[squid-users] need advice my squid conf from â–‘â–’â–“ É¹ÉzÇupÉÉ¥Êž ÉzÉ¹Ä±É¯ â–“â–’â

From: â–‘â–’â–“ É¹ÉzÇupÉÉ¥Êž ÉzÉ¹Ä±É¯ â–“â–’â–‘ <mirza.k_at_gmail.com>
Date: Mon, 3 Aug 2009 03:20:53 +0700

client ---> mikrotik ------> Internet
..................|............................
...............Squid Server

Client IP : 192.168.1.xxx
Client gw 192.168.1.253 ( mikrotik LAN ip )

Squid server ip : 10.0.0.1

Mikrotik IP ( NIC that connected to SQUID ) : 10.0.0.2
------------

Problem is i got this alot
1249243846.862 28460 192.168.1.123 TCP_MISS/000 0 GET
http://mail.google.com/ - DIRECT/mail.google.com -

## my squid.conf
cache_peer 10.0.0.2 sibling 3128 0 no-query no-digest default
cache_peer 192.168.1.0/24 sibling 3128 0 no-query no-digest default

http_port 3128 transparent
#http_port 3128
hierarchy_stoplist cgi-bin ?
#acl QUERY urlpath_regex cgi-bin \?
#no_cache deny QUERY
cache_mem 400 MB
cache_swap_low 70
cache_swap_high 90
dead_peer_timeout 10 seconds

maximum_object_size_in_memory 50 KB
maximum_object_size 50 MB
ipcache_size 1024
ipcache_low 98
ipcache_high 99
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF

cache_dir aufs /var/spool/squid 10000 23 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log

log_fqdn off
log_icp_queries off
cache_store_log none
#emulate_httpd_log on
pid_filename /var/run/squid.pid
reload_into_ims on
pipeline_prefetch on
vary_ignore_expire on

memory_pools off
query_icmp on
#quick_abort_min 0
quick_abort_min -1
quick_abort_max 0
quick_abort_pct 98
negative_ttl 1 minute
half_closed_clients off
read_timeout 5 minute
request_timeout 1 minute
client_lifetime 360 minute
shutdown_lifetime 10 second

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl client src 192.168.1.0/255.255.255.0
acl client src 10.0.0.0/255.255.255.0
acl to_localhost dst 127.0.0.0/8
acl PURGE method PURGE
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl CONNECT method CONNECT
http_access allow manager all
#http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow PURGE localhost
http_access deny PURGE
http_access allow localhost
http_access allow client
http_access deny all
http_reply_access allow all
icp_access allow client

acl my_other_proxy src 10.0.0.2
follow_x_forwarded_for allow localhost
follow_x_forwarded_for allow my_other_proxy

#miss_access allow all
cache_mgr mirza.k_at_gmail.com
cache_effective_user proxy
cache_effective_group proxy
visible_hostname private.server
logfile_rotate 1
forwarded_for on
buffered_logs on
client_db off
strip_query_terms off
coredump_dir /var/spool/squid
#tcp_outgoing_tos 0x30 localnet
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern . 0 40% 40320

store_avg_object_size 13 KB

fqdncache_size 4096

#my script
refresh_pattern -i \.flv$ 10080 90% 999999 ignore-no-cache
override-expire ignore-private

acl youtube dstdomain .youtube.com
acl googlevideo dstdomain video.google.com
cache allow youtube
cache allow googlevideo
Received on Sun Aug 02 2009 - 20:20:55 MDT

This archive was generated by hypermail 2.2.0 : Mon Aug 03 2009 - 12:00:02 MDT