#
WELCOME TO SQUID LUSCA_FMI
#
----------------------------
#
Provided by mr-ekoapriadi.blogspot.com
#
last revision 26/06/2013
http_port 3128 transparent
#==============================================================#
pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/share/squid/errors/English
icon_directory /usr/share/squid/icons
visible_hostname www.mr-ekoapriadi.blogspot.com
cache_mgr mr.ekoapriadi@gmail.com
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
logfile_rotate 1
shutdown_lifetime 10 seconds
cache_mem 8 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
#==============================================================#
cache_dir aufs /cache 15000 35 256
#CONTOH DNS GOOGLE
dns_nameservers 8.8.8.8 8.8.4.4
#==============================================================#
dns_testnames 127.0.0.1
minimum_object_size 128 bytes
maximum_object_size 128000 KB
offline_mode off
cache_swap_low 98
cache_swap_high 99
# Setup some default acls
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535
acl sslports port 443 563 81
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin \?
acl snmppublic snmp_community public
acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
acl apache rep_header Server ^Apache
#==============================================================#
#acl blockweb url_regex "/etc/squid/block.txt"
#http_access deny blockweb
#==============================================================#
acl localnet src 192.168.1.0/16 # RFC1918 possible internal network
#==============================================================#
#start storeurl htproxy
#==============================================================#
acl store_rewrite_list dstdomain .fbcdn.net .youtube.com .googlevideo.com .gstatic.com .bp.blogspot.com
acl store_rewrite_list dstdomain .4shared.com .twimg.com .ytimg.com .orkut.com
acl store_rewrite_list dstdomain .ggpht.com .media.tumblr.com .photobucket.com
acl store_rewrite_list dstdomain .avast.com .avg.com .vimeo.com .v.mccont.com .blip.tv
acl store_rewrite_list dstdomain .flashvideo.globo.com .terra.com
acl store_rewrite_list dstdomain .wpc.porntube.com .redtubefiles.com .xvideos.com .phncdn.com .pornhub.com
acl store_rewrite_list dstdomain .catalog.video.msn.com .mais.uol.com.br
acl store_rewrite_list dstdomain .videobb.com .sourceforge.net
acl store_rewrite_list_url url_regex (firefox|speedtest|iavs5x|iavs4x)
acl dontrewrite url_regex (get_video|videoplayback\?id|videoplayback.*id).*begin\=[1-9][0-9]*
acl dontrewrite url_regex \.(php|asp|aspx|jsp|cgi|js)\?
acl dontrewrite url_regex threadless.*\.jpg\?r=
storeurl_access deny dontrewrite
storeurl_access allow store_rewrite_list
storeurl_access allow store_rewrite_list_url
storeurl_access deny all
storeurl_access deny all
storeurl_rewrite_program /etc/squid/storeurl.pl
storeurl_rewrite_children 1
#==============================================================#
#end storeurl acl
#==============================================================#
broken_vary_encoding allow apache
upgrade_http0.9 deny shoutcast
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports
# Always allow localhost connections
http_access allow localhost
# Allow local network(s) on interface(s)
http_access allow localnet
# Default block all to be sure
http_access deny all
#==============================================================#
#REFRESH PATTERN TUNNING
#==============================================================#
#Spesific Site
refresh_pattern ^http://([a-z][0-9]\.){0,1}(profile|sphotos|photos-[a-z])\.ak\.fbcdn\.net/hp(rofile|hotos)-ak- 5259487 99999% 5259487 override-expire reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://[^/]*\.(youtube|googlevideo).com/(get_video|videoplayback|videodownload)\? 5259487 99999% 5259487 override-expire ignore-reload reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://lh.\.ggpht\.com/.*\.(bmp|gif|jpg|png) 5259487 99999% 5259487 override-expire reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://i.\.ytimg\.com/.*\.(bmp|gif|jpg|png) 5259487 99999% 5259487 override-expire reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://a.\.twtimg\.com/.*\.(bmp|gif|jpg|png) 5259487 99999% 5259487 override-expire reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://(.{1,2}\.|)media\.tumblr\.com/.*\.(bmp|gif|jpg|png) 5259487 99999% 5259487 override-expire reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://(i|th).{1,4}\.photobucket\.com/.*\.(bmp|gif|jpg|png) 5259487 99999% 5259487 override-expire reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://[1-4]\.bp\.blogspot\.com/ 5259487 99999% 5259487 override-expire reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://download.*\.avast\.com/ 5259487 99999% 5259487 override-expire reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://download.*\.4shared\.com/ 5259487 99999% 5259487 override-expire reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://(backup|a.|pupdate-aa)\.avg\.c(om|z)/softw/ 5259487 99999% 5259487 override-expire reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://av\.vimeo\.com/.*\.(mp4|flv) 5259487 99999% 5259487 override-expire ignore-reload stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://.{1,3}\.video.\.blip\.tv.*\.(m4v|flv|mp4|wmv|rm|ram|mov|avi|mp3) 5259487 99999% 5259487 override-expire ignore-reload stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://flashvideo.globo.com/.*mp4 5259487 99999% 5259487 override-expire ignore-reload stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://(img|content).{1,2}.catalog.video.msn.com/ 5259487 99999% 5259487 override-expire ignore-reload stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://(video.{1,2}|thumb|storage)\.mais\.uol\.com.br/ 5259487 99999% 5259487 override-expire reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://v.mccont.com/ 5259487 99999% 5259487 override-expire reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://(img..|videos\.flv.{0,1})\.redtubefiles\.com/ 5259487 99999% 5259487 override-expire ignore-reload stale-while-revalidate=2592000 ignore-private ignore-no-cache
refresh_pattern ^http://wpc.porntube.com/ 5259487 99999% 5259487 override-expire ignore-reload stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://porn.{1,3}\.xvideos\.com/.*\.flv 5259487 99999% 5259487 override-expire ignore-reload stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://s[0-9]{0,3}\.videobb\.com/ 5259487 99999% 5259487 override-expire ignore-reload stale-while-revalidate=2592000 ignore-private ignore-no-cache store-stale
refresh_pattern ^http://t.\.gstatic\.com/ 5259487 99999% 5259487 override-expire reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache
refresh_pattern ^http://cdn[1-3][a-z]{0,1}.*\.phncdn\.com/ 5259487 99999% 5259487 override-expire reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache
refresh_pattern ^http://nyc-v[0-9]{1,3}\.pornhub\.com/*\.flv 5259487 99999% 5259487 override-expire reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache
refresh_pattern ^http://[a-z]{1,}\.dl\.sourceforge\.net\/project/ 5259487 99999% 5259487 override-expire reload-into-ims stale-while-revalidate=2592000 ignore-private ignore-no-cache
refresh_pattern (speedtest|firefox) 5259487 99999% 5259487 override-expire override-expire reload-into-ims ignore-must-revalidate ignore-private ignore-no-cache store-stale
#Generic files
refresh_pattern \.(jp(e?g|e|2)|tiff?|bmp|gif|png) 2629742 999999% 2629742 override-expire ignore-no-cache ignore-no-store reload-into-ims ignore-private store-stale
refresh_pattern \.(z(ip|[0-9]{2})|r(ar|[0-9]{2})|jar|bz2|gz|tar|rpm|vpu) 2629742 999999% 2629742 override-expire reload-into-ims store-stale ignore-must-revalidate
refresh_pattern \.(mp3|wav|og(g|a)|flac|midi?|rm|aac|wma|mka|ape) 2629742 999999% 2629742 override-expire reload-into-ims ignore-reload ignore-must-revalidate store-stale
refresh_pattern \.(kom|nzp|iop|exe|msi|dmg|bin|xpi|iso|swf|mar|psf|cab) 2629742 999999% 2629742 override-expire reload-into-ims ignore-no-cache ignore-must-revalidate store-stale
refresh_pattern \.(mpeg|ra?m|avi|mp(g|e|4)|mov|divx|asf|wmv|m\dv|rv|vob|asx|ogm|flv|3gp|on2) 2629742 9999999% 2629742 override-expire reload-into-ims ignore-must-revalidate ignore-private ignore-no-store store-stale
refresh_pattern -i (cgi-bin|hackshield|xtrap|Loader|login) 0 0% 0
refresh_pattern \.(php|jsp|cgi|asx|js|jsp)\? 0 0% 0
refresh_pattern . 0 50% 2629742 store-stale
#==============================================================#
acl download url_regex -i \.rm$ \.mpg$ \.mpeg$ \.avi$ \.dat$ \.exe$ \.vqf$ \.tar.gz$ \.gz$ \.rpm$ \.mp4$ \.mp3$
acl download url_regex -i \.zip$ \.bz2$ \.rar$ \.qt$ \.ram$ \.rm$ \.iso$ \.raw$ \.wav$ \.mov$ \.cab$
acl download url_regex -i \.rhz$ \.dat$ \.hlp$ \.psf$ \.exe$ \.bin$ \.cab$ \.amr$ \.msi$ \.dll$
delay_pools 1
delay_class 1 1
delay_parameters 1 1000/16000
delay_access 1 allow download
delay_access 1 deny ALL
#==============================================================#
#flow qos mark HIT
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136
#SNMP enable for MRTG
snmp_port 3401
snmp_access allow snmppublic all
#Option Tunning
max_filedescriptors 65536
range_offset_limit 128 KB
read_ahead_gap 32 KB
reload_into_ims on
strip_query_terms on
negative_dns_ttl 1 second
negative_ttl 1 second
maximum_single_addr_tries 2
retry_on_error on
vary_ignore_expire on
client_db on
ipcache_size 10240
fqdncache_size 1024
pipeline_prefetch on
half_closed_clients off
buffered_logs on
download_fastest_client_speed off
n_aiops_threads 32
