Saturday, January 05, 2013

Squid 3.1.23 : Example Squid.conf & Squid start up

#Squid.conf

#WELCOME TO SQUID 3.1.23
#       ----------------------------
acl snmppublic snmp_community public
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32

acl bamboe src 192.168.3.0/24
#uncomment noway url, if necessary
#acl noway url_regex -i "/etc/squid/noway"
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 1935          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http

acl CONNECT method CONNECT

http_access deny noway
http_access allow manager localhost
http_access allow bamboe
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
htcp_access deny all
miss_access allow all

# NETWORK OPTIONS
http_port 3127 transparent
hierarchy_stoplist cgi-bin ? .js .jsp mivo.tv 192.168.10.29 192.168.10.30 static.videoku.tv
acl QUERY urlpath_regex cgi-bin \? .js .jsp 192.168.10.29 192.168.10.30  youtube.com indowebster.com static.videoku.tv
no_cache deny QUERY

#  MEMORY CACHE OPTIONS
cache_mem 1024 MB
maximum_object_size_in_memory 16 KB
memory_replacement_policy heap GDSF

# DISK CACHE OPTIONS
cache_replacement_policy heap LFUDA
cache_dir aufs /cache 160000 64 256
store_dir_select_algorithm least-load
minimum_object_size 16 KB
maximum_object_size 512 MB
cache_swap_low 97
cache_swap_high 99

#LOGFILE OPTIONS
access_log /var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
cache_store_log none
cache_swap_log /etc/squid/swap/swap.state
logfile_rotate 5
log_fqdn off
log_icp_queries off
buffered_logs off
emulate_httpd_log off

#OPTIONS FOR TUNING THE CACHE
refresh_pattern -i \.swf$ 20160 80% 20160  override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache  ignore-private ignore-auth
refresh_pattern -i \.gif$ 20160 80% 20160  override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache  ignore-private ignore-auth
refresh_pattern -i \.jpg$ 20160 80% 20160  override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache  ignore-private ignore-auth
refresh_pattern -i \.jpeg$ 20160 80% 20160  override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache  ignore-private  ignore-auth
refresh_pattern -i \.exe$ 20160 80% 20160  override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache  ignore-private  ignore-auth

# 1 year = 525600 mins, 1 month = 20160 mins, 1 day = 1440
refresh_pattern ^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 20160 20% 20160 ignore-no-cache  ignore-private override-expire ignore-reload ignore-auth
refresh_pattern ^.*safebrowsing.*google                                 20160 80% 20160 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.uk)    20160 80% 20160 override-expire ignore-reload ignore-private
refresh_pattern ytimg\.com.*\.jpg                                       20160 80% 20160 override-expire ignore-reload
refresh_pattern images\.friendster\.com.*\.(png|gif)                    20160 80% 20160 override-expire ignore-reload
refresh_pattern garena\.com                                             20160 80% 20160 override-expire reload-into-ims
refresh_pattern photobucket.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png)          20160 80% 20160 override-expire ignore-reload
refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\?                     20160 80% 20160 ignore-no-cache override-expire override-lastmod
refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png)    20160 80% 20160 reload-into-ims override-expire ignore-private
refresh_pattern ^http:\/\/images|pics|thumbs[0-9]\.                     20160 80% 20160 reload-into-ims ignore-no-cache  ignore-reload override-expire
refresh_pattern ^http:\/\/www.onemanga.com.*\/                          20160 80% 20160 reload-into-ims ignore-no-cache  ignore-reload override-expire
refresh_pattern ^http://v\.okezone\.com/get_video\/([a-zA-Z0-9])        20160 80% 20160 override-expire ignore-reload ignore-no-cache  ignore-private ignore-auth override-lastmod
#images facebook
refresh_pattern -i \.facebook.com.*\.(jpg|png|gif)                      20160 80% 20160 ignore-reload override-expire ignore-no-cache
refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3)                 20160 80% 20160 ignore-reload override-expire ignore-no-cache
refresh_pattern  static\.ak\.fbcdn\.net*\.(jpg|gif|png)                 20160 80% 20160 ignore-reload override-expire ignore-no-cache
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png)        20160 80% 20160 ignore-reload override-expire ignore-no-cache

#All File
refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt)       20160 80% 20160 ignore-no-cache   override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar)  20160 80% 20160 ignore-no-cache   override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll)         20160 80% 20160 ignore-no-cache   override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 20160 80% 20160 ignore-no-cache   override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 20160 80% 20160 ignore-no-cache   override-expire override-lastmod reload-into-ims
refresh_pattern ^ftp:           1440    90%     201600  override-lastmod reload-into-ims
refresh_pattern ^gopher:        1440    0%      1440    override-lastmod reload-into-ims
refresh_pattern (cgi-bin|\?)    0       0%      0
refresh_pattern .               0       80%     20160   override-lastmod reload-into-ims

#SNMP OPTIONS
snmp_port 3401
snmp_access allow snmppublic bamboe
snmp_access deny all

#another optimizing
memory_pools off
client_db off
coredump_dir /cache
reload_into_ims on
balance_on_multiple_ip on
vary_ignore_expire on
pipeline_prefetch on
quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95
shutdown_lifetime 10 seconds
half_closed_clients off
cache_effective_user squid
cache_effective_group squid
dns_nameservers 61.94.192.12 202.134.1.10 8.8.8.8 8.8.4.4
ipcache_size 2048
ipcache_low 90
ipcache_high 95

#MARKING ZPH for squid 3.1
qos_flows local-hit=0x30

StartUp Squid

#!/bin/bash
# squid This shell script takes care of starting and stopping
# Squid Internet Object Cache
#
# chkconfig: - 90 25
# description: Squid - Internet Object Cache. Internet object caching is \
# a way to store requested Internet objects (i.e., data available \
# via the HTTP, FTP, and gopher protocols) on a system closer to the \
# requesting site than to the source. Web browsers can then use the \
# local Squid cache as a proxy HTTP server, reducing access time as \
# well as bandwidth consumption.
# pidfile: /var/run/squid.pid
# config: /etc/squid/squid.conf
PATH=/usr/bin:/sbin:/bin:/usr/sbin
export PATH

# Source function library... comment it, if init-function is not found and error.
. /lib/lsb/init-functions

# check if the squid conf file is present
[ -f /etc/squid/squid.conf ] || exit 0

# determine the name of the squid binary
[ -f /usr/sbin/squid ] && SQUID=squid
[ -z "$SQUID" ] && exit 0

# determine which one is the cache_swap directory
CACHE_SWAP=`sed -e 's/#.*//g' /etc/squid/squid.conf | \
grep cache_dir | sed -e 's/cache_dir//' | \
cut -d ' ' -f 2`
[ -z "$CACHE_SWAP" ] && CACHE_SWAP=/cache

# default squid options
# -D disables initial dns checks. If you most likely will not to have an
#    internet connection when you start squid, uncomment this
SQUID_OPTS="-D -YC"
RETVAL=0
case "$1" in

start)
ulimit -HSn 65536;
echo 1024 65100 > /proc/sys/net/ipv4/ip_local_port_range;
echo -n "Starting $SQUID: "
for adir in $CACHE_SWAP; do
if [ ! -d $adir/00 ]; then
echo -n "init_cache_dir $adir... "
$SQUID -z -F 2>/dev/null
fi
done
$SQUID $SQUID_OPTS &
RETVAL=$?
echo $SQUID
[ $RETVAL -eq 0 ] && touch /var/lock/$SQUID
;;

stop)
echo -n "Stopping $SQUID: "
$SQUID -k shutdown &
RETVAL=$?
if [ $RETVAL -eq 0 ] ; then
rm -f /var/lock/$SQUID
while : ; do
[ -f /var/run/squid.pid ] || break
sleep 2 && echo -n "."
done
echo "done"
else
echo
fi
;;

reload)
$SQUID $SQUID_OPTS -k reconfigure
exit $?
;;

restart)
$0 stop
$0 start
;;

status)
status $SQUID
$SQUID -k check
exit $?
;;

probe)
exit 0;
;;

*)
echo "Usage: $0 {start|stop|status|reload|restart}"
exit 1
esac
exit $RETVAL
                       

1 comment:

  1. If you're looking for an excellent contextual advertising company, I recommend you take a peek at ExoClick.

    ReplyDelete