API tools faq
paste
Advertisement
suprianto

squid.conf

suprianto
Jul 3rd, 2014
306
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.43 KB | None | 0 0
raw download clone embed print report
  1. visible_hostname anbelnet
  2. cache_mgr suprianto_clg@yahoo.com
  3.  
  4.  
  5. acl proxy src 192.168.100.0/24
  6. acl localnet src 192.168.200.0/24
  7. dns_nameservers 8.8.8.8 8.8.4.4
  8.  
  9. cache_mem 8 MB
  10. cache_swap_low 98
  11. cache_swap_high 99
  12.  
  13. maximum_object_size 1024 MB
  14. maximum_object_size_in_memory 32 KB
  15.  
  16. ipcache_size 2048
  17. ipcache_low 98
  18. ipcache_high 99
  19.  
  20. memory_pools off
  21. reload_into_ims on
  22. vary_ignore_expire on
  23.  
  24. cache_replacement_policy heap LFUDA
  25. memory_replacement_policy heap GDSF
  26. cache_dir aufs /cache1 70000 164 256
  27. cache_dir aufs /cache2 70000 164 256
  28. cache_dir aufs /cache3 70000 164 256
  29. cache_dir aufs /cache4 70000 164 256
  30. cache_dir aufs /cache5 70000 164 256
  31. cache_dir aufs /cache6 70000 164 256
  32. cache_dir aufs /cache7 70000 164 256
  33. cache_dir aufs /cache8 70000 164 256
  34. cache_dir aufs /cache9 70000 164 256
  35. cache_dir aufs /cache10 70000 164 256
  36.  
  37.  
  38. access_log /var/log/squid/access.log
  39. cache_log /var/log/squid/cache.log
  40.  
  41. acl all src
  42. acl SSL_ports port 443
  43. acl Safe_ports port 80
  44. acl Safe_ports port 21
  45. acl Safe_ports port 443
  46. acl Safe_ports port 70
  47. acl Safe_ports port 210
  48. acl Safe_ports port 1025-65535
  49. acl Safe_ports port 280
  50. acl Safe_ports port 488
  51. acl Safe_ports port 591
  52. acl Safe_ports port 777
  53. acl CONNECT method CONNECT
  54.  
  55. acl storeid_rewrite_url url_regex ^https?:\/\/[a-z0-9]{5}\.(4shared\.com)\/(img|(download))\/(([\w]+\/[\w]+\/dlink__[23]F([\w]+)_[23]F(.*)\_3Ftsid_[\w].*)|(.*)\/.*\?.*)
  56. acl storeid_rewrite_url url_regex ^http:\/\/([0-9.]{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com).*?(videoplayback\?id=.*?|video_id=.*?)\&(.*?)
  57. cache allow storeid_rewrite_url
  58. acl storeid_rewrite_url url_regex -i reverbnation\.com
  59. acl store_rewrite_list url_regex -i (fbcdn|akamaihd)\.net.*
  60.  
  61. acl dontrewrite url_regex redbot\.org
  62. acl getmethod method GET
  63.  
  64. always_direct allow all
  65. ssl_bump server-first all
  66. http_access deny !Safe_ports
  67. http_access deny CONNECT !SSL_ports
  68. http_access allow all
  69. http_reply_access allow all
  70. icp_access allow all
  71.  
  72. https_port 3127 tproxy ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/ssl_cert/myCA.pem
  73. http_port 3128
  74. http_port 3129 tproxy
  75.  
  76. sslcrtd_program /usr/lib/squid/ssl_crtd -s /var/squid/ssl_db/certs/ -M 4MB
  77. sslcrtd_children 5
  78. sslproxy_cert_error allow all
  79. sslproxy_flags DONT_VERIFY_PEER
  80.  
  81. acl QUERY urlpath_regex -i (begin|start)\=
  82. acl QUERY urlpath_regex -i cgi-bin \? .php$ .asp$ .shtml$ .cfm$ .cfml$ .phtml$ .php3$ localhost
  83. acl dontrewrite url_regex -i c\.youtube\.com\/.*(begin|start)\=.*
  84. acl dontrewrite url_regex redbot\.org
  85. acl getmethod method GET
  86. acl redir urlpath_regex -i &redirect_counter=1&cms_redirect=yes
  87. acl redir urlpath_regex -i &ir=1&rr=12
  88. acl youtube url_regex -i youtube\.com\/(generate_204|ptracking|stream_204|player_204|s|(.*(playback|watchtime|delayplay)))\?.*$
  89. acl youtube url_regex -i gstatic\.com\/csi\?.*$
  90. acl youtube url_regex -i youtube.*(ptracking|stream_204|player_204|gen_204).*$
  91. acl youtube url_regex -i (youtube|google).*\/videoplayback\?.*
  92.  
  93. acl rewritedoms url_regex -i dl\.sourceforge\.net.*
  94. acl rewritedoms url_regex -i i[0-9]*\.ytimg\.com.*
  95. acl rewritedoms url_regex -i fbcdn\.net.*
  96. acl rewritedoms url_regex -i (youtube|google).*\/videoplayback\?.*
  97. cache allow rewritedoms
  98. cache deny QUERY
  99. cache deny redir
  100.  
  101. store_id_program /etc/squid/store-id.pl
  102. store_id_children 20 startup=10 idle=5 concurrency=30
  103. store_id_access deny !getmethod
  104. store_id_access deny redir
  105. store_id_access deny dontrewrite
  106. store_id_access allow rewritedoms
  107. store_id_access allow youtube
  108. store_id_access allow storeid_rewrite_url
  109. #store_id_access allow reverbnation
  110. store_id_access deny all
  111.  
  112. #strip_query_terms off
  113.  
  114. max_stale 1 week
  115.  
  116. refresh_pattern ^http://.*squid.internal/.* 10080 99% 79900 override-expire override-lastmod ignore-reload ignore-no-store ignore-must-revalidate ignore-private ignore-auth max-stale=10000 store-stale
  117. refresh_pattern .*(begin|start)\=[1-9][0-9].* 0 0% 0
  118. refresh_pattern -i (cgi-bin|mrtg|graph) 0 0% 0
  119. refresh_pattern -i \.(php|lst|ui|ini|list)$ 0 0% 0
  120. refresh_pattern (update.ini|Update.ini|version.list|Version.list|update.1st|update.exe|autoup.exe) 0 0% 0
  121. refresh_pattern (hackshield|nprotect) 240 100% 420 override-expire override-lastmod reload-into-ims
  122. #refresh_pattern \.gemscool.com.*\.(exe|dll|cab|zip|iop|npz|swf)$ 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale
  123. #refresh_pattern \.crossfire.web.id.*\.(cab|zip|exe|rar|dat|swf)$ 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale
  124. #refresh_pattern \.cabalonline.co.id.*\.(cab|zip|exe|rar|dat|swf) 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale
  125. #refresh_pattern \.megaxus.com.*\.(cab|zip|exe|rar|dat|swf) 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale
  126. #refresh_pattern \.lytogame.com.*\.(cab|zip|exe|rar|dat|swf) 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale
  127. #refresh_pattern ((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})\.){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2}).*\.(pak|exe|zip|kom|stg|npz|swf)$ 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale
  128. refresh_pattern ^http://video-srv.youtube/.* 10080 99% 79900 override-expire override-lastmod ignore-reload ignore-no-store ignore-must-revalidate ignore-private ignore-auth max-stale=10000 store-stale
  129.  
  130. #PATTERN REFRESH
  131. refresh_pattern -i \.(html|htm|css|js|png|jsp|asx|asp|aspx)$ 240 100% 420
  132. refresh_pattern -i \/speedtest\/.*\.(txt|jpg|png|swf) 0 99% 14400 override-expire ignore-reload ignore-private ignore-reload override-lastmod reload-into-ims
  133. refresh_pattern .pixieimage\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 1440 99% 14400 override-expire ignore-reload ignore-private ignore-reload override-lastmod reload-into-ims
  134. refresh_pattern .blogspot\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 1440 99% 14400 override-expire ignore-reload ignore-private ignore-reload override-lastmod reload-into-ims
  135. refresh_pattern .multiply\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 1440 99% 14400 override-expire ignore-reload ignore-private ignore-reload override-lastmod reload-into-ims
  136. refresh_pattern .((pikawarnet\.com)|(blogspot\.com)|(pixieimage\.com)|(multiply\.com)).* 60 30% 240
  137.  
  138. #sensitive site
  139. refresh_pattern -i \.(sc-|dl-|ex-|mh-|dll|da-) 0 2% 50 reload-into-ims
  140. refresh_pattern -i \.(mst|Xtp|iop)$ 0 50% 1440 reload-into-ims
  141. refresh_pattern -i (index.php|autoup.exe|main.exe|xtrap.xt|autoupgrade.exe|update.exe|grandchase.exe|FSLauncher.exe|FreeStyle_Setup.exe|grandchase.exe|filelist.zip)$ 0 50% 1440
  142. #refresh_pattern -i (UpdaterModifier.exe|FreeStyle.exe|PBLauncher.exe|update.exe|NewLauncher.exe|NewAvalon.exe|hon.exe.zip|cabal.exe)$ 0 50% 1440
  143. #refresh_pattern -i (PointBlank.exe.zip|HSUpdate.exe.zip|PBConfig.exe.zip) 0 50% 1440
  144. refresh_pattern -i (wks_avira-win32-en-pecl.info.gz|wks_avira10-win32-en-pecl.info.gz|servers.def.vpx)$ 0 50% 1440
  145. refresh_pattern -i (setup.exe.gz|avscan.exe.gz|avguard.exe.gz|filelist.zip|AvaClient.exe) 0 50% 1440
  146. refresh_pattern -i (livescore.com|goal.com|bobet) 0 50% 60
  147.  
  148. refresh_pattern ^http.*(youtube|googlevideo)\.* 43200 99% 242020 ignore-reload override-expire override-lastmod ignore-must-revalidate ignore-private ignore-no-store ignore-auth store-stale
  149. #FB
  150. refresh_pattern -i (fbcdn|akamaihd)\.net.* 1440 99% 14400 override-expire ignore-reload ignore-private store-stale
  151. refresh_pattern \.facebook\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 1440 99% 14400 override-expire ignore-reload ignore-private
  152. refresh_pattern \.facebook\.com.* 240 50% 480
  153. refresh_pattern \.fbcdn\.net.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 1440 99% 14400 override-expire ignore-reload ignore-private store-stale
  154. refresh_pattern \.gstatic\.com/images\? 1440 99% 14400 override-expire override-lastmod ignore-reload ignore-private ignore-must-revalidate
  155. refresh_pattern \.(akamaihd|edgecastcdn|spilcdn|zgncdn|(tw|y|yt)img)\.com.*\.(jp(e?g|e|2)|gif|png|swf|mp(3|4)) 1440 99% 14400 override-expire override-lastmod ignore-reload ignore-private
  156. refresh_pattern (gstatic|diggstatic)\.com/.* 1440 99% 14400 override-expire ignore-reload ignore-private
  157. refresh_pattern (photobucket|pbsrc|flickr|yimg|ytimg|twimg|gravatar)\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 1440 99% 14400 override-expire ignore-reload ignore-private
  158. refresh_pattern (zynga|ninjasaga|mafiawars|cityville|farmville|crowdstar|spilcdn|agame|popcap)\.com/.* 1440 99% 14400 override-expire ignore-reload ignore-private
  159. refresh_pattern ^http:\/\/images|image|img|pics|openx|thumbs[0-9]\. 1440 99% 14400 override-expire ignore-reload ignore-private
  160. refresh_pattern ^.*safebrowsing.*google 1440 99% 14400 override-expire ignore-reload ignore-private ignore-auth ignore-must-revalidate
  161. refresh_pattern ^http://.*\.squid\.internal\/.* 10080 100% 79900 override-expire override-lastmod ignore-reload ignore-no-store ignore-must-revalidate ignore-private ignore-auth max-stale=10000 store-stale
  162. #refresh_pattern -i reverbnation.com 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private ignore-must-revalidate ignore-reload store-stale
  163. refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.mp4\flv\?|\.fid\?) 43200 99% 43200 override-expire ignore-reload ignore-must-revalidate ignore-private
  164.  
  165. #ads
  166. refresh_pattern ^.*(streamate.doublepimp.com.*\.js\?|utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 1440 99% 14400 ignore-private override-expire ignore-reload ignore-auth max-stale=1440
  167. refresh_pattern \.(ico|video-stats) 1440 99% 14400 override-expire ignore-reload ignore-private ignore-auth override-lastmod ignore-must-revalidate
  168. refresh_pattern ^http://((cbk|mt|khm|mlt|tbn)[0-9]?)\.google\.co(m|\.uk|\.id) 1440 99% 14400 override-expire override-lastmod ignore-reload ignore-private ignore-auth ignore-must-revalidate
  169. refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\? 1440 99% 14400 override-expire override-lastmod
  170. refresh_pattern galleries\.video(\?|sz) 1440 99% 14400 override-expire ignore-reload ignore-must-revalidate ignore-private
  171. refresh_pattern \.wikimapia\.org\/? 1440 99% 14400 override-expire override-lastmod ignore-reload ignore-private
  172.  
  173. #general
  174. refresh_pattern -i \.(7z|arj|bin|bz2|cab|dll|exe|gz|inc|iso|jar|lha|ms(i|p|u)|rar|rpm|tar|tgz|zip|rtp|rpz|nui|kom|stg|pak|sup|nzp|npz|iop)$ 1440 99% 14400 override-expire override-lastmod ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
  175. refresh_pattern -i \.(class|doc|docx|pdf|pps|ppt|ppsx|pptx|ps|rtx|txt|wpl|xls|xlsx)$ 1440 99% 14400 override-expire override-lastmod ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
  176. refresh_pattern -i \.(3gp|ac4|agx|au|avi|axd|bmp|cbr|cbt|cbz|dat|divx|flv|gif|hqx|ico|jp(2|e|eg|g)|mid|mk(a|v)|mov|mp(1|2|3|4|e|eg|g)|og(a|g|v)|qt|ra|ram|rm|swf|tif|tiff|wa(v|x)|wm(a|v|x)|x-flv)$ 1440 99% 14400 override-expire override-lastmod ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
  177. refresh_pattern -i .(html|htm|css|js)$ 1440 75% 40320
  178. refresh_pattern -i .index.(html|htm)$ 0 75% 10080
  179. refresh_pattern ^ftp: 1440 20% 10080
  180. refresh_pattern ^gopher: 1440 0% 1440
  181. refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
  182. refresh_pattern . 60 50% 14400 store-stale
  183.  
  184.  
  185. memory_pools off
  186. client_db off
  187. #reload_into_ims on
  188. #pipeline_prefetch on
  189. offline_mode off
  190. cache_effective_user proxy
  191. cache_effective_group proxy
  192.  
  193. request_header_access From deny all
  194. request_header_access Server deny all
  195. request_header_access WWW-Authenticate deny all
  196. request_header_access Link deny all
  197. request_header_access Cache-Control deny all
  198. request_header_access Proxy-Connection deny all
  199. request_header_access X-Cache deny all
  200. request_header_access X-Cache-Lookup deny all
  201. request_header_access Via deny all
  202. request_header_access Forwarded-For deny all
  203. request_header_access X-Forwarded-For deny all
  204. request_header_access Pragma deny all
  205. request_header_access Keep-Alive deny all
  206. vary_ignore_expire on
  207.  
  208.  
  209. # local
  210. qos_flows local-hit=0x30
  211. # sibling
  212. # qos_flows sibling-hit=0x31
  213. # parent
  214. # qos_flows parent-hit=0x32
  215. # preserve
  216. # qos_flows disable-preserve-miss
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!