punces_storeid&conf

1. #storeid.pl & squid.conf
2. #by punces
3.  
4. #!/usr/bin/perl
5. $|=1;
6. while (<>) {
7. @X = split;
8. if ($X[0] =~ m/^http.*/) {
9. $url = $X[0];
10. $referer = $X[1];
11. $urlreferer = $X[0] ." ". $X[1];
12. } else {
13. $chanel = $X[0];
14. $url = $X[1];
15. $referer = $X[2];
16. $urlreferer = $X[1] ." ". $X[2];
17. }
18.  
19. #youtube googlevideo
20. if ($url =~ m/^https?\:\/\/.*google.*video(playback|goodput).*/){
21. @cpn = m/[=%&?\/]cpn[=%&?\/]([^\&\s]*)/;
22. @id = m/[=%&?\/]id[=%&?\/]([^\&\s]*)/;
23. @itag = m/[=%&?\/]itag[=%&?\/]([\d]*)/;
24. @range = m/[=%&?\/]range[=%&?\/]([\d]*-[\d]*)/;
25. @mime = m/[=%&?\/]mime[=%&?\/]([^\&\s]*)/;
26. if ($referer =~ m/^https?\:\/\/(www|gaming)\.youtube\.com\/(watch\?v|embed|v)[=%&?\/]([^\&\s\?]*)/){
27. @id = $3;
28. } else {
29. if (defined(@cpn[0])){
30. if (-e "/tmp/@cpn"){
31. open FILE, "/tmp/@cpn";
32. @id = <FILE>;
33. close FILE;
34. }
35. }
36. }
37. $out="OK store-id=http://squid/google/video/id=@id/itag=@itag/mime=@mime/range=@range";
38.  
39. #youtube parameter
40. } elsif (
41. ($url =~ m/^https?\:\/\/.*youtube.*(stream_204|watchtime|qoe|atr|csi_204|playback).*[=%&?\/]docid[=%&?\/]([^\&\s]*)/) ||
42. ($url =~ m/^https?\:\/\/.*youtube.*(ptracking|set_awesome).*[=%&?\/]video_id[=%&?\/]([^\&\s]*)/) ||
43. ($url =~ m/^https?\:\/\/.*youtube.*(player_204).*[=%&?\/]v[=%&?\/]([^\&\s]*)/)
44. ){
45. @id = $2;
46. @cpn = m/[=%&?\/]cpn[=%&?\/]([^\&\s]*)/;
47. if ($referer !~ m/^https?\:\/\/(www|gaming)\.youtube\.com\/(watch\?v|embed|v)[=%&?\/]([^\&\s\?]*)/){
48. unless (-e "/tmp/@cpn"){
49. open FILE, ">/tmp/@cpn";
50. print FILE @id;
51. close FILE;
52. }
53. }
54. $out = "ERR";
55.  
56. #utmgif
57. } elsif ($url =~ m/^https?\:\/\/www\.google-analytics\.com\/__utm\.gif\?.*/) {
58. $out="OK store-id=http://squid/google-analytics/__utm.gif";
59.  
60. #fbcdn.net or akamaihd.net video range
61. } elsif ($url =~ m/^https?\:\/\/.*(fbcdn\.net|akamaihd\.net).*\/([\w-]+\.[\w]{2,4}).*(bytestart[=%&?\/][\d]+[&\/]byteend[=%&?\/][\d]+)/) {
62. $out="OK store-id=http://squid/$1/$2/$3";
63.  
64. #fbcdn.net or akamaihd.net with size
65. } elsif ($url =~ m/^https?\:\/\/.*(fbcdn\.net|akamaihd\.net).*\/([a-zA-Z][\d]+[x][\d]+\/[\w-]+\.[\w]{2,4})($|\?)/) {
66. $out="OK store-id=http://squid/$1/$2";
67.  
68. #fbcdn.net or akamaihd.net safe_image.php
69. } elsif ($url =~ m/^https?\:\/\/.*(fbcdn\.net|akamaihd\.net).*\/safe_image\.php\?(.*)/) {
70. $out="OK store-id=http://squid/$1/$2";
71.  
72. #reverbnation
73. } elsif ($url =~ m/^https?\:\/\/c2lo\.reverbnation\.com\/audio_player\/ec_stream_song\/(.*)\?.*/) {
74. $out="OK store-id=http://squid/reverbnation/$1";
75.  
76. #playstore
77. } elsif ($url =~ m/^https?\:\/\/.*\.c\.android\.clients\.google\.com\/market\/GetBinary\/GetBinary\/(.*\/.*)\?.*/) {
78. $out="OK store-id=http://squid/android/market/$1";
79.  
80.  
81. #filehost
82. } elsif ($url =~ m/^https?\:\/\/.*datafilehost.*\/get\.php.*file\=(.*)/) {
83. $out="OK store-id=http://squid/datafilehost/$1";
84.  
85.  
86. #speedtest
87. } elsif ($url =~ m/^https?\:\/\/.*(speedtest|espeed).*\/(.*\.(txt|jpg)).*/) {
88. $out="OK store-id=http://squid/speedtest/$2";
89.  
90.  
91. #filehippo
92. } elsif ($url =~ m/^https?\:\/\/.*\.filehippo\.com\/.*\/([\w-]+\.[\w]{2,4})\?.*/) {
93. $out="OK store-id=http://squid/filehippo/$1";
94.  
95.  
96. #4shared preview.mp3
97. } elsif ($url =~ m/^https?\:\/\/.*\.4shared\.com\/.*\/(.*\/.*)\/dlink.*preview.mp3/) {
98. $out="OK store-id=http://squid/4shared/preview/$1";
99.  
100. #4shared
101. } elsif ($url =~ m/^https?\:\/\/.*\.4shared\.com\/download\/(.*\/.*)\?tsid.*/) {
102. $out="OK store-id=http://squid/4shared/download/$1";
103.  
104. #savefile-animeindo.tv
105. } elsif ($url =~ m/^https?:\/\/www\.savefile\.co\:182\/.*\/(.*\.(mp4|flv|3gp)).*/) {
106. $out="OK store-id=http://squid/savefile:182/$1";
107.  
108. #imdb
109. } elsif ($url =~ m/^https?\:\/\/video\-http\.media\-imdb\.com\/(.*\.mp4)\?.*/) {
110. $out="OK store-id=http://squid/imdb/$1";
111.  
112. #sourceforge
113. } elsif ($url =~ m/^https?\:\/\/.*\.dl\.sourceforge\.net\/([\w-]+\.[\w]{2,3})/) {
114. $out="OK store-id=http://squid/sourceforge/$1";
115.  
116. #steampowered dota 2
117. } elsif ($url =~ m/^https?\:\/\/.*steam(powered|content).*\/((client|depot)\/[\d]+\/(chunk|manifest)\/[^\?\s]*).*/) {
118. $out="OK store-id=http://squid/steam/content-powered/$2";
119.  
120. } else {
121. $out="ERR";
122. }
123.  
124. if ($X[0] =~ m/^http.*/) {
125. print "$out\n";
126. } else {
127. print "$chanel $out\n";
128. }
129. }
130.  
131. #conf
132.  
133. reply_header_access Alternate-Protocol deny all
134. reply_header_access Alt-Svc deny all
135.  
136. cache_dir aufs /cache 17048 40 256
137. cache_mem 2 MB
138. cache_swap_high 95
139. cache_swap_low 90
140.  
141. cache_replacement_policy heap LFUDA
142. memory_replacement_policy heap GDSF
143.  
144. maximum_object_size 1024000 KB
145. maximum_object_size_in_memory 0 KB
146.  
147. cache_mgr [email protected]
148. visible_hostname crewoulart-proxy
149. strip_query_terms off
150. httpd_suppress_version_string on
151. log_mime_hdrs off
152. forwarded_for off
153. via off
154.  
155. max_filedescriptors 65536
156.  
157. fqdncache_size 1024
158. ipcache_size 1024
159. ipcache_high 95
160. ipcache_low 90
161.  
162. http_port 3128
163. http_port 3129 tproxy
164. https_port 3127 tproxy ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/ssl_cert/myCA.pem
165.  
166.  
167. qos_flows local-hit=0x30
168.  
169. acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
170. acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
171. acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
172. acl localnet src fc00::/7 # RFC 4193 local private network range
173. acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
174. acl SSL_ports port 443
175. acl Safe_ports port 80 # http
176. acl Safe_ports port 182 # http
177. acl Safe_ports port 21 # ftp
178. acl Safe_ports port 443 # https
179. acl Safe_ports port 70 # gopher
180. acl Safe_ports port 210 # wais
181. acl Safe_ports port 1025-65535 # unregistered ports
182. acl Safe_ports port 280 # http-mgmt
183. acl Safe_ports port 488 # gss-http
184. acl Safe_ports port 591 # filemaker
185. acl Safe_ports port 777 # multiling http
186.  
187. acl step1 at_step SslBump1
188. acl step2 at_step SslBump2
189. acl step3 at_step SslBump3
190. acl range206 req_header Range -i byte
191. acl iphone browser -i regexp (iPhone|iPad)
192. acl BB browser -i regexp (BlackBerry|PlayBook)
193. acl Winphone browser -i regexp (Windows.*Phone|Trident|IEMobile)
194. acl Android browser -i regexp Android
195. acl yt-rewrite url_regex -i ^https?\:\/\/(www|gaming)\.youtube\.com\/(watch\?v|embed|v)[=%&?\/]
196. acl speedtest url_regex -i ^http.*(speedtest|espeed|api\.ookla).*\/(speedtest\.swf|speedtest-long\.swf|latency\.txt|upload\.php|speedtest-config\.php|ipaddress\.php|random.*\.jpg)
197. acl youtube url_regex -i ^http.*(youtube|googlevideo|videoplayback|videogoodput)
198. acl urltomiss url_regex -i ^http.*(update|patch).*versi
199. acl urltomiss url_regex -i ^http.*versi.*(update|patch)
200. acl urltomiss url_regex -i ^http.*(update|patch|versi|version)\.ini
201. acl urltomiss url_regex -i ^http.*(antihack|xigncode|gameguard|captcha|\.aspx|\.html|\.shtml|\.xhtml|\.ini)
202. acl urltomiss url_regex -i ^http.*googlevideo\.com\/video(playback|goodput).*source[\&\=\?\/]yt_live
203. acl urltomiss url_regex -i ^http.*googleapis\.com\/game
204. acl patchpartial url_regex -i ^http.*patch.*garena
205. acl patchpartial url_regex -i ^http.*garena.*patch
206. acl httptomiss http_status 302
207. acl mimehtml rep_mime_type -i mime-type ^text/html
208. acl mimeplain rep_mime_type -i mime-type ^text/plain
209. acl tostoreid url_regex -i ^http.*(youtube|googlevideo|videoplayback|videogoodput)
210. acl tostoreid url_regex -i ^http.*(fbcdn|akamaihd)
211. acl tostoreid url_regex -i ^http.*c2lo\.reverbnation\.com\/audio_player\/ec_stream_song\/.*\?
212. acl tostoreid url_regex -i ^http.*\.c\.android\.clients\.google\.com\/market\/GetBinary\/GetBinary\/.*\/.*\?
213. acl tostoreid url_regex -i ^http.*datafilehost.*\/get\.php.*file\=.*
214. acl tostoreid url_regex -i ^http.*\.filehippo\.com\/.*\?
215. acl tostoreid url_regex -i ^http.*\.4shared\.com\/.*\/.*\/.*\/dlink.*preview.mp3
216. acl tostoreid url_regex -i ^http.*\.4shared\.com\/download\/.*\/.*\?tsid
217. acl tostoreid url_regex -i ^http.*steam(powered|content)
218. acl tostoreid url_regex -i ^http.*savefile\.co\:182\/.*\/.*\.(mp4|flv|3gp)
219. acl tostoreid url_regex -i ^http.*video\-http\.media\-imdb\.com\/.*\.mp4\?
220. acl tostoreid url_regex -i ^http.*\.dl\.sourceforge\.net
221. acl CONNECT method CONNECT
222. acl getmethod method GET
223.  
224. acl kendedes url_regex -i ^http.*kendedes\.uzone\.id
225. deny_info https://www.youtube.com kendedes
226. http_access deny kendedes
227.  
228. acl positif url_regex -i ^http.*internetposisif\.uzone\.id
229. deny_info http://10.212.212.212:8033/maksiat.jpg positif
230. http_access deny positif
231.  
232. acl blokir url_regex -i "/etc/squid/blokir.txt"
233. deny_info http://10.212.212.212:8033/maksiat.jpg blokir
234. http_access deny blokir
235.  
236. http_access deny !Safe_ports
237. http_access deny CONNECT !SSL_ports
238. http_access allow localhost manager
239. http_access deny manager
240. http_access allow localnet
241. http_access allow localhost
242. http_access deny all
243.  
244. range_offset_limit none range206 patchpartial
245. quick_abort_min 1 KB
246. quick_abort_max 1 KB
247. quick_abort_pct 95
248.  
249. cache deny speedtest
250. cache deny urltomiss
251. cache deny localhost
252. ssl_bump splice localhost
253. ssl_bump peek step1 all
254. ssl_bump bump all
255.  
256. sslproxy_cert_error allow all
257. sslproxy_flags DONT_VERIFY_PEER
258.  
259. #cache_log /dev/null
260. access_log /var/log/squid/access.log !CONNECT
261. netdb_filename none
262.  
263. url_rewrite_access allow speedtest
264. url_rewrite_access allow yt-rewrite !iphone !BB !Winphone !Android
265. url_rewrite_access deny all
266. url_rewrite_program /etc/squid/storerewrite.pl
267. cache_peer 10.10.10.10 parent 8033 0 no-digest no-tproxy
268. dead_peer_timeout 5 seconds
269. cache_peer_access 10.10.10.10 allow speedtest
270. cache_peer_access 10.10.10.10 deny all
271. always_direct deny speedtest
272. never_direct allow speedtest
273. url_rewrite_children 2000 startup=30 idle=1
274.  
275. request_header_access Accept-Encoding deny yt-rewrite !iphone !BB !Winphone !Android
276. #yt_quality: tiny = 144px small = 240px medium = 360px large = 480px HD720 = Hd720px
277. ecap_enable on
278. loadable_modules /usr/local/lib/ecap_adapter_modifying.so
279. #ecap_service modif respmod_precache uri=ecap://e-cap.org/ecap/services/sample/modifying voctim="html5":true roplacement="html5":false
280. ecap_service modif respmod_precache uri=ecap://e-cap.org/ecap/services/sample/modifying victim="enablejsapi" replacement="vq":"medium","enablejsapi"
281. adaptation_access modif allow yt-rewrite !iphone !BB !Winphone !Android
282. adaptation_access modif deny all
283.  
284. store_id_bypass off
285. store_id_extras "%{Referer}>h"
286. store_id_program /etc/squid/storeid.pl
287. store_id_children 2000 startup=30 idle=1
288. store_id_access allow tostoreid
289. store_id_access deny all
290.  
291. store_miss deny youtube httptomiss
292. send_hit deny youtube httptomiss
293. store_miss deny youtube mimeplain
294. send_hit deny youtube mimeplain
295. store_miss deny mimehtml
296. send_hit deny mimehtml
297. store_miss deny urltomiss
298. send_hit deny urltomiss
299.  
300. refresh_pattern -i ^(f|ht)tp.*(patch|update) 432000 100% 432000 override-expire override-lastmod reload-into-ims refresh-ims ignore-no-store ignore-must-revalidate ignore-private ignore-auth
301. refresh_pattern -i ^(f|ht)tp.* 432000 100% 432000 override-expire override-lastmod ignore-reload ignore-no-store ignore-must-revalidate ignore-private ignore-auth
302.  
303. max_stale 100 years