manual script installing squid-3.5.xx vritualbox no tproxy

#manual for debian7 ubuntu12/14
# after finish your installing of ubuntu / debian
# change or replace /etc/apt/sources.list with  a local repository
debian 7 indonesia=
deb http://kambing.ui.ac.id/debian/ wheezy main contrib non-free
deb http://kambing.ui.ac.id/debian/ wheezy-updates main contrib non-free
deb http://kambing.ui.ac.id/debian-security/ wheezy/updates main contrib non-free

for debian error key=
aptitude install debian-keyring debian-archive-keyring
apt-key update
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 8B48AD6246925553
=========================================================================================
#edit tuning limits.conf at /security/limits.conf
add /etc/security/limits.conf
=========================================================================================
*         soft        nofile          65536
*         hard        nofile          65536
root      soft        nofile          65536
root      hard        nofile          65536
proxy     soft        nofile          65536
proxy     hard        nofile          65536
===========================================================================================
# install web server
apt-get install apache2 php5 php5-mysql mysql-server phpmyadmin -y
configure apache2.conf @/etc/apache2/apache2.conf
# Include the virtual host configurations:
Include sites-enabled/
ServerName localhost <<<<... add this scripts

#configure squid proxy
# install packet
apt-get install devscripts build-essential openssl libssl-dev fakeroot libcppunit-dev libsasl2-dev cdbs ebtables bridge-utils libcap2 libcap-dev libcap2-dev sysv-rc-conf iproute kernel-package libncurses5-dev fakeroot wget bzip2 debhelper linuxdoc-tools libselinux1-dev htop iftop dnstop perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python ccze pastebinit checkinstall libssl-dev htop iftop iptraf mtr-tiny bwm-ng ccze sysv-rc-conf -y

#libecap
download libecap= http://www.4shared.com/archive/uMVmB3ADce/libecap-100tar.html
download DSI_ecap_youtube.so=  http://www.4shared.com/file/rYJcJqyVce/DSI_ecap_youtube.html
tar -xzf libecap-1.0.0.tar.gz
cd libecap-1.0.0/
./configure && make && make install
echo "/usr/local/lib" >> /etc/ld.so.conf
ldconfig

#ecap_adapter
apt-get install pkg-config
wget http://www.measurement-factory.com/tmp/ecap/ecap_adapter_sample-1.0.0.tar.gz
tar -xzf ecap_adapter_sample-1.0.0.tar.gz
# cd ecap_adapter_sample-1.0.0
# download patch ecap_adapter in mikrotik squid indonesia group / thanks to Mikrotike N SquidLovers
https://www.facebook.com/download/989568241123182/patch_ecap_adapter_sample.patch
# move patch_ecap_adapter_sample.patch > #to directory= /ecap_adapter_sample-1.0.0
# and then input the scripts below >>>
# patch -p1 < patch_ecap_adapter_sample.patch
# ./configure && make && sudo make install

#squid installation
wget http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.12.tar.gz
tar -xzvf squid-3.5.12.tar.gz
cd squid-3* >> add script below

./configure \
CHOST="x86_64-pc-linux-gnu" \
CFLAGS="-march=core2 -O2 -pipe" \
CXXFLAGS="${CFLAGS}" \
--build=x86_64-linux-gnu \
--prefix=/usr \
--exec-prefix=/usr \
--bindir=/usr/bin \
--sbindir=/usr/sbin \
--libdir=/usr/lib \
--sharedstatedir=/usr/com \
--includedir=/usr/include \
--localstatedir=/var \
--libexecdir=/usr/lib/squid \
--srcdir=. \
--datadir=/usr/share/squid \
--sysconfdir=/etc/squid \
--infodir=/usr/share/info \
--mandir=/usr/share/man \
--x-includes=/usr/include \
--x-libraries=/usr/lib \
--with-default-user=proxy \
--with-logdir=/var/log/squid \
--with-swapdir=/cache/cache \
--with-pidfile=/var/run/squid.pid \
--enable-err-languages=English \
--enable-default-err-language=English \
--enable-storeio=ufs,aufs,diskd \
--enable-linux-netfilter \
--enable-removal-policies=lru,heap \
--enable-gnuregex \
--enable-follow-x-forwarded-for \
--enable-x-accelerator-vary \
--enable-zph-qos \
--enable-delay-pools \
--enable-snmp \
--enable-underscores \
--with-openssl \
--enable-ssl-crtd \
--enable-http-violations \
--enable-async-io=24 \
--enable-storeid-rewrite-helpers \
--with-large-files \
--with-libcap \
--with-libnetfilter-conntrack \
--with-included-ltdl \
--with-maxfd=65536 \
--with-filedescriptors=65536 \
--with-pthreads \
--without-gnutls \
--without-mit-krb5 \
--without-heimdal-krb5 \
--without-gnugss \
--disable-icap-client \
--disable-wccp \
--disable-wccpv2 \
--disable-dependency-tracking \
--disable-auth --disable-epoll \
--disable-ident-lookups \
--disable-icmp \
--enable-ecap \
PKG_CONFIG_PATH=/usr/local/lib/pkgconfig

make && make install

chown -R proxy:proxy /cache/cache/
chmod -R 777 /cache/cache/

cd /etc/squid
mkdir ssl_certs

cd /ssl_certs
openssl genrsa -out squid.key 2048
openssl req -new -key squid.key -out squid.csr -nodes
#input  data for certificate squid#
openssl x509 -req -days 3652 -in squid.csr -signkey squid.key -out squid.crt

#edit squid.conf
my squid.conf non tproxy only virtualbox= http://pastebin.com/uvtLinw8
my store-id.pl= http://pastebin.com/pLK4Jk81
chown -R nobody /etc/squid/
chown -R proxy:proxy /etc/squid/
chmod -R 777 /etc/squid/

/usr/lib/squid/ssl_crtd -c -s /etc/squid/ssl_db

cd /var/log/squid/
touch /var/log/access.log
touch /var/log/cache.log
chown -R proxy:proxy /var/log/squid/access.log
chown -R proxy:proxy /var/log/squid/cache.log
chmod -R 777 /var/log/squid/access.log
chmod -R 777 /var/log/squid/cache.log
squid -z

#autostart squid
cd /etc/init.d/
touch squid >> add scripts
/etc/init.d/squid= http://pastebin.com/W8xQAD0d
chmod +x /etc/init.d/squid
update-rc.d squid defaults
/etc/init.d/squid stop
<<< chown -R nobody /etc/squid/ssl_db/
<<< chown -R proxy:proxy /etc/squid/ssl_db/
<<< chmod -R 777 /etc/squid/ssl_db/
reboot
#back to proxy and login
input= /etc/init.d/squid restart

#ssl_cert import
download ssl_cert your squid directory
using winscp >> download ssl_certs on directory /etc/squid/ >> to your computer windows/....

#setting non tproxy manual browser input
#add setting your browser mozilla / chrome or etc....
# google chrome= setting > network > change proxy setting
add your ipproxy and port 3127
still on setting chrome ,>> add https/ssl >> manage certificates >> click trusted root certification
click buttin import >> and import your
# mozilla/firefox
click tools >> advanced >> click network >> check opsi manual proxy config
add >> http proxy= your ip proxy port= 3128
add >> ssl proxy= your ip proxy  port= 3127


=================================================================================================================================
#for tuning kernel
=================================================================================================================================
#edit @ .. /etc/sysctl.conf
=================================================================================================================================
#remove all contents and replace with config below
################################################################
<< ..................................................................................... >>
kernel.panic = 30
kernel.panic_on_oops = 30
kernel.sysrq = 0
kernel.core_uses_pid = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
fs.file-max = 65536
vm.swappiness = 5
vm.vfs_cache_pressure=50
vm.mmap_min_addr = 4096
vm.overcommit_ratio = 0
vm.overcommit_memory = 0
kernel.shmmax = 268435456
kernel.shmall = 268435456
vm.min_free_kbytes = 65536
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_syn_retries = 5
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_max_syn_backlog = 4096
net.ipv4.ip_forward = 1
net.ipv4.conf.all.forwarding = 1
net.ipv4.conf.default.forwarding = 1
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.default.log_martians = 0
net.ipv4.tcp_fin_timeout = 15
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_keepalive_intvl = 15
net.ipv4.conf.all.bootp_relay = 0
net.ipv4.conf.all.proxy_arp = 0
net.ipv4.tcp_dsack = 1
net.ipv4.tcp_sack = 1
net.ipv4.tcp_fack = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.icmp_echo_ignore_all = 0
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_rfc1337 = 1
net.ipv4.tcp_congestion_control = cubic
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_mem = 65536 131072 262144
net.ipv4.udp_mem = 65536 131072 262144
net.ipv4.tcp_rmem = 8192 87380 16777216
net.ipv4.udp_rmem_min = 16384
net.core.rmem_default = 87380
net.core.rmem_max = 16777216
net.ipv4.tcp_wmem = 8192 65536 16777216
net.ipv4.udp_wmem_min = 16384
net.core.wmem_default = 65536
net.core.wmem_max = 16777216
net.core.somaxconn = 32768
net.core.netdev_max_backlog = 4096
net.core.dev_weight = 64
net.core.optmem_max = 65536
net.ipv4.tcp_max_tw_buckets = 1440000
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_max_orphans = 16384
net.ipv4.tcp_orphan_retries = 0
net.ipv4.ipfrag_high_thresh = 512000
net.ipv4.ipfrag_low_thresh = 446464
net.ipv4.tcp_no_metrics_save = 1
net.ipv4.tcp_moderate_rcvbuf = 1
net.unix.max_dgram_qlen = 50
net.ipv4.neigh.default.gc_thresh3 = 2048
net.ipv4.neigh.default.gc_thresh2 = 1024
net.ipv4.neigh.default.gc_thresh1 = 32
net.ipv4.neigh.default.gc_interval = 30
net.ipv4.neigh.default.proxy_qlen = 96
net.ipv4.neigh.default.unres_qlen = 6
net.ipv4.tcp_ecn = 1
net.ipv4.tcp_reordering = 3
net.ipv4.tcp_retries2 = 15
net.ipv4.tcp_retries1 = 3
<<<...........................................................................................................>>>
==================================================================================================================