Had anyone used this guide to setup squid for https ssl caching



  • Just wondering if this guide will work without client side certificate.  It interesting the guide shown to create the root CA from shell rather than in the built in Pfsense CA Manager.  I will give a try tonight when I get off work.

    https://forum.it-monkey.net/index.php?topic=23.0
    https://forum.pfsense.org/index.php?topic=112335.0

    If anyone already have this setup following this guide, please let me know how it work for you?

    UPDATE: Got both http https transparent cache working using the above guides.  I refined the rules a bit to make sure the http and https traffic flow correctly to 3128 and 3129 using NAT Forwarding with WPAD.
    It seem to be working with no SSL certificate error or https website connection.

    ![7. LAN Rule.png_thumb](/public/imported_attachments/1/7. LAN Rule.png_thumb)
    ![7. LAN Rule.png](/public/imported_attachments/1/7. LAN Rule.png)
    ![6. 3129 State.png_thumb](/public/imported_attachments/1/6. 3129 State.png_thumb)
    ![6. 3129 State.png](/public/imported_attachments/1/6. 3129 State.png)
    ![5. 443 Forward.png_thumb](/public/imported_attachments/1/5. 443 Forward.png_thumb)
    ![5. 443 Forward.png](/public/imported_attachments/1/5. 443 Forward.png)
    ![4. 3128 State.png_thumb](/public/imported_attachments/1/4. 3128 State.png_thumb)
    ![4. 3128 State.png](/public/imported_attachments/1/4. 3128 State.png)
    ![3. 3128 Forwad.png_thumb](/public/imported_attachments/1/3. 3128 Forwad.png_thumb)
    ![3. 3128 Forwad.png](/public/imported_attachments/1/3. 3128 Forwad.png)
    ![2. DNS Forward.png_thumb](/public/imported_attachments/1/2. DNS Forward.png_thumb)
    ![2. DNS Forward.png](/public/imported_attachments/1/2. DNS Forward.png)
    ![1. NAT Port forward.png_thumb](/public/imported_attachments/1/1. NAT Port forward.png_thumb)
    ![1. NAT Port forward.png](/public/imported_attachments/1/1. NAT Port forward.png)
    ![8. SSL Transparent.png](/public/imported_attachments/1/8. SSL Transparent.png)
    ![8. SSL Transparent.png_thumb](/public/imported_attachments/1/8. SSL Transparent.png_thumb)



  • I will try, excellent post… :)



  • can u share to new reflesh pattern pls?



  • v1

    ######cache Pfsense
    refresh_pattern -i .(gif|png|ico|jpg|jpeg|jp2|webp)$ 100000 90% 200000 override-expire reload-into-ims ignore-no-store ignore-private refresh-ims
    refresh_pattern -i .(jpx|j2k|j2c|fpx|bmp|tif|tiff|bif)$ 100000 90% 20000 override-expire reload-into-ims ignore-no-store ignore-private refresh-ims
    refresh_pattern -i .(pcd|pict|rif|exif|hdr|bpg|img|jif|jfif)$ 100000 90% 200000 override-expire reload-into-ims ignore-no-store ignore-private refresh-ims
    refresh_pattern -i .(woff|woff2|eps|ttf|otf|svg|svgi|svgz|ps|ps1|acsm|eot)$ 100000 90% 200000 override-expire reload-into-ims ignore-no-store ignore-private refresh-ims
    #cache content
    refresh_pattern -i .(swf|js|ejs)$ 100000 90% 200000 override-expire reload-into-ims ignore-no-store ignore-private refresh-ims
    refresh_pattern -i .(wav|css|class|dat|zsci|ver|advcs)$ 100000 90% 200000 override-expire reload-into-ims ignore-no-store ignore-private refresh-ims
    #cache videos
    refresh_pattern -i .(mpa|m2a|mpe|avi|mov|mpg|mpeg|mpg3|mpg4|mpg5)$ 100000 90% 200000 override-expire reload-into-ims ignore-no-store ignore-private refresh-ims
    refresh_pattern -i .(m1s|mp2v|m2v|m2s|m2ts|mp2t|wmx|rm|rmvb|3pg|3gpp|omg|ogm|asf|war)$ 100000 90% 200000 override-expire reload-into-ims ignore-no-store ignore-private refresh-ims
    refresh_pattern -i .(asx|mp2|mp3|mp4|mp5|wmv|flv|mts|f4v|f4|pls|midi|mid)$ 100000 90% 200000 override-expire reload-into-ims ignore-no-store ignore-private refresh-ims
    refresh_pattern -i .(htm|html)$ 9440 90% 200000 reload-into-ims ignore-no-store ignore-private refresh-ims
    refresh_pattern -i .(xml|flow|asp|aspx)$ 0 90% 200000 refresh-ims
    refresh_pattern -i .(json)$ 0 90% 200000 refresh-ims
    refresh_pattern -i (/cgi-bin/|?) 0 90% 200000
    #cache binaries
    refresh_pattern -i .(app|bin|deb|rpm|drpm|exe|zip|zipx|tar|tgz|tbz2|tlz|iso|arj|cfs|dar|jar)$ 100000 90% 200000 override-expire reload-into-ims ignore-no-store ignore-private refresh-ims
    refresh_pattern -i .(bz|bz2|ipa|ram|rar|uxx|gz|msi|dll|lz|lzma|7z|s7z|Z|z|zz|sz)$ 100000 90% 200000 override-expire reload-into-ims ignore-no-store ignore-private refresh-ims
    refresh_pattern -i .(exe|msi)$ 0 90% 200000 refresh-ims
    refresh_pattern -i .(cab|psf|vidt|apk|wtex|hz|ova|ovf)$ 100000 90% 200000 override-expire reload-into-ims ignore-no-store ignore-private refresh-ims
    #cache microsoft and adobe and other documents
    refresh_pattern -i .(ppt|pptx|doc|docx|docm|docb|dot|pdf|pub|ps)$ 100000 90% 200000 override-expire reload-into-ims ignore-no-store ignore-private refresh-ims
    refresh_pattern -i .(xls|xlsx|xlt|xlm|xlsm|xltm|xlw|csv|txt)$ 100000 90% 200000 override-expire reload-into-ims ignore-no-store ignore-private refresh-ims

    #cache antivirus sites
    refresh_pattern -i ^http://liveupdate.symantecliveupdate.com.(zip)$ 0 0% 0
    refresh_pattern -i ^http://avast.com.
    (vpu|vpaa)$ 0 0% 0
    refresh_pattern -i ^http://premium.avira-update.com.(gz)$ 0 0% 0
    refresh_pattern -i ^http://guru.avg.com.
    (bin)$ 0 0% 0
    refresh_pattern -i ^http://avira.com.(idx|gz)$ 0 0% 0
    refresh_pattern -i ^http://kaspersky.com.
    (avc)$ 0 0% 0

    #cache OS update
    refresh_pattern -i microsoft.com/..(cab|exe|msi|msu|msf|asf|wma|dat|zip)$ 4320 80% 43200 reload-into-ims refresh-ims
    refresh_pattern -i windowsupdate.com/.
    .(cab|exe|msi|msu|msf|asf|wma|wmv)|dat|zip)$ 4320 80% 43200 reload-into-ims refresh-ims
    refresh_pattern -i windows.com/..(cab|exe|msi|msu|msf|asf|wmv|wma|dat|zip)$ 4320 80% 43200 reload-into-ims refresh-ims
    refresh_pattern -i apple.com/.
    .(cab|exe|msi|msu|msf|asf|wmv|wma|dat|zip|dist)$ 0 80% 43200 reload-into-ims refresh-ims

    Youtube Video

    refresh_pattern -i (get_video?|videoplayback?|videodownload?|.mp4|.webm|.flv|((audio|video)/(webm|mp4))) 241920 100% 241920 override-expire ignore-reload ignore-private ignore-no-store ignore-must-revalidate reload-into-ims ignore-auth store-stale
    refresh_pattern -i ^https?://..googlevideo.com/videoplayback.    10080 99% 43200 override-lastmod override-expire ignore-reload reload-into-ims ignore-private reload-into-ims ignore-auth store-stale
    refresh_pattern -i ^https?://..googlevideo.com/videoplayback.$    241920 100% 241920 override-expire ignore-reload ignore-private ignore-no-store ignore-must-revalidate reload-into-ims ignore-auth store-stale

    Image Youtube

    refresh_pattern -i (yimg|twimg).com.*        1440 100% 129600 override-expire ignore-reload reload-into-ims
    refresh_pattern -i (ytimg|ggpht).com.*        1440 80% 129600 override-expire override-lastmod ignore-auth ignore-reload reload-into-ims

    #images facebook
    refresh_pattern -i fbcdn.net/..((jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)|(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)(?|.$)) 241920 99% 241920 ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-auth
    refresh_pattern -i pixel.facebook.com.
    .(jpg|png|gif|ico|css|js) 241920 80% 241920 override-expire ignore-reload reload-into-ims ignore-auth
    refresh_pattern -i .akamaihd.net..(jpg|png|gif|ico|css|js) 241920 80% 241920 override-expire ignore-reload reload-into-ims ignore-auth
    refresh_pattern -i ((facebook.com)|(85.131.151.39)).(jpg|png|gif) 241920 99% 241920 ignore-reload override-expire ignore-no-store store-stale
    refresh_pattern -i fbcdn.net/.
    .((jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)|(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)(?|.$)) 241920 99% 241920 ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-auth
    refresh_pattern static.(xx|ak).fbcdn.net
    .(jpg|gif|png) 241920 99% 241920 ignore-reload override-expire ignore-no-store
    refresh_pattern ^https?://profile.ak.fbcdn.net*.(jpg|gif|png) 241920 99% 241920 ignore-reload override-expire ignore-no-store

    Video Facebook

    refresh_pattern -i .video.ak.fbcdn.net.*.(mp4|flv|mp3|amf)                    10080 80% 43200 override-expire ignore-reload reload-into-ims ignore-private ignore-no-store ignore-must-revalidate
    refresh_pattern (audio|video)/(webm|mp4) 129600 99% 129600 ignore-reload override-expire override-lastmod ignore-must-revalidate  ignore-private ignore-no-store ignore-auth store-stale
    refresh_pattern -i ^http://.squid.internal.  241920 100% 241920 override-lastmod override-expire ignore-reload ignore-must-revalidate ignore-private ignore-no-store ignore-auth store-stale

    v2 currently using it with some editing for my preference from https://forum.pfsense.org/index.php?topic=111518.0

    #new refresh patterns 3
    acl Windows_Update dstdomain windowsupdate.microsoft.com
    acl Windows_Update dstdomain .update.microsoft.com
    acl Windows_Update dstdomain download.windowsupdate.com
    acl Windows_Update dstdomain www.download.windowsupdate.com
    acl Windows_Update dstdomain au.download.windowsupdate.com
    acl Windows_Update dstdomain bg.v4.pr.dl.ws.microsoft.com

    #new refresh patterns 2
    refresh_pattern -i (.|-)(ini|def|sig|upt|mid|midi|mpg|mpeg|ram|cav|acc|alz|apk|at3|bke|arc|ass|ba|big|bik|bkf|bld|c4|cals|clipflair|cpt|daa|dmg|ddz|dpe|egg|egt|ecab|ess|esd|gho|ghs|gz|ipg|jar|lbr|lqr|lha|lz|lzo|lzma|lzx|mbw|mc.meta|mpq|nth|osz|pak|par|par2|paf|pyk|pk3|pk4|rag|sen|sitx|skb|tb|tib|uha|uue|viv|vsa|z|zoo|nrg|adf|adz|dms|dsk|d64|sdi|mds|mdx|cdi|cue|cif|c2d|daa|b6t)(?.*)?$ 43200 100% 432000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth
    #end new refresh patterns 2

    #new refresh patterns
    refresh_pattern -i (.|-)(mp3|m4a|aa?c3?|wm?av?|og(x|v|a|g)|ape|mka|au|aiff|zip|flac|m4(b|r)|m1v|m2(v|p)|mo(d|v)|arj|appx|lha|lzh|on2)(?.)?$ 43200 100% 432000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth
    refresh_pattern -i (.|-)(exe|bin|(n|t)ar|acv|(r|j)ar|t?gz|(g|b)z(ip)?2?|7?z(ip)?|wm[v|a]|patch|diff|mar|vpu|inc|r(a|p)m|kom|iso|sys|[ap]sf|ms[i|u|f]|dat|msi|cab|psf|dvr-ms|ace|asx|qt|xt|esd)(?.
    )?$ 43200 100% 432000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth
    refresh_pattern -i (.|-)(ico(.)?|pn[pg]|css|(g|t)iff?|jpe?g(2|3|4)?|psd|c(d|b)r|cad|bmp|img)(?.)?$ 43200 100% 432000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth
    refresh_pattern -i (.|-)(webm|(x-)?swf|mp(eg)?(3|4)|mpe?g(av)?|(x-)?f(l|4)v|divx?|rmvb?|mov|trp|ts|avi|m38u|wmv|wmp|m4v|mkv|asf|dv|vob|3gp?2?)(?.)?$ 43200 100% 432000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth
    refresh_pattern -i (.|-)(docx?|xlsx?|pptx?|rtf|xml|pdf|tiff?|txt)(?.
    )?$ 43200 100% 432000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth
    #Website
    refresh_pattern -i (.|-)(xml|js|jsp|txt|css)(?.*)?$ 360 40% 1440 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth
    refresh_pattern -i .index.(html|htm)$ 0 40% 1440
    refresh_pattern . 30 25% 1440
    #end new refresh patterns

    refresh_pattern -i .(3gp|7z|ace|asx|avi|bin|cab|dat|deb|rpm|divx|dvr-ms)      129600 100% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i .(rar|jar|gz|tgz|tar|bz2|iso|m1v|m2(v|p)|mo(d|v)|(x-|)flv) 129600 100% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i .(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)        129600 100% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i .(mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p))                  129600 100% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i .(og(x|v|a|g)|rar|rm|r(a|p)m|snd|vob|wav)                  129600 100% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i .(pp(s|t)|wax|wm(a|v)|wmx|wpl|zip|cb(r|z|t))              129600 100% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-reload

    refresh_pattern ^gopher:  1440  0%  1440
    refresh_pattern ^ftp:    10080 95% 43200 override-lastmod reload-into-ims

    refresh_pattern -i .(doc|pdf)$          100080 90% 43200 override-expire ignore-no-cache ignore-no-store ignore-private reload-into-ims
    refresh_pattern -i .(html|htm)$          1440  40% 40320 ignore-no-cache ignore-no-store ignore-private override-expire reload-into-ims
    refresh_pattern (Release|Packages(.gz)*)$    0  20%  2880
    refresh_pattern .                          180  95% 43200 override-lastmod reload-into-ims

    1 year = 525600 mins, 1 month = 43800 mins

    refresh_pattern -i (/cgi-bin/|?)        0      0%      0
    refresh_pattern .(ico|video-stats)$ 129600 100% 129600 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth override-lastmod ignore-must-revalidate

    refresh_pattern imeem..flv$                          0    0%        0 override-lastmod override-expire
    refresh_pattern .rapidshare.
    /[0-9]/./[^/]* 161280    90%    161280 ignore-reload

    refresh_pattern (get_video?|videoplayback?|videodownload?|.flv?) 129600 100% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims
    refresh_pattern (get_video?|videoplayback?id|videoplayback.id|videodownload?|.flv?) 129600 100% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims
    refresh_pattern ^.
    (utm.gif|ads?|rmxads.com|ad.z5x.net|bh.contextweb.com|bstats.adbrite.com|a1.interclick.com|ad.trafficmp.com|ads.cubics.com|ad.xtendmedia.com|.googlesyndication.com|advertising.com|yieldmanager|game-advertising.com|pixel.quantserve.com|adperium.com|doubleclick.net|adserving.cpxinteractive.com|syndication.com|media.fastclick.net).* 129600 20% 129600 ignore-no-cache ignore-no-store ignore-private override-expire ignore-reload ignore-auth ignore-must-revalidate

    refresh_pattern ^.safebrowsing.google                                  129600 100% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-must-revalidate
    refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?).google.co(m|.uk)    129600 100% 129600 override-expire ignore-reload ignore-private
    refresh_pattern ytimg.com.
    .jpg                                        129600 100% 129600 override-expire ignore-reload
    refresh_pattern images.friendster.com.
    .(png|gif)                    129600 100% 129600 override-expire ignore-reload
    refresh_pattern garena.com                                              129600 100% 129600 override-expire reload-into-ims
    refresh_pattern photobucket..(jp(e?g|e|2)|tiff?|bmp|gif|png)          129600 100% 129600 override-expire ignore-reload
    refresh_pattern vid.akm.dailymotion.com.
    .on2?                      129600 100% 129600 ignore-no-cache override-expire override-lastmod
    refresh_pattern mediafire.com/images..(jp(e?g|e|2)|tiff?|bmp|gif|png) 129600 100% 129600 reload-into-ims override-expire ignore-private
    refresh_pattern ^http://images|pics|thumbs[0-9].                      129600 100% 129600 reload-into-ims ignore-no-cache ignore-no-store ignore-reload override-expire
    refresh_pattern ^http://www.onemanga.com.
    /                          129600 100% 129600 reload-into-ims ignore-no-cache ignore-no-store ignore-reload override-expire

    ANTI VIRUS

    refresh_pattern guru.avg.com/..(bin)                              43200 100% 43200  ignore-no-cache ignore-no-store ignore-reload reload-into-ims
    refresh_pattern (avgate|avira).
    (idx|gz)$                          43200 100% 43200  ignore-no-cache ignore-no-store ignore-reload reload-into-ims
    refresh_pattern kaspersky..avc$                                  43200 100% 43200  ignore-no-cache ignore-no-store ignore-reload reload-into-ims
    refresh_pattern kaspersky                                          43200 100% 43200  ignore-no-cache ignore-no-store ignore-reload reload-into-ims
    refresh_pattern update.nai.com/.
    .(gem|zip|mcs)                    43200 100% 43200  ignore-no-cache ignore-no-store ignore-reload reload-into-ims
    refresh_pattern ^http://liveupdate.symantecliveupdate.com.(zip) 43200 100% 43200  ignore-no-cache ignore-no-store ignore-reload reload-into-ims
    refresh_pattern -i symantecliveupdate.com/.
    .(zip|exe)            43200 100% 43200 reload-into-ims
    refresh_pattern -i avast.com/..(vpu|vpaa) 4320 100% 43200 reload-into-ims
    refresh_pattern -i avira-update.com/.
    .* 720 100% 10800 reload-into-ims

    #windows update NEW UPDATE 0.04
    refresh_pattern windowsupdate.com/..(cab|exe|dll|msi|psf) 10080 100% 43200 reload-into-ims
    refresh_pattern update.microsoft.com/.
    .(cab|exe)                  43200 100% 129600 ignore-no-cache ignore-no-store ignore-reload reload-into-ims
    refresh_pattern download.microsoft.com/..(cab|exe|dll|msi|psf) 10080 100% 43200 reload-into-ims
    refresh_pattern -i microsoft.com/.
    .(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
    refresh_pattern -i windowsupdate.com/..(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
    refresh_pattern -i windows.com/.
    .(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
    refresh_pattern ([^.]+.)?(download|(windows)?update).(microsoft.)?com/..(cab|exe|msi|msp|psf) 4320 100% 43200 reload-into-ims
    refresh_pattern update.microsoft.com/.
    .(cab|exe|dll|msi|psf) 10080 100% 43200 reload-into-ims
    refresh_pattern windowsupdate.com/..(cab|exe|dll|msi|psf) 10080 100% 43200 reload-into-ims
    refresh_pattern download.microsoft.com/.
    .(cab|exe|dll|msi|psf) 10080 100% 43200 reload-into-ims
    refresh_pattern www.microsoft.com/.*.(cab|exe|dll|msi|psf) 10080 100% 43200 reload-into-ims

    refresh_pattern au.download.windowsupdate.com/..(cab|exe|dll|msi|psf) 4320 100% 43200 reload-into-ims
    refresh_pattern bg.v4.pr.dl.ws.microsoft.com/.
    .(cab|exe|dll|msi|psf) 4320 100% 43200 reload-into-ims
    refresh_pattern -i .windowsupdate.com/..(cab|exe)                    259200 100% 259200 ignore-no-store ignore-reload reload-into-ims
    refresh_pattern -i .update.microsoft.com/..(cab|exe|dll|msi|psf)                  259200 100% 259200 ignore-no-store ignore-reload reload-into-ims
    refresh_pattern au.download.windowsupdate.com/..(cab|exe|dll|msi|psf) 4320 100% 43200 reload-into-ims
    refresh_pattern bg.v4.pr.dl.ws.microsoft.com/.
    .(cab|exe|dll|msi|psf) 4320 100% 43200 reload-into-ims

    #apple update
    refresh_pattern -i (download|adcdownload).apple.com/.*.(pkg|dmg) 4320 100% 43200 reload-into-ims
    refresh_pattern -i appldnld.apple.com 129600 100% 129600 ignore-reload ignore-no-store override-expire override-lastmod ignore-must-revalidate
    refresh_pattern -i phobos.apple.com 129600 100% 129600 ignore-reload ignore-no-store override-expire override-lastmod ignore-must-revalidate
    refresh_pattern -i iosapps.itunes.apple.com 129600 100% 129600 ignore-reload ignore-no-store override-expire override-lastmod ignore-must-revalidate

    #images facebook
    refresh_pattern ((facebook.com)|(85.131.151.39))..(jpg|png|gif) 129600 100% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store
    refresh_pattern -i .fbcdn.net.
    .(jpg|gif|png|swf|mp3)          129600 100% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store
    refresh_pattern static.ak.fbcdn.net*.(jpg|gif|png)            129600 100% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store
    refresh_pattern ^http://profile.ak.fbcdn.net*.(jpg|gif|png)  129600 100% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store

    #banner IIX
    refresh_pattern ^http://openx..(jp(e?g|e|2)|gif|pn[pg]|swf|ico|css|tiff?) 129600 100% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store
    refresh_pattern ^http://ads(1|2|3).kompas.com.
    /                          43200  100% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store
    refresh_pattern ^http://img.ads.kompas.com./                              43200  100% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store
    refresh_pattern .kompasimages.com.
    .(jpg|gif|png|swf)                        43200  100% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store
    refresh_pattern ^http://openx.kompas.com./                                43200  100% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store
    refresh_pattern kaskus.\us.
    .(jp(e?g|e|2)|gif|png|swf)                      43200  100% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store
    refresh_pattern ^http://img.kaskus.us.*.(jpg|gif|png|swf)                  43200  100% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store

    #IIX DOWNLOAD
    refresh_pattern ^http://.www[0-9][0-9].indowebster.com/(.*)(mp3|rar|zip|flv|wmv|3gp|mp(4|3)|exe|msi|zip) 43200 100% 129600 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  ignore-auth

    refresh_pattern -i ^http://(khm?)([^/]*?).google.(de|com)    129600 100% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-reload

    refresh_pattern -i ^http://ecn.t\d.tiles.virtualearth.net/tiles/\w*.jpeg    129600 100% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims ignore-reload