: 92.3%
Storage Swap size: 172800 KB
Storage Swap capacity: 4.2% used, 95.8% free
Storage Mem size: 448 KB
Storage Mem capacity: 5.5% used, 94.5% free
Mean Object Size: 12.52 KB
Requests given to unlinkd: 0
Median Service Times (seconds) 5 min 60 min:
HTTP Requests (All): 0.09736 0.01955
Cache Misses: 0.22004 0.24524
Cache Hits: 0.01745 0.00179
Near Hits: 0.00000 0.00000
Not-Modified Replies: 0.00000 0.00000
DNS Lookups: 0.00000 0.03079
ICP Queries: 0.00000 0.00000
Resource usage for squid:
UP Time: 1605.227 seconds
CPU Time: 1.296 seconds
CPU Usage: 0.08%
CPU Usage, 5 minute avg: 0.05%
CPU Usage, 60 minute avg: 0.08%
Process Data Segment Size via sbrk(): 3840 KB
Maximum Resident Size: 43072 KB
Page faults with physical i/o: 1
Memory usage for squid via mallinfo():
Total space in arena: 4108 KB
Ordinary blocks: 4034 KB 62 blks
Small blocks: 0 KB 0 blks
Holding blocks: 3444 KB 17 blks
Free Small blocks: 0 KB
Free Ordinary blocks: 73 KB
Total in use: 7478 KB 99%
Total free: 73 KB 1%
Total size: 7552 KB
Memory accounted for:
Total accounted: 4276 KB 57%
memPool accounted: 4276 KB 57%
memPool unaccounted: 3275 KB 43%
memPoolAlloc calls: 262128
memPoolFree calls: 232483
File descriptor usage for squid:
Maximum number of file descriptors: 1024
Largest file desc currently in use: 32
Number of file desc currently in use: 14
Files queued for open: 0
Available number of file descriptors: 1010
Reserved number of file descriptors: 100
Store Disk files open: 2
Internal Data Structures:
13828 StoreEntries
51 StoreEntries with MemObjects
50 Hot Object Cache Items
13800 on-disk objects


User avatar
suryayusra
Contact:

Post 29 May 2010, 07:53

aduhhhhh banyak amir isi squid.conf nya :)
yg simple ada kan


User avatar
Rh354
Contact:

Post 29 May 2010, 10:54

suryayusra wrote:aduhhhhh banyak amir isi squid.conf nya :)
yg simple ada kan
keknya squid.conf gw masih isi simpel deh..klo mo yg super ribet gw ada koq :D


User avatar
suryayusra
Contact:

Post 29 May 2010, 11:38

wahhhh duh jgn yg panjang maz
ada gak yg hanya 5 atau 10 baris :)


User avatar
Rh354
Contact:

Post 29 May 2010, 12:48

wayah...5 sampe 10 baris y ga' ada lah bro klo mo dapat maks y mesti trial n eror n berdasarkan hasil trial n error gw yg paling sederhana tapi ngegas y yg itu confignya :D diuji diwarnet jg pakem :D

punya gw sama kek punya temen gw yg squid 2 nya :D
###########################################
# HIGH PERFORMANCE SQUID 2.7
# Config date : 21 April 2010
###########################################

# ACCESS CONTROLS
# ---------------

acl QUERY urlpath_regex -i cgi-bin \? \.php$ \.asp$ \.shtml$ \.cfm$ \.cfml$ \.phtml$ \.php3$ localhost
acl localnet src 10.0.0.0/8
acl localnet src 172.16.0.0/12
acl localnet src 192.168.0.0/16
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/32
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535
acl sslports port 443 563 81
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl malware url_regex -i "/etc/squid/malware_block"

http_access deny malware
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports
http_access allow localhost
http_access allow localnet
http_access deny all

# NETWORK OPTIONS
# ---------------
http_port 3128 transparent
#htcp_port 4827
icp_access deny all

# OPTIONS WHICH AFFECT THE CACHE SIZE
# -----------------------------------

cache_mem 8 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir aufs /cache 4000 10 256
maximum_object_size 128000 KB
cache_swap_low 90
cache_swap_high 95
update_headers off

# LOGFILE PATHNAMES AND CACHE DIRECTORIES
# ---------------------------------------

#access_log /cache/access.log
access_log none
cache_log /cache/cache.log
#cache_log none
cache_store_log none
logfile_rotate 5
log_ip_on_direct off
log_icp_queries off
buffered_logs off
netdb_filename none
client_db off
#pid_filename /var/run/squid.pid

# OPTIONS FOR TUNING THE CACHE
# ----------------------------

cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i \.(gif|png|jp?g|ico|bmp|tiff?)$ 10080 95% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(rpm|cab|deb|exe|msi|msu|zip|tar|gz|tgz|rar|bin|7z|doc?|xls?|ppt?|pdf|nth|psd|sis)$ 10080 90% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(avi|iso|wav|mid|mp?|mpeg|mov|3gp|wm?|swf|flv|x-flv|axd)$ 43200 95% 432000 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(html|htm|css|js)$ 1440 75% 40320
refresh_pattern -i \.index.(html|htm)$ 0 75% 10080
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 1440 90% 10080

quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 98
store_avg_object_size 13 KB

# HTTP OPTIONS
# ------------

server_http11 on
collapsed_forwarding on
vary_ignore_expire on
header_access From deny all
header_access Server deny all
header_access Link deny all
header_access Via deny all
header_access X-Forwarded-For deny all

# TIMEOUTS
# --------

forward_timeout 240 second
connect_timeout 30 second
peer_connect_timeout 5 second
read_timeout 600 second
request_timeout 60 second
persistent_request_timeout 60 second
client_lifetime 86400 second
half_closed_clients off
pconn_timeout 60 second
shutdown_lifetime 10 second

# ADMINISTRATIVE PARAMETERS
# -------------------------

cache_mgr Rh354
cache_effective_user proxy
cache_effective_group proxy
httpd_suppress_version_string on
visible_hostname Rh354

# ADVANCED NETWORKING OPTIONS
# --------------------------

max_filedescriptors 1024 #klo di warnet dibuat aja 8192

# DNS OPTIONS
# -----------

check_hostnames off
dns_timeout 10 seconds
#DNS NAWALA
#dns_nameservers 180.131.144.144
#dns_nameservers 180.131.144.145
hosts_file /etc/hosts
ipcache_size 8192
ipcache_low 90
ipcache_high 95

# MISCELLANEOUS
# -------------

memory_pools off
forwarded_for on
reload_into_ims on
coredump_dir /cache
pipeline_prefetch on
offline_mode off

#### END CONFIGURATION ####


User avatar
sipelaut
Contact:

Post 29 May 2010, 18:52

Rh354 wrote:wayah...5 sampe 10 baris y ga' ada lah bro klo mo dapat maks y mesti trial n eror n berdasarkan hasil trial n error gw yg paling sederhana tapi ngegas y yg itu confignya :D diuji diwarnet jg pakem :D

punya gw sama kek punya temen gw yg squid 2 nya :D
###########################################
# HIGH PERFORMANCE SQUID 2.7
# Config date : 21 April 2010
###########################################

# ACCESS CONTROLS
# ---------------

acl QUERY urlpath_regex -i cgi-bin \? \.php$ \.asp$ \.shtml$ \.cfm$ \.cfml$ \.phtml$ \.php3$ localhost
acl localnet src 10.0.0.0/8
acl localnet src 172.16.0.0/12
acl localnet src 192.168.0.0/16
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/32
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535
acl sslports port 443 563 81
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl malware url_regex -i "/etc/squid/malware_block"

http_access deny malware
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports
http_access allow localhost
http_access allow localnet
http_access deny all

# NETWORK OPTIONS
# ---------------
http_port 3128 transparent
#htcp_port 4827
icp_access deny all

# OPTIONS WHICH AFFECT THE CACHE SIZE
# -----------------------------------

cache_mem 8 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir aufs /cache 4000 10 256
maximum_object_size 128000 KB
cache_swap_low 90
cache_swap_high 95
update_headers off

# LOGFILE PATHNAMES AND CACHE DIRECTORIES
# ---------------------------------------

#access_log /cache/access.log
access_log none
cache_log /cache/cache.log
#cache_log none
cache_store_log none
logfile_rotate 5
log_ip_on_direct off
log_icp_queries off
buffered_logs off
netdb_filename none
client_db off
#pid_filename /var/run/squid.pid

# OPTIONS FOR TUNING THE CACHE
# ----------------------------

cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i \.(gif|png|jp?g|ico|bmp|tiff?)$ 10080 95% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(rpm|cab|deb|exe|msi|msu|zip|tar|gz|tgz|rar|bin|7z|doc?|xls?|ppt?|pdf|nth|psd|sis)$ 10080 90% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(avi|iso|wav|mid|mp?|mpeg|mov|3gp|wm?|swf|flv|x-flv|axd)$ 43200 95% 432000 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(html|htm|css|js)$ 1440 75% 40320
refresh_pattern -i \.index.(html|htm)$ 0 75% 10080
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 1440 90% 10080

quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 98
store_avg_object_size 13 KB

# HTTP OPTIONS
# ------------

server_http11 on
collapsed_forwarding on
vary_ignore_expire on
header_access From deny all
header_access Server deny all
header_access Link deny all
header_access Via deny all
header_access X-Forwarded-For deny all

# TIMEOUTS
# --------

forward_timeout 240 second
connect_timeout 30 second
peer_connect_timeout 5 second
read_timeout 600 second
request_timeout 60 second
persistent_request_timeout 60 second
client_lifetime 86400 second
half_closed_clients off
pconn_timeout 60 second
shutdown_lifetime 10 second

# ADMINISTRATIVE PARAMETERS
# -------------------------

cache_mgr Rh354
cache_effective_user proxy
cache_effective_group proxy
httpd_suppress_version_string on
visible_hostname Rh354

# ADVANCED NETWORKING OPTIONS
# --------------------------

max_filedescriptors 1024 #klo di warnet dibuat aja 8192

# DNS OPTIONS
# -----------

check_hostnames off
dns_timeout 10 seconds
#DNS NAWALA
#dns_nameservers 180.131.144.144
#dns_nameservers 180.131.144.145
hosts_file /etc/hosts
ipcache_size 8192
ipcache_low 90
ipcache_high 95

# MISCELLANEOUS
# -------------

memory_pools off
forwarded_for on
reload_into_ims on
coredump_dir /cache
pipeline_prefetch on
offline_mode off

#### END CONFIGURATION ####
ijin copas broo mo dimasukin squid kantor heee


User avatar
Rh354
Contact:

Post 30 May 2010, 00:25

sipelaut wrote:
Rh354 wrote:wayah...5 sampe 10 baris y ga' ada lah bro klo mo dapat maks y mesti trial n eror n berdasarkan hasil trial n error gw yg paling sederhana tapi ngegas y yg itu confignya :D diuji diwarnet jg pakem :D

punya gw sama kek punya temen gw yg squid 2 nya :D
###########################################
# HIGH PERFORMANCE SQUID 2.7
# Config date : 21 April 2010
###########################################

# ACCESS CONTROLS
# ---------------

acl QUERY urlpath_regex -i cgi-bin \? \.php$ \.asp$ \.shtml$ \.cfm$ \.cfml$ \.phtml$ \.php3$ localhost
acl localnet src 10.0.0.0/8
acl localnet src 172.16.0.0/12
acl localnet src 192.168.0.0/16
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/32
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535
acl sslports port 443 563 81
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl malware url_regex -i "/etc/squid/malware_block"

http_access deny malware
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports
http_access allow localhost
http_access allow localnet
http_access deny all

# NETWORK OPTIONS
# ---------------
http_port 3128 transparent
#htcp_port 4827
icp_access deny all

# OPTIONS WHICH AFFECT THE CACHE SIZE
# -----------------------------------

cache_mem 8 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir aufs /cache 4000 10 256
maximum_object_size 128000 KB
cache_swap_low 90
cache_swap_high 95
update_headers off

# LOGFILE PATHNAMES AND CACHE DIRECTORIES
# ---------------------------------------

#access_log /cache/access.log
access_log none
cache_log /cache/cache.log
#cache_log none
cache_store_log none
logfile_rotate 5
log_ip_on_direct off
log_icp_queries off
buffered_logs off
netdb_filename none
client_db off
#pid_filename /var/run/squid.pid

# OPTIONS FOR TUNING THE CACHE
# ----------------------------

cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i \.(gif|png|jp?g|ico|bmp|tiff?)$ 10080 95% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(rpm|cab|deb|exe|msi|msu|zip|tar|gz|tgz|rar|bin|7z|doc?|xls?|ppt?|pdf|nth|psd|sis)$ 10080 90% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(avi|iso|wav|mid|mp?|mpeg|mov|3gp|wm?|swf|flv|x-flv|axd)$ 43200 95% 432000 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(html|htm|css|js)$ 1440 75% 40320
refresh_pattern -i \.index.(html|htm)$ 0 75% 10080
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 1440 90% 10080

quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 98
store_avg_object_size 13 KB

# HTTP OPTIONS
# ------------

server_http11 on
collapsed_forwarding on
vary_ignore_expire on
header_access From deny all
header_access Server deny all
header_access Link deny all
header_access Via deny all
header_access X-Forwarded-For deny all

# TIMEOUTS
# --------

forward_timeout 240 second
connect_timeout 30 second
peer_connect_timeout 5 second
read_timeout 600 second
request_timeout 60 second
persistent_request_timeout 60 second
client_lifetime 86400 second
half_closed_clients off
pconn_timeout 60 second
shutdown_lifetime 10 second

# ADMINISTRATIVE PARAMETERS
# -------------------------

cache_mgr Rh354
cache_effective_user proxy
cache_effective_group proxy
httpd_suppress_version_string on
visible_hostname Rh354

# ADVANCED NETWORKING OPTIONS
# --------------------------

max_filedescriptors 1024 #klo di warnet dibuat aja 8192

# DNS OPTIONS
# -----------

check_hostnames off
dns_timeout 10 seconds
#DNS NAWALA
#dns_nameservers 180.131.144.144
#dns_nameservers 180.131.144.145
hosts_file /etc/hosts
ipcache_size 8192
ipcache_low 90
ipcache_high 95

# MISCELLANEOUS
# -------------

memory_pools off
forwarded_for on
reload_into_ims on
coredump_dir /cache
pipeline_prefetch on
offline_mode off

#### END CONFIGURATION ####
ijin copas broo mo dimasukin squid kantor heee
silahkan bro...


User avatar
sipelaut
Contact:

Post 30 May 2010, 12:00

> cache_dir aufs /cache 4000 10 256
setelah saya liat-liat lagi kok aku makin bingung yaa :(

maksudnya "cache_dir aufs /cache" ini adalah letak penyimpanan squid kan ??

trus "/cache" ini masuk dipartisi mana??

klo punyaku aku letakkan di "/var" dengan partisi tersendiri. dan aku letakkan di "cache_dir aufs /var/spool/squid"

tolong penjelasannya dong???

squid diletakkan di "/cache" atau di "/var/spool/squid"

trus "/cache" ini letaknya ada dimana??


mudah2an gak pada bingung dengan pertanyaaku.. soalnya muter2 :) :)


User avatar
thrvers
Contact:

Post 30 May 2010, 13:29

'
/cache tergantung qt bro itu cuma mountpoint (klo partisi sendiri)
default memang pada "/var/spool/squid"

karena untuk masalah stablitas cache squid diletakkan pada partisi sendiri bro.

NB: py q buat squid-cache q buat partisi tersendiri 1GB dan itu q mount pada /cache (artinya q buat folder /cache, trus masukin fstab-nya dg mountpoint /cache)

cmiiw -mudah2an gak binun pd jawaban q-


User avatar
Rh354
Contact:

Post 30 May 2010, 16:14

sipelaut wrote:> cache_dir aufs /cache 4000 10 256
setelah saya liat-liat lagi kok aku makin bingung yaa :(

maksudnya "cache_dir aufs /cache" ini adalah letak penyimpanan squid kan ??

trus "/cache" ini masuk dipartisi mana??

klo punyaku aku letakkan di "/var" dengan partisi tersendiri. dan aku letakkan di "cache_dir aufs /var/spool/squid"

tolong penjelasannya dong???

squid diletakkan di "/cache" atau di "/var/spool/squid"

trus "/cache" ini letaknya ada dimana??


mudah2an gak pada bingung dengan pertanyaaku.. soalnya muter2 :) :)
gw perjelas dikit bro

jadi gini, pada saat install ubuntu gw buat 5 partisi

/ ---------> 14Gb
/home -----> 17Gb
/var ------> 2Gb
/cache ----> 6Gb
/swap -----> 1Gb


makanya muncul partisi cache

alasannya cache ga' jadi satu ama root biar ningkatin kinerja cache squid bro...agar ga' ikutan system dan juga pengoptimalan di fstab nantinya bro..makanya dipisah dengan partisi lain apabila cm 1 HDD tapi klo 2 HDD ato lebih dipisah beda HDD antara cache ama root

selebihnya sesuai dengan perkataan bro thrvers


User avatar
amanda

Post 01 Jun 2010, 12:07

hmmmh..jadi pengen cobain squid..
barusan ak buat partisi baru dengan nama /data size 5 Gb tapi kok g muncul ya (pake gparted) hanya ada folder data di / (root) padahal gak ada masalah tuh pas buat partisi baru buat squid nya..


User avatar
Rh354
Contact:

Post 02 Jun 2010, 01:42

amanda wrote:hmmmh..jadi pengen cobain squid..
barusan ak buat partisi baru dengan nama /data size 5 Gb tapi kok g muncul ya (pake gparted) hanya ada folder data di / (root) padahal gak ada masalah tuh pas buat partisi baru buat squid nya..
udah di mount sis partisinya


User avatar
amanda

Post 02 Jun 2010, 10:57

udah maz , dah bisa...
mau tanya lgi nih maz Rh354.. kenapa ya "kdg-kdg" whitepage gitu pas buka page?apa karna dns yang kupasang di squid bermasalah?ak pk dns awari dg telkomflash . untuk versi squidnya squid 3.1.2 di lucid
hasil compile an (apa mgkn compile nya g berhasil yah?padahal fine2 aja buat brows)


User avatar
Rh354
Contact:

Post 02 Jun 2010, 16:35

amanda wrote:udah maz , dah bisa...
mau tanya lgi nih maz Rh354.. kenapa ya "kdg-kdg" whitepage gitu pas buka page?apa karna dns yang kupasang di squid bermasalah?ak pk dns awari dg telkomflash . untuk versi squidnya squid 3.1.2 di lucid
hasil compile an (apa mgkn compile nya g berhasil yah?padahal fine2 aja buat brows)
klo browsing mau berarti ga' masalah...pas whitepage ada error ga' sis...trus apa langkah2 sebelum error apa aja yg dilakukan step2nya...misal optimalkan kernel dan optimalkan di fstab


User avatar
amanda

Post 02 Jun 2010, 16:46

udah lancar maz ,,, setelah ganti DNS nawala ...
untuk fstab ak pk default nya aja tu maz,,
ini isi nya

# /etc/fstab: static file system information.
#
# Use 'blkid -o value -s UUID' to print the universally unique identifier
# for a device; this may be used with UUID= as a more robust way to name
# devices that works even if disks are added and removed. See fstab(5).
#
#
proc /proc proc nodev,noexec,nosuid 0 0
# / was on /dev/sda7 during installation
UUID=9c5a5b29-17f0-4427-af24-902ce542cca1 / ext4 errors=remount-ro 0 1
# /data was on /dev/sda8 during installation
UUID=fbb28fc3-a0d0-4407-b906-5acc37776ce6 /data ext4 defaults 0 2
# /home was on /dev/sda10 during installation
UUID=85f7cb95-b23e-4506-9d0b-119ec2ce818c /home ext4 defaults 0 2
# swap was on /dev/sda9 during installation
UUID=cbf233f2-7572-4b92-b8df-31685f265c6f none swap sw 0 0

emang harus di ganti ky gimana maz fstab nya?


User avatar
Rh354
Contact:

Post 02 Jun 2010, 16:49

amanda wrote:udah lancar maz ,,, setelah ganti DNS nawala ...
untuk fstab ak pk default nya aja tu maz,,
ini isi nya

# /etc/fstab: static file system information.
#
# Use 'blkid -o value -s UUID' to print the universally unique identifier
# for a device; this may be used with UUID= as a more robust way to name
# devices that works even if disks are added and removed. See fstab(5).
#
#
proc /proc proc nodev,noexec,nosuid 0 0
# / was on /dev/sda7 during installation
UUID=9c5a5b29-17f0-4427-af24-902ce542cca1 / ext4 errors=remount-ro 0 1
# /data was on /dev/sda8 during installation
UUID=fbb28fc3-a0d0-4407-b906-5acc37776ce6 /data ext4 defaults 0 2
# /home was on /dev/sda10 during installation
UUID=85f7cb95-b23e-4506-9d0b-119ec2ce818c /home ext4 defaults 0 2
# swap was on /dev/sda9 during installation
UUID=cbf233f2-7572-4b92-b8df-31685f265c6f none swap sw 0 0

emang harus di ganti ky gimana maz fstab nya?
cachenya ditaro dimana y sis


User avatar
amanda

Post 02 Jun 2010, 16:54

/data maz..
& mau tanya pengaruh nya apa y maz kl fstab nya di ganti?


User avatar
Rh354
Contact:

Post 02 Jun 2010, 16:58

amanda wrote:/data maz..
asumsi /data hanya untuk cache maka di fstabnya

proc /proc proc nodev,noexec,nosuid 0 0
# / was on /dev/sda7 during installation
UUID=9c5a5b29-17f0-4427-af24-902ce542cca1 / ext4 noatime,barrier=0,errors=remount-ro 0 1
# /data was on /dev/sda8 during installation
UUID=fbb28fc3-a0d0-4407-b906-5acc37776ce6 /data ext4 data=writeback,noatime,barrier=0,nobh,errors=remount-ro,commit=100 0 2
# /home was on /dev/sda10 during installation
UUID=85f7cb95-b23e-4506-9d0b-119ec2ce818c /home ext4 noatime,barrier=0 0 2
# swap was on /dev/sda9 during installation
UUID=cbf233f2-7572-4b92-b8df-31685f265c6f none swap sw 0 0


klo udah disave jalankan ini di terminal untuk mengaktifkan data=writeback

sudo tune2fs -o journal_data_writeback /dev/sda8

restart system

keterangan :

data=writeback
The default data mode is ordered. This mode provides only meta-data journaling which is similar to the default data mode in ReiserFS, XFS, and JFS. Enabling this option on the root partition, caused an error during boot time. So enable this option only on non-root partitions!

nobh
Implies data=writeback; Avoids buffer heads to data pages association.

barrier
The default value is barrier=1 (activated). Deactivating write barriers in the jbd code will improve the performance. If you don't have a battery-backed storage environment, you should not deactivate this mount option.

noatime
Deactivates the file access time modification which is basically a write operation that should be avoid on SSDs.

commit
Increases the commit/write interval (default: 5s). Actually it is a sync operation between data and meta-data which is an important data-safety feature.

errors=remount-ro
Many distribution add also this boot option. In fact this boot option can be omitted without any hesitation as this boot option is set by default.

data=writeback cmn jalan di debian/RHEL ... turunan linux nya ga jalan fedora, centos, caos, arch, dah dicoba ga jalan semua.. malah kernel piknik


User avatar
amanda

Post 02 Jun 2010, 17:06

makasih ..nambah ilmu juga... ku pahami dulu satu2 kl gitu..

"kernel piknik" maksudnya???


User avatar
Rh354
Contact:

Post 02 Jun 2010, 17:10

amanda wrote:makasih ..nambah ilmu juga... ku pahami dulu satu2 kl gitu..

"kernel piknik" maksudnya???
plesetan dari kernel pannic..google aja mksdnya :D


User avatar
amanda

Post 02 Jun 2010, 17:15

owhhh itu, g tau , hehehehhehehe yalah kl gitu, makasi y


User avatar
zitux
Contact:

Post 28 Aug 2010, 02:43

bro coba opsi noatime,data=writeback
jadi spt ini /dev/sda10 /media/proxy xfs defaults,noatime,data=writeback 0 2
muncul error gini

Code: Select all

root@zitux:~# mount -a
mount: wrong fs type, bad option, bad superblock on /dev/sda10,
       missing codepage or helper program, or other error
       In some cases useful info is found in syslog - try
       dmesg | tail  or so

root@zitux:~# tune2fs -o journal_data_writeback /dev/sda10
tune2fs 1.41.11 (14-Mar-2010)
tune2fs: Bad magic number in super-block while trying to open /dev/sda10
Couldn't find valid filesystem superblock.
root@zitux:~# 
filessystem nya coba XFS aq
tq


User avatar
goez
Contact:

Post 08 Sep 2010, 12:48

######### SQUID DEWA #############
######### FROM ALIF COMPUTER NET ###########
### Konfigurasi Port
http_port 3128 transparent
#icp_port 0
prefer_direct off

### Bypass javascript, perl website (jika perlu) dan situs2 yang dekat (satu network) deklarasikan
### disini Untuk caching Facebook, lebih efektif jika ini di comment (nonaktif)
#hierarchy_stoplist cgi-bin ? localhost
#acl QUERY urlpath_regex cgi-bin \? localhost
#no_cache deny QUERY

### Tuning Cache & Objek
cache_mem 8 MB
cache_swap_low 98 #95
cache_swap_high 99 #97
max_filedesc 8192
server_http11 on

maximum_object_size 128 MB
minimum_object_size 0 bytes
maximum_object_size_in_memory 32 KB
ipcache_size 16384 #4096
ipcache_low 98 #95
ipcache_high 99 #97
fqdncache_size 16384 #4096
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF

### Lokasi Cache
cache_dir aufs /cache1 25000 58 256
cache_dir aufs /cache2 25000 58 256

cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
cache_swap_log /var/log/squid/swap.state

dns_nameservers 192.168.3.1
#dns_nameservers 180.131.144.144 180.131.145.145

### Cache Options
emulate_httpd_log off
hosts_file /etc/hosts
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache

#speedtest
#acl speedtest dstdomain .speedtest.net
#cache allow speedtest
# OPTIONS FOR URL REWRITING
redirector_bypass on
#uri_whitespace strip

acl store_rewrite_list urlpath_regex \/(get_video|videoplayback\?id|videoplayback.*id)
acl store_rewrite_list urlpath_regex \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|wmv|3gp|mp(4|3)|exe|msi|zip|on2|mar)\?
acl store_rewrite_list_domain url_regex ^http:\/\/([a-zA-Z-]+[0-9-]+)\.[A-Za-z]*\.[A-Za-z]*
acl store_rewrite_list_domain url_regex (([a-z]{1,2}[0-9]{1,3})|([0-9]{1,3}[a-z]{1,2}))\.[a-z]*[0-9]?\.[a-z]{3}
acl store_rewrite_list_path urlpath_regex \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|avc|zip|mp3|3gp|rar|on2|mar|exe)$
acl store_rewrite_list_domain_CDN url_regex \.rapidshare\.com.*\/[0-9]*\/.*\/[^\/]* ^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*) \.doubleclick\.net.*
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/[.a-z0-9]*\.photobucket\.com.*\.[a-z]{3}$ quantserve\.com
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/[a-z]+[0-9]\.google\.co(m|\.id)
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(rar|zip|flv|wm(a|v)|3gp|mp(4|3)|exe|msi|avi|(mp(e?g|a|e|1|2|3|4))|cab|exe)
acl dontrewrite url_regex redbot\.org \.php
acl dontrewrite url_regex youtube.com
acl getmethod method GET

storeurl_access deny dontrewrite
storeurl_access deny !getmethod
storeurl_access allow store_rewrite_list_domain_CDN
storeurl_access allow store_rewrite_list
storeurl_access allow store_rewrite_list_domain
storeurl_access allow store_rewrite_list_path
#storeurl_access deny all

storeurl_rewrite_program /etc/squid/storeurl-ubuntu.pl
storeurl_rewrite_children 15 #7
storeurl_rewrite_concurrency 10 #60

