maksudnya yang satunya aku utak atik sendiri, yang satunya tak biarin, coz
bukan gue yang install (gak ngerti jeroannya)
ini saya copy kan configurasinya . (OS centos 4.2, squid 2 stable6) Hardisk
40 Gb, Mem 256 Mb, PIV 1,8 Ghz PC jangkrik)
bestr regards,
fahmi.
http://shakau.blogspot.com
[EMAIL PROTECTED] ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/hda2 4.0G 852M 3.0G 23% /
/dev/hda1 122M 8.4M 107M 8% /boot
/dev/hda5 4.0G 33429M 3.1G 20% /cachez/cache-1
/dev/hda6 4.0G 3346M 3.1G 19% /cachez/cache-2
/dev/hda7 4.0G 334M 3.1G 20% /cachez/cache-3
/dev/hda10 4.0G 3344M 3.1G 19% /cachez/cache-4
none 94M 0 94M 0% /dev/shm
/dev/hda11 2.0G 47M 1.9G 3% /var/lib
/dev/hda9 4.0G 106M 3.7G 3% /var/log
/dev/hda12 1012M 34M 927M 4% /var/run
/dev/hda8 4.0G 57M 3.7G 2% /var/spool
/dev/hda13 3.4G 39M 3.2G 2% /var/www
[EMAIL PROTECTED] ~]# cat /etc/squid/squid.conf
http_port 3128
icp_port 3130
udp_incoming_address 0.0.0.0
udp_outgoing_address 255.255.255.255
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \? .js .jsp
no_cache deny QUERY
cache_mem 64 MB
cache_swap_low 98
cache_swap_high 99
maximum_object_size 64 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 64 MB
ipcache_size 4096
ipcache_low 98
ipcache_high 99
fqdncache_size 4096
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
####I Build cache with 4 partition phsical#####
cache_dir diskd /cachez/cache-1 4000 10 256 Q1=72 Q2=64
cache_dir diskd /cachez/cache-2 4000 10 256 Q1=72 Q2=64
cache_dir diskd /cachez/cache-3 4000 10 256 Q1=72 Q2=64
cache_dir diskd /cachez/cache-4 4000 10 256 Q1=72 Q2=64
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
emulate_httpd_log on
log_ip_on_direct on
pid_filename /var/run/squid.pid
debug_options ALL,1
mime_table /etc/squid/mime.conf
log_fqdn off
log_icp_queries off
cache_log /dev/null
cache_store_log none
client_netmask 255.255.255.255
ftp_user [EMAIL PROTECTED]
ftp_list_width 32
ftp_passive on
ftp_sanitycheck on
#dns_nameservers 172.23.1.5 172.23.1.6
#hosts_file /etc/hosts
request_header_max_size 20 KB
request_body_max_size 0 MB
unlinkd_program /usr/lib/squid/unlinkd
refresh_pattern ^ftp: 40320 95% 241920 override-lastmod reload-into-ims
refresh_pattern . 180 95% 40320 override-lastmod reload-into-ims
quick_abort_min 0
quick_abort_max 0
quick_abort_pct 100
shutdown_lifetime 10 seconds
memory_pools off
icp_hit_stale on
query_icmp off
reload_into_ims on
pipeline_prefetch on
vary_ignore_expire on
######### Block multimedia file #############
#acl multimedia urlpath_regex -i \.MP3? \.MPG? \.DIVX? \.MPEG? \.WMV? \.WMA?
\.ISO? \.RVMB$ \.SAVI? \.OGM$ \.OGG$ \.RM$ \.RA$ \.MKV$ \.SFV$ \.MP4$ \.MOV$
\.ASF$ \.NRG$ \.VOB$
#http_access deny multimedia
######### blok site porn, database from [EMAIL PROTECTED]
acl webporn dstdomain "/etc/squid/webporn.txt"
http_access deny webporn
#acl textporn url_regex -i "/etc/squid/porntext.txt"
#http_access deny textporn
#########################################################
acl manager proto cache_object
acl lanlocal src 192.168.0.0/255.255.0.0
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
###########################################################
acl lan1 src 192.168.2.0/255.255.255.0
acl lan2 src 192.168.3.0/255.255.255.0
acl lan3 src 192.168.4.0/255.255.255.0
acl lan4 src 192.168.40.0/255.255.255.0
acl lan4 src 192.168.10.0/255.255.255.0
acl lan5 src 172.16.15.4 172.16.15.12 172.16.1.1
###########################################################
acl to_localhost dst 127.0.0.0/8
acl PURGE method PURGE
http_access allow PURGE lanlocal
http_access deny PURGE
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
#The numbers here are values in bytes;
#we must remember that Squid doesn't consider start/stop bits
#16000/150000 are values for the whole network
#16000/120000 are values for the single IP
#after downloaded files exceed about 150000 bytes (NOT bit !!!),
#(or even twice or three times as much)
#they will continue to download at about 5000 bytes/s (NOT bit/s)
#First delay pool
#We don't want to delay our local traffic.
#There are three pool classes; here we will deal only with the second.
#First delay class (1) of second type (2).
# -1/-1 mean that there are no limits.
acl magic_words1 url_regex -i 192.168.3 192.168.4 192.168.40
192.168.10.65/255.255.255.224
acl magic_words2 url_regex -i ftp .exe .mp3 .vqf .tar.gz .gz .txt .zip .rar
.avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav .asf .mp4 .divx .dat
acl day time 00:00-23:59
delay_pools 2
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow magic_words1
delay_class 2 2
delay_parameters 2 20000/2000000 10000/2000000
delay_access 2 allow day
delay_access 2 deny !day
delay_access 2 allow magic_words2
delay_initial_bucket_level 50
delay_access 2 deny all
acl CONNECT method CONNECT
# http_access allow manager all
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow PURGE localhost
http_access deny PURGE
##############################################
http_access allow localhost
http_access allow lan1
http_access allow lan2
http_access allow lan3
http_access allow lan4
http_access allow lan5
http_access deny all
#############################################
http_reply_access allow all
icp_access allow all
#icp_access deny all
miss_access allow all
cache_mgr [EMAIL PROTECTED]
cachemgr_passwd xxxxx all
cache_effective_user squid
cache_effective_group squid
visible_hostname kunam.jengat.org
unique_hostname kunam.jengat.org
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
logfile_rotate 4
forwarded_for off
log_icp_queries off
buffered_logs on
client_db off
strip_query_terms off
icon_directory /usr/share/squid/icons
error_directory /usr/share/squid/errors/English
snmp_port 161
snmp_access allow localhost
snmp_access allow all
snmp_incoming_address 0.0.0.0
snmp_outgoing_address 255.255.255.255
offline_mode off
coredump_dir /var/spool/squid
ie_refresh off
----- Original Message -----
From: "muhammad panji" <[EMAIL PROTECTED]>
maksudnya di tweak disini detailnya bagaimana pak fahmi? boleh minta
contoh realnya, siapa tahu admin saya mau nyoba.
TIA,
--
Panji
h>ttp://sumodirjo.blogspot.com
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--
FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab
Unsubscribe: kirim email ke [EMAIL PROTECTED]
Arsip dan info milis selengkapnya di http://linux.or.id/milis
