contoh 1.
#————- cut ———————————–
http_port 192.168.2.14:8080
#port 3128 dipakai untuk melisten squid di ip tsb
#Parameter ini berfungsi supaya halaman web dinamik tidak masuk ke dalam cache
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
#Parameter cache_mem akan membatasi pemakaian RAM untuk digunakan Squid,
#umumnya pemakaian RAM ini menggunakan aturan sepertiga dari RAM komputer.
#Ukuran file maksimum bisa dibatasi, terutama jika alokasi cache anda tidak
#terlalu besar, sedangkan ukuran minimum file yang dicache bertujuan
#mengefektifkan filesystem dimana biasanya ext2 diformat dengan 4 KB setiap
#inode.
cache_mem 128 MB
maximum_object_size 256 KB
minimum_object_size 4 KB
# lihat settingan cache
cache_dir diskd /cache 26000 16 256 Q1=72 Q2=64
cache_access_log /usr/local/squid/var/logs/access.log
cache_log /usr/local/squid/var/logs/cache.log
#ACCESS CONTROL
#meblok situs keywords (sex,adult,porn,nude)
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl user src 192.168.2.0/255.255.255.0 #IP LAN
acl porno url_regex -i “/usr/local/squid/etc/porno.txt” #url yang diblok
http_access deny user porno
http_access allow user
http_access deny all
#————- cut ————————————-
#dan ini kasus pada Warnet merbau mas net
#yang hanya mengijinkan beberapa website aja yang boleh, dan lainnya diblok
#————- cut ————————————-
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl user src 192.168.2.0/255.255.255.0 #IP LAN
acl NotBad url_regex -i “/usr/local/squid/etc/noporno.txt” #url yang diijinkan
http_access allow user noporno
http_access deny all
#————- cut ———————————–
#sekarang kita akan membatasi download
#yang dibatasi ada beberapa file (*.mpeg .wav .mp3) dan lainya
#dimana pada configure tadi kita telah mengenable kan option
#–enable-delay-pools
#————— cut ———————————
#Kita tidak ingin membatasi download pada range ip 192.168.2.0-192.168.255.255
acl LAN url_regex -i 192.168.
#Batasi dl pada jenis file berikut
acl extensions url_regex -i ftp .exe .mp3 .vqf .tar.gz .gz .rpm .zip .rar
.avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav
#saat ini kita mempunya 2 jenis delay pools
delay_pools 2
#yang pertama kita tidak ingin membatasi dlnya,
#yang kedua akan dibatasi dlnya
delay_class 1 2
#-1/-1 berarti tidak ada batasan untuk delay pools 1
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow LAN
#sekarang delay pools ke 2 yang akan dibatasin
delay_class 2 2
#5000/128000 jumlah bytes untuk seluruh network
#2000/100000 jumlah bytes untuk satu client
#setelah dl mencapai batas maximum 128000 bytes
#maka download akan mandapat -+ 5000 bytes
#
delay_parameters 2 5000/128000 2000/100000
delay_access 2 allow extensions
#untuk transparan proxy
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
forwarded_for on
#———— cut —————————————–
2. contoh 2
http_port 192.168.2.14:8080
icp_port 3130
icp_query_timeout 0
maximum_icp_query_timeout 5000
mcast_icp_query_timeout 2000
dead_peer_timeout 10 seconds
hierarchy_stoplist cgi-bin ? js
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 128 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 8 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
cache_replacement_policy lru
memory_replacement_policy lru
cache_dir diskd /cache 26000 16 256 Q1=72 Q2=64
cache_access_log /usr/local/squid/var/logs/access.log
cache_log /usr/local/squid/var/logs/cache.log
cache_store_log none
emulate_httpd_log off
log_ip_on_direct on
ftp_user dgreenmania@yahoo.com
wais_relay_port 0
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95
negative_ttl 5 minute
positive_dns_ttl 6 hour
negative_dns_ttl 5 minute
range_offset_limit 0 KB
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
#acl IIX dst_as 7713 4622 4795 7597 4787 4795 4800 untuk menutp port dari squid
acl dgreenmania src 192.168.2.0/28
acl SSL_ports port 443 563
acl irc_ports port 6667
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
acl porno url_regex -i “/usr/local/squid/etc/porno.txt”
http_access deny user porno
http_access allow user
http_access deny all
acl noporno url_regex -i “/usr/local/squid/etc/noporno.txt”
http_access allow user noporno
http_access deny all
acl extensions url_regex -i ftp .exe .mp3 .vgf .wav
acl dgreenmania url_regex -i 192.168.
delay_pools 2
delay_class 1 2
delay_parameters 1 -1/-1/-1
delay_access 1 allow dgreenmania
delay_class 2 2
delay_parameters 2 5000/128000 2000/100000
delay_access 2 allow extensions
http_access allow manager localhost
http_access allow dgreenmania
#http_access allow IIX
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow CONNECT !irc_ports
http_access deny all
icp_access allow all
connect_timeout 2 minute
peer_connect_timeout 30 seconds
read_timeout 15 minute
request_timeout 30 second
client_lifetime 5 day
pconn_timeout 120 second
shutdown_lifetime 30 second
cache_mgr dgreenmania@yahoo.com
cache_effective_user squid
cache_effective_group squid
visible_hostname dgreenmania@yahoo.com
logfile_rotate 10
forwarded_for on
log_icp_queries off
icp_hit_stale off
minimum_direct_hops 4
minimum_direct_rtt 400
store_avg_object_size 13 KB
store_objects_per_bucket 20
client_db off
netdb_low 900
netdb_high 1000
netdb_ping_period 5 minutes
query_icmp on
test_reachability on
nonhierarchical_direct off
prefer_direct on
ignore_unknown_nameservers on
high_memory_warning 0
store_dir_select_algorithm round-robin
ie_refresh on
# HTTPD-ACCELERATOR OPTIONS
#
#
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
forwarded_for on
DENNY CHARTER BLOG 