# facebook
refresh_pattern ((facebook.com)|(85.131.151.39)).*\.(jpg|png|gif) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ((tagged.com)|(96.17.109.27)).*\.(jpg|png|gif) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern edgecastcdn.\net.*\.swf? 129600 999999% 129600 override-expire ignore-reload store-stale
refresh_pattern \.(jp(e?g|e|2)|tiff?|bmp|gif|png)($|&) 129600 999999% 129600 ignore-no-cache ignore-no-store reload-into-ims override-expire store-stale
refresh_pattern .zynga.net.*\.(jpg|gif|png|swf|mp3)($|&) 129600 999999% 129600 store-stale
refresh_pattern .farmville.net.*\.(jpg|gif|png|swf|mp3)($|&) 129600 999999% 129600 store-stale
refresh_pattern .ninjasaga.com.*\.(jpg|gif|png|swf|mp3)($|&) 129600 999999% 129600 store-stale
refresh_pattern .apps.facebook.com.*\.(jpg|gif|png|swf|mp3)($|&) 129600 999999% 129600 store-stale
refresh_pattern .frontierville.*\.(jpg|gif|png|swf|mp3)($|&) 129600 999999% 129600 store-stale
refresh_pattern .tagged.*\.(jpg|gif|png|swf|mp3)($|&) 129600 999999% 129600 store-stale


# 1 year = 525600 mins, 1 month = 129600 mins
refresh_pattern imeem.*\.flv 0 0% 0 override-lastmod override-expire store-stale

#ads
refresh_pattern ^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 129600 20% 129600 ignore-no-cache ignore-no-store ignore-private override-expire ignore-reload ignore-auth ignore-must-revalidate store-stale negative-ttl=40320 max-stale=1440
#specific sites
refresh_pattern ^.*safebrowsing.*google 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth ignore-must-revalidate negative-ttl=10080 store-stale
refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?) 129600 99999999% 129600 override-expire ignore-reload store-stale
refresh_pattern \.(ico|video-stats) 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth override-lastmod ignore-must-revalidate negative-ttl=10080 store-stale

# pictures & images
refresh_pattern -i \.(gif|png|jpeg|jpg|bmp|tif|tiff|ico)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth ignore-private store-stale

# website
refresh_pattern -i \.(xml|html|htm|js|txt|css|php)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth store-stale

#sound, video multimedia
refresh_pattern -i \.(flv|x-flv|mov|avi|qt|mpg|mpeg|swf)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache store-stale
refresh_pattern -i \.(wav|mp3|mp4|au|mid)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth ignore-private store-stale

# files
refresh_pattern -i \.(iso|deb|rpm|zip|tar|tgz|ram|rar|bin|ppt|doc)$ 10080 90% 43200 ignore-no-cache ignore-auth store-stale
refresh_pattern -i \.(zip|gz|arj|lha|lzh)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth store-stale
refresh_pattern -i \.(rar|tgz|tar|exe|bin)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth ignore-reload ignore-no-cache store-stale
refresh_pattern -i \.(hqx|pdf|rtf|doc|swf)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth store-stale
refresh_pattern -i \.(inc|cab|ad|txt|dll)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth store-stale

# refresh pattern for specific sites
refresh_pattern ^http://*.21cineplex.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth
refresh_pattern ^http://*.kompas.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.blogspot.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.wordpress.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache
refresh_pattern ^http://*.photobucket.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.tinypic.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.imageshack.us/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.kaskus.*/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://www.kaskus.com/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.detik.*/.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.detiknews.*/*.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.myspace.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.tagged.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://profile.ak.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.yahoo.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.yahoo.co.id/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.google.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.forummikrotik.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth

refresh_pattern windowsupdate.com/.*\.(cab|exe) 43200 999999% 129600 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern update.microsoft.com/.*\.(cab|exe) 43200 999999% 129600 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern download.microsoft.com/.*\.(cab|exe) 43200 999999% 129600 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

#IIX DOWNLOAD
refresh_pattern ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(mp3|rar|zip|flv|wmv|3gp|mp(4|3)|exe|msi|zip) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale ignore-auth

refresh_pattern ^ftp: 10080 95% 241920 reload-into-ims override-lastmod store-stale
refresh_pattern . 180 95% 120960 reload-into-ims override-lastmod store-stale

#refresh_stale_hit 2 seconds
#max_stale 1 week


quick_abort_min 0
quick_abort_max 0
quick_abort_pct 98

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
#acl to_localhost dst 127.0.0.0/8

acl SSL_ports port 443 563 # https, snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl inputIP url_regex ^http://[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/$
acl inputIP url_regex ^http://[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$

http_access allow manager localhost
http_access deny manager

acl LAN src 192.168.88.0/24 192.168.5.0/24
http_access allow LAN
http_access allow all

### Administratif Squid
cache_mgr alifcomputer.net
visible_hostname alifcomputer.net
cache_effective_user proxy
cache_effective_group proxy
coredump_dir /var/spool/squid
pid_filename /var/run/squid.pid
shutdown_lifetime 10 seconds
logfile_rotate 1

# MISCELLANEOUS
log_fqdn off
memory_pools off
reload_into_ims on
pipeline_prefetch on
vary_ignore_expire on
cache_log none
client_db on

### Marking ZPH
tcp_outgoing_tos 0x30 all
zph_mode tos
zph_local 0x30
zph_parent 0





Silahkan share aja........ saya pakai itu hasilnya maknyos gan


User avatar
karaeng
Contact:

Post 11 Sep 2010, 05:29

udah coba Squid Lusca nga ?


User avatar
happiers07
Contact:

Post 25 Dec 2010, 12:55

wah...tanggapan dari bung Rh354 sangat memuaskan dan mudah di mengerti ijin menyimak ya gan, jangan bosen kasih pencerahan sama nubi2 kek saya ini :D


User avatar
google

Post 26 Dec 2010, 15:52

nganu mas space HDD buat cache terlalu besar gan... coba di bagi2 dikit biar spendel HDD kejane maksimual ... hehe,,,, coba search di google tune up squid


User avatar
sonor

Post 15 Aug 2011, 13:36

manteb...


User avatar
cross

Post 26 Oct 2011, 16:59

met sore gan
permisi kang maap bahasanya beda
ane mw nanya seputar swuid yg di redirect ke iptbles

ane mw nanya ni gan
https error saat di redirect ke port 3128
jadinya https g bisa diakses gan

errornya seperti ni gan saat diakses di browser klient
An error occurred during a connection to ibank.klikbca.com. SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long)

gimana yach gan cara mengatasinya
mohon bantuanya gan????????????


User avatar
kuerk

Post 12 Jun 2012, 08:45

mohon bantuannya nih dari para senior2 semua ^^.

ane udah nginstall Squid buat labor komputer yang jumlah kompi nya sekitar 40 unit. heheh ... karena masih nubee banget ama squid, ane config squid.conf nya hasil comot sana-sini hasil dari gugling ama mbah ^_^.

hasilnya lumayan, tapi ... kok squidnya kenceng amat nyedot memory ?
berikut squid.conf yang ane gunakan ( hehehe ... hasil comotan semua)

#----------------------------------------------------------------------------------------------------------------
http_port 3128 transparent

pid_filename /var/run/squid3.pid
cache_effective_user kuerk
cache_effective_group kuerk

#error_directory /usr/local/etc/squid3/errors/English
#icon_directory /usr/local/etc/squid3/icons

visible_hostname SMA1HARAU-MAINPROXY
cache_mgr webmaster@sman1harau
access_log /var/log/squid3/access.log squid
cache_log /var/log/squid3/cache.log
cache_store_log none
logfile_rotate 5
shutdown_lifetime 3 seconds

acl utama src 192.168.3.0/28
acl labor src 192.168.2.0/29
forwarded_for transparent
uri_whitespace strip

cache_mem 32 MB
maximum_object_size_in_memory 32 KB

#memory_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
#cache_replacement_policy heap LFUDA
cache_replacement_policy heap GDSF
cache_dir aufs /cache 20000 32 512
store_dir_select_algorithm round-robin
minimum_object_size 0 KB
maximum_object_size 2048 KB
offline_mode off
cache_swap_low 90
cache_swap_high 95

# Setup some default acls
acl localhost src 127.0.0.1/32
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535
acl sslports port 443 563 81
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl partialcontent_req req_header Range .*
#acl situs dstdomain "/etc/squid3/situs"
#acl keyword url_regex -i "/etc/squid3/keyword"
#acl dynamic urlpath_regex cgi-bin \?
#include /usr/local/etc/squid/include.conf
#cache deny dynamic
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

# Always allow localhost connections
http_access allow localhost

quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 75
range_offset_limit 0 MB
request_body_max_size 0 allow all

# Manual configuration
refresh_pattern ^http\:\/\/*\.facebook\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/*\.kaskus\.us\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/*\.google\.co\*.*/ 10080 90% 43200 reload-into-ims
refresh_pattern ^http\:\/\/*\.yahoo\.co*\.*/ 10080 90% 43200 reload-into-ims
refresh_pattern ^http\:\/\/.*\.windowsupdate\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/office\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/windowsupdate\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/w?xpsp[0-9]\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/w2ksp[0-9]\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/download\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/download\.macromedia\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^ftp\:\/\/ftp\.nai\.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/ftp\.software\.ibm\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/*\.friendster\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/*\.detik\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/*\.kaskus\.us\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/*\.google\.co\*.*/ 10080 90% 43200 reload-into-ims
refresh_pattern ^http\:\/\/*\.yahoo\.co*\.*/ 10080 90% 43200 reload-into-ims

refresh_pattern ^http://*.facebook.com*/.* 720 100% 4320
refresh_pattern ^http://*.apps.facebook.com*/.* 720 100% 4320
refresh_pattern ^http://*.profile.ak.fbcdn.net/.* 720 100% 4320
refresh_pattern ^http://*.creative.ak.fbcdn.net/.* 720 100% 4320
refresh_pattern ^http://*.static.ak.fbcdn.net/.* 720 100% 4320
refresh_pattern ^http://*.facebook.poker.zynga.com/.* 720 100% 4320
refresh_pattern ^http://*.statics.poker.static.zynga.com/.* 720 100% 4320
refresh_pattern ^http://*.zynga.*/.* 720 100% 4320
refresh_pattern ^http://*.texas_holdem.*/.* 720 100% 4320
refresh_pattern ^http://*.google.*/.* 720 100% 4320
refresh_pattern ^http://*.indowebster.*/.* 720 100% 4320
refresh_pattern ^http://*.4shared.*/.* 720 100% 4320
refresh_pattern ^http://*.yahoo.com/.* 720 100% 4320
refresh_pattern ^http://*.yimg.*/.* 720 100% 4320
refresh_pattern ^http://*.plasa.com/.* 720 100% 4320
refresh_pattern ^http://*.boleh.*/.* 720 100% 4320
refresh_pattern ^http://*.detik.*/.* 180 100% 4320
refresh_pattern ^http://*.detikinet.*/.* 180 100% 4320
refresh_pattern ^http://*.detikhot.*/.* 180 100% 4320
refresh_pattern ^http://*.detiportal.*/.* 180 100% 4320
refresh_pattern ^http://*.kompas.*/.* 180 100% 4320
refresh_pattern ^http://*.kapanlagi.*/.* 720 100% 4320
refresh_pattern ^http://*.google-analytics.*/.* 720 100% 4320

# Manual configuration

refresh_pattern ^http://(.*?)/get_video\? 10080 90% 999999 override-expire ignore-no-cache ignore-private
refresh_pattern ^http://(.*?)/videoplayback\? 10080 90% 999999 override-expire ignore-no-cache ignore-private
refresh_pattern -i (get_video\?|videoplayback\?id|videoplayback.*id) 161280 50000% 525948 override-expire ignore-reload

# compressed
refresh_pattern -i \.gz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.cab$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.bzip2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.bz2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.gz2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.tgz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.tar.gz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.zip$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.rar$ 1008000 90% 99999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.tar$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.ace$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.7z$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

# documents
refresh_pattern -i \.xls$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.doc$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.xlsx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.docx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.pdf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.ppt$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.pptx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.rtf\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

