Help, Bagai Mana Caranya??



  • Selamat Pagi Para Suhu & Sesepuh Pfsense
    langsung aja saya sudah instal pfsesnse di mesin baru dg spesifikasi
    3 HDD 500 GB / Memory 16 GB / Procesor Intel G630 2,7 Gb /MB ECS H61H2-A2 Black Series
    semua instalasi & 3 HDD sudah Terpasang (sudah di mounting di fstab) dg baik cumang yg jadi masalah bagai mana configurasi coss dan cache yg benar di dir.conf nya, sebab sudah saya otak atik kok masih belum mudeng/mengerti juga. mohon pencerahannya,
    mesin di gunakan untuk warnet Fiznet



  • Ternyata sudah sedikit mengeri masalah dir confnya.
    jadi pada pfsense nilai cachenya tidak bisa mengikuti rumus dari squid untuk ukuran L1 dan L2 walau pun besar ukuran cachenya berbeda
    nilain L1 = 16 untuk dan L2 = 256 contoh 120 GB cache di tulis (cache_dir aufs /var/squid/cache 120000 16 256 min-size=4096)
    untuk angka 4096 didapat dari 4 kb di kalikan dg 1024 byte.
    sampai disini saya masih memastikan apakah konfigurasi saya berhasil atau tidak.

    Semanggaaatttt Terusssssss. ;)



  • 2 bh Compac Flash XXXX 8Gb + Conferter Sata dan Ide sudah sampai hari ini rencananya akan di gunakan untuk OS pfsense.
    rencana OS ada di compac flash dan 4 buah HDD 500 gb untuk cachenya, kalo untuk coss nya gimana ya apa tambah 1 HDD lg untuk cossnya.
    mohon saran??

    sementara sambil ngoprek mesin baru, sy share squid.conf sementara / cadangan

    Do not edit manually !

    http_port 192.168.82.1:3128 transparent
    http_port 127.0.0.1:80 transparent
    icp_port 0

    pid_filename /var/run/squid.pid
    cache_effective_user proxy
    cache_effective_group proxy
    error_directory /usr/local/etc/squid/errors/English
    icon_directory /usr/local/etc/squid/icons
    visible_hostname localhost
    cache_mgr admin@localhost
    access_log /var/squid/logs/access.log
    cache_log /var/squid/logs/cache.log
    cache_store_log none
    logfile_rotate 1
    shutdown_lifetime 0 seconds

    Allow local network(s) on interface(s)

    acl localnet src  192.168.82.0/255.255.255.248
    uri_whitespace strip
    dns_nameservers 127.0.0.1

    cache_mem 7168 MB
    maximum_object_size_in_memory 8 KB
    memory_replacement_policy heap GDSF
    cache_replacement_policy heap LFUDA
    cache_dir coss /var/squid/coss 40000 max-size=8192 block-size=4096
    cache_dir aufs /var/squid/cache 300000 16 256 min-size=8192
    minimum_object_size 0 KB
    maximum_object_size 250 MB
    offline_mode off
    cache_swap_low 96
    cache_swap_high 98

    No redirector configured

    Setup some default acls

    acl all src 0.0.0.0/0.0.0.0
    acl localhost src 127.0.0.1/255.255.255.255
    acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535
    acl sslports port 443 563
    acl manager proto cache_object
    acl purge method PURGE
    acl connect method CONNECT
    acl partialcontent_req req_header Range .*
    #acl dynamic urlpath_regex cgi-bin ?
    include /usr/local/etc/squid/include.conf
    #cache deny dynamic
    http_access allow manager localhost

    http_access deny manager
    http_access allow purge localhost
    http_access deny purge
    http_access deny !safeports
    http_access deny CONNECT !sslports

    Always allow localhost connections

    http_access allow localhost

    request_body_max_size 0 allow all
    reply_body_max_size 0 deny all

    Custom options

    zph_mode tos
    zph_local 0x30
    zph_parent 0
    zph_option 136

    Allow local network(s) on interface(s)

    http_access allow localnet

    Default block all to be sure

    http_access deny all



  • @fauzi:

    2 bh Compac Flash XXXX 8Gb + Conferter Sata dan Ide sudah sampai hari ini rencananya akan di gunakan untuk OS pfsense.
    rencana OS ada di compac flash dan 4 buah HDD 500 gb untuk cachenya, kalo untuk coss nya gimana ya apa tambah 1 HDD lg untuk cossnya.
    mohon saran??

    sementara sambil ngoprek mesin baru, sy share squid.conf sementara / cadangan

    Do not edit manually !

    http_port 192.168.82.1:3128 transparent
    http_port 127.0.0.1:80 transparent
    icp_port 0

    pid_filename /var/run/squid.pid
    cache_effective_user proxy
    cache_effective_group proxy
    error_directory /usr/local/etc/squid/errors/English
    icon_directory /usr/local/etc/squid/icons
    visible_hostname localhost
    cache_mgr admin@localhost
    access_log /var/squid/logs/access.log
    cache_log /var/squid/logs/cache.log
    cache_store_log none
    logfile_rotate 1
    shutdown_lifetime 0 seconds

    Allow local network(s) on interface(s)

    acl localnet src  192.168.82.0/255.255.255.248
    uri_whitespace strip
    dns_nameservers 127.0.0.1

    cache_mem 7168 MB
    maximum_object_size_in_memory 8 KB
    memory_replacement_policy heap GDSF
    cache_replacement_policy heap LFUDA
    cache_dir coss /var/squid/coss 40000 max-size=8192 block-size=4096
    cache_dir aufs /var/squid/cache 300000 16 256 min-size=8192
    minimum_object_size 0 KB
    maximum_object_size 250 MB
    offline_mode off
    cache_swap_low 96
    cache_swap_high 98

    No redirector configured

    Setup some default acls

    acl all src 0.0.0.0/0.0.0.0
    acl localhost src 127.0.0.1/255.255.255.255
    acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535
    acl sslports port 443 563
    acl manager proto cache_object
    acl purge method PURGE
    acl connect method CONNECT
    acl partialcontent_req req_header Range .*
    #acl dynamic urlpath_regex cgi-bin ?
    include /usr/local/etc/squid/include.conf
    #cache deny dynamic
    http_access allow manager localhost

    http_access deny manager
    http_access allow purge localhost
    http_access deny purge
    http_access deny !safeports
    http_access deny CONNECT !sslports

    Always allow localhost connections

    http_access allow localhost

    request_body_max_size 0 allow all
    reply_body_max_size 0 deny all

    Custom options

    zph_mode tos
    zph_local 0x30
    zph_parent 0
    zph_option 136

    Allow local network(s) on interface(s)

    http_access allow localnet

    Default block all to be sure

    http_access deny all

    ASS WR WB
    Salam PFSI

    Untuk Clue nya ada pada thread http://forum.pfsense.org/index.php/topic,55613.0.html

    Demikian semoga membantu

    Salam PFSI
    WSS WR WB


Log in to reply