Finally I have chance to install Lusca Proxy Server in FreeBSD 9. But with the specifications on the computer server, I decided also to install squidstats to gather and report on Lusca stuff and unbound a validating, recursive, and caching DNS server software. But the article will divides into three stages with Lusca Proxy Server as number one.
I decided to choose FreeBSD 9 as the Operating System because I love it and glad how the FreeBSD manage my limited RAM number. The FreeBSD 9 is a new improves on FreeBSD 8 with many additional new features including the fast filesystem now supports softupdates journaling and High Performance SSH.
The computer server is used desktop computer but I think it is enough to serve our hotspot clients. We just plug some computer components in one full tower casing, the specifications of used computer server are:
- Motherboard GigaByte
- CPU dual core 1.6Ghz
- RAM 4GB dual channel
- HDD SATA 80GB + 250GB
- PSU Samsung
For FreeBSD installation, you can refer to the how to forge, because we don’t concentrate to talking about FREEBSD installation. However FreeBSD 9 offers also new way to install the OS, if you have experience with previous version of FreeBSD, you will know the differences.
We were using 2 HDD SATA 80GB and 250 GB. A 80GB HDD SATA uses as system while a 250GB HDD SATA uses only for cache. We do partition on the both HDD SATA with following configuration, all partition file system was using FreeBSD-ufs exclude swap.
- HDD 80GB SATA
– / 5GB
– Swap 4GB
– /usr 15GB
– /var the rest
- HDD 250GB SATA
– /cache0 140GB
– /cache1 110GB
Once the FreeBSD 9 installation complete, reboot the server than start to configure it to use as Lusca Proxy server. After reboot finish, just login to the server than edit SSH config to enable remote access.
proxy# ee /etc/ssh/sshd_config
Find the line like below
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin no
Change the PermitRootLogin to YES like below
# Authentication:
#LoginGraceTime 2m
PermitRootLogin yes
Than save the file, but don’t forget to put sshd_enable YES in /etc/rc.conf file
proxy# echo 'sshd_enable="YES""' >> /etc/rc.conf
Than start the ssh service by following command below
proxy# service ssh start
Remote the server with putty or Xshell or other ssh client software or just do in local terminal of server to continue the Lusca Proxy Server installation and configuration.
Please ensure you have internet connection because after now we need to install additional package to the server.
proxy# pkg_add -rv perl subversion autotools squidstats unbound ccze
Let the server finish the package installation, once the installation completed, let’s download the script update-lusca.sh to use the latest version of Lusca that available through SVN trunks. But if you would like to use the stable version, just skip this step.
proxy# pwd
/root
proxy# svn checkout http://lusca-cache.googlecode.com/svn/branches/LUSCA_HEAD/ lusca-cache-read-only
Checked out revision 14942
proxy# cd lusca-cache-read-only
proxy# fetch http://simplyeko.com/newlusca/update-lusca.sh
proxy# chmod +x update-lusca.sh
proxy# ee update-lusca.sh
find the line below
WORKDIR=/root/lusca
RELVER=r14942
#RELVER=$1
Change RELVER value with the latest version number after you run “svn checkout” like the command above. If you find the higher version as per article , please change the value RELVER. Afterward, let’s run update-lusca script than continue to compile the Lusca.
—-
proxy# ./update-lusca.sh
proxy# cd /root/lusca/LUSCA-HEAD-rr14942
proxy# ./configure --bindir=/usr/local/sbin --sbindir=/usr/local/sbin --datadir=/usr/local/etc/squid --libexecdir=/usr/local/libexec/squid --localstatedir=/usr/local/squid --sysconfdir=/usr/local/etc/squid --enable-removal-policies=heap --disable-linux-netfilter --enable-arp-acl --disable-linux-tproxy --disable-epoll --disable-auth --disable-unlinkd --disable-htcp --with-maxfd=131072 --disable-wccpv2 --with-pthreads --enable-storeio=aufs,coss,null --disable-delay-pools --enable-snmp --disable-wccp --disable-ident-lookups --enable-pf-transparent --with-large-files --enable-large-cache-files --enable-err-languages=English --enable-default-err-language=English --prefix=/usr/local --mandir=/usr/local/man --infodir=/usr/local/info/
proxy# make clean && make && make install && rehash
proxy# touch /var/log/squid/access.log
proxy# touch /var/log/squid/cache.log
proxy# chown -R squid:squid /var/log/squid/*
proxy# chown -R squid:squid /cache*
—
Modify squid.conf that located in directory /usr/local/etc/squid to match with your existing network and cache directory you located. If found no problem let’s download additional file support like storeurl.pl, refresh conf, and tunning.conf. Those 3 conf files reflect in your squid.conf file, please read carefully your squid.conf file if you would like to change the location of 3 additional support file.
proxy# cd /usr/local/etc/squid/
proxy# fetch http://simplyeko.com/newlusca/squid.conf
proxy# fetch http://simplyeko.com/newlusca/storeurl.txt
proxy# mv storeurl.txt storeurl.pl
proxy# chmod +x storeurl.pl
proxy# fetch http://simplyeko.com/newlusca/refresh.conf
proxy# fetch http://simplyeko.com/newlusca/tunning.conf
Now download script to start/stop/restart Lusca, just fetch the file in directory /usr/local/etc/rc.d/
proxy# cd /usr/local/etc/rc.d/
proxy# fetch http://simplyeko.com/newlusca/squid
proxy# chmod +x squid
Now Lusca Proxy Server ready to serve the client,
proxy# squid -z
proxy# service squid start
If found no problem on your installation and configuration, you will find the squid process in your system by typing following command;
proxy# sockstat -4
proxy# ps -aux | grep squid
I use the Lusca Proxy Server together with Mikrotik RB750. You need to configure NAT on Mikrotik server to allow your clients use the Proxy Server.
Well, later I will continue the squidstats installation and configuration to help you to gather and report on Lusca Proxy Server. Hopefully the article useful and let me know by dropping comment below if you need assistance when you install Lusca proxy Server in FreeBSD 9.
Thanks for this very detailed information and witing for the squidstats
you’re welcome…
di mana file squid.conf nya
please read slowly, you will find it.
I have a storeurl.pl erreur
when starting squid i get this message: The store_rewriter helpers are crashing to or rapidly, need help!
please paste result following command here
# squid -NCd1
I am formatting and configuring step by step again I will reply if I have the same issue thanks for your reply
this file doesnt exist can i use the one from lusca website ? fetch http://simplyeko.com/newlusca/storeurl.txt
the file is exist.
yes, you can use the one from lusca website.
btw, you can browse all files through your browser by typing the url on your address bar or just click the link http://simplyeko.com/newlusca/
Dear friend
Everything is working fine but when i check service radius status i got squid is not running ?
and i cant add that to squid.conf pid_filename /squidrun/squid.pid …
anny help?
do you copy the squid script to /usr/local/etc/rc.d directory?
you can create manually for the pid.
bisa ga di install di freebsd 8.2?
thank you
seharusnya sih bisa aja..monggo dicoba.
youtube tdk bisa playback, muncul error “parse_refreshpattern: Unknown option” kalau dijalanin dgn -d2
bukannya lusca original blm support refresh pattern? harus dipatch dulu.
Mohon perjelas, dari keseluruhan apa ga ada step2 yg kelewat?
btw, thanks for sharing…
ERROR: clientNatLookup: PF open failed: (2) No such file or directory
I check i dont have the /etc/pf.conf how to fix it
you can disable the PF when you configure, check this “enable-pf-transparent” than replace enable with disable
there is a way to install pf now or i have to format ????
now cannot caching youtube or other file video
tolong penjelasannya gan
boss bisa blok ultrasuf nggak
trima kasih tutorialnya,,tapi ketika di mikrotik di nat di enable kan, ada eror yang mana sebagian client bisa brwosing , sebagian tidak bisa,, itu set enable pf tansparan,, bisatolong kasih tau pf conf nya,,, dengan 1 lan,,, freebsd hanya untuk proxy saja,,
mas…link downloadnya kok filenya kok hilang semua ya?
The link addres http://simplyeko.com/newlusca/ don`t existe any more? How can I get the scripts?