8/20/2019 Cara Install Squid 3.4
1/3
apt-get updateapt-get install devscripts build-essential openssl
libssl-dev fakeroot libcppunit-dev libsasl2-dev cdbs ccze
libfile-readbackwards-perl libcap2 libcap-dev libcap2-dev
apt-get install devscripts build-essential openssl libssl-dev
fakeroot libcppunit-dev libsasl2-dev cdbs ccze
libfile-readbackwards-perl libcap2 libcap-dev libcap2-dev
apt-get install sysv-rc-conf wget
http://www.squid-cache.org/Versions/v3/3.4/squid-3.4.6.tar.gztar
xzvf squid-3.4.8.tar.gzcd squid-3.4.8
./configure --prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin
\--libexecdir=/usr/lib/squid --sysconfdir=/etc/squid
--localstatedir=/var --libdir=/usr/lib \--includedir=/usr/include
--datadir=/usr/share/squid
--infodir=/usr/share/info\--mandir=/usr/share/man
--disable-dependency-tracking --enable-storeio=ufs,aufs,diskd
\--enable-removal-policies=lru,heap --enable-icmp --enable-esi
--enable-icap-client --disable-wccp \
--disable-wccpv2 --enable-kill-parent-hack
--enable-cache-digests --enable-follow-x-forwarded-for
\--enable-x-accelerator-vary --enable-zph-qos
--with-default-user=proxy --with-logdir=/var/log/squid
\--with-pidfile=/var/run/squid.pid --with-large-files
--enable-ltdl-convenience --with-filedescriptors=65536
\--enable-ssl --enable-ssl-crtd --disable-auth
--build=amd64-linux-gnu build_alias=amd64-linux-gnu
make && make install
ubah pemilik file folder cache
chown -R proxy:proxy /etc/squid/squid.confchown -R proxy:proxy
/etc/squid/storeid.plchown -R proxy:proxy /cache1chown -R
proxy:proxy /cache2chown -R proxy:proxy /cache3chown -R proxy:proxy
/cache4
chown -R proxy:proxy /var/log/squid
chmod 777 /cache1chmod 777 /cache2chmod 777 /cache3chmod 777
/cache4
chmod 777 /etc/squid/storeid.plchmod 644
/etc/squid/squid.conf
copy file squid ke /etc/init.d/
chmod +x /etc/init.d/squidupdate-rc.d squid defaults
cd /etc/squidmkdir ssl_cert
8/20/2019 Cara Install Squid 3.4
2/3
cd ssl_cert
openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout
myCA.pem -outmyCA.pemopenssl x509 -in myCA.pem -outform DER -out
myCA.der
mkdir /var/squidcd /var/squid
mkdir ssl_dbcdchown -R nobody
/var/squid/ssl_db//usr/lib/squid/ssl_crtd -c -s
/var/squid/ssl_db/certschown -R proxy:proxy /var/squid/ssl_db/
squid -z
tambahkan file dibawah in pada /etc/rc.local
modprobe xt_TPROXYmodprobe xt_socketmodprobe nf_tproxy_core
modprobe xt_markmodprobe nf_natmodprobe
nf_conntrack_ipv4modprobe nf_conntrackmodprobe
nf_defrag_ipv4modprobe ipt_REDIRECTmodprobe
iptable_nat iptables -t mangle -Fiptables -t mangle
-X iptables -t mangle -N DIVERTiptables -t mangle -A DIVERT -j
MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPTiptables -t mangle -A
INPUT -j ACCEPTiptables -t mangle -A PREROUTING -p tcp -m socket -j
DIVERTiptables -t mangle -A PREROUTING ! -d 192.168.3.2/32 -p tcp
--dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port
3129iptables -t mangle -A PREROUTING ! -d 192.168.3.2/32 -p tcp
--dport 443 -j TPROXY --tproxy-mark 0x1/0x1 --on-port
3127 /sbin/ip rule add fwmark 1 lookup 100/sbin/ip route add
local 0.0.0.0/0 dev lo table 100 echo 0 >
/proc/sys/net/ipv4/conf/lo/rp_filterecho 1 >
/proc/sys/net/ipv4/ip_forward
exit 0
mangle pada mikrotik
/ip firewall mangleadd action=mark-routing chain=prerouting
comment="TPROXY ROUTING" disabled=no dst-port=80,443
in-interface=ether4-lan new-routing-mark=tproxy_rm
passthrough=no\protocol=tcpadd action=mark-connection
chain=prerouting disabled=no dst-port=80,443 in-inter
![flpnuol.weebly.comflpnuol.weebly.com/uploads/2/4/5/9/24599736/how_to... · Web viewConfigure Proxy server and make web browzing fast. Install Squid for it. 1 [1] Install and configure](https://img.pdfslide.net/doc/110x75/5b3787e17f8b9a40428c7944/-web-viewconfigure-proxy-server-and-make-web-browzing-fast-install-squid-for.jpg)