auth_param basic program /usr/lib/squid/squid_ldap_auth -b "ou=Users,ou=Accounts,dc=clearos,dc=lan" -f "(&(pcnProxyFlag=TRUE)(uid=%s))" -h 127.0.0.1 -D "cn=manager,cn=internal,dc=clearos,dc=lan" -W /etc/squid/ldap.conf -s one -v 3 -U pcnProxyPassword -d
auth_param basic children 25
auth_param basic realm ClearOS Enterprise - Web Proxy
auth_param basic credentialsttl 2 hours
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.0/8
acl lokal src 192.168.10.1-192.168.10.20(ganti dengan IP ente)
acl ekstensiblok url_regex -i \.wmv \.mpg \.mpeg \.wma \.wav \.3gp \.3gpp \.avi \.dat \.aac \.ogg \.mp4 \.mp3 \.mov \.rar \.zip \.7z \.iso \.ace \.exe \.torrent \.mkv \.flv \.rm
delay_pools 1
delay_class 1 1
delay_parameters 1 35000/1000000
delay_access 1 allow ekstensiblok lokal
delay_access 1 deny ALL
# webconfig: acl_start
acl webconfig_lan src 192.168.10.0/24
acl webconfig_to_lan dst 192.168.10.0/24
# webconfig: acl_end
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl SSL_ports port 81 83 10000
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 81 82 83 10000 # Web-based administration tools
acl CONNECT method CONNECT
# And finally deny all other access to this proxy
http_access allow localhost
http_access allow webconfig_to_lan
http_access allow webconfig_lan
http_access deny all
icp_access allow all
reply_body_max_size 0 allow all
http_port 192.168.10.100(ganti dengan IP lokal ente:3128 transparent
http_port 127.0.0.1:3128 transparent
#MEMORY CACHE OPTIONS
#-----------------------------------------------------------------------------
cache_mem 8 MB
#maximum_object_size_in_memory 8 KB
cache_dir ufs /var/spool/squid 7168 16 256
maximum_object_size 51200 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
access_log /var/log/squid/access.log squid
url_rewrite_children 15
#cache deny QUERY
#server_http11 on
#maximum_object_size_in_memory 8 KB
#cache_swap_low 90
#cache_swap_high 95
#No Cache
acl multimedia urlpath_regex -i \.(3gp|avi|asf|divx|flv|mkv|mov|mp4|mpg|mpeg|ram|r m|rmvb|vob|wmv|wma|xvid)$
acl file urlpath_regex -i \.(7z|iso|gz|tgz|rar|zip)$
cache deny multimedia
cache deny file
#All File
refresh_pattern -i \.(jpeg|jpg|bmp|jp(e|2)) 600 90% 720 ignore-no-cache override-expire override-lastmod reload-into-ims ignore-private ignore-auth
refresh_pattern -i \.(swf|pnp|js|css|ico|gif|tiff?) 600 90% 720 ignore-no-cache override-expire override-lastmod reload-into-ims
#---------------------------------------------------------
refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern ^gopher: 600 0% 1440
refresh_pattern ^ftp: 600 90% 720 override-lastmod reload-into-ims ignore-no-cache
refresh_pattern . 180 90% 720 override-lastmod reload-into-ims ignore-no-cache
#================================================= ========
hierarchy_stoplist cgi-bin ?
#refresh_pattern ^ftp: 1440 20% 10080
#refresh_pattern ^gopher: 1440 0% 1440
#refresh_pattern . 0 20% 4320
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
error_directory /etc/squid/errors
coredump_dir /var/spool/squid
follow_x_forwarded_for allow localhost
