#######################
# HIGH PERFORMANCE SQUID 3.1.9
# Config date : 28 Desember 2011 by linuxer46
#######################
# ACCESS CONTROLS
# —————
acl QUERY urlpath_regex -i cgi-bin \? \.php$ \.asp$ \.shtml$ \.cfm$ \.cfml$ \.phtml$ \.php3$ localhost
acl all src
acl localnet src 192.168.1.0/24
acl localhost src 127.0.0.1
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535
acl sslports port 443 563 81
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
#============================================================$
# BLOCKING
#============================================================$
acl blacklist url_regex -i "/etc/squid3/sex"
acl sex dstdomain "/etc/squid3/domainsaru"
http_access deny blacklist
http_access deny sex
#filter url yang akan diblokir
#acl badurl dstdomain "/etc/squid3/socnet"
#deny_info http://google.co.id badurl
#setting waktu akses
#acl pagi time SMTWHA 09:00-11:00
#acl sore time SMTWHA 14:00-16:00
#setting tolak akses sesuai settingan waktu untuk domain yang ada di file
#/etc/squid/social.network
#http_access deny pagi badurl
#http_access deny sore badurl
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports
http_access allow localhost
http_access allow localnet
http_access deny all
#==============================================================================$
# DELAY POOL PARAMETERS
#==============================================================================$
# Filter Download
#acl download url_regex -i .exe .flv .mp3 .rar .wmv .avi .mpeg .mpe .mpg .rm .iso .mkv .wmf .wma .3gp .7z .asf .m4a .m4v .mov .mp4 .mpa .mpe .msi .zip
# dibuat 2 aturan
#delay_pools 2
#aturan 1, tidak ada pembatasan
#delay_class 1 2
#delay_parameters 1 -1/-1 -1/-1
# aturan 2, setelah download 2048000 bytes mk download menjadi 75000 bytes/s
#delay_class 2 2
#delay_parameters 2 75000/2048000
#delay_parameters 2 50000/50000 50000/50000
#delay_access 2 allow download
#delay_access 2 deny all
#delay_access 1 deny download
#delay_access 1 allow all
acl multimedia url_regex -i .exe .flv .mp3 .rar .wma .wmv .avi .mpeg .mpe .mpg .rm .iso .mkv .wmf .wma .3gp .7z .asf .m4a .m4v .mov .mp4 .mpa .mpe .msi .zip .dat .cab
# Multimedia Audio
#acl multimedia url_regex -i \.aif$ \.rmi$ \.snd$ \.wav$ \.aifc$ \.aiff$ \.au$ \.mid$ \.midi$ \.mp3$ \.wma$ \.vqf$ \.aaf$ \.ogg$
# Multimedia Video
#acl multimedia url_regex -i \.asf$ \.x-flv$ \.mpe$ \.mpeg$ \.mpg$ \.mpv2$ \.avi$ \.m1v$ \.mp2$\.mp2v$ \.mpa$ \.flv$ \.wmv$ \.dat$ \.mkv$ \.div$ \.divx$ \.ac3$ \.dts$ \.vob$ \.dvr-ms$ \.mp4$ \.m2v$ \.m4v$ \.m2ts$ \.bup$ \.3gpp$ \.3g2$ \.3gp2$ \.vro$ \.rm$ \.3gp$ \.ram$ \.raw$ \.qt$ \.mov$ \.svcd$ \.xdiv$ \.3mm$ \.aep$ \.ajp$ \.amv$ \.avs$ \.d2v$ \.d3v$ \.dmb$ \.dxr$ \.amx$ \.arf$ \.asf$ \.dvx$ \.f4v$ \.dv$ \.bsf$ \.rmvb$ \.rv$
# Gambar
#acl multimedia url_regex -i \.srf$ \.hdf$ \.wbmp$ \.wmf$ \.x3f$ \.xbm$ \.xpm$ \.cr2$ \.crw$ \.dcr$ \.tga$\.djvu$\.emf$ \.fpx$\.icl$ \.icn$ \.plp$ \.ppm$ \.raf$ \.ras$ \.raw$ \.mrw$ \.nef$ \.orf$ \.pbm$ \.pcd$ \.pef$ \.pgm$ \.rs$
# Program
#acl multimedia url_regex -i \.rpm$ \.bin$ \.dmg$ \.exe$ \.msi$ \.cab$
# Kompresi
#acl multimedia url_regex -i \.ace$ \.arj$ \.bzip2$ \.gz$ \.jar$ \.tgz$ \.uue$ \.iso$ \.7-zip$ \.rar$ \.alz$ \.nrg$ \.zip$ \.cab$ \.gzip$ \.lzh$ \.lzw$ \.tar$ \.tbz$
delay_pools 1
delay_class 1 1
delay_parameters 1 50000/1000000
delay_access 1 allow multimedia
delay_access 1 deny ALL
# NETWORK OPTIONS
# —————
http_port 8080 transparent
# OPTIONS WHICH AFFECT THE CACHE SIZE
# ———————————–
cache_mem 6 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
maximum_object_size 128000 KB
cache_swap_low 98
cache_swap_high 99
# LOGFILE PATHNAMES AND CACHE DIRECTORIES
# —————————————
access_log /var/log/squid3/access.log
cache_dir aufs /cache 37500 64 256
cache_log /var/log/squid3/cache.log
cache_store_log /var/log/squid3/store.log
logfile_rotate 5
log_ip_on_direct off
log_icp_queries off
buffered_logs off
#netdb_filename none
emulate_httpd_log on
# OPTIONS FOR TUNING THE CACHE
# —————————-
cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i \.(gif|png|jp?g|ico|bmp|tiff?)$ 10080 95% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(rpm|cab|deb|exe|msi|msu|zip|tar|gz|tgz|rar|bin|7z|doc?|xls?|ppt?|pdf|nth|psd|sis)$ 10080 90% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(avi|iso|wav|mid|mp?|mpeg|mov|3gp|wm?|swf|flv|x-flv|axd)$ 43200 95% 432000 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(html|htm|css|js)$ 1440 75% 40320
refresh_pattern -i \.index.(html|htm)$ 0 75% 10080
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 1440 90% 10080
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 100
store_avg_object_size 13 KB
# HTTP OPTIONS
# ————
vary_ignore_expire on
# ANONIMITY OPTIONS
# —————–
request_header_access From deny all
request_header_access Server deny all
request_header_access Link deny all
request_header_access Via deny all
request_header_access X-Forwarded-For deny all
# TIMEOUTS
# ——–
forward_timeout 240 second
connect_timeout 30 second
peer_connect_timeout 5 second
read_timeout 600 second
request_timeout 60 second
shutdown_lifetime 10 second
# ADMINISTRATIVE PARAMETERS
# ————————-
cache_mgr
[You must be registered and logged in to see this link.] cache_effective_user proxy
cache_effective_group proxy
httpd_suppress_version_string on
visible_hostname roby.novianto@admin
# DNS OPTIONS
# ———–
dns_timeout 10 seconds
dns_nameservers 203.130.193.74 202.134.0.155 8.8.8.8 61.247.0.8
# MISCELLANEOUS
# ————-
memory_pools off
client_db off
reload_into_ims on
coredump_dir /cache
pipeline_prefetch on
offline_mode off
#Marking ZPH (Zero Phinalty hit)
#zph_mode tos
#zph_local 0x30
#zph_parent 0
#zph_option 136
### END of CONFIGURATION ###