###############################################################################################################
#                                                                                                             #
#                             squid configure file for debian and redhat                                      #
#				  configured by MohammadReza Abadi                                            #
#					  abadi@elka-pt.net                                                   #
#                                                                                                             #
###############################################################################################################


##  http_port

http_port 3128

##  hierarchy_stoplist

hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

##  cache_mem

cache_mem 64 MB

##  maximum_object_size

maximum_object_size 10 MB

##  minimum_object_size

minimum_object_size 0 KB

##  cache_dir

cache_dir ufs /var/spool/squid3 2000 16 256

##  cache log

#cache_access_log none
#cache_store_log none
#cache_log none
#logfile_rotate 4

##  ftp_user

ftp_user anonymous@

##  dns_nameservers

dns_nameservers  4.2.2.4

##  auth_param

auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
authenticate_ttl 1 hour
authenticate_ip_ttl 2 seconds

##  request_header_max_size

request_header_max_size 8 KB

##  refresh_pattern

refresh_pattern ^ftp: 1440 60% 10080
refresh_pattern ^gopher 1440 20% 1440
refresh_pattern . 0 30% 4320

##  timeout

negative_ttl 5 minutes
positive_dns_ttl 30 minutes
negative_dns_ttl 1 minutes
connect_timeout 1 minutes
read_timeout 15 minutes
request_timeout 5 minutes
client_lifetime 8 hours
pconn_timeout 120 seconds
shutdown_lifetime 10 seconds

##  Aborts
 
quick_abort_min 64 KB 
quick_abort_max 512 KB 
quick_abort_pct 70% 


##  acl

#acl all src 0.0.0.0/0.0.0.0
acl VIRCMD urlpath_regex winnt/system32/cmd.exe?
acl elkanet src 10.0.0.0/255.0.0.0
acl badurl url_regex -i sex porno adult
acl badurl url_regex -i varzeshi
acl badurl url_regex -i hamshahri
acl badports port 5050
acl internet_time time 07:00-18:00
acl Safe_port port 80	#http
acl Safe_port port 8080	#tomcat
acl Safe_port port 21	#ftp
acl Safe_port port 70	#gopher
acl Safe_port port 210	#wais
acl Safe_port port 443	#https
acl Safe_port port 777	#multiling http
acl CONNECT method CONNECT
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl magic_words url_regex -i ftp .exe .mp3 .vqf .tar.gz .gz .rpm .zip .rar .avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav .mov 
acl magic_words url_regex -i http .exe .mp3 .vqf .tar.gz .gz .rpm .zip .rar .avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav .mov 



##  http_access

http_access allow manager localhost
http_access deny manager
http_access deny badports
http_access deny CONNECT
#http_access allow all
http_access allow elkanet
http_access deny badurl
http_access deny VIRCMD
http_access allow Safe_port
http_access allow SSL_ports
http_access allow localhost
http_access allow internet_time
http_access deny magic_words

##  reply_body_max_size bandwith control

acl net src 10.0.0.0/255.0.0.0
#reply_body_max_size 10240 allow net

##  cache_mgr

cache_mgr abadi@elka-pt.net

##  cache user and group

cache_effective_user proxy
cache_effective_group proxy

##  cache name

visible_hostname ElkaCacheServer

##  httpd_accel_host

#httpd_accel_host virtual

##  http_accel_port

#http_accel_port 80

##  httpd_accel_with_proxy

#httpd_accel_with_proxy off

##  httpd header

#httpd_accel_uses_host_header on

##  Cache replacement policy 

cache_replacement_policy GDSF 

##  Microsoft Update Refresh Time 

refresh_pattern http://*.windowsupdate.microsoft.com/ 0 80% 20160 reload-into-ims 
refresh_pattern http://office.microsoft.com/ 0 80% 20160 reload-into-ims 
refresh_pattern http://windowsupdate.microsoft.com/ 0 80% 20160 reload-into-ims 
refresh_pattern http://wxpsp2.microsoft.com/ 0 80% 20160 reload-into-ims 
refresh_pattern http://xpsp1.microsoft.com/ 0 80% 20160 reload-into-ims 
refresh_pattern http://w2ksp4.microsoft.com/ 0 80% 20160 reload-into-ims 
refresh_pattern http://download.microsoft.com/ 0 80% 20160 reload-into-ims 
refresh_pattern http://download.macromedia.com/ 0 80% 20160 reload-into-ims 
refresh_pattern ftp://ftp.nai.com/ 0 80% 20160 reload-into-ims 
refresh_pattern http://ftp.software.ibm.com/ 0 80% 20160 reload-into-ims 



 
###############################################################################################################
#                                                                                                             #
#                             squid configure file for debian and redhat                                      #
#				  configured by MohammadReza Abadi                                            #
#					  abadi@elka-pt.net                                                   #
#                                                                                                             #
###############################################################################################################