Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ###########################################
- # HIGH PERFORMANCE SQUID 2.7
- # GAILANET
- # Config date : 9 Mei 2010
- # FOR EDUCATIONAL PURPOSE ONLY!
- # credit to : imer@apistech
- ###########################################
- # ACCESS CONTROLS
- # -----------------------------------------------------------------------------
- acl QUERY urlpath_regex -i cgi-bin \? \.php$ \.asp$ \.shtml$ \.cfm$ \.cfml$ \.phtml$ \.php3$ localhost
- acl all src all
- acl manager proto cache_object
- acl localhost src 127.0.0.1/32
- acl to_localhost dst 127.0.0.0/8
- #acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
- #acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
- acl localnet src 192.168.0.0/24 # RFC1918 possible internal network
- acl localnet src 192.168.100.0/24
- acl localnet src 192.168.3.0/24
- acl SSL_ports port 443 563 81
- acl Safe_ports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535
- acl CONNECT method CONNECT
- acl purge method PURGE
- http_access allow manager localhost
- http_access deny manager
- http_access allow purge localhost
- http_access deny purge
- http_access deny !Safe_ports
- http_access deny CONNECT !SSL_ports
- http_access allow localnet
- http_access deny all
- http_reply_access allow all
- icp_access deny all
- htcp_access deny all
- htcp_clr_access deny all
- reply_body_max_size 0 allow all
- # NETWORK OPTIONS
- # -----------------------------------------------------------------------------
- http_port 3128 transparent
- zph_mode tos
- zph_local 48
- zph_sibling 0
- zph_parent 0
- zph_option 136
- icp_port 0
- htcp_port 0
- snmp_port 0
- snmp_access deny all
- # PARENT/SIBLING CACHE OPTIONS
- # -----------------------------------------------------------------------------
- hierarchy_stoplist localhost cgi-bin \? localhost
- # OPTIONS WHICH AFFECT THE CACHE SIZE
- # -----------------------------------------------------------------------------
- cache_mem 8 MB
- maximum_object_size_in_memory 64 KB
- memory_replacement_policy heap GDSF
- cache_replacement_policy heap LFUDA
- cache_dir aufs /cache1 1000 4 256
- cache_dir aufs /cache2 1000 4 256
- cache_dir aufs /cache3 1000 4 256
- cache_dir aufs /cache4 1000 4 256
- cache_dir aufs /cache5 1000 4 256
- cache_dir aufs /cache6 1000 4 256
- cache_dir aufs /cache7 1000 4 256
- cache_dir aufs /cache8 1000 4 256
- cache_dir aufs /cache9 1000 4 256
- cache_dir aufs /cache10 1000 4 256
- maximum_object_size 128 MB
- cache_swap_low 90
- cache_swap_high 95
- update_headers off
- # LOGFILE PATHNAMES AND CACHE DIRECTORIES
- # -----------------------------------------------------------------------------
- access_log none
- # access_log /var/log/squid/access.log
- cache_log /dev/null
- cache_store_log none
- logfile_rotate 5
- log_ip_on_direct off
- log_icp_queries off
- buffered_logs off
- netdb_filename none
- pid_filename /var/run/squid.pid
- # OPTIONS FOR TUNING THE CACHE
- # -----------------------------------------------------------------------------
- cache deny QUERY
- refresh_pattern ^ftp: 1440 20% 10080
- refresh_pattern ^gopher: 1440 0% 1440
- refresh_pattern -i \.(gif|png|jp?g|ico|bmp|tiff?)$ 10080 99% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
- refresh_pattern -i \.(avi|wav|mid|mp?|mov|3gp|wm?|swf|flv|doc?|xls?|ppt?|pdf)$ 10080 95% 432000 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private ignore-auth
- refresh_pattern -i \.(iso|rpm|cab|deb|exe|ms?|zip|tar|gz|tgz|rar|bin|7z|nth|psd|sis)$ 10080 90% 432000 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private ignore-auth
- refresh_pattern -i \.(html|htm|css|js)$ 1440 75% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache
- refresh_pattern -i \.index.(html|htm)$ 0 50% 10080
- refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
- refresh_pattern . 0 50% 10080
- quick_abort_max 0 KB
- quick_abort_pct 98
- store_avg_object_size 13 KB
- # HTTP OPTIONS
- # -----------------------------------------------------------------------------
- via on
- cache_vary on
- collapsed_forwarding on
- refresh_stale_hit 0 seconds
- ie_refresh off
- vary_ignore_expire on
- request_entities off
- header_access From deny all
- header_access Link deny all
- header_access Server deny all
- header_access Via deny all
- header_access X-Forwarded-For deny all
- relaxed_header_parser on
- server_http11 on
- # TIMEOUTS
- # -----------------------------------------------------------------------------
- forward_timeout 240 seconds
- connect_timeout 30 seconds
- peer_connect_timeout 5 seconds
- read_timeout 600 seconds
- request_timeout 60 seconds
- persistent_request_timeout 60 seconds
- client_lifetime 86400 seconds
- half_closed_clients off
- pconn_timeout 60 seconds
- shutdown_lifetime 10 seconds
- # ADMINISTRATIVE PARAMETERS
- # -----------------------------------------------------------------------------
- cache_mgr gaila
- cache_effective_user squid
- cache_effective_group squid
- httpd_suppress_version_string on
- visible_hostname squid
- # DELAY POOL PARAMETERS
- # -----------------------------------------------------------------------------
- # ADVANCED NETWORKING OPTIONS
- # -----------------------------------------------------------------------------
- max_filedescriptors 4096
- # DNS OPTIONS
- # -----------------------------------------------------------------------------
- check_hostnames off
- dns_timeout 10 seconds
- dns_nameservers 58.145.171.2 58.145.171.4 8.8.8.8 8.8.4.4
- hosts_file /etc/hosts
- ignore_unknown_nameservers on
- ipcache_size 8192
- ipcache_low 90
- ipcache_high 95
- fqdncache_size 4096
- # MISCELLANEOUS
- # -----------------------------------------------------------------------------
- memory_pools off
- forwarded_for off
- client_db on
- reload_into_ims on
- offline_mode off
- coredump_dir /cache
- pipeline_prefetch on
- # -=EoF=-
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement