SHARE SQUID.CONF kamu disini

queues

Om Kambeeng, Om Serangku, Om Anto_DIGIT, Om grange95, Om KaptenHook serta Om-om Semua yg namnya tidak bisa saya sebutkan satu persatu, mohon om om semua terawang settingan squid lusca saya, Mohon masukan serta sarannya.

$ squidclient -p 80 mgr:info
HTTP/1.0 200 OK
Server: Lusca
Date: Sun, 10 Jul 2011 03:39:40 GMT
Content-Type: text/plain
Expires: Sun, 10 Jul 2011 03:39:40 GMT
X-Cache: MISS from QueueS
Connection: close

Squid Object Cache: Version LUSCA r14850 patched: chudy r14
Start Time: Sun, 10 Jul 2011 02:04:13 GMT
Current Time: Sun, 10 Jul 2011 03:39:40 GMT
Connection information for squid:
Number of clients accessing cache: 2
Number of HTTP requests received: 12237
Number of ICP messages received: 0
Number of ICP messages sent: 0
Number of queued ICP replies: 0
Request failure ratio: 0.00
Average HTTP requests per minute since start: 128.2
Average ICP messages per minute since start: 0.0
Select loop called: 525913 times, 10.889 ms avg
Cache information for squid:
Request Hit Ratios: 5min: 10.5%, 60min: 9.3%
Byte Hit Ratios: 5min: 0.4%, 60min: 44.2%
Request Memory Hit Ratios: 5min: 0.0%, 60min: 11.0%
Request Disk Hit Ratios: 5min: 11.2%, 60min: 41.5%
Storage Swap size: 177098 KB
Storage Mem size: 10436 KB
Mean Object Size: 60.05 KB
Requests given to unlinkd: 0
Median Service Times (seconds)  5 min    60 min:
HTTP Requests (All):   0.25890  0.25890
Cache Misses:          0.27332  0.25890
Cache Hits:            0.00815  0.00767
Near Hits:             0.01469  0.01469
Not-Modified Replies:  0.00286  0.00286
DNS Lookups:           2.34641  2.34641
ICP Queries:           0.00000  0.00000
Resource usage for squid:
UP Time: 5726.680 seconds
CPU Time: 97.324 seconds
CPU Usage: 1.70%
CPU Usage, 5 minute avg: 2.01%
CPU Usage, 60 minute avg: 1.82%
Process Data Segment Size via sbrk(): 0 KB
Maximum Resident Size: 35716 KB
Page faults with physical i/o: 0
Memory accounted for:
Total accounted:        12487 KB
memPoolAlloc calls: 2099480
memPoolFree calls: 2046627
File descriptor usage for squid:
Maximum number of file descriptors:   11095
Largest file desc currently in use:     81
Number of file desc currently in use:   35
Files queued for open:                   0
Available number of file descriptors: 11060
Reserved number of file descriptors:   100
Store Disk files open:                   1
IO loop method:                     kqueue
Internal Data Structures:
 3009 StoreEntries
 1783 StoreEntries with MemObjects
 1778 Hot Object Cache Items
 2949 on-disk objects

Squid.conf

Do not edit manually !

http_port 172.22.11.78:3128 transparent
http_port 127.0.0.1:80 transparent
icp_port 3131

pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/English
icon_directory /usr/local/etc/squid/icons
visible_hostname QueueS
cache_mgr QueueS@live.com
access_log /var/squid/log/access.log
cache_log /var/squid/log/cache.log
cache_store_log none
logfile_rotate 2
shutdown_lifetime 30 seconds

Allow local network(s) on interface(s)

acl localnet src  172.22.11.0/255.255.255.0
via off
httpd_suppress_version_string on
uri_whitespace strip
dns_nameservers 127.0.0.1

cache_mem 8 MB
maximum_object_size_in_memory 8 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA

cache_dir aufs /var/squid/cache 9200 16 256
minimum_object_size 0 KB
maximum_object_size 256 MB
offline_mode off
cache_swap_low 90
cache_swap_high 95

No redirector configured

Setup some default acls

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535
acl sslports port 443 563 81
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl mallware url_regex "/usr/local/etc/squid/mallware.url"
acl conficker url_regex "/usr/local/etc/squid/conficker.url"
acl partialcontent_req req_header Range .*
#acl dynamic urlpath_regex cgi-bin ?
include /usr/local/etc/squid/include.conf
acl allowed_subnets src 172.22.11.0/24
#cache deny dynamic
http_access allow manager localhost

http_access deny mallware
http_access deny conficker
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

Always allow localhost connections

http_access allow localhost

quick_abort_min 32 KB
quick_abort_max 128 KB
quick_abort_pct 75
range_offset_limit 0 MB
request_body_max_size 0 allow all
reply_body_max_size 0 deny all

Custom options

zph_mode tos
zph_local 0x04
zph_parent 0
zph_option 136
redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
redirector_bypass on
redirect_children 3

Allow local network(s) on interface(s)

http_access allow localnet
http_access allow allowed_subnets

Default block all to be sure

http_access deny all

Spesifikasi Hardware

Mesin :Intel(R) Pentium(R) 4 CPU 2.26GHz
Tangki : HDD IDE MAXTOR 20G
Oli : DDR1 1024 M
Bensin : Speedy 512Kbps

ragile

@kaptenhook:

kalo udah menggunakan squid.conf.def perubahan dan penambahan setingan malah harus dilakukan disitu jadi jangan terbalik, kalo terbalik ya entar pas di restart akan hilang lagi

nb:proxy server akan membaca perintah dari squid.conf.def

Ditempat saya kok yang harus dioprek di squid.conf-nya ya?? kalo saya oprek yanng squid.conf.def malah gak pengaruh perubahannya setelah di reboot. Apa ada yang salah???

kaptenhook

@ragile:

@kaptenhook:

kalo udah menggunakan squid.conf.def perubahan dan penambahan setingan malah harus dilakukan disitu jadi jangan terbalik, kalo terbalik ya entar pas di restart akan hilang lagi

nb:proxy server akan membaca perintah dari squid.conf.def

Ditempat saya kok yang harus dioprek di squid.conf-nya ya?? kalo saya oprek yanng squid.conf.def malah gak pengaruh perubahannya setelah di reboot. Apa ada yang salah???

Begini om @ragile
Sebagai contoh ini aja
Di pfsense bagian cache managemen peletakan hardisk lebih dari dua misalkan kita mau menggunakan hardisk 3 ato 4 ato 5 buat cache itu tidak ada tempatnya bukan, naaa maka dari itu kita harus merubah peletakan hardisknya di squid.conf.def

Karena keterbatasan yang ada di pfsense, squid.confnya begini
Ex:

cache_dir coss /cache0/coss 10000 max-size=8192 block-size=1024
cache_dir aufs /cache1 /cache2 40960 16 256 min-size=8192

dan ini squid anda tidak akan berjalan alias stoped…. Atau misalkan mau jalan maka jalannya akan pincang karena cache2 pasti tidak akan terisi miss/hit

Naaaa bagaimana biar squidnya berjalan maka pengaturan peletakan hardisknya di buat di squid.conf dengan cara sbb

cache_dir coss /cache0/coss 10000 max-size=8192 block-size=1024
cache_dir aufs /cache1 40960 16 256 min-size=8192
cache_dir aufs /cache2 40960 16 256 min-size=8192

dengan adanya squid.conf.def maka perubahan yang dilakukan di squid.conf menjadi permanent dan walaupun di restart tidak akan hilang

jadi intinya antara squid.conf dan squid.conf.def adalah sama tapi tidak serupa

maaf mungkin bahasa saya kurang jelas, maklum saya bukan guru dan masih banyak belajar juga di sini,
lha wong saya ini angler man kok disuruh utak atik squid ya agak bingung juga kalo cumi cumi saya mah paham, enak dibuat lauk

serangku

kayak iklan aja …

dasar cumi ...
[cuma mimpi]
[cuma minjem]
[cuma2 makan]

OOT deh …  ;D
Ampun DJ ... ;)

agismaniax

@detrackmx:

dns_nameservers 202.159.32.2 202.159.33.2 202.158.3.7 202.169.33.220 –> banyak amat ya DNS nya???? ??? ??? ???
ukuran cache_mem 128 MB --> kegedean gan!!!! drop tu performa kalo banyak user yg akses........!!!!!  :'( :'( :'(

sejauh ini belum tuh gan… lagian memory pfsense ane 1GB... ntar dikecilin kalau memory usage-nya makin membesar.

UPDATE
Baca FAQ ini gan http://wiki.squid-cache.org/SquidFaq/SquidMemory#What_can_I_do_to_reduce_Squid.27s_memory_usage.3F

TOTALS
ICP : 0 Queries, 0 Hits (  0%)
HTTP: 209982 Requests, 61388 Hits ( 29%)

Squid Object Cache: Version LUSCA r14850 patched: chudy r14
Start Time:     Thu, 14 Jul 2011 02:04:20 GMT
Current Time:   Thu, 14 Jul 2011 08:17:14 GMT
Connection information for squid:
        Number of clients accessing cache:      103
        Number of HTTP requests received:       211481
        Number of ICP messages received:        0
        Number of ICP messages sent:    0
        Number of queued ICP replies:   0
        Request failure ratio:   0.00
        Average HTTP requests per minute since start:   567.1
        Average ICP messages per minute since start:    0.0
        Select loop called: 4268522 times, 5.242 ms avg

Median Service Times (seconds)  5 min    60 min:
        HTTP Requests (All):   0.04047  0.03427
        Cache Misses:          0.04277  0.06640
        Cache Hits:            0.00598  0.01469
        Near Hits:             0.04277  0.02899
        Not-Modified Replies:  0.00179  0.00767
        DNS Lookups:           0.01046  0.01852
        ICP Queries:           0.00000  0.00000
Resource usage for squid:
        UP Time:        22598.190 seconds
        CPU Time:       1639.421 seconds
        CPU Usage:      7.25%
        CPU Usage, 5 minute avg:        4.13%
        CPU Usage, 60 minute avg:       3.77%
        Process Data Segment Size via sbrk(): 0 KB
        Maximum Resident Size: 184628 KB
        Page faults with physical i/o: 0

# Custom options
refresh_pattern ([^.]+.|)(download|(windows|)update|).(microsoft.|)com/.*.(cab|exe|msi|msp) 4320 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)avg.com/.*.(bin) 4320 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)symantecliveupdate.com/.*.(zip|exe|jdb|xdb) 43200 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)avast.com/.*.(vpu|vpaa|vpx) 4320 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)avira.de/.*.(vdf|ivdf|zip) 4320 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)adobe.com/.*.(exe|msi) 4320 100% 43200 reload-into-ims

positive_dns_ttl 1 hours
negative_dns_ttl 5 minutes
memory_pools off
memory_pools_limit 64MB

redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
redirector_bypass on
redirect_children 3

kmrn berkutat dengan masalah si lusca yg nyedot bw gara2 ada client yg abort windows update berulang kali, tapi si lusca malah tetep nyedot dari server asal.

btw, mau nanya dong…
gimana cara buat ACL di squid-nya pfsense?
kalau dari squid.conf-nya langsung apakah ada pengaruhnya ke webgui di paket proxy server pfsense?
rencananya mau menggunakan tcp_outgoing_address yg berbeda utk beberapa subnet.

serangku

begini om yang doyab cumi [om jg doyan] …  ;D

kalo mo setting macem2 squid conf nya di pfsense ada 2 versi

1. versi official
silakan oprek2 di squid.xml nya
atau buatkan file tersendiri utk settingan khusus, kemudian di dalam squid.xml dipanggil dengan menambahkan include

2. versi lusca chuddy
lebih mudah karena sudah dibuat file tersendiri tidak perlu masuk ke xml nya
berenang saja ke dalemannya pfsense dengan winscp
obrak-abrik deh ...

nah ... kalo diatas ada yg kudu masuk ke def atau lainnya
om belum tahu kl itu juga bisa, apa bisa yah ?
jangan rubah setting di squid.conf nya langsung
percuma, setiap reboot akan kembali ke default

semoga bisa membantu

agismaniax

mau memastikan… begitu pfsense start, config.xml akan create ulang squid.conf, lalu squid binary akan menggunakan squid.conf tersebut.
nah squid.conf.default itu dipakai setelah squid.conf dipanggil atau sebelumnya?  ???

syedadi

@kaptenhook:

list conflicker

^http://(.+@)?4thfirework.com/
^http://(.+@)?adorelyric.com/
^http://(.+@)?adorepoem.com/
^http://(.+@)?adoresong.com/
^http://(.+@)?adoresongs.com/
^http://(.+@)?againstfear.com/
^http://(.+@)?alldatanow.com/
^http://(.+@)?alldataworld.com/
^http://(.+@)?antiterroralliance.com/
^http://(.+@)?antiterroris.com/
^http://(.+@)?antiterrornetwork.com/
^http://(.+@)?aweleon.com/
^http://(.+@)?bakeloaf.com/
^http://(.+@)?bayhousehotel.com/
^http://(.+@)?beadcareer.com/
^http://(.+@)?beadworkdirect.com/
^http://(.+@)?bedioger.com/
^http://(.+@)?bestadore.com/
^http://(.+@)?bestbarack.com/
^http://(.+@)?bestbaracksite.com/
^http://(.+@)?bestblogdirect.com/
^http://(.+@)?bestbreakingfree.com/
^http://(.+@)?bestchristmascard.com/
^http://(.+@)?bestcouponfree.com/
^http://(.+@)?bestgoodnews.com/
^http://(.+@)?bestjournalguide.com/
^http://(.+@)?bestlifeblog.com/
^http://(.+@)?bestlovehelp.com/
^http://(.+@)?bestlovelong.com/
^http://(.+@)?bestmazdadealer.com/
^http://(.+@)?bestmirabella.com/
^http://(.+@)?bestobamadirect.com/
^http://(.+@)?bestusablog.com/
^http://(.+@)?bestyearcard.com/
^http://(.+@)?bicodehl.com/
^http://(.+@)?birdab.com/
^http://(.+@)?biumer.com/
^http://(.+@)?blackchristmascard.com/
^http://(.+@)?blogginhell.com/
^http://(.+@)?blogsitedirect.com/
^http://(.+@)?bluevalentineonline.com/
^http://(.+@)?boarddiary.com/
^http://(.+@)?breakingfreemichigan.com/
^http://(.+@)?breakinggoodnews.com/
^http://(.+@)?breakingkingnews.com/
^http://(.+@)?breakingnewsfm.com/
^http://(.+@)?breakingnewsltd.com/
^http://(.+@)?buymazdacars.com/
^http://(.+@)?cantlosedata.com/
^http://(.+@)?cardnewyear.com/
^http://(.+@)?chatloveonline.com/
^http://(.+@)?cheapdecember.com/
^http://(.+@)?cherishletter.com/
^http://(.+@)?cherishpoems.com/
^http://(.+@)?chinamobilesms.com/
^http://(.+@)?christmaslightsnow.com/
^http://(.+@)?cismosis.com/
^http://(.+@)?codecouponsite.com/
^http://(.+@)?coralarm.com/
^http://(.+@)?crucism.com/
^http://(.+@)?cycloro.com/
^http://(.+@)?deathtaxi.com/
^http://(.+@)?debtbgonesite.com/
^http://(.+@)?decemberchristmas.com/
^http://(.+@)?directchristmasgift.com/
^http://(.+@)?discountfreesms.com/
^http://(.+@)?downloadfreesms.com/
^http://(.+@)?easyworldnews.com/
^http://(.+@)?eccellentesms.com/
^http://(.+@)?encybest.com/
^http://(.+@)?entrank.com/
^http://(.+@)?eternalgreetingcard.com/
^http://(.+@)?expowale.com/
^http://(.+@)?extendedman.com/
^http://(.+@)?farboards.com/
^http://(.+@)?favolu.com/
^http://(.+@)?fearalert.com/
^http://(.+@)?fireholiday.com/
^http://(.+@)?fireworksholiday.com/
^http://(.+@)?fireworksnetwork.com/
^http://(.+@)?fireworkspoint.com/
^http://(.+@)?framtr.com/
^http://(.+@)?freechristmassite.com/
^http://(.+@)?freechristmasworld.com/
^http://(.+@)?freecolorsms.com/
^http://(.+@)?freedecember.com/
^http://(.+@)?freedoconline.com/
^http://(.+@)?freeindependence.com/
^http://(.+@)?freeservesms.com/
^http://(.+@)?freesmsorange.com/
^http://(.+@)?frostep.com/
^http://(.+@)?fryroll.com/
^http://(.+@)?funloveonline.com/
^http://(.+@)?funnychristmasguide.com/
^http://(.+@)?funnyvalentinessite.com/
^http://(.+@)?gemells.com/
^http://(.+@)?globalantiterror.com/
^http://(.+@)?goldfixonline.com/
^http://(.+@)?gonesite.com/
^http://(.+@)?goodnewsdigital.com/
^http://(.+@)?goodnewsreview.com/
^http://(.+@)?goog-analysis.com/
^http://(.+@)?googol-analisys.com/
^http://(.+@)?greatbarackguide.com/
^http://(.+@)?greatcouponclub.com/
^http://(.+@)?greatmazdacars.com/
^http://(.+@)?greatmirabellasite.com/
^http://(.+@)?greatobamaguide.com/
^http://(.+@)?greatobamaonline.com/
^http://(.+@)?greatsalesavailable.com/
^http://(.+@)?greatsalesgroup.com/
^http://(.+@)?greatsalestax.com/
^http://(.+@)?greatsvalentine.com/
^http://(.+@)?greatvalentinepoems.com/
^http://(.+@)?greetingcardcalendar.com/
^http://(.+@)?greetingcardgarb.com/
^http://(.+@)?greetingguide.com/
^http://(.+@)?greetingsupersite.com/
^http://(.+@)?gumentha.com/
^http://(.+@)?handyphoneworld.com/
^http://(.+@)?happyindependence.com/
^http://(.+@)?hindger.com/
^http://(.+@)?holidayfirework.com/
^http://(.+@)?holidaysfirework.com/
^http://(.+@)?holidayxmas.com/
^http://(.+@)?holifireworks.com/
^http://(.+@)?hornalfa.com/
^http://(.+@)?interactiveindependence.com/
^http://(.+@)?ipersmstext.com/
^http://(.+@)?itsfatherchristmas.com/
^http://(.+@)?jobarack.com/
^http://(.+@)?justchristmasgift.com/
^http://(.+@)?lastlabel.com/
^http://(.+@)?lifegreetingcard.com/
^http://(.+@)?linkworldnews.com/
^http://(.+@)?livechristmascard.com/
^http://(.+@)?livechristmasgift.com/
^http://(.+@)?longballonline.com/
^http://(.+@)?losenowfast.com/
^http://(.+@)?lovecentralonline.com/
^http://(.+@)?lovelifeportal.com/
^http://(.+@)?macride.com/
^http://(.+@)?mazdaautomotiveparts.com/
^http://(.+@)?mazdacarclub.com/
^http://(.+@)?mazdaspeedzone.com/
^http://(.+@)?mingwater.com/
^http://(.+@)?miosmschat.com/
^http://(.+@)?miosmsclub.com/
^http://(.+@)?mirabellaclub.com/
^http://(.+@)?mirabellamotors.com/
^http://(.+@)?mirabellanews.com/
^http://(.+@)?mirabellaonline.com/
^http://(.+@)?mobilephotoblog.com/
^http://(.+@)?moneymedal.com/
^http://(.+@)?morefreesms.com/
^http://(.+@)?movie4thjuly.com/
^http://(.+@)?moviefireworks.com/
^http://(.+@)?movieindependence.com/
^http://(.+@)?movies4thjuly.com/
^http://(.+@)?moviesfireworks.com/
^http://(.+@)?moviesindependence.com/
^http://(.+@)?netcitycab.com/
^http://(.+@)?newlifeyearsite.com/
^http://(.+@)?newmediayearguide.com/
^http://(.+@)?newyearcardcompany.com/
^http://(.+@)?newyearcardfree.com/
^http://(.+@)?newyearcardonline.com/
^http://(.+@)?newyearcardservice.com/
^http://(.+@)?noloid.com/
^http://(.+@)?nonprobs.com/
^http://(.+@)?nuovosms.com/
^http://(.+@)?nuovosmsclub.com/
^http://(.+@)?orldlovelife.com/
^http://(.+@)?oughwa.com/
^http://(.+@)?outdoorindependence.com/
^http://(.+@)?painkee.com/
^http://(.+@)?pantali.com/
^http://(.+@)?pathoph.com/
^http://(.+@)?petcabtaxi.com/
^http://(.+@)?photoblogsite.com/
^http://(.+@)?prerre.com/
^http://(.+@)?primosmsfree.com/
^http://(.+@)?purgand.com/
^http://(.+@)?rascop.com/
^http://(.+@)?reportradio.com/
^http://(.+@)?residencehunter.com/
^http://(.+@)?romanticsloving.com/
^http://(.+@)?screenalias.com/
^http://(.+@)?seocom.mobi/
^http://(.+@)?seocom.name/
^http://(.+@)?seofon.net/
^http://(.+@)?smartcardgreeting.com/
^http://(.+@)?smartsalesgroup.com/
^http://(.+@)?smophi.com/
^http://(.+@)?smsclubnet.com/
^http://(.+@)?smsdiretto.com/
^http://(.+@)?smsinlinea.com/
^http://(.+@)?smsluogo.com/
^http://(.+@)?smspianeta.com/
^http://(.+@)?sodanthu.com/
^http://(.+@)?spacemynews.com/
^http://(.+@)?specipa.com/
^http://(.+@)?superchristmasday.com/
^http://(.+@)?superchristmaslights.com/
^http://(.+@)?superhandycap.com/
^http://(.+@)?superioresms.com/
^http://(.+@)?superobamadirect.com/
^http://(.+@)?superobamaonline.com/
^http://(.+@)?superpartycab.com/
^http://(.+@)?supersalesonline.com/
^http://(.+@)?superyearcard.com/
^http://(.+@)?tabatti.com/
^http://(.+@)?tagdebt.com/
^http://(.+@)?tatumen.com/
^http://(.+@)?terroralertstatus.com/
^http://(.+@)?terrorfear.com/
^http://(.+@)?terrorismfree.com/
^http://(.+@)?thebaracksite.com/
^http://(.+@)?thecoupondiscount.com/
^http://(.+@)?thehandygal.com/
^http://(.+@)?themazdacar.com/
^http://(.+@)?themazdaspeed.com/
^http://(.+@)?themirabelladirect.com/
^http://(.+@)?themirabellaguide.com/
^http://(.+@)?themirabellahome.com/
^http://(.+@)?themostrateblog.com/
^http://(.+@)?thevalentinelovers.com/
^http://(.+@)?thevalentineparty.com/
^http://(.+@)?theworldpool.com/
^http://(.+@)?thingre.com/
^http://(.+@)?tntbreakingnews.com/
^http://(.+@)?tobeyew.com/
^http://(.+@)?topgreetingsite.com/
^http://(.+@)?topwale.com/
^http://(.+@)?urbanfear.com/
^http://(.+@)?usabreakingnews.com/
^http://(.+@)?video4thjuly.com/
^http://(.+@)?videoindependence.com/
^http://(.+@)?virtualesms.com/
^http://(.+@)?wagerpond.com/
^http://(.+@)?waledirekt.com/
^http://(.+@)?waleonline.com/
^http://(.+@)?waleprojekt.com/
^http://(.+@)?wapcitynews.com/
^http://(.+@)?wealthleaf.com/
^http://(.+@)?whitewhitechristmas.com/
^http://(.+@)?whocherish.com/
^http://(.+@)?wirelessvalentineday.com/
^http://(.+@)?workcaredirect.com/
^http://(.+@)?workhomegold.com/
^http://(.+@)?worklifedata.com/
^http://(.+@)?worldgreetingcard.com/
^http://(.+@)?worldlovelife.com/
^http://(.+@)?worldnewsdot.com/
^http://(.+@)?worldnewseye.com/
^http://(.+@)?worldtracknews.com/
^http://(.+@)?worshiplove.com/
^http://(.+@)?youradore.com/
^http://(.+@)?yourbarrier.com/
^http://(.+@)?yourbreakingnew.com/
^http://(.+@)?yourchristmaslights.com/
^http://(.+@)?yourcountycoupon.com/
^http://(.+@)?yourdatabank.com/
^http://(.+@)?yourdecember.com/
^http://(.+@)?yourgreatlove.com/
^http://(.+@)?yourhandyhome.com/
^http://(.+@)?yourlength.com/
^http://(.+@)?yourlol.com/
^http://(.+@)?yourmazdacar.com/
^http://(.+@)?yourmazdatribute.com/
^http://(.+@)?yourmirabelladirect.com/
^http://(.+@)?yourregards.com/
^http://(.+@)?yourteamdoc.com/
^http://(.+@)?yourvalentineday.com/
^http://(.+@)?yourvalentinepoems.com/
^http://(.+@)?yourwent.com/
^http://(.+@)?youryearcard.com/
^http://(.+@)?yusitymp.com/

OM, dimana aku mau letak list ini dalam proxy setting aku?

kaptenhook

@syedadi:

@kaptenhook:

list conflicker

^http://(.+@)?4thfirework.com/
^http://(.+@)?adorelyric.com/
^http://(.+@)?adorepoem.com/
^http://(.+@)?adoresong.com/
^http://(.+@)?adoresongs.com/
^http://(.+@)?againstfear.com/
^http://(.+@)?alldatanow.com/
^http://(.+@)?alldataworld.com/
^http://(.+@)?antiterroralliance.com/
^http://(.+@)?antiterroris.com/
^http://(.+@)?antiterrornetwork.com/
^http://(.+@)?aweleon.com/
^http://(.+@)?bakeloaf.com/
^http://(.+@)?bayhousehotel.com/
^http://(.+@)?beadcareer.com/
^http://(.+@)?beadworkdirect.com/
^http://(.+@)?bedioger.com/
^http://(.+@)?bestadore.com/
^http://(.+@)?bestbarack.com/
^http://(.+@)?bestbaracksite.com/
^http://(.+@)?bestblogdirect.com/
^http://(.+@)?bestbreakingfree.com/
^http://(.+@)?bestchristmascard.com/
^http://(.+@)?bestcouponfree.com/
^http://(.+@)?bestgoodnews.com/
^http://(.+@)?bestjournalguide.com/
^http://(.+@)?bestlifeblog.com/
^http://(.+@)?bestlovehelp.com/
^http://(.+@)?bestlovelong.com/
^http://(.+@)?bestmazdadealer.com/
^http://(.+@)?bestmirabella.com/
^http://(.+@)?bestobamadirect.com/
^http://(.+@)?bestusablog.com/
^http://(.+@)?bestyearcard.com/
^http://(.+@)?bicodehl.com/
^http://(.+@)?birdab.com/
^http://(.+@)?biumer.com/
^http://(.+@)?blackchristmascard.com/
^http://(.+@)?blogginhell.com/
^http://(.+@)?blogsitedirect.com/
^http://(.+@)?bluevalentineonline.com/
^http://(.+@)?boarddiary.com/
^http://(.+@)?breakingfreemichigan.com/
^http://(.+@)?breakinggoodnews.com/
^http://(.+@)?breakingkingnews.com/
^http://(.+@)?breakingnewsfm.com/
^http://(.+@)?breakingnewsltd.com/
^http://(.+@)?buymazdacars.com/
^http://(.+@)?cantlosedata.com/
^http://(.+@)?cardnewyear.com/
^http://(.+@)?chatloveonline.com/
^http://(.+@)?cheapdecember.com/
^http://(.+@)?cherishletter.com/
^http://(.+@)?cherishpoems.com/
^http://(.+@)?chinamobilesms.com/
^http://(.+@)?christmaslightsnow.com/
^http://(.+@)?cismosis.com/
^http://(.+@)?codecouponsite.com/
^http://(.+@)?coralarm.com/
^http://(.+@)?crucism.com/
^http://(.+@)?cycloro.com/
^http://(.+@)?deathtaxi.com/
^http://(.+@)?debtbgonesite.com/
^http://(.+@)?decemberchristmas.com/
^http://(.+@)?directchristmasgift.com/
^http://(.+@)?discountfreesms.com/
^http://(.+@)?downloadfreesms.com/
^http://(.+@)?easyworldnews.com/
^http://(.+@)?eccellentesms.com/
^http://(.+@)?encybest.com/
^http://(.+@)?entrank.com/
^http://(.+@)?eternalgreetingcard.com/
^http://(.+@)?expowale.com/
^http://(.+@)?extendedman.com/
^http://(.+@)?farboards.com/
^http://(.+@)?favolu.com/
^http://(.+@)?fearalert.com/
^http://(.+@)?fireholiday.com/
^http://(.+@)?fireworksholiday.com/
^http://(.+@)?fireworksnetwork.com/
^http://(.+@)?fireworkspoint.com/
^http://(.+@)?framtr.com/
^http://(.+@)?freechristmassite.com/
^http://(.+@)?freechristmasworld.com/
^http://(.+@)?freecolorsms.com/
^http://(.+@)?freedecember.com/
^http://(.+@)?freedoconline.com/
^http://(.+@)?freeindependence.com/
^http://(.+@)?freeservesms.com/
^http://(.+@)?freesmsorange.com/
^http://(.+@)?frostep.com/
^http://(.+@)?fryroll.com/
^http://(.+@)?funloveonline.com/
^http://(.+@)?funnychristmasguide.com/
^http://(.+@)?funnyvalentinessite.com/
^http://(.+@)?gemells.com/
^http://(.+@)?globalantiterror.com/
^http://(.+@)?goldfixonline.com/
^http://(.+@)?gonesite.com/
^http://(.+@)?goodnewsdigital.com/
^http://(.+@)?goodnewsreview.com/
^http://(.+@)?goog-analysis.com/
^http://(.+@)?googol-analisys.com/
^http://(.+@)?greatbarackguide.com/
^http://(.+@)?greatcouponclub.com/
^http://(.+@)?greatmazdacars.com/
^http://(.+@)?greatmirabellasite.com/
^http://(.+@)?greatobamaguide.com/
^http://(.+@)?greatobamaonline.com/
^http://(.+@)?greatsalesavailable.com/
^http://(.+@)?greatsalesgroup.com/
^http://(.+@)?greatsalestax.com/
^http://(.+@)?greatsvalentine.com/
^http://(.+@)?greatvalentinepoems.com/
^http://(.+@)?greetingcardcalendar.com/
^http://(.+@)?greetingcardgarb.com/
^http://(.+@)?greetingguide.com/
^http://(.+@)?greetingsupersite.com/
^http://(.+@)?gumentha.com/
^http://(.+@)?handyphoneworld.com/
^http://(.+@)?happyindependence.com/
^http://(.+@)?hindger.com/
^http://(.+@)?holidayfirework.com/
^http://(.+@)?holidaysfirework.com/
^http://(.+@)?holidayxmas.com/
^http://(.+@)?holifireworks.com/
^http://(.+@)?hornalfa.com/
^http://(.+@)?interactiveindependence.com/
^http://(.+@)?ipersmstext.com/
^http://(.+@)?itsfatherchristmas.com/
^http://(.+@)?jobarack.com/
^http://(.+@)?justchristmasgift.com/
^http://(.+@)?lastlabel.com/
^http://(.+@)?lifegreetingcard.com/
^http://(.+@)?linkworldnews.com/
^http://(.+@)?livechristmascard.com/
^http://(.+@)?livechristmasgift.com/
^http://(.+@)?longballonline.com/
^http://(.+@)?losenowfast.com/
^http://(.+@)?lovecentralonline.com/
^http://(.+@)?lovelifeportal.com/
^http://(.+@)?macride.com/
^http://(.+@)?mazdaautomotiveparts.com/
^http://(.+@)?mazdacarclub.com/
^http://(.+@)?mazdaspeedzone.com/
^http://(.+@)?mingwater.com/
^http://(.+@)?miosmschat.com/
^http://(.+@)?miosmsclub.com/
^http://(.+@)?mirabellaclub.com/
^http://(.+@)?mirabellamotors.com/
^http://(.+@)?mirabellanews.com/
^http://(.+@)?mirabellaonline.com/
^http://(.+@)?mobilephotoblog.com/
^http://(.+@)?moneymedal.com/
^http://(.+@)?morefreesms.com/
^http://(.+@)?movie4thjuly.com/
^http://(.+@)?moviefireworks.com/
^http://(.+@)?movieindependence.com/
^http://(.+@)?movies4thjuly.com/
^http://(.+@)?moviesfireworks.com/
^http://(.+@)?moviesindependence.com/
^http://(.+@)?netcitycab.com/
^http://(.+@)?newlifeyearsite.com/
^http://(.+@)?newmediayearguide.com/
^http://(.+@)?newyearcardcompany.com/
^http://(.+@)?newyearcardfree.com/
^http://(.+@)?newyearcardonline.com/
^http://(.+@)?newyearcardservice.com/
^http://(.+@)?noloid.com/
^http://(.+@)?nonprobs.com/
^http://(.+@)?nuovosms.com/
^http://(.+@)?nuovosmsclub.com/
^http://(.+@)?orldlovelife.com/
^http://(.+@)?oughwa.com/
^http://(.+@)?outdoorindependence.com/
^http://(.+@)?painkee.com/
^http://(.+@)?pantali.com/
^http://(.+@)?pathoph.com/
^http://(.+@)?petcabtaxi.com/
^http://(.+@)?photoblogsite.com/
^http://(.+@)?prerre.com/
^http://(.+@)?primosmsfree.com/
^http://(.+@)?purgand.com/
^http://(.+@)?rascop.com/
^http://(.+@)?reportradio.com/
^http://(.+@)?residencehunter.com/
^http://(.+@)?romanticsloving.com/
^http://(.+@)?screenalias.com/
^http://(.+@)?seocom.mobi/
^http://(.+@)?seocom.name/
^http://(.+@)?seofon.net/
^http://(.+@)?smartcardgreeting.com/
^http://(.+@)?smartsalesgroup.com/
^http://(.+@)?smophi.com/
^http://(.+@)?smsclubnet.com/
^http://(.+@)?smsdiretto.com/
^http://(.+@)?smsinlinea.com/
^http://(.+@)?smsluogo.com/
^http://(.+@)?smspianeta.com/
^http://(.+@)?sodanthu.com/
^http://(.+@)?spacemynews.com/
^http://(.+@)?specipa.com/
^http://(.+@)?superchristmasday.com/
^http://(.+@)?superchristmaslights.com/
^http://(.+@)?superhandycap.com/
^http://(.+@)?superioresms.com/
^http://(.+@)?superobamadirect.com/
^http://(.+@)?superobamaonline.com/
^http://(.+@)?superpartycab.com/
^http://(.+@)?supersalesonline.com/
^http://(.+@)?superyearcard.com/
^http://(.+@)?tabatti.com/
^http://(.+@)?tagdebt.com/
^http://(.+@)?tatumen.com/
^http://(.+@)?terroralertstatus.com/
^http://(.+@)?terrorfear.com/
^http://(.+@)?terrorismfree.com/
^http://(.+@)?thebaracksite.com/
^http://(.+@)?thecoupondiscount.com/
^http://(.+@)?thehandygal.com/
^http://(.+@)?themazdacar.com/
^http://(.+@)?themazdaspeed.com/
^http://(.+@)?themirabelladirect.com/
^http://(.+@)?themirabellaguide.com/
^http://(.+@)?themirabellahome.com/
^http://(.+@)?themostrateblog.com/
^http://(.+@)?thevalentinelovers.com/
^http://(.+@)?thevalentineparty.com/
^http://(.+@)?theworldpool.com/
^http://(.+@)?thingre.com/
^http://(.+@)?tntbreakingnews.com/
^http://(.+@)?tobeyew.com/
^http://(.+@)?topgreetingsite.com/
^http://(.+@)?topwale.com/
^http://(.+@)?urbanfear.com/
^http://(.+@)?usabreakingnews.com/
^http://(.+@)?video4thjuly.com/
^http://(.+@)?videoindependence.com/
^http://(.+@)?virtualesms.com/
^http://(.+@)?wagerpond.com/
^http://(.+@)?waledirekt.com/
^http://(.+@)?waleonline.com/
^http://(.+@)?waleprojekt.com/
^http://(.+@)?wapcitynews.com/
^http://(.+@)?wealthleaf.com/
^http://(.+@)?whitewhitechristmas.com/
^http://(.+@)?whocherish.com/
^http://(.+@)?wirelessvalentineday.com/
^http://(.+@)?workcaredirect.com/
^http://(.+@)?workhomegold.com/
^http://(.+@)?worklifedata.com/
^http://(.+@)?worldgreetingcard.com/
^http://(.+@)?worldlovelife.com/
^http://(.+@)?worldnewsdot.com/
^http://(.+@)?worldnewseye.com/
^http://(.+@)?worldtracknews.com/
^http://(.+@)?worshiplove.com/
^http://(.+@)?youradore.com/
^http://(.+@)?yourbarrier.com/
^http://(.+@)?yourbreakingnew.com/
^http://(.+@)?yourchristmaslights.com/
^http://(.+@)?yourcountycoupon.com/
^http://(.+@)?yourdatabank.com/
^http://(.+@)?yourdecember.com/
^http://(.+@)?yourgreatlove.com/
^http://(.+@)?yourhandyhome.com/
^http://(.+@)?yourlength.com/
^http://(.+@)?yourlol.com/
^http://(.+@)?yourmazdacar.com/
^http://(.+@)?yourmazdatribute.com/
^http://(.+@)?yourmirabelladirect.com/
^http://(.+@)?yourregards.com/
^http://(.+@)?yourteamdoc.com/
^http://(.+@)?yourvalentineday.com/
^http://(.+@)?yourvalentinepoems.com/
^http://(.+@)?yourwent.com/
^http://(.+@)?youryearcard.com/
^http://(.+@)?yusitymp.com/

OM, dimana aku mau letak list ini dalam proxy setting aku?

Setup some default acls

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535
acl sslports port 443 563
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl mallware url_regex '/usr/local/etc/squid/mallware.url'
acl conficker url_regex '/usr/local/etc/squid/conficker.url'
acl partialcontent_req req_header Range .*
#acl dynamic urlpath_regex cgi-bin ?
include /usr/local/etc/squid/include.conf
acl allowed_subnets src 192.168.x.x/27
#cache deny dynamic
http_access allow manager localhost

syedadi

OK, aku cuba ni… =)

Thanks

pfz

apapun yg berkaitan dengan Mallware pake SquidGuard dijamin deh…. ;D

serangku

kalau Mall kayak Matahari, SOGO, Hero, Hypermart dll …
itu gimana yah om pak de ...  ;D ;D ;D

OOT deh ..

queues

@serangku:

kalau Mall kayak Matahari, SOGO, Hero, Hypermart dll …
itu gimana yah om pak de ...  ;D ;D ;D

OOT deh ..

Tambahin OOTnya ya om :D

bahas tentang SRG dong om yang ada disini http://code.google.com/p/pfsense-cacheboy/

cara Installnya gmana ya? udh coba dr td tp gak bs akses.

syedadi

Mau tanya ni OM,  ???

gimana mau limit user apabila die download file yg lebih besar dari 50MB kelajuan bandwidth nya jadi 20kbp/s sahaja? aku sukar mau limit kerana ada user yg download movie dari mediafire….aku engak mau block, aku mau die fad-up download movie kerana kecepatanya rendah...

Boleh konsi caranya x OM?

delay_class 2 2;
delay_parameters 2 300000/300000 20971520/20971520;
delay_access 2 allow local_user;
delay_access 2 deny all;

Betul engak configurasi sebegini? Bila user download lebih 20MB, kelajuan jadi 30kbps? or aku salah disini? tolong om

poscom

@syedadi:

Mau tanya ni OM,  ???

gimana mau limit user apabila die download file yg lebih besar dari 50MB kelajuan bandwidth nya jadi 20kbp/s sahaja? aku sukar mau limit kerana ada user yg download movie dari mediafire….aku engak mau block, aku mau die fad-up download movie kerana kecepatanya rendah...

Boleh konsi caranya x OM?

delay_class 2 2;
delay_parameters 2 300000/300000 20971520/20971520;
delay_access 2 allow local_user;
delay_access 2 deny all;

Betul engak configurasi sebegini? Bila user download lebih 20MB, kelajuan jadi 30kbps? or aku salah disini? tolong om

pake CP jangan pake deley p

syedadi

aku engak pakai CP OM….connection biase saja...transparent proxy.

serangku

lanjut deh gan oprekan conf nya ….
biar enak tuh cumi buat menu buka puasa nanti ...  :)

syedadi

My Squid Setings…bnyk copy n paste aja nih...  ;D

Do not edit manually !

http_port 192.168.0.2:3128
http_port 127.0.0.1:80 transparent
icp_port 0

pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/English
icon_directory /usr/local/etc/squid/icons
visible_hostname localhost
cache_mgr XXXXXX
access_log /var/squid/log/access.log
cache_log /var/squid/log/cache.log
cache_store_log none
shutdown_lifetime 3 seconds

Allow local network(s) on interface(s)

acl localnet src  192.168.0.0/255.255.255.0
forwarded_for off
via off
uri_whitespace strip

cache_mem 50 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir ufs /var/squid/cache 40000 16 256
minimum_object_size 0 KB
maximum_object_size 200000 KB
offline_mode on
cache_swap_low 90
cache_swap_high 95
acl donotcache dstdomain "/var/squid/acl/donotcache.acl"
cache deny donotcache

No redirector configured

Setup some default acls

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 5331 3128 1025-65535
acl sslports port 443 563 5331
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin ?
acl allowed_subnets src 192.168.0.0/24 192.168.2.0/24
acl unrestricted_hosts src "/var/squid/acl/unrestricted_hosts.acl"
acl whitelist dstdom_regex -i "/var/squid/acl/whitelist.acl"
acl blacklist dstdom_regex -i "/var/squid/acl/blacklist.acl"
cache deny dynamic
http_access allow manager localhost
 
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

Always allow localhost connections

http_access allow localhost

quick_abort_min 0 KB
quick_abort_max 0 KB
request_body_max_size 0 KB
reply_body_max_size 102400000 deny all

#Pool Settings
delay_pools 3

#Pool 1
delay_class 1 2
delay_parameters 1 -1/-1 30720/30720
delay_initial_bucket_level 100

Throttle extensions matched in the url

acl throttle_exts urlpath_regex -i "/var/squid/acl/throttle_exts.acl"
delay_access 1 allow throttle_exts
delay_access 1 deny all

#Pool 2
acl filesharing url_regex -i 2shared.com 4shared.com depositfiles.com easy-share.com filefactory.com fileserve.com filesonic.com hotfile.com letitbit.net megashares.com megaupload.com oron.com rapidshare.com rapidshare.de sharingmatrix.com turbobit.net uploaded.to uploading.com uploadstation.com wupload.com zshare.net
delay_class 2 2
delay_parameters 2 -1/-1 15000/12428800
delay_access 2 allow filesharing
delay_access 2 deny all

#Pool 3
acl vidhosting url_regex -i youtube.com vimeo.com metacafe.com veoh.com video.google.com viddownloader.com vixy.net keepvid.com
delay_class 3 2
delay_parameters 3 -1/-1 50720/50720
delay_access 3 allow vidhosting
delay_access 3 deny all

These hosts do not have any restrictions

http_access allow unrestricted_hosts

Always allow access to whitelist domains

http_access allow whitelist

Block access to blacklist domains

http_access deny blacklist

Setup allowed acls

Allow local network(s) on interface(s)

http_access allow allowed_subnets
http_access allow localnet

Custom options

refresh_pattern ^http://.facebook.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://.kaskus.us/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://.google.co*./ 10080 90% 43200 reload-into-ims
refresh_pattern ^http://.yahoo.co./ 10080 90% 43200 reload-into-ims
refresh_pattern ^http://..windowsupdate.microsoft.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://office.microsoft.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://windowsupdate.microsoft.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://w?xpsp[0-9].microsoft.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://w2ksp[0-9].microsoft.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://download.microsoft.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://download.macromedia.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^ftp://ftp.nai.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://ftp.software.ibm.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://.friendster.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://.detik.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://.kaskus.us/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://.google.co*./ 10080 90% 43200 reload-into-ims
refresh_pattern ^http://.yahoo.co*.*/ 10080 90% 43200 reload-into-ims

refresh_pattern ^http://.facebook.com/.* 720 100% 4320
refresh_pattern ^http://.apps.facebook.com/.* 720 100% 4320
refresh_pattern ^http://.profile.ak.fbcdn.net/. 720 100% 4320
refresh_pattern ^http://.creative.ak.fbcdn.net/. 720 100% 4320
refresh_pattern ^http://.static.ak.fbcdn.net/. 720 100% 4320
refresh_pattern ^http://.facebook.poker.zynga.com/. 720 100% 4320
refresh_pattern ^http://.statics.poker.static.zynga.com/. 720 100% 4320
refresh_pattern ^http://.zynga./.* 720 100% 4320
refresh_pattern ^http://.texas_holdem./.* 720 100% 4320
refresh_pattern ^http://.google./.* 720 100% 4320
refresh_pattern ^http://.indowebster./.* 720 100% 4320
refresh_pattern ^http://.4shared./.* 720 100% 4320
refresh_pattern ^http://.yahoo.com/. 720 100% 4320
refresh_pattern ^http://.yimg./.* 720 100% 4320
refresh_pattern ^http://.plasa.com/. 720 100% 4320
refresh_pattern ^http://.boleh./.* 720 100% 4320
refresh_pattern ^http://.detik./.* 180 100% 4320
refresh_pattern ^http://.detikinet./.* 180 100% 4320
refresh_pattern ^http://.detikhot./.* 180 100% 4320
refresh_pattern ^http://.detiportal./.* 180 100% 4320
refresh_pattern ^http://.kompas./.* 180 100% 4320
refresh_pattern ^http://.kapanlagi./.* 720 100% 4320
refresh_pattern ^http://.google-analytics./.* 720 100% 4320
refresh_pattern ^http://.macromedia./.* 720 100% 4320
refresh_pattern ^http://.adobe./.* 720 100% 4320
refresh_pattern ^http://.pandasoftware./.* 720 100% 4320
refresh_pattern ^http://.comodo./.* 720 100% 4320
refresh_pattern ^http://.foxitsoftware./.* 720 100% 4320
refresh_pattern ^http://.avg./.* 720 100% 4320
refresh_pattern ^http://.avast./.* 720 100% 4320

Manual configuration

refresh_pattern ^http://(.?)/get_video? 10080 90% 999999 override-expire ignore-no-cache ignore-private
refresh_pattern ^http://(.?)/videoplayback? 10080 90% 999999 override-expire ignore-no-cache ignore-private
refresh_pattern -i (get_video?|videoplayback?id|videoplayback.*id) 161280 50000% 525948 override-expire ignore-reload

compressed

refresh_pattern -i .gz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .cab$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .bzip2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .bz2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .gz2$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .tgz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .tar.gz$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .zip$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .rar$ 1008000 90% 99999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .tar$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .ace$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .7z$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

documents

refresh_pattern -i .xls$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .doc$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .xlsx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .docx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .pdf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .ppt$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .pptx$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .rtf?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

multimedia

refresh_pattern -i .mid$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .wav$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .viv$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .mpg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .mov$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .avi$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .asf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .qt$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .rm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .rmvb$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .mpeg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .wmp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .3gp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .mp3$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .mp4$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

web content

refresh_pattern -i .js$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .psf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .html$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .htm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .css$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .swf$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .js?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .css?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .xml$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

images

refresh_pattern -i .gif$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .jpg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .png$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .jpeg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .bmp$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .psd$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .ad$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .gif?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .jpg?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .png?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .jpeg?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .psd?$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

application

refresh_pattern -i .deb$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .rpm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .msi$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .exe$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .dmg$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

misc

refresh_pattern -i .dat$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .qtm$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

itunes

refresh_pattern -i .m4p$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i .mpa$ 10080 90% 999999 override-expire override-lastmod reload-into-ims ignore-reload

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern cgi-bin  0  0%  0
refresh_pattern ?  0  20%  4320
refresh_pattern .  0  20%  4320

redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
redirector_bypass on
redirect_children 3

Default block all to be sure

http_access deny all

dynasty

:'( :'( :'( Permisi om om squid tolong di cek squid ane,baru 1 minggu coba utak atik pfsense

Do not edit manually !

http_port 192.168.1.77:3128
http_port 127.0.0.1:3128 transparent
icp_port 0

pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/English
icon_directory /usr/local/etc/squid/icons
visible_hostname dynastymanokwari
cache_mgr admin@dynasty.net
access_log /var/squid/logs/access.log
cache_log /var/squid/logs/cache.log
cache_store_log none
logfile_rotate 1
shutdown_lifetime 3 seconds

Allow local network(s) on interface(s)

acl localnet src  192.168.1.0/255.255.255.0
forwarded_for off
via off
uri_whitespace strip
dns_nameservers 127.0.0.1
cache_mem 8 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir ufs /var/squid/cache 10000 16 256
minimum_object_size 0 KB
maximum_object_size 1000 KB
offline_mode off
cache_swap_low 90
cache_swap_high 95

No redirector configured

Setup some default acls

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535
acl sslports port 443 563 81
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin ?
acl blacklist dstdom_regex -i "/var/squid/acl/blacklist.acl"
cache deny dynamic
http_access allow manager localhost

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

Always allow localhost connections

http_access allow localhost

quick_abort_min 0 KB
quick_abort_max 0 KB
request_body_max_size 0 KB
reply_body_max_size 0 deny all
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100

Throttle extensions matched in the url

acl throttle_exts urlpath_regex -i "/var/squid/acl/throttle_exts.acl"
delay_access 1 allow throttle_exts
delay_access 1 deny all

Block access to blacklist domains

http_access deny blacklist

Setup allowed acls

Allow local network(s) on interface(s)

http_access allow localnet

Default block all to be sure

http_access deny all
–-------------------------------------------
prosesor Intel(R) Pentium(R) 4 CPU 2.40GHz
memory 1 G
HD 80 G

termakasih sebelumnya

serangku

saran dari om …
investasr dgn maksimalkan ram pisiknya
yg 32 bit bisa sampe 3gb
yg 64 bit bisa 4 gb keatas

toh harga ram sudah lebih murah