Jumat, 04 Februari 2011

Settingan Squid

# NETWORK OPTIONS

# -----------------------------------------------------------------------------

http_port 10.10.10.4:3128 transparent

icp_port 0



# OPTIONS WHICH AFFECT THE CACHE SIZE

# -----------------------------------------------------------------------------

cache_mem 1000 MB



cache_swap_low 90

cache_swap_high 95



maximum_object_size 4096 KB



minimum_object_size 0 KB

maximum_object_size_in_memory 16 KB

ipcache_size 1024

ipcache_low 90

ipcache_high 95



cache_replacement_policy heap LFUDA

memory_replacement_policy heap LFUDA



# LOGFILE PATHNAMES AND CACHE DIRECTORIES

# -----------------------------------------------------------------------------

cache_dir diskd /cache1 4000 16 256 01=72 02=64

cache_dir diskd /cache2 4000 16 256 01=72 02=64



cache_access_log /var/log/squid/access.log

cache_log_none

cache_store_log_none

# cache_swap_log /var/spool/squid

# pid_filename /var/log/squid/logs/squid.pid



log_ip_on_direct on

mime_table /etc/squid/mime.conf



log_mime_hdrs off

#referer_log



debug_options ALL,1

log_fqdn off

client_netmask 255.255.255.255



# OPTIONS FOR EXTERNAL SUPPORT PROGRAMS

# -----------------------------------------------------------------------------



ftp_user Squid@

auth_param basic children 5

auth_param basic realm squid proxy-caching web server

auth_param basic credentialsttl 2 hours

auth_param basic casensitive off





# OPTIONS FOR TUNING THE CACHE

# -----------------------------------------------------------------------------



request_header_max_size 15 KB

request_body_max_size 10 MB



refresh_pattern -i cgi-bin 1 20% 2

refresh_pattern -i \? 1 20% 2



refresh_pattern -i \.asp$ 4800 50% 22160

refresh_pattern -i \.acgi$ 4800 50% 22160

refresh_pattern -i \.cgi$ 4800 50% 22160

refresh_pattern -i \.shtml$ 4800 50% 22160

refresh_pattern -i \.php3$ 4800 50% 22160

refresh_pattern -i \.pl$ 4800 50% 22160

refresh_pattern -i \.bom\.gov\.au 30 20% 120

refresh_pattern -i \.html$ 4800 50% 22160

refresh_pattern -i \.htm$ 4800 50% 22160

refresh_pattern -i \.gif$ 22160 95% 43200

refresh_pattern -i \.jpg$ 22160 95% 120960

refresh_pattern -i \.class$ 10680 90% 43200

refresh_pattern -i \.zip$ 22160 95% 43200

refresh_pattern -i \.jpeg$ 22160 95% 120960

refresh_pattern -i \.mid$ 22160 95% 120960

refresh_pattern -i \.exe$ 22160 95% 120960

refresh_pattern -i \.thm$ 10080 90% 43200

refresh_pattern -i \.wav$ 22160 95% 120960

refresh_pattern -i \.txt$ 22160 95% 43200

refresh_pattern -i \.cab$ 22160 95% 120960

refresh_pattern -i \.au$ 22160 95% 120960

refresh_pattern -i \.mov$ 22160 95% 120960

refresh_pattern -i \.xom$ 10080 90% 43200

refresh_pattern -i \.ram$ 22160 95% 120960

refresh_pattern -i \.avi$ 22160 95% 120960

refresh_pattern -i \.chtml$ 4800 50% 22160

refresh_pattern -i \.thb$ 10080 90% 43200

refresh_pattern -i \.dcr$ 10080 90% 43200

refresh_pattern -i \.bmp$ 22160 95% 120960

refresh_pattern -i \.phtml$ 4800 50% 22160

refresh_pattern -i \.mpg$ 22160 95% 120960

refresh_pattern -i \.pdf$ 22160 95% 120960

refresh_pattern -i \.art$ 10080 90% 43200

refresh_pattern -i \.swf$ 22160 95% 43200

refresh_pattern -i \.mp3$ 22160 98% 120960

refresh_pattern -i \.ra$ 10080 95% 120960

refresh_pattern -i \.spl$ 10080 90% 43200

refresh_pattern -i \.viv$ 10080 95% 120960

refresh_pattern -i \.doc$ 22160 95% 43200

refresh_pattern -i \.gz$ 22160 95% 120960

refresh_pattern -i \.Z$ 22160 95% 120960

refresh_pattern -i \.tgz$ 22160 95% 120960

refresh_pattern -i \.tar$ 22160 95% 120960

refresh_pattern -i \.vrm$ 10080 90% 43200

refresh_pattern -i \.vrml$ 10080 90% 43200

refresh_pattern -i \.aif$ 10080 95% 43200

refresh_pattern -i \.aifc$ 10080 90% 43200

refresh_pattern -i \.aiff$ 10080 90% 43200

refresh_pattern -i \.arj$ 10080 90% 43200

refresh_pattern -i \.c$ 10080 90% 43200

refresh_pattern -i \.cpt$ 10080 90% 43200

refresh_pattern -i \.dir$ 10080 90% 43200

refresh_pattern -i \.dxr$ 10080 90% 43200

refresh_pattern -i \.hqx$ 10080 90% 43200

refresh_pattern -i \.jpe$ 22160 95% 120960

refresh_pattern -i \.lba$ 22160 95% 120960

refresh_pattern -i \.lzh$ 22160 95% 120960

refresh_pattern -i \.midi$ 22160 95% 120960

refresh_pattern -i \.movie$ 22160 95% 120960

refresh_pattern -i \.mp2$ 22160 95% 120960

refresh_pattern -i \.mpe$ 22160 95% 120960

refresh_pattern -i \.mpeg$ 22160 95% 120960

refresh_pattern -i \.mpega$ 10080 95% 120960

refresh_pattern -i \.pl$ 10080 90% 43200

