squid.conf : Konfigurasi Squid 2.7 Opensuse


Squid sudah berumur 9 hari – https sering ngeblank terutama saat buka google apps dan gmail, ada yang bisa bantu ?



server:/etc/squid # squidclient mgr:info
HTTP/1.0 200 OK
Server: squid/2.7.STABLE6
Date: Sun, 20 Jun 2010 16:53:05 GMT
Content-Type: text/plain
Expires: Sun, 20 Jun 2010 16:53:05 GMT
X-Cache: MISS from proxy.eka.rg
X-Cache-Lookup: MISS from proxy.eka.rg:3128
Connection: close

Squid Object Cache: Version 2.7.STABLE6
Start Time:     Sun, 20 Jun 2010 09:03:10 GMT
Current Time:   Sun, 20 Jun 2010 16:53:05 GMT
Connection information for squid:
Number of clients accessing cache:      4
Number of HTTP requests received:       5167
Number of ICP messages received:        0
Number of ICP messages sent:    0
Number of queued ICP replies:   0
Number of HTCP messages received:       0
Number of HTCP messages sent:   0
Request failure ratio:   0.00
Average HTTP requests per minute since start:   11.0
Average ICP messages per minute since start:    0.0
Select loop called: 233153 times, 120.928 ms avg
Cache information for squid:
Request Hit Ratios:     5min: 40.8%, 60min: 44.7%
Byte Hit Ratios:        5min: 18.7%, 60min: 32.9%

Request Memory Hit Ratios:      5min: 2.2%, 60min: 6.5%
Request Disk Hit Ratios:        5min: 90.1%, 60min: 92.0%

Storage Swap size:      1201556 KB — > 1,1GB
Storage Mem size:       6136 KB
Mean Object Size:       12.74 KB

Requests given to unlinkd:      0
Median Service Times (seconds)  5 min    60 min:
HTTP Requests (All):   0.25890  0.25890
Cache Misses:          0.61549  0.76407
Cache Hits:            0.00865  0.00379
Near Hits:             0.14252  0.28853
Not-Modified Replies:  0.00000  0.00000
DNS Lookups:           0.10906  0.10906
ICP Queries:           0.00000  0.00000
Resource usage for squid:
UP Time:        28194.808 seconds
CPU Time:       8.272 seconds
CPU Usage:      0.03%
CPU Usage, 5 minute avg:        0.11%
CPU Usage, 60 minute avg:       0.17%
Process Data Segment Size via sbrk(): 27448 KB
Maximum Resident Size: 0 KB
Page faults with physical i/o: 1
Memory usage for squid via mallinfo():
Total space in arena:   27448 KB
Ordinary blocks:        27331 KB      5 blks
Small blocks:               0 KB      0 blks
Holding blocks:          3584 KB      3 blks
Free Small blocks:          0 KB
Free Ordinary blocks:     116 KB
Total in use:           30915 KB 100%
Total free:               116 KB 0%
Total size:             31032 KB
Memory accounted for:
Total accounted:        18134 KB
memPoolAlloc calls: 1353549
memPoolFree calls: 1136099
File descriptor usage for squid:
Maximum number of file descriptors:   4096
Largest file desc currently in use:     47
Number of file desc currently in use:   33
Files queued for open:                   0
Available number of file descriptors: 4063
Reserved number of file descriptors:   100
Store Disk files open:                   0
IO loop method:                     epoll
Internal Data Structures:
94325 StoreEntries
1294 StoreEntries with MemObjects
1293 Hot Object Cache Items
94288 on-disk objects

seminggu memperbaiki kesalahan-kesalahan di script squid.conf, akhirnya menemukan sedikit kelegaan (thanks bro idulk)

berikut hasil monitor terakhir performance squid di kantorku

server:/var/log/squid # squidclient mgr:info
HTTP/1.0 200 OK
Server: squid/2.7.STABLE6
Date: Fri, 11 Jun 2010 15:40:20 GMT
Content-Type: text/plain
Expires: Fri, 11 Jun 2010 15:40:20 GMT
X-Cache: MISS from proxy.eka.rg
X-Cache-Lookup: MISS from proxy.eka.rg:3128
Via: 1.0 proxy.eka.rg:3128 (squid/2.7.STABLE6)
Connection: close

Squid Object Cache: Version 2.7.STABLE6
Start Time:     Fri, 11 Jun 2010 14:53:52 GMT
Current Time:   Fri, 11 Jun 2010 15:40:20 GMT
Connection information for squid:
Number of clients accessing cache:      6
Number of HTTP requests received:       8473
Number of ICP messages received:        0
Number of ICP messages sent:    0
Number of queued ICP replies:   0
Number of HTCP messages received:       0
Number of HTCP messages sent:   0
Request failure ratio:   0.00
Average HTTP requests per minute since start:   182.4
Average ICP messages per minute since start:    0.0
Select loop called: 131343 times, 21.226 ms avg
Cache information for squid:
Request Hit Ratios:     5min: 83.5%, 60min: 79.0%
Byte Hit Ratios:        5min: 89.6%, 60min: 76.7%

masih ada yang aneh…hit ratio melebihi permintaan blm mudeng sampai disini

Request Memory Hit Ratios:      5min: 12.2%, 60min: 9.1%
Request Disk Hit Ratios:        5min: 77.4%, 60min: 67.5%

penggunaan memory hanya 12 % rata2 semuanya ke cache harddisk = 77 %, [client masih responsif kok] lumayan untuk pemula..heuheu

Storage Swap size:      365696 KB
Storage Mem size:       2880 KB
Mean Object Size:       13.88 KB
Requests given to unlinkd:      0
Median Service Times (seconds)  5 min    60 min:
HTTP Requests (All):   0.00379  0.00379
Cache Misses:          1.46131  0.68577 missnya masih buanyak jiakakakak
Cache Hits:            0.00286  0.00286
Near Hits:             0.64968  0.30459
Not-Modified Replies:  0.00286  0.00286
DNS Lookups:           0.67710  0.22276
ICP Queries:           0.00000  0.00000
Resource usage for squid:
UP Time:        2787.856 seconds
CPU Time:       8.180 seconds
CPU Usage:      0.29%
CPU Usage, 5 minute avg:        0.89%
CPU Usage, 60 minute avg:       0.25%
Process Data Segment Size via sbrk(): 12728 KB
Maximum Resident Size: 0 KB
Page faults with physical i/o: 0
Memory usage for squid via mallinfo():
Total space in arena:   12728 KB
Ordinary blocks:        12643 KB    112 blks
Small blocks:               0 KB      0 blks
Holding blocks:          2916 KB      3 blks
Free Small blocks:          0 KB
Free Ordinary blocks:      84 KB
Total in use:           15559 KB 99%
Total free:                84 KB 1%
Total size:             15644 KB
Memory accounted for:
Total accounted:         7620 KB
memPoolAlloc calls: 1390268
memPoolFree calls: 1325549
File descriptor usage for squid:
Maximum number of file descriptors:   4096
Largest file desc currently in use:    286
Number of file desc currently in use:  255
Files queued for open:                   0
Available number of file descriptors: 3841
Reserved number of file descriptors:   100
Store Disk files open:                   7
IO loop method:                     epoll
Internal Data Structures:
26392 StoreEntries
410 StoreEntries with MemObjects
400 Hot Object Cache Items
26355 on-disk objects
—————————————————————-
server:/var/log/squid # cat access.log | ./squidmon.py
cache effect: 12.53%, save 98169.18K of 783399.67K
most accessed sites (by traffic)
URI   Kbytes  Ratio
dc202.4shared.com   166493   0.00
au.download.windowsupdate.com   161340   0.00
downloads.ziddu.com    45565   0.00
sphotos.ak.fbcdn.net    18343   0.02
v21.lscache4.c.youtube.com    18086   0.00
http://www.facebook.com    15388   0.08
kristenonline.com    12606   0.00
dc167.4shared.com    11912   0.00
suaramerdeka.com    11739  84.71
v10.lscache7.c.youtube.com    10743   0.00
3347-mozilla.voxcdn.com     9978   0.00
http://www.casiogzone.com     9750   4.08
202.59.205.51     8511  98.66
safebrowsing-cache.google.com     8035  21.45
profile.ak.fbcdn.net     7766  12.55
v2.lscache5.c.youtube.com     7579   0.00
dnl-03.geo.kaspersky.com     6515   0.00
http://www.detik.com     5649  75.90
openx.detik.com     4783  79.37
www2.kapanlagi.com     4780   0.00
dnl-15.geo.kaspersky.com     4455   0.00
dl.google.com     4017   0.00
http://www.indowebster.com     3954  84.60
http://www.kompas.com     3935  46.28
bibledatabase.org     3921   0.00

—————————————————————-
# SQUID STABLE 2.7 – IT&S PTSE
# CONFIG DATE : 10JUNE2010 # By c1p1
#==============================================
http_port 3128 transparent
icp_port 0
visible_hostname proxy.eka.rg
cache_mgr c1p1@ekartama.com
#error_directory /usr/share/squid/errors/Indonesia
server_http11 on
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 6 MB
cache_swap_low 97
cache_swap_high 99
maximum_object_size 25 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
high_memory_warning 768 MB
cache_dir aufs /var/cache/squid 30000 68 256
store_dir_select_algorithm least-load
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
mime_table /etc/squid/mime.conf
pid_filename /var/run/squid.pid
log_fqdn off
log_icp_queries off
buffered_logs off
emulate_httpd_log off
dns_nameservers 208.67.222.222 208.67.220.220
max_filedescriptors 4096
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563 843 5900-5908
acl Safe_ports port 80 21 443 563 70 210 777 6667
acl Safe_ports port 1025-65535 280 488 591 843 5900-5908
acl CONNECT method CONNECT
acl ekartama src 192.168.0.0/24
acl blokir url_regex “/etc/squid/bloksitus.txt”
deny_info redirect blokir
acl blokir1 url_regex “/etc/squid/blokirpermanen.txt”
acl fbredir dstdomain “/etc/squid/blokdomain.txt”
deny_info dilarang blokir1
acl waktu1 time 16:00-24:00
acl waktu1 time 00:00-08:00
acl waktu1 time 11:00-13:00
acl xyz dstdom_regex nude porn xyz bypass anonymous
acl numeric_IPs url_regex ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
http_access deny xyz
http_access deny CONNECT numeric_IPs all
http_access deny blokir1
http_access allow blokir waktu1
http_access deny blokir
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access allow CONNECT !SSL_ports
http_access allow ekartama
http_access deny all
refresh_pattern -i \.(doc|docx|xls|xlsx|ppt|pptx|mdb|hqx|pdf|rtf|swf|txt|html|php|asp|aspx)$ 1440 50% 43200
refresh_pattern -i \.(ico|gif|bmp|png|jpg|jpe|jpeg|tiff)$ 14400 100% 86400 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache
refresh_pattern -i \.(rpm|cab|exe|msi|msu|zip|tar|gz|tgz|rar|bin|7z)$ 14400 95% 86400 override-lastmod reload-into-ims ignore-no-cache
refresh_pattern -i \.(avi|wav|mid|mpeg|mpg|flv|mov|3gp|mp4|wmv)$ 14400 95% 86400 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache
refresh_pattern -i \.(mp3|mid)$ 14400 95% 86400 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache
refresh_pattern -i \.(css|js|axd)$ 14400 100% 86400 override-lastmod reload-into-ims ignore-no-cache
refresh_pattern -i \.(ini)(\?.*)?$ 2 5% 10800 reload-into-ims override-lastmod
refresh_pattern . 180 95% 403200 override-lastmod reload-into-ims
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern ^http://mail.yahoo.com/.* 720     100%    10080
refresh_pattern ^http://*.yahoo.*/.*            720     100%    7200
refresh_pattern ^http://*.wordpress.com/.* 720     80%     10080
refresh_pattern ^http\:\/\/.*\.windowsupdate\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/office\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/windowsupdate\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/w?xpsp[0-9]\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/w2ksp[0-9]\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/download\.microsoft\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/download\.macromedia\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^ftp\:\/\/ftp\.nai\.com/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http\:\/\/ftp\.software\.ibm\.com\/ 10080 80% 43200 reload-into-ims
refresh_pattern ^http://download.windowsupdate.com/msdownload/update/software/updt/ 10080      80%   43200 reload-into-ims
refresh_pattern ^http://dnl-00.geo.kaspersky.com/diffs/bases/wmuf/ 720     100%    7200
refresh_pattern ^http://dnl-01.geo.kaspersky.com/diffs/bases/wmuf/ 720     100%    7200
refresh_pattern ^http://dnl-03.geo.kaspersky.com/diffs/bases/wmuf/ 720     100%    7200
refresh_pattern ^http://dnl-04.geo.kaspersky.com/diffs/bases/av/kdb/i386/ 720     100%    7200
refresh_pattern ^http://dnl-08.geo.kaspersky.com/diffs/bases/wmuf/ 720     100%    7200
refresh_pattern ^http://dnl-14.geo.kaspersky.com/diffs/bases/wmuf/ 720     100%    7200
refresh_pattern ^http://dnl-17.geo.kaspersky.com/diffs/bases/wmuf/ 720     100%    7200
refresh_pattern ^http://dnl-19.geo.kaspersky.com/diffs/bases/wmuf/ 720     100%    7200
refresh_pattern ^http://*.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.static.ak.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://apps.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://profile.ak.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0

refresh_pattern ^http://*.jobstreet.com.*/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache
refresh_pattern ^http://*.indowebster.com.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth
refresh_pattern ^http://*.21cineplex.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth
refresh_pattern ^http://*.kompas.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.blogspot.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.wordpress.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache
refresh_pattern ^http://*.photobucket.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.tinypic.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.imageshack.us/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.kaskus.*/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://www.kaskus.com/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.kapanlagi.*/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.okezone.*/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://www.okezone.com/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://www.inilah.com/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://www.kapanlagi.com/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.detik.*/.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.detiknews.*/*.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://video.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://static.liputan6.com/.* 720 100% 10080 override-expire  override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.friendster.com/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache ignore-auth
refresh_pattern ^http://*.twitter.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims  ignore-no-cache ignore-auth
refresh_pattern ^http://*.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims  ignore-no-cache ignore-auth
refresh_pattern ^http://*.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://profile.ak.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.yahoo.com/.* 720 80% 10080 override-expire override-lastmod  reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.google.com/.* 720 80% 10080 override-expire override-lastmod  reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.forummikrotik.com/.* 720 80% 10080 override-expire override-lastmod  reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.linux.or.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^https://c1p1.wordpress.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.c1p1.wordpress.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.linux.or.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://opensuse.or.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.kendari.linux.or.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.opensuse.kendari.linux.or.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 100%
acl download url_regex -i ftp .exe .mp3 .vqf .tar.gz .gz .tar .rpm .zip .rar .avi .mpeg .mpg .qt .ram .rm .iso .raw .wav .mov .msi
redirect_program /usr/local/bin/squid_redirect

dibawah ini script squid versi lama

#============================================

# SQUID 2.7 [sensor:thanks saran si copy paste] PERFORMANCE
# CONFIG DATE : 3JUNE2010
# edited by c1p1

#============================================

# http_port
#Daftar port koneksi squid.
#============================================
http_port 3128 transparent
icp_port 0
visible_hostname proxy.eka.rg
cache_mgr c1p1
#error_directory /usr/share/squid/errors/Indonesia
#============================================

#============================================
# Mengatasi Facebook Blank setelah login
server_http11 on
#============================================

#============================================
# hierarchy_stoplist
# Daftar kata2 yg, jika ditemukan dalam sebuah URL, menyebabkan obyek
# akan ditangani langsung oleh squid. Opsi dapat ditulis beberapa kali
#hierarchy_stoplist cgi-bin ? localhost
#acl QUERY urlpath_regex cgi-bin ? localhost
#no_cache deny QUERY
#============================================

#============================================
# OPTIONS WHICH AFFECT THE CACHE SIZE
#============================================
# Ukuran memory (RAM) yang digunakan untuk
#men-cache obyek. Jangan terlalu besar, Idealnya
#60-70% dari total Memory yang terpasang
cache_mem 768 MB
#============================================

#============================================
# Ukuran maksimum suatu obyek yang di-cache
# ke hd & Memory. Ukurannya terserah
# tergantung kebutuhan.
maximum_object_size 25 MB
maximum_object_size_in_memory 64 KB
#============================================

#============================================
# Ini adalah trik yg menyebabkan squid selalu
# berusaha menyimpan obyek dalam memory dan baru
# akan men-swap data ke hd jika cache_mem sudah penuh.
cache_swap_low 98%
cache_swap_high 99%
#============================================

#============================================
# Bagian ini adalah metode swapping data dari memory ke cache hd. LFUDA
# brarti menyebabkan squid akan men-cache obyek2 berukuran besar,
# sebaliknya GDSF men-cache obyek2 kecil secara progresif. Saran saya
# cache hd menggunakan LFUDA dan cache memory menggunakan GDSF karena
# pembacaan/penulisan ke memory (RAM) jelas lebih cepat daripada hd.
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
#============================================

#============================================
# Ini adalah pembatasan maksimum memory yg dipakai oleh squid. Saran saya
# sekitar 60-70% dari ukuran RAM.
high_memory_warning 768 MB
#============================================

#============================================
# Ini adalah konfigurasi peletakan log squid. lokasinya terserah.
cache_dir aufs /var/cache/squid 20000 46 256
store_dir_select_algorithm least-load
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
#============================================

#============================================
# Ini daftar mime squid. Selalu gunakan agar
# proses filtering obyek lebih cepat;
# default; mime_table /usr/share/squid/mime.conf
mime_table /etc/squid/mime.conf
#============================================

#============================================
# Lokasi PID squid.
pid_filename /var/run/squid.pid
#coredump_dir /var/spool/squid/
#============================================

#============================================
# Beberapa log yg tidak signifikan karena opsi2-nya jarang digunakan.
log_fqdn off
log_icp_queries off
buffered_logs off
emulate_httpd_log off
#============================================

#============================================
# FTP section
#============================================
# Selalu gunakan opsi ini untuk mengurangi beban trafik. FTP mode pasif
# menyebabkan client tidak berhubungan langsung dengan FTP Server tujuan
# dan menggunakan squid sebagai relay sehingga bandwidth utk koneksi FTP
# bisa dikontrol mungkin dengan kombinasi IP filtering (PF (BSD)/ IPTABLES).
#ftp_list_width 32
#ftp_passive on
#ftp_sanitycheck on

#============================================
# DNS resolution section
#============================================
# Isikan IP (BUKAN NAMA) untuk mempercepat resolusi query dns dari client.
# Menggunakan OpenDNS untuk settingan di bawah ini
dns_nameservers 208.67.222.222 208.67.220.220

#============================================
# Filesystem section
#============================================
#diskd_program /usr/bin/diskd
#============================================
# AUTH section
#============================================
# Sistem autentikasi client-server yg di-relay oleh squid. Gunakan jika
# perlu. Tidak saya gunakan agar tidak membebani kerja squid dan bw.
#auth_param basic children 5
#auth_param basic realm Squid proxy-caching web server
#auth_param basic credentialsttl 2 hours
#auth_param basic casesensitive off
#============================================

#============================================
# Belum paham-tapi spertinya size deskripsi dari sebuah file
max_filedescriptors 4096
#============================================

#============================================
# FIXME!
#ipcache_size 16384 —>u/RAM 4GB
#fqdncache_size 16384 —>u/RAM 4GB
ipcache_size 8192
fqdncache_size 4096
#============================================

#============================================
# Sama seperti cache_swap_low/high, hanya saja obyeknya adalah IP.
#ipcache_low 98
#ipcache_high 99
#============================================

#============================================
# belum paham – visit Anoa
ipcache_size 8192
fqdncache_size 4096
#============================================

#============================================
# ACL Section
#============================================
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563 843 5900-5908
acl Safe_ports port 80 21 443 563 70 210 777 6667
acl Safe_ports port 1025-65535 280 488 591 843 5900-5908
acl CONNECT method CONNECT
acl ekartama src 192.168.0.0/24
acl blokir url_regex “/etc/squid/bloksitus.txt”
deny_info redirect blokir
acl blokir1 url_regex “/etc/squid/blokirpermanen.txt”
acl fbredir dstdomain “/etc/squid/blokdomain.txt”
deny_info dilarang blokir1
acl waktu1 time 16:00-24:00
acl waktu1 time 00:00-08:00
acl waktu1 time 11:00-13:00
#http_access deny fbredir
acl xyz dstdom_regex nude porn xyz bypass proxy anonymous
# bloking UltraSurf/Skype
acl numeric_IPs url_regex ^[0-9]+.[0-9]+.[0-9]+.[0-9]+
http_access deny xyz
http_access deny CONNECT numeric_IPs all
http_access deny blokir1
http_access allow blokir waktu1
http_access deny blokir
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access allow CONNECT !SSL_ports
http_access allow ekartama
http_access deny all
#============================================

#============================================
# Refresh Rate
#============================================
# Ini adalah bagian yg sering diutak-atik karena menyangkut lamanya
# sebuah obyek dicatat dalam cache (hd). Cari nilainya secara
# trial n error karena tidak ada angka pasti. Urutannya adalah:
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i .(gif|png|jp?g|ico|bmp)$ 14400 100% 86400 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache
refresh_pattern -i .(avi|wav|mid|mp?|mpeg|swf|flv|x-flv|mov|3gp|wm?)$ 14400 95% 86400 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache
refresh_pattern -i .(rpm|cab|exe|msi|msu|zip|tar|gz|tgz|rar|bin|7z)$ 14400 95% 86400 override-lastmod reload-into-ims ignore-no-cache
refresh_pattern -i .(css|js|axd)$ 14400 100% 86400 override-lastmod reload-into-ims ignore-no-cache
refresh_pattern . 180 95% 403200 override-lastmod reload-into-ims
refresh_pattern -i .(hqx|pdf|rtf|doc|swf|xls|ppt|pdf|docx|xlsx)$ 1440 50% 43200

#refresh_pattern -i .(class|css|js|gif|jpg|ps)$ 1440 50% 43200
#refresh_pattern -i .(jpe|jpeg|png|bmp|tif)$ 1440 50% 43200
#refresh_pattern -i .(tiff|mov|avi|qt|mpeg|flv|ra|rm|wmv|divx)$ 1440 50% 43200
#refresh_pattern -i .(mpg|mpe|wav|au|mid|mp3|mp4|ac4|swf)$ 1440 50% 43200
#refresh_pattern -i .(zip|gz|arj|lha|lzh|7z)$ 1440 50% 43200
#refresh_pattern -i .(rar|tgz|tar|exe|bin|rpm|iso)$ 1440 50% 43200
#refresh_pattern -i .(inc|cab|ad|txt|dll|dat)$ 1440 50% 43200
#refresh_pattern ^ftp: 1440 95% 12960 reload-into-ims
#refresh_pattern ^gopher: 1440 0% 1440
#refresh_pattern . 0 20% 4320

refresh_pattern -i .(ini)(?.*)?$ 2 5% 10800 reload-into-ims override-lastmod
refresh_pattern ^http://*.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.static.ak.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://apps.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://profile.ak.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 100%
permalink

5 Comments to “squid.conf : Konfigurasi Squid 2.7 Opensuse”

  1. kayakx bsa sma belajar squid sma kita ini bang …heheheh

  2. hahhaha..
    menyembunyikan jati diri lagi bang unang… :P

  3. mas brow kalo untuk cache youtube gmn c d squid 2.7 ?
    utk performance squid 2.7 gmn y ?

    sy nyoba d squid3 kalo ngakses file download zid*u, Gud*nglag*.com n bbrp web utk download kok g bs y ?

    kalo di 2.7 ada masalah g ?

    mohon pencerahan’y…

    oiya,ijin bukmark y…:D

    mksh sebelum’y…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: