Professional Documents
Culture Documents
3) - COMASTNET
C O M ASTNE T
DEDICATED INTERNET PARTNER
Headlines News :
Home » computer , internet , linux » Squid Youtube Cache 2016 Terbaru suport HTTP & HTTPS (Squid 3.5.3)
TRANSLATE
Squid Youtube Cache 2016 Terbaru suport HTTP & HTTPS (Squid 3.5.3) Pilih Bahasa ▼
Written By gobed balagadona on Monday, June 20, 2016 | 8:00 PM
15 Comments Sort by Oldest
Like Share 7 people like this. Be the first of your friends.
Add a comment...
Aris Sutarman
testing........... testing! (dalam rangka
renovasi blog comastnet
Like · Reply · 1 · 5y
http://comastnet.blogspot.com/2016/06/squid-youtube-cache-2016-terbaru-suport.html 1/15
6/19/2018 Squid Youtube Cache 2016 Terbaru suport HTTP & HTTPS (Squid 3.5.3) - COMASTNET
--enable-inline \
--enable-async-io=24 \
--enable-storeio=ufs,aufs,diskd,rock \
--enable-removal-policies=lru,heap \
--enable-gnuregex \
--enable-delay-pools \
--enable-cache-digests \
--enable-underscores \
--enable-icap-client \
--enable-follow-x-forwarded-for \
--enable-eui \
--enable-esi \
--enable-icmp \
--enable-zph-qos \
--enable-http-violations \
--enable-ssl-crtd \
--enable-linux-net lter \
--enable-ltdl-install \
--enable-ltdl-convenience \
--enable-x-accelerator-vary \
--disable-maintainer-mode \
--disable-dependency-tracking \
--disable-silent-rules \
--disable-translation \
--disable-ipv6 \
--disable-ident-lookups \
--with-swapdir=/var/spool/squid \
--with-logdir=/var/log/squid \
--with-pid le=/var/run/squid.pid \
--with-aufs-threads=24 \
--with- ledescriptors=65536 \
--with-large- les \
--with-maxfd=65536 \
--with-openssl \
--with-default-user=proxy \
--with-included-ltdl &&
make && make install
nano /etc/squid/squid.conf
#
# Recommended minimum con guration:
#
# TAG: QUERY
# -----------------------------------------------------------------------------
acl QUERY urlpath_regex -i
(hackshield|blank.html|in nity.js|hshield.da|renew_session_token.php|recaptcha.js|dat.asp|notice.swf|patchlist.txt|
hackshield|captcha|reset.css|update.ver|notice.html|updates.txt|gamenotice|images.kom|patchinfo.xml|noupdate.
ui|\.Xtp|\.htc|\.txt)
acl QUERY urlpath_regex -i
(patch.conf|uiimageset.xml.iop|gashaponwnd.xml.iop|loading.swf|download.swf|version.list|version.ini|launch.jnl
p|server_patch.cfg.iop|core.swf|Loading.swf|resouececheck.sq|mainloading.swf|con g.xml|gemmaze.swf|xml.png|
size.xml|resourcesbar.swf|version.xml|version.list|delete.ini)
acl QUERY urlpath_regex -i \.(jsp|asp|aspx|cfg|iop|zip|php|xml|html)(\?|$)
cache deny QUERY
#
acl dontstore url_regex ^http:\/\/(([\d\w-]*(\.[^\.\-]*?\..*?))(\/\mosalsal\/[\d]{4}\/.*\/)(.*\. v))\?start.*
acl dontstore url_regex redbot\.org \.php
acl dontstore url_regex -i ^http:\/\/.*gemscool\.com\/.*
acl dontstore url_regex \.(aspx|php)\?
acl dontstore url_regex goldprice\.org\/NewCharts\/gold\/images\/.*\.png
acl dontstore url_regex google\.co(m|\.[a-z]{2})\/complete\/search\?
acl dontstore url_regex redirector\.([0-9.]
{4}|.*\.youtube\.com|.*\.googlevideo\.com|.*\.video\.google\.com)\/(get_video\?|videodownload\?
|videoplayback.*id|get_video_info\?|ptracking\?|player_204\?|stream_204\?).*
###############################################################################
# Recommended minimum Access Permission con guration:
#
# Deny requests to certain unsafe ports
###############################################################################
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http://comastnet.blogspot.com/2016/06/squid-youtube-cache-2016-terbaru-suport.html 3/15
6/19/2018 Squid Youtube Cache 2016 Terbaru suport HTTP & HTTPS (Squid 3.5.3) - COMASTNET
###############################################################################
# squid ssl_bump option
###############################################################################
always_direct allow all
ssl_bump server- rst all
sslproxy_cert_error deny all
sslproxy_ ags DONT_VERIFY_PEER
###############################################################################
# Squid normally listens to port 3128
###############################################################################
https_port 3130 tproxy ssl-bump generate-host-certi cates=on dynamic_cert_mem_cache_size=4MB
cert=/etc/squid/ssl_certs/squid.crt key=/etc/squid/ssl_certs/squid.key
http_port 3129 tproxy
http_port 3128
###############################################################################
## MEMORY CACHE OPTIONS
###############################################################################
client_dst_passthru on
cache_mem 1024 MB
maximum_object_size_in_memory 1024 KB
memory_cache_shared off
memory_cache_mode disk
memory_replacement_policy heap GDSF
###############################################################################
## DISK CACHE OPTIONS
###############################################################################
cache_replacement_policy heap LFUDA
minimum_object_size 1 bytes
maximum_object_size 10 GB
###############################################################################
# Uncomment and adjust the following to add a disk cache directory.
###############################################################################
http://comastnet.blogspot.com/2016/06/squid-youtube-cache-2016-terbaru-suport.html 4/15
6/19/2018 Squid Youtube Cache 2016 Terbaru suport HTTP & HTTPS (Squid 3.5.3) - COMASTNET
cache_dir aufs /cache-1 500000 16 256 # sesuaikan dengan drive penyimpanan cache
cache_dir aufs /cache-2 500000 16 256 # sesuaikan dengan drive penyimpanan cache
store_dir_select_algorithm round-robin
cache_swap_low 90
cache_swap_high 95
###############################################################################
# Leave coredumps in the rst cache dir
###############################################################################
coredump_dir /var/spool/squid
###############################################################################
## LOGFILE OPTIONS
###############################################################################
#access_log daemon:/tmp/access.log !log
access_log /tmp/access.log squid
log le_daemon /usr/lib/squid/log_ le_daemon
cache_store_log none
log le_rotate 1
mime_table /etc/squid/mime.conf
pid_ lename /var/run/squid.pid
strip_query_terms off
buffered_logs off
###############################################################################
## OPTIONS FOR TROUBLESHOOTING
###############################################################################
#cache_log /tmp/cache.log
cache_log /dev/null
#debug_options ALL,1 22,3
coredump_dir /var/spool/squid
###############################################################################
## OPTIONS FOR TUNING THE CACHE
###############################################################################
max_stale 1 years
vary_ignore_expire on
shutdown_lifetime 10 seconds
###############################################################################
# Add any of your own refresh_pattern entries above these.
###############################################################################
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
# Youtube Video
refresh_pattern -i (get_video\?|videoplayback\?|videodownload\?|\.mp4|\.webm|\. v|
((audio|video)\/(webm|mp4))) 241920 100% 241920 override-expire ignore-reload ignore-private ignore-no-
store ignore-must-revalidate reload-into-ims ignore-auth store-stale
refresh_pattern -i ^https?\:\/\/.*\.googlevideo\.com\/videoplayback.* 10080 99% 43200 override-lastmod
override-expire ignore-reload reload-into-ims ignore-private reload-into-ims ignore-auth store-stale
refresh_pattern -i ^https?\:\/\/.*\.googlevideo\.com\/videoplayback.*$ 241920 100% 241920 override-expire
ignore-reload ignore-private ignore-no-store ignore-must-revalidate reload-into-ims ignore-auth store-stale
# Image Youtube
refresh_pattern -i (yimg|twimg)\.com\.* 1440 100% 129600 override-expire ignore-reload reload-into-ims
refresh_pattern -i (ytimg|ggpht)\.com\.* 1440 80% 129600 override-expire override-lastmod ignore-auth
ignore-reload reload-into-ims
#images facebook
refresh_pattern -i fbcdn.*net\/.*\.((jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|css|js)|(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?