refresh_pattern -i \.ppt$ 22160 95% 120960

refresh_pattern -i \.ps$ 10080 90% 43200

refresh_pattern -i \.qt$ 22160 95% 120960

refresh_pattern -i \.qtm$ 22160 95% 120960

refresh_pattern -i \.ras$ 10080 90% 43200

refresh_pattern -i \.sea$ 10080 90% 43200

refresh_pattern -i \.sit$ 10080 90% 43200

refresh_pattern -i \.tif$ 10080 90% 43200

refresh_pattern -i \.tiff$ 10080 90% 43200

refresh_pattern -i \.snd$ 10080 90% 43200

refresh_pattern -i \.wrl$ 10080 90% 43200

refresh_pattern ^ftp:// 1440 20% 10080

refresh_pattern ^gopher:// 1440 0% 1440

refresh_pattern . 0 20% 4320



quick_abort_min 0

quick_abort_max 0

quick_abort_pct 95



negative_ttl 5 minutes

positive_dns_ttl 6 hours

negative_dns_ttl 5 minutes

range_offset_limit 0 KB



# TIMEOUTS

# -----------------------------------------------------------------------------



forward_timeout 4 minutes

connect_timeout 1 minute

# peer_connect_timeout 30 seconds

read_timeout 15 minutes

request_timeout 5 minutes

persistent_request_timeout 1 minute



client_lifetime 1 day

half_closed_clients off

pconn_timeout 120 seconds

shutdown_lifetime 3 seconds



# ACCESS CONTROLS

# -----------------------------------------------------------------------------



#acl myexample dst_as 1241

#acl password proxy_auth REQUIRED

#acl fileupload req_mime_type -i ^multipart/form-data$

#acl javascript rep_mime_type -i ^application/x-javascript$



acl all src 0.0.0.0/0.0.0.0

acl manager proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl to_localhost dst 127.0.0.0/8

acl local src 192.168.200.0/24

acl local-domain dstdomain localhost 10.10.10.2 117.103.56.248

acl jam kantor download time MTWHFA 07:00-15:30

acl jam kantor porno time MTWHFA 07:00-12:30

acl SSL_ports port 443 563

acl Safe_ports port 80 # http

acl Safe_ports port 21 # ftp

acl Safe_ports port 443 563 # https, snews

acl Safe_ports port 70 # gopher

acl Safe_ports port 210 # wais

acl Safe_ports port 1025-65535 # unregistered ports

acl Safe_ports port 280 # http-mgmt

acl Safe_ports port 488 # gss-http

acl Safe_ports port 591 # filemaker

acl Safe_ports port 777 # multiling http

acl CONNECT method CONNECT



always direct allow localhost lokal-domain



#acl cara-1 dstdomain "/etc/squid/domain-terlarang"

#http_access deny cara-1



#acl cara-2 url_regex -i "/etc/squid/kata-terlarang"

#http_access deny cara-2



acl download url_regex -i "/etc/squid/download"

http_access deny download jam kantor download



acl porno url_regex -i "etc/squid/porno"

http_access deny porno jam kantor porno



http_access allow manager localhost

http_access allow manager lokal

http_access deny manager

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports

http_access deny to_localhost

http_access allow lokal

http_access allow localhost

http_access deny all



http_reply_access allow all

icp_access deny all

miss_access allow lokal

miss_access deny all



reply_header_max_size 20 KB

reply_body_max_size 0 allow all



header_access Accept-Encoding allow all

header_access Via allow all



# ADMINISTRATIVE PARAMETERS

# -----------------------------------------------------------------------------



cache_mgr exco.martinho@gmail.com

cache_effective_user proxy

cache_effective_group proxy

visible_hostname excobelajar.wordpress.com

unique_hostname excobelajar.wordpress.com



# HTTPD-ACCELERATOR OPTIONS

# -----------------------------------------------------------------------------



#httpd_accel_host virtual

#httpd_accel_port 80

#httpd_accel_single_host off

#httpd_accel_with_proxy on

#httpd_accel_uses_host_header on





# MISCELLANEOUS

# -----------------------------------------------------------------------------



logfile_rotate 1



# append_domain .yourdomain.com

tcp_recv_bufsize 0 bytes



# memory_pools on

# memory_pools_limit 5 MB



forwarded_for on



# cachemgr_passwd secret shutdown

cachemgr_passwd aloh4 info stats/objects

# cachemgr_passwd disable all



store_avg_object_size 13 KB

store_objects_per_bucket 20



pipeline_prefetch off



store_dir_select_algorithm round-robin

ie_refresh on



# DELAY POOL PARAMETERS (all require DELAY POOLS compilation option)

# -----------------------------------------------------------------------------



# PERSISTENT CONNECTION HANDLING

# -----------------------------------------------------------------------------



client_persistent_connections on

server_persistent_connections on
Diposting oleh di
Label:

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)