02 April 2012

squid.speedtest

##############################################
###     CORE AND COMMON SQUID CONFIG       ###
##############################################

# default listen port 8000 with transparent mode,
# change properly with your own port
http_port 8000 transparent

# http1.1 handling
server_http11 on

# cache manager name
cache_mgr ComStuff

# remove http-header "FORWARDER-FOR" to client that connected through squid
forwarded_for off

# name of squid server
visible_hostname ComStuff

httpd_suppress_version_string on

# caching option (memory, directory,)
cache_mem 16 MB
cache_dir aufs d:/luscacache/cache0 7000 16 256
coredump_dir d:/luscacache/

acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
minimum_object_size 512 bytes
maximum_object_size 1024000 KB
maximum_object_size_in_memory 64 KB
store_avg_object_size 13 KB
offline_mode off

memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
client_persistent_connections off
server_persistent_connections on

request_timeout 1 minute
pconn_timeout 15 seconds
negative_dns_ttl 60 seconds
positive_dns_ttl 6 hours
client_lifetime 6 hours
read_timeout 30 minutes
shutdown_lifetime 10 seconds
uri_whitespace strip
negative_ttl 30 seconds
half_closed_clients off
strip_query_terms off
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 100
vary_ignore_expire on
cache_swap_high 99
cache_swap_low 98

fqdncache_size 16384
ipcache_size 4096
ipcache_low 98
ipcache_high 99

memory_pools off
reload_into_ims on
pipeline_prefetch on

########### END OF ADSBLOCKING ################

##############################################
###            ADSBLOCKING                 ###
##############################################

acl jshack url_regex -i "C:/squid/etc/jshack.block"
deny_info http://ComStuff.net/luscaforwindows/hack.js jshack
http_access deny jshack

acl popads url_regex -i "C:/squid/etc/popads.block"
deny_info http://ComStuff.net/luscaforwindows/popkiller.html popads
http_access deny popads

acl advertise url_regex -i "C:/squid/etc/ads.block"
deny_info https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjN8pXtkCwd-ihC9BUdzBB6oiMfQIouCTi611h3IM-gdA450mrlVXQg_wTmvd_82kdWxxQNoYjFgXaHalUBgwYr7y4ZCO-MbVIMgnlxVxanMP04HGxS0_e-NDD0nJQKqzpE0LF9R8hrug-5/s1600/LORPINS.gif advertise
http_access deny advertise

acl blockedsites dstdomain "C:/squid/etc/sites.block"
http_access deny blockedsites

########### END OF ADSBLOCKING ################

##############################################
###             DNS OPTION                 ###
##############################################

#dns_defnames on

## dns cache to localhost if using unbound
#dns_nameservers 127.0.0.1

hosts_file C:/squid/etc/hosts

########### END OF DNS OPTION ################


##############################################
###           LOGING OPTION                ###
##############################################
# choose one of format log below
# default is using complete log format
#logformat squid  %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
#logformat squidmime  %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt [%>h] [%<h]
#logformat common %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st %Ss:%Sh
logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh

access_log d:/luscacache/access.log squid
cache_store_log none
cache_log  d:/luscacache/cache.log
logfile_rotate 1
log_ip_on_direct off
log_icp_queries off
buffered_logs off

########### END OF LOG OPTION ################


##############################################
###           ACL DEFINITION               ###
##############################################

acl all src 0.0.0.0/0.0.0.0
acl localNet src 192.168.34.0/24 192.168.35.0/24 192.168.7.0/24 192.168.212.0/24
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl PURGE method PURGE

# Yahoo! Messenger
acl ym dstdomain .messenger.yahoo.com .psq.yahoo.com
acl ym dstdomain .us.il.yimg.com .msg.yahoo.com .pager.yahoo.com
acl ym dstdomain .rareedge.com .ytunnelpro.com .chat.yahoo.com
acl ym dstdomain .voice.yahoo.com

acl ymregex url_regex yupdater.yim ymsgr myspaceim

# Other protocols Yahoo!Messenger uses ??
acl ym dstdomain .skype.com .imvu.com


## LUSCA
acl speedtest dstdom_regex -i speedtest.*\.
acl store_rewrite_list urlpath_regex .*\/speedtest\/.*\.(jpg|txt)
acl store_rewrite_list urlpath_regex .*\.ak\.fbcdn\.net\/
acl store_rewrite_list urlpath_regex http:\/\/199\.91\.15\d\.\d*\/\w{12}\/(\w*)\/(.*)
acl store_rewrite_list urlpath_regex s[0-9]*\.filesonic\.com\/download\/.*
acl store_rewrite_list urlpath_regex [a-zA-Z]{2}[0-9]*\.4shared\.com\/download\/
acl store_rewrite_list urlpath_regex \/(watch\?|get_video\?|videodownload\?|videoplayback.*id)
acl store_rewrite_list urlpath_regex \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|wmv|3gp|mp(4|3)|exe|msi|zip|on2|mar|rar|cab)\?
acl store_rewrite_list_domain url_regex ^http:\/\/([a-zA-Z-]+[0-9-]+)\.[A-Za-z]*\.[A-Za-z]*
acl store_rewrite_list_domain url_regex (([a-z]{1,2}[0-9]{1,3})|([0-9]{1,3}[a-z]{1,2}))\.[a-z]*[0-9]?\.[a-z]{3}
acl store_rewrite_list_path urlpath_regex \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|avc|zip|mp3|3gp|rar|on2|mar|exe|cab)$
acl store_rewrite_list_domain_CDN url_regex \.rapidshare\.com.*\/[0-9]*\/.*\/[^\/]* ^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*) \.doubleclick\.net.*
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/[.a-z0-9]*\.photobucket\.com.*\.[a-z]{3}$ quantserve\.com
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/[a-z]+[0-9]\.google\.co(m|\.id)
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(rar|zip|flv|wm(a|v)|3gp|mp(4|3)|exe|msi|avi|(mp(e?g|a|e|1|2|3|4))|cab|exe)

acl dontrewrite url_regex redbot\.org \.php
acl getmethod method GET

storeurl_access allow speedtest
storeurl_access deny dontrewrite
storeurl_access deny !getmethod
storeurl_access allow store_rewrite_list_domain_CDN
storeurl_access allow store_rewrite_list
storeurl_access allow store_rewrite_list_domain
storeurl_access allow store_rewrite_list_path
storeurl_access deny all

# REWRITE FEATURE
# PLEASE INSTALL strawberry perl first to enable this feature.
#http://strawberryperl.com/
#this feature allow you to caching dynamic content
#currently support to youtube, 4shared and filesonic
#
#

storeurl_rewrite_program C:/strawberry/perl/bin/perl.exe C:/squid/etc/storeurl.pl
storeurl_rewrite_children 2
storeurl_rewrite_concurrency 99

# END OF REWRITE FEATURE

## END LUSCA



########### END OF ACL DEFINITION ################

##############################################
###    PEERING (SIBLING/PARENT) OPTION     ###
##############################################

## use if your connection must set manual proxy configuration
## cache_peer IP_PARENT_PROXY parent PORT_PARENT_PROXY 0 round-robin no-query no-digest
## wheres IP_PARENT_PROXY is IP Adress of parent proxy
## and PORT_PARENT_PROXY is PORT of parent proxy listening on.

# cache_peer IP_PARENT_PROXY parent PORT_PARENT_PROXY 0 round-robin no-query no-digest
#or
# cache_peed IP_PARENT_PROXY parent PORT_PARENT_PROXY 0 proxy-only no-query no-digest

#never_direct allow all

########### END OF PEERING OPTION ################

##############################################
###       REFRESH PATTERN OPTION           ###
##############################################

# 1 year = 525600 mins, 1 month = 43800 mins
refresh_pattern imeem.*\.flv 0 0% 0 override-lastmod override-expire store-stale
refresh_pattern \.rapidshare.*\/[0-9]*\/.*\/[^\/]* 129600 90% 129600 ignore-reload store-stale
refresh_pattern ^http:\/\/199\.91\.15\d\.\d*\/\w{12}\/(\w*)\/(.*)  129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale negative-ttl=0
refresh_pattern ^http:\/\/s[0-9]*\.filesonic\.com\/download\/([0-9]*)\/(.*)  129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale negative-ttl=0
refresh_pattern ^http:\/\/[a-zA-Z]{2}\d*\.4shared\.com(:8080|)\/download\/(.*)\/(.*\..*)\?.*  129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale negative-ttl=0
refresh_pattern (watch\?|get_video\?|videoplayback\?|videodownload\?|\.flv?) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale negative-ttl=0
refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\? 129600 999999% 129600 override-expire override-lastmod ignore-no-cache store-stale
refresh_pattern \.(ico|video-stats) 129600 999999% 129600 override-expire override-lastmod ignore-reload ignore-no-cache ignore-private ignore-auth ignore-no-store negative-ttl=10080 store-stale
refresh_pattern ^http://(cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.id) 129600 999999% 129600 override-expire ignore-reload ignore-private negative-ttl=10080 store-stale
refresh_pattern ^http://(kh|khmdb|mw1)\.google\.com 129600 999999% 129600 override-expire ignore-reload ignore-private negative-ttl=10080 store-stale
refresh_pattern ^http:\/\/[a-z]+[0-9]\.google\.co(m|\.id) 129600 999999% 129600 override-expire ignore-reload ignore-private negative-ttl=10080 store-stale
refresh_pattern ^.*safebrowsing.*google 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-no-store negative-ttl=10080 store-stale
refresh_pattern (zynga|zgncdn)\.com.*\/ 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-no-store store-stale
refresh_pattern (ninjasaga|mafiawars|cityville|crowdstar)\.com.*\/ 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-no-store store-stale
refresh_pattern (yimg|ytimg|twimg)\.com.*\/ 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-no-store store-stale
refresh_pattern (photobucket|overclockersclub)\.com.*\/ 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-no-store store-stale
refresh_pattern ^http:\/\/image|images|pics|thumbs[0-9]\. 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-no-store store-stale
refresh_pattern \.etology\? 129600 999999% 129600 override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern galleries\.video(\?|sz) 129600 999999% 129600 override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern brazzers\? 129600 999999% 129600 override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern \.adtology\? 129600 999999% 129600 override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern ^.*(streamate.doublepimp.com.*\.js\?|utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 129600 90% 129600 ignore-no-cache ignore-private override-expire ignore-reload
refresh_pattern garena\.com 129600 999999% 129600 override-expire reload-into-ims store-stale
refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 129600 999999% 129600 reload-into-ims override-expire ignore-private store-stale
refresh_pattern ^http:\/\/www.onemanga.com.*\/ 129600 999999% 129600 reload-into-ims ignore-no-cache ignore-no-store ignore-reload override-expire store-stale
refresh_pattern ^http://v\.okezone\.com/get_video\/([a-zA-Z0-9]) 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth override-lastmod negative-ttl=10080 store-stale
refresh_pattern speedtest.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png|swf|txt|js) 129600 999999% 129600 store-stale negative-ttl=0
refresh_pattern code.google.com.*(svn|download) 86400 50% 129600 reload-into-ims


# ANTI VIRUS
refresh_pattern avast.com.*\.vpx  43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern guru.avg.com/.*\.(bin) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern (avgate|avira).*(idx|gz)$ 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern kaspersky.*\.avc$ 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern kaspersky 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern update.nai.com/.*\.(gem|zip|mcs) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern ^http:\/\/liveupdate.symantecliveupdate.com.*\(zip|exe) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

# WINDOWS UPDATE
refresh_pattern windowsupdate.com/.*\.(cab|exe) 43200 999999% 129600 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern update.microsoft.com/.*\.(cab|exe) 43200 999999% 129600 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern download.microsoft.com/.*\.(cab|exe) 43200 999999% 129600 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale

#images facebook
refresh_pattern -i .*\.((facebook.com)|(85.131.151.39))\.(jpg|png|gif) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern -i .*\.fbcdn\.net\/.*\.((jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)|(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)\?) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

#banner IIX
refresh_pattern ^http:\/\/openx.*\.(jp(e?g|e|2)|gif|pn[pg]|swf|ico|css|tiff?) 129600 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/ads(1|2|3).kompas.com.*\/ 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/img.ads.kompas.com.*\/ 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern .kompasimages.com.*\.(jpg|gif|png|swf) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/openx.kompas.com.*\/ 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern kaskus.\us.*\.(jp(e?g|e|2)|gif|png|swf) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/img.kaskus.us.*\.(jpg|gif|png|swf) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale

#IIX DOWNLOAD
#refresh_pattern ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(mp3|rar|zip|flv|wmv|3gp|mp(4|3)|exe|msi|zip) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale ignore-auth



#All File without ?
refresh_pattern -i \.(3gp|avi|ac4|mp(e?g|a|e|1|2|3|4)|m4(a|v)|3g(p?2|p)|mk(a|v)|og(x|v|a|g|m)|wm(a|v)|wmx|wpl|rm|snd|vob|wav|asx|avi|qt|divx|flv|f4v|x-flv|dvr-ms|m(1|2)(v|p)|mov|mid) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(7z|ace|rar|jar|gz|tgz|bz2|iso|mod|arj|lha|lzh|zip|tar|cab|dat) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js|ad) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(exe|ms(i|u|p)|deb|bin|ax|r(a|p)m|app|pkg|apk) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(pp(t?x|t)|epub|pdf|rtf|wax|cb(r|z|t)|xl(s?x|s)|do(c?x|c)|inc) 129600 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale

refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern ^ftp: 10080 10% 43200 override-lastmod reload-into-ims store-stale
refresh_pattern . 180 10% 1440


########### END OF REFRESH PATTERN OPTION ################

global_internal_static off
max_stale 10 years
retry_on_error on
read_ahead_gap 32 KB

#################################################
# Simple delaypools added by imer :shakehand    #
# default setting is disabled                   #
# enable it by removing # mark at start of line #
#################################################

#acl time time SMTWHFA 09:00-23:59
#acl host url_regex -i "C:/squid/etc/host.acl"
#acl lambat url_regex -i "C:/squid/etc/lambat.acl"
#acl download urlpath_regex -i "C:/squid/etc/download.acl"

#delay_pools 3
#delay_access 1 allow host
#delay_access 1 deny all
#delay_access 2 allow download
#delay_access 2 deny all
#delay_access 3 allow lambat time
#delay_access 3 deny all

#delay_class 1 2
#delay_class 2 2
#delay_class 3 2

#delay_parameters 1 -1/-1 -1/-1
#delay_parameters 2 -1/-1 2000/100000
#delay_parameters 3 -1/-1 2000/100000

################ END DELAYPOOLS ################

##############################################
###              ACL RULEZ                 ###
##############################################

http_access allow PURGE manager localhost
http_access allow ym
http_access allow localhost
http_access allow localNet

http_access deny PURGE
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
http_reply_access allow all
icp_access allow all

################ END ACL RULEZ ################

##############################################
###          ANONYMITY OPTIONS             ###
##############################################

#header_access From deny all
#header_access Referer deny all
#header_access Server deny all
#header_access User-Agent deny all
#header_access WWW-Authenticate deny all
#header_access Link deny all

        header_access Accept-Encoding deny all
        header_access Proxy-Connection deny all
        header_access Cache-Control deny all
        header_access X-Cache deny all
        header_access X-Cache-Lookup deny all
        header_access X-Powered-By deny all
        header_access Via deny all
#        header_access Rewrite-URL deny all
#        header_access X-Rewrite-URL deny all
        header_access Forwarded-For deny all
        header_access X-Forwarder-For deny all
#        header_access Pragma deny all
#        header_access Keep-Alive deny all

################ ANONYMITY OPTIONS  ################

zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136

# LUSCA
n_aiops_threads 24
load_check_stopen on
load_check_stcreate on
download_fastest_client_speed on
# END LUSCA
Previous Post
Next Post
Related Posts

1 comment:

  1. Are you looking to make money from your traffic via popup ads?
    If so, did you take a look at PopCash?

    ReplyDelete