squid high performance configuration II

Wew… masih ada lagi neh! Lanjuttttttttttttttt………………….

#============================================================$
# WELCOME TO SQUID 2 HIGH PERFORMANCES
#============================================================$

http_port 8080
http_port 3128
#http_port 80
icp_port 3130

#============================================================$
# TAG: hierarchy_stoplist
# A list of words which, if found in a URL, cause the object to
# be handled directly by this cache. In other words, use this
# to not query neighbor caches for certain objects. You may
# list this option multiple times.
#
#We recommend you to use at least the following line.
#============================================================$
hierarchy_stoplist cgi-bin ? .js .jsp .g .do .php .asp .cgi localhost visicom indosat.net.id
acl QUERY urlpath_regex cgi-bin \? .js .jsp .g .do .php .asp .cgi localhost visicom indosat.net.id
no_cache deny QUERY
#============================================================$

#============================================================$
# OPTIONS WHICH AFFECT THE CACHE SIZE
#============================================================$
cache_mem 4 MB
maximum_object_size 10 MB
maximum_object_size_in_memory 32 KB
cache_swap_low 98%
cache_swap_high 99%
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
high_memory_warning 70 MB
ipcache_size 4096
ipcache_low 98
ipcache_high 99
#============================================================$
# LOGFILE PATHNAMES AND CACHE DIRECTORIES
#============================================================$
cache_dir diskd /var/spool/squid 2000 8 256
cache_access_log /var/log/squid/access.log
cache_log /dev/null
cache_store_log /dev/null
mime_table /usr/share/squid/mime.conf
pid_filename /var/run/squid.pid
log_fqdn off
log_icp_queries off
buffered_logs off
emulate_httpd_log off

#============================================================$
# FTP section
#============================================================$
ftp_passive on
ftp_sanitycheck on

#============================================================$
# DNS resolution section
#============================================================$
dns_nameservers 127.0.0.1 202.155.0.20 202.155.0.10

#============================================================$
# Filesystem section
#============================================================$
diskd_program /usr/lib/squid/diskd

#============================================================$
# AUTH section
#============================================================$
#auth_param basic children 5
#auth_param basic realm Squid proxy-caching web server
#auth_param basic credentialsttl 2 hours
#auth_param basic casesensitive off

#============================================================$
# Refresh Rate
#============================================================$
refresh_pattern \.gif 4320 50% 43200
refresh_pattern \.jpg 4320 50% 43200
refresh_pattern \.tif 4320 50% 43200
refresh_pattern \.png 4320 50% 43200
refresh_pattern \.jpeg 4320 50% 43200
refresh_pattern ^http://www.friendster.com/.* 720 100% 4320
refresh_pattern ^http://mail.yahoo.com/.* 720 100% 4320
refresh_pattern ^http://*.yahoo.*/.* 720 100% 4320
refresh_pattern ^http://*.yimg.*/.* 720 100% 4320
refresh_pattern ^http://*.gmail.*/.* 720 100% 4320
refresh_pattern ^http://*.google.*/.* 720 100% 4320
refresh_pattern ^http://*korea.*/.* 720 100% 4320
refresh_pattern ^http://*.akamai.*/.* 720 100% 4320
refresh_pattern ^http://*.windowsmedia.*/.* 720 100% 4320
refresh_pattern ^http://*.googlesyndication.*/.* 720 100% 4320
refresh_pattern ^http://*.plasa.*/.* 720 100% 4320
refresh_pattern ^http://*.telkom.*/.* 720 100% 4320
refresh_pattern ^ftp: 10080 95% 40320 reload-into-ims override-lastmod
refresh_pattern . 0 20% 4320 reload-into-ims override-lastmod

quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 100%

#============================================================$
# ACL section
#============================================================$
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localnet src 192.168.2.0/28 192.168.3.0/28 219.83.82.208/28
acl localhost src 127.0.0.1/255.255.255.255
acl our_networks src 192.168.2.0/28 192.168.3.0/28 219.83.82.208/28
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 # https, snews
#acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
#acl Safe_ports port 280 # http-mgmt
#acl Safe_ports port 488 # gss-http
#acl Safe_ports port 591 # filemaker
#acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
always_direct allow localnet localhost our_networks
always_direct deny all
http_access allow manager all
http_access deny !Safe_ports
http_access allow purge localhost
http_access deny purge
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow localnet
http_access allow our_networks
http_access deny all
http_reply_access allow all
icp_access allow all
reply_body_max_size 0 allow all
cache_mgr iwellbc@gmail.com
visible_hostname visicom
header_access Accept-Encoding deny all

#============================================================$
# Transparent proxy setting
#============================================================$
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
httpd_accel_no_pmtu_disc on
httpd_accel_single_host off
half_closed_clients off
#forwarded_for on

#============================================================$
# MISCELLANEOUS
#============================================================$
logfile_rotate 3
negative_ttl 2 minutes
#digest_rebuild_period 30 minute
#digest_rewrite_period 30 minute
#digest_swapout_chunk_size 4096 bytes
client_persistent_connections on
server_persistent_connections on
pipeline_prefetch on
vary_ignore_expire on
reload_into_ims on
store_dir_select_algorithm round-robin
nonhierarchical_direct off
prefer_direct off
memory_pools off
shutdown_lifetime 10 seconds
cachemgr_passwd proxy all
ie_refresh on
cache_effective_user proxy
cache_effective_group proxy

#############################################################

di-copas dari Walecha’s LinuX

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: