contoh pengaturan squid

mohon maaf jika sudah pernah dibahas…

gimana caranya agar cache squid tetap update …

sekarang ini.. untuk beberapa portal berita, info yg tampil hanya pada
tanggal terakhir di cache aja…

tidak terupdate… meskipun tanggal sudah berubah…

solusi saat ini untuk beberapa portal berita di bypass tdk di cache..

berikut konfigurasi squid.conf – nya

shutdown_lifetime 5 seconds
icp_port 0

http_port 10.10.10.254:800 transparent

acl no_cache_domains dstdomain “/var/acls/dst_nocache_dom.acl”
cache deny no_cache_domains
acl no_cache_ipaddr dst “/var/acls/dst_nocache_net.acl”
cache deny no_cache_ipaddr
acl no_cache_hosts url_regex -i “/var/acls/dst_nocache_url.acl”
cache deny no_cache_hosts

cache_effective_user squid
cache_effective_group squid
umask 022

pid_filename /var/run/squid.pid

cache_mem 8 MB
cache_dir aufs /var/spool/squid/cache 25000 256 256

error_directory /usr/libexec/squid/errors/English

offline_mode on

memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA

access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none

log_mime_hdrs off
forwarded_for off
via off

acl for_throttled_urls url_regex -i “/acls/dst_throttle.acl”

acl within_timeframe time MTWHFAS 00:00-24:00

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 563 # snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 800 # Squids port (for icons)
acl Safe_ports port 2082 # Domain mgmt idwebhost
acl Safe_ports port 5060 # SIP signaling
acl Safe_ports port 3478-3479 # STUN
acl Safe_ports port 8000-10000 # SIP RTP
acl Safe_ports port 4569 # IAX2
acl Safe_ports port 5222-5223 # XMPP
acl Safe_ports port 1935 # RTMP
acl Safe_ports port 6112 # Battle.net
acl Safe_ports port 6114 # Battle.net
acl Safe_ports port 6113 # Battle.net

acl SWE_http port 81
acl SWE_https port 441
acl SWE_ips dst 169.254.20.254
acl SWE_networks src “/var/acls/src_subnets.acl”
acl SWE_servers dst “/var/acls/src_subnets.acl”
acl SWE_green_network src 169.254.20.0/255.255.255.0
acl SWE_green_servers dst 169.254.20.0/255.255.255.0
acl CONNECT method CONNECT

## ‘menipu’ dan memaksa sedikit supaya akses obyek lebih intensif di
lokal Squid dan waktu simpan ditambah sebelum proses validasi terjadi
(mis. validasi terjadi per 3 jam dg penyimpanan obyek terlama 3 bulan,
utk ftp bisa lebih lama lagi)

refresh_pattern ^ftp: 10080 95% 241920 reload-into-ims override-lastmod
refresh_pattern . 180 95% 120960 reload-into-ims override-lastmod

## Toleransi aborting dihilangkan saja

quick_abort_min 0
quick_abort_max 0
quick_abort_pct 98

#### tidak perlu reservasi memori

memory_pools off

#icp_hit_stale on
#query_icmp on

reload_into_ims on
pipeline_prefetch on
vary_ignore_expire on

ipcache_size 2048
ipcache_low 98
ipcache_high 99

header_access Accept-Encoding deny all

#Access to squid:
#local machine, no restriction
http_access allow localhost

#GUI admin if local machine connects
http_access allow SWE_ips SWE_networks SWE_http
http_access allow CONNECT SWE_ips SWE_networks SWE_https

#Deny not web services
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

#Set download throttling
delay_pools 1
delay_class 1 3
delay_parameters 1 -1/-1 -1/-1 48000/96000
delay_access 1 deny SWE_ips
delay_access 1 allow all for_throttled_urls
delay_initial_bucket_level 100

#Prevent internal proxy access
http_access deny SWE_servers

#Prevent internal proxy access to Green
http_access deny SWE_green_servers !SWE_green_network

#Set custom configured ACLs
http_access allow SWE_networks within_timeframe
http_access deny all

#Strip HTTP Header
header_access X-Forwarded-For deny all
header_access Via deny all

httpd_suppress_version_string on

maximum_object_size 10024 KB
minimum_object_size 0 KB

request_body_max_size 100000 KB
reply_body_max_size 204800000 deny all

visible_hostname firewall.domain.com

berikut hasil log dgn calamaris ;

Proxy-Report

Report period: 22.Jun 09 01:13:44 – 22.Jun 09 11:00:00
Generated at: 22.Jun 09 11:00:33

# Summary
lines parsed: 60173
invalid lines: 0
parse time (sec): 30

# Incoming requests by method
method request % Byte % sec kB/sec
——————————— ——— —— ——– —— —- ——-
GET 54734 90.96 830M 96.33 3 4.45
POST 5181 8.61 31M 3.65 9 0.72
HEAD 213 0.35 0M 0.01 1 0.53
NONE 44 0.07 0M 0.01 0 18845
PUT 1 0.00 0M 0.00 1 0.25
——————————— ——— —— ——– —— —- ——-
Sum 60173 100.00 862M 100.00 4 3.75

# Incoming UDP-requests by status
no matching requests

# Incoming TCP-requests by status
status request % Byte % sec kB/sec
——————————— ——— —— ——– —— —- ——-
HIT 31227 51.90 143M 16.54 0 128.93
TCP_IMS_HIT 16683 27.73 4M 0.47 0 11.15
TCP_HIT 7525 12.51 92M 10.65 0 193.13
TCP_OFFLINE_HIT 6184 10.28 46M 5.33 0 173.11
TCP_NEGATIVE_HIT 447 0.74 0M 0.02 0 74.13
TCP_MEM_HIT 388 0.64 1M 0.08 0 288.87
MISS 28734 47.75 719M 83.42 8 3.14
TCP_MISS 28732 47.75 719M 83.42 8 3.14
TCP_SWAPFAIL_MISS 1 0.00 0M 0.00 0 7.85
TCP_DENIED 1 0.00 0M 0.00 1 0.27
ERROR 212 0.35 0M 0.04 0 288.37
TCP_MISS 166 0.28 0M 0.03 0 215.73
TCP_DENIED 46 0.08 0M 0.01 0 18763
——————————— ——— —— ——– —— —- ——-
Sum 60173 100.00 862M 100.00 4 3.75

# Request-destinations by toplevel-domain
destination request % Byte % hit-%
————————————— ——— —— ——– —— ——
*.com 45142 75.02 755M 87.63 47.58
*.net 6926 11.51 57M 6.58 70.91
*.id 3397 5.65 17M 1.95 80.31
2224 3.70 20M 2.36 40.38
1359 2.26 1M 0.15 32.08
*.org 631 1.05 1M 0.14 72.42
*.info 165 0.27 1M 0.06 94.55
*.uk 85 0.14 1M 0.07 69.41
*.us 77 0.13 4M 0.51 84.42
*.ru 62 0.10 0M 0.00 0.00
*.cz 32 0.05 0M 0.00 62.50
*.de 22 0.04 3M 0.39 0.00
*.my 11 0.02 0M 0.03 0.00
*.cn 9 0.01 0M 0.01 0.00
*.eu 7 0.01 0M 0.00 0.00
*.gov 5 0.01 0M 0.00 100.00
*.ar 5 0.01 0M 0.00 100.00
*.se 4 0.01 0M 0.00 100.00
*.tv 4 0.01 0M 0.00 100.00
*.pl 4 0.01 1M 0.09 0.00
*.ro 1 0.00 0M 0.03 0.00
*.comhttp 1 0.00 0M 0.00 0.00
————————————— ——— —— ——– —— ——
Sum 60173 100.00 862M 100.00 51.90

# TCP-Request-protocol
protocol request % Byte % hit-%
————————————— ——— —— ——– —— ——
http: 58814 97.74 861M 99.85 52.35
1359 2.26 1M 0.15 32.08
————————————— ——— —— ——– —— ——
Sum 60173 100.00 862M 100.00 51.90

# Requested content-type
content-type request % Byte % hit-%
————————————— ——— —— ——– —— ——
image/gif 14173 23.55 22M 2.58 72.11
image/jpeg 11098 18.44 65M 7.59 65.65
text/html 7953 13.22 145M 16.82 26.86
application/x-javascript 4778 7.94 62M 7.17 46.02
text/plain 4495 7.47 36M 4.17 8.05
image/png 3949 6.56 9M 1.07 84.30
text/javascript 2922 4.86 20M 2.32 53.46
2792 4.64 5M 0.58 3.19
text/css 1617 2.69 8M 0.97 91.40
text/xml 1413 2.35 15M 1.72 38.57
other: 49 content-types 4983 8.28 474M 55.00 40.56
————————————— ——— —— ——– —— ——
Sum 60173 100.00 862M 100.00 51.90

# Requested extensions
extensions request % Byte % hit-%
————————————— ——— —— ——– —— ——
24655 40.97 613M 71.15 16.75
jpg 10370 17.23 58M 6.67 66.49
gif 10276 17.08 15M 1.80 90.06
png 3377 5.61 7M 0.82 94.64
js 3280 5.45 24M 2.74 94.82
1515 2.52 31M 3.59 51.16
1359 2.26 1M 0.15 32.08
css 1229 2.04 7M 0.79 91.86
xml 754 1.25 1M 0.10 90.19
swf 394 0.65 9M 1.03 91.37
other: 110 extensions 2964 4.93 96M 11.17 42.58
————————————— ——— —— ——– —— ——
Sum 60173 100.00 862M 100.00 51.90

# Distribution Histogram
object-size (bytes) request hit-% Byte hit-% sec kB/sec
——————————— ——— —— ——– —— —- ——-
0-0 45 0.00 0M 0.00 4 0.00
64-127 2 100.00 0M 100.00 0 1.42
128-255 11493 85.80 3M 86.73 1 0.29
256-511 16592 54.85 5M 48.21 6 0.05
512-1023 6175 33.77 4M 34.38 7 0.11
1024-2047 5701 33.82 8M 33.24 4 0.36
2048-4095 8103 43.03 23M 43.24 1 4.52
4096-8191 4441 43.64 24M 45.59 1 4.18
8192-16383 2726 47.95 30M 46.29 1 7.62
16384-32767 1891 38.13 43M 36.90 2 13.08
32768-65535 1591 30.86 69M 31.25 2 18.20
65536-131071 767 25.03 68M 24.02 5 18.65
131072-262143 304 24.67 51M 24.09 11 15.93
262144-524287 217 8.29 71M 7.86 22 15.41
524288-1048575 25 40.00 17M 43.04 26 27.01
1048576-2097151 37 32.43 57M 35.72 41 38.08
2097152-4194303 30 0.00 94M 0.00 199 16.15
4194304-8388607 16 0.00 82M 0.00 275 19.05
8388608-16777215 14 0.00 159M 0.00 477 24.45
16777216-33554431 3 0.00 55M 0.00 1017 18.34
——————————— ——— —— ——– —— —- ——-
Sum 60173 51.90 862M 16.54 4 3.75

Calamaris $Revision: 2.59 $
Copyright (C) 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004 Cord Beermann.
Calamaris comes with ABSOLUTELY NO WARRANTY. It is free software, and you are
welcome to redistribute it under certain conditions. See source for details.
Calamaris-Homepage: http://Calamaris.Cord.de/

–~–~———~–~—-~————~——-~–~—-~
Info Milis: http://wiki.ubuntu-id.org/Milis
Etika Milis: http://wiki.ubuntu-id.org/EtikaMilis
Daftar Hitam Anggota Milis: http://wiki.ubuntu-id.org/Milis/HallOfShame
-~———-~—-~—-~—-~——~—-~——~–~—

paling banyak dicari:

  • contoh proxy squid (2)
  • contoh proxy squif (1)
  • contoh squid (1)

Tinggalkan Balasan