Home > linux > Example Squid.conf

Example Squid.conf

http_port 3128 transparent
server_http11 on

pid_filename /var/run/squid.pid
coredump_dir /var/spool/squid/
error_directory /usr/share/squid/errors/English
icon_directory /usr/share/squid/icons
mime_table /usr/share/squid/mime.conf

cache_mem 8 MB
maximum_object_size_in_memory 512 bytes
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA

minimum_object_size 0 KB
maximum_object_size 512 MB
cache_swap_low 97
cache_swap_high 99

cache_dir aufs /cookies-1 10000 24 256
cache_dir aufs /cookies-2 10000 24 256
cache_dir aufs /cookies-3 10000 24 256
cache_dir aufs /cookies-4 10000 24 256
cache_dir aufs /cookies-5 10000 24 256

access_log daemon:/var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
cache_store_log none
store_dir_select_algorithm round-robin
logfile_daemon /usr/lib/squid/logfile-daemon
logfile_rotate 1

acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/24
acl localnet src 192.168.1.0/24
acl localnet src 192.168.2.0/24

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # ==
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl purge method PURGE
acl snmppublic snmp_community public
include /usr/local/share/squid/youtube2013.conf

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow localnet
http_access allow all
http_access deny all

icp_access allow localnet
icp_access deny all
icp_port 0

buffered_logs on

acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
upgrade_http0.9 deny shoutcast

acl apache rep_header Server ^Apache
broken_vary_encoding allow apache

forwarded_for off
header_access From deny all
header_access Server deny all
header_access Link deny all
header_access Via deny all
header_access X-Forwarded-For deny all
httpd_suppress_version_string on

shutdown_lifetime 10 seconds

snmp_port 3401
snmp_access allow snmppublic all
dns_timeout 1 minutes

#dns_nameservers 8.8.8.8
#dns_testnames 127.0.0.1

#fqdncache_size 4096 #
fqdncache_size 16384
#ipcache_size 10240 #
ipcache_size 16384
ipcache_low 97
ipcache_high 99
log_fqdn off
memory_pools off

maximum_single_addr_tries 2
retry_on_error on

icp_hit_stale on

strip_query_terms on

query_icmp on
reload_into_ims on
emulate_httpd_log off
negative_ttl 0 seconds
pipeline_prefetch on
vary_ignore_expire on
half_closed_clients off
high_page_fault_warning 2
nonhierarchical_direct on
prefer_direct off
cache_mgr admin@web.id
cache_effective_user proxy
cache_effective_group proxy
visible_hostname proxy.admin.co.id
unique_hostname admin.co.id
cachemgr_passwd none all
client_db on
max_filedescriptors 8192

# TAG: ZPH
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136

Categories: linux
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: