Kembali lagi tentang squid, semoga rekan- rekan tidak bosan. Saya ingin membagi full konfigurasi squid.conf pada child proxy , dikarenakan banyak request tentang bagaimana contoh squid yang bagus dan OK , ini bukan berarti punya saya bagus loh :) .
Saya yakin di antara para squider banyak yang bertanya2 bagaimana cara melihat isi konfigurasi squid.conf yang enable secara lengkap, bayangkan kalau satu2 harus melihat mana konfigurasi yang enable pasti pusing juga mata itu *LOL*
Squid memang tidak menyediakan utility untuk itu, seperti halnya squidclient untuk melihat info ttg squid. So guys, we able to see the relevant non-commented lines in squid.conf with this magic one :
Have u ever heard about grep ? "just asking uncle google" *smile
Saya yakin di antara para squider banyak yang bertanya2 bagaimana cara melihat isi konfigurasi squid.conf yang enable secara lengkap, bayangkan kalau satu2 harus melihat mana konfigurasi yang enable pasti pusing juga mata itu *LOL*
Squid memang tidak menyediakan utility untuk itu, seperti halnya squidclient untuk melihat info ttg squid. So guys, we able to see the relevant non-commented lines in squid.conf with this magic one :
Have u ever heard about grep ? "just asking uncle google" *smile
# grep -v '^#' /PathTo/squid.conf | grep . | less
so this is my squid.conf 3.0 Stable 6 sample :
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl diblok arp "/usr/local/squid/etc/diblok.acl"
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl snmppublic snmp_community public
http_access allow manager localhost
http_access deny manager
http_access deny diblok
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl porn url_regex -i "/usr/local/squid/etc/xxx.txt"
http_access deny porn
acl lab src 192.168.30.0/24
http_access allow lab
http_access deny all
icp_access allow lab
icp_access deny all
miss_access allow all
miss_access deny all
http_port 3128 transparent
hierarchy_stoplist cgi-bin ? .js .jsp .awt
cache_mem 18 MB
maximum_object_size_in_memory 64 KB
memory_replacement_policy heap LFUDA
cache_replacement_policy heap GDSF
cache_dir diskd /cache 50000 102 256 Q1=64 Q2=72
minimum_object_size 0 KB
maximum_object_size 64 MB
cache_swap_low 98
cache_swap_high 99
access_log /usr/local/squid/var/logs/access.log squid
cache_log /dev/null
cache_store_log none
logfile_rotate 3
emulate_httpd_log off
mime_table /usr/local/squid/etc/mime.conf
pid_filename /usr/local/squid/var/logs/squid.pid
log_fqdn off
client_netmask 255.255.255.255
strip_query_terms off
buffered_logs off
diskd_program /usr/local/squid/libexec/diskd
refresh_pattern windowsupdate.com/.*\.(cab|exe\dll) 259200 95% 259200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private
refresh_pattern download.microsoft.com/.*\.(cab|exe\dll) 259200 95% 259200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private
refresh_pattern au.download.windowsupdate.com/.*\.(cab|exe|psf) 259200 95% 259200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private
refresh_pattern ^ftp: 20160 95% 259200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private
refresh_pattern . 180 95% 120960 reload-into-ims override-lastmod
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 100
negative_ttl 2 minutes
positive_dns_ttl 60 seconds
negative_dns_ttl 30 seconds
store_avg_object_size 15 KB
vary_ignore_expire on
client_lifetime 2 hours
half_closed_clients off
shutdown_lifetime 15 seconds
cache_mgr administrator@stieperbanas.ac.id
cache_effective_user squid
cache_effective_group squid
visible_hostname proxylab1.stieperbanas.ac.id
snmp_port 3401
snmp_access allow snmppublic localhost
snmp_access deny all
icp_port 3130
log_icp_queries off
icp_hit_stale on
query_icmp on
icon_directory /usr/local/squid/share/icons
error_directory /usr/local/squid/share/errors/English
dns_nameservers 192.168.0.1
ipcache_size 4096
ipcache_low 90
ipcache_high 95
fqdncache_size 4096
memory_pools off
forwarded_for on
reload_into_ims on
coredump_dir none
pipeline_prefetch on
high_response_time_warning 2000
high_page_fault_warning 2
high_memory_warning 1900 MB
Rgds
[get this widget]
0 komentar:
Post a Comment