Saturday, January 05, 2013

Squid 3.1.23 : Example Squid.conf & Squid start up

#Squid.conf

#WELCOME TO SQUID 3.1.23
#       ----------------------------
acl snmppublic snmp_community public
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32

acl bamboe src 192.168.3.0/24
#uncomment noway url, if necessary
#acl noway url_regex -i "/etc/squid/noway"
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 1935          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http

acl CONNECT method CONNECT

http_access deny noway
http_access allow manager localhost
http_access allow bamboe
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
htcp_access deny all
miss_access allow all

# NETWORK OPTIONS
http_port 3127 transparent
hierarchy_stoplist cgi-bin ? .js .jsp mivo.tv 192.168.10.29 192.168.10.30 static.videoku.tv
acl QUERY urlpath_regex cgi-bin \? .js .jsp 192.168.10.29 192.168.10.30  youtube.com indowebster.com static.videoku.tv
no_cache deny QUERY

#  MEMORY CACHE OPTIONS
cache_mem 1024 MB
maximum_object_size_in_memory 16 KB
memory_replacement_policy heap GDSF

# DISK CACHE OPTIONS
cache_replacement_policy heap LFUDA
cache_dir aufs /cache 160000 64 256
store_dir_select_algorithm least-load
minimum_object_size 16 KB
maximum_object_size 512 MB
cache_swap_low 97
cache_swap_high 99

#LOGFILE OPTIONS
access_log /var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
cache_store_log none
cache_swap_log /etc/squid/swap/swap.state
logfile_rotate 5
log_fqdn off
log_icp_queries off
buffered_logs off
emulate_httpd_log off

#OPTIONS FOR TUNING THE CACHE
refresh_pattern -i \.swf$ 20160 80% 20160  override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache  ignore-private ignore-auth
refresh_pattern -i \.gif$ 20160 80% 20160  override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache  ignore-private ignore-auth
refresh_pattern -i \.jpg$ 20160 80% 20160  override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache  ignore-private ignore-auth
refresh_pattern -i \.jpeg$ 20160 80% 20160  override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache  ignore-private  ignore-auth
refresh_pattern -i \.exe$ 20160 80% 20160  override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache  ignore-private  ignore-auth

# 1 year = 525600 mins, 1 month = 20160 mins, 1 day = 1440
refresh_pattern ^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 20160 20% 20160 ignore-no-cache  ignore-private override-expire ignore-reload ignore-auth
refresh_pattern ^.*safebrowsing.*google                                 20160 80% 20160 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.uk)    20160 80% 20160 override-expire ignore-reload ignore-private
refresh_pattern ytimg\.com.*\.jpg                                       20160 80% 20160 override-expire ignore-reload
refresh_pattern images\.friendster\.com.*\.(png|gif)                    20160 80% 20160 override-expire ignore-reload
refresh_pattern garena\.com                                             20160 80% 20160 override-expire reload-into-ims
refresh_pattern photobucket.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png)          20160 80% 20160 override-expire ignore-reload
refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\?                     20160 80% 20160 ignore-no-cache override-expire override-lastmod
refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png)    20160 80% 20160 reload-into-ims override-expire ignore-private
refresh_pattern ^http:\/\/images|pics|thumbs[0-9]\.                     20160 80% 20160 reload-into-ims ignore-no-cache  ignore-reload override-expire
refresh_pattern ^http:\/\/www.onemanga.com.*\/                          20160 80% 20160 reload-into-ims ignore-no-cache  ignore-reload override-expire
refresh_pattern ^http://v\.okezone\.com/get_video\/([a-zA-Z0-9])        20160 80% 20160 override-expire ignore-reload ignore-no-cache  ignore-private ignore-auth override-lastmod
#images facebook
refresh_pattern -i \.facebook.com.*\.(jpg|png|gif)                      20160 80% 20160 ignore-reload override-expire ignore-no-cache
refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3)                 20160 80% 20160 ignore-reload override-expire ignore-no-cache
refresh_pattern  static\.ak\.fbcdn\.net*\.(jpg|gif|png)                 20160 80% 20160 ignore-reload override-expire ignore-no-cache
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png)        20160 80% 20160 ignore-reload override-expire ignore-no-cache

#All File
refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt)       20160 80% 20160 ignore-no-cache   override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar)  20160 80% 20160 ignore-no-cache   override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll)         20160 80% 20160 ignore-no-cache   override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 20160 80% 20160 ignore-no-cache   override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 20160 80% 20160 ignore-no-cache   override-expire override-lastmod reload-into-ims
refresh_pattern ^ftp:           1440    90%     201600  override-lastmod reload-into-ims
refresh_pattern ^gopher:        1440    0%      1440    override-lastmod reload-into-ims
refresh_pattern (cgi-bin|\?)    0       0%      0
refresh_pattern .               0       80%     20160   override-lastmod reload-into-ims

#SNMP OPTIONS
snmp_port 3401
snmp_access allow snmppublic bamboe
snmp_access deny all

#another optimizing
memory_pools off
client_db off
coredump_dir /cache
reload_into_ims on
balance_on_multiple_ip on
vary_ignore_expire on
pipeline_prefetch on
quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95
shutdown_lifetime 10 seconds
half_closed_clients off
cache_effective_user squid
cache_effective_group squid
dns_nameservers 61.94.192.12 202.134.1.10 8.8.8.8 8.8.4.4
ipcache_size 2048
ipcache_low 90
ipcache_high 95

#MARKING ZPH for squid 3.1
qos_flows local-hit=0x30

StartUp Squid

#!/bin/bash
# squid This shell script takes care of starting and stopping
# Squid Internet Object Cache
#
# chkconfig: - 90 25
# description: Squid - Internet Object Cache. Internet object caching is \
# a way to store requested Internet objects (i.e., data available \
# via the HTTP, FTP, and gopher protocols) on a system closer to the \
# requesting site than to the source. Web browsers can then use the \
# local Squid cache as a proxy HTTP server, reducing access time as \
# well as bandwidth consumption.
# pidfile: /var/run/squid.pid
# config: /etc/squid/squid.conf
PATH=/usr/bin:/sbin:/bin:/usr/sbin
export PATH

# Source function library... comment it, if init-function is not found and error.
. /lib/lsb/init-functions

# check if the squid conf file is present
[ -f /etc/squid/squid.conf ] || exit 0

# determine the name of the squid binary
[ -f /usr/sbin/squid ] && SQUID=squid
[ -z "$SQUID" ] && exit 0

# determine which one is the cache_swap directory
CACHE_SWAP=`sed -e 's/#.*//g' /etc/squid/squid.conf | \
grep cache_dir | sed -e 's/cache_dir//' | \
cut -d ' ' -f 2`
[ -z "$CACHE_SWAP" ] && CACHE_SWAP=/cache

# default squid options
# -D disables initial dns checks. If you most likely will not to have an
#    internet connection when you start squid, uncomment this
SQUID_OPTS="-D -YC"
RETVAL=0
case "$1" in

start)
ulimit -HSn 65536;
echo 1024 65100 > /proc/sys/net/ipv4/ip_local_port_range;
echo -n "Starting $SQUID: "
for adir in $CACHE_SWAP; do
if [ ! -d $adir/00 ]; then
echo -n "init_cache_dir $adir... "
$SQUID -z -F 2>/dev/null
fi
done
$SQUID $SQUID_OPTS &
RETVAL=$?
echo $SQUID
[ $RETVAL -eq 0 ] && touch /var/lock/$SQUID
;;

stop)
echo -n "Stopping $SQUID: "
$SQUID -k shutdown &
RETVAL=$?
if [ $RETVAL -eq 0 ] ; then
rm -f /var/lock/$SQUID
while : ; do
[ -f /var/run/squid.pid ] || break
sleep 2 && echo -n "."
done
echo "done"
else
echo
fi
;;

reload)
$SQUID $SQUID_OPTS -k reconfigure
exit $?
;;

restart)
$0 stop
$0 start
;;

status)
status $SQUID
$SQUID -k check
exit $?
;;

probe)
exit 0;
;;

*)
echo "Usage: $0 {start|stop|status|reload|restart}"
exit 1
esac
exit $RETVAL
                       

6 comments:

  1. If you're looking for an excellent contextual advertising company, I recommend you take a peek at ExoClick.

    ReplyDelete
  2. Want to join more affiliate networks?
    Visit this affiliate directory to look at the ultimate list of affiliate programs.

    ReplyDelete
  3. BlueHost is the best web-hosting company with plans for any hosting needs.

    ReplyDelete
  4. Are you looking for free YouTube Subscribers?
    Did you know that you can get them ON AUTO-PILOT & ABSOLUTELY FOR FREE by using Like 4 Like?

    ReplyDelete
  5. QUANTUM BINARY SIGNALS

    Professional trading signals sent to your mobile phone every day.

    Follow our trades right now & gain up to 270% a day.

    ReplyDelete
  6. If you are looking for a solid Pay Per Sale advertising network, I recommend you take a look at Click Bank.

    ReplyDelete