belajar ilmu komputer

SETTING PROXY SERVER February 19, 2011

# NETWORK OPTIONS

# —————————————————————————–

http_port 10.10.10.4:3128 transparent

icp_port 0

 

# OPTIONS WHICH AFFECT THE CACHE SIZE

# —————————————————————————–

cache_mem 1000 MB

 

cache_swap_low 90

cache_swap_high 95

 

maximum_object_size 4096 KB

 

minimum_object_size 0 KB

maximum_object_size_in_memory 16 KB

ipcache_size 1024

ipcache_low 90

ipcache_high 95

 

cache_replacement_policy heap LFUDA

memory_replacement_policy heap LFUDA

 

# LOGFILE PATHNAMES AND CACHE DIRECTORIES

# —————————————————————————–

cache_dir diskd /cache1 4000 16 256 01=72 02=64

cache_dir diskd /cache2 4000 16 256 01=72 02=64

 

cache_access_log /var/log/squid/access.log

cache_log_none

cache_store_log_none

# cache_swap_log /var/spool/squid

# pid_filename /var/log/squid/logs/squid.pid

 

log_ip_on_direct on

mime_table /etc/squid/mime.conf

 

log_mime_hdrs off

#referer_log

 

debug_options ALL,1

log_fqdn off

client_netmask 255.255.255.255

 

# OPTIONS FOR EXTERNAL SUPPORT PROGRAMS

# —————————————————————————–

 

ftp_user Squid@

auth_param basic children 5

auth_param basic realm squid proxy-caching web server

auth_param basic credentialsttl 2 hours

auth_param basic casensitive off

 

 

# OPTIONS FOR TUNING THE CACHE

# —————————————————————————–

 

request_header_max_size 15 KB

request_body_max_size 10 MB

 

refresh_pattern -i cgi-bin          1           20% 2

refresh_pattern -i \?               1           20% 2

 

refresh_pattern -i \.asp$           4800        50% 22160

refresh_pattern -i \.acgi$          4800        50% 22160

refresh_pattern -i \.cgi$           4800        50% 22160

refresh_pattern -i \.shtml$         4800        50% 22160

refresh_pattern -i \.php3$          4800        50% 22160

refresh_pattern -i \.pl$            4800        50% 22160

refresh_pattern -i \.bom\.gov\.au     30        20% 120

refresh_pattern -i \.html$          4800        50% 22160

refresh_pattern -i \.htm$           4800        50% 22160

refresh_pattern -i \.gif$           22160       95% 43200

refresh_pattern -i \.jpg$           22160       95% 120960

refresh_pattern -i \.class$         10680       90% 43200

refresh_pattern -i \.zip$           22160       95% 43200

refresh_pattern -i \.jpeg$          22160       95% 120960

refresh_pattern -i \.mid$           22160       95% 120960

refresh_pattern -i \.exe$           22160       95% 120960

refresh_pattern -i \.thm$           10080       90% 43200

refresh_pattern -i \.wav$           22160       95% 120960

refresh_pattern -i \.txt$           22160       95% 43200

refresh_pattern -i \.cab$           22160       95% 120960

refresh_pattern -i \.au$            22160       95% 120960

refresh_pattern -i \.mov$           22160       95% 120960

refresh_pattern -i \.xom$           10080       90% 43200

refresh_pattern -i \.ram$           22160       95% 120960

refresh_pattern -i \.avi$           22160       95% 120960

refresh_pattern -i \.chtml$         4800        50% 22160

refresh_pattern -i \.thb$           10080       90% 43200

refresh_pattern -i \.dcr$           10080       90% 43200

refresh_pattern -i \.bmp$           22160       95% 120960

refresh_pattern -i \.phtml$         4800        50% 22160

refresh_pattern -i \.mpg$           22160       95% 120960

refresh_pattern -i \.pdf$           22160       95% 120960

refresh_pattern -i \.art$           10080       90% 43200

refresh_pattern -i \.swf$           22160       95% 43200

refresh_pattern -i \.mp3$           22160       98% 120960

refresh_pattern -i \.ra$            10080       95% 120960

refresh_pattern -i \.spl$           10080       90% 43200

refresh_pattern -i \.viv$           10080       95% 120960

refresh_pattern -i \.doc$           22160       95% 43200

refresh_pattern -i \.gz$            22160       95% 120960

refresh_pattern -i \.Z$       22160       95% 120960

refresh_pattern -i \.tgz$           22160       95% 120960

refresh_pattern -i \.tar$           22160       95% 120960

refresh_pattern -i \.vrm$           10080       90% 43200

refresh_pattern -i \.vrml$          10080       90% 43200

refresh_pattern -i \.aif$           10080       95% 43200

refresh_pattern -i \.aifc$          10080       90% 43200

refresh_pattern -i \.aiff$          10080       90% 43200

refresh_pattern -i \.arj$           10080       90% 43200

refresh_pattern -i \.c$       10080       90% 43200

refresh_pattern -i \.cpt$           10080       90% 43200

refresh_pattern -i \.dir$           10080       90% 43200

refresh_pattern -i \.dxr$           10080       90% 43200

refresh_pattern -i \.hqx$           10080       90% 43200

refresh_pattern -i \.jpe$           22160       95% 120960

refresh_pattern -i \.lba$           22160       95% 120960

refresh_pattern -i \.lzh$           22160       95% 120960

refresh_pattern -i \.midi$          22160       95% 120960

refresh_pattern -i \.movie$         22160       95% 120960

refresh_pattern -i \.mp2$           22160       95% 120960

refresh_pattern -i \.mpe$           22160       95% 120960

refresh_pattern -i \.mpeg$          22160       95% 120960

refresh_pattern -i \.mpega$         10080       95% 120960

refresh_pattern -i \.pl$            10080       90% 43200

refresh_pattern -i \.ppt$           22160       95% 120960

refresh_pattern -i \.ps$            10080       90% 43200

refresh_pattern -i \.qt$            22160       95% 120960

refresh_pattern -i \.qtm$           22160       95% 120960

refresh_pattern -i \.ras$           10080       90% 43200

refresh_pattern -i \.sea$           10080       90% 43200

refresh_pattern -i \.sit$           10080       90% 43200

refresh_pattern -i \.tif$           10080       90% 43200

refresh_pattern -i \.tiff$          10080       90% 43200

refresh_pattern -i \.snd$           10080       90% 43200

refresh_pattern -i \.wrl$           10080       90% 43200

refresh_pattern ^ftp://             1440        20% 10080

refresh_pattern ^gopher://          1440        0%  1440

refresh_pattern .             0           20% 4320

 

quick_abort_min 0

quick_abort_max 0

quick_abort_pct 95

 

negative_ttl 5 minutes

positive_dns_ttl 6 hours

negative_dns_ttl 5 minutes

range_offset_limit 0 KB

 

# TIMEOUTS

# —————————————————————————–

 

forward_timeout 4 minutes

connect_timeout 1 minute

# peer_connect_timeout 30 seconds

read_timeout 15 minutes

request_timeout 5 minutes

persistent_request_timeout 1 minute

 

client_lifetime 1 day

half_closed_clients off

pconn_timeout 120 seconds

shutdown_lifetime 3 seconds

 

# ACCESS CONTROLS

# —————————————————————————–

 

#acl myexample dst_as 1241

#acl password proxy_auth REQUIRED

#acl fileupload req_mime_type -i ^multipart/form-data$

#acl javascript rep_mime_type -i ^application/x-javascript$

 

acl all src 0.0.0.0/0.0.0.0

acl manager proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl to_localhost dst 127.0.0.0/8

acl local src 192.168.200.0/24

acl local-domain dstdomain localhost 10.10.10.2 117.103.56.248

acl jam kantor download time MTWHFA 07:00-15:30

acl jam kantor porno time MTWHFA 07:00-12:30

acl SSL_ports port 443 563

acl Safe_ports port 80              # http

acl Safe_ports port 21              # ftp

acl Safe_ports port 443 563         # https, snews

acl Safe_ports port 70              # gopher

acl Safe_ports port 210       # wais

acl Safe_ports port 1025-65535      # unregistered ports

acl Safe_ports port 280       # http-mgmt

acl Safe_ports port 488       # gss-http

acl Safe_ports port 591       # filemaker

acl Safe_ports port 777       # multiling http

acl CONNECT method CONNECT

 

always direct allow localhost lokal-domain

 

#acl cara-1 dstdomain “/etc/squid/domain-terlarang”

#http_access deny cara-1

 

#acl cara-2 url_regex -i “/etc/squid/kata-terlarang”

#http_access deny cara-2

 

acl download url_regex -i “/etc/squid/download”

http_access deny download jam kantor download

 

acl porno url_regex -i “etc/squid/porno”

http_access deny porno jam kantor porno

 

http_access allow manager localhost

http_access allow manager lokal

http_access deny manager

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports

http_access deny to_localhost

http_access allow lokal

http_access allow localhost

http_access deny all

 

http_reply_access allow all

icp_access deny all

miss_access allow lokal

miss_access deny all

 

reply_header_max_size 20 KB

reply_body_max_size 0 allow all

 

header_access Accept-Encoding allow all

header_access Via allow all

 

# ADMINISTRATIVE PARAMETERS

# —————————————————————————–

 

cache_mgr exco.martinho@gmail.com

cache_effective_user proxy

cache_effective_group proxy

visible_hostname excobelajar.wordpress.com

unique_hostname excobelajar.wordpress.com

 

# HTTPD-ACCELERATOR OPTIONS

# —————————————————————————–

 

#httpd_accel_host virtual

#httpd_accel_port 80

#httpd_accel_single_host off

#httpd_accel_with_proxy on

#httpd_accel_uses_host_header on

 

 

# MISCELLANEOUS

# —————————————————————————–

 

logfile_rotate 1

 

# append_domain .yourdomain.com

tcp_recv_bufsize 0 bytes

 

# memory_pools on

# memory_pools_limit 5 MB

 

forwarded_for on

 

# cachemgr_passwd secret shutdown

cachemgr_passwd aloh4 info stats/objects

# cachemgr_passwd disable all

 

store_avg_object_size 13 KB

store_objects_per_bucket 20

 

pipeline_prefetch off

 

store_dir_select_algorithm round-robin

ie_refresh on

 

# DELAY POOL PARAMETERS (all require DELAY POOLS compilation option)

# —————————————————————————–

 

# PERSISTENT CONNECTION HANDLING

# —————————————————————————–

 

client_persistent_connections on

server_persistent_connections on

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s