# ACL

acl QUERY urlpath_regex -i cgi-bin \? \.php$ \.asp$ \.shtml$ \.cfm$ \.cfml$ \.ph
tml$ \.php3$ localhost
acl manager proto cache_object
acl localhost src 127.0.0.0/8
acl localnet src 192.168.137.0/24
acl jaringan_wifi src 172.168.1.0/24
#acl jaringan_nwifi src 172.168.1.10-172.168.1.50/32
acl SSL_ports port 443 563 873
# https snew rsync
acl Safe_ports port 80 21 443 70 210 1025-65535 280 488 591 777 631 873 901 # ht
tp ftp https gopher wais unregistered ports http-mgmt gss-http filemaker multili
nghttp $
acl purge method PURGE
acl CONNECT method CONNECT
acl urlblock dstdomain "/etc/squid3/web/urlblock.txt"
acl keyurl url_regex -i "/etc/squid3/web/keyurl.txt"
acl download url_regex -i "/etc/squid3/web/download.txt"
acl siang time 08:00-17:00
acl sore time 18:00-22:00
acl malam time 01:00-05:00
acl subuh time 03:00-07:00
http_access allow urlblock !sore
http_access deny urlblock
http_access allow keyurl !sore
http_access deny keyurl
http_access allow manager localhost
http_access deny manager
http_access allow localhost
http_access allow purge localhost
http_access deny purge
http_access allow CONNECT Safe_ports localnet
http_access allow CONNECT Safe_ports jaringan_wifi
http_access deny !Safe_ports
http_access allow jaringan_wifi
#http_access allow jaringan_wifi !jaringan_nwifi
http_access deny jaringan_wifi
http_access deny CONNECT !SSL_ports
http_access deny all
icp_access deny all
http_port 3128 transparent
hierarchy_stoplist cgi-bin ?
cache_mem 64 MB
maximum_object_size_in_memory 16 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
coredump_dir /var/spool/squid3
cache_dir ufs /var/spool/squid3/cache 200 16 256
maximum_object_size 10240 KB
cache_swap_low 85
cache_swap_high 90
access_log /var/spool/squid3/access.log
cache_log /var/spool/squid3/cache.log
cache_store_log none
logfile_rotate 5
log_icp_queries off
cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern -i \.(gif|png|jp?g|ico|bmp|tiff?|tar|ppt|xls)$ 10080 95% 43200 o

verride-expire override-lastmod reload-into-ims ignore-no-cache ignore-private
refresh_pattern -i \.(html|htm|css|js)$ 1440 75% 40320
refresh_pattern -i \.index.(html|htm)$ 0 75% 10080
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 1440 90% 10080
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 100
store_avg_object_size 13 KB
vary_ignore_expire on
request_header_access From deny all
request_header_access Server deny all
request_header_access Link deny all
request_header_access Via deny all
request_header_access X-Forwarded-For deny all
forward_timeout 240 second
connect_timeout 30 second
peer_connect_timeout 5 second
read_timeout 600 second
request_timeout 60 second
shutdown_lifetime 10 second
cache_mgr webmaster
cache_effective_user proxy
httpd_suppress_version_string on
visible_hostname localhost
dns_timeout 10 seconds
dns_nameservers 8.8.8.8 8.8.4.4
memory_pools off
client_db off
reload_into_ims on
pipeline_prefetch on
offline_mode off
delay_pools 3
delay_class 1 1
delay_parameters 1 36000/64000
delay_access 1 allow jaringan_wifi !sore
delay_access 1 deny all
delay_class 2 2
delay_parameters 2 64000/100000 -1/-1
delay_access 2 allow jaringan_wifi !malam
delay_access 2 allow download !subuh
delay_access 2 deny all
delay_class 3 3
delay_parameters 3 36000/64000 28000/56000 -1/-1
delay_access 3 allow jaringan_wifi !siang
delay_access 3 deny all