|ico|swf|css|js)(\?|.*$)) 241920 99% 241920 ignore-no-store ignore-private override-expire override-lastmod
reload-into-ims ignore-auth
http://comastnet.blogspot.com/2016/06/squid-youtube-cache-2016-terbaru-suport.html 5/15
6/19/2018 Squid Youtube Cache 2016 Terbaru suport HTTP & HTTPS (Squid 3.5.3) - COMASTNET
# Video Facebook
refresh_pattern -i \.video.ak.fbcdn.net.*\.(mp4| v|mp3|amf) 10080 80% 43200 override-expire
ignore-reload reload-into-ims ignore-private ignore-no-store ignore-must-revalidate
refresh_pattern (audio|video)\/(webm|mp4) 129600 99% 129600 ignore-reload override-expire override-
lastmod ignore-must-revalidate ignore-private ignore-no-store ignore-auth store-stale
refresh_pattern -i ^http://.*squid\.internal.* 241920 100% 241920 override-lastmod override-expire ignore-
reload ignore-must-revalidate ignore-private ignore-no-store ignore-auth store-stale
# All File
refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 10080 80% 10080 override-
expire override-lastmod reload-into-ims
refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar|iop|nzp|pak|mar|msp) 10080 80%
10080 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 10080 80% 10080 override-expire
override-lastmod reload-into-ims
refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob|webm) 10080
80% 10080 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)| v|x- v) 10080 80% 10080
override-expire override-lastmod reload-into-ims
refresh_pattern . 0 20% 4320
###############################################################################
## ADMINISTRATIVE PARAMETERS
###############################################################################
cache_mgr eko.hendratno@gmail.com
cache_effective_user proxy
cache_effective_group proxy
visible_hostname gtw.home.lan
unique_hostname gtw.home.lan
###############################################################################
## PERSISTENT CONNECTION HANDLING
###############################################################################
detect_broken_pconn on
client_persistent_connections off
server_persistent_connections on
###############################################################################
## ERROR PAGE OPTIONS
###############################################################################
error_directory /usr/share/squid/errors/en
error_log_languages off
###############################################################################
## DNS OPTIONS
###############################################################################
check_hostnames off
hosts_ le /etc/hosts
connect_retries 2
ipcache_low 90
http://comastnet.blogspot.com/2016/06/squid-youtube-cache-2016-terbaru-suport.html 6/15
6/19/2018 Squid Youtube Cache 2016 Terbaru suport HTTP & HTTPS (Squid 3.5.3) - COMASTNET
ipcache_high 95
ipcache_size 10024 # 2x Besar RAM
fqdncache_size 7024 # real RAM Hardware
pipeline_prefetch 100
###############################################################################
## MISCELLANEOUS
###############################################################################
memory_pools off
reload_into_ims on
uri_whitespace strip
max_ ledescriptors 65536
=================================
nano /etc/squid /store-id.pl
=================================
#!/usr/bin/perl
###########################
#
# Store-ID dengan asumsi chanel berapapun
#
###########################
$|=1;
while (<>) {
my $chan = "";
if (s/^(\d+\s+)//o) {
$chan = $1;
}
$_ =~ s/(\s+.+)//o;
if ($_ =~ m/^https?\:\/\/.*youtube.*(ptracking|stream_204|player_204|gen_204).*(video_id|docid|v)\=([^\&\s]*).*/){
$vid = $3 ;
@cpn = m/[&?]cpn\=([^\&\s]*)/;
$fn = "/var/log/squid3/@cpn";
unless (-e $fn) {
open FH,">".$fn ;
print FH "$vid\n";
close FH;
}
print $chan, "ERR\n" ;
http://comastnet.blogspot.com/2016/06/squid-youtube-cache-2016-terbaru-suport.html 7/15
6/19/2018 Squid Youtube Cache 2016 Terbaru suport HTTP & HTTPS (Squid 3.5.3) - COMASTNET
NAME=squid
DAEMON=/usr/sbin/squid
LIB=/usr/lib/squid
PIDFILE=/var/run/squid.pid
# export LD_PRELOAD=/usr/local/lib/libjemalloc.so # ini apabila anda menggunakan jemalloc
SQUID_ARGS="-YC"
[ ! -f /etc/default/squid ] || . /etc/default/squid
. /lib/lsb/init-functions
PATH=/bin:/usr/bin:/sbin:/usr/sbin
[ -x $DAEMON ] || exit 0
grepconf () {
w=" " # space tab
sq=/etc/squid/squid.conf
# sed is cool.
res=`sed -ne '
s/^'$1'['"$w"']\+\([^'"$w"']\+\).*$/\1/p;
t end;
d;
:end q' < $sq`
[ -n "$res" ] || res=$2
echo "$res"
http://comastnet.blogspot.com/2016/06/squid-youtube-cache-2016-terbaru-suport.html 11/15
6/19/2018 Squid Youtube Cache 2016 Terbaru suport HTTP & HTTPS (Squid 3.5.3) - COMASTNET
grepconf2 () {
w=" " # space tab
sq=/etc/squid/$NAME.conf
# sed is cool.
res=`sed -ne '
s/^'$1'['"$w"']\+[^'"$w"']\+['"$w"']\+\([^'"$w"']\+\).*$/\1/p;
t end;
d;
:end q' < $sq`
[ -n "$res" ] || res=$2
echo "$res"
}
#
# Try to increase the # of ledescriptors we can open.
#
maxfds () {
[ -n "$SQUID_MAXFD" ] || return
[ -f /proc/sys/fs/ le-max ] || return 0
global_ le_max=`cat /proc/sys/fs/ le-max`
minimal_ le_max=$(($SQUID_MAXFD + 4096))
if [ "$global_ le_max" -lt $minimal_ le_max ]
then
echo $minimal_ le_max > /proc/sys/fs/ le-max
ulimit -n $SQUID_MAXFD
}
start () {
cdr=`grepconf2 cache_dir /cache-1`
ctp=`grepconf cache_dir ufs`
maxfds
umask 027
start-stop-daemon --quiet --start \
--pid le $PIDFILE \
--chuid $CHUID \
--exec $DAEMON -- $SQUID_ARGS < /dev/null
return $?
}
http://comastnet.blogspot.com/2016/06/squid-youtube-cache-2016-terbaru-suport.html 12/15
6/19/2018 Squid Youtube Cache 2016 Terbaru suport HTTP & HTTPS (Squid 3.5.3) - COMASTNET
stop () {
PID=`cat $PIDFILE 2>/dev/null`
start-stop-daemon --stop --quiet --pid le $PIDFILE --name squid
#
# Now we have to wait until squid has _really_ stopped.
#
sleep 2
if test -n "$PID" && kill -0 $PID 2>/dev/null
then
log_action_begin_msg " Waiting"
cnt=0
while kill -0 $PID 2>/dev/null
do
cnt=`expr $cnt + 1`
if [ $cnt -gt 24 ]
then
log_action_end_msg 1
return 1
sleep 5
log_action_cont_msg ""
done
log_action_end_msg 0
return 0
else
return 0
}
case "$1" in
start)
log_daemon_msg "Starting Squid HTTP proxy" "squid"
if start ; then
log_end_msg $?
else
log_end_msg $?
;;
stop)
log_daemon_msg "Stopping Squid HTTP proxy" "squid"
if stop ; then
log_end_msg $?
else
log_end_msg $?
;;
reload|force-reload)
log_action_msg "Reloading Squid con guration les"
$DAEMON -k recon gure
log_action_end_msg 0
;;
restart)
log_daemon_msg "Restarting Squid HTTP proxy" "squid"
stop
if start ; then
log_end_msg $?
else
log_end_msg $?
;;
status)
status_of_proc -p "$PIDFILE" "$DAEMON" squid && exit 0 || exit $?
;;
*)
http://comastnet.blogspot.com/2016/06/squid-youtube-cache-2016-terbaru-suport.html 13/15
6/19/2018 Squid Youtube Cache 2016 Terbaru suport HTTP & HTTPS (Squid 3.5.3) - COMASTNET
exit 0
=================================
chmod +x store-id.pl
chmod +x squid
chown proxy:proxy /cache-1
chown proxy:proxy /cache-2 &&
chmod 777 /cache-1 &&
chmod 777 /cache-2
squid -f /etc/squid/squid.conf -z
=================================
nano /etc/rc.local
=================================
#0
iptables -A POSTROUTING -t nat -j MASQUERADE -o eth0
#1
iptables -t mangle -F
iptables -t mangle -X
#2
echo 0 > /proc/sys/net/ipv4/conf/lo/rp_ lter
echo 1 > /proc/sys/net/ipv4/ip_forward
#3
ip rule add fwmark 1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100
#4
iptables -t mangle -N DIVERT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
#5
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
#6
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3129
iptables -t mangle -A PREROUTING -p tcp --dport 443 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3130
#7
squid start
exit 0
=============================================================================================
======
squid -k parse
squid -k recon gure
squid -z
squid start
Related Posts :
http://comastnet.blogspot.com/2016/06/squid-youtube-cache-2016-terbaru-suport.html 14/15
6/19/2018 Squid Youtube Cache 2016 Terbaru suport HTTP & HTTPS (Squid 3.5.3) - COMASTNET
Cara menambah tur sms Provisioning CISCO SIP / IP Optimasi Apache Web Mixed MikroTik
veri kasi ... Phones ... Server Loadbalance NTH & PC...
10 comments + comments +
Post a Comment
http://comastnet.blogspot.com/2016/06/squid-youtube-cache-2016-terbaru-suport.html 15/15