MODELOS SQUID

http_port 3128 transparent icp_port 3130 #3130 cache_mem 16 MB cache_replacement_policy heap GDSF memory_replacement_policy heap GDSF cache_swap_low 94 cache_swap_high 95 fqdncache_size 10240 # TOS Squid 2.7 ST2 zph_mode tos zph_local 8 zph_sibling 0 zph_parent 0 cache_dir cache_dir cache_dir cache_dir coss coss coss coss /cache1/coss /cache2/coss /cache3/coss /cache4/coss ??? ??? ??? ??? block-size=??? block-size=??? block-size=??? block-size=??? max-size=512000 max-size=512000 max-size=512000 max-size=512000

#store_dir_select_algorithm least-load store_dir_select_algorithm round-robin #cache_access_log cache_access_log cache_log cache_store_log cache_swap_log /data/log/squid/access.log none /data/log/squid/cache.log none /data/log/squid/swap.log

nonhierarchical_direct off prefer_direct off pid_filename /var/run/squid.pid #hierarchy_stoplist cgi-bin #hierarchy_stoplist ? hierarchy_stoplist cgi-bin ? storeurl_rewrite_program /etc/squid/youtube acl all5 src all acl store_rewrite_list url_regex ^http://(.*?)/get_video\? acl store_rewrite_list url_regex ^http://(.*?)/videodownload\? cache allow store_rewrite_list storeurl_access allow store_rewrite_list storeurl_access deny all5 acl QUERY1 urlpath_regex cgi-bin \? cache deny QUERY1 acl acl acl acl acl acl QUERY urlpath_regex cgi-bin \.asp$ \.php$ \.pl$ \.js$ cgi \? avi urlpath_regex -i \.avi$ mpeg urlpath_regex -i \.m1v$ \.mpeg$ \.mpg$ mpeg_2 urlpath_regex -i \.m2v$ \.vob$ mpeg_audio urlpath_regex -i \.mpa$ \.mp2$ \.mp3$ \.aac$ dat urlpath_regex -i \.dat$ \.bin$

acl acl acl acl acl acl acl

asf urlpath_regex -i \.asf$ \.wma$ \.asx$ \.wmv$ real urlpath_regex -i \.ram$ \.ra$ \.rm$ \.rnx$ vivo urlpath_regex -i \.viv$ \.vivo$ localserver dst 202.65.112.29 202.65.112.30 202.65.112.20 yahoo_networks dstdomain .yahoo.com forcecache url_regex -i kh.google keyhole.com mrtg_citranet dstdomain .e-jogja.net

no_cache deny yahoo_networks no_cache allow forcecache no_cache deny QUERY no_cache deny avi no_cache deny mpeg no_cache deny mpeg_audio no_cache deny dat no_cache deny mrtg_citranet #no_cache deny asf #no_cache deny real no_cache deny localserver no_cache deny vivo # quick abort: # always finish if less than 10k # finish if more than 50% # always abort if more tan 1024k #quick_abort_min 20 kb #quick_abort_pct 50% #quick_abort_max 1024 kb #quick_abort_min #quick_abort_pct #quick_abort_max 128 kb 75% 4096 kb

#squid will consume less bandwidth than the other setting quick_abort_min 0 kb quick_abort_max 0 kb quick_abort_pct 0 % range_offset_limit 0 half_closed_clients off request_header_max_size 50 KB emulate_httpd_log off reload_into_ims on pipeline_prefetch on refresh_pattern ^http://(.*?)/get_video\? 10080 90% 999999 overrideexpire ignore-no-cache ignore-private refresh_pattern ^http://(.*?)/videodownload\? 10080 90% 999999 override-expire ignore-no-cache ignore-private # New Refresh Pattern refresh_pattern -i \.search\.vip\.scd\.yahoo\.com/image/ 10080 100% 43200 ignore-reload override-lastmod override-expire refresh_pattern -i \.(au|mpg|mpeg|mp3|avi|mid|wav)$ 10080 100% 43200 ignore-reload override-lastmod override-expire refresh_pattern -i \.(tif|tiff|bmp|png|gif|jpg|jpeg)$ 10080 100% 43200 ignore-reload override-lastmod override-expire refresh_pattern -i \.(jpe|swf|pdf|mov|sit|tar)$ 10080 100% 43200 ignore-reload override-lastmod override-expire

