SHARE SQUID.CONF kamu disini

kambeeng

wah ….. silahkan broo

yhudi

untuk masuk di squid.conf lewat console…lokasi pathnya dimana ya kalo pfsense 1.2.3 dgn squid 2.7.9_4.1

kaptenhook

bisa pake putty atau juga dengan winSCP

yhudi

@kaptenhook:

bisa pake putty atau juga dengan winSCP

lokasi path nya di aman ya ?

iwanmahe

@yhudi:

@kaptenhook:

bisa pake putty atau juga dengan winSCP

lokasi path nya di aman ya ?

Lewat web configurator :
Diagnostic –--> edit file :
/usr/local/etc/squid/squid.conf <--- klik load

iwanmahe

Mohon dikoreksi para master

Do not edit manually !

http_port 192.168.222.222:3128 transparent
http_port 127.0.0.1:80 transparent
icp_port 3131

pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/English
icon_directory /usr/local/etc/squid/icons
visible_hostname localhost
cache_mgr admin@localhost
access_log /var/squid/logs/access.log
cache_log /var/squid/logs/cache.log
cache_store_log none
logfile_rotate 5
shutdown_lifetime 0 seconds

Allow local network(s) on interface(s)

acl localnet src  192.168.222.0/255.255.255.0
forwarded_for transparent
via off
uri_whitespace strip
dns_nameservers 127.0.0.1

cache_mem 8 MB
maximum_object_size_in_memory 4 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA

cache_dir aufs /var/squid/cache 60000 16 256
minimum_object_size 0 KB
maximum_object_size 32 MB
offline_mode off
cache_swap_low 90
cache_swap_high 95

No redirector configured

Setup some default acls

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535
acl sslports port 443 563 81
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl mallware url_regex "/usr/local/etc/squid/mallware.url"
acl conficker url_regex "/usr/local/etc/squid/conficker.url"
acl partialcontent_req req_header Range .*
#acl dynamic urlpath_regex cgi-bin ?
include /usr/local/etc/squid/include.conf
#cache deny dynamic
http_access allow manager localhost

http_access deny mallware
http_access deny conficker
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

Always allow localhost connections

http_access allow localhost

quick_abort_min 32 KB
quick_abort_max 128 KB
quick_abort_pct 75
range_offset_limit 0 MB
request_body_max_size 0 allow all
reply_body_max_size 0 deny all

Custom options

zph_mode tos
zph_local 0x04
zph_parent 0
zph_option 136
redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
redirector_bypass on
redirect_children 3

Allow local network(s) on interface(s)

http_access allow localnet

Default block all to be sure

http_access deny all

syedadi

Tolong betulngin dong =)
Adakah # Custom options gue betul?

Do not edit manually !

http_port 192.168.X.X:3128
http_port 127.0.0.1:80 transparent
icp_port 0

pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/English
icon_directory /usr/local/etc/squid/icons
visible_hostname localhost
cache_mgr admin@localhost
access_log /var/squid/log/access.log
cache_log /var/squid/log/cache.log
cache_store_log none
shutdown_lifetime 3 seconds

Allow local network(s) on interface(s)

acl localnet src  192.168.0.0/255.255.255.0
forwarded_for off
via off
uri_whitespace strip

cache_mem 50 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir ufs /var/squid/cache 40000 16 256
minimum_object_size 0 KB
maximum_object_size 3000 KB
offline_mode on
cache_swap_low 90
cache_swap_high 95
acl donotcache dstdomain "/var/squid/acl/donotcache.acl"
cache deny donotcache

No redirector configured

Setup some default acls

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535
acl sslports port 443 563 
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin ?
acl allowed_subnets src 192.168.0.0/24
acl unrestricted_hosts src "/var/squid/acl/unrestricted_hosts.acl"
acl whitelist dstdom_regex -i "/var/squid/acl/whitelist.acl"
cache deny dynamic

http_access allow manager localhost 
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

Always allow localhost connections

http_access allow localhost

quick_abort_min 0 KB
quick_abort_max 0 KB
request_body_max_size 0 KB
reply_body_max_size 5120000 deny all
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100

Throttle extensions matched in the url

acl throttle_exts urlpath_regex -i "/var/squid/acl/throttle_exts.acl"
delay_access 1 allow throttle_exts
delay_access 1 deny all

These hosts do not have any restrictions

http_access allow unrestricted_hosts

Always allow access to whitelist domains

http_access allow whitelist

Setup allowed acls

Allow local network(s) on interface(s)

http_access allow allowed_subnets
http_access allow localnet

Custom options

refresh_pattern ([^.]+.|)(download|(windows|)update|).(microsoft.|)com/..(cab|exe|msi|msp) 4320 100% 43200 reload-into-ims
range_offset_limit -1
refresh_pattern ([^.]+.|)avg.com/..(bin) 4320 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)spywareblaster.net/..(dtb) 4320 100% 64800 reload-into-ims
refresh_pattern ([^.]+.|)symantecliveupdate.com/..(zip|exe) 43200 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)avast.com/.*.(vpu|vpaa|vpx) 4320 100% 43200 reload-into-ims
redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
redirector_bypass on
redirect_children 3

Default block all to be sure

http_access deny all

syedadi

Setup some default acls

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535
acl sslports port 443 563
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl partialcontent_req req_header Range .*
acl mallware url_regex "/usr/local/etc/squid/mallware.url"
acl conficker url_regex "/usr/local/etc/squid/conficker.url"
#acl dynamic urlpath_regex cgi-bin ?
#include /usr/local/etc/squid/include.conf
include /usr/local/etc/squid/tunning.conf
acl allowed_subnets src 192.168.x.0/27
#cache deny dynamic
http_access allow manager localhost

Allow external cache managers

acl ext_manager_1 src 192.168.1.1
http_access allow manager ext_manager_1

http_access deny mallware
http_access deny conficker
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

gimana letaknya page untuk mallware, conficker dong? aku engak paham….apa codingnya?

pfz

@syedadi:

Tolong betulngin dong =)
Adakah # Custom options gue betul?

Custom options

refresh_pattern ([^.]+.|)(download|(windows|)update|).(microsoft.|)com/..(cab|exe|msi|msp) 4320 100% 43200 reload-into-ims
range_offset_limit -1
refresh_pattern ([^.]+.|)avg.com/..(bin) 4320 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)spywareblaster.net/..(dtb) 4320 100% 64800 reload-into-ims
refresh_pattern ([^.]+.|)symantecliveupdate.com/..(zip|exe) 43200 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)avast.com/.*.(vpu|vpaa|vpx) 4320 100% 43200 reload-into-ims
redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
redirector_bypass on
redirect_children 3

Default block all to be sure

http_access deny all

download update windows… >>>> apa semua client mengupdate windows... ???? kalo enggak kenapa harus di cache..bahkan cache otomatis.. .. tanpa pcclient yg mengupdate..nya.. . kalimat sederhananya... Ketika pc cleint mengupdate windows.. lalu di stop ato dibatalkan.... maka squid akan mendownload otomatis.. sebesar.  .. kb.

apa ini gak bikin mubadzir bandwithd. ??

serangku

untuk pattern …

lihat saja kebiasaan user yg inetan
darimana tahunya kebiasaan user ?
mudah kok ...
package lightsquid bisa untuk keperluan itu

semoga membantu

syedadi

betulkh aku punya command untuk cache AV DB ini?

refresh_pattern ([^.]+.|)avast.com/.*\.(vpu|vpaa|vpx) 4320 100% 43200 reload-into-ims

ada sesiapa boleh terangkan apa semua maksud code ini..

syedadi

@PakDe:

@syedadi:

Tolong betulngin dong =)
Adakah # Custom options gue betul?

Custom options

refresh_pattern ([^.]+.|)(download|(windows|)update|).(microsoft.|)com/..(cab|exe|msi|msp) 4320 100% 43200 reload-into-ims
range_offset_limit -1
refresh_pattern ([^.]+.|)avg.com/..(bin) 4320 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)spywareblaster.net/..(dtb) 4320 100% 64800 reload-into-ims
refresh_pattern ([^.]+.|)symantecliveupdate.com/..(zip|exe) 43200 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)avast.com/.*.(vpu|vpaa|vpx) 4320 100% 43200 reload-into-ims
redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
redirector_bypass on
redirect_children 3

Default block all to be sure

http_access deny all

download update windows… >>>> apa semua client mengupdate windows... ???? kalo enggak kenapa harus di cache..bahkan cache otomatis.. .. tanpa pcclient yg mengupdate..nya.. . kalimat sederhananya... Ketika pc cleint mengupdate windows.. lalu di stop ato dibatalkan.... maka squid akan mendownload otomatis.. sebesar.  .. kb.

apa ini gak bikin mubadzir bandwithd. ??

IA ka? hehe  :o …aku masih baru...setakat ini HDD aku masih kosong baru guna 3% dari HDD aku yang 80GB...  ;D

orkeys

om-om sekalian kira-kira confignya salah gak nih  :'( ..!!maklum newbie abis…. xixixi ;D
sekalian om upload dong list malware.url ama conficker.url

Do not edit manually !

http_port 192.168.x.64:3128 transparent
http_port 127.0.0.1:80 transparent
icp_port 0

pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/English
icon_directory /usr/local/etc/squid/icons
visible_hostname localhost
cache_mgr admin@localhost
access_log /var/squid/log/access.log
cache_log /var/squid/log/cache.log
cache_store_log none
logfile_rotate 5
shutdown_lifetime 3 seconds

Allow local network(s) on interface(s)

acl localnet src  192.168.54.0/255.255.255.0
forwarded_for transparent
uri_whitespace strip
dns_nameservers 127.0.0.1

cache_mem 8 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir coss /var/squid/coss 10000 max-size=8192 block-size=1024
cache_dir aufs /var/squid/cache 300000 16 256 min-size=4096
store dir select algorithm round robin
minimum_object_size 0 KB
maximum_object_size 50000 MB
offline_mode off
cache_swap_low 90
cache_swap_high 95

No redirector configured

Setup some default acls

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535
acl sslports port 443 563 81
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl partialcontent_req req_header Range .*
#acl dynamic urlpath_regex cgi-bin ?
#include /usr/local/etc/squid/include.conf
include /usr/local/etc/squid/include.conf
acl allowed_subnets src 192.168.x.0/24
#cache deny dynamic
http_access allow manager localhost

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

Always allow localhost connections

http_access allow localhost

quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 75
range_offset_limit 0 MB
request_body_max_size 0 allow all
reply_body_max_size 5120000 deny all
delay_pools 1
delay_class 1 2
dealy_parameters 1 -1/-1 -1/-1
delay_inital_bucket_level 100

Throttle extensions matched in the url

acl throttle_exts urlpath_regex -i "/var/squid/acl/throttle_exts.acl"
delay_access 1 allow throttle_exts
delay_access 1 deny all

Manual configuration

refresh_pattern ^http://.facebook.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://.kaskus.us/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://.google.co*./ 10080 90% 43200 reload-into-ims
refresh_pattern ^http://.yahoo.co./ 10080 90% 43200 reload-into-ims
refresh_pattern ^http://..windowsupdate.microsoft.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://office.microsoft.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://windowsupdate.microsoft.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://w?xpsp[0-9].microsoft.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://w2ksp[0-9].microsoft.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://download.microsoft.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://download.macromedia.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^ftp://ftp.nai.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://ftp.software.ibm.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://.friendster.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://.detik.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://.kaskus.us/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://.google.co*./ 10080 90% 43200 reload-into-ims
refresh_pattern ^http://.yahoo.co*.*/ 10080 90% 43200 reload-into-ims

refresh_pattern ^http://.facebook.com/.* 720 100% 4320
refresh_pattern ^http://.apps.facebook.com/.* 720 100% 4320
refresh_pattern ^http://.profile.ak.fbcdn.net/. 720 100% 4320
refresh_pattern ^http://.creative.ak.fbcdn.net/. 720 100% 4320
refresh_pattern ^http://.static.ak.fbcdn.net/. 720 100% 4320
refresh_pattern ^http://.facebook.poker.zynga.com/. 720 100% 4320
refresh_pattern ^http://.statics.poker.static.zynga.com/. 720 100% 4320
refresh_pattern ^http://.zynga./.* 720 100% 4320
refresh_pattern ^http://.texas_holdem./.* 720 100% 4320
refresh_pattern ^http://.google./.* 720 100% 4320
refresh_pattern ^http://.indowebster./.* 720 100% 4320
refresh_pattern ^http://.4shared./.* 720 100% 4320
refresh_pattern ^http://.yahoo.com/. 720 100% 4320
refresh_pattern ^http://.yimg./.* 720 100% 4320
refresh_pattern ^http://.plasa.com/. 720 100% 4320
refresh_pattern ^http://.boleh./.* 720 100% 4320
refresh_pattern ^http://.detik./.* 180 100% 4320
refresh_pattern ^http://.detikinet./.* 180 100% 4320
refresh_pattern ^http://.detikhot./.* 180 100% 4320
refresh_pattern ^http://.detiportal./.* 180 100% 4320
refresh_pattern ^http://.kompas./.* 180 100% 4320
refresh_pattern ^http://.kapanlagi./.* 720 100% 4320
refresh_pattern ^http://.google-analytics./.* 720 100% 4320

Manual configuration

refresh_pattern ^http://(.?)/get_video? 10080 90% 999999 override-expire ignore-no-cache ignore-private
refresh_pattern ^http://(.?)/videoplayback? 10080 90% 999999 override-expire ignore-no-cache ignore-private
refresh_pattern -i (get_video?|videoplayback?id|videoplayback.*id) 161280 50000% 525948 override-expire ignore-reload

Manual configuration

compressed

refresh_pattern -i .gz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .cab$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .bzip2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .bz2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .gz2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .tgz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .tar.gz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .zip$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .rar$ 1008000 90% 99999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .tar$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .ace$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .7z$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

documents

refresh_pattern -i .xls$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .doc$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .xlsx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .docx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .pdf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .ppt$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .pptx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .rtf?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

multimedia

refresh_pattern -i .mid$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .wav$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .viv$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .mpg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .mov$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .avi$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .asf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .qt$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .rm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .rmvb$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .mpeg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .wmp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .3gp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .mp3$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .mp4$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

web content

refresh_pattern -i .js$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .psf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .html$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .htm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .css$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .swf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .js?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .css?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .xml$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

images

refresh_pattern -i .gif$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .jpg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .png$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .jpeg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .bmp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .psd$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .ad$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .gif?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .jpg?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .png?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .jpeg?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .psd?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

application

refresh_pattern -i .deb$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .rpm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .msi$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .exe$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .dmg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

misc

refresh_pattern -i .dat$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .qtm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

itunes

refresh_pattern -i .m4p$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .mpa$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern cgi-bin 0 0% 0
refresh_pattern ? 0 20% 4320
refresh_pattern . 0 20% 4320

storeurl_access deny all

Custom options

zph_mode tos
zph_local 0x04
zph_parent 0
zph_option 136

redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
redirector_bypass on
redirect_children 3

Allow local network(s) on interface(s)

http_access allow localnet
http_access allow allowed_subnets

Default block all to be sure

http_access deny all

serangku

mantap …  ;D

sedikit deh mengomentari, boleh ?

cache_dir coss /var/squid/coss 10000 max-size=8192 block-size=1024
cache_dir aufs /var/squid/cache 300000 16 256 min-size=4096
store dir select algorithm round robin
minimum_object_size 0 KB
maximum_object_size 50000 MB

disarankan kalau mau menggunakan coss dan aufs, gunakan 2 disk yg terpisah
supaya performa tetap terjaga
tdk terlalu kebesaran ukuran maximum object nya ? 50000 MB ?

orkeys

@serangku:

mantap …  ;D

sedikit deh mengomentari, boleh ?

cache_dir coss /var/squid/coss 10000 max-size=8192 block-size=1024
cache_dir aufs /var/squid/cache 300000 16 256 min-size=4096
store dir select algorithm round robin
minimum_object_size 0 KB
maximum_object_size 50000 MB

disarankan kalau mau menggunakan coss dan aufs, gunakan 2 disk yg terpisah
supaya performa tetap terjaga
tdk terlalu kebesaran ukuran maximum object nya ? 50000 MB ?

maaf om tidak boleh dikomentari…........'kalo cuman sedikit' xixixi :P becanda "mode on"
harus yang banyak om dikomentari biar saya yang bodoh ini bertambah ilmunya..

kepengennya sih om tambah hdd tapi, lagi nunggu hujan hdd dari langit biar bisa di nambah hdd nih

50000 MB hehe kelebihan angka 0 nya.... biasa itung duit gini nih om tapi sayang masih yg receh di itung

serangku

ampun dj …
bisa aja nih  ;D ;D ;D ;D

asepyulisman

wahhh mancap sekali squidnya om orkeys

orkeys

Om tadi malam otak-atik dikit squid.conf kok gak jalan ya… ??? ???
rencananya ingin limt bandwitdh tapi kok tidak terlimit ya... saya coba dengan download .exe :-\

nih settingan delay poolsnya yang di masukan di squid.conf

Parameter Delaypool

acl umum src 192.168.1.0/24
acl teknisi src 192.168.1.120/24
acl teknisi2 src 192.168.1.130/24

acl TIME time SMTWHFA 07:00-22:00

acl download url_regex -i ftp .exe$ .mp3$ .mp4$ .tar.gz$ .gz$ .tar.bz2$ .rpm$ .zip$ .rar$
acl download url_regex -i ftp .mp3$ .mp4$ .tar.gz$ .gz$ .tar.bz2$ .rpm$ .zip$ .rar$
acl download url_regex -i .avi$ .mpg$ .flv$ .mpeg$ .rm$ .iso$ .wav$ .mov$ .dat$ .mpe$ .mid$ .mkv$
acl download url_regex -i .midi$ .rmi$ .wma$ .wmv$ .ogg$ .ogm$ .m1v$ .mp2$ .mpa$ .wax$
acl download url_regex -i .m3u$ .asx$ .wpl$ .wmx$ .dvr-ms$ .snd$ .au$ .aif$ .asf$ .m2v$
acl download url_regex -i .m2p$ .ts$ .tp$ .trp$ .div$ .divx$ .mod$ .vob$ .aob$ .dts$
acl download url_regex -i .ac3$ .cda$ .vro$ .deb$

delaypools

delay_pools 2
delay_class 1 1
delay_parameters 1 -1/-1
delay_access 1 allow teknisi
delay_access 1 allow teknisi2
delay_access 1 deny all

bandwidth 10 kbytes/sec, bila file yang diakses melebihi 1 Mb

bandwidth 2 Mbps(speedol) dengan batas kecepatan rata2 1 Mbps(speedol)

delay_class 2 2
delay_parameters 2 128000/128000 1280/10240
delay_access 2 allow umum
delay_access 2 allow download TIME
delay_access 2 deny all

apa ada yang salah.. atau harus ditambahkan di custom optionnya kah ??
squidnya yg pake yang baru fresh instal  + lusca + squidguard baru ditambah dgn delay pools saja
mohon bantuannya  ;D ;D

tanpa hari tanpa membuka forum tercinta ini

orkeys

ini printnya
menggunakan pf 2.0

squidclient -p 80 cache_object://localhost/config |grep -i delay

request_body_delay_forward_size 0 Allow all
delay_pools 2
delay_class 1 1
delay_access 1 Allow teknisi
delay_access 1 Allow teknisi2
delay_access 1 Deny all
delay_parameters 1 -1/-1
delay_class 2 2
delay_access 2 Allow umum
delay_access 2 Allow download TIME
delay_access 2 Deny all
delay_parameters 2 128000/128000 1280/10240
delay_initial_bucket_level 50

squidclient -p 80 cache_object://localhost/delay

HTTP/1.0 200 OK
Server: Lusca/LUSCA r14850 patched: chudy r14
Date: Fri, 17 Jun 2011 10:47:51 GMT
Content-Type: text/plain
Expires: Fri, 17 Jun 2011 10:47:51 GMT
X-Cache: MISS from localhost
Connection: close

Delay pools configured: 2

Pool: 1
        Class: 1

Aggregate:
                Disabled.

Pool: 2
        Class: 2

Aggregate:
                Max: 128000
                Restore: 128000
                Current: 128000
        Individual:
                Max: 10240
                Rate: 1280
                Current: Not used yet.

Memory Used: 3484 bytes

grep -i exe /var/squid/acl/throttle_exts.acl

.exe$

grep -i mp3 /var/squid/acl/throttle_exts.acl

.mp3$

agismaniax

UPDATE ini squid.conf ane:

Do not edit manually !

http_port 172.16.1.254:3128 transparent
http_port 127.0.0.1:80 transparent
icp_port 0

pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/English
icon_directory /usr/local/etc/squid/icons
visible_hostname firewall2.xxx.co.id
cache_mgr admin@xxx.co.id
access_log /var/squid/log/access.log
cache_log /var/squid/log/cache.log
cache_store_log none
logfile_rotate 30
shutdown_lifetime 0 seconds

Allow local network(s) on interface(s)

acl localnet src  172.16.0.0/255.255.0.0
forwarded_for transparent
httpd_suppress_version_string on
uri_whitespace strip
dns_nameservers 202.159.32.2 202.159.33.2 202.158.3.7 202.169.33.220

cache_mem 128 MB
maximum_object_size_in_memory 4 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir coss /var/squid/coss/coss 5000 max-size=4096 block-size=512
cache_dir aufs /var/squid/cache 50000 16 256 min-size=4096
minimum_object_size 2 KB
maximum_object_size 128 MB
offline_mode off
cache_swap_low 90
cache_swap_high 95
acl donotcache dstdomain '/var/squid/acl/donotcache.acl'
cache deny donotcache

No redirector configured

Setup some default acls

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 8080 3128 1025-65535
acl sslports port 443 563 8080
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl partialcontent_req req_header Range .*
#acl dynamic urlpath_regex cgi-bin ?
include /usr/local/etc/squid/include.conf
#cache deny dynamic
http_access allow manager localhost

Allow external cache managers

acl ext_manager_1 src 192.168.1.1
http_access allow manager ext_manager_1

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

Always allow localhost connections

http_access allow localhost

quick_abort_min 32 KB
quick_abort_max 128 KB
quick_abort_pct 75
range_offset_limit 0 MB
request_body_max_size 0 allow all
reply_body_max_size 0 deny all

delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100

Throttle extensions matched in the url

acl throttle_exts urlpath_regex -i '/var/squid/acl/throttle_exts.acl'
delay_access 1 allow throttle_exts
delay_access 1 deny all

Custom options

refresh_pattern ([^.]+.|)(download|(windows|)update|).(microsoft.|)com/..(cab|exe|msi|msp) 4320 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)avg.com/..(bin) 4320 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)symantecliveupdate.com/..(zip|exe|jdb|xdb) 43200 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)avast.com/..(vpu|vpaa) 4320 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)avira.de/..(vdf|ivdf|zip) 4320 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)adobe.com/..(exe|msi) 4320 100% 43200 reload-into-ims
range_offset_limit -1

redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
redirector_bypass on
redirect_children 3

Allow local network(s) on interface(s)

http_access allow localnet

Default block all to be sure

http_access deny all