http_port 3128 transparent
icp_port 3130
acl youtube dstdomain -i .youtube.com
acl striming url_regex -i get_video\?video_id videodownload\?
cache allow youtube
cache allow striming
#redirect_program /usr/local/adzap/scripts/wrapzap
#auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
#auth_param basic children 5
#auth_param basic realm Squid proxy-caching web server
#cache_peer proxies.telkom.net.id parent 8080 3130
#cache_peer proxy-sby.telkom.net.id sibling 8080 3130
#============================================================$
hierarchy_stoplist cgi-bin ? .js .jsp localhost kambing.ui.edu buaya.klas.or.id
acl QUERY urlpath_regex cgi-bin \? .js .jsp localhost kambing.ui.edu buaya.klas.or.id
no_cache deny QUERY
#============================================================$

#============================================================$
# OPTIONS WHICH AFFECT THE CACHE SIZE
#============================================================$
cache_mem 6 MB
maximum_object_size 64 MB
maximum_object_size_in_memory 16 KB
cache_swap_low 98
cache_swap_high 99
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
high_memory_warning 70 MB
ipcache_size 8192
ipcache_low 98
ipcache_high 99
fqdncache_size 8192

#============================================================$
# LOGFILE PATHNAMES AND CACHE DIRECTORIES
#============================================================$
#cache_dir aufs /cache1 4500 18 256
cache_dir aufs /cache 7000 17 256
#cache_dir aufs /cache2 3200 8 256
cache_access_log /var/log/squid/access.log
cache_store_log /var/log/squid/store.log
log_fqdn off
log_icp_queries off
log_mime_hdrs off
log_ip_on_direct off
debug_options ALL,1
emulate_httpd_log off

#============================================================$
# FTP section
#============================================================$
ftp_user anonymous@
ftp_list_width 32
ftp_passive on
ftp_sanitycheck on

#============================================================$
# DNS resolution section
#============================================================$
#cache_dns_program /usr/sbin/dnsserver
dns_nameservers 192.168.0.254 202.154.1.2 208.67.202.202 202.134.2.5 202.134.0.155
#============================================================$
# Refresh Rate
#============================================================$
#refresh_pattern ^ftp: 20160 95% 241920 reload-into-ims override-lastmod override-expire reload-into-ims ignore-no-cache ignore-private ignore-auth
#refresh_pattern . 1440 95% 120960 reload-into-ims override-lastmod override-expire reload-into-ims ignore-no-cache ignore-private ignore-auth
refresh_pattern ^ftp: 20160 95% 241920 reload-into-ims override-lastmod override-expire reload-into-ims ignore-no-cache
refresh_pattern . 1440 95% 120960 reload-into-ims override-lastmod override-expire reload-into-ims ignore-no-cache
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 98
negative_ttl 2 minutes
half_closed_clients off
read_timeout 15 minutes
client_lifetime 2 hours
pconn_timeout 60 seconds
request_timeout 1 minutes
shutdown_lifetime 10 seconds
positive_dns_ttl 60 seconds
negative_dns_ttl 30 seconds
#============================================================$
# ACL section
#============================================================$
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl localnet src 192.168.0.252
acl butiti src 192.168.0.3
acl pecenx src 192.168.0.2
acl kost src 192.168.0.4-192.168.0.10
acl outsider src 192.168.0.11-192.168.0.252
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
http_access allow localnet
http_access allow localhost
http_access allow butiti
http_access allow kost
http_access allow pecenx
http_access deny outsider
http_reply_access allow all
icp_access allow all

cache_mgr poerwo2211@yahoo.com
#cache_effective_user _squid
#cache_effective_group _squid
visible_hostname poerwo2211@gmail.com

#============================================================$
# MISCELLANEOUS
#============================================================$
offline_mode off
forwarded_for on
#ssl_unclean_shutdown on
memory_pools off
header_access From deny all
logfile_rotate 7
reload_into_ims on
shutdown_lifetime 10 seconds
cachemgr_passwd disable shutdown
cachemgr_passwd all
buffered_logs off
icp_hit_stale on
log_icp_queries off
strip_query_terms off
query_icmp on
ignore_unknown_nameservers on
acl hotmail dstdomain .hotmail.com .msn.com .passport.net .msn.co.id .passport.com
header_access Accept-Encoding deny hotmail
reload_into_ims on
pipeline_prefetch on
ie_refresh on
vary_ignore_expire on
client_db on

#============================================================$
# DELAY POOLS
#============================================================$
acl download url_regex -i ftp \.exe$ \.mp3$ \.mp4$ \.tar.gz$ \.gz$ \.tar.bz2$ \.rpm$ \.zip$ \.rar$
acl download url_regex -i \.avi$ \.mpg$ \.mpeg$ \.rm$ \.iso$ \.wav$ \.mov$ \.dat$ \.mpe$ \.mid$
acl download url_regex -i \.midi$ \.rmi$ \.wma$ \.wmv$ \.ogg$ \.ogm$ \.m1v$ \.mp2$ \.mpa$ \.wax$
acl download url_regex -i \.m3u$ \.asx$ \.wpl$ \.wmx$ \.dvr-ms$ \.snd$ \.au$ \.aif$ \.asf$ \.m2v$
acl download url_regex -i \.m2p$ \.ts$ \.tp$ \.trp$ \.div$ \.divx$ \.mod$ \.vob$ \.aob$ \.dts$ \.bin$
acl download url_regex -i \.ac3$ \.cda$ \.vro$
acl akses_donlot url_regex -i ftp .exe .dll .zip .rar .rpm .tgz
acl akses_donlot url_regex -i ftp .tar.gz .tar.bz2 .iso .avi .mov .wmv .3gp .bin
acl akses_donlot url_regex -i ftp .mpg .mpeg .mp3 .ram .rm .flv
acl akses_donlot url_regex -i .exe .dll .zip .rar .rpm .tgz
acl akses_donlot url_regex -i .tar.gz .tar.bz2 .iso .avi .mov
acl akses_donlot url_regex -i .mpg .mpeg .mp3 .ram .rm .flv
acl kenadelay url_regex -i .jpg .gif .doc .xls .zip .rar
acl aplot method POST

delay_pools 3
delay_class 1 2
delay_parameters 1 4000/8000 4000/4000
delay_access 1 allow download
delay_access 1 allow pecenx akses_donlot
delay_access 1 allow striming
delay_access 1 allow aplot kenadelay
delay_access 1 deny all
delay_class 2 2
delay_parameters 2 64000/128000 10000/64000
delay_access 2 allow pecenx
delay_access 2 deny all
delay_class 3 2
delay_parameters 3 5000/6000 3000/5000
delay_access 3 allow kost
delay_access 3 deny all