Squid.Conf

###########################################
# WELCOME TO SQUID LUSCA_HEAD-r14809      #
# Tunning by : Ical RedHat-Network        #
###########################################
offline_mode on
cache_mgr icalredhat@mikrotik.com
#============================================================================================================================#
#=========================================================#  AWAL  #=========================================================#
#============================================================================================================================#
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 192.168.1.0/24 # RFC1918 possible internal network  #Sesuaikan dengan network Anda
#acl localnet src 10.0.1.0/24 # RFC1918 possible internal network
#acl localnet src 10.0.2.0/24 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access deny all
icp_access allow localnet
icp_access deny all
http_port 8080 transparent

#cache_dir aufs /cache/ 10000 16 256
cache_dir aufs /cache 25600 60 256

cache_mem 8 MB
maximum_object_size_in_memory 128 MB
minimum_object_size 1 bytes
maximum_object_size 393216 KB
cache_swap_low 95
cache_swap_high 99
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
upgrade_http0.9 deny shoutcast
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
cache_effective_user proxy
cache_effective_group proxy

#=================================================================================================================================#
#=========================================================#  REGEX URL  #=========================================================#
#=================================================================================================================================#
coredump_dir /cache/
###############################################################################
#acl PHP77 url_regex forum.php forumdisplay.php showthread.php showthreads.php
#acl PHP77 url_regex download.php downloads.php classifieds.php classified.php
#acl PHP77 url_regex forum
#no_cache deny PHP77

#hierarchy_stoplist cgi-bin ? localhost
#acl QUERY22 urlpath_regex cgi-bin \? localhost
#no_cache deny QUERY22
################################################################################
#acl store_rewrite_list urlpath_regex \/(get_video|videoplayback\?id|videoplayback.*id) \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|wmv|3gp|mp(4|3)|exe|msi|zip|on2|mar|swf)
#acl store_rewrite_list_domain url_regex ^http:\/\/([a-zA-Z-]+[0-9-]+)\.[A-Za-z]*\.[A-Za-z]*
#acl store_rewrite_list_domain url_regex (([a-z]{1,2}[0-9]{1,3})|([0-9]{1,3}[a-z]{1,2}))\.[a-z]*[0-9]?\.[a-z]{3}
#acl store_rewrite_list_path urlpath_regex \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|avc|zip|mp3|3gp|rar|on2|mar|exe)$
#acl store_rewrite_list_domain_CDN url_regex \.rapidshare\.com.*\/[0-9]*\/.*\/[^\/]* ^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*) \.doubleclick\.net.* yieldmanager cpxinteractive ^http:\/\/[.a-z0-9]*\.photobucket\.com.*\.[a-z]{3}$ quantserve\.com

emulate_httpd_log off
server_http11 on
redirector_bypass on

acl video urlpath_regex                   \/(get_video|videoplayback\?id|videoplayback.*id)
acl speedtest urlpath_regex               \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|wmv|3gp|mp(4|3)|exe|msi|zip|on2|mar|txt)\?
acl angka1 url_regex                      ^http:\/\/([a-zA-Z-]+[0-9-]+)\.[A-Za-z]*\.[A-Za-z]*
acl angka2 url_regex                      (([a-z]{1,2}[0-9]{1,3})|([0-9]{1,3}[a-z]{1,2}))\.[a-z]*[0-9]?\.[a-z]{3}
acl gambar urlpath_regex                  \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|avc|zip|mp3|3gp|rar|on2|mar|exe)$
acl rapidshare url_regex                  \.rapidshare\.com.*\/[0-9]*\/.*\/[^\/]* ^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*) \.doubleclick\.net.*
acl photobucket url_regex                 ^http:\/\/[.a-z0-9]*\.photobucket\.com.*\.[a-z]{3}$ quantserve\.com
acl google url_regex                      ^http:\/\/[a-z]+[0-9]\.google\.co(m|\.id)
acl indowebster url_regex                 ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(rar|zip|flv|wm(a|v)|3gp|mp(4|3)|exe|msi|avi|(mp(e?g|a|e|1|2|3|4))|cab|exe)
acl getmethod method GET

storeurl_access allow video
storeurl_access allow speedtest
storeurl_access allow gambar
storeurl_access allow rapidshare
storeurl_access allow photobucket
storeurl_access allow indowebster
storeurl_access deny all

storeurl_rewrite_program /usr/local/squid/etc/storeurl.pl
storeurl_rewrite_children 1
storeurl_rewrite_concurrency 100
#storeurl_rewrite_children 15 #7
#storeurl_rewrite_concurrency 10 #60


#=======================================================================================================================================#
#=========================================================#  REFRESH PATTERN  #=========================================================#
#=======================================================================================================================================#
# VIDEO CACHE
refresh_pattern ^http://(.*?)/get_video\? 10080 90% 432000 override-expire ignore-no-cache ignore-private
refresh_pattern ^http://(.*?)/videoplayback\? 10080 90% 432000 override-expire ignore-no-cache ignore-private
refresh_pattern -i (get_video\?|videoplayback\?id|videoplayback.*id) 161280 50000% 525948 override-expire ignore-reload

# facebook
refresh_pattern ((facebook.com)|(85.131.151.39)).*\.(jpg|png|gif) 129600 100% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ((tagged.com)|(96.17.109.27)).*\.(jpg|png|gif) 129600 100% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png) 129600 100% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png) 129600 100% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern edgecastcdn.\net.*\.swf? 129600 100% 129600 override-expire ignore-reload store-stale
refresh_pattern \.(jp(e?g|e|2)|tiff?|bmp|gif|png)($|&) 129600 100% 129600 ignore-no-cache ignore-no-store reload-into-ims override-expire store-stale
refresh_pattern .zynga.net.*\.(jpg|gif|png|swf|mp3)($|&) 129600 100% 129600 store-stale
refresh_pattern .zynga.com.*\.(jpg|gif|png|swf|mp3)($|&) 129600 100% 129600 store-stale
refresh_pattern .farmville.net.*\.(jpg|gif|png|swf|mp3)($|&) 129600 100% 129600 store-stale
refresh_pattern .farmville.com.*\.(jpg|gif|png|swf|mp3)($|&) 129600 100% 129600 store-stale
refresh_pattern .ninjasaga.com.*\.(jpg|gif|png|swf|mp3)($|&) 129600 100% 129600 store-stale
refresh_pattern .apps.facebook.com.*\.(jpg|gif|png|swf|mp3)($|&) 129600 100% 129600 store-stale
refresh_pattern .frontierville.*\.(jpg|gif|png|swf|mp3)($|&) 129600 100% 129600 store-stale
refresh_pattern .tagged.*\.(jpg|gif|png|swf|mp3)($|&) 129600 100% 129600 store-stale

#ads
refresh_pattern ^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 129600 20% 129600 ignore-no-cache ignore-no-store ignore-private override-expire ignore-reload ignore-auth store-stale negative-ttl=40320 max-stale=1440
#specific sites
refresh_pattern ^.*safebrowsing.*google 129600 100% 129600 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth negative-ttl=10080 store-stale
refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?) 129600 99100% 129600 override-expire ignore-reload store-stale
refresh_pattern \.(ico|video-stats) 129600 100% 129600 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth override-lastmod negative-ttl=10080 store-stale

# pictures & images
refresh_pattern -i \.(gif|png|jpeg|jpg|bmp|tif|tiff|ico|swf)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth ignore-private store-stale
refresh_pattern -i \.(gif|png|jpeg|jpg|bmp|tif|tiff|ico|swf)\? 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth ignore-private store-stale

# website
#refresh_pattern -i \.(xml|html|htm|js|jsp|txt|css|php|asp)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth store-stale
refresh_pattern -i \.(xml|js|jsp|txt|css)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth store-stale
refresh_pattern -i \.(xml|js|jsp|txt|css)\? 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth store-stale

#sound, video multimedia
refresh_pattern -i \.(flv|x-flv|mov|avi|qt|mpg|mpeg|wmv)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache store-stale
refresh_pattern -i \.(wav|mp3|mp4|au|mid)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth ignore-private store-stale

# files
refresh_pattern -i \.(iso|deb|rpm|zip|tar|tgz|ram|rar|bin|ppt|doc)$ 10080 90% 43200 ignore-no-cache ignore-auth store-stale
refresh_pattern -i \.(zip|gz|arj|lha|lzh)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth store-stale
refresh_pattern -i \.(rar|tgz|tar|exe|bin)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth ignore-reload ignore-no-cache store-stale
refresh_pattern -i \.(hqx|pdf|rtf|doc|swf)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth store-stale
refresh_pattern -i \.(inc|cab|ad|txt|dll)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth store-stale

#IIX DOWNLOAD
refresh_pattern ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(mp3|rar|zip|flv|wmv|3gp|mp(4|3)|exe|msi|zip) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale ignore-auth

#default option
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern -i (/cgi-bin/|\?) 1	0%	2
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320 store-stale


#=============================================================================================================================#
#=========================================================#  TOOLS  #=========================================================#
#=============================================================================================================================#
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
negative_ttl 2 minutes
half_closed_clients off

connect_timeout 1 minute
read_timeout 15 minutes
request_timeout 5 minutes
persistent_request_timeout 2 minutes
half_closed_clients on
shutdown_lifetime 30 seconds


icp_port 0
prefer_direct off

ipcache_size 5120
ipcache_low 95
ipcache_high 99

fqdncache_size 5120

memory_pools off
log_icp_queries off
icp_hit_stale on
query_icmp on
reload_into_ims on
pipeline_prefetch on
vary_ignore_expire on

visible_hostname ICT_Team_SMPBU
unique_hostname ICT_Team_SMPBU
cachemgr_passwd none all
client_db on
max_filedescriptors 65535

# TAG: ZPH
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136