http_port 3128 transparent hierarchy_stoplist cgi-bin ? .js .jsp .php .asp acl QUERY urlpath_regex cgi-bin \? .js .jsp no_cache deny QUERY cache_replacement_policy heap LFUDA memory_replacement_policy heap GDSF cache_mem 6 MB cache_dir aufs /cache 9000 28 256 cache_swap_low 98 cache_swap_high 99 cache_access_log /cache/access.log cache_log /cache/cache.log cache_store_log none mime_table /usr/local/squid/etc/mime.conf pid_filename /var/run/squid.pid client_netmask 255.255.255.255 dns_nameservers 202.95.128.180 202.95.128.60 #refresh_pattern \.gif 4320 50% 43200 #refresh_pattern \.jpg 4320 50% 43200 #refresh_pattern \.tif 4320 50% 43200 #refresh_pattern ^http://www.friendster.com/.* 720 100% 4320 #refresh_pattern ^http://mail.yahoo.com/.* 720 100% 4320 #refresh_pattern ^http://mail1.plasa.com/.* 720 100% 4320 #refresh_pattern ^http://*.yahoo.*/.* 720 100% 4320 #refresh_pattern ^http://*.friendster.*/.* 720 100% 4320 #refresh_pattern ^http://www.yahoo.com/.* 720 100% 4320 refresh_pattern ^ftp: 10080 95% 241920 reload-into-ims override-lastmod refresh_pattern . 180 95% 120960 reload-into-ims override-lastmod redirect_rewrites_host_header off acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl local-web dst 172.16.30.2 202.95.134.138 acl gw src 172.16.30.1/255.255.255.255 acl nat src 192.168.10.0/25 192.168.10.128/27 192.168.10.160/29 acl proxy src 172.16.30.2/255.255.255.255 acl publicNet src 202.95.134.136/30 172.16.30.0/29 acl localhost src 127.0.0.1/255.255.255.255 acl noc src 192.168.10.160/29 #acl ip_blok_xxx src 192.168.10.161/255.255.255.255 acl jam_sibuk time M T W H F A 11:00-20:00 acl SSL_ports port 443 8443 563 777 acl Safe_ports port 25 80 81 110 443 563 6667 7000 777 210 119 70 21 1025-65535 acl Safe_ports port 280 6668 6669 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl CONNECT method CONNECT acl download url_regex -i ftp \.exe$ \.mp3$ \.mp4$ \.tar.gz$ \.gz$ \.tar.bz2$ \.rpm$ \.zip$ \.rar$ \.avi$ \.mpg$ \.mpeg$ \.rm$ \.iso$ \.wav$ \.mov$ \.dat$ \.mpe$ \.mid$ \.midi$ \.rmi$ \.wma$ \.wmv$ \.ogg$ \.ogm$ \.m1v$ \.mp2$ \.mpa$ \.wax$ \.m3u$ \.asx$ \.wpl$ \.wmx$ \.dvr-ms$ \.snd$ \.au$ \.aif$ \.asf$ \.m2v$ \.m2p$ \.ts$ \.tp$ \.trp$ \.div$ \.divx$ \.mod$ \.vob$ \.aob$ \.dts$ \.ac3$ \.cda$ \.vro$ \.deb$ #acl xxx url_regex "/usr/local/squid/etc/xxx.txt" #### auth user via ncsa #### #auth_param basic program /usr/local/squid/libexec/ncsa_auth /usr/local/squid/ncsa/login.auth #auth_param basic children 5 #auth_param basic realm Squid proxy-caching web server #auth_param basic credentialsttl 2 hours #auth_param basic casesensitive off #acl ncsa_users proxy_auth REQUIRED ############################ #http_access allow ncsa_users http_access allow manager localhost #http_access deny ip_blok_xxx xxx http_access allow publicNet http_access allow proxy http_access allow gw http_access allow nat http_access allow localhost http_access deny !Safe_ports http_access deny manager http_access deny CONNECT !SSL_ports http_access deny CONNECT http_access deny all always_direct allow local-web always_direct deny all ##Delay pools delay_pools 2 delay_class 1 3 delay_parameters 1 -1/-1 -1/-1 -1/-1 delay_access 1 allow proxy noc delay_access 1 deny all delay_class 2 1 delay_access 2 deny all !jam_sibuk !download delay_parameters 2 1000/120000 ################################################ maximum_object_size 128 MB maximum_object_size_in_memory 32 KB #minimum_object_size 4 KB ipcache_size 2048 ipcache_low 98 ipcache_high 99 quick_abort_min 0 quick_abort_max 0 quick_abort_pct 98 fqdncache_size 4096 shutdown_lifetime 10 seconds cache_mgr donnie@kayong.or.id cachemgr_passwd dodolmania all cache_effective_user squid cache_effective_group squid memory_pools off buffered_logs off log_icp_queries off logfile_rotate 1 icon_directory /usr/local/squid/share/icons error_directory /usr/local/squid/share/errors/English log_fqdn off forwarded_for off icp_hit_stale on query_icmp on reload_into_ims on emulate_httpd_log off negative_ttl 2 minutes pipeline_prefetch on vary_ignore_expire on half_closed_clients off high_memory_warning 512 MB high_response_time_warning 2000 high_page_fault_warning 2 visible_hostname proxy.twnetwork.lan header_access Accept-Encoding deny all