apt-get update

apt-get install devscripts build-essential openssl libssl-dev fakeroot libcppuni

t-dev libsasl2-dev cdbs ccze libfile-readbackwards-perl libcap2 libcap-dev libca
p2-dev
apt-get install devscripts build-essential openssl libssl-dev fakeroot libcppuni
t-dev libsasl2-dev cdbs ccze libfile-readbackwards-perl libcap2 libcap-dev libca
p2-dev
apt-get install sysv-rc-conf
wget http://www.squid-cache.org/Versions/v3/3.4/squid-3.4.6.tar.gz
tar xzvf squid-3.4.8.tar.gz
cd squid-3.4.8
./configure --prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin \
--libexecdir=/usr/lib/squid --sysconfdir=/etc/squid --localstatedir=/var --libdi
r=/usr/lib \
--includedir=/usr/include --datadir=/usr/share/squid --infodir=/usr/share/info
\
--mandir=/usr/share/man --disable-dependency-tracking --enable-storeio=ufs,aufs,
diskd \
--enable-removal-policies=lru,heap --enable-icmp --enable-esi --enable-icap-clie
nt --disable-wccp \
--disable-wccpv2 --enable-kill-parent-hack --enable-cache-digests --enable-follo
w-x-forwarded-for \
--enable-x-accelerator-vary --enable-zph-qos --with-default-user=proxy --with-lo
gdir=/var/log/squid \
--with-pidfile=/var/run/squid.pid --with-large-files --enable-ltdl-convenience -with-filedescriptors=65536 \
--enable-ssl --enable-ssl-crtd --disable-auth --build=amd64-linux-gnu build_alia
s=amd64-linux-gnu
make && make install
ubah pemilik file folder cache
chown
chown
chown
chown
chown
chown

-R
-R
-R
-R
-R
-R

proxy:proxy
proxy:proxy
proxy:proxy
proxy:proxy
proxy:proxy
proxy:proxy

/etc/squid/squid.conf
/etc/squid/storeid.pl
/cache1
/cache2
/cache3
/cache4

chown -R proxy:proxy /var/log/squid

chmod
chmod
chmod
chmod
chmod
chmod

777
777
777
777
777
644

/cache1
/cache2
/cache3
/cache4
/etc/squid/storeid.pl
/etc/squid/squid.conf

copy file squid ke /etc/init.d/

chmod +x /etc/init.d/squid
update-rc.d squid defaults
cd /etc/squid
mkdir ssl_cert

cd ssl_cert
openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout myCA.pem -out
myCA.pem
openssl x509 -in myCA.pem -outform DER -out myCA.der
mkdir /var/squid
cd /var/squid
mkdir ssl_db
cd
chown -R nobody /var/squid/ssl_db/
/usr/lib/squid/ssl_crtd -c -s /var/squid/ssl_db/certs
chown -R proxy:proxy /var/squid/ssl_db/
squid -z
tambahkan file dibawah in pada /etc/rc.local
modprobe
modprobe
modprobe
modprobe
modprobe
modprobe
modprobe
modprobe
modprobe
modprobe

xt_TPROXY
xt_socket
nf_tproxy_core
xt_mark
nf_nat
nf_conntrack_ipv4
nf_conntrack
nf_defrag_ipv4
ipt_REDIRECT
iptable_nat

iptables -t mangle -F
iptables -t mangle -X
iptables -t mangle -N DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
iptables -t mangle -A INPUT -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A PREROUTING ! -d 192.168.3.2/32 -p tcp --dport 80 -j TPROXY
--tproxy-mark 0x1/0x1 --on-port 3129
iptables -t mangle -A PREROUTING ! -d 192.168.3.2/32 -p tcp --dport 443 -j TPROX
Y --tproxy-mark 0x1/0x1 --on-port 3127
/sbin/ip rule add fwmark 1 lookup 100
/sbin/ip route add local 0.0.0.0/0 dev lo table 100
echo 0 > /proc/sys/net/ipv4/conf/lo/rp_filter
echo 1 > /proc/sys/net/ipv4/ip_forward
exit 0
mangle pada mikrotik
/ip firewall mangle
add action=mark-routing chain=prerouting comment="TPROXY ROUTING" disabled=no ds
t-port=80,443 in-interface=ether4-lan new-routing-mark=tproxy_rm passthrough=no
\
protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-port=80,443 in-inter

face=ether5-proxy new-connection-mark=tproxy_cm passthrough=yes protocol=tcp \

src-address=!192.168.88.2
add action=mark-routing chain=prerouting connection-mark=tproxy_cm disabled=no i
n-interface=!ether5-proxy new-routing-mark=tproxy_rm passthrough=no
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.3.2 routing-mar
k=tproxy_rm scope=30 target-scope=10