a Little Notes

Ikon

TUlisan dan Contekan

Squid 2.5 Conf

##SQUID UBUNTU HARDY SERVER
##HANDRI AGUSTIAN
##
##

##PORT

icp_port 3130
icp_query_timeout 0
mcast_icp_query_timeout 2000
dead_peer_timeout 10 seconds
request_header_max_size 35 KB

 

#===================================================================$
#youtube ACL V2
#===================================================================$
#refresh_pattern -i \.flv$ 10080 90% 999999 override-expire override-lastmod ignore-reload reload-into-ims
#quick_abort_min -1 KB
#acl youtube dstdomain .youtube.com
#cache allow youtube

#============================================================$
#hierarchy_stoplist cgi-bin ?
#acl QUERY urlpath_regex cgi-bin \?
#cache deny QUERY

hierarchy_stoplist cgi-bin ? .js .jsp localhost
acl QUERY urlpath_regex cgi-bin \? .js .jsp localhost
no_cache deny QUERY
#============================================================$

#============================================================$
# LOGFILE PATHNAMES AND CACHE DIRECTORIES
#============================================================$

cache_dir aufs /cache1/ 409600 32 256
cache_dir aufs /cache2/ 409600 32 256
cache_dir aufs /cache3/ 409600 32 256

cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log

#cache_access_log /dev/null
#cache_log /dev/null
#cache_store_log /dev/null

mime_table /usr/share/squid/mime.conf
pid_filename /var/run/squid.pid
log_fqdn off
log_mime_hdrs off
log_ip_on_direct off
logfile_rotate 7
debug_options ALL,1
buffered_logs off
emulate_httpd_log off

#============================================================$
# FTP section
#============================================================$
ftp_user anonymous@
ftp_list_width 32
ftp_passive on
ftp_sanitycheck on

# DNS resolution section
#============================================================$
#cache_dns_program /squid/libexec/dnsserver
#dns_children 24
dns_nameservers 10.0.0.30

#============================================================$
# Refresh Rate
#============================================================$

#=============================================================$
#image
#=============================================================$
refresh_pattern -i \.(swf|png|jpg|jpeg|bmp|tiff|png|gif) 43200 75% 129600 override-expire override-lastmod ignore-reload reload-into-ims

#=============================================================$
#dokumen
#=============================================================$
refresh_pattern -i \.(doc|xls|ppt|ods|odt|odp|pdf) 43200 75% 129600 override-expire override-lastmod ignore-reload reload-into-ims

#=============================================================$
#multimedia
#=============================================================$
refresh_pattern -i \.(mov|mpg|mpeg|flv|avi|mp3|3gp|sis|wma|3gp|mp4) 43200 75% 129600 override-expire override-lastmod ignore-reload reload-into-ims

#=============================================================$
#compression
#=============================================================$
refresh_pattern -i \.(zip|rar|ace|bz|bz2|tar|gz|exe|rpm|deb|bin|cab) 43200 75% 129600 override-expire override-lastmod ignore-reload reload-into-ims

#=============================================================$
#web default eks
#=============================================================$
refresh_pattern -i (.*html$|.*htm|.*shtml|.*aspx|.*asp|.*php) 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims

 

#=============================================================$
#situs internet validasi 24 jam – lama penyimpanan 7 hari
#=============================================================$
refresh_pattern ^http://*.google.*/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.google.co.id/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.wordpress.com/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.youtube.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.blogger.com/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.wikipedia.*/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.facebook.*/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.wikimapia.*/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.astaga.*/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*korea.*/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.akamai.*/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.windowsmedia.*/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.googlesyndication.*/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.plasa.*/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.telkom.*/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.friendster.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.detiksport.com/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.kompas.com/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.detiknews.com/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.photobucket.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.detikhot.com/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.kapanlagi.com/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.okezone.com/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.indowebster.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.telkomspeedy.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.imagevenue.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.flickr.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.imageshack.us/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.usercash.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.googlesyndication.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.co.cc/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.21cineplex.com/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.saatchi-gallery.co.uk/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.onemanga.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.jobsdb.com/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.imeem.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.download.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.amazon.com/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.friendster-layouts.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.geocities.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.redtube.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.files.wordpress.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://indonetwork.co.id/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://gudanglagu.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://megaupload.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.karir.com/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.myspace.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.multiply.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.rapidshare.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.4shared.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.ziddu.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.kaskus.com/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.kaskus.us/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://www.friendster.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://mail.yahoo.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^https://*.yahoo.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://mail.yahoo.co.id/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://mail.google.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.yahoo.*/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.yahoo.com/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.yahoo.co.id/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.akamai.net/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.yimg.*/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.gmail.*/.* 180 100% 4320 override-expire override-lastmod ignore-reload reload-into-ims
refresh_pattern ^http://*.detik.*/.* 180 35% 4320 override-expire override-lastmod ignore-reload reload-into-ims

refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern ^ftp: 129600 90% 259200 reload-into-ims override-expire
refresh_pattern . 180 100% 11000 override-expire override-lastmod ignore-reload reload-into-ims

quick_abort_min -1 KB
quick_abort_max -1 KB
quick_abort_pct 98
negative_ttl 3 minutes
positive_dns_ttl 53 seconds
negative_dns_ttl 29 seconds
forward_timeout 4 minutes
connect_timeout 2 minutes
peer_connect_timeout 1 minutes
pconn_timeout 120 seconds
shutdown_lifetime 10 seconds
read_timeout 15 minutes
request_timeout 5 minutes
persistent_request_timeout 1 minute
client_lifetime 60 minutes
half_closed_clients off

##ACL LIST NETWORK

#Warnet Area
acl warnet src 10.0.0.0/27
http_access allow warnet

#To Proxy
#acl proxy src 10.10.19.0/29
#http_access allow proxy

##DEFAULT ACL

acl all src 0.0.0.0/0.0.0.0

#acl sectionx proxy_auth REQUIRED

acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 # https, snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT

http_access allow manager localhost

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all

#============================================================$
# Parameter Administratif $
#============================================================$
cache_mgr support@3.net
cache_effective_user proxy
cache_effective_group proxy
visible_hostname proxy.3.net
unique_hostname support@3.net

##TRANSPARENT PROXY MODE
##Squid Versi Lama 2.5
http_port 10.0.0.29:8080
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
httpd_accel_single_host off

httpd_accel_no_pmtu_disc on

half_closed_clients off
header_access From deny all
header_access Referer deny all
header_access Server deny all
header_access WWW-Authenticate deny all
header_access Link deny all
header_access Via deny all
header_access X-Forwarded-For deny all
header_access Accept-Encoding deny all
header_access User-Agent deny all
header_replace User-Agent Mozilla/5.0 (compatible; MSIE 6.0)
header_access Accept deny all
header_replace Accept */*
header_access Accept-Language deny all
header_replace Accept-Language id, en

#============================================================$
# ACCELERATOR
#============================================================$

memory_pools off
forwarded_for off
log_icp_queries off
icp_hit_stale on
minimum_direct_hops 4
minimum_direct_rtt 400
store_avg_object_size 13 KB
store_objects_per_bucket 20
client_db on
netdb_low 9900
netdb_high 10000
netdb_ping_period 30 seconds
query_icmp off
pipeline_prefetch on
reload_into_ims on
vary_ignore_expire on
max_open_disk_fds 100
nonhierarchical_direct on
prefer_direct off

#============================================================$
# OPTIONS WHICH AFFECT THE CACHE SIZE
#============================================================$
cache_mem 32 MB
maximum_object_size 250 MB
maximum_object_size_in_memory 64 KB
cache_swap_low 98%
cache_swap_high 99%
store_dir_select_algorithm round-robin
ipcache_size 2048
ipcache_low 98
ipcache_high 99
fqdncache_size 2048
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF

#============================================================$
# SNMP
#============================================================$
acl snmpcommunity snmp_community public
snmp_port 3401
snmp_access allow snmpcommunity localhost
snmp_access deny all

#=============================================================$
#Block Iklan
#=============================================================$
#url_rewrite_program /usr/bin/adzapper

#============================================================$
#ZPH Patch
#============================================================$
zph_tos_local 0×30
zph_tos_peer 0
zph_tos_parent off
zph_preserve_miss_tos on

#Debug
debug_options ALL,1 33,2

Iklan

Filed under: Squid

%d blogger menyukai ini: