Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Improve Custom refresh pattern

    Scheduled Pinned Locked Moved Cache/Proxy
    111 Posts 27 Posters 46.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kikawala
      last edited by

      @pfsensation:

      @kikawala:

      I have this for Apple iOS updates and iOS apps.

      refresh_pattern -i appldnld\.apple\.com 129600 100% 129600 ignore-reload ignore-no-store override-expire override-lastmod ignore-must-revalidate

refresh_pattern -i phobos\.apple\.com 129600 100% 129600 ignore-reload ignore-no-store override-expire override-lastmod ignore-must-revalidate

refresh_pattern -i iosapps\.itunes\.apple\.com 129600 100% 129600 ignore-reload ignore-no-store override-expire override-lastmod ignore-must-revalidate

      Doesn't apple block MITM using certificate pinning? Since their app store is over HTTPS.

      Apps and iOS updates are over HTTP

      1 Reply Last reply Reply Quote 0
      • T
        trinitech
        last edited by

        Hi,

        Sorry for the stupid question..
        But where does the following code goes:

        #new refresh patterns 3
acl Windows_Update dstdomain windowsupdate.microsoft.com
acl Windows_Update dstdomain .update.microsoft.com
acl Windows_Update dstdomain download.windowsupdate.com
acl Windows_Update dstdomain www.download.windowsupdate.com
acl Windows_Update dstdomain au.download.windowsupdate.com
acl Windows_Update dstdomain bg.v4.pr.dl.ws.microsoft.com

        Does it go to the ACLs tab?
        Is it white list or does it go in local cache -> Custom refresh_patterns

        Thank you

        1 Reply Last reply Reply Quote 0
        • marcellocM
          marcelloc
          last edited by

          @trinitech:

          Is it white list or does it go in local cache -> Custom refresh_patterns

          Custom refresh_patterns

          Treinamentos de Elite: http://sys-squad.com

          Help a community developer! ;D

          1 Reply Last reply Reply Quote 0
          • S
            saluto
            last edited by

            Any refresh for videos in http?

            1 Reply Last reply Reply Quote 0
            • A
              aGeekhere
              last edited by

              (@saluto:

              Any refresh for videos in http?

              No, although refresh patterns are not my strong point

              Never Fear, A Geek is Here!

              1 Reply Last reply Reply Quote 0
              • E
                erviesuarez
                last edited by

                do i just need to copy this codes and paste it into my custom pattern_refresh box? soory im a newbie here.

                1 Reply Last reply Reply Quote 0
                • A
                  aGeekhere
                  last edited by

                  Yes, did it improve your hit rate?

                  Never Fear, A Geek is Here!

                  1 Reply Last reply Reply Quote 0
                  • R
                    remzej
                    last edited by

                    @Valeriy:

                    Two invalid expressions.
                    Somebody can fix them?

                    /usr/local/etc/squid/squid.conf line 52: refresh_pattern -i .(rar|jar|gz|tgz|tar|bz2|iso|m1v|m2(v|p)|mo(d|v)|(x-|)flv) 129600 100% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-reload
                    refreshAddToList: Invalid regular expression '.(rar|jar|gz|tgz|tar|bz2|iso|m1v|m2(v|p)|mo(d|v)|(x-|)flv)': empty (sub)expression

                    _  kid1| /usr/local/etc/squid/squid.conf line 136: refresh_pattern -i ^http://(khm?)([^/]?).google.(de|com)    129600 100% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-reload
                    refreshAddToList: Invalid regular expression '^http://(khm?)([^/]                    ?).google.(de|com)': repetition-operator operand invalid_

                    I just change it to ^http://(khm?)([^/]?).google.(de|com) by removing the *

                    1 Reply Last reply Reply Quote 0
                    • A
                      aGeekhere
                      last edited by

                      So replace

                      refresh_pattern -i ^http://(khm?)([^/]*?).google.(de|com)    129600 100% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-reload
                      with ?
                      refresh_pattern -i ^http://(khm?)([^/]?).google.(de|com)    129600 100% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-reload

                      replace
                      refresh_pattern -i .(rar|jar|gz|tgz|tar|bz2|iso|m1v|m2(v|p)|mo(d|v)|(x-|)flv) 129600 100% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-reload

                      with ?

                      refresh_pattern -i .(rar|jar|gz|tgz|tar|bz2|iso|m1v|m2(v|p)|mo(d|v)|flv) 129600 100% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-reload

                      Can someone confirm the changes are correct.

                      Never Fear, A Geek is Here!

                      1 Reply Last reply Reply Quote 0
                      • B
                        brianc69
                        last edited by

                        Facebook is a heavy traffic site for me which I could probably benefit from caching. I'm curious what the ip is?

                        #images facebook
                        refresh_pattern ((facebook.com)|(85.131.151.39))..(jpg|png|gif) 129600 100% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store
                        refresh_pattern -i .fbcdn.net.                        .(jpg|gif|png|swf|mp3)          129600 100% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store
                        refresh_pattern static.ak.fbcdn.net*.(jpg|gif|png)            129600 100% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store
                        refresh_pattern ^http://profile.ak.fbcdn.net*.(jpg|gif|png)  129600 100% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store

                        1 Reply Last reply Reply Quote 0
                        • A
                          aGeekhere
                          last edited by

                          Just a question has anyone found an Improvement in there hit rate using this custom refresh pattern?

                          I wounder if there is a simple refresh_pattern * that sates cache all instead of defining all these file types and domains.

                          Never Fear, A Geek is Here!

                          1 Reply Last reply Reply Quote 0
                          • V
                            Valeriy
                            last edited by

                            A simple refresh pattern will break HTTP heavily.
                            You  can increase number of minutes in default pattern and see yourself.

                            1 Reply Last reply Reply Quote 0
                            • S
                              saluto
                              last edited by

                              @brianc69:

                              Facebook is a heavy traffic site for me which I could probably benefit from caching. I'm curious what the ip is?

                              #images facebook
                              refresh_pattern ((facebook.com)|(85.131.151.39))..(jpg|png|gif) 129600 100% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store
                              refresh_pattern -i .fbcdn.net.                              .(jpg|gif|png|swf|mp3)          129600 100% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store
                              refresh_pattern static.ak.fbcdn.net*.(jpg|gif|png)            129600 100% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store
                              refresh_pattern ^http://profile.ak.fbcdn.net*.(jpg|gif|png)  129600 100% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store

                              something in the link below, but I was not able to  implement in pfsense.
                              http://comastnet.blogspot.com.br/2016/06/squid-youtube-cache-2016-terbaru-suport.html

                              1 Reply Last reply Reply Quote 0
                              • J
                                jayden
                                last edited by

                                any idea of caching playstore apps

                                1 Reply Last reply Reply Quote 0
                                • KOMK
                                  KOM
                                  last edited by

                                  something in the link below, but I was not able to  implement in pfsense.
                                  http://comastnet.blogspot.com.br/2016/06/squid-youtube-cache-2016-terbaru-suport.html

                                  I cannot believe that this guy puts up this web page with a massive spew of commands & config, and then sets the page so you can't copy the text.  What a tool.

                                  1 Reply Last reply Reply Quote 0
                                  • D
                                    doktornotor Banned
                                    last edited by

                                    @KOM:

                                    and then sets the page so you can't copy the text.  What a tool.

                                    Well, you can, with "view page source".  ;D

                                    He needs brain transplant, apparently…

                                    1 Reply Last reply Reply Quote 0
                                    • P
                                      Presbuteros
                                      last edited by

                                      @KOM:

                                      and then sets the page so you can't copy the text.

                                      Right-Click
                                      Save Page As
                                      Text Files

                                      Copied out of the saved text file.

                                      
  COMASTNET <http: comastnet.blogspot.com.br="">

Dedicated Internet Partner

 <http: www.blogger.com="" rearrange?blogid="6188556111244267124&amp;widgetType=HTML&amp;widgetId=HTML4&amp;action=editWidget&amp;sectionId=header2">* Home

    <http: comastnet.blogspot.com.br="">

Headlines News :
skip to main <#main> | skip to sidebar <#sidebar>
 <http: www.blogger.com="" rearrange?blogid="6188556111244267124&amp;widgetType=HTML&amp;widgetId=HTML5&amp;action=editWidget&amp;sectionId=main">Home <http: comastnet.blogspot.com.br=""> » computer
 <http: comastnet.blogspot.com.br="" search="" label="" computer="">, internet
 <http: comastnet.blogspot.com.br="" search="" label="" internet="">, linux
 <http: comastnet.blogspot.com.br="" search="" label="" linux="">» Squid Youtube
Cache 2016 Terbaru suport HTTP & HTTPS (Squid 3.5.3)

      Squid Youtube Cache 2016 Terbaru suport HTTP & HTTPS (Squid 3.5.3)
      <http: 2016="" comastnet.blogspot.com.br="" 06="" squid-youtube-cache-2016-terbaru-suport.html="">

    Written By gobed balagadona on Monday, June 20, 2016 | 8:00 PM

 <https: 3.bp.blogspot.com="" -sq8op0tsjo4="" v2m_k7omf3i="" aaaaaaaaake="" 8ejb-riuby0elhjfjzm1hpynelrabqx-wclcb="" s1600="" squid-cache-youtube-coderstalk.blogspot.com-2011.png="">apt-get update && apt-get upgrade -y

apt-get install devscripts \
build-essential \
openssl libssl-dev \
fakeroot \
libcppunit-dev \
libsasl2-dev \
cdbs \
ccze \
libfile-readbackwards-perl \
libcap2 \
libcap-dev \
libcap2-dev \
libtool \
sysv-rc-conf -y &&
wget http://ftp.riken.jp/net/squid/archive/3.5/squid-3.5.3.tar.bz2 &&
tar -xjf squid-3.5.3.tar.bz2 &&
cd squid-3.5.3 &&
./configure \
--prefix=/usr \
--includedir=/usr/include \
--infodir=/usr/share/info \
--sysconfdir=/etc \
--localstatedir=/var \
--libexecdir=/usr/lib/squid \
--srcdir=. \
--datadir=/usr/share/squid \
--sysconfdir=/etc/squid \
--mandir=/usr/share/man \
--enable-inline \
--enable-async-io=24 \
--enable-storeio=ufs,aufs,diskd,rock \
--enable-removal-policies=lru,heap \
--enable-gnuregex \
--enable-delay-pools \
--enable-cache-digests \
--enable-underscores \
--enable-icap-client \
--enable-follow-x-forwarded-for \
--enable-eui \
--enable-esi \
--enable-icmp \
--enable-zph-qos \
--enable-http-violations \
--enable-ssl-crtd \
--enable-linux-netfilter \
--enable-ltdl-install \
--enable-ltdl-convenience \
--enable-x-accelerator-vary \
--disable-maintainer-mode \
--disable-dependency-tracking \
--disable-silent-rules \
--disable-translation \
--disable-ipv6 \
--disable-ident-lookups \
--with-swapdir=/var/spool/squid \
--with-logdir=/var/log/squid \
--with-pidfile=/var/run/squid.pid \
--with-aufs-threads=24 \
--with-filedescriptors=65536 \
--with-large-files \
--with-maxfd=65536 \
--with-openssl \
--with-default-user=proxy \
--with-included-ltdl &&
make && make install

mkdir /var/lib/squid &&
chown -R nobody /var/lib/squid/ &&
/usr/lib/squid/ssl_crtd -c -s /var/lib/squid/ssl_db &&
chown -R proxy:proxy /var/lib/squid/ssl_db/ &&
chmod -R 777 /var/lib/squid/ssl_db/

nano /etc/squid/squid.conf

#
# Recommended minimum configuration:
#

# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 192.168.10.0/24 #LAN
acl localnet src 10.10.10.0/24 #WIFI
acl localnet src 10.10.20.0/24 #WIFI
acl localnet src 10.10.30.0/24 #WIFI

acl SSL_ports port 443
acl Safe_ports port 80  # http
acl Safe_ports port 21  # ftp
acl Safe_ports port 443  # https
acl Safe_ports port 70  # gopher
acl Safe_ports port 210  # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280  # http-mgmt
acl Safe_ports port 488  # gss-http
acl Safe_ports port 591  # filemaker
acl Safe_ports port 777  # multiling http
acl CONNECT method CONNECT

# TAG: QUERY
#
-----------------------------------------------------------------------------
acl QUERY urlpath_regex -i
(hackshield|blank.html|infinity.js|hshield.da|renew_session_token.php|recaptcha.js|dat.asp|notice.swf|patchlist.txt|hackshield|captcha|reset.css|update.ver|notice.html|updates.txt|gamenotice|images.kom|patchinfo.xml|noupdate.ui|\.Xtp|\.htc|\.txt)
acl QUERY urlpath_regex -i
(patch.conf|uiimageset.xml.iop|gashaponwnd.xml.iop|loading.swf|download.swf|version.list|version.ini|launch.jnlp|server_patch.cfg.iop|core.swf|Loading.swf|resouececheck.sq|mainloading.swf|config.xml|gemmaze.swf|xml.png|size.xml|resourcesbar.swf|version.xml|version.list|delete.ini)
acl QUERY urlpath_regex -i \.(jsp|asp|aspx|cfg|iop|zip|php|xml|html)(\?|$)
cache deny QUERY

#
acl dontstore url_regex
^http:\/\/(([\d\w-]*(\.[^\.\-]*?\..*?))(\/\mosalsal\/[\d]{4}\/.*\/)(.*\.flv))\?start.*
acl dontstore url_regex redbot\.org \.php
acl dontstore url_regex -i ^http:\/\/.*gemscool\.com\/.*
acl dontstore url_regex \.(aspx|php)\?
acl dontstore url_regex goldprice\.org\/NewCharts\/gold\/images\/.*\.png
acl dontstore url_regex google\.co(m|\.[a-z]{2})\/complete\/search\?
acl dontstore url_regex
redirector\.([0-9.]{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com)\/(get_video\?|videodownload\?|videoplayback.*id|get_video_info\?|ptracking\?|player_204\?|stream_204\?).*

acl store_yt_id url_regex -i
youtube.*(ptracking|stream_204|playback|player_204|watchtime|set_awesome|s\?|ads).*(video_id|docid|\&v|content_v)\=([^\&\s]*).*$
acl store_id_list_yt url_regex -i (youtube|googlevideo).*videoplayback.*$
acl store_id_list_yt url_regex
^https?\:\/\/([0-9.]{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com)\/(get_video\?|videodownload\?|videoplayback.*id).*

acl store-id_list urlpath_regex -i dl\.sourceforge\.net
acl store-id_list urlpath_regex -i \.ytimg\.com
acl store-id_list urlpath_regex -i \.(akamaihd|fbcdn)\.net
acl store_id_list urlpath_regex -i
[a-zA-Z]{2}[0-9]*\.4shared\.com\/download\/

acl store_id_list_url url_regex
^http:\/\/[0-9]\.bp\.blogspot\.com.*\.(jpeg|jpg|png|gif|ico)
acl store_id_list_url url_regex
^http[s]?:\/\/.*\.twimg\.com\/(.*)\.(gif|jpeg|jpg|png|js|css)
acl store_id_list_url url_regex
^http[s]?:\/\/(media|static)\.licdn\.com\/.*\.(png|jpg|gif|woff)
acl store_id_list_url url_regex
^https:\/\/fb(static|cdn)\-.*\-a.akamaihd.net\/(.*)\.(gif|jpeg|jpg|png|js|css|mp4)
acl store_id_list_url url_regex
^http:\/\/.*\.ak\.fbcdn\.net\/.*\.(gif|jpg|png|js|mp4)

request_header_access Range deny store_id_list_yt
range_offset_limit 10 KB store_id_list_yt

acl loop_302 http_status 302
acl getmethod method GET

###############################################################################
# Recommended minimum Access Permission configuration:
#
# Deny requests to certain unsafe ports
###############################################################################
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access deny all

###############################################################################
# squid ssl_bump option
###############################################################################
always_direct allow all
ssl_bump server-first all
sslproxy_cert_error deny all
sslproxy_flags DONT_VERIFY_PEER

sslcrtd_program /usr/lib/squid/ssl_crtd -s /var/lib/squid/ssl_db -M 4MB
sslcrtd_children 8 startup=1 idle=1

###############################################################################
# Squid normally listens to port 3128
###############################################################################
https_port 3130 tproxy ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB cert=/etc/squid/ssl_certs/squid.crt
key=/etc/squid/ssl_certs/squid.key
http_port 3129 tproxy
http_port 3128

# TAG: Store-id Program
#
-----------------------------------------------------------------------------
store_id_program /etc/squid/store-id.pl
store_id_children 100 startup=0 idle=1 concurrency=1000

# TAG: Store-id Access
#
-----------------------------------------------------------------------------
store_id_access deny dontstore
store_id_access deny !getmethod
store_id_access allow store_id_list_yt
store_id_access allow store_yt_id
store_id_access allow store-id_list
store_id_access deny all
store_id_bypass on

# TAG: Youtube 302
#
-----------------------------------------------------------------------------
store_miss deny store_id_list_yt loop_302
send_hit deny store_id_list_yt loop_302

###############################################################################
## MEMORY CACHE OPTIONS
###############################################################################
client_dst_passthru on
cache_mem 1024 MB
maximum_object_size_in_memory 1024 KB
memory_cache_shared off
memory_cache_mode disk
memory_replacement_policy heap GDSF

###############################################################################
## DISK CACHE OPTIONS
###############################################################################
cache_replacement_policy heap LFUDA
minimum_object_size 1 bytes
maximum_object_size 10 GB

###############################################################################
# Uncomment and adjust the following to add a disk cache directory.
###############################################################################
cache_dir aufs /cache-1 500000 16 256 # sesuaikan dengan drive
penyimpanan cache
cache_dir aufs /cache-2 500000 16 256 # sesuaikan dengan drive
penyimpanan cache
store_dir_select_algorithm round-robin
cache_swap_low 90
cache_swap_high 95

###############################################################################
# Leave coredumps in the first cache dir
###############################################################################
coredump_dir /var/spool/squid

###############################################################################
## LOGFILE OPTIONS
###############################################################################
#access_log daemon:/tmp/access.log !log
access_log /tmp/access.log squid
logfile_daemon /usr/lib/squid/log_file_daemon
cache_store_log none
logfile_rotate 1
mime_table /etc/squid/mime.conf
pid_filename /var/run/squid.pid
strip_query_terms off
buffered_logs off

###############################################################################
## OPTIONS FOR TROUBLESHOOTING
###############################################################################
#cache_log /tmp/cache.log
cache_log /dev/null
#debug_options ALL,1 22,3
coredump_dir /var/spool/squid

###############################################################################
## OPTIONS FOR TUNING THE CACHE
###############################################################################
max_stale 1 years
vary_ignore_expire on
shutdown_lifetime 10 seconds

###############################################################################
# Add any of your own refresh_pattern entries above these.
###############################################################################
refresh_pattern ^ftp:  1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0

# Youtube Video
refresh_pattern -i
(get_video\?|videoplayback\?|videodownload\?|\.mp4|\.webm|\.flv|((audio|video)\/(webm|mp4)))
241920 100% 241920 override-expire ignore-reload ignore-private
ignore-no-store ignore-must-revalidate reload-into-ims ignore-auth
store-stale
refresh_pattern -i ^https?\:\/\/.*\.googlevideo\.com\/videoplayback.*
    10080 99% 43200 override-lastmod override-expire ignore-reload
reload-into-ims ignore-private reload-into-ims ignore-auth store-stale
refresh_pattern -i
^https?\:\/\/.*\.googlevideo\.com\/videoplayback.*$    241920 100%
241920 override-expire ignore-reload ignore-private ignore-no-store
ignore-must-revalidate reload-into-ims ignore-auth store-stale

# Image Youtube
refresh_pattern -i (yimg|twimg)\.com\.*         1440 100% 129600
override-expire ignore-reload reload-into-ims
refresh_pattern -i (ytimg|ggpht)\.com\.*        1440 80% 129600
override-expire override-lastmod ignore-auth ignore-reload reload-into-ims

#images facebook
refresh_pattern -i
fbcdn.*net\/.*\.((jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)|(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)(\?|.*$))
241920 99% 241920 ignore-no-store ignore-private override-expire
override-lastmod reload-into-ims ignore-auth
refresh_pattern -i pixel\.facebook\.com.*\.(jpg|png|gif|ico|css|js)
241920 80% 241920 override-expire ignore-reload reload-into-ims ignore-auth
refresh_pattern -i \.akamaihd\.net.*\.(jpg|png|gif|ico|css|js) 241920
80% 241920 override-expire ignore-reload reload-into-ims ignore-auth
refresh_pattern -i ((facebook.com)|(85.131.151.39))\.(jpg|png|gif)
241920 99% 241920 ignore-reload override-expire ignore-no-store store-stale
refresh_pattern -i
fbcdn\.net\/.*\.((jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)|(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)(\?|.*$))
241920 99% 241920 ignore-no-store ignore-private override-expire
override-lastmod reload-into-ims ignore-auth
refresh_pattern static\.(xx|ak)\.fbcdn\.net*\.(jpg|gif|png) 241920 99%
241920 ignore-reload override-expire ignore-no-store
refresh_pattern ^https?\:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png)
241920 99% 241920 ignore-reload override-expire ignore-no-store

# Video Facebook
refresh_pattern -i
\.video.ak.fbcdn.net.*\.(mp4|flv|mp3|amf)                    10080 80%
43200 override-expire ignore-reload reload-into-ims ignore-private
ignore-no-store ignore-must-revalidate
refresh_pattern (audio|video)\/(webm|mp4) 129600 99% 129600
ignore-reload override-expire override-lastmod ignore-must-revalidate 
ignore-private ignore-no-store ignore-auth store-stale
refresh_pattern -i ^http://.*squid\.internal.*  241920 100% 241920
override-lastmod override-expire ignore-reload ignore-must-revalidate
ignore-private ignore-no-store ignore-auth store-stale

# All File
refresh_pattern -i
\.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 10080 80%
10080 override-expire override-lastmod reload-into-ims
refresh_pattern -i
\.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar|iop|nzp|pak|mar|msp)
10080 80% 10080 override-expire override-lastmod reload-into-ims
ignore-reload
refresh_pattern -i
\.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 10080 80%
10080 override-expire override-lastmod reload-into-ims
refresh_pattern -i
\.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob|webm)
10080 80% 10080 override-expire override-lastmod reload-into-ims
refresh_pattern -i
\.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv)
10080 80% 10080 override-expire override-lastmod reload-into-ims
refresh_pattern .  0 20% 4320

###############################################################################
## ADMINISTRATIVE PARAMETERS
###############################################################################
cache_mgr eko.hendratno@gmail.com
cache_effective_user proxy
cache_effective_group proxy
visible_hostname gtw.home.lan
unique_hostname gtw.home.lan

###############################################################################
## PERSISTENT CONNECTION HANDLING
###############################################################################
detect_broken_pconn on
client_persistent_connections off
server_persistent_connections on

###############################################################################
## ERROR PAGE OPTIONS
###############################################################################
error_directory /usr/share/squid/errors/en
error_log_languages off

###############################################################################
## DNS OPTIONS
###############################################################################
check_hostnames off
hosts_file /etc/hosts
connect_retries 2
ipcache_low 90
ipcache_high 95
ipcache_size 10024                        # 2x Besar RAM
fqdncache_size 7024                        # real RAM Hardware
pipeline_prefetch 100

###############################################################################
## MISCELLANEOUS
###############################################################################
memory_pools off
reload_into_ims on
uri_whitespace strip
max_filedescriptors 65536

=================================
nano /etc/squid /store-id.pl
=================================
#!/usr/bin/perl
###########################
#
# Store-ID dengan asumsi chanel berapapun
#
###########################
$|=1;
while (<>) {
my $chan = "";
if (s/^(\d+\s+)//o) {
$chan = $1;
}
$_ =~ s/(\s+.+)//o;

if ($_ =~
m/^https?\:\/\/.*youtube.*(ptracking|stream_204|player_204|gen_204).*(video_id|docid|v)\=([^\&\s]*).*/){
        $vid = $3 ;
        @cpn = m/[&?]cpn\=([^\&\s]*)/;
                $fn = "/var/log/squid3/@cpn";
                unless (-e $fn) {
                        open FH,">".$fn ;
                        print FH "$vid\n";
                        close FH;
                }
        print $chan, "ERR\n" ;

} elsif ($_ =~ m/^https?\:\/\/.*(youtube|google).*videoplayback.*/){
        @itag = m/[&?](itag=[0-9]*)/;
        @ids = m/[&?]id\=([^\&\s]*)/;
        @mime = m/[&?](mime\=[^\&\s]*)/;
        @cpn = m/[&?]cpn\=([^\&\s]*)/;
        @range = m/[&?](range=[^\&\s]*)/;
        if (defined($cpn[0])) {
            $fn = "/var/log/squid3/@cpn";
            if (-e $fn) {
                open FH,"<".$fn ;
                $id  = ;
                chomp $id ;
                close FH ;
                  } else {
                $id = $ids[0] ;
            }
        print $chan, "OK store-id=http://googlevideo.squid.internal/id="
. $id . "&@itag@range@mime\n" ;
        } else {
        print $chan, "ERR\n" ;
        }

} elsif ($_ =~
m/^http:\/\/(videos|photos|scontent)[\-a-z0-9\.]*instagram\.com\/hphotos[\-a-z0-9]*\/([\w\d\-\_\/\.]*.(mp4|jpg))/){
        print $chan, "OK store-id=http://instagram.squid.internal/$2\n" ;
} elsif ($_ =~
m/^http:\/\/distilleryimage[\-a-z0-9\.]*instagram\.com\/(.*)/){
        print $chan, "OK store-id=http://instagram.squid.internal/$1\n" ;

} elsif ($_ =~
m/^https?:\/\/.*\.steampowered\.com\/depot\/[0-9]+\/chunk\/([^\?]*)/){
        print $chan, "OK store-id=http://steampowered.squid.internal/$1\n" ;

} elsif ($_ =~ m/^https?:\/\/.*(fbcdn|akamaihd)\.net\/.*\/(.*\.mp4)(.*)/) {
        print $chan, "OK store-id=storeurl://facebook.squid.internal/$2\n" ;

} elsif ($_ =~
m/^https?:\/\/.*(static|profile).*a\.akamaihd\.net(\/static-ak\/rsrc\.php\/v[0-9]\/(.*\.(mp4|jpg|bmp|png|flv|m4v|gif|jpeg)))/)
{
        print $chan, "OK store-id=http://facebook.squid.internal/$3\n" ;
} elsif ($_ =~
m/^https?:\/\/.*(static|profile).*\.ak\.fbcdn\.net(\/static-ak\/rsrc\.php\/v[0-9]\/(.*\.(mp4|jpg|bmp|png|flv|m4v|gif|jpeg)))/)
{
        print $chan, "OK store-id=http://facebook.squid.internal/$3\n" ;
} elsif ($_ =~
m/^https?:\/\/.*(static|profile).*a\.akamaihd\.net(\/rsrc\.php\/v[0-9]\/(.*))/)
{
        print $chan, "OK store-id=http://facebook.squid.internal/$3\n" ;
} elsif ($_ =~
m/^https?:\/\/.*(static|profile).*\.ak\.fbcdn\.net(\/rsrc\.php\/v[0-9]\/(.*))/)
{
        print $chan, "OK store-id=http://facebook.squid.internal/$3\n" ;
} elsif ($_ =~
m/^https?:\/\/[^\/]*(fbcdn|akamaihd)[^\/]*net\/rsrc\.php\/(.*\.(mp4|jpg|bmp|png|flv|m4v|gif|jpeg))/)
{
        print $chan, "OK store-id=http://facebook.squid.internal/$2\n" ;

} elsif ($_ =~
m/^https?:\/\/[^\/]*(fbcdn|akamaihd)[^\/]*net\/safe\_image\.php\?.*(url\=.*\.(mp4|jpg|bmp|png|flv|m4v|gif|jpeg)).*/)
{
        print $chan, "OK store-id=http://facebook.squid.internal/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/i[0-2].wp\.com\/graph\.facebook\.com\/(.*)/) {
        print $chan, "OK store-id=http://facebook.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/(video\.ak\.fbcdn\.net)\/(.*?)\/(.*\.mp4)\??.*$/) {
        print $chan, "OK store-id=http://facebook.squid.internal/$1/$3\n" ;
} elsif ($_ =~
m/^https?:\/\/video\.(.*)\.fbcdn\.net\/(.*?)\/([0-9_]+\.(mp4|flv|avi|mkv|m4v|mov|wmv|3gp|mpg|mpeg)?)(.*)/)
{
        print $chan, "OK store-id=http://facebook.squid.internal/$3\n" ;
} elsif ($_ =~
m/^https?:\/\/(fbcdn|scontent).*(akamaihd|fbcdn)\.net\/(h|s)(profile|photos).*\/((p|s).*\.(png|gif|jpg))(\?.+)?$/){
        print $chan, "OK store-id=http://facebook.squid.internal/$5\n" ;
} elsif ($_ =~
m/^https?:\/\/(fbcdn|scontent).*(akamaihd|fbcdn)\.net\/(h|s)(profile|photos).*\/(.*\.(png|gif|jpg))(\?.+)?$/){
        print $chan, "OK store-id=http://facebook.squid.internal/$5\n" ;

} elsif ($_ =~ m/^https?:\/\/attachment\.fbsbx\.com\/.*\?(id=[0-9]*).*/) {
        print $chan, "OK store-id=http://facebook.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https:\/\/.*\.google\.com\/chrome\/win\/.+\/(.*\.exe)/){
        print $chan, "OK
store-id=http://update-google.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.ytimg\.com\/(.*\.(webp|jpg|gif))/){
        print $chan, "OK store-id=http://ytimg.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/.*firedrive\.com\/download\/[0-9]+\/[0-9]+\/.*\?h=.*e\=.*f\=(.*)\&.*/){
        print $chan, "OK store-id=http://firedrive.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/.*\.4shared\.com\/.*\/dlink__[23]F([\w]+)_[23]F(.*)\_3Ftsid_[\w].*/){
        print $chan, "OK store-id=http://4shared.squid.internal/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.4shared\.com\/download\/([^\/]*).*/){
        print $chan, "OK store-id=http://4shared.squid.internal/$1\n" ;

} elsif ($_ =~ m/^https?:\/\/.*\.[a-z]+\.bing\.net\/(.*)\&w=.*/){
        print $chan, "OK store-id=http://bing.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/.*\.bing\.(net|com)\/.*\?id=([a-zA-Z]\.[0-9]+)&pid=.*/){
        print $chan, "OK store-id=http://bing.squid.internal/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.gstatic\.com\/images\?q=tbn\:(.*)/){
        print $chan, "OK store-id=http://gstatic.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/.*\.reverbnation\.com\/.*\/(ec_stream_song|download_song_direct|stream_song)\/([0-9]*).*/){
        print $chan, "OK store-id=http://reverbnation.squid.internal/$2\n" ;
} elsif ($_ =~
m/^https?:\/\/.*\.dl\.sourceforge\.net\/(.*\.(exe|zip|mp3|mp4))/){
        print $chan, "OK store-id=http://sourceforge.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/fs[0-9]+\.filehippo\.com\/[^\/]*\/[^\/]*\/(.*)/){
        print $chan, "OK store-id=http://filehippo.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/download[0-9]+.mediafire\.com\/.*\/\w+\/(.*)/){
        print $chan, "OK store-id=http://mediafire.squid.internal$1\n" ;
} elsif ($_ =~
m/^https?:\/\/.*android\.clients\.google\.com\/[a-z]+\/[a-zA-Z]+\/[a-zA-Z]+\/(.*)\/([0-9]+)\?.*/){
        print $chan, "OK store-id=http://android.squid.internal/$1/$2\n" ;
} elsif ($_ =~
m/^https?:\/\/.*(googleusercontent.com|blogspot.com)\/(.*)\/([a-z0-9]+)(-[a-z]-[a-z]-[a-z]+)?\/(.*\.(jpg|png))/){
        print $chan, "OK
store-id=http://googleusercontent.squid.internal/$5\n" ;
} elsif ($_ =~
m/^https?:\/\/global-shared-files-[a-z][0-9]\.softonic\.com\/.{3}\/.{3}\/.*\/.*\=(.*\.exe)/){
        print $chan, "OK store-id=http://softonic.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/.*netmarble\.co\.id\/.*\/(data|ModooMarble)\/(.*)/){
        print $chan, "OK store-id=http://netmarble.squid.internal/$2\n" ;
} elsif ($_ =~
m/^https?:\/\/(.*)\.windowsupdate\.com\/(.*)\/(.*)\/([a-z].*)/){
        print $chan, "OK
store-id=http://windowsupdate.squid.internal/$4\n" ;
} elsif ($_ =~
m/^https?:\/\/.*filetrip\.net\/.*\/((.*)\.([^\/\?\&]{2,4}))\?.*$/){
        print $chan, "OK store-id=http://filetrip.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*get4mobile\.net\/.*f=([^\/\?\&]*).*$/){
        print $chan, "OK store-id=http://get4mobile.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*thestaticvube\.com\/.*\/(.*)/){
        print $chan, "OK
store-id=http://thestaticvube.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/113\.6\.235\.171\/youku\/.*\/(.*\.flv)/){
        print $chan, "OK store-id=http://youku.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/\d+\.\d+\.\d+\.\d+\/drama\/(.*\.mp4)\?.*\=(\d+)/){
        print $chan, "OK store-id=http://drama.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/([a-z])[\d]{1,2}?(.gstatic\.com.*|\.wikimapia\.org.*)/){
        print $chan, "OK store-id=http://gstatic.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/.*\.[a-z][0-9]\.(tiles\.virtualearth\.net)\/(.*\&n=z)/){
        print $chan, "OK store-id=http://virtualearth.squid.internal/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/imgv2-[0-9]\.scribdassets\.com\/(.*)/){
        print $chan, "OK store-id=http://scribdassets.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/(.*?)\/(archlinux\/[a-zA-Z].*\/os\/.*)/){
        print $chan, "OK store-id=http://archlinux.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/(.*?)\/speedtest\/(.*\.(jpg|txt))\??.*$/){
        print $chan, "OK store-id=http://speedtest.squid.internal/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/i[1-9]{3}\.photobucket\.com\/(.*)/){
        print $chan, "OK store-id=http://photobucket.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/i[1-9]{4}\.photobucket\.com\/(.*)/){
        print $chan, "OK store-id=http://photobucket.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/avideos\.5min\.com\/.*\/(.*)\?.*/){
        print $chan, "OK store-id=http://avideos.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/.*\.catalog\.video\.msn\.com\/.*\/(.*\.(mp4|flv|m4v))/){
        print $chan, "OK store-id=http://msn-video.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/v\.imwx\.com\/.*\/(.*)\?.*/){
        print $chan, "OK store-id=http://imwx.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/video[0-9]\.break\.com\/.*\/(.*)\?.*/){
        print $chan, "OK store-id=http://break.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.video[0-9]\.blip\.tv\/.*\/(.*)\?.*/){
        print $chan, "OK store-id=http://blip.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/ss[0-9]\.vidivodo\.com\/vidivodo\/vidservers\/server[0-9]*\/videos\/.*\/([a-zA-Z0-9.]*)\?.*/){
        print $chan, "OK store-id=http://vidivodo.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/video\-http\.media\-imdb\.com\/([a-zA-Z0-9\@\_\-]+\.(mp4|flv|m4v))\?.*/){
        print $chan, "OK store-id=http://imdb-video.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/(vl|v)\.mccont\.com\/(.*)\/(.*\.(mp4|m4v|flv))\?.*/){
        print $chan, "OK store-id=http://mccont.squid.internal/$3\n" ;
} elsif ($_ =~
m/^https?:\/\/(vid.{0,2}|proxy.*)(\.ak|\.ec|\.akm|)\.(dmcdn\.net|dailymotion\.com)\/.*\/(frag.*\.(flv|mp4|m4v)).*/){
        print $chan, "OK store-id=http://dailymotion.squid.internal/$4\n" ;
} elsif ($_ =~
m/^https?:\/\/[^\/]*\.vimeo[^\/]*\.com.*\/([[^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg|web))\?.*/){
        print $chan, "OK store-id=http://vimeo.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/fcache\.veoh\.com\/.*\/.*(l[0-9]*\.(mp4|flv))\?.*/){
        print $chan, "OK store-id=http://veoh.squid.internal$1\n" ;
} elsif ($_ =~ m/^https?:\/\/video\.thestaticvube\.com\/.*\/(.*)/){
        print $chan, "OK
store-id=http://thestaticvube.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/cdn[0-9]\.videos\.videobash\.com\/.*\/(.*\.(mp4|m4v|flv))\?.*/){
        print $chan, "OK store-id=http://videobash.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/[^\/]*\.phncdn[^\/]*\.com.*\/([[^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
        print $chan, "OK store-id=http://phncdn.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/.*\.xvideos\.com\/.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
        print $chan, "OK store-id=http://xvideos.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/[^\/]*\.tube8[^\/]*\.com.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
        print $chan, "OK store-id=http://tube8.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/.*\.(redtube|redtubefiles)\.com\/.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
        print $chan, "OK store-id=http://redtube.squid.internal/$2\n" ;
} elsif ($_ =~
m/^https?:\/\/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\/.*\/xh.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))/){
        print $chan, "OK store-id=http://xhcdn.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/[^\/]*\.xhcdn[^\/]*\.com.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
        print $chan, "OK store-id=http://xhcdn.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/[^\/]*\.nsimg[^\/]*\.net.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
        print $chan, "OK store-id=http://nsimg.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/.*\.youjizz\.com.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
        print $chan, "OK store-id=http://youjizz.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/[^\/]*\.public\.keezmovies[^\/]*\.com.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
        print $chan, "OK store-id=http://keezmovies.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/[^\/]*\.youporn[^\/]*\.com.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
        print $chan, "OK store-id=http://youporn.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/[^\/]*\.spankwire[^\/]*\.com.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
        print $chan, "OK store-id=http://spankwire.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/[^\/]*\.pornhub[^\/]*\.com.*\/([[^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
        print $chan, "OK store-id=http://pornhub.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/[^\/]*\.us.playvid[^\/]*\.com.*\/([[^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
        print $chan, "OK store-id=http://playvid.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/[^\/]*\.slutload-media[^\/]*\.com.*\/([[^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
        print $chan, "OK
store-id=http://slutload-media.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/[^\/]*\.hardsextube[^\/]*\.com.*\/([[^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
        print $chan, "OK store-id=http://hardsextube.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/[^\/]*\.public\.extremetube[^\/]*\.com.*\/([[^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
        print $chan, "OK store-id=http://extremetube.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/([a-z0-9.]*)(\.doubleclick\.net|\.quantserve\.com|.exoclick\.com|interclick.\com|\.googlesyndication\.com|\.auditude\.com|.visiblemeasures\.com|yieldmanager|cpxinteractive)(.*)/){
        print $chan, "OK store-id=http://ads.squid.internal/$3\n" ;
} elsif ($_ =~ m/^https?:\/\/(.*?)\/(ads)\?(.*?)/){
        print $chan, "OK store-id=http://ads.squid.internal/$3\n" ;
} elsif ($_ =~ m/^https?:\/\/[^\/]*phobos\.apple\.com\/.*\/([^\/]*\.ipa)/){
        print $chan, "OK store-id=http://apple.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/fs\w*\.fileserve\.com\/file\/(\w*)\/[\w-]*\.\/(.*)/){
        print $chan, "OK store-id=http://fileserve.squid.internal/$2\n" ;
} elsif ($_ =~
m/^https?:\/\/s[0-9]*\.filesonic\.com\/download\/([0-9]*)\/(.*)/){
        print $chan, "OK store-id=http://filesonic.squid.internal/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/download[0-9]{3}\.avast\.com\/(.*)/){
        print $chan, "OK store-id=http://avast.squid.internal/41\n" ;
} elsif ($_ =~
m/^https?:\/\/[a-zA-Z0-9]+\.[a-zA-Z0-9]+x\.[a-z]\.avast\.com\/[a-zA-Z0-9]+x\/(.*\.vpx)/){
        print $chan, "OK store-id=http://avast.squid.internal\$1\n" ;
} elsif ($_ =~ m/^https?:\/\/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\/(iavs.*)/){
        print $chan, "OK store-id=http://iavs.squid.internal/$1\n" ;
} elsif ($_ =~
m/^https?:\/\/.*\.starhub\.com\/[a-z]+\/[a-z]+\/[a-z]+\/(.*exe)\?[0-9]/){
        print $chan, "OK store-id=http://starhub.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/dnl-[0-9]{2}\.geo\.kaspersky\.com\/(.*)/){
        print $chan, "OK store-id=http://kaspersky.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/([^\.]*)\.yimg\.com\/(.*)/){
        print $chan, "OK store-id=http://yimg.squid.internal/$1\n" ;
} else {
        print $chan, "ERR\n" ;
}
}
=================================
nano /etc/init.d/squid
=================================
#! /bin/sh
#
# squid        Startup script for the SQUID HTTP proxy-cache.
#
# Version:    @(#)squid.rc  2.20  01-Oct-2001  miquels@cistron.nl
#
### BEGIN INIT INFO
# Provides:          squid
# Required-Start:    $local_fs $network
# Required-Stop:     $local_fs $network
# Should-Start:      $named
# Should-Stop:       $named
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Squid HTTP Proxy
### END INIT INFO

NAME=squid
DAEMON=/usr/sbin/squid
LIB=/usr/lib/squid
PIDFILE=/var/run/squid.pid
# export LD_PRELOAD=/usr/local/lib/libjemalloc.so # ini apabila anda
menggunakan jemalloc
SQUID_ARGS="-YC"

[ ! -f /etc/default/squid ] || . /etc/default/squid

. /lib/lsb/init-functions

PATH=/bin:/usr/bin:/sbin:/usr/sbin

[ -x $DAEMON ] || exit 0

grepconf () {
    w="     " # space tab
    sq=/etc/squid/squid.conf
    # sed is cool.
    res=`sed -ne '
        s/^'$1'['"$w"']\+\([^'"$w"']\+\).*$/\1/p;
        t end;
        d;
        :end q' < $sq`
    [ -n "$res" ] || res=$2
    echo "$res"
}

grepconf2 () {
    w="     " # space tab
    sq=/etc/squid/$NAME.conf
    # sed is cool.
    res=`sed -ne '
        s/^'$1'['"$w"']\+[^'"$w"']\+['"$w"']\+\([^'"$w"']\+\).*$/\1/p;
        t end;
        d;
        :end q' < $sq`
    [ -n "$res" ] || res=$2
    echo "$res"
}

#
#    Try to increase the # of filedescriptors we can open.
#
maxfds () {
    [ -n "$SQUID_MAXFD" ] || return
    [ -f /proc/sys/fs/file-max ] || return 0
    global_file_max=`cat /proc/sys/fs/file-max`
    minimal_file_max=$(($SQUID_MAXFD + 4096))
    if [ "$global_file_max" -lt $minimal_file_max ]
    then
        echo $minimal_file_max > /proc/sys/fs/file-max
    fi
    ulimit -n $SQUID_MAXFD
}

start () {
    cdr=`grepconf2 cache_dir /cache-1`
    ctp=`grepconf cache_dir ufs`

    case "$cdr" in
        [0-9]*)
            log_failure_msg "squid: squid.conf contains 2.2.5 syntax -
not starting!"
            log_end_msg 1
            exit 1
            ;;
    esac

    #
    # Create spool dirs if they don't exist.
    #
    if [ -d "$cdr" -a ! -d "$cdr/00" ] || [ "$ctp" = "coss" -a ! -w "$cdr" ]
    then
        log_warning_msg "Creating squid cache structure"
        $DAEMON $SQUID_ARGS -z
    fi

    if [ "$CHUID" = "" ]; then
        CHUID=root
    fi

    maxfds
    umask 027
    start-stop-daemon --quiet --start \
        --pidfile $PIDFILE \
        --chuid $CHUID \
        --exec $DAEMON -- $SQUID_ARGS < /dev/null
    return $?
}

stop () {
    PID=`cat $PIDFILE 2>/dev/null`
    start-stop-daemon --stop --quiet --pidfile $PIDFILE --name squid
    #
    #    Now we have to wait until squid has _really_ stopped.
    #
    sleep 2
    if test -n "$PID" && kill -0 $PID 2>/dev/null
    then
        log_action_begin_msg " Waiting"
        cnt=0
        while kill -0 $PID 2>/dev/null
        do
            cnt=`expr $cnt + 1`
            if [ $cnt -gt 24 ]
            then
                log_action_end_msg 1
                return 1
            fi
            sleep 5
            log_action_cont_msg ""
        done
        log_action_end_msg 0
        return 0
    else
        return 0
    fi
}

case "$1" in
    start)
    log_daemon_msg "Starting Squid HTTP proxy" "squid"
    if start ; then
        log_end_msg $?
    else
        log_end_msg $?
    fi
    ;;
    stop)
    log_daemon_msg "Stopping Squid HTTP proxy" "squid"
    if stop ; then
        log_end_msg $?
    else
        log_end_msg $?
    fi
    ;;
    reload|force-reload)
    log_action_msg "Reloading Squid configuration files"
    $DAEMON -k reconfigure
    log_action_end_msg 0
    ;;
    restart)
    log_daemon_msg "Restarting Squid HTTP proxy" "squid"
stop
    if start ; then
        log_end_msg $?
    else
        log_end_msg $?
    fi
    ;;
    status)
    status_of_proc -p "$PIDFILE" "$DAEMON" squid && exit 0 || exit $?
    ;;
    *)
    echo "Usage: /etc/init.d/$NAME
{start|stop|reload|force-reload|restart|status}"
    exit 3
    ;;
esac

exit 0

=================================
chmod +x store-id.pl
chmod +x squid
chown proxy:proxy /cache-1
chown proxy:proxy /cache-2 &&
chmod 777 /cache-1 &&
chmod 777 /cache-2
squid -f /etc/squid/squid.conf -z

sysv-rc-conf squid default

=================================
nano /etc/rc.local
=================================
#0
iptables -A POSTROUTING -t nat -j MASQUERADE -o eth0
#1
iptables -t mangle -F
iptables -t mangle -X
#2
echo 0 > /proc/sys/net/ipv4/conf/lo/rp_filter
echo 1 > /proc/sys/net/ipv4/ip_forward
#3
ip rule add fwmark 1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100
#4
iptables -t mangle -N DIVERT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
#5
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
#6
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY
--tproxy-mark 0x1/0x1 --on-port 3129
iptables -t mangle -A PREROUTING -p tcp --dport 443 -j TPROXY
--tproxy-mark 0x1/0x1 --on-port 3130
#7
squid start
exit 0
===================================================================================================
squid -k parse
squid -k reconfigure
squid -z
squid start

tail -f /tmp/access.log | ccze
*Share this post* :

  *Related Posts :*

Mixed MikroTik Loadbalance NTH & PC...

 <http: 2015="" comastnet.blogspot.com="" 09="" mixed-mikrotik-loadbalance-nth-pcc.html="">Instalasi, konfigurasi IP, dan Pemb...

 <http: 2015="" comastnet.blogspot.com="" 09="" instalasi-konfigurasi-ip-dan-pembuatan.html="">Cara melihat versi Ubuntu

 <http: 2015="" comastnet.blogspot.com="" 09="" cara-melihat-versi-ubuntu.html="">Pengertian Sistem operasi GUI

 <http: 2015="" comastnet.blogspot.com="" 08="" pengertian-sistem-operasi-gui.html="">Labels: computer
<http: comastnet.blogspot.com.br="" search="" label="" computer="">, internet
<http: comastnet.blogspot.com.br="" search="" label="" internet="">, linux
 <http: comastnet.blogspot.com.br="" search="" label="" linux="">+ comments +

        <#comment-form> 10 comments

        Post a Comment

 <https: www.blogger.com="" comment-iframe.g?blogid="6188556111244267124&amp;postID=2801521578452215985&amp;blogspotRpcToken=8100656">« Prev Post
 <http: 2016="" comastnet.blogspot.com.br="" 07="" kapal-selam-terbaik-dan-terkini.html="">Next Post »
 <http: 10="" 2015="" comastnet.blogspot.com.br="" hadoop-dan-cara-instalasi-nya.html="">Home <http: comastnet.blogspot.com.br="">

    Translate

Select Language​▼ <javascript:void(0)>
 <http: www.blogger.com="" rearrange?blogid="6188556111244267124&amp;widgetType=Translate&amp;widgetId=Translate1&amp;action=editWidget&amp;sectionId=sidebar"><http: www.blogger.com="" rearrange?blogid="6188556111244267124&amp;widgetType=HTML&amp;widgetId=HTML1&amp;action=editWidget&amp;sectionId=sidebar">Copyright © 2011\. COMASTNET <http: comastnet.blogspot.com.br=""> - All
Rights Reserved
Google Translate

  Original text

Contribute a better translation
------------------------------------------------------------------------

[/s][/s]</http:></http:></http:></javascript:void(0)></http:></http:></http:></https:></http:></http:></http:></http:></http:></http:></http:></https:></http:></http:></http:></http:></http:></http:></http:></http:></http:>
                                      1 Reply Last reply Reply Quote 0
                                      • S
                                        saluto
                                        last edited by

                                        Html5 cache work on Linux, see the link:
                                        https://proxy-id.com/youtube-caching/

                                        1 Reply Last reply Reply Quote 0
                                        • S
                                          saluto
                                          last edited by

                                          https://forum.pfsense.org/index.php?topic=141081.0

                                          1 Reply Last reply Reply Quote 0
                                          • A
                                            aGeekhere
                                            last edited by

                                            Being trying to add nvidia updates (using GeForce Experience) to the refresh patten but not having any success

                                            I have tried

                                            
#nvidia updates 
refresh_pattern -i download.nvidia.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims 

#nvidia updates 
refresh_pattern -i international-gfe.download.nvidia.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims 

#nvidia updates 
refresh_pattern -i international-gfe.download.nvidia.com.global.ogslb.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims

                                            I get TCP_TUNNEL/200 international-gfe.download.nvidia.com:443

                                            Are nvidia updates not cacheable?

                                            Never Fear, A Geek is Here!

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.