refresh_pattern -i \.(exe|arj|gz|Z|zip|bz2|tgz|rar)$ 10080 100% 43200 ignore-reload override-lastmod override-expire refresh_pattern . 240 100% 4320 reload-into-ims override-expire # Old Refresh Pattern #refresh_pattern -i \.(exe|zip|tar|tar.gz|tgz|rpm)$ 28800 19000% 999999 override-expire override-lastmod ignore-reload #refresh_pattern -i \.(pdf|bin|dat|cab|yim|ctf)$ 28800 19000% 999999 override-expire override-lastmod ignore-reload ignore-no-cache #refresh_pattern -i \.(swf|fla|xfs|gpf|rgz)$ 21600 500% 999999 override-expire ignore-reload override-lastmod reload-into-ims #refresh_pattern -i \.(gif|jpeg|jpg|png|jpe|tif|jpe|flv)$ 2880 19000% 999999 override-expire override-lastmod reload-into-ims ignore-nocache ignore-private ignore-auth ignore-reload #refresh_pattern -i \.(xbm|xpm|xwd|pict|ief)$ 0 500% 999999 ##refresh_pattern http://photos.friendster.com/.*\.(jpg|jpeg|gif) 21600 999% 999999 ignore-reload override-lastmod override-expire ##refresh_pattern http://images.friendster.com/.*\.(jpg|jpeg|gif) 21600 999% 999999 ignore-reload override-lastmod override-expire ##refresh_pattern http://*.friendster.com/.* 4320 999% 43200 ##refresh_pattern http://*.yimg.com/.*\.(jpg|gif|jpeg|swf|js) 21600 999% 999999 override-expire override-lastmod ignore-reload #refresh_pattern http://*.dlservice.microsoft.com/.*\.(cab|exe) 21600 999% 999999 override-expire override-lastmod ignore-reload #refresh_pattern http://*.download.windowsupdate.com/.*\.(cab|exe) 21600 999% 999999 override-expire override-lastmod ignore-reload #refresh_pattern http://*.fotografer.net/.*\.(jpg|jpeg|gif|swf|tif) 21600 999% 999999 override-expire override-lastmod ignore-reload #refresh_pattern -i kh.google 1440 20% 10080 override-expire overridelastmod reload-into-ims ignore-reload #refresh_pattern -i keyhole.com 1440 20% 10080 override-expire override-lastmod reload-into-ims ignore-reload #refresh_pattern cgi-bin 1 20% 2 #refresh_pattern \.html$ 1 20% 2 #refresh_pattern \.htm$ 1 20% 2 #refresh_pattern \.asp$ 1 20% 2 #refresh_pattern \.aspx$ 1 20% 2 #refresh_pattern \.acgi$ 1 20% 2 #refresh_pattern \.cgi$ 1 20% 2 #refresh_pattern \.pl$ 1 20% 2 #refresh_pattern \.shtml$ 1 20% 2 #refresh_pattern \.php3$ 1 20% 2 #refresh_pattern \.php$ 1 20% 2 #refresh_pattern \.jsp$ 1 20% 2 #refresh_pattern \? 1 20% 2 #refresh_pattern . 960 90% 43200 ##refresh_pattern . 480 50% 22160 ##refresh_pattern . 0 20% 4320 maximum_object_size_in_memory 24 KB maximum_object_size 128 MB #reference_age 1 month read_timeout 30 minutes client_lifetime 2 hours pconn_timeout 15 seconds request_timeout 1 minute shutdown_lifetime 10 seconds negative_ttl 2 minutes positive_dns_ttl 53 seconds negative_dns_ttl 29 seconds

persistent_request_timeout 2 minutes peer_connect_timeout 60 seconds dead_peer_timeout 25 seconds icp_query_timeout 2000 #detect_broken_pconn on ipcache_size 10240 ipcache_low 98 ipcache_high 99 #dns_children 32

#dns_nameservers 202.65.112.21 202.65.112.22 202.65.112.30 ignore_unknown_nameservers off cache_mgr admin@e-jogja.net cache_effective_user squid cache_effective_group squid visible_hostname localhost minimum_direct_hops 5 log_fqdn off memory_pools off forwarded_for off icp_hit_stale on logfile_rotate 0 store_objects_per_bucket 10 store_avg_object_size 13 kb netdb_high 10000 netdb_low 9900 netdb_ping_period log_icp_queries off test_reachability off #query_icmp on query_icmp off client_db off debug_options ALL,1 #max_open_disk_fds ie_refresh on #vary_ignore_expire on 0

30 seconds

extension_methods REGISTER SEARCH PROFIND PROPPATCH MKCOL MOVE BMOVE DELETE BDELETE REPORT MERGE MKACTIVITY CHECKOUT #high_memory_warning 2048 mb #high_response_time_warning 5500 #high_page_fault_warning 2 strip_query_terms off acl acl acl acl acl peers src 127.0.0.1 snmppublic snmp_community public mgr src 127.0.0.1 202.95.38.0/24 192.168.1.0/24 202.65.112.0/22 Manager proto cache_object post method POST

acl ssl method CONNECT acl purge method PURGE acl BADPORTS port 7 9 11 19 22 23 25 53 110 119 513 514 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl IRC_ports port 6000-7000 acl SSL_ports port 443 563 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 563 acl Safe_ports port 70 acl Safe_ports port 210 #acl Safe_ports port 1025-65535 acl Safe_ports port 280 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl CONNECT method CONNECT acl ftp_connected proto FTP acl kazaa dstdomain .kazaa.com acl VIRUS urlpath_regex winnt/system32/cmd.exe? /SETUP9x.EXE acl VIRUS urlpath_regex ^/osa..gif acl VIRUS urlpath_regex ^/./fils.php acl VIRUS urlpath_regex ^/./999.jpg acl VIRUS urlpath_regex ^/w.php acl microsoft dstdomain .microsoft.com acl INADDR_ANY dst 0.0.0.0/32 acl IpAddrProbeUA browser ^Mozilla/4.0.\ (compatible;.MSIE.5.5;.Windows.98\)$ acl IpAddrProbeURL url_regex //[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/$ acl msnmessenger req_mime_type ^application/x-msn-messenger$ acl YAHOOATTACK urlpath_regex akamai.*yahoo.*config/login acl localnetwork src 192.168.0.0/24 #acl reguest_deny src 192.168.1.50/32 #acl operator_deny arp 00:E0:4D:55:E4:12 #acl localdest dst 202.65.112.0/25 icp_access deny post icp_access deny all acl cvsweb url_regex cvsweb cachemgr_passwd secret all http_access allow purge mgr http_access deny purge http_access allow Manager mgr http_access deny Manager http_access deny !Safe_ports http_access deny CONNECT !Safe_ports #http_access deny kazaa http_access deny VIRUS http_access deny IpAddrProbeUA IpAddrProbeURL http_access deny INADDR_ANY #http_access deny msnmessenger http_access deny YAHOOATTACK http_access deny IRC_ports http_access allow ssl http_access allow peers http_access allow localnetwork

#http_access deny reguest_deny #http_access deny operator_deny http_access deny all # Redirector Access #redirector_access allow redir_warnet #redirector_access allow redir_kantor #redirector_access deny all #acl all2 src 0/0 #reply_body_max_size 500000000 allow all2

acl mrtg src 202.65.112.20 snmp_access allow snmppublic mrtg snmp_access deny all #always_direct allow localdest always_direct allow ftp_connected miss_access allow localnetwork #never_direct allow all acl msn_networks dstdomain .hotmail.com .msn.com acl ie6 browser MSIE[[:space:]]6 header_access Accept-Encoding deny msn_networks ie6 check_hostnames off allow_underscore on #acl #acl #acl #acl #acl local1 local2 local3 local4 local5 src src src src src 192.168.1.8/30 192.168.1.12/30 192.168.1.16/30 192.168.1.20/30 192.168.1.24/30 202.65.116.181 202.65.116.182 202.65.116.183 202.65.116.184 202.65.116.185 local1 local2 local3 local4 local5

#tcp_outgoing_address #tcp_outgoing_address #tcp_outgoing_address #tcp_outgoing_address #tcp_outgoing_address server_http11 on

#download controller #acl download urlpath_regex -i ftp .exe .cab .mp3 .vqf .tar.gz .gz .rpm .zip .rar .avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav .mov .asx .asf .wma .wmv .vivo .rnx .arj .tgz .bz2 .yim #acl unlimit src 202.65.116.160/28 202.65.115.0/29 202.65.115.8/29 #acl daytime time 06:00-22:00 #acl ms_download req_mime_type ^application/x-msdownload$ #acl avg_file dstdomain .grisoft.com .grisoft.cz #delay_pools 2 #delay_class 1 2 #delay_access 1 allow localnetwork #delay_parameters 1 -1/-1 -1/-1 #delay_class 2 2 #delay_access 2 allow download

#delay_parameters 2 48000/48000 2000/16000 # End of configuration