squid.conf dan storeurl.pl untuk squid3

squid3.conf

#=======================================#
# SQUID Edit By: udinkepsuk.                           
# muarabungo-jambi                                    
# kepsuktv.blogspot.com                       
#=======================================#
acl localnet src 10.0.0.0/8    # RFC1918 possible internal network
acl localnet src 172.16.0.0/12    # RFC1918 possible internal network
acl localnet src 192.168.0.0/16    # RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines

acl SSL_ports port 443
acl Safe_ports port 80        # http
acl Safe_ports port 21        # ftp
acl Safe_ports port 443        # https
acl Safe_ports port 70        # gopher
acl Safe_ports port 210        # wais
acl Safe_ports port 1025-65535    # unregistered ports
acl Safe_ports port 280        # http-mgmt
acl Safe_ports port 488        # gss-http
acl Safe_ports port 591        # filemaker
acl Safe_ports port 777        # multiling http
acl CONNECT method CONNECT

acl QUERY urlpath_regex -i (begin|start)\=
acl QUERY urlpath_regex -i cgi-bin \? .php$ .asp$ .shtml$ .cfm$ .cfml$ .phtml$ .php3$ localhost
acl dontrewrite url_regex -i c\.youtube\.com\/.*(begin|start)\=.*
acl dontrewrite url_regex redbot\.org
acl getmethod method GET
acl redir urlpath_regex -i &redirect_counter=1&cms_redirect=yes
acl redir urlpath_regex -i &ir=1&rr=12
acl yutub url_regex -i youtube\.com\/(generate_204|ptracking|stream_204|player_204|s|(.*(playback|watchtime|delayplay)))\?.*$
acl yutub url_regex -i gstatic\.com\/csi\?.*$

acl rewritedoms url_regex -i dl\.sourceforge\.net.*
acl rewritedoms url_regex -i i[0-9]*\.ytimg\.com.*
acl rewritedoms url_regex -i ak\.fbcdn\.net.*
acl rewritedoms url_regex -i (youtube|google).*\/videoplayback\?.*

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access deny all

### untuk pertama kali config jalankan perintah berikut "/usr/lib/squid3/ssl_crtd -c -s /etc/squid3/ssl_db"
https_port 3127 tproxy ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid3/myCA.pem
http_port 3128
http_port 3129 tproxy
always_direct allow all
ssl_bump server-first all
sslcrtd_program /usr/lib/squid3/ssl_crtd -s /etc/squid3/ssl_db -M 4MB
sslcrtd_children 5
sslproxy_cert_error deny all

hierarchy_stoplist cgi-bin ?

cache allow rewritedoms
cache deny QUERY
cache deny redir

memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_mem 128 MB
maximum_object_size_in_memory 8 KB
minimum_object_size 1 KB
maximum_object_size 1024 MB
cache_swap_low 95
cache_swap_high 99

cache_dir aufs /cache01 5320 12 256 max-size=128000
cache_dir aufs /cache02 5320 12 256 max-size=128000
cache_dir aufs /cache03 87115 10 256 min-size=128000
cache_dir aufs /cache04 87115 10 256 min-size=128000
cache_dir aufs /cache05 87115 10 256 min-size=128000
coredump_dir /var/spool/squid3

#logformat squid1 %{Referer}>h %ru
#access_log /var/log/squid3/yt.log squid1 yutub
access_log /var/log/squid3/access.log
cache_log /var/log/squid3/cache.log
cache_store_log none
logfile_rotate 5
log_icp_queries off

store_id_program /etc/squid3/store-id.pl
store_id_children 20 startup=10 idle=5 concurrency=30
store_id_access deny !getmethod
store_id_access deny redir
store_id_access deny dontrewrite
store_id_access allow rewritedoms
store_id_access deny all

strip_query_terms off

max_stale 1 week

refresh_pattern .*(begin|start)\=[1-9][0-9].*               0 0% 0
refresh_pattern -i (cgi-bin|mrtg|graph) 0 0% 0
refresh_pattern -i \.(php|lst|ui|ini|list)$ 0 0% 0
refresh_pattern (update.ini|Update.ini|version.list|Version.list|update.1st|update.exe|autoup.exe) 0 0% 0
refresh_pattern (hackshield|nprotect) 240 100% 420 override-expire override-lastmod reload-into-ims
#refresh_pattern \.gemscool.com.*\.(exe|dll|cab|zip|iop|npz|swf)$ 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale
#refresh_pattern \.crossfire.web.id.*\.(cab|zip|exe|rar|dat|swf)$ 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale
#refresh_pattern \.cabalonline.co.id.*\.(cab|zip|exe|rar|dat|swf) 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale
#refresh_pattern \.megaxus.com.*\.(cab|zip|exe|rar|dat|swf) 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale
#refresh_pattern \.lytogame.com.*\.(cab|zip|exe|rar|dat|swf) 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale
#refresh_pattern ((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})\.){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2}).*\.(pak|exe|zip|kom|stg|npz|swf)$ 1440 100% 4320 override-expire override-lastmod reload-into-ims ignore-auth store-stale

#PATTERN REFRESH
refresh_pattern -i \.(html|htm|css|js|png|jsp|asx|asp|aspx)$ 240 100% 420
refresh_pattern -i \/speedtest\/.*\.(txt|jpg|png|swf)  0  99% 14400 override-expire ignore-reload ignore-private ignore-reload override-lastmod reload-into-ims
refresh_pattern .pixieimage\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3))  1440 99% 14400 override-expire ignore-reload ignore-private ignore-reload override-lastmod reload-into-ims
refresh_pattern .blogspot\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3))  1440 99% 14400 override-expire ignore-reload ignore-private ignore-reload override-lastmod reload-into-ims
refresh_pattern .multiply\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3))  1440 99% 14400 override-expire ignore-reload ignore-private ignore-reload override-lastmod reload-into-ims
refresh_pattern .((pikawarnet\.com)|(blogspot\.com)|(pixieimage\.com)|(multiply\.com)).*  60  30% 240

#FB
refresh_pattern \.facebook\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 1440 99% 14400 override-expire ignore-reload ignore-private
refresh_pattern \.facebook\.com.* 240 50% 480
refresh_pattern \.fbcdn\.net.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3))  1440 99% 14400 override-expire ignore-reload ignore-private store-stale
refresh_pattern \.gstatic\.com/images\? 1440 99% 14400 override-expire override-lastmod ignore-reload ignore-private ignore-must-revalidate
refresh_pattern \.(akamaihd|edgecastcdn|spilcdn|zgncdn|(tw|y|yt)img)\.com.*\.(jp(e?g|e|2)|gif|png|swf|mp(3|4)) 1440 99% 14400 override-expire override-lastmod ignore-reload ignore-private
refresh_pattern (gstatic|diggstatic)\.com/.* 1440 99% 14400 override-expire ignore-reload ignore-private
refresh_pattern (photobucket|pbsrc|flickr|yimg|ytimg|twimg|gravatar)\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 1440 99% 14400 override-expire ignore-reload ignore-private
refresh_pattern (zynga|ninjasaga|mafiawars|cityville|farmville|crowdstar|spilcdn|agame|popcap)\.com/.* 1440 99% 14400 override-expire ignore-reload ignore-private
refresh_pattern ^http:\/\/images|image|img|pics|openx|thumbs[0-9]\. 1440 99% 14400 override-expire ignore-reload ignore-private
refresh_pattern ^.*safebrowsing.*google 1440 99% 14400 override-expire ignore-reload ignore-private ignore-auth ignore-must-revalidate
refresh_pattern ^http://.*\.squid\.internal\/.*  10080 100%  79900 override-expire override-lastmod ignore-reload ignore-no-store ignore-must-revalidate ignore-private ignore-auth max-stale=10000 store-stale
refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv\?|\.fid\?) 43200 99% 43200 override-expire ignore-reload ignore-must-revalidate ignore-private

#general
refresh_pattern -i \.(7z|arj|bin|bz2|cab|dll|exe|gz|inc|iso|jar|lha|ms(i|p|u)|rar|rpm|tar|tgz|zip|rtp|rpz|nui|kom|stg|pak|sup|nzp|npz|iop)$ 1440 99% 14400 override-expire override-lastmod ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
refresh_pattern -i \.(class|doc|docx|pdf|pps|ppt|ppsx|pptx|ps|rtx|txt|wpl|xls|xlsx)$ 1440 99% 14400 override-expire override-lastmod ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
refresh_pattern -i \.(3gp|ac4|agx|au|avi|axd|bmp|cbr|cbt|cbz|dat|divx|flv|gif|hqx|ico|jp(2|e|eg|g)|mid|mk(a|v)|mov|mp(1|2|3|4|e|eg|g)|og(a|g|v)|qt|ra|ram|rm|swf|tif|tiff|wa(v|x)|wm(a|v|x)|x-flv)$ 1440 99% 14400 override-expire override-lastmod ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
refresh_pattern -i .(html|htm|css|js)$ 1440 75% 40320
refresh_pattern -i .index.(html|htm)$ 0 75% 10080
refresh_pattern ^ftp:        1440    20%    10080
refresh_pattern ^gopher:    1440    0%    1440
refresh_pattern -i (/cgi-bin/|\?) 0    0%    0
refresh_pattern . 60 50% 14400 store-stale

memory_pools off
client_db off
#reload_into_ims on
pipeline_prefetch on
offline_mode off
cache_effective_user proxy
cache_effective_group proxy

request_header_access From deny all
request_header_access Server deny all
request_header_access WWW-Authenticate deny all
request_header_access Link deny all
request_header_access Cache-Control deny all
request_header_access Proxy-Connection deny all
request_header_access X-Cache deny all
request_header_access X-Cache-Lookup deny all
request_header_access Via deny all
request_header_access Forwarded-For deny all
request_header_access X-Forwarded-For deny all
request_header_access Pragma deny all
request_header_access Keep-Alive deny all
vary_ignore_expire on

# local
qos_flows local-hit=0x30
# sibling
# qos_flows sibling-hit=0x31
# parent
# qos_flows parent-hit=0x32
# preserve
# qos_flows disable-preserve-miss

storeurl.pl

#!/usr/bin/perl
# EDIT BY: www.mr-ekoapriadi.blogspot.com
# edisi@2013

# send link from youtube contain >> (ptracking|stream_204|player_204|gen_204) to storeurl

$|=1;
while (<>) {
@X = split;

if ( $X[0] =~ m/^http\:\/\/.*/) {
$x = $X[0];
$_ = $X[0];
$u = $X[0];
} else {
$x = $X[1];
$_ = $X[1];
$u = $X[1];
}

if ($x =~ m/^http(|s)\:\/\/.*youtube.*(ptracking|stream_204|player_204|gen_204).*(video_id|docid|v)\=([^\&\s]*).*/){
        $vid = $4 ;
        @cpn = m/[&?]cpn\=([^\&\s]*)/;
        $fn = "/var/log/squid/@cpn";
        unless (-e $fn) {
            open FH,">".$fn ;
            print FH "$vid\n";
            close FH;
        }
        $out = $x . "\n";

} elsif ($x =~ m/^http\:\/\/.*(youtube|google).*videoplayback.*/){
        @itag = m/[&?](itag=[0-9]*)/;
        @ids = m/[&?]id\=([^\&\s]*)/;
        @mime = m/[&?](mime\=[^\&\s]*)/;
        @cpn = m/[&?]cpn\=([^\&\s]*)/;
        $fn = "/var/log/squid/@cpn";
        if (-e $fn) {
            open FH,"<".$fn ;
            $id  = <fh>;
            chomp $id ;
            close FH ;
        } else {
            $id = $ids[0] ;
        }
        @range = m/[&?](range=[^\&\s]*)/;
        $out = "http://video-srv.youtube.com.SQUIDINTERNAL/id=" . $id . "&@itag@range@mime";
       
} elsif ($x =~ m/^http\:\/\/.*(profile|photo|creative).*\.ak\.fbcdn\.net\/((h|)(profile|photos)-ak-)(snc|ash|prn)[0-9]?(.*)/) {
        $out="http://fbcdn.net.squid.internal/" . $2  . "fb" .  $6  ;

} elsif ($x =~ m/^http:\/\/i[1-4]\.ytimg\.com\/(.*)/) {
        $out="http://ytimg.com.squid.internal/" . $1 ;

} elsif ($x =~ m/^http:\/\/.*\.dl\.sourceforge\.net\/(.*)/) {
          $out="http://dl.sourceforge.net.squid.internal/" . $1 ;

#Speedtest
} elsif ($x =~ m/^http\:\/\/.*\/speedtest\/(.*\.(jpg|txt)).*/) {
        $out="http://speedtest.squid.internal/" . $1 ;
       
        #BLOGSPOT
} elsif ($x =~ m/^http:\/\/[1-4]\.bp\.(blogspot\.com.*)/) {
        $out="http://blog-cdn." . $1  ;

#AVAST
} elsif ($x =~ m/^http:\/\/download[0-9]{3}.(avast.com.*)/) {
          $out="http://avast-cdn." . $1  ;

#AVAST
} elsif ($x =~ m/^http:\/\/[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*\/(iavs.*)/) {
        $out="http://avast-cdn.avast.com/" . $1  ;

#KAV
} elsif ($x =~ m/^http:\/\/dnl-[0-9]{2}.(geo.kaspersky.com.*)/) {
          $out="http://kav-cdn." . $1  ;

#AVG
} elsif ($x =~ m/^http:\/\/update.avg.com/) {
          $out="http://avg-cdn." . $1  ;

#maps.google.com
} elsif ($x =~ m/^http:\/\/(cbk|mt|khm|mlt|tbn)[0-9]?(.google\.co(m|\.uk|\.id).*)/) {
        $out="http://" . $1  . $2 ;

#gstatic and/or wikimapia
} elsif ($x =~ m/^http:\/\/([a-z])[0-9]?(\.gstatic\.com.*|\.wikimapia\.org.*)/) {
        $out="http://" . $1  . $2 ;

#maps.google.com
} elsif ($x =~ m/^http:\/\/(khm|mt)[0-9]?(.google.com.*)/) {
        $out="http://" . $1  . $2 ;
       
        #Google
} elsif ($x =~ m/^http:\/\/www\.google-analytics\.com\/__utm\.gif\?.*/) {
        $out="http://www.google-analytics.com/__utm.gif\n";

} elsif ($x =~ m/^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*?)/) {
        $out="http://" . $1 ;

#cdn, varialble 1st path
} elsif (($x =~ /filehippo/) && (m/^http:\/\/(.*?)\.(.*?)\/(.*?)\/(.*)\.([a-z0-9]{3,4})(\?.*)?/)) {
        @y = ($1,$2,$4,$5);
        $y[0] =~ s/[a-z0-9]{2,5}/cdn./;
        $out="http://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] ;

#rapidshare
} elsif (($x =~ /rapidshare/) && (m/^http:\/\/(([A-Za-z]+[0-9-.]+)*?)([a-z]*\.[^\/]{3}\/[a-z]*\/[0-9]*)\/(.*?)\/([^\/\?\&]{4,})$/)) {
        $out="http://cdn." . $3 . "/squid.internal/" . $5 ;

#for yimg.com video
} elsif ($x =~ m/^http:\/\/(.*yimg.com)\/\/(.*)\/([^\/\?\&]*\/[^\/\?\&]*\.[^\/\?\&]{3,4})(\?.*)?$/) {
        $out="http://cdn.yimg.com/" . $3 ;
       
        #for yimg.com doubled
} elsif ($x =~ m/^http:\/\/(.*?)\.yimg\.com\/(.*?)\.yimg\.com\/(.*?)\?(.*)/) {
        $out="http://cdn.yimg.com/"  . $3 ;

#for yimg.com with &sig=
} elsif ($x =~ m/^http:\/\/([^\.]*)\.yimg\.com\/(.*)/) {
        @y = ($1,$2);
        $y[0] =~ s/[a-z]+([0-9]+)?/cdn/;
        $y[1] =~ s/&sig=.*//;
        $out="http://" . $y[0] . ".yimg.com/"  . $y[1] ;
                       
} else {
        $out=$x;

}
if ( $X[0] =~ m/^http\:\/\/.*/) {
 print "OK store-id=$out\n" ;
} else {
 print $X[0] . " OK store-id=$out\n" ;
}
}

14 November 2013

squid.conf dan storeurl.pl untuk squid3

squid3.conf

storeurl.pl

Unknown

0 komentar:

Search Bar

Popular Posts

Labels

Followers

14 November 2013

squid.conf dan storeurl.pl untuk squid3

squid3.conf

storeurl.pl

Unknown

Related Posts

0 komentar:

Search Bar

Popular Posts

Labels

Followers