Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #start of config
- acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
- acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
- acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
- cache_mgr proxy
- visible_hostname evoproxy
- cache_mem 64 MB
- maximum_object_size_in_memory 32 KB
- maximum_object_size 2048 MB
- cache_swap_low 98
- cache_swap_high 99
- ipcache_size 2048
- ipcache_low 98
- ipcache_high 99
- memory_pools off
- vary_ignore_expire on
- offline_mode off
- client_db off
- reload_into_ims on
- memory_replacement_policy heap GDSF
- cache_replacement_policy heap LFUDA
- cache_dir aufs /c1 18000 42 256
- acl SSL_ports port 443
- acl Safe_ports port 80 # http
- acl Safe_ports port 21 # ftp
- acl Safe_ports port 443 # https
- acl Safe_ports port 70 # gopher
- acl Safe_ports port 210 # wais
- acl Safe_ports port 1025-65535 # unregistered ports
- acl Safe_ports port 280 # http-mgmt
- acl Safe_ports port 488 # gss-http
- acl Safe_ports port 591 # filemaker
- acl Safe_ports port 777 # multiling http
- acl CONNECT method CONNECT
- acl getmethod method GET
- acl purge method PURGE
- # CUSTOM ACL
- acl broken_sites url_regex ^https://(ibank|ib)\.
- #acl domain_youtube dstdomain .youtube.com .googlevideo.com
- #acl youtube url_regex -i youtube.*(ptracking|playback|stream_204|player_204|gen_204).*
- #acl youtube url_regex -i (youtube|google).*\/videoplayback\?.*
- #acl storeid_url url_regex ^https?:\/\/.*\.googlevideo\.com\/videoplayback\/.*\/seg\.ts\?
- #acl storeid_url url_regex ^https?:\/\/.*\.googlevideo\.com\/videoplayback.*[&|?]cpn=
- #acl storeid_url url_regex ^http:\/\/[a-z0-9]{4}\.reverbnation\.com\/.*
- #acl storeid_url url_regex ^https?:\/\/[\w\d\-\.\%]*fbcdn[\w\d\-\.\%]*net\/[\w\d\-\.\%]*\/.*
- #acl storeid_url url_regex ^https?:\/\/.*\.ak\.fbcdn\.net\/.*\.(gif|jpg|png|js|mp4)
- #acl storeid_url url_regex ^https?:\/\/[a-zA-Z0-9\-\_\.\%]*(fbcdn|akamaihd)[a-zA-Z0-9\-\_\.\%]*net\/safe\_image\.php\?.*
- #acl storeid_url url_regex ^https?:\/\/fb(static|cdn)(\-.*\-a|\-a)\.akamaihd\.net\/(.*)\.(gif|jpeg|jpg|png|js|css|mp4).*
- #acl storeid_url url_regex ^https?:\/\/(.*)?(\.gstatic\.com|\.wikimapia\.org).*(png|font|woff)
- #acl storeid_url url_regex ^http:\/\/.*\.reverbnation\.com\/.*
- #acl storeid_url url_regex ^https?:\/\/[a-z0-9]*\.ytimg\.com\/.*\.(jpg|gif|webp|js|css|ico|png|swf).*
- #acl storeid_url url_regex ^http:\/\/dc[0-9]+\.4shared\.com\/.*\/dlink
- #acl storeid_url url_regex ^http:\/\/dc[0-9]+\.4shared\.com\/download
- #acl storeid_url url_regex ^http:\/\/.*\.dl\.sourceforge\.net\/.*
- #acl storeid_url url_regex ^http:\/\/.*\.speedtest\.net\/.*
- #acl storeid_url url_regex ^http:\/\/.*(\.steampowered\.com|\.edgesuite\.net)\/depot\/.*
- #acl storeid_url url_regex ^http:\/\/maps[0-9]*\.yimg\.com\/.*
- #acl storeid_url url_regex ^https?:\/\/.*\.yimg\.com\/.*
- #acl storeid_url url_regex ^https?:\/\/([a-z0-9.]*)(\.doubleclick\.net|\.quantserve\.com|.exoclick\.com|interclick.\com|\.googlesyndication\.com|\.auditude\.com|.visiblemeasures\.com|yieldmanager|cpxinteractive).*
- #acl storeid_url url_regex ^https?:\/\/www\.google-analytics\.com\/.*
- acl urlrewrite dstdomain .fbcdn.net .akamaihd.net
- acl speedtest url_regex -i speedtest\.net\/.*\.(jpg|txt)\?
- acl reverbnation url_regex -i reverbnation.*audio_player.*ec_stream_song.*$
- acl utmgif url_regex -i utm.gif
- acl playstoreandroid url_regex -i c.android.clients.google.com.market.GetBinary.GetBinary
- acl idyoutube url_regex -i youtube.*(ptracking|stream_204|player_204).*(v\=|docid\=|video_id\=).*$
- acl videoyoutube url_regex -i (youtube|googlevideo).*videoplayback\?
- acl storeid_url url_regex ^http:\/\/dc[0-9]+\.4shared\.com\/.*\/dlink
- acl storeid_url url_regex ^http:\/\/dc[0-9]+\.4shared\.com\/download
- acl storeid_url url_regex ^http:\/\/.*[\.steampowered.com|\.net]\/depot
- acl storeid_url url_regex ^http:\/\/.*(\.garenanow\.com|\.starhub\.com)\/.*\/patcher
- acl storeid_url url_regex ^https?:\/\/[a-z0-9]*\.ytimg\.com
- acl storeid_url url_regex ^http:\/\/[1-4]\.bp\.blogspot\.com
- #acl untuk looping video youtube 302
- acl loop_302 http_status 302
- #nobump
- acl nobump dst 54.255.0.0/16
- acl nobump dst 54.251.0.0/16
- #acl partial content
- acl partial_content url_regex -i ^http:\/\/.*.chatango.com\/.*\.(mp3)$
- acl partial_content url_regex -i ^http:\/\/.*\.netmarble.co.id\/.*\.(zip|dfg|kom)$
- acl partial_content url_regex -i ^http:\/\/.*(\.garenanow\.com|\.starhub\.com)\/.*\/patcher
- acl partial_content url_regex -i ^http:\/\/.*(\.garenanow\.com|\.starhub\.com)\/.*\.(exe)$
- acl partial_content url_regex -i ^http:\/\/.*\.winnerinter\.co\.id\/.*\.(exe)$
- acl partial_content url_regex -i ^http:\/\/.*.gemscool.com\/.*\.(pak)$
- http_access deny !Safe_ports
- http_access allow purge localhost
- http_access deny CONNECT !SSL_ports
- http_access allow localhost manager
- http_access allow localnet manager
- http_access deny manager
- http_access allow localnet
- http_access allow localhost
- http_reply_access allow all
- icp_access allow all
- acl gaHack url_regex -i google-analytics\.com\/ga\.js
- acl gaHack url_regex -i google-analytics\.com\/analytics\.js
- acl ytHack url_regex -i \/pagead\/js\/lidar\.js
- acl ytHack url_regex -i google\.com\/js\/bg\/.*\.js
- deny_info http://arbinet.wc.lt/script/gahack.js? gaHack
- deny_info http://arbinet.wc.lt/script/yt.js? ytHack
- http_access deny gaHack
- http_access deny ytHack
- http_access deny all
- http_port 3127
- http_port 3128 intercept
- https_port 3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB key=/etc/squid/ssl_cert/evo.net.private cert=/etc/squid/ssl_cert/evo.net.cert
- #request_header_access range deny videoyoutube
- #request_header_access range deny partial_206
- range_offset_limit 1024 MB partial_content
- #Jika masih gagal mengcache range file, uncommment quick_abort_min -1 dibawah ini
- #quick_abort_min -1
- ssl_unclean_shutdown on
- ssl_bump none nobump
- ssl_bump none localhost
- ssl_bump none broken_sites
- ssl_bump server-first all
- sslproxy_cert_error allow all
- sslproxy_flags DONT_VERIFY_PEER
- sslcrtd_program /usr/lib/squid/ssl_crtd -s /var/squid/ssl_db/certs/ -M 4MB
- sslcrtd_children 50 startup=5 idle=1
- always_direct allow all
- coredump_dir /var/spool/squid
- #error_directory /usr/share/squid/errors/en
- error_log_languages off
- #logfile_daemon /usr/lib/squid/log_file_daemon
- access_log daemon:/var/log/squid/access.log squid
- cache_log /var/log/squid/cache.log
- cache_store_log none
- strip_query_terms off
- logfile_rotate 1
- shutdown_lifetime 5 second
- store_id_program /usr/bin/perl /etc/squid/storeid.pl
- store_id_children 30 startup=10 idle=5 concurrency=5
- store_id_access deny !getmethod
- store_id_access allow urlrewrite
- store_id_access allow speedtest
- store_id_access allow reverbnation
- store_id_access allow utmgif
- store_id_access allow playstoreandroid
- store_id_access allow storeid_url
- store_id_access allow idyoutube
- store_id_access allow videoyoutube
- store_id_access deny all
- store_miss deny videoyoutube loop_302
- send_hit deny videoyoutube loop_302
- max_stale 1 year
- refresh_pattern (akamaihd|fbcdn)\.net 14400 99% 518400 override-expire override-lastmod refresh-ims reload-into-ims ignore-reload ignore-no-store ignore-private ignore-auth ignore-must-revalidate store-stale
- refresh_pattern -i squid\.internal 14400 99% 518400 override-expire override-lastmod refresh-ims reload-into-ims ignore-reload ignore-no-store ignore-private ignore-auth ignore-must-revalidate store-stale
- refresh_pattern -i (cgi-bin|mrtg|graph) 0 0% 0
- refresh_pattern -i (xtrap|login|sources) 0 0% 0
- refresh_pattern .*(begin|start)\=[1-9][0-9] 0 0% 0
- refresh_pattern -i (hackshield|HackShield|HSUpdate|HShield|hsupdate|nprotect|update3) 0 50% 420 override-expire override-lastmod reload-into-ims
- refresh_pattern -i (livescore.com|goal.com|bobet) 0 50% 60
- #FB
- refresh_pattern \.facebook\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp|api|php(4|3)) 1440 99% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-store ignore-private store-stale
- refresh_pattern -i facebook\.com 1440 99% 43200 override-expire override-lastmod ignore-reload ignore-private ignore-no-store reload-into-ims store-stale
- refresh_pattern \.gstatic\.com/images\? 14400 99% 43200 override-expire override-lastmod ignore-reload ignore-private ignore-no-store reload-into-ims store-stale
- refresh_pattern \.(edgecastcdn|spilcdn|zgncdn)\.com.*\.(jp(e?g|e|2)|gif|png|swf|mp(3|4)) 1440 99% 43200 override-expire override-lastmod ignore-reload ignore-private ignore-no-store reload-into-ims store-stale
- refresh_pattern -i (gstatic|diggstatic)\.com 1440 99% 43200 override-expire override-lastmod ignore-reload ignore-private ignore-no-store reload-into-ims store-stale
- refresh_pattern -i (photobucket|pbsrc|flickr|yimg|ytimg|twimg|gravatar)\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 1440 99% 43200 override-expire ignore-reload ignore-private
- refresh_pattern ^http:\/\/images|image|img|pics|openx|thumbs[0-9]\. 1440 99% 43200 override-expire override-lastmod ignore-reload ignore-private ignore-no-store reload-into-ims store-stale
- refresh_pattern ^https://safebrowsing.google.com 1440 90% 43200 override-expire override-lastmod ignore-reload ignore-private ignore-no-store reload-into-ims store-stale
- refresh_pattern -i (get_video\?|videoplayback\?|stream_204\?|videodownload\?|\.flv\?|\.fid\?) 10080 80% 79900 override-expire ignore-reload ignore-must-revalidate ignore-private
- refresh_pattern ^http://gtssl-ocsp.geotrust.com/ 1440 99% 43200 override-expire override-lastmod ignore-reload ignore-private ignore-no-store reload-into-ims store-stale
- refresh_pattern ^http://ocsp.godaddy.com 1440 99% 43200 override-expire override-lastmod ignore-reload ignore-private ignore-no-store reload-into-ims store-stale
- refresh_pattern ^http://ocsp.digicert.com 1440 99% 43200 override-expire override-lastmod ignore-reload ignore-private ignore-no-store reload-into-ims store-stale
- refresh_pattern -i (zynga|ninjasaga|mafiawars|cityville|farmville|crowdstar|spilcdn|agame|popcap)\.com 1440 99% 43200 override-expire override-lastmod ignore-reload ignore-private ignore-no-store reload-into-ims store-stale
- # extension
- refresh_pattern \.(jpg|png|gif|css|ico|bmp|swf|js)($|\?) 14400 99% 518400 override-expire override-lastmod ignore-reload ignore-no-store ignore-private reload-into-ims ignore-must-revalidate store-stale
- refresh_pattern \.(7z|ace|rar|jar|gz|tgz|bz2|iso|mod|arj|lha|lzh|zip|tar|cab|dat|pak|kom)($|\?) 14400 99% 518400 override-expire override-lastmod ignore-reload ignore-no-store ignore-private reload-into-ims ignore-must-revalidate store-stale
- refresh_pattern \.(exe|ms(i|u|p)|deb|bin|ax|r(a|p)m|app|pkg|apk|msi|mar|nzp|xpi|dmg|dds|thor|nar|gpf)($|\?) 14400 99% 518400 override-expire override-lastmod ignore-reload ignore-no-store ignore-private reload-into-ims ignore-must-revalidate store-stale
- refresh_pattern \.(3gp|avi|ac4|mp(e?g|a|e|1|2|3|4)|m4(a|v)|3g(p?2|p)|mkv|ogg|wmv|wmx|wpl|rm|snd|vob|wav|asx|avi|divx|flv|mov|mid)($|\?) 14400 99% 518400 override-expire override-lastmod ignore-reload ignore-no-store ignore-private reload-into-ims ignore-must-revalidate store-stale
- refresh_pattern \.(pp(t?x|t)|epub|pdf|rtf|wax|cb(r|z|t)|xl(s?x|s)|do(c?x|c)|inc)($|\?) 14400 99% 518400 override-expire override-lastmod ignore-reload ignore-no-store ignore-private reload-into-ims ignore-must-revalidate store-stale
- refresh_pattern ^ftp: 1440 20% 10080
- refresh_pattern ^gopher: 1440 0% 1440
- refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
- refresh_pattern . 0 99% 518400 ignore-no-store ignore-private store-stale
- dns_nameservers 127.0.0.1
- qos_flows local-hit=0x30
- cache_effective_user proxy
- cache_effective_group proxy
- #debug_options 11,2 22,3
- #debug helper
- #debug_options ALL,1 84,9
- connect_timeout 30 seconds
- request_timeout 60 seconds
- half_closed_clients off
- log_icp_queries off
- dns_retransmit_interval 5 seconds
- dns_timeout 30 seconds
- positive_dns_ttl 21600 seconds
- negative_dns_ttl 1 seconds
- negative_ttl 1 second
- ignore_unknown_nameservers on
- detect_broken_pconn on
- read_ahead_gap 64 KB
- dns_v4_first on
- balance_on_multiple_ip on
- connect_retries 2
- #client_persistent_connections on
- server_persistent_connections on
- retry_on_error on
- pipeline_prefetch 100
- max_filedescriptors 65535
- fqdncache_size 4096
- buffered_logs on
- request_header_access From deny all
- request_header_access Server deny all
- request_header_access WWW-Authenticate deny all
- request_header_access Link deny all
- request_header_access Cache-Control deny all
- request_header_access Proxy-Connection deny all
- request_header_access X-Cache deny all
- request_header_access X-Cache-Lookup deny all
- request_header_access Via deny all
- request_header_access Forwarded-For deny all
- request_header_access X-Forwarded-For deny all
- request_header_access Pragma deny all
- request_header_access Keep-Alive deny all
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement