How To - OpenBSD 4.0 + SQUID

Since there are so many squid how to in english, and this time I made it in Indonesian (my mother language), but you still can use these options and my squid.conf

Operating Sistem yang saya gunakan dalam tutorial ini adalah OpenBSD 4.0 dan jika anda menggunakan Linux atau UNIX lainnya maka anda dapat mengubah settingan berikut sesuai dengan OS anda. Jadi pertama pastikan anda telah mendowload paket Squid yang stable, dan lanjutkan dengan mengconfigure dengan option seperti dibawah berikut :


$./configure \
--enable-dependency-tracking \
--sysconfdir=/etc/squid \

--localstatedir=/var/squid \
--enable-external-acl-helpers=ip_user unix_group \
--enable-digest-auth-helpers=password \
--enable-auth=basic ntlm digest \
--enable-ntlm-fail-open \
--enable-basic-auth-helpers=MSNT NCSA SMB \
--enable-ntlm-auth-helpers=SMB \
--enable-pf-transparent \
--enable-cache-digests \
--enable-delay-pools \
--enable-htcp \
--enable-default-err-language=English \
--enable-err-languages=English Korean Japanese Spanish \
--enable-ssl \
--enable-arp-acl \
--enable-kill-parent-hack \
--enable-removal-policies=heap lru \
--enable-storeio=ufs aufs coss diskd \
--enable-dl-malloc \
--enable-async-io \
--enable-snmp \
--with-maxfd=1024
dan lanjutkan dengan
# make && make install

dan kemudian edit squid.conf anda, ini contoh dari squid.conf saya

##squid.conf for openbsd 4.0
http_port 127.0.0.1:3128 transparent
icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
#=======================================================$
# CACHE MEM
#=======================================================$
cache_mem 6 MB
cache_swap_low 98
cache_swap_high 99
maximum_object_size 10 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 128 KB
ipcache_size 2048
ipcache_low 98
ipcache_high 99
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_dir aufs /var/squid/cache 1200 16 256

#cache_dir diskd /var/squid/cache 4000 10 256 Q1=72 Q2=64
#cache_dir diskd /var/squid/cache 4000 10 256 Q1=72 Q2=64
#cache_dir diskd /var/squid/cache 4000 10 256 Q1=72 Q2=64
#cache_dir diskd /var/squid/cache 4000 10 256 Q1=72 Q2=64
#diskd_program /usr/local/libexec/diskd
#unlinkd_program /usr/local/libexec/unlinkd

cache_effective_user _squid
cache_effective_group _squid
#=======================================================$
# SQUID LOG
#=======================================================$
access_log /var/squid/logs/access.log
cache_store_log none
pid_filename /var/squid/logs/squid.pid
log_fqdn off
log_icp_queries off
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

#============================================================$
#refresh
#============================================================$
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern ^ftp: 10080 95% 241920 reload-into-ims override-lastmod
refresh_pattern . 180 95% 120960 reload-into-ims override-lastmod
refresh_pattern \.gif 4320 50% 43200
refresh_pattern \.jpg 4320 50% 43200
refresh_pattern \.tif 4320 50% 43200
refresh_pattern \.png 4320 50% 43200
refresh_pattern \.jpeg 4320 50% 43200
refresh_pattern ^http://www.friendster.com/.* 720 100% 4320
refresh_pattern ^http://mail.yahoo.com/.* 720 100% 4320
refresh_pattern ^http://*.yahoo.*/.* 720 100% 4320
refresh_pattern ^http://*.yimg.*/.* 720 100% 4320
refresh_pattern ^http://*.gmail.*/.* 720 100% 4320
refresh_pattern ^http://*.google.*/.* 720 100% 4320
refresh_pattern ^http://*korea.*/.* 720 100% 4320
refresh_pattern ^http://*.akamai.*/.* 720 100% 4320
refresh_pattern ^http://*.windowsmedia.*/.* 720 100% 4320
refresh_pattern ^http://*.googlesyndication.*/.* 720 100% 4320
refresh_pattern ^http://*.plasa.*/.* 720 100% 4320
refresh_pattern ^http://*.telkom.*/.* 720 100% 4320
refresh_pattern ^ftp: 10080 95% 40320 reload-into-ims override-lastmod
refresh_pattern . 0 20% 4320 reload-into-ims override-lastmod
#refresh_pattern ^ftp: 10080 95% 241920 reload-into-ims override-lastmod
#refresh_pattern ^gopher: 1440 0% 1440
#refresh_pattern . 180 95% 120960 reload-into-ims override-lastmod

#============================================================$
# QUICK ABORT
#============================================================$
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 98
#============================================================$
#ACCESS CONTROL LIST
#============================================================$
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl our_networks src 192.168.8.0/24
acl noproxy1 src 192.168.8.200 #dont proxy this machine
acl ie_browser browser `^Mozilla/4\.0 .compatible; MSIE;` #Internet Explorer
acl bad_browser browser ^Gator # spyware crap
acl windowsupdate dstdomain .windowsupdate.com # allow ie
acl windowsupdate dstdomain .windowsupdate.microsoft.com
acl ie_exceptions dstdomain .1u-firewall.com
acl ie_exceptionsa dst 3.4.5.6 #Allow Internet explorer to this IP address
acl SMTP_port port 25

http_port 3128
icp_port 3130
http_access deny bad_browser
http_access deny SMTP_port
http_access allow noproxy1

http_access allow our_networks
http_access allow manager localhost
http_access deny to_localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
http_reply_access allow all

coredump_dir /var/squid/cache
query_icmp off
shutdown_lifetime 10 seconds
reload_into_ims on
pipeline_prefetch on
ie_refresh off
vary_ignore_expire on
cache_mgr xxxxxx
logfile_rotate 1
memory_pools on
visible_hostname gateway.net
positive_dns_ttl 60 seconds
negative_dns_ttl 29 seconds

########################### E O F #######################

Squid.conf tersebut dapat anda tambah kan dan dikurangkan sesuai sistem anda dan kebutuhan anda.

Read more!

O2 XDA ATOM LIFE

Superb, its the only way to describe this phone. So mature, and more perfect from the earlier products from O2. Even from the design it self describes how powerful this PDA can be. With powerful processor from its class (Intel XScale® PXA 270 Processor at 624 MHz), and also 'huge' storage as a default. And that's not it, you also get powerful multimedia tools, the Xda Atom Life ensures you are the master of work and play. FM radio also included in this version, SRS WOW HD (surround sound experience) and so many more.

Can you imagine how powerful this PDA can be ?

For overview click here

Read more!

Make OpenBSD ISO

Make OpenBSD ISO file it's not dificult as you think. These are the steps how to create (on Windows) a OpenBSD 4.0 i386 ISO file. Even though you are using UNIX to make this ISO file, you can do it with the same way, as long as you got cdrecord:

Make directories, example OpenBSD/4.0/i386

Download all files from ftp://ftp.openbsd.org/pub/OpenBSD/4.0/i386 to the i386 directory. And do not forget to download these files src.tar.gz, sys.tar.gz, and ports.tar.gz.

You can use Magic Iso (not Free) on Windows machine.

Or, use the UNIX way use mkisofs. Then we make the iso file using mkisofs (http://cdrecord.berlios.de/old/private/cdrecord.html) :
# mkisofs -v -r -T -J \
-V "OpenBSD-4.0" \
-b 3.9/i386/cdrom40.fs \
-c boot.catalog \
-o /home/you/OpenBSD/OpenBSD-40.iso \
-x /home/you/OpenBSD/OpenBSD-40.iso \
/home/you/OpenBSD/

Just wait, and burn the ISO.

Thanks to www.corebsd.or.id

Read more!

12th Mega Bazaar Komputer

This weekend really helped me out, howto judge on things. Yesterday, me and my friend Adi Ridwansyah
took long walk just to find out 'cheap' storage. He was looking for 1Gb USB Flash Disk, and me was for the 1Gb SD card for my PocketPC. That running out space from long time ago. We were looking at the 12th Mega Bazaar Komputer at JCC, from Hall A,B to the JCC's Main lobby.

It was so hot, cant feel the Air Conditioner. Because the place were crowded by people that want to search cheapest price for computer hardwares and other stuffs.So, no wonder we were urging to death just to find the 'right' price.

After 1 hour of pain we finally arrived to the right place. They were selling 1 Gb Flash Disk for Rp 90,000 ($10) and 1Gb SD card for Rp 100,000 ($11). Quiet cheap, right? My SD already has the fast read feature, so lucky me, eh ?Last time I asked a store at Mangga Dua it was
about Rp 150,000 ($16.5).

Adi bought a digi-cam for his friend, a BenQ. Kinda nice cam, but I think less feature than supposed to. He bought it about Rp 990,000 ($107), it has 5 MP which is not bad. But, I just dont feel it. I knew its not mine, but I think it was like burning your
money.

And looked like this Bazaar more to the Laptops, the area filled with so many Laptops from low to hi end spec. I think the organizer needs to improve the comfort it self. Cause, I didnt feel comfty.

Read more!

Gigabyte Gsmart

Gigabyte known as the High End computer hardwares, but their latest invasion came from
different department. Its the latest Gigabyte's PDA Phone, Gigabyte will be the first
company to have a DVB-T and DVB-H compatible phone (both are terrestrial digital TV broadcasting)
and producing the world's first Windows Mobile PPC phone with Direct Push Technology.
These are the latest Gigabyte gadgets GSmart t600 and q60.

The GSmart has all the latest feature, like Windows Mobile 6 OS,other features include a
2 megapixel camera, Intel PXA270 520 MHz Processor, 256 MB ROM / 96 MB RAM, bluetooth 2.0,
USB 2.0 and WLAN 802.11b/g.

More Specifications:

* Size: 110.5 x 55.5 x 18.5 mm
* 2.6" 256k colors TFT (480 x 640)
* microSD card slot
* Up to 3 hours talk time
* Up to 150 hours standby time
* Push mail supported

Read more!