http_port 192.168.40.250:3128 transparent
http_port 127.0.0.1:3128
icp_port 3130
server_http11 on
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/share/squid/errors/English
#icon_directory /usr/share/squid/icons
visible_hostname JAKKOM
cache_mgr JAVA_ANGGREK
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
log_http_violations off
logfile_rotate 1
shutdown_lifetime 10 seconds
forwarded_for off
#ini adalah ip LOCAL LAN yang mengakses squid
acl localnet src 192.168.1.0/24
acl localnet src 192.168.10.0/24
acl localnet src 192.168.40.0/24
acl localnet src 192.168.50.0/24
acl localnet src 192.168.100.0/24
acl localnet src 1.1.1.0/24
acl localdstnet dst 192.168.1.0/24
acl localdstnet dst 192.168.10.0/24
acl localdstnet dst 192.168.40.0/24
acl localdstnet dst 192.168.50.0/24
acl localdstnet dst 192.168.100.0/24
acl localdstnet dst 1.1.1.0/24
# Setup some default acls
acl all src all
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 667 777 901 81 3128 1025-65535
acl sslports port 443 563 81
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl nocache-domain dstdomain .jakkom.com .javaanggrek.com .login.yahoo.com .blogger.com .blogspot.com .facebook.com
acl QUERY urlpath_regex -i \.(ini|lst|inf|htc|php|htm|html|asp)$
acl QUERY urlpath_regex -i (captcha|reset.css|update.txt|gamenotice|PatchTimeCheck.dat|PatchPath.dat|vdf.info.gz|version)
cache deny QUERY
cache deny localhost
cache deny nocache-domain
cache deny localdstnet
always_direct allow QUERY localhost localdstnet nocache-domain
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports
# Always allow localhost connections
http_access allow localhost
# Allow local network(s) on interface(s)
http_access allow localnet
# Default block all to be sure
http_access deny all
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
uri_whitespace strip
#idm
acl idm req_header Range -i bytes=.*
acl idm1 req_header User-Agent -i Mozilla/(17.0|16.0|15.0|5.0|4.0)
http_reply_access deny idm idm1
#jika memakai unbound
dns_nameservers 127.0.0.1
#jika tanpa unbound
#dns_nameservers 202.134.1.10 202.134.0.155 8.8.8.8 8.8.4.4
cache_mem 8 MB
maximum_object_size_in_memory 128 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir aufs /ember1/cache 9000 21 256
cache_dir aufs /ember2/cache 9000 21 256
cache_dir aufs /ember3/cache 9000 21 256
cache_dir aufs /ember4/cache 9000 21 256
cache_dir aufs /ember5/cache 9000 21 256
cache_dir aufs /ember6/cache 9000 21 256
#sesuikan dengan batas object yang akan di cache
minimum_object_size 1 bytes
maximum_object_size 40 MB
offline_mode off
cache_swap_low 80
cache_swap_high 90
# redirector configure jika memakai storeurl.pl dan squidGuard
storeurl_rewrite_program /usr/share/squid/storeurl.pl
storeurl_rewrite_children 19
storeurl_rewrite_concurrency 15
storeurl_bypass on
url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
url_rewrite_children 19
## LUSCA
acl speedtest dstdom_regex -i speedtest.*\.
acl store_rewrite_list urlpath_regex .*\/speedtest\/.*\.(jpg|txt)
acl store_rewrite_list urlpath_regex .*\.ak\.fbcdn\.net\/
acl store_rewrite_list urlpath_regex http:\/\/199\.91\.15\d\.\d*\/\w{12}\/(\w*)\/(.*)
acl store_rewrite_list urlpath_regex s[0-9]*\.filesonic\.com\/download\/.*
acl store_rewrite_list urlpath_regex [a-zA-Z]{2}[0-9]*\.4shared\.com\/download\/
acl store_rewrite_list urlpath_regex \/(watch\?|get_video\?|videodownload\?|videoplayback.*id)
acl store_rewrite_list urlpath_regex \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|wmv|3gp|mp(4|3)|exe|msi|zip|on2|mar|rar|cab|amf|swf)\?
acl store_rewrite_list_domain url_regex ^http:\/\/([a-zA-Z-]+[0-9-]+)\.[A-Za-z]*\.[A-Za-z]*
acl store_rewrite_list_domain url_regex (([a-z]{1,2}[0-9]{1,3})|([0-9]{1,3}[a-z]{1,2}))\.[a-z]*[0-9]?\.[a-z]{3}
acl store_rewrite_list_path urlpath_regex \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|wmv|3gp|mp(4|3)|exe|msi|zip|on2|mar|rar|cab|amf|swf)$
acl store_rewrite_list_domain_CDN url_regex \.rapidshare\.com.*\/[0-9]*\/.*\/[^\/]* ^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*) \.doubleclick\.net.*
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/[.a-z0-9]*\.photobucket\.com.*\.[a-z]{3}$ quantserve\.com
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/[a-z]+[0-9]\.google\.co(m|\.id)
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(rar|zip|flv|wm(a|v)|3gp|mp(4|3)|exe|msi|avi|(mp(e?g|a|e|1|2|3|4))|cab|exe)
acl dontrewrite url_regex redbot\.org \.php \.html \.css
acl getmethod method GET
storeurl_access allow speedtest
storeurl_access deny dontrewrite
storeurl_access deny !getmethod
storeurl_access allow store_rewrite_list_domain_CDN
storeurl_access allow store_rewrite_list
storeurl_access allow store_rewrite_list_domain
storeurl_access allow store_rewrite_list_path
storeurl_access deny all
##############################################
### REFRESH PATTERN OPTION ###
##############################################
# in minutes
#Youtube
refresh_pattern (watch\?|get_video\?|videoplayback\?|videodownload\?|\.flv?) 10080 90% 10080 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale negative-ttl=0
#All File with ?
refresh_pattern -i \.(3gp|avi|ac4|mp(e?g|a|e|1|2|3|4)|m4(a|v)|3g(p?2|p)|mk(a|v)|og(x|v|a|g|m)|wm(a|v)|wmx|wpl|rm|snd|vob|wav|asx|avi|qt|divx|flv|f4v|x-flv|dvr-ms|m(1|2)(v|p)|mov|mid)\? 10080 90% 10080 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(7z|ace|rar|jar|gz|tgz|bz2|iso|mod|arj|lha|lzh|zip|tar|cab|dat)\? 10080 90% 10080 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|amf|swf|css|js|ad)\? 10080 90% 10080 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(exe|ms(i|u|p)|deb|bin|ax|r(a|p)m|app|pkg|apk)\? 10080 90% 10080 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(pp(t?x|t)|epub|pdf|rtf|wax|cb(r|z|t)|xl(s?x|s)|do(c?x|c)|inc)\? 10080 90% 10080 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale
#All File without ?
refresh_pattern -i \.(3gp|avi|ac4|mp(e?g|a|e|1|2|3|4)|m4(a|v)|3g(p?2|p)|mk(a|v)|og(x|v|a|g|m)|wm(a|v)|wmx|wpl|rm|snd|vob|wav|asx|avi|qt|divx|flv|f4v|x-flv|dvr-ms|m(1|2)(v|p)|mov|mid) 10080 90% 10080 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(7z|ace|rar|jar|gz|tgz|bz2|iso|mod|arj|lha|lzh|zip|tar|cab|dat) 10080 90% 10080 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|amf|swf|css|js|ad) 10080 90% 10080 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(exe|ms(i|u|p)|deb|bin|ax|r(a|p)m|app|pkg|apk) 10080 90% 10080 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(pp(t?x|t)|epub|pdf|rtf|wax|cb(r|z|t)|xl(s?x|s)|do(c?x|c)|inc) 10080 90% 10080 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern ^ftp: 10080 10% 10080 override-lastmod reload-into-ims store-stale
refresh_pattern . 180 10% 1440
acl snmp_host src 127.0.0.1
snmp_port 3401
acl snmppublic snmp_community public
snmp_access allow snmppublic snmp_host
snmp_access deny all
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136
global_internal_static off
max_stale 1 week
retry_on_error on
buffered_logs off
read_ahead_gap 16 KB
header_access Accept-Encoding deny all
header_access From deny all
header_access Server deny all
header_access Link deny all
header_access Via deny all
header_access X-Forwarded-For deny all
client_persistent_connections on
server_persistent_connections on
half_closed_clients off
strip_query_terms off
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 100
vary_ignore_expire on
reload_into_ims on
pipeline_prefetch on
#range_offset_limit 50 KB
read_timeout 30 minutes
client_lifetime 6 hours
negative_ttl 60 seconds
positive_dns_ttl 6 hours
negative_dns_ttl 60 seconds
pconn_timeout 15 seconds
request_timeout 1 minute
store_avg_object_size 13 KB
log_icp_queries off
ipcache_size 1024
ipcache_low 98
ipcache_high 99
log_fqdn off
fqdncache_size 4096
memory_pools off
reply_header_max_size 32 KB
#memory_pools_limit 1024 MB
#forwarded_for on
#cachemgr_passwd none info
cachemgr_passwd none all
client_db on
n_aiops_threads 24
load_check_stopen on
load_check_stcreate on
download_fastest_client_speed on
##########End of Config################
Sumber: - lusca.info
:52595EA2
