Advertisement
albspirit86

aaaa

Jun 27th, 2016
553
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 29.37 KB | None | 0 0
  1. # SQUID CONFIGURATION SQUID VERSION-3.5.xx
  2. # HTTP | HTTPS SQUID PROXY SERVER
  3. acl all src
  4. acl lan src 192.168.10.0/24
  5. http_access allow lan
  6. acl SSL_ports port 443
  7. acl SSL_ports port 5353
  8. acl Safe_ports port 21
  9. acl Safe_ports port 22
  10. acl Safe_ports port 53
  11. acl Safe_ports port 70
  12. acl Safe_ports port 80
  13. acl Safe_ports port 210
  14. acl Safe_ports port 280
  15. acl Safe_ports port 1025-65535
  16. acl Safe_ports port 443
  17. acl Safe_ports port 488
  18. acl Safe_ports port 591
  19. acl Safe_ports port 777
  20. acl Safe_ports port 5353
  21. acl Safe_ports port 18901-18909
  22. acl Safe_ports port 1818
  23. acl Safe_ports port 39190
  24. acl Safe_ports port 40000-40010
  25. acl Safe_ports port 7777
  26. acl Safe_ports port 19101
  27. acl Safe_ports port 27780
  28. acl Safe_ports port 29000
  29. acl Safe_ports port 22100
  30. acl Safe_ports port 5121
  31. acl Safe_ports port 6000-6152
  32. acl Safe_ports port 2001
  33. acl Safe_ports port 9601-9602
  34. acl Safe_ports port 8085
  35. acl Safe_ports port 11011-11041
  36. acl Safe_ports port 13413
  37. acl Safe_ports port 19000
  38. acl Safe_ports port 5105
  39. acl Safe_ports port 10009
  40. acl Safe_ports port 12060-12070
  41. acl Safe_ports port 6000-6001
  42. acl Safe_ports port 29200
  43. acl Safe_ports port 10402
  44. acl Safe_ports port 9600
  45. acl Safe_ports port 15002
  46. acl Safe_ports port 16402-16502
  47. acl Safe_ports port 5126
  48. acl Safe_ports port 3010
  49. acl Safe_ports port 11031
  50. acl Safe_ports port 11440-11460
  51. acl Safe_ports port 11100-11125
  52. acl Safe_ports port 4300
  53. acl Safe_ports port 12011
  54. acl Safe_ports port 12110
  55. acl Safe_ports port 15001
  56. acl Safe_ports port 15002
  57. acl Safe_ports port 7341
  58. acl Safe_ports port 7451
  59. acl Safe_ports port 7808
  60. acl Safe_ports port 30000
  61. acl Safe_ports port 9001
  62. acl Safe_ports port 9030
  63. acl Safe_ports port 953
  64. acl Safe_ports port 42051-42052
  65. acl Safe_ports port 36567
  66. acl Safe_ports port 8001
  67. acl Safe_ports port 14000-14050
  68. acl Safe_ports port 27019
  69. acl Safe_ports port 28901-28920
  70. acl Safe_ports port 7201-7208
  71. acl Safe_ports port 17001-17002
  72. acl Safe_ports port 14300-14440
  73. acl Safe_ports port 15100-15150
  74. acl Safe_ports port 7770-7790
  75. acl Safe_ports port 16320-16340
  76. acl Safe_ports port 9000-9160
  77. acl Safe_ports port 7200
  78. acl Safe_ports port 7400
  79. acl Safe_ports port 7106
  80. acl Safe_ports port 7999
  81. acl Safe_ports port 47611
  82. acl Safe_ports port 36567
  83. acl Safe_ports port 10087
  84. acl Safe_ports port 27000-27050
  85. acl Safe_ports port 27014-27050
  86. acl Safe_ports port 4380
  87. acl Safe_ports port 3478
  88. acl Safe_ports port 4379
  89. acl Safe_ports port 8890
  90. acl Safe_ports port 9339
  91. acl Safe_ports port 8890
  92. acl Safe_ports port 7200-7210
  93. acl Safe_ports port 7450-7460
  94. acl Safe_ports port 8000
  95. acl Safe_ports port 64990-65010
  96. acl CONNECT method CONNECT
  97. #####gogle chrome youtube#################
  98. reply_header_access Alternate-Protocol deny all
  99. acl fb dstdomain .facebook.com
  100. ssl_bump none fb
  101. # =======================================================================
  102. #acl ccboot dstdomain .ccboot.com
  103. #http_access deny ccboot
  104. #deny_info http://192.168.5.2 ccboot
  105. #####==============================================================
  106. acl hs src 192.168.10.103
  107. ssl_bump none hs
  108. #====================================================================
  109. acl skype dstdomain .skype.com
  110. acl skype dstdomain apps.skypeassets.com
  111. acl skype dstdomain login.skype.com
  112. acl skype dstdomain pipe.skype.com
  113. acl skype dstdomain secure.skype.com
  114. acl skype dstdomain config.skype.com
  115. acl skype dstdomain api.skype.com
  116. acl skype dstdomain ui.skype.com
  117. acl skype dstdomain s.gateway.messenger.live.com
  118. acl skype dstdomain get.skype.com
  119. acl skype dstdomain dsn13.d.skype.net
  120. acl skype dstdomain mobile.pipe.aria.microsoft.com
  121. acl skype dstdomain a.config.skype.com
  122. acl skype dstdomain www.skypeassets.com
  123. acl skype dstdomain dr.skype.net
  124. acl skype dstdomain apps.skype.com
  125. acl skype dstdomain api.asm.skype.com
  126. ssl_bump none skype
  127. # Lock_resol 240-360
  128. # =======================================================================
  129. #acl youtube_240 dstdomain .youtube.com
  130. #request_header_access Accept-Encoding deny youtube_240
  131. #loadable_modules /usr/local/lib/DSI_ecap_youtube.so
  132. #ecap_enable on
  133. #ecap_service ecapModifier respmod_precache \
  134. #uri=ecap://dokter-squid.com/ecap yt_quality=small
  135. #adaptation_access ecapModifier allow youtube_240
  136. #adaptation_access ecapModifier deny all
  137. # =========================================================================
  138. # ads_config
  139. # Rules to block few Advertising sites
  140. acl ads url_regex -i .googlesyndication\.com
  141. acl ads url_regex -i .doubleclick\.net
  142. acl ads url_regex -i ^http:\/\/googleads\.*
  143. acl ads url_regex -i ^http:\/\/(ad|ads|ads[0-90-9]|ads\d|kad|a[b|d]|ad\d|adserver|adsbox)\.[a-z0-9]*\.[a-z][a-z]*
  144. acl ads url_regex -i ^http:\/\/openx\.[a-z0-9]*\.[a-z][a-z]*
  145. acl ads url_regex -i ^http:\/\/[a-z0-9]*\.openx\.net\/
  146. acl ads url_regex -i ^http:\/\/[a-z0-9]*\.u-ad\.info\/
  147. acl ads url_regex -i ^http:\/\/adserver\.bs\/
  148. acl ads url_regex -i !^http:\/\/adf\.ly
  149. acl ads url_regex -i ^http:\/\/onclickads\.net
  150. acl ads url_regex -i .admtpmp124.com
  151. acl ads url_regex -i ^http:\/\/addthis\.com
  152. acl ads url_regex -i ^http:\/\/mgid\.com
  153. http_access deny ads
  154. http_reply_access deny ads
  155. deny_info https://lh4.googleusercontent.com/-OIK_ePB-nk8/VJcSIm-2XzI/AAAAAAAAAHo/UlhWMcF-ISw/w506-h750/IMG_0540.JPG ads
  156. #==== End Rules: Advertising ====
  157. acl adds dstdom_regex -i "/etc/squid/blacklist.acl"
  158. http_access deny adds
  159. deny_info https://lh4.googleusercontent.com/-OIK_ePB-nk8/VJcSIm-2XzI/AAAAAAAAAHo/UlhWMcF-ISw/w506-h750/IMG_0540.JPG adds
  160. acl stop dstdomain .mgid.com .anastasiadate.us .anastasiabeauties.com
  161. http_access deny stop
  162. # =========================================================================
  163. #####SKYPE## =========================================================================
  164. acl skype dstdomain web.skype.com
  165. acl skype dstdomain .skype.com
  166. acl skype dstdomain apps.skypeassets.com
  167. acl skype dstdomain login.skype.com
  168. acl skype dstdomain pipe.skype.com
  169. acl skype dstdomain secure.skype.com
  170. acl skype dstdomain config.skype.com
  171. acl skype dstdomain api.skype.com
  172. acl skype dstdomain ui.skype.com
  173. acl skype dstdomain s.gateway.messenger.live.com
  174. acl skype dstdomain get.skype.com
  175. acl skype dstdomain dsn13.d.skype.net
  176. acl skype dstdomain mobile.pipe.aria.microsoft.com
  177. acl skype dstdomain a.config.skype.com
  178. acl skype dstdomain www.skypeassets.com
  179. acl skype dstdomain dr.skype.net
  180. acl skype dstdomain apps.skype.com
  181. acl skype dstdomain api.asm.skype.com
  182. ssl_bump none skype
  183. ######################################################################################
  184. #url store_rewrite
  185. acl rapani_loebis url_regex -i ^https?:\/\/download[0-9]+.mediafire\.com\/.*\/\w+\/(.*)
  186. acl rapani_loebis url_regex -i ^https?:\/\/attachment\.fbsbx\.com\/file_download\.php\?id=.*$
  187. acl rapani_loebis url_regex -i \.savefrom\.net\/media\/.*\/[^\&\s]*(mp4|webm|flv|mp3|avi)
  188. acl rapani_loebis url_regex -i http:\/\/.*\.phncdn\.com\/videos\/.*\.(3gp|mp4|flv)\?
  189. acl rapani_loebis url_regex ^http:\/\/patch\.gemscool\.com\/cs\/update\/PatchData
  190. acl rapani_loebis url_regex -i \.clipconverter\.cc\/download\/.*\.(mp3|m4a|acc|mp4|3gp|avi|mov)
  191. acl rapani_loebis url_regex -i ^http:\/\/.*\.(starhub|garenanow)\.com\/.*\.exe\?
  192. acl rapani_loebis url_regex -i ^http?:\/\/(kh|mt[0-9]).google\.com\/.*\/pb
  193. acl rapani_loebis url_regex -i ^https?:\/\/(kh|khmdb).google\.com\/flatfile\?
  194. acl rapani_loebis url_regex -i \.(google|gvt[0-9])\.com\/(edgedl|crx)\/.*\.(exe|msi|crx|bdic)\?
  195. acl rapani_loebis url_regex -i ^http:\/\/update[0-9]\.netmarble\.co\.id\/.*\?
  196. acl rapani_loebis url_regex -i \.mozilla\.(net|org)\/.*\.(mar|exe|msi)$
  197. acl rapani_loebis url_regex -i ^http:\/\/[^\/]*\/depot\/[^\/]*\/chunk
  198. acl rapani_loebis url_regex -i ^https?:\/\/.*\.gstatic\.com\/images\?q=
  199. acl rapani_loebis url_regex -i \.avg\.com\/.*\/update\/.*\.(ctf|bin)
  200. acl rapani_loebis url_regex -i \.sndcdn\.com\/.*\.(mp3|mp4)\?
  201. acl rapani_loebis url_regex ^http.*\/v3-eval-sta\/.*\.nup
  202. acl rapani_loebis url_regex -i ^http?.*\/__utm.gif\?
  203. acl rapani_loebis url_regex -i \.avast\.com\/.*\.vpx
  204. #########################----------------------------------------
  205. acl storeid-helper url_regex -i ^http.*(media[0-9]*|client.*)\.steampowered\.com\/(client|public)\/([^\&\s]*)($|\?.*)
  206. acl storeid-helper url_regex -i ^http.*valve[0-9]*\.cs\.steampowered\.com\/([^\/]*\/[0-9]*)\/chunk\/([^\&\s]*)
  207. acl storeid-helper url_regex -i ^http.*cdn.*\.cs\.steampowered\.com\/([^\/]*\/[0-9]*)\/chunk\/([^\&\s]*)\?.*
  208. ##################################
  209. store_id_access allow storeid-helper
  210. store_id_access allow rapani_loebis
  211. # xigncode PB_Garena
  212. # =========================================================================
  213. acl xigncode url_regex -i ^http.*xigncode.*
  214. store_miss deny xigncode
  215. send_hit deny xigncode
  216.  
  217. acl NOCACHE urlpath_regex \.xem \.xrl \.rev
  218. no_cache deny NOCACHE
  219.  
  220. # ==========================================================================
  221. # config_GAME
  222. # ==========================================================================
  223. # dota2
  224. acl store_rewrite_list url_regex -i \.steampowered\.com/(.*)
  225. acl store_rewrite_list url_regex -i \.edgesuite\.net/(.*)
  226.  
  227. # PARTIAL GARENA
  228. acl partial_garena url_regex -i .*\.garenanow.com\/.*\.(dll|xml|exe|version|jpg|png|bmp)$
  229. acl partial_garena url_regex -i .*\.cdn.starhub.com\/.*\.exe?.*
  230. refresh_pattern -i .*edge.cdn.starhub.com\/.* 1440 40% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
  231. refresh_pattern -i .*cdn.garenanow.com\/.* 1440 40% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
  232.  
  233. # partial206 coba²
  234. acl rolpartial url_regex -i ^http.*garena.*patcher.*\?.*
  235. acl rolpartial url_regex -i ^https?\:\/\/patch\.gemscool\.com\/th\/patch\/.*
  236. acl rolpartial url_regex -i ^https?\:\/\/update\.netmarble\.co\.id\/Elsword\/Patch/.*
  237. #=============================================================================
  238. #=============================================================================
  239. # ACCESS RULES
  240. http_access deny !Safe_ports
  241. http_access deny CONNECT !SSL_ports
  242. # http_access deny iklan
  243. http_access allow all
  244. http_reply_access allow all
  245.  
  246. # LISTENING PORT SQUID
  247. https_port 3127 tproxy ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/ssl_certs/squid.crt key=/etc/squid/ssl_certs/squid.key cipher=ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:AES128-SHA:RC4-SHA:HIGH:!aNULL:!MD5:!ADH
  248. http_port 3128
  249. http_port 3129 tproxy
  250.  
  251. # CONNECTION HANDLING
  252. qos_flows local-hit=0x30
  253. collapsed_forwarding on
  254. balance_on_multiple_ip on
  255. detect_broken_pconn on
  256. client_persistent_connections off
  257. server_persistent_connections on
  258.  
  259. # DNS OPTIONS
  260. #dns_packet_max 4096
  261. #dns_defnames on
  262. #dns_v4_first on
  263. dns_nameservers 127.0.0.1 192.168.5.2
  264. connect_retries 2
  265. negative_dns_ttl 1 second
  266. range_offset_limit none rolpartial
  267. range_offset_limit 1 KB !rolpartial
  268. range_offset_limit 0
  269. quick_abort_min 0
  270. quick_abort_max 0
  271. quick_abort_pct 80
  272. ipcache_low 98
  273. ipcache_high 99
  274. ipcache_size 10024
  275. fqdncache_size 7048
  276. pipeline_prefetch 0
  277.  
  278. # MISCELEANOUS
  279. memory_pools off
  280. reload_into_ims on
  281. max_filedescriptors 65536
  282.  
  283. # CACHE MANAGEMENT
  284. cache_mem 1024 MB
  285. maximum_object_size_in_memory 128 KB
  286. memory_replacement_policy heap GDSF
  287. cache_effective_group proxy
  288. cache_effective_user proxy
  289. cache_dir aufs /cache/cache 70000 16 256
  290. coredump_dir /cache/cache
  291. cache_mgr proxy-server
  292. visible_hostname proxy-server
  293. minimum_object_size 0 KB
  294. maximum_object_size 1 GB
  295. read_ahead_gap 64 KB
  296. cache_replacement_policy heap LFUDA
  297. store_dir_select_algorithm least-load
  298. cache_swap_low 90
  299. cache_swap_high 95
  300.  
  301. # LOG FILE OPTIONS
  302. acl log method CONNECT
  303. logfile_daemon /usr/lib/squid/log_file_daemon
  304. access_log daemon:/var/log/squid/access.log !CONNECT
  305. cache_log /var/log/squid/cache.log
  306. cache_store_log /var/log/squid/store.log
  307. debug_options ALL,1 22,3
  308. cache_store_log none
  309. logfile_rotate 3
  310. pid_filename /var/run/squid.pid
  311. ########## KONFIGURIMI I RI #####
  312. acl store-id-pl url_regex -i ^http.*\.(fbcdn|akamaihd)\.net\/h(profile|photos).*[\d\w].*\/([\w]\d+x\d+\/.*\.[\d\w]{3}).*
  313. acl store-id-pl url_regex -i ^http(.*)static(.*)(akamaihd|fbcdn).net\/rsrc.php\/(.*\/.*\/(.*).(js|css|png|gif))(\?(.*)|$)
  314. acl store-id-pl url_regex -i ^https?:\/\/[a-zA-Z0-9\-\_\.\%]*(fbcdn|akamaihd)[a-zA-Z0-9\-\_\.\%]*net\/rsrc\.php\/(.*)
  315. acl store-id-pl url_regex -i ^https?\:\/\/.*(profile|photo|creative).*\.ak\.fbcdn\.net\/((h|)(profile|photos)-ak-)(snc|ash|prn)[0-9]?(.*)
  316. acl store-id-pl url_regex -i ^https?:\/\/.*(profile|photo|creative)*.akamaihd\.net\/((h|)(profile|photos|ads)-ak-)(snc|ash|prn|frc[0-9])[0-9]?(.*)
  317. acl store-id-pl url_regex -i ^https?\:\/\/video\.(.*)\.fbcdn\.net\/(.*?)\/([0-9_]+\.(mp4|flv|avi|mkv|m4v|mov|wmv|3gp|mpg|mpeg)?)(.*)
  318. acl store-id-pl url_regex -i ^https?\:\/\/.*utm.gif.*
  319. acl store-id-pl url_regex -i ^https?\:\/\/.*\/speedtest\/(.*\.(jpg|txt)).*
  320. acl store-id-pl url_regex -i ^https?\:\/\/.*\/(.*\..*(mp4|3gp|flv))\?.*
  321. acl store-id-pl url_regex -i ^https?\:\/\/c2lo\.reverbnation\.com\/audio_player\/ec_stream_song\/(.*)\?.*
  322. acl store-id-pl url_regex -i ^https?\:\/\/.*\.c\.android\.clients\.google\.com\/market\/GetBinary\/GetBinary\/(.*\/.*)\?.*
  323. acl store-id-pl url_regex -i ^http:\/\/([a-z])[0-9]?(\.gstatic\.com.*|\.wikimapia\.org.*)
  324. acl store-id-pl url_regex -i ^https://www.google.co(.id|m)/images/.*.(jpg|jpeg|swf|png|gif|bmp|js|css)
  325. acl store-id-pl url_regex -i ^https?:\/\/.*(googleusercontent.com|blogspot.com)\/(.*)\/([a-z0-9]+)(-[a-z]-[a-z]-[a-z]+)?\/(.*\.(jpg|png))
  326. acl store-id-pl url_regex -i ^https?:\/\/([a-z0-9.]*)(\.doubleclick\.net|\.quantserve\.com|.exoclick\.com|interclick.\com|\.googlesyndication\.com|\.auditude\.com|.visiblemeasures\.com|yieldmanager|cpxinteractive)(.*)
  327. acl store-id-pl url_regex -i ^http\:\/\/.*\.4shared\.com\/download\/(.*)\/.*
  328. acl store-id-pl url_regex -i ^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*?)
  329. #acl store-id-pl url_regex -i ^https?\:\/\/i[1-4]\.ytimg\.com\/(.*)
  330. #acl store-id-pl url_regex -i ^https?\:\/\/lh[0-9]?.ggpht.com\/(.*?)\/(.*?)\/(.*?)\/(.*)\/(.*)?$
  331. acl store-id-pl url_regex -i filehippo && ^https?:\/\/(.*?)\.(.*?)\/(.*?)\/(.*)\.([a-z0-9]{3,4})(\?.*)?
  332. acl store-id-pl url_regex -i ^http:\/\/.*dlink__[23]Fdownload_[23]F([\w\d-]+)_3Ftsid.*
  333. acl store-id-pl url_regex -i ^https?\:\/\/[^\/]*\.vimeo[^\/]*\.com.*\/([[^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg|web))\?.*
  334. acl store-id-pl url_regex -i c.android.clients.google.com.market.GetBinary.GetBinary.*
  335. acl store-id-pl url_regex -i youtube.*(ptracking|stream_204|player_204|gen_204).*$
  336. acl store-id-pl url_regex -i ^https:\/\/.*\.(googlevideo)\.com\/(watch|get_video|videodownload|videoplayback|videoplay|generate_204|videogoodput)\?.*
  337. acl store-id-pl-path urlpath_regex \/(get_video\?|videodownload\?|videoplayback.*id)
  338. acl store-id-pl-path urlpath_regex \/ads\?
  339. acl store-id-pl-path urlpath_regex \.(mp2|mp3|mid|midi|mp[234]|wav|ram|ra|rm|au|3gp|m4r|m4a)\?
  340. acl store-id-pl-path urlpath_regex \.(mpg|mpeg|mp4|m4v|mov|avi|asf|wmv|wma|dat|flv|swf)\?
  341. acl store-id-pl-path urlpath_regex \.(jpeg|jpg|jpe|jp2|gif|tiff?|pcx|png|bmp|pic|ico)\?
  342. acl store-id-pl url_regex ^http:\/\/([A-Za-z-]+[0-9]+)*\.[A-Za-z]*\.[A-Za-z]*
  343. acl store-id-pl_CDN url_regex ^http:\/\/[a-z]+[0-9]\.google\.com doubleclick\.net
  344. acl youtubeaset url_regex -i ^https?\:\/\/(.*\.*ytimg\.com.*\/)(\.?.*).*
  345. acl youtubeaset url_regex -i ^https?\:\/\/(.*\.*ggpht.com.*\/)(\.?.*).*
  346. store_id_access allow youtubeaset
  347. store_id_access allow store-id-pl
  348. store_id_access allow store-id-pl-path
  349. store_id_access deny !CONNECT
  350. store_id_access allow all
  351. ##### END ###
  352.  
  353. # FILTERING HTTPS
  354. #acl 1 dstdomain .fbcdn.net .akamaihd.net .fbsbx.com
  355. #acl 2a dstdomain .mahadana.com .mql4.com .metaquotes.net
  356. #acl 2 url_regex -i ^https?:\/\/attachment\.fbsbx\.com\/.*\?(id=[0-9]*).*
  357. #acl 2 url_regex -i \.fbsbx\.com\/.*\/(.*\.(unity3d|pak|zip|exe|dll|jpg|png|gif|swf)/)$
  358. #acl 2 url_regex -i ^https?:\/\/.*\.ytimg\.com(.*\.(webp|jpg|gif))
  359. #acl 2 url_regex -i ^https?:\/\/([^\.]*)\.yimg\.com\/(.*)
  360. #acl 2 url_regex -i ^https?:\/\/.*\.gstatic\.com\/images\?q=tbn\:(.*)
  361. #acl 2 url_regex -i ^https?:\/\/.*\.reverbnation\.com\/.*\/(ec_stream_song|download_song_direct|stream_song)\/([0-9]*).*
  362. #acl 2 url_regex -i ^https?:\/\/([a-z0-9.]*)(\.doubleclick\.net|\.quantserve\.com|.exoclick\.com|interclick.\com|\.googlesyndication\.com|\.auditude\.com|.visiblemeasures\.com|yieldmanager|cpxinteractive)(.*)
  363. #acl 2 url_regex -i ^https?:\/\/(.*?)\/(ads)\?(.*?)
  364. #acl 2 url_regex -i ^https?:\/\/.*steampowered\.com\/.*\/([0-9]+\/(.*))
  365. #acl 3 url_regex -i ^https?:\/\/(.*?)\/speedtest\/.*\.(jpg|txt|png|gif|swf)\?.*
  366. #acl 3 url_regex -i speedtest\/.*\.(jpg|txt|png|gif|swf)\?.*
  367. #acl 4 url_regex -i reverbnation.*audio_player.*ec_stream_song.*$
  368. #acl 5 url_regex -i utm.gif.*
  369. #acl 6 url_regex -i c.android.clients.google.com.market.GetBinary.GetBinary.*
  370. #acl 7 url_regex -i youtube.*(ptracking|stream_204|player_204|gen_204).*$
  371. #acl 7 url_regex -i \.c\.(youtube|google)\.com\/(get_video|videoplayback|videoplay).*$
  372. #acl 7 url_regex -i (youtube|google).*\/videoplayback\?.*
  373. #acl 8 http_status 302
  374. ## Youtube####=======================================================
  375. #acl store_url url_regex -i (youtube|googlevideo|docs.google|video.google).*videoplayback\?.*
  376. #acl loop_302 http_status 302
  377. #acl loop_mime rep_mime_type text/html
  378. #acl loop_mime rep_mime_type text/plain
  379. #acl getmethod method GET
  380.  
  381. #store_miss deny store_url loop_302
  382. #store_miss deny store_url loop_mime
  383. #send_hit deny store_url loop_302
  384. #send_hit deny store_url loop_mime
  385.  
  386. #################################
  387. acl loopyt http_status 302
  388. acl loop rep_mime_type -i mime-type ^text/html
  389. acl loop rep_mime_type -i mime-type ^text/plain
  390. store_miss deny loopyt
  391. send_hit deny loopyt
  392. store_miss deny loop
  393. send_hit deny loop
  394.  
  395. ssl_bump splice localhost
  396. acl 9 at_step SslBump1
  397. acl 10 at_step SslBump2
  398. acl 11 at_step SslBump3
  399. ssl_bump peek 9 all
  400. ssl_bump stare 10 all
  401. ssl_bump splice 11 all
  402.  
  403. sslcrtd_program /usr/lib/squid/ssl_crtd -s /etc/squid/ssl_db -M 4MB
  404. sslcrtd_children 16 startup=1 idle=1
  405. sslproxy_capath /etc/ssl/certs
  406. sslproxy_cert_error allow all
  407. sslproxy_flags DONT_VERIFY_PEER #this line fixing www.gmail.com, mail.yahoo.com for some errors
  408. sslproxy_flags NO_SESSION_REUSE
  409. always_direct allow all
  410. ssl_unclean_shutdown on
  411.  
  412. # STORE ID
  413. store_id_program /usr/bin/perl /etc/squid/store-id.pl
  414. store_id_children 10 startup=5 idle=2 concurrency=10
  415. #store_id_access allow 1
  416. #store_id_access allow 2
  417. #store_id_access allow 3
  418. #store_id_access allow 4
  419. #store_id_access allow 5
  420. #store_id_access allow 6
  421. #store_id_access allow 7
  422. #store_miss deny 7 8
  423. #send_hit deny 7 8
  424. #store_id_access deny all
  425.  
  426. # TUNNING CACHE
  427. #max_stale 1 years
  428. max_stale 2 weeks
  429. vary_ignore_expire on
  430. shutdown_lifetime 10 seconds
  431.  
  432. # REFRESH PATTERN
  433. #### Old #####
  434. refresh_pattern -i \.steampowered\.com\/(.*)\/ 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale
  435. refresh_pattern -i \.edgesuite\.net\/(.*)\/ 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale
  436. refresh_pattern -i ^http:\/\/(.*\.*\.gemscool\.com)\/.*\/.*\/(.*iop?) 10080 40% 10080 ignore-reload override-expire override-lastmod ignore-must-revalidate ignore-private ignore-no-store ignore-auth store-stale
  437. refresh_pattern -i ^http:\/\/(.*\.*\.gemscool\.com)\/.*\/.*\/(.*zip?) 10080 40% 10080 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
  438. refresh_pattern -i https?:\/\/.*\.xx\.fbcdn\.net\/.*\.(jpg|png) 43830 99% 259200 override-expire override-lastmod ignore-reload
  439. refresh_pattern static\.(xx|ak)\.fbcdn\.net*\.(jpg|gif|png) 241920 99% 241920 ignore-reload override-expire ignore-no-store
  440. refresh_pattern ^https?\:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png) 241920 99% 241920 ignore-reload override-expire ignore-no-store
  441. refresh_pattern (akamaihd|fbcdn)\.net 14400 99% 518400 ignore-no-store ignore-private ignore-reload ignore-must-revalidate store-stale
  442. refresh_pattern (audio|video)\/(webm|mp4) 129600 99% 129600 ignore-reload override-expire override-lastmod ignore-must-revalidate ignore-private ignore-no-store ignore-auth store-stale
  443. refresh_pattern -i \/speedtest\/.*\.(txt|jpg|png|swf) 0 99% 14400 override-expire ignore-reload ignore-private ignore-reload override-lastmod reload-into-ims
  444. refresh_pattern -i reverbnation.com 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private ignore-must-revalidate ignore-reload store-stale
  445. #refresh_pattern -i (yimg|twimg)\.com\.* 1440 100% 129600 override-expire ignore-reload reload-into-ims
  446. #refresh_pattern -i (ytimg|ggpht)\.com\.* 1440 80% 129600 override-expire override-lastmod ignore-auth ignore-reload reload-into-ims
  447. refresh_pattern -i ^https?\:\/\/(.*\.*ytimg\.com.*\/)(\.?.*).* 432000 100% 432000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-store ignore-private ignore-auth ignore-must-revalidate
  448. refresh_pattern -i ^https?\:\/\/(.*\.*ggpht.com.*\/)(\.?.*).* 432000 100% 432000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-store ignore-private ignore-auth ignore-must-revalidate
  449. ####################################
  450. refresh_pattern -i (get_video\?|videoplayback\?|videodownload\?|\.mp4|\.webm|\.flv|((audio|video)\/(webm|mp4))) 241920 100% 241920 override-expire ignore-reload ignore-private ignore-no-store ignore-must-revalidate reload-into-ims ignore-auth store-stale
  451. refresh_pattern -i ^https?\:\/\/.*\.googlevideo\.com\/videoplayback.* 10080 99% 43200 override-lastmod override-expire ignore-reload reload-into-ims ignore-private reload-into-ims ignore-auth store-stale
  452. refresh_pattern ^\.*(streamate.doublepimp.com.*\.js\?|utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 1440 99% 14400 ignore-private override-expire ignore-reload ignore-auth max-stale=1440
  453. refresh_pattern \.(ico|video-stats) 1440 99% 14400 override-expire ignore-reload ignore-private ignore-auth override-lastmod ignore-must-revalidate
  454. refresh_pattern ^http://((cbk|mt|khm|mlt|tbn)[0-9]?)\.google\.co(m|\.uk|\.id) 1440 99% 14400 override-expire override-lastmod ignore-reload ignore-private ignore-auth ignore-must-revalidate
  455. refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\? 1440 99% 14400 override-expire override-lastmod
  456. refresh_pattern galleries\.video(\?|sz) 1440 99% 14400 override-expire ignore-reload ignore-must-revalidate ignore-private
  457. refresh_pattern \.wikimapia\.org\/? 1440 99% 14400 override-expire override-lastmod ignore-reload ignore-private
  458. refresh_pattern -i (livescore.com|goal.com|bobet) 0 50% 60
  459. refresh_pattern (photobucket|pbsrc|flickr|yimg|ytimg|twimg|gravatar)\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 1440 99% 14400 override-expire ignore-reload ignore-private
  460. refresh_pattern (zynga|topeleven|ninjasaga|mafiawars|cityville|farmville|crowdstar|spilcdn|agame|popcap)\.com/.* 1440 99% 14400 override-expire ignore-reload ignore-private
  461. refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 10080 80% 10080 override-expire override-lastmod reload-into-ims
  462. refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar|iop|nzp|pak|mar|msp) 10080 80% 10080 override-expire override-lastmod reload-into-ims ignore-reload
  463. refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 10080 80% 10080 override-expire override-lastmod reload-into-ims
  464. refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob|webm) 10080 80% 10080 override-expire override-lastmod reload-into-ims
  465. refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 10080 80% 10080 override-expire override-lastmod reload-into-ims
  466. refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|cup|dvr-ms|ram|rpm|exe|inc|cab|qt) 10080 100% 43800 override-expire override-lastmod ignore-reload ignore-no-store ignore-private ignore-auth ignore-must-revalidate store-stale
  467. refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar|pak|cup) 10080 100% 43800 override-expire override-lastmod ignore-reload ignore-no-store ignore-private ignore-auth ignore-must-revalidate store-stale
  468. refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 10080 100% 43800 override-expire override-lastmod ignore-reload ignore-no-store ignore-private ignore-auth ignore-must-revalidate store-stale
  469. refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 10080 100% 43800 override-expire override-lastmod ignore-reload ignore-no-store ignore-private ignore-auth ignore-must-revalidate store-stale
  470. refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 10080 100% 43800 override-expire override-lastmod ignore-reload ignore-no-store ignore-private ignore-auth ignore-must-revalidate store-stale
  471. refresh_pattern -i .(html|htm|css|js|xml)$ 1440 75% 40320
  472. refresh_pattern -i .index.(html|htm)$ 0 75% 43800
  473. refresh_pattern -i ^http.*squid\.internal.* 43200 100% 799000 override-expire override-lastmod ignore-reload ignore-no-store ignore-must-revalidate ignore-private ignore-auth
  474.  
  475. #KEEP THESE LINES AT BOTTOM OF CONFIGURATION
  476. #refresh_pattern ^ftp: 1440 20% 10080
  477. #refresh_pattern ^gopher: 1440 0% 1440
  478. #refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
  479. #refresh_pattern . 0 20% 4320
  480. ##### new #####
  481. #refresh_pattern ^ftp: 1440 20% 10080
  482. #refresh_pattern ^gopher: 1440 0% 1440
  483. #refresh_pattern youtube.*videoplay 14400 90% 24400 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private
  484. #refresh_pattern youtube.*get_video 14400 90% 24400 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private
  485. #refresh_pattern google.*videoplay 14400 90% 24400 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private
  486. #refresh_pattern googlevideo.*get_video 14400 90% 24400 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private
  487. #refresh_pattern ytimg\.com\/.*\.(jpg|jpeg|gif|png|ico|mp3|flv|mp4) 14400 90% 24400 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private
  488. #refresh_pattern (mt|kh|pap).*\.google\.com 14400 90% 24400 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private ignore-auth
  489. #refresh_pattern (mt|kh|pap).*\.googleapis\.com 14400 90% 24400 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private ignore-auth
  490. #refresh_pattern s\d+\.dotua\.org\/fsua_items.*\.(jpg|jpeg|gif|png|ico|mp3|flv|mp4) 14400 90% 24400 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private ignore-auth
  491. refresh_pattern .*static\.video\.yandex\.ru\/swf\/.*&r=.* 14400 90% 24400 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private ignore-auth
  492. refresh_pattern vec.*\.maps\.yandex\.net\/tiles\? 14400 90% 20080 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private ignore-auth
  493. refresh_pattern static.*\.maps\.yandex\. 14400 90% 20080 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private ignore-auth
  494. refresh_pattern pvec.*\.maps\.yandex\.net 14400 90% 20080 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private ignore-auth
  495. refresh_pattern lrs\.maps\.yandex\.net\/tiles\? 14400 90% 20080 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private ignore-auth
  496. refresh_pattern yandex\.st\/.*(jpg|jpeg|gif|png|ico|mp3|flv|mp4) 14400 90% 20080 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private ignore-auth
  497. refresh_pattern static\.video\.yandex\.net\/.*(jpg|jpeg|gif|png|ico|mp3|flv|mp4).* 14400 90% 20080 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private ignore-auth
  498. #refresh_pattern .*ecn\.dynamic.*\.tiles\.virtualearth\.net\/comp 14400 90% 20080 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private
  499. #refresh_pattern fbcdn\.net.*\.(jpg|jpeg|gif|png|ico|mp3|flv) 14400 90% 20080 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private
  500. #refresh_pattern static\.ak\.fbcdn\.net.*\.(jpg|jpeg|gif|png|ico|mp3|flv) 14400 90% 20080 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private
  501. refresh_pattern (st|cs)\d+\.vk\.me\/.*\.(jpg|jpeg|gif|png|ico|mp3|flv|mp4) 14400 90% 20080 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private
  502. #refresh_pattern img\d+.slando\.ua\/.*\.(jpg|jpeg|gif|png|ico|mp3|flv) 14400 90% 20080 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private
  503. #refresh_pattern .*s\d*\.staticclassifieds\.com\/static 14400 90% 20080 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private
  504. refresh_pattern \.vkadre\.ru\/assets\/.*\.(jpg|jpeg|gif|png|ico|mp3|flv|mp4) 14400 90% 20080 ignore-no-cache override-expire override-lastmod ignore-reload ignore-private
  505. refresh_pattern .*\.(css)$ 1440 90% 1440 ignore-no-cache override-expire override-lastmod ignore-private
  506. refresh_pattern .*\.(js)$ 1440 90% 1440 ignore-private
  507. refresh_pattern -i (/cgi-bin/|\?) 10 20% 120
  508. refresh_pattern . 10 20% 4320
  509. # see also refresh_pattern for a more selective approach.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement