09 June 2012

Load Balance 2 Line Speedy + external Proxy

Load Balance 2 Line Speedy + external Proxy

Berikut script :
Set Interface disesuiakan Gan:
/ip adrress
- 192.168.4.1/24 interface proxy
- 192.168.1.1/24 interface lokal
- 192.168.2.1/24  interface modem1
- 192.168.3.1/24  interface modem2

/interface pppoe-client
add ac-name=”" add-default-route=no allow=pap,chap,mschap1,mschap2 comment=”"
dial-on-demand=no disabled=no interface=modem1 max-mru=1480 max-mtu=1480
mrru=disabled name=”spedaku” user=”******@telkom.net” password=”***” profile=default
service-name=”" use-peer-dns=no
add ac-name=”" add-default-route=no allow=pap,chap,mschap1,mschap2 comment=”"
dial-on-demand=no disabled=no interface=modem2 max-mru=1480 max-mtu=1480
mrru=disabled name=”spedamu” user=”******@telkom.net” password=”***” profile=default
service-name=”" use-peer-dns=no

/ip firewall mangle
add action=mark-packet chain=prerouting comment=proxy-hit disabled=no dscp=12
new-packet-mark=proxy-hit passthrough=yes
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0
max-limit=0 name=HIT packet-mark=proxy-hit parent=global-out priority=1
queue=default

## mangel
/ip firewall mangle
add action=mark-connection chain=input comment=
“PCC RULE —- MARK ALL PPPoE CONN” connection-state=new disabled=no
in-interface=pppoe_1 new-connection-mark=pppoe1_conn passthrough=yes
add action=mark-connection chain=input comment=”" connection-state=new
disabled=no in-interface=pppoe_2 new-connection-mark=pppoe2_conn
passthrough=yes
add action=mark-connection chain=prerouting comment=”" connection-state=
established disabled=no in-interface=pppoe_1 new-connection-mark=
pppoe1_conn passthrough=yes
add action=mark-connection chain=prerouting comment=”" connection-state=
established disabled=no in-interface=pppoe_2 new-connection-mark=
pppoe2_conn passthrough=yes
add action=mark-connection chain=prerouting comment=”" connection-state=
related disabled=no in-interface=pppoe_1 new-connection-mark=pppoe1_conn
passthrough=yes
add action=mark-connection chain=prerouting comment=”" connection-state=
related disabled=no in-interface=pppoe_2 new-connection-mark=pppoe2_conn
passthrough=yes
add action=mark-routing chain=output comment=”" connection-mark=pppoe1_conn
disabled=no new-routing-mark=pppoe_1 passthrough=no
add action=mark-routing chain=output comment=”" connection-mark=pppoe2_conn
disabled=no new-routing-mark=pppoe_2 passthrough=no

/ip firewall mangle
add action=mark-connection chain=prerouting comment=
“PCC RULE MARK HTTP CONN” connection-state=established disabled=no
dst-address-type=!local dst-port=80 in-interface=proxy
new-connection-mark=http_pppoe_1 passthrough=yes
per-connection-classifier=both-addresses-and-ports:2/0 protocol=tcp
add action=mark-connection chain=prerouting comment=”" connection-state=
established disabled=no dst-address-type=!local dst-port=80 in-interface=
proxy new-connection-mark=http_pppoe_2 passthrough=yes
per-connection-classifier=both-addresses-and-ports:2/1 protocol=tcp
add action=mark-connection chain=prerouting comment=”" connection-state=
related disabled=no dst-address-type=!local dst-port=80 in-interface=
proxy new-connection-mark=http_pppoe_1 passthrough=yes
per-connection-classifier=both-addresses-and-ports:2/0 protocol=tcp
add action=mark-connection chain=prerouting comment=”" connection-state=
related disabled=no dst-address-type=!local dst-port=80 in-interface=
proxy new-connection-mark=http_pppoe_2 passthrough=yes
per-connection-classifier=both-addresses-and-ports:2/1 protocol=tcp
/ip firewall mangle
add action=mark-connection chain=prerouting comment=
“PCC RULE —- MARK – NON -HTTP CONN” connection-state=established
disabled=no dst-address-type=!local dst-port=!80 in-interface=lokal
new-connection-mark=non.http_pppoe_1 passthrough=yes
per-connection-classifier=both-addresses-and-ports:2/0 protocol=tcp
add action=mark-connection chain=prerouting comment=”" connection-state=
established disabled=no dst-address-type=!local dst-port=!80
in-interface=lokal new-connection-mark=non.http_pppoe_2 passthrough=yes
per-connection-classifier=both-addresses-and-ports:2/1 protocol=tcp
add action=mark-connection chain=prerouting comment=”" connection-state=
related disabled=no dst-address-type=!local dst-port=!80 in-interface=lokal
new-connection-mark=non.http_pppoe_1 passthrough=yes
per-connection-classifier=both-addresses-and-ports:2/0 protocol=tcp
add action=mark-connection chain=prerouting comment=”" connection-state=
related disabled=no dst-address-type=!local dst-port=!80 in-interface=lokal
new-connection-mark=non.http_pppoe_2 passthrough=yes
per-connection-classifier=both-addresses-and-ports:2/1 protocol=tcp
add action=mark-connection chain=prerouting comment=”" connection-state=
established disabled=no dst-address-type=!local in-interface=lokal
new-connection-mark=non.http_pppoe_1 passthrough=yes
per-connection-classifier=both-addresses-and-ports:2/0 protocol=udp
add action=mark-connection chain=prerouting comment=”" connection-state=
established disabled=no dst-address-type=!local in-interface=lokal
new-connection-mark=non.http_pppoe_2 passthrough=yes
per-connection-classifier=both-addresses-and-ports:2/1 protocol=udp
add action=mark-connection chain=prerouting comment=”" connection-state=
related disabled=no dst-address-type=!local in-interface=lokal
new-connection-mark=non.http_pppoe_1 passthrough=yes
per-connection-classifier=both-addresses-and-ports:2/0 protocol=udp
add action=mark-connection chain=prerouting comment=”" connection-state=
related disabled=no dst-address-type=!local in-interface=lokal
new-connection-mark=non.http_pppoe_2 passthrough=yes
per-connection-classifier=both-addresses-and-ports:2/1 protocol=udp

/ip firewall mangle
add action=mark-routing chain=prerouting comment=
“PCC RULE —- MARK – HTTP ROUTE” connection-mark=http_pppoe_1 disabled=
no new-routing-mark=pppoe_1 passthrough=yes
add action=mark-routing chain=prerouting comment=”" connection-mark=
http_pppoe_2 disabled=no new-routing-mark=pppoe_2 passthrough=yes
add action=mark-routing chain=prerouting comment=
“PCC RULE  MARK NON HTTP ROUTE” connection-mark=non.http_pppoe_1
disabled=no new-routing-mark=pppoe_1 passthrough=yes
add action=mark-routing chain=prerouting comment=”" connection-mark=
non.http_pppoe_2 disabled=no new-routing-mark=pppoe_2 passthrough=yes
#Nat
/ip firewall nat
add action=masquerade chain=srcnat comment=MASQUERADE1 disabled=no
out-interface=spedaku
add action=masquerade chain=srcnat comment=MASQUERADE2 disabled=no
out-interface=spedamu
add action=masquerade chain=srcnat comment=MASQUERADE3 disabled=no
out-interface=proxy
add action=dst-nat chain=dstnat comment=TRANSPARENT-DNS disabled=no dst-port=
53 in-interface=lokal protocol=udp to-ports=53
add action=dst-nat chain=dstnat comment=”" disabled=no dst-port=53
in-interface=lokal protocol=tcp to-ports=53
add action=dst-nat chain=dstnat comment=”" disabled=no dst-port=53
in-interface=proxy protocol=udp to-ports=53
add action=dst-nat chain=dstnat comment=”" disabled=no dst-port=53
in-interface=proxy protocol=tcp to-ports=53
add action=dst-nat chain=dstnat comment=TRANSPARENT-proxy disabled=no
dst-address-list=!proxyNET dst-port=80,8080,3128 in-interface=lokal
protocol=tcp to-addresses=192.168.4.2 to-ports=3128
add action=dst-nat chain=dstnat comment=”REMOTE PROXY” disabled=no
dst-address=118.96.40.xxx dst-port=22 protocol=tcp to-addresses=
192.168.4.2 to-ports=22

#Addres List
/ip firewall address-list
add address=192.168.1.0/24 comment=”" disabled=no list=lanNET
add address=192.168.4.0/24 comment=”" disabled=no list=proxyNET
#Routing
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=
spedaku routing-mark=pppoe_1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=
spedamu routing-mark=pppoe_2 scope=30 target-scope=10
add check-gateway=ping comment=Default-Route-pppoe1-Distance-1 disabled=no
distance=1 dst-address=0.0.0.0/0 gateway=spedaku scope=30 target-scope=10
add check-gateway=ping comment=Default-Route-pppoe2-Distance-2 disabled=no
distance=2 dst-address=0.0.0.0/0 gateway=spedamu scope=30 target-scope=10

Catatan tambahan :
Di Edisi Berikutnya sy tambahkan Rule untuk Optimalisasi pada Game Online dan POker Untuk Optimal dan Terbebas dari LAG…
Rule untuk game online dan Poker masih di evaluasi lebih lanjut.. jadi mohon sabar yaaaa.. :-)
Load Balance 2 Line Speedy + external Proxy Suport Game Online dan Poker

08 June 2012

LOAD BALANCING 3 LINE SPEEDY PAKET GAME



# LOAD BALANCING 3 LINE SPEEDY PAKET GAME 
# Diterapkan pada Mikrotik RouterOS 4.2 dan sudah di UJI dan di COBA 100% berjalan dengan aman nyampe sekarang

Spesifikasi PC Router yang di gunakan :
- Intel Pentium 4 2,6 Ghz
- Mikrotik DOM level 4
- DDR2 1 Gb
- HDD 40 Gb
- 3 Lan Card

Interface :
3 Line Speedy
  - SPEEDY1 (192.168.1.2) => MODEM1 (2 Mbps) BRIDGE (192.168.1.1)
  - SPEEDY2 (192.168.2.2) => MODEM2 (2 Mbps) BRIDGE (192.168.2.1)
  - SPEEDY3 (192.168.3.2) => MODEM3 (1 Mbps) BRIDGE (192.168.3.1)
1 Local    (192.168.0.30)
  - JUMLAH CLINET 14 PC 
  - IP address client 192.168.0.1 - 192.168.0.14 
  - IP address untuk OP 192.168.0.25
  - Subnet mask 255.255.255.224
  - Default Gateway 192.168.0.30
  - DNS Server 192.168.0.30

Ganti ID dan PASSWORD sesuai dengan id speedy (atau isp lain) sesuai dengan id yg diperoleh dari isp langganan anda, pada tulisan yang bercetak tebal dan miring, dan jangan lupa MODEM di seting BRIDGE

Maaf sebelumnya saya masih NEWbie, seandainya ada kekeliruan atau kesalah mohon di koreksi...

Silahkan di cicipi, tinggal copy paste pada CONSOLE mikrotik.
- Boleh disebar luaskan
- Boleh diedit
- COPYLEFT (HAK CIPTA HANYA MILIK ALLAH SWT) 


#== COPY MULAI DARI SINI ===#

06 June 2012

High Performance Lusca Squid Proxy Server Ubuntu Instalasi dan Tunneling



Setelah beberapa waktu lalu menjelaskan dokumentasi mengenai instalasi Lusca Squid: Install High Performance Proxy CentOS 6x, kali ini ada beberapa dokumentasi Instalasi dan Tunnelling Super High Proxy Server pada Ubuntu, didalam tulisan ini menggunakan Ubuntu Server 11.10. langsung saja ikuti langkah-lahkan berikut:

Beberapa tool tambahan yang mungkin perlu anda periksa/instal:
 
 Lakukan instalasi dependensi yang di butuhkan:
 
Download LUSCA_HEAD-r14809:
 
Compile, configure dan install Lusca Squid dengan perintah berikut:
 
 
Konfigurasi dan Tunnelling Lusca Squid
 
 Membuat folder-folder swap/cache di dalam folder cache yang telah ditentukan dengan perintah:


 Periksa konfigurasi squid
 
Jika tidak terdapat error jalankan squid
:
Arahkan browser anda ke port proxy (3128), dan periksa log squid dengan perintah:
 Reboot/restart CPU Ubuntu anda...

Update: Untuk kinerja proxy server lebih maksimal, update Squid Proxy Server Youtube Cache terbaru ada disini Squid Proxy Server Youtube Cache

squid.conf dan storeurl.pl

# WELCOME TO SQUID LUSCA_HEAD-r14809 #
# ---------------------------------- #
# Revisi terakhir 20/APRIL/2012 #
# di P4 1,8GHz 512 RAM #
# Java AnggreK Komputer #
# http://javaanggrekkomputer.blogspot.com # 


#start of config 
http_port 192.168.40.250:3128 transparent
http_port 127.0.0.1:3128
icp_port 3130
server_http11 on 
cache_effective_user proxy
cache_effective_group proxy 


#error_directory /usr/share/squid/errors/English
#icon_directory /usr/share/squid/icons
visible_hostname JAKKOM
cache_mgr java_anggrek@yahoo.co.id
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
log_http_violations off
logfile_rotate 1
shutdown_lifetime 10 seconds
forwarded_for off 


#ini adalah ip LOCAL LAN yang mengakses squid
acl localnet src 192.168.1.0/24
acl localnet src 192.168.10.0/24
acl localnet src 192.168.20.0/24
acl localnet src 192.168.40.0/24
acl localnet src 192.168.50.0/24 
uri_whitespace strip 


#jika memakai unbound
nameserver 127.0.0.1
#jika tanpa unbound
#dns_nameservers 202.134.1.10 202.134.0.155 8.8.8.8 8.8.4.4


cache_mem 8 MB
maximum_object_size_in_memory 8 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA


cache_dir aufs /cache/cache1 10000 23 256
cache_dir aufs /cache/cache2 10000 23 256
cache_dir aufs /cache/cache3 10000 23 256
cache_dir aufs /cache/cache4 10000 23 256
cache_dir aufs /cache/cache5 10000 23 256 


minimum_object_size 512 bytes
maximum_object_size 102400 KB
offline_mode off
cache_swap_low 98
cache_swap_high 99 


# redirector configured
#redirect_program /usr/local/etc/squid/squid.redirect
storeurl_rewrite_program /usr/share/squid/storeurl.pl
storeurl_rewrite_children 2
storeurl_rewrite_concurrency 99
storeurl_bypass on 


# Setup some default acls
acl all src all
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 667 777 901 81 3128 1025-65535
acl sslports port 443 563 81
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT 


acl nocache-domain dstdomain .login.yahoo.com 
cache deny nocache-domain
always_direct allow nocache-domain 
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports 


# Always allow localhost connections
http_access allow localhost 
# Allow local network(s) on interface(s)
http_access allow localnet 


# Default block all to be sure
http_access deny all 
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache 


# Yahoo! Messenger
acl ym dstdomain .messenger.yahoo.com .psq.yahoo.com
acl ym dstdomain .us.il.yimg.com .msg.yahoo.com .pager.yahoo.com
acl ym dstdomain .rareedge.com .ytunnelpro.com .chat.yahoo.com
acl ym dstdomain .voice.yahoo.com 
acl ymregex url_regex yupdater.yim ymsgr myspaceim 


# Other protocols Yahoo!Messenger uses ??
acl ym dstdomain .skype.com .imvu.com 


## REWRITE
acl speedtest dstdom_regex -i speedtest.*\.
acl store_rewrite_list urlpath_regex .*\/speedtest\/.*\.(jpg|txt)
acl store_rewrite_list urlpath_regex .*\.ak\.fbcdn\.net\/
acl store_rewrite_list urlpath_regex http:\/\/199\.91\.15\d\.\d*\/\w{12}\/(\w*)\/(.*)
acl store_rewrite_list urlpath_regex s[0-9]*\.filesonic\.com\/download\/.*
acl store_rewrite_list urlpath_regex [a-zA-Z]{2}[0-9]*\.4shared\.com\/download\/
acl store_rewrite_list urlpath_regex \/(watch\?|get_video\?|videodownload\?|videoplayback.*id)
acl store_rewrite_list urlpath_regex \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|wmv|3gp|mp(4|3)|exe|msi|zip|on2|mar|rar|cab)\?
acl store_rewrite_list_domain url_regex ^http:\/\/([a-zA-Z-]+[0-9-]+)\.[A-Za-z]*\.[A-Za-z]*
acl store_rewrite_list_domain url_regex (([a-z]{1,2}[0-9]{1,3})|([0-9]{1,3}[a-z]{1,2}))\.[a-z]*[0-9]?\.[a-z]{3}
acl store_rewrite_list_path urlpath_regex \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|avc|zip|mp3|3gp|rar|on2|mar|exe|cab)$
acl store_rewrite_list_domain_CDN url_regex \.rapidshare\.com.*\/[0-9]*\/.*\/[^\/]* ^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*) \.doubleclick\.net.*
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/[.a-z0-9]*\.photobucket\.com.*\.[a-z]{3}$ quantserve\.com
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/[a-z]+[0-9]\.google\.co(m|\.id)
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(rar|zip|flv|wm(a|v)|3gp|mp(4|3)|exe|msi|avi|(mp(e?g|a|e|1|2|3|4))|cab|exe) 


acl dontrewrite url_regex redbot\.org \.php
acl getmethod method GET 


storeurl_access allow speedtest
storeurl_access deny dontrewrite
storeurl_access deny !getmethod
storeurl_access allow store_rewrite_list_domain_CDN
storeurl_access allow store_rewrite_list
storeurl_access allow store_rewrite_list_domain
storeurl_access allow store_rewrite_list_path
storeurl_access deny all 


##############################################
### REFRESH PATTERN OPTION ###
############################################## 
# 1 year = 525600 mins, 1 month = 43800 mins
refresh_pattern imeem.*\.flv 0 0% 0 override-lastmod override-expire store-stale
refresh_pattern \.rapidshare.*\/[0-9]*\/.*\/[^\/]* 129600 90% 129600 ignore-reload store-stale
refresh_pattern ^http:\/\/199\.91\.15\d\.\d*\/\w{12}\/(\w*)\/(.*) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale negative-ttl=0
refresh_pattern ^http:\/\/s[0-9]*\.filesonic\.com\/download\/([0-9]*)\/(.*) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale negative-ttl=0
refresh_pattern ^http:\/\/[a-zA-Z]{2}\d*\.4shared\.com(:8080|)\/download\/(.*)\/(.*\..*)\?.* 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern (watch\?|get_video\?|videoplayback\?|videodownload\?|\.flv?) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale negative-ttl=0
refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\? 129600 999999% 129600 override-expire override-lastmod ignore-no-cache store-stale
refresh_pattern \.(ico|video-stats) 129600 999999% 129600 override-expire override-lastmod ignore-reload ignore-no-cache ignore-private ignore-auth ignore-no-store negative-ttl=10080 store-stale
refresh_pattern ^http://(cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.id) 129600 999999% 129600 override-expire ignore-reload ignore-private negative-ttl=10080 store-stale
refresh_pattern ^http://(kh|khmdb|mw1)\.google\.com 129600 999999% 129600 override-expire ignore-reload ignore-private negative-ttl=10080 store-stale
refresh_pattern ^http:\/\/[a-z]+[0-9]\.google\.co(m|\.id) 129600 999999% 129600 override-expire ignore-reload ignore-private negative-ttl=10080 store-stale
refresh_pattern ^.*safebrowsing.*google 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-no-store negative-ttl=10080 store-stale
refresh_pattern (zynga|zgncdn)\.com.*\/ 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-no-store store-stale
refresh_pattern (ninjasaga|mafiawars|cityville|crowdstar)\.com.*\/ 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-no-store store-stale
refresh_pattern (yimg|ytimg|twimg)\.com.*\/ 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-no-store store-stale
refresh_pattern (photobucket|overclockersclub)\.com.*\/ 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-no-store store-stale
refresh_pattern ^http:\/\/image|images|pics|thumbs[0-9]\. 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-no-store store-stale
refresh_pattern \.etology\? 129600 999999% 129600 override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern galleries\.video(\?|sz) 129600 999999% 129600 override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern brazzers\? 129600 999999% 129600 override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern \.adtology\? 129600 999999% 129600 override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern garena\.com 129600 999999% 129600 override-expire reload-into-ims store-stale
refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 129600 999999% 129600 reload-into-ims override-expire ignore-private store-stale
refresh_pattern ^http:\/\/www.onemanga.com.*\/ 129600 999999% 129600 reload-into-ims ignore-no-cache ignore-no-store 


ignore-reload override-expire store-stale
refresh_pattern ^http://v\.okezone\.com/get_video\/([a-zA-Z0-9]) 129600 999999% 129600 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth override-lastmod negative-ttl=10080 store-stale
refresh_pattern speedtest.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png|swf|txt|js) 129600 999999% 129600 store-stale negative-ttl=0
refresh_pattern code.google.com.*(svn|download) 86400 50% 129600 reload-into-ims 


# ANTI VIRUS
refresh_pattern avast.com.*\.vpx 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern guru.avg.com/.*\.(bin) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern (avgate|avira).*(idx|gz)$ 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern kaspersky.*\.avc$ 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern kaspersky 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern update.nai.com/.*\.(gem|zip|mcs) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern ^http:\/\/liveupdate.symantecliveupdate.com.*\(zip) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale 


# WINDOWS UPDATE
refresh_pattern windowsupdate.com/.*\.(cab|exe) 43200 999999% 129600 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale 
refresh_pattern update.microsoft.com/.*\.(cab|exe) 43200 999999% 129600 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale
refresh_pattern download.microsoft.com/.*\.(cab|exe) 43200 999999% 129600 ignore-no-cache ignore-no-store ignore-reload reload-into-ims store-stale 


#images facebook
refresh_pattern -i .*\.((facebook.com)|(85.131.151.39))\.(jpg|png|gif) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern -i .*\.fbcdn\.net\/.*\.((jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)|(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)\?) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-private override-expire ignore-no-cache
refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache 


ignore-no-store store-stale
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png) 129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale 


#banner IIX
refresh_pattern ^http:\/\/openx.*\.(jp(e?g|e|2)|gif|pn[pg]|swf|ico|css|tiff?) 129600 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/ads(1|2|3).kompas.com.*\/ 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/img.ads.kompas.com.*\/ 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern .kompasimages.com.*\.(jpg|gif|png|swf) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/openx.kompas.com.*\/ 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern kaskus.\us.*\.(jp(e?g|e|2)|gif|png|swf) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/img.kaskus.us.*\.(jpg|gif|png|swf) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale 


#IIX DOWNLOAD
refresh_pattern ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(mp3|rar|zip|flv|wmv|3gp|mp(4|3)|exe|msi|zip) 43200 99999% 129600 reload-into-ims ignore-reload override-expire ignore-no-cache ignore-no-store store-stale 


#All File with ?
refresh_pattern -i \.(3gp|avi|ac4|mp(e?g|a|e|1|2|3|4)|m4(a|v)|3g(p?2|p)|mk(a|v)|og(x|v|a|g|m)|wm(a|v)|wmx|wpl|rm|snd|vob|wav|asx|avi|qt|divx|flv|f4v|x-flv|dvr-ms|m(1|2)(v|p)|mov|mid)\? 129600 999999% 129600 ignore-no-cache 
refresh_pattern -i \.(7z|ace|rar|jar|gz|tgz|bz2|iso|mod|arj|lha|lzh|zip|tar|cab|dat)\? 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js|ad)\? 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-
refresh_pattern -i \.(exe|ms(i|u|p)|deb|bin|ax|r(a|p)m|app|pkg|apk)\? 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(pp(t?x|t)|epub|pdf|rtf|wax|cb(r|z|t)|xl(s?x|s)|do(c?x|c)|inc)\? 129600 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-i 


#All File without ?
refresh_pattern -i \.(3gp|avi|ac4|mp(e?g|a|e|1|2|3|4)|m4(a|v)|3g(p?2|p)|mk(a|v)|og(x|v|a|g|m)|wm(a|v)|wmx|wpl|rm|snd|vob|wav|asx|avi|qt|divx|flv|f4v|x-flv|dvr-ms|m(1|2)(v|p)|mov|mid) 129600 999999% 129600 ignore-no-cache
refresh_pattern -i \.(7z|ace|rar|jar|gz|tgz|bz2|iso|mod|arj|lha|lzh|zip|tar|cab|dat) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-i
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js|ad) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-st
refresh_pattern -i \.(exe|ms(i|u|p)|deb|bin|ax|r(a|p)m|app|pkg|apk) 129600 999999% 129600 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(pp(t?x|t)|epub|pdf|rtf|wax|cb(r|z|t)|xl(s?x|s)|do(c?x|c)|inc) 129600 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private override-expire override-lastmod reload-into-ims 


refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern ^ftp: 10080 10% 43200 override-lastmod reload-into-ims store-stale
refresh_pattern . 180 10% 1440 


acl snmp_host src 127.0.0.1
snmp_port 3401
acl snmppublic snmp_community public
snmp_access allow snmppublic snmp_host
snmp_access deny all 


zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136 


global_internal_static off
max_stale 10 years
retry_on_error on
buffered_logs off
read_ahead_gap 16 KB 


header_access Accept-Encoding deny all
client_persistent_connections on
server_persistent_connections on
half_closed_clients off
strip_query_terms off
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 100
vary_ignore_expire on
reload_into_ims on
pipeline_prefetch on
#range_offset_limit 50 KB
read_timeout 30 minutes
client_lifetime 6 hours
negative_ttl 60 seconds
positive_dns_ttl 6 hours
negative_dns_ttl 60 seconds
pconn_timeout 15 seconds
request_timeout 1 minute
store_avg_object_size 13 KB
log_icp_queries off
ipcache_size 1024
ipcache_low 98
ipcache_high 99
log_fqdn off
fqdncache_size 4096
memory_pools off
#memory_pools_limit 1024 MB
#forwarded_for on 
#cachemgr_passwd none info
cachemgr_passwd none all
client_db on
n_aiops_threads 24
load_check_stopen on 
load_check_stcreate on
download_fastest_client_speed on 
##end config


storeurl.pl nya disimpan
disini :)


terimakasih buat yang telah berbagi ilmu dengan ikhlas :)