# multimedia
refresh_pattern -i \.mid$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.wav$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.viv$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.mpg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.mov$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.avi$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.asf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.qt$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.rm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.rmvb$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.mpeg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.wmp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.3gp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.mp3$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.mp4$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

# web content
refresh_pattern -i \.js$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.psf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.html$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.htm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.css$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.swf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.js\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.css\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.xml$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

# images
refresh_pattern -i \.gif$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.jpg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.png$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.jpeg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.bmp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.psd$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.ad$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.gif\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.jpg\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.png\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.jpeg\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.psd\?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

# application
refresh_pattern -i \.deb$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.rpm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.msi$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.exe$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.dmg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

# misc
refresh_pattern -i \.dat$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.qtm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

# itunes
refresh_pattern -i \.m4p$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.mpa$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern cgi-bin 0 0% 0
refresh_pattern \? 0 20% 4320
refresh_pattern . 0 20% 4320

#acl filegede urlpath_regex [-i] \.mp3$

#delay_pools 1
#delay_class 1 1
#delay_parameters 1 1000/16000
#delay_access 1 allow download
#delay_access 1 deny ALL

# Allow local network(s) on interface(s)
#http_access deny situs
#http_access deny keyword

#delay_pools 1
#delay_class 1 1
#delay_parameters 1 250/250
#delay_access 1 allow labor filegede
#delay_access 1 allow utama filegede
#delay_access 1 deny all

#delay_class 2 2
#delay_parameters 2 32000/32000 8000/8000
#delay_access 2 allow labor
#delay_access 2 allow utama
#delay_access 2 deny all

#delay_class 2 2
#delay_access 1 deny all

acl preman url_regex -i 192.168.
acl slowdown url_regex -i "/etc/squid3/slowdown"
acl lambat url_regex -i \.mp3
acl lambat url_regex -i \.zip
acl lambat url_regex -i \.exe
acl lambat url_regex -i \.avi
acl lambat url_regex -i \.rar
acl lambat url_regex -i \.flv
acl lambat url_regex -i \.tar.gz
acl lambat url_regex -i \.thm
acl lambat url_regex -i \.pck
acl lambat url_regex -i \.iso
acl lambat url_regex -i \.cab

#acl lambat url_regex -i ^http://www.youtube.com/*
#refresh_pattern ^http://*.facebook.com*/.*
#acl lambat url_regex -i \.mp3
#acl lambat url_regex -i \.mp3
#acl lambat url_regex -i \.mp3
#acl lambat url_regex -i \.mp3
#acl lambat url_regex -i \.mp3
#acl lambat url_regex -i \.mp3
#acl lambat url_regex -i \.mp3
#acl lambat url_regex -i \.mp3
#acl lambat url_regex -i \.mp3
#acl lambat url_regex -i \.mp3
#acl lambat url_regex -i \.mp3
#acl lambat url_regex -i \.mp3
#acl lambat url_regex -i \.mp3

delay_pools 3
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow preman

delay_class 2 2
delay_parameters 2 500/500 500/500
#delay_access 2 allow lambat utama
delay_access 2 allow lambat labor
delay_access 2 deny all

delay_class 3 2
delay_parameters 3 500/500 500/500
#delay_access 3 allow slowdown utama
delay_access 3 allow slowdown labor

http_access allow utama
http_access allow labor

# Default block all to be sure
http_access deny all

# ---------------------------------------------------------------------------------------------------------------

mohon koreksi nya dari agan semua, dan spek kompi yg ane gunakan :
- mem 2 GB
- 3 ethernet (eth0 buat WAN, eth1 dan eth2 buat LAN)

uptime squid nya baru sebentar dan itu ngetest nya belum pada saat sibuk (yang ngakses internet cuma 3 kompi),
berikut ini lengkapnya :


kuerk@SMAHARAU:~$ uptime
08:48:47 up 1 day, 44 min, 1 user, load average: 0.14, 0.13, 0.09
kuerk@SMAHARAU:~$ free -m
total used free shared buffers cached
Mem: 2002 1809 193 0 114 1250
-/+ buffers/cache: 444 1558
Swap: 3337 0 3337
kuerk@SMAHARAU:~$ df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 27G 1.6G 24G 7% /
udev 995M 4.0K 995M 1% /dev
tmpfs 401M 812K 400M 1% /run
none 5.0M 0 5.0M 0% /run/lock
none 1002M 0 1002M 0% /run/shm
/dev/sda1 47G 2.7G 44G 6% /cache


terima kasih sebelumnya atas senior2 yang mau ngasih koreksi ^^.


User avatar
yudiarbi
Contact:

Post 16 Jun 2012, 09:53

coba turuni di tag cache_mem dan maximum_object_size


User avatar
q_p
Contact:

Post 28 May 2013, 13:05

Wah ketemu trit lawas dengan posting =
zitux wrote:bro coba opsi noatime,data=writeback
jadi spt ini /dev/sda10 /media/proxy xfs defaults,noatime,data=writeback 0 2
muncul error gini

Code: Select all

root@zitux:~# mount -a
mount: wrong fs type, bad option, bad superblock on /dev/sda10,
       missing codepage or helper program, or other error
       In some cases useful info is found in syslog - try
       dmesg | tail  or so

root@zitux:~# tune2fs -o journal_data_writeback /dev/sda10
tune2fs 1.41.11 (14-Mar-2010)
tune2fs: Bad magic number in super-block while trying to open /dev/sda10
Couldn't find valid filesystem superblock.
root@zitux:~# 
filessystem nya coba XFS aq
tq
Pesan errot yang sama juda ditemukan pada file-system reiserfs. Tidak jalan di reiserfs, karena tuning program "reiserfstune" tidak support "-o journal_data_writeback" option.


Post Reply

Who is online

Users browsing this forum: No registered users and 25 guests