Monday, March 04, 2013

Squid 3.3.2 / 3.2.8 : Example Squid.conf

#WELCOME TO SQUID
#       ----------------------------

acl snmppublic snmp_community public
acl bamboe src 192.168.10.0/24
#uncomment noway url, if necessary.
#acl noway url_regex -i "/etc/squid/noway"
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 1935          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http


acl CONNECT method CONNECT
#http_access deny noway
http_access allow manager localhost
http_access allow bamboe
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
htcp_access deny all
miss_access allow all

# NETWORK OPTIONS
http_port 3128
http_port 3127 transparent

hierarchy_stoplist cgi-bin ? .js .jsp mivo.tv 192.168.10.29 192.168.10.30 static.videoku.tv
acl QUERY urlpath_regex cgi-bin \? .js .jsp 192.168.10.29 192.168.10.30  youtube.com indowebster.com static.videoku.tv
no_cache deny QUERY

#  MEMORY CACHE OPTIONS
cache_mem 1024 MB
maximum_object_size_in_memory 16 KB
memory_replacement_policy heap GDSF

# DISK CACHE OPTIONS
cache_replacement_policy heap LFUDA
cache_dir aufs /cache 160000 64 256
store_dir_select_algorithm least-load
minimum_object_size 16 KB
maximum_object_size 512 MB
cache_swap_low 97
cache_swap_high 99

#LOGFILE OPTIONS
access_log /var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
cache_store_log none
cache_swap_log /etc/squid/swap/swap.state
logfile_rotate 5
log_icp_queries off
buffered_logs off

#OPTIONS FOR TUNING THE CACHE
refresh_pattern -i \.swf$ 20160 80% 20160  override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache  ignore-private ignore-auth
refresh_pattern -i \.gif$ 20160 80% 20160  override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache  ignore-private ignore-auth
refresh_pattern -i \.jpg$ 20160 80% 20160  override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache  ignore-private ignore-auth
refresh_pattern -i \.jpeg$ 20160 80% 20160  override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache  ignore-private  ignore-auth
refresh_pattern -i \.exe$ 20160 80% 20160  override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache  ignore-private  ignore-auth

# 1 year = 525600 mins, 1 month = 20160 mins, 1 day = 1440
refresh_pattern ^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 20160 20% 20160 ignore-no-cache  ignore-private override-expire ignore-reload ignore-auth
refresh_pattern ^.*safebrowsing.*google                                 20160 80% 20160 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.uk)    20160 80% 20160 override-expire ignore-reload ignore-private
refresh_pattern ytimg\.com.*\.jpg                                       20160 80% 20160 override-expire ignore-reload
refresh_pattern images\.friendster\.com.*\.(png|gif)                    20160 80% 20160 override-expire ignore-reload
refresh_pattern garena\.com                                             20160 80% 20160 override-expire reload-into-ims
refresh_pattern photobucket.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png)          20160 80% 20160 override-expire ignore-reload
refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\?                     20160 80% 20160 ignore-no-cache override-expire override-lastmod
refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png)    20160 80% 20160 reload-into-ims override-expire ignore-private
refresh_pattern ^http:\/\/images|pics|thumbs[0-9]\.                     20160 80% 20160 reload-into-ims ignore-no-cache  ignore-reload override-expire
refresh_pattern ^http:\/\/www.onemanga.com.*\/                          20160 80% 20160 reload-into-ims ignore-no-cache  ignore-reload override-expire
refresh_pattern ^http://v\.okezone\.com/get_video\/([a-zA-Z0-9])        20160 80% 20160 override-expire ignore-reload ignore-no-cache  ignore-private ignore-auth override-lastmod
#images facebook
refresh_pattern -i \.facebook.com.*\.(jpg|png|gif)                      20160 80% 20160 ignore-reload override-expire ignore-no-cache

refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3)                 20160 80% 20160 ignore-reload override-expire ignore-no-cache
refresh_pattern  static\.ak\.fbcdn\.net*\.(jpg|gif|png)                 20160 80% 20160 ignore-reload override-expire ignore-no-cache
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png)        20160 80% 20160 ignore-reload override-expire ignore-no-cache

#All File
refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt)       20160 80% 20160 ignore-no-cache   override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar)  20160 80% 20160 ignore-no-cache   override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll)         20160 80% 20160 ignore-no-cache   override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 20160 80% 20160 ignore-no-cache   override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 20160 80% 20160 ignore-no-cache   override-expire override-lastmod reload-into-ims
refresh_pattern ^ftp:           1440    90%     201600  override-lastmod reload-into-ims
refresh_pattern ^gopher:        1440    0%      1440    override-lastmod reload-into-ims
refresh_pattern (cgi-bin|\?)    0       0%      0
refresh_pattern .               0       80%     20160   override-lastmod reload-into-ims
quick_abort_min 64 KB
quick_abort_max 64 KB
quick_abort_pct 95

shutdown_lifetime 10 seconds
half_closed_clients off
cache_effective_user squid
cache_effective_group squid

#SNMP OPTIONS
snmp_port 3401
snmp_access allow snmppublic bamboe
snmp_access deny all
dns_nameservers 61.94.192.12 202.134.1.10 8.8.8.8 8.8.4.4
ipcache_size 2048
ipcache_low 90
ipcache_high 95

#another optimizing
memory_pools off
client_db on
coredump_dir /cache
reload_into_ims on
balance_on_multiple_ip on
vary_ignore_expire on
pipeline_prefetch on

#MARKING ZPH for squid 3.1
qos_flows local-hit=0x30

5 comments:

  1. acl bamboe src 192.168.10.0/24

    I change the above according to my net ip or I use that as it is ????

    ReplyDelete
  2. frst how to install squid on opuntu

    ReplyDelete
    Replies
    1. http://myconfigure.blogspot.com/2013/03/transparent-squid-332-328-on-ubuntu.html
      or
      http://myconfigure.blogspot.com/2013/01/install-ubuntu-1210-squid-proxy.html

      Delete
  3. If you're looking for a good contextual ad network, I recommend that you take a peek at Propeller Ads.

    ReplyDelete