Squid Bandwith Management - Delay Pools

Pembahasan mengenai pengaturan bandwith dengan Delay pool squid. konfigurasi yang dibahas dapat diterapkan di linux/freebsd/*nux/*nix sehingga tidak membahas mengenai install squid. dianggap squid sudah terinstall di dalam server yang akan difungsikan sebagai server proxy.

Delay Pools pada dasarnya adalah lebih tepatnya adalah menampung jumlah traffic ( dalam Bytes ) dan bukan berdasarkan speed (Dalam Bits).

Sebelum menggunakan delay pools, pastikan anda telah meng enable feature --enable-delay-pools ketika menjalankan ./configure.
Squid memiliki 3 tipe class buckets :
- class 1 <>
- class 2 <> dan <>
- class 3 , <256> dan <65,536>

Skema configurasi delay pool :
delay_pools
delay_class
delay_parameters rate/size [ rate/size [ rate/size]] ( rate dalam Bytes, jika dalam bits di kalikan dengan 8 )
delay_access allow/deny

Contoh 1
Konfigurasi dengan menggunakan tipe class 1
delay_pools 1
delay_class 1 1
delay_parameters 1 65536/1048576
acl All src 0/0
delay_access 1 allow All
delay_parameters mengindikasikan total traffic adalah 512Kbps dengan pencapaian bucket dalam keadaan full dalam 16 detik ( 1048576 dibagi 65536 . dalam pengertian akan tercapai full traffic dalam 16 detik jika hanya 1 user saja yang menggunakannya.

Build dan Optimasi Kernel Freebsd 7.0

Dikarenakan dikantor di suruh pake freebsd untuk server core. ini mainan pertama menggunakan freebsd.

kompile kernel ini diperuntukan untuk kebutuhan PF dan optimasi Squid dengan diskd. nama kernel yang akan dibuat adalah PF_SQ
langkah2 yang dilakukan :
# cd /usr/sys/sys/i386/conf/
# cp GENERIC PF_SQ
# vi PF_SQ

Kemudian tambahkan konfigurasi sbb:

###—untuk support PF—-###
device pf
device pflog
device pfsync

###—untuk support altq cbq—###
options ALTQ
options ALTQ_CBQ
options ALTQ_RED
options ALTQ_RIO
options ALTQ_HFSC
options ALTQ_PRIQ
options ALTQ_NOPCC

###—untuk optimasi squid untuk dukungan diskd—###
options SYSVMSG
options MSGMNB=32768
options MSGMNI=164
options MSGSEG=8196
options MSGSSZ=512
options MSGTQL=2048

###—optional—###
device carp
options HZ=1000

setelah itu dapat file disimpan
langkah selanjutnya adalah sebagai berikut :

# config PF_SQ
# cd ../compile/PF_SQ
# make cleandepend
# make depend
# make all
# make install

Setelah itu reboot.

Installing Asterisk on Debian Etch

ini saya ambil dari posting di http://www.the-asterisk-book.com/unstable/installation-1.4-debian-4.0.html

Config Apache2 With SSL on Linux Debian Etch

pastikan kamu sudah masuk dalam full permission di root
# sudo

pertama yang harus dilakukan adalah menginstall apache
# apt-get install apache2

install openssl :
# apt-get install openssl ssl-cert

Jika tidak mempunyai sertifikat SSL, maka diharuskan membuat sertifikat sendiri.
pada linux debian varian selain etch dapat menjalankan perintah
# apache2-ssl-certificate
pada debian etch, jalankan perintah :
# make-ssl-cert

untuk membentuk sertifikat ssl jalankan perintah dan jawab pertanyaannya :
# openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/apache.pem -keyout /etc/apache2/apache.pem

Generating a 1024 bit RSA private key
....................................++++++
.....................++++++
writing new private key to '/etc/apache2/apache.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:ID
State or Province Name (full name) [Some-State]:DKI Jakarta
Locality Name (eg, city) []:Jakarta
Organization Name (eg, company) [Internet Widgits Pty Ltd]:PT Indo Pratama Cyber net
Organizational Unit Name (eg, section) []:Network Operation Center
Common Name (eg, YOUR name) []:Indra Budiman
Email Address []:noc2@ipnet.net.id

setting permisions pada apache.pem yang telah terbentuk
#chmod 600 /etc/apache2/apache.pem

setelah sertifikat terbentuk,tambahkan port 443
# vi /etc/apache2/ports.conf
isi :
Listen 80
Listen 443

enable support SSL pada Apache2 webserver
# a2enmod ssl
Module ssl installed; run /etc/init.d/apache2 force-reload to enable

tambahkan didalam konfigurasi site :
NameVirtualHost *:443
<>
....
SSLEngine on
SSLCertificateFile /etc/apache2/apache.pem

...
< /VirtualHost >

Restart apache
# /etc/init.d/apache2 restart

Freeradius: Disconnected user when time limit exceed

I learned this while integrating phpmyprepaid into my radius server.
The purpose of this configuration is to limit a user by the time he use our network.

Let say as example I want to limit a user only 1 hour per prepaid card.
So what I did is define a counter using sqlcounter module in the radius.conf file;

— snipped —
sqlcounter timelimit {

counter-name = Max-All-Session-Time
check-name = Max-All-Session
sqlmod-inst = sql
key = User-Name
reset = never
query = “SELECT SUM(AcctSessionTime) FROM radacct where UserName=’%{%k}’”

}
— snipped —

In the configuration I set the check-name as Max-All-Session, this will apply to the the radcheck table. You can choose other name, the same name should be use in the radcheck table. in the query part is the sql query we use to get the data for accounting. From the above query radius server will get the sum of session time of the user from radacct table. It will compare with Max-All-Session check item and terminate the session when the time is reached.

but the server does not do accounting yet, to enable accounting we must specify the module we define in authorize section in the radius.conf.

— snipped —
authorize {

preprocess
chap
mschap
suffix
eap
files
sql
pap
timelimit

}
— snipped —

Then we need to restart/reload the server to make the new configuration take effect.

To force the setting to the user we must insert the regarding attribute into the radcheck table:
as example:

+–+———–+—————–+—+———-+
| id | UserName| Attribute | op | Value |
+–+———–+—————–+—+———-+
| 1 | user | User-Password | := | p45sw0rd |
| 2 | user | Max-All-Session | := | 3600 |
+–+———–+—————–+—+———-+

Lyrics Take Me Away - Chistina Vidal

Take Me Away
Christina Vidal

Composição: Indisponíve

Yeah,Yeah

Get up, Get out
Move on, move on there's no doubt
I'm all wrong, you're right
It's all the same with you
I'm too thin, too fat
You ask why
So why,
So why,
So why,
So why

On and on,
And on and on,
On and on,
And on and on,

[Refrão]
Don't want to grow up
I want to get out
Hey, take me away
I want to shout out
Take me away,
Away,
Away,
Away,
Away,

Round and round here we go again
Same old start, same old end
Turn my head
And turn back again
Same old stuff never ends
Do this, do that
Can't deal Can't deal with that
I tune in, tune out
I've heard it all before
Hello, goodbye
Never asking me why,
Goodbye,
Goodbye,
Goodbye,

On and on,
And on and on,
On and on,
And on and on,

[Chorus]
Don't want to grow up
I want to get out
Hey, take me away
I want to shout out
Take me away,
Away,
Away,
Away,
Away,

[Refrão 2x]

Round and round here we go again
Same old story, same old end
Turn my head
And turn back again
Same old stuff never ends