konfigurasi proxy

konfigurasi proxy
#     NETWORK 0PTIONS
# – – – – – – – – – – –
http_port 10.10.10.4:3128 transparent
icp_port 0

# OPTIONS WHICH AHIOI ALL CACHE 01/1
# – – – – – – – – – — –
cache_mem 8 MB

cahce_swap_low 90
cache_swap_high 95

maximum_object_size 40 MB

minimum_object_size 0 KB
maximum_object_size_in_memory 16 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fgdncache_size 1024

cache_replacement_policy heap LFUDA
memory_replacement_policy heap LFUDA

# LOGFILE PATHNAMES AND CACHE DIRECTORIES
# – – – – – – – – – –
cache_dir diskd /cache1 21000 16 256 01=72 02=64
cache_dir diskd /cache2 21000 16 256 01=72 02=64

cache_access_log /var/log/squid/access.log
cache_log none
cache_store__log none
#cache_swap_log /var_spool/squid
#pid_filename /var/spool/squid/squid.pia

log_ip_on_direct on
mime_table /etc/squid/mime.conf
__________________________________________________________________
log_mime_hdrs off
#referer_log

debug_options ALL.1
log_fqdn off
client_netmask 255.255.255.255

# OPTIONS FOR EXTERNAL SUPPORT PROGRAMS
# – – – – – – – – – – – – – –

ftp_user Squid@
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

# OPTIONS FOR TUNING THE CACHE
# – – – – – – – – – – – – – – – – –

request_header_max_size 15 KB
request_body_max_size 10 MB

refresh_pattern -1 cgi-bin   1     20% 2
refresh_pattern -1 \?        1     20% 2

refresh_pattern -i \.asp$         4800   50%  22160
refresh_pattern -i \.acgi$        4800   50%  22160
refresh_pattern -i \.cgi$         4800   50%  22160
refresh_pattern -i \.shtml$       4800   50%  22160
refresh_pattern -i \.php3$        4800   50%  22160
refresh_pattern -i \.pl$          4800   50%  22160
refresh_pattern -i \.bom\.gov\.au   30   20%  120
refresh_pattern -i \.html$        4800   50%  22160
refresh_pattern -i \.htm$         4800   50%  22160
refresh_pattern -i \.gif$         22160  95%  43260
refresh_pattern -i \.jpg$         22160  95%  120960
refresh_pattern -i \.class$       10080  90%  43200
refresh_pattern -i \.zip$         22160  95%  43200
refresh_pattern -i \.jpeg$        22160  95%  120960
refresh_pattern -i \.mid$         22160  95%  120960
refresh_pattern -i \.exe$         22160  95%  120960
refresh_pattern -i \.thm$         10080  90%  43200
refresh_pattern -i \.wav$         22160  95%  120960
refresh_pattern -i \.txt$         22160  95%  43200
refresh_pattern -i \.cab$         22160  95%  120960
refresh_pattern -i \.au$          22160  95%  120960
refresh_pattern -i \.mov$         22160  95%  120960
refresh_pattern -i \.xbm$         10080  90%  43200
refresh_pattern -i \.ram$         22160  95%  120960
refresh_pattern -i \.avi$         22160  95%  120960
refresh_pattern -i \.chtml$       4800   90%  22160
refresh_pattern -i \.thb$         10080  90%  43200
refresh_pattern -i \.dcr$         22160  95%  43200
refresh_pattern -i \.bmp$         22160  95%  120960
refresh_pattern -i \.phtml$       4800   50%  22160
refresh_pattern -i \.mpg$         22160  95%  120960
refresh_pattern -i \.pdf$         22160  95%  120960
refresh_pattern -i \.art$         10080  90%  43200
refresh_pattern -i \.swf$         22160  95%  43200
refresh_pattern -i \.mp3$         22160  98%  120960
refresh_pattern -i \.ra$          10080  95%  120960
refresh_pattern -i \.spl$         10080  90%  43200
refresh_pattern -i \.viv$         10080  95%  120960

refresh_pattern -i \.goc$         22160  95%  43200
refresh_pattern -i \.gz$          22160  95%  120960
refresh_pattern -i \.Z$           22160  95%  120960
refresh_pattern -i \.tgz$         22160  95%  120960
refresh_pattern -i \.tar$         22160  95%  120960
refresh_pattern -i \.vrm$         10080  90%  43200
refresh_pattern -i \.vrml$        10080  90%  43200
refresh_pattern -i \.aif$         10080  95%  43200
refresh_pattern -i \.aifc$        10080  90%  43200
refresh_pattern -i \.aiff$        10080  90%  43200
refresh_pattern -i \.arj$         10080  90%  43200
refresh_pattern -i \.c$           10080  90%  43200
refresh_pattern -i \.cpt$         10080  90%  43200
refresh_pattern -i \.dir$         10080  90%  43200
refresh_pattern -i \.dxr$         10080  90%  43200
refresh_pattern -i \.hqx$         10080  90%  43200
refresh_pattern -i \.jpe$         22160  95%  120960
refresh_pattern -i \.lha$         22160  95%  120960
refresh_pattern -i \.lzh$         22160  95%  120960
refresh_pattern -i \.midi$        22160  95%  120960
refresh_pattern -i \.movie$       22160  95%  120960
refresh_pattern -i \.mp2$         22160  95%  120960
refresh_pattern -i \.mpe$         22160  95%  120960
refresh_pattern -i \.mpeg$        22160  95%  120960
refresh_pattern -i \.mpga$        10080  95%  120960
refresh_pattern -i \.pl$          10080  90%  43200
refresh_pattern -i \.ppt$         22160  95%  120960
refresh_pattern -i \.ps$          10080  95%  43200
refresh_pattern -i \.qt$          22160  95%  120960
refresh_pattern -i \.qtm$         22160  95%  120960
refresh_pattern -i \.ras$         10080  90%  43200
refresh_pattern -i \.sea$         10080  90%  43200
refresh_pattern -i \.sit$         10080  90%  43200
refresh_pattern -i \.tjf$         10080  90%  43200
refresh_pattern -i \.tiff$        10080  90%  43200
refresh_pattern -i \.snd$         10080  90%  43200
refresh_pattern -i \.wrl$         10080  90%  43200
refresh_pattern -i \.//           1440   20%  10080

refresh_pattern ^gopher://        1440    0%  1440
refresh_pattern .                 0      20%  43200

quick_abort_min 0
quick_abort_max 0
quick_abort_pct 95

negative_ttl 5 minutes
positive_dns_ttl 6 hours
negative_dns_ttl 5 minutes
range_offset_limit 0 KB

# TIMEOUTS
# – – – – – – – – – – – – – – – – – – – — – — — –

forward_timeout 4 minutes
connect_timeout 1 minute
# peer connect timeout 30 seconds
read_timeout 15 minutes
request_timeout 5 minutes
persistent_request_timeout 1 minutes

client_lifetime 1 day
half_closed_clients off
pconn_timeout 120 seconds
shutdown_lifetime 3 seconds

# ACCESS CONTROLS
# – – – – – – – – – – – – – – – – –  – – – – – – – – –

#acl myexanple dst_as 1241
#acl password proxy_auth REQUIRED
#acl fileupload req_mime_type -i ^multipart/form-data$
#acl javascript rep_mime_type -i ^applications/x-javascripts

acl all src.0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl lokal src 172.16.0.0/24 172.31.0.0/30 172.31.0.4/30 10.10.10.0/29 172.31.0.8/30 172.31.0.12/30 192.168.254.0/24
acl lokal-domain dstdomain localhost 10.10.10.2 117.103.56.248
acl jam_kantor_download time MTWHFA 07:00-15:30
acl jam_kantor_porno time MTWHFA 07:00-12:30
acl SSL_ports port 443 563
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https,snews
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered port
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

always_direct allow localhost lokal-domain

#acl cara-1 dstdomain “/etc/squid/domain-terlarang”
#http_access deny cara-1

#acl cara-2 url regex -i “/etc/squid/kata-terlarang”
#http_access deny cara-2

acl download url_regex -i “/etc/squid/download”
http_access deny download jam_kantor_download

acl porno url_regex -i “/etc/squid/porno”
http_access deny porno jam_kantor_porno

http_access allow manager localhost
http_access allow manager lokal
http_access deny manager
http_access deny !Safe_port
http_access deny CONNECT !SSL_port
http_access deny to localhost
http_access allow lokal
http_access allow localhost
http_access deny all

http_reply_access allow all
icp_access deny all
miss_access allow lokal
miss_access deny all

reply_header_max_size 20 KB
reply_body_max_size 0 allow all

header_access Accept-Encoding allow all
header_access Via allow all

# ADMINISTRATIVE PARAMETERS
# – – – – – – – – – – – – – – – – – – – – – – – – — –

cache_mgr team ict@smkn1kediri.sch.id
cache_effective user proxy
cache_effective_group proxy
visible_hostname proxy.smkn1kediri.sch.id
unique_hostname proxy.smkn1kediri.sch.id

# HTTPD-ACCELERATOR OPTIONS
# – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –  –

#httpd_accel_host virtual
#httpd_accel_port 80
#httpd_accel_single_host off
#httpd_accel_with proxy on
#httpd_accel_user_host_header on

# MISCELLANEOUS
# – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – — – –

logfile_rotate 1

# append_domain .yourdomain.com
tcp_recy_bufsize 0 bytes

# memory_pools on
# memory_pools limit  (bytes)

forward_for on

# cachemgr_passwd secret shutdown
cachemgr_passwd aloh4 into stats/objects
# cachemgr_passwd disable all

store_avg_object_size 13 KB
store_object_per_bucket 20

# DELAY POOL PARAMETERS (all require DELAY POOLS compolation option)
# – – – – – – – – – – – – – – – — – – – – – – – – – — – – – – —  – – – –

acl dl1 rep_mime_type -i ^applications/octet stream$ ^audio/mpeg$ ^vidio/mpeg$
acl dl2 rep_mime_type -i ^audio/x-realaudion$ ^audio/x pn-realaudion$
acl dl3 urlpath_regex -i \.mp3$ \.mov$ \.wav$ \.wav$ \.mpeg$ \.asft \.150$
acl dl4 proto FTP
acl dltime time 10:00-13:30
delay pools 2       # 2 delay pools
delay_class 1 2    # pool 1 is a class 2 pool
delay_class 2 2    # pool 2 is a class 2 pool
delay_access 1 allow lokal dl1 dltime
delay_access 1 allow lokal dl2 dltime
delay_access 1 allow lokal dl3 dltime
delay_access 1 deny all
delay_access 2 allow lokal dl4 dltime
delay_access 2 deny all
delay_parameters 1 15360/-1 15360/131072
delay_parameters 2 -1/-1 15360/-1
delay_initial_bucket_level 50

uri_whitespace strip
nonhierarchical_direct on
prefer_direct off

strip_query_terms on
coredump_dir none
ignore_unknown_nameservers on

# ERROR DIRECTORY
# – – – – – – – – – – — – –

client_persistent_connections on
server_persistent_connections on

pipeline preferch off

store-dir_select_algorithm round-robin
ie refresh on

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s