[HOT POOLLING]Apakah Youtube Error Lagi ?

Diskusi tentang Ubuntu Server baik webserver, database server, samba server dan service lainnya serta jaringan menggunakan Sistem Operasi Ubuntu.
Post Reply
User avatar
OnniePeWe

Re: [HOT POOLLING]Apakah Youtube Error Lagi ?

Post 09 Apr 2014, 02:26

sebelumnya minta maaf kalo terlalu dasar.
saya baru aja install ubuntu & lusca & mikrotik.
root@krisna:~# lsb_release -r
Release: 12.04
root@krisna:~# lusca -v
Squid Cache: Version LUSCA_HEAD-r14809
configure options: '--build=i686-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--libexecdir=${prefix}/lib/lusca' '--srcdir=.' '--disable-maintainer-mode' '--disable-dependency-tracking' '--disable-silent-rules' '--enable-stacktraces' '--sysconfdir=/etc/lusca' '--localstatedir=/var' '--datadir=/usr/share/lusca' '--libexecdir=/usr/lib/lusca' '--mandir=/usr/share/man' '--enable-removal-policies=lru,heap' '--enable-snmp' '--enable-delay-pools' '--enable-cache-digests' '--enable-referer-log' '--enable-useragent-log' '--enable-auth=basic,digest,ntlm,negotiate' '--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,DB,POP3,getpwnam,squid_radius_auth,multi-domain-NTLM' '--enable-ntlm-auth-helpers=SMB,' '--enable-digest-auth-helpers=ldap,password' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-external-acl-helpers=ip_user,ldap_group,session,unix_group,wbinfo_group' '--enable-follow-x-forwarded-for' '--with-large-files' '--with-maxfd=65535' '--enable-http-violations' '--enable-linux-netfilter' 'build_alias=i686-linux-gnu' 'CFLAGS=-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -Wall' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro' 'CPPFLAGS=-D_FORTIFY_SOURCE=2'
untuk setingan lusca saya ngikutin arahan mas q_p yang ada di page38, dengan sedikit penyesuaian (http://ubuntu-indonesia.com/forums/ubbt ... Post132223)
squid.conf

Code: Select all

#FPUI
# storeurl release using r25

#SQUID.CONF



#baris di bawah ini u/ antivirus HAVP (comment-out jika tdk pakai HAVP)
#cache_peer 127.0.0.1 parent 8080 0 no-query no-digest no-netdb-exchange default

http_port 3128 transparent
server_http11 on
icp_port 0

include /etc/squid/acl.conf

#baris di bawah ini u/ squidGuard (comment-out jika tdk pakai squiGuard)
#url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf

storeurl_rewrite_program /etc/squid/r25.pl
storeurl_rewrite_children 5
storeurl_rewrite_concurrency 10

include /etc/squid/tune.conf

#baris di bawah ini mohon disesuaikan dengan path cache_dir anda
#cache_dir aufs /proxy_1 15000 32 256 min-size=0         max-size=8388607
#cache_dir aufs /proxy_2 15000 32 256 min-size=8388608   max-size=67108864

cache_dir aufs /cache1 240000 481 256

#path log di bawah ini mohon di receck pada saat Anda build squid

icon_directory /usr/share/lusca/icons
cache_swap_log /cache1/swap.state
cache_access_log /var/log/lusca/access.log
cache_log /dev/null
cache_store_log /var/log/lusca/store.log
pid_filename /var/run/lusca.pid
coredump_dir /var/spool/lusca
error_directory /usr/share/lusca/errors/English
mime_table /usr/share/lusca/mime.conf
logformat squid1 %{Referer}>h %ru
access_log /var/log/lusca/yt.log squid1 yutub
referer_log /var/log/lusca/referer.log

include /etc/squid/refresh_pattern.conf

dns_nameservers 8.8.8.8 8.8.4.4

cache_effective_user proxy
cache_effective_group proxy
cache_mgr FPUI
cachemgr_passwd none all
visible_hostname localhost
acl.conf

Code: Select all

#FPUI
# acl.conf r25

acl yutub url_regex -i .*youtube\.com\/.*$      #Harus ada jika pakai r25
acl yutub url_regex -i .*youtu\.be\/.*$         #Harus ada jika pakai r25

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/32
acl localnet src 192.168.2.0/24                  #NETWORK PROXY
acl localnet src 192.168.70.0/24		#NETWORK LOKAL
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32

acl SSL_ports port 443 563 873                  # https snews rsync
acl Safe_ports port 80 20 21 221 70 210 1025-65535 631 10000 901 280 488 591 777 873 110 995 25 587 995 2095 2096 2082 2083 18901-18909 3389          # default
acl manager proto cache_object
acl purge method PURGE
acl CONNECT method CONNECT

# Don't upgrade ShoutCast responses to HTTP
acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
# Apache mod_gzip and mod_deflate known to be broken so don't trust Apache to signal ETag correctly on such responses
acl apache rep_header Server ^Apache

acl redirec urlpath_regex -i .*&redirect_counter=1&cms_redirect=yes     #Harus ada jika pakai r25
acl redirec urlpath_regex -i .*&ir=1&rr=12                              #Harus ada jika pakai r25

acl reddeny url_regex -i c\.youtube\.com\/videoplayback.*redirect_counter=1.*$  #Harus ada jika pakai r25
acl reddeny url_regex -i c\.youtube\.com\/videoplayback.*cms_redirect=yes.*$    #Harus ada jika pakai r25

acl store_rewrite_list_domain url_regex ^http:\/\/([a-zA-Z-]+[0-9-]+)\.[A-Za-z]*\.[A-Za-z]*
acl store_rewrite_list_domain url_regex (([a-z]{1,2}[0-9]{1,3})|([0-9]{1,3}[a-z]{1,2}))\.[a-z]*[0-9]?\.[a-z]{3}
acl store_rewrite_list_path urlpath_regex \.(3gp|mp(3|4)|flv|(m|f)4v|on2|fid|avi|mov|wm(a|v)|(mp(e?g|a|e|1|2))|mk(a|v)|jp(e?g|e|2)|gif|png|tiff?|bmp|tga|svg|ico|swf|exe|ms(i|u|p)|cab|psf|mar|bin|z(ip|[0-9]{2})|r(ar|[0-9]{2})|7z|pkg)\?
acl store_rewrite_list_path urlpath_regex \.(3gp|mp(3|4)|flv|(m|f)4v|on2|fid|avi|mov|wm(a|v)|(mp(e?g|a|e|1|2))|mk(a|v)|jp(e?g|e|2)|gif|png|tiff?|bmp|tga|svg|ico|swf|exe|ms(i|u|p)|cab|psf|mar|bin|z(ip|[0-9]{2})|r(ar|[0-9]{2})|7z|pkg)$
acl store_rewrite_list_domain_CDN url_regex (khm|mt)[0-9]?(.google.com.*)/)
acl store_rewrite_list_domain_CDN url_regex (cbk|mt|khm|mlt|tbn)[0-9]?(.google\.co(m|\.uk|\.id).*)/)
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/photos-[a-z]?(.ak.fbcdn.net.*)/)
acl store_rewrite_list_domain_CDN url_regex \.rapidshare\.com.*\/[0-9]*\/.*\/[^\/]*
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*)
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/i[1-9]{3}(.photobucket.com.*)/)
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/i[1-9]{4}(.photobucket.com.*)/)
acl store_rewrite_list_domain_CDN url_regex streamate.doublepimp.com.*\.js\? \.doubleclick\.net.* yieldmanager cpxinteractive  quantserve\.com
acl store_rewrite_list url_regex \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|wmv|3gp|mp(4|3)|exe|msi|zip|on2|mar|swf)\?
acl store_rewrite_list url_regex -i \.youtube\.com\/videoplayback \.youtube\.com\/videoplay \.youtube\.com\/get_video\?
acl store_rewrite_list url_regex -i \.youtube\.[a-z][a-z]\/videoplayback \.youtube\.[a-z][a-z]\/videoplay \.youtube\.[a-z][a-z]\/get_video\?
acl store_rewrite_list url_regex -i \.google\.com\/videoplayback \.google\.com\/videoplay \.google\.com\/get_video\?
acl store_rewrite_list url_regex -i \.google\.[a-z][a-z]\/videoplayback \.google\.[a-z][a-z]\/videoplay \.google\.[a-z][a-z]\/get_video\?
acl store_rewrite_list url_regex -i proxy[a-z0-9\-][a-z0-9][a-z0-9][a-z0-9]?\.dailymotion\.com\/
acl store_rewrite_list url_regex -i vid\.akm\.dailymotion\.com\/
acl store_rewrite_list url_regex -i [a-z0-9][0-9a-z][0-9a-z]?[0-9a-z]?[0-9a-z]?\.xtube\.com\/(.*)flv
acl store_rewrite_list url_regex -i \.vimeo\.com\/(.*)\.(flv|mp4)
acl store_rewrite_list url_regex -i va\.wrzuta\.pl\/wa[0-9][0-9][0-9][0-9]?
acl store_rewrite_list url_regex -i \.msn\.com\.edgesuite\.net\/(.*)\.flv
acl store_rewrite_list url_regex -i \.mais\.uol\.com\.br\/(.*)\.flv
acl store_rewrite_list url_regex -i \.blip\.tv\/(.*)\.(flv|avi|mov|mp3|m4v|mp4|wmv|rm|ram|m4v)
acl store_rewrite_list url_regex -i \.break\.com\/(.*)\.(flv|mp4)

acl store_rewrite_allow_dom dstdomain .mccont.com .metacafe.com .cdn.dailymotion.com
acl store_rewrite_deny_dom  dstdomain .download.youporn.com .static.blip.tv
acl dontrewrite url_regex redbot\.org \.php
acl getmethod method GET

http_access allow manager localhost
http_access allow purge localhost
http_access deny manager
http_access deny purge
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports !Safe_ports
http_access allow localnet
http_access allow localhost
http_access deny to_localhost
http_access deny all

upgrade_http0.9 deny shoutcast
broken_vary_encoding allow apache

cache deny redirec

header_access Accept-Encoding deny all
header_access X-Forwarded-For deny all

storeurl_access deny reddeny
storeurl_access allow store_rewrite_list_domain
storeurl_access allow store_rewrite_list_path
storeurl_access allow store_rewrite_list_domain_CDN
storeurl_access allow store_rewrite_list
storeurl_access allow store_rewrite_allow_dom
storeurl_access deny store_rewrite_deny_dom
storeurl_access deny dontrewrite
storeurl_access deny !getmethod
storeurl_access deny all
#end of file
refresh_pattern.conf

Code: Select all

#FPUI
# refresh_pattern.conf
# r25

refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?)                            43200 999999% 43200 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern (get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?)        43200 999999% 43200 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale

refresh_pattern windowsupdate.com/.*\.(cab|exe)                 10080  999999%  43200 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
refresh_pattern update.microsoft.com/.*\.(cab|exe)              10080  999999%  43200 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
refresh_pattern download.microsoft.com/.*\.(cab|exe)            10080  999999%  43200 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale

refresh_pattern -i \.facebook.com.*\.(jpg|png|gif)                      129600 999999% 129600 ignore-reload ignore-no-cache ignore-no-store store-stale
refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3)                 129600 999999% 129600 ignore-reload ignore-no-cache ignore-no-store store-stale
refresh_pattern  static\.ak\.fbcdn\.net*\.(jpg|gif|png)                 129600 999999% 129600 ignore-reload ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png)        129600 999999% 129600 ignore-reload ignore-no-cache ignore-no-store store-stale

refresh_pattern ^http:\/\/apps.facebook.com.*\/         10080 999999% 43200 ignore-reload ignore-no-cache ignore-no-store store-stale
refresh_pattern -i \.zynga.com.*\/                      10080 999999% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate store-stale
refresh_pattern -i \.farmville.com.*\/                  10080 999999% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate store-stale
refresh_pattern -i \.ninjasaga.com.*\/                  10080 999999% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate store-stale
refresh_pattern -i \.mafiawars.com.*\/                  10080 999999% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate store-stale
refresh_pattern -i \.crowdstar.com.*\/                  10080 999999% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate store-stale
refresh_pattern -i \.popcap.com.*\/                     10080 999999% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate store-stale
refresh_pattern -i \.cityville.com.*\/                  10080 999999% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate store-stale


refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt)                        43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar)                   43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll)                          43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob)     43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv)     43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-lastmod reload-into-ims store-stale

refresh_pattern -i (/cgi-bin/|\?)       0       0%      0
refresh_pattern ^gopher:                1440    0%      1440
refresh_pattern ^ftp:                   10080   95%     241920  override-lastmod reload-into-ims store-stale
refresh_pattern .                       180     95%     120960  override-lastmod reload-into-ims store-stale
#end of file
tune.conf

Code: Select all

#FPUI
# tune.conf
# r25

strip_query_terms off           # Harus ada jika pakai r25
cache_mem 8 MB
cache_swap_low 98
cache_swap_high 99
minimum_object_size 0 KB
maximum_object_size 512 MB
maximum_object_size_in_memory 32 KB
ipcache_size 4096               # Mohon sesuaikan dengan RAM
ipcache_low 98
ipcache_high 99
fqdncache_size 2048             # Mohon sesuaikan dengan RAM
log_fqdn off
log_icp_queries off
half_closed_clients off
quick_abort_min 0
quick_abort_max 0
quick_abort_pct 98
vary_ignore_expire on
pipeline_prefetch on
reload_into_ims on
forwarded_for off
via off
client_db on
client_persistent_connections off
server_persistent_connections off
icp_hit_stale on
query_icmp on
memory_pools off
negative_ttl 30 seconds
max_filedescriptors 65535
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
store_dir_select_algorithm round-robin
uri_whitespace strip
emulate_httpd_log off
shutdown_lifetime 10 seconds
logfile_rotate 1
zph_mode tos
zph_local 0x04
zph_parent 0
zph_option 136
#end of file
r25.pl

Code: Select all

#!/usr/bin/perl

# Facebook Group https://www.facebook.com/groups/Mikrotik.Squid.Indonesia
# Forum ubuntu indonesia http://ubuntu-indonesia.com/

# mohon maaf lahir batin atas kesalahan yang telah diperbuat baik sengaja ataupun tidak
# storeurl ini hasil nyontek kepunyaan chudy ( chudy_fernandez@yahoo.com )
# link asalnya adalah
# https://code.google.com/p/pfsense-cacheboy/source/browse/trunk/lusca/storeurl.pl

# ADA BAIKNYA BANDINGKAN JUGA, AGAR TAU APAKAH SAYA COPAS MENTAH MENTAH
# SAYA TIDAK ADA MAKSUD CARI NAFKAH DARI STOREURL INI, SAYA TIDAK MENERIMA JASA SETTING WARNET ATAUPUN MEMILIKI WARNET

# for ALL Youtube ( range & non range )
# acl youtube url_regex -i youtube.*(ptracking|stream_204|player_204|gen_204) .*$
# acl youtube url_regex -i (youtube|googlevideo)\.com\/(get_video|videoplayback|videoplay).*$
# storeurl_access allow youtube

# dikarenakan ada keterangan di squid config dokumentasi seperti berikut
#       NOTE: when using StoreID refresh_pattern will apply to the StoreID
#             returned from the helper and not the URL.
# untuk refresh pattern di squid-3.head gunakan refresh pattern berikut untuk seluruh yg ada di sini
# refresh_pattern -i storeurl://.*SQUIDINTERNAL 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
# dan untuk storeid maka replace '$x . "' dengan '$X[0] . " OK store-id=' tanpa tanda petik tunggal (') tentunya

$|=1;
while (<>) {
    @X = split;
       $x = $X[0] . " ";
       $_ = $X[1];
       $u = $X[1];

        # Poto Pesbuk

# acl dontrewrite url_regex -i s\-platform\.ak\.fbcdn\.net
# acl store_rewrite_list url_regex -i fbcdn.*net
# refresh_pattern -i fbcdn.*net 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale

        # http://external.ak.fbcdn.net/safe_image.php?d=AQDfyygmJfvPVGen&w=154&h=154&url=http%3A%2F%2Fassets.kompas.com%2Fdata%2Fphoto%2F2013%2F04%2F10%2F1054532-jantungserangan780x390.jpg&cfs=1
        # http://static.ak.fbcdn.net/rsrc.php/v2/yb/r/GsNJNwuI-UM.gif
        # http://static.ak.fbcdn.net/rsrc.php/v2/y1/r/lBvtSWSBAGQ.png
        # http://s-platform.ak.fbcdn.net/www/app_full_proxy.php?app=211923588878449&v=1&size=z&cksum=d06fe084823f168f335a831a949bf61b&src=http%3A%2F%2Fbycdn8-i.akamaihd.net%2Fantwars_id%2Fimages%2Fcontinueslogin.png
        # hasil atas http://bycdn8-i.akamaihd.net/antwars_id/images/continueslogin.png
        # http://profile.ak.fbcdn.net/hprofile-ak-ash2/274241_1187750150_2088800094_q.jpg

if ($X[1] =~ m/^http\:\/\/[a-zA-Z0-9\-\_\.\%]*fbcdn[a-zA-Z0-9\-\_\.\%]*net\/safe\_image\.php\?(.*)/) {
        print $x . "storeurl://fbcdn.SQUIDINTERNAL/" . $1  . "\n";

} elsif ($X[1] =~ m/^http\:\/\/[a-zA-Z0-9\-\_\.\%]*fbcdn[a-zA-Z0-9\-\_\.\%]*net\/rsrc\.php\/(.*)/) {
        print $x . "storeurl://fbcdn.SQUIDINTERNAL/" . $1  . "\n";

} elsif ($X[1] =~ m/^http\:\/\/[a-zA-Z0-9\-\_\.\%]*fbcdn[a-zA-Z0-9\-\_\.\%]*net\/[a-zA-Z0-9\-\_\.\%]*\/(.*)/) {
        print $x . "storeurl://fbcdn.SQUIDINTERNAL/" . $1  . "\n";

        # Survey Google Menggelitik
# acl store_rewrite_list url_regex -i www\.google\-analytics\.com
# refresh_pattern -i google\-analytics\.com.*gif 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
        # http://www.google-analytics.com/__utm.gif?utmwv=5.4.3&utms=27&utmn=938635439&utmhn=handphone.tokobagus.com&utmt=event&utme=5(image*browse-photo*26201942)8(5!Detail)9(5!Handphone)&utmcs=UTF-8&utmsr=1366x768&utmvp=1350x641&utmsc=32-bit&utmul=en-us&utmje=1&utmfl=11.2%20r202&utmdt=Sony%20Ericsson%20Xperia%20Arc%20S%20-%20Tokobagus.com&utmhid=1672766072&utmr=0&utmp=%2Fsony-ericsson%2Fsony-ericsson-xperia-arc-s-26201942.html%3Frelated%3D1&utmht=1374079248247&utmac=UA-5908313-1&utmcc=__utma%3D223717764.136894205.1374078869.1374078869.1374078869.1%3B%2B__utmz%3D223717764.1374078869.1.1.utmcsr%3Dgoogle%7Cutmccn%3D(organic)%7Cutmcmd%3Dorganic%7Cutmctr%3Dtoko%2520bagus%3B&utmu=6RAAAC%7E

} elsif ($X[1] =~ m/^http:\/\/www\.google-analytics\.com\/__utm.gif\?.*/) {
                print $x . "storeurl://analytic.SQUIDINTERNAL/utm.gif\n";

        # Gambar Video
# acl store_rewrite_list url_regex -i video\.google\.com\/ThumbnailServer
# refresh_pattern -i video\.google\.com\/ThumbnailServer 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
        # http://video.google.com/ThumbnailServer2?app=blogger&contentid=32b710e374d15805&offsetms=5000&itag=w160&sigh=zQUsG2TTuxfG4g4nwoGvWdRMGy8
} elsif ($X[1] =~ m/^http:\/\/video.google.com\/ThumbnailServer.*/) {
        @id = m/[&?](contentid=[a-zA-Z0-9\-\_\.\%]*)/;
                @itag = m/[&?](itag=[a-zA-Z0-9\-\_\.\%]*)/;
        @set = m/[&?](offsetms=[^\&\s]*)/;
                print $x . "storeurl://Thumbnail.SQUIDINTERNAL/@id&@itag&@set\n";

 # Video Youtube
# acl dontrewrite url_regex redbot\.org (get_video|videoplayback\?id|videoplayback.*id).*begin\=[1-9][0-9]*
# acl store_rewrite_list url_regex -i (youtube|google).*(videoplayback|liveplay)
# refresh_pattern -i (youtube|google).*(videoplayback|liveplay) 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale

} elsif ($X[1] =~ m/^http(|s)\:\/\/.*youtube.*(ptracking|stream_204|player_204|gen_204).*(video_id|docid|v)\=([^\&\s]*).*/){
        $vid = $4 ;
        @cpn = m/[&?]cpn\=([^\&\s]*)/;
        if (defined($vid )) {
                $fn = "/var/log/squid/@cpn";
                unless (-e $fn) {
                        open FH,">".$fn ;
                        print FH "$vid\n";
                        close FH;
                }
        }
        print $x . $X[1] . "\n";

} elsif ($X[1] =~ m/^http\:\/\/.*(youtube|google).*videoplayback.*/){
        @itag = m/[&?](itag=[0-9]*)/;
        @ids = m/[&?]id\=([^\&\s]*)/;
        @mime = m/[&?](mime\=[^\&\s]*)/;
        @cpn = m/[&?]cpn\=([^\&\s]*)/;
        if (defined($cpn[0])) {
            $fn = "/var/log/squid/@cpn";
            if (-e $fn) {
                open FH,"<".$fn ;
                $id  = <FH>;
                chomp $id ;
                close FH ;
                  } else {
                $id = $ids[0] ;
            }
        } else {
          $id = $ids[0] ;
        }
        @range = m/[&?](range=[^\&\s]*)/;
        print $x . "http://video-srv.youtube.com.SQUIDINTERNAL/id=" . $id . "&@itag@range@mime\n";

        # Aplikasi Android
# acl dontrewrite url_regex redirector\.c\.android\.clients\.google\.com
# acl store_rewrite_list url_regex -i c\.android\.clients\.google\.com
# refresh_pattern -i c\.android\.clients\.google\.com 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
        #http://android.clients.google.com/market/download/Download?packageName=com.android.vending&versionCode=80210006&ch=zen2II1nK1Sx2swLcCn16w&ssl=0&token=AOTCm0RgtgrM6lpRdy7yASnedjpL9BHCO4mYdpfWfe6XifwG17ezhCxOQYadJKIITyEzF6Z-ihOthW61UOjraurXqeyoS2VWd-GU-gWMGBs&downloadId=-6463850153931383785
        #http://r3---sn-vgpvopq-jb3e.c.android.clients.google.com/market/GetBinary/com.android.vending/80210006/chzen2II1nK1Sx2swLcCn16w?ms=au&mt=1373980310&mv=m&expire=1374153183&ipbits=0&ip=0.0.0.0&cp=Snp1a2J1Q1g6MjI4MDkyNTE4ODIyNDUwMzUzMjM&sparams=expire,ipbits,ip,q:,cp&signature=BAF0CEF16EFEB23FA2CAB930E5ACDB983270B60D.5EBE4632F00487F6F5E9D7370762434C5AB9782D&key=am2

} elsif ($X[1] =~ m/^http:\/\/.*\.c\.android\.clients\.google\.com\/market\/GetBinary\/([a-zA-Z0-9\-\_\.\%]*)\/([0-9]*)\/.*/){
                print $x . "storeurl://android-apps.SQUIDINTERNAL/$1/$2\n";
} elsif ($X[1] =~ m/^http:\/\/.*\.c\.android\.clients\.google\.com\/market\/GetBinary\/([a-zA-Z0-9\-\_\.\%]*)\/([0-9]*)\?.*/){
                print $x . "storeurl://android-apps.SQUIDINTERNAL/$1/$2\n";

        # APPS APPLE
        # http://a1720.phobos.apple.com/us/r1000/085/Purple2/v4/6b/b9/f1/6bb9f130-d560-0b75-f5e5-16e4fdc1a3c0/mzps5959496558908157977.D2.dpkg.ipa
# refresh_pattern -i phobos\.apple\.com.*ipa 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale

} elsif ($X[1] =~ m/^http:\/\/[a-zA-Z0-9\-\_\.\%]*phobos\.apple\.com\/.*\/([a-zA-Z0-9\-\_\.\%]*\.ipa)/) {
                print $x . "storeurl://apple-apps.SQUIDINTERNAL/$1\n";

        #Speedtest
# acl store_rewrite_list url_regex -i \/speedtest\/.*(jpg|txt|png|swf)
# refresh_pattern -i \/speedtest\/.*(jpg|txt|png|swf)) 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
} elsif ($X[1] =~ m/^http\:\/\/.*\/speedtest\/([a-zA-Z0-9\-\_\.\%]*\.(jpg|txt|png|swf))\?.*/) {
        print $x . "storeurl://testspeed.SQUIDINTERNAL/" . $1 . "\n";

        ##################################################################################

        ## PORN Movies
        #http://porn.im.d4628d22.1534715.x.xvideos.com/videos/oldmobile/8/2/b/xvideos.com_82b853581318116942fd41e0e8e4e805.3gp?e=1364299432&ri=1024&rs=85&h=64c9096e902f6a28fbaa18942a4034d4
# acl store_rewrite_list url_regex -i \.xvideos\.com\/.*(3gp|mpg|flv|mp4)
# refresh_pattern -i \.xvideos\.com\/.*(3gp|mpg|flv|mp4) 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale

} elsif ($X[1] =~ m/^http:\/\/.*\.xvideos\.com\/.*\/([a-zA-Z0-9\-\_\.\%]*\.(3gp|mpg|flv|mp4))\?.*/){
                print $x . "storeurl://xvideos.SQUIDINTERNAL/$1\n";

                #http://154.46.32.87/key=5e2qYlZXbj6,end=1364305769/data=18446744072977812770/reftag=5412162/buffer=450K/speed=83200/1/xh/6/1815672_mom_gives_awesome_handjob.flv
# refresh_pattern -i \/xh.*(3gp|mpg|flv|mp4) 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale

} elsif ($X[1] =~ m/^http:\/\/[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\/.*\/xh.*\/([a-zA-Z0-9\-\_\.\%]*\.flv)/){
                print $x . "storeurl://Xhamster.SQUIDINTERNAL/$1\n";

        #http://213.174.156.23/key=kDRhok4XZMk,end=1364295197/reftag=5412166/buffer=1M/speed=170987/2/sp/6/repack117226.flv?start=0
} elsif ($X[1] =~ m/^http:\/\/[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+.*\/([a-zA-Z0-9\-\_\.\%]*\.flv)\?start=0/){
                print $x . "storeurl://Xhamster2.SQUIDINTERNAL/$1\n";

        #http://cdn2b.youjizz.com/videos/4/e/7/e/2/4e7e2b0ce3036.mp4?2792b87c889e01ca3b1a331e03d5a0718c4b4e7d777eff211b92848d3a84590620e5
} elsif ($X[1] =~ m/^http:\/\/.*\.youjizz\.com.*\/([a-zA-Z0-9\-\_\.\%]*\.(mp4|flv|3gp))\?.*/){
                print $x . "storeurl://YouJizz.SQUIDINTERNAL/$1\n";

        #http://cdn1.public.keezmovies.phncdn.com/200810/30/327964/240P_383K_327964.mp4?sr=6000&int=6000000b&nvb=20130327103508&nva=20130327123508&hash=085da11d99756faa95822
} elsif ($X[1] =~ m/^http:\/\/[a-zA-Z0-9\-\_\.\%]*\.keezmovies[a-zA-Z0-9\-\_\.\%]*\.com.*\/([a-zA-Z0-9\-\_\.\%]*\.(mp4|flv|3gp|mpg|wmv))\?.*/){
                print $x . "storeurl://KeezMovies.SQUIDINTERNAL/$1\n";

        #http://cdn1.public.tube8.com/201208/30/5436441/240P_195K_5436441.mp4?sr=3600&int=614400b&nvb=20130327104052&nva=20130327124052&hash=025102b4bdc2b07ec01fd
} elsif ($X[1] =~ m/^http:\/\/[a-zA-Z0-9\-\_\.\%]*\.tube8[a-zA-Z0-9\-\_\.\%]*\.com.*\/([a-zA-Z0-9\-\_\.\%]*\.(mp4|flv|3gp|mpg|wmv))\?.*/) {
                print $x . "storeurl://Tube8.SQUIDINTERNAL/$1\n";

        #http://cdn1b.public.youporn.phncdn.com/200612/02/2865/480p_370k_2865/YouPorn%20-%20very%20good%202Girls%201guy%20hard.mp4?s=1364341242&e=1364427642&ri=600&rs=750&h=fe3d1bfda00e560af0e7fa8cfb60d7b2
} elsif ($X[1] =~ m/^http:\/\/[a-zA-Z0-9\-\_\.\%]*\.youporn[a-zA-Z0-9\-\_\.\%]*\.com.*\/([a-zA-Z0-9\-\_\.\%]*\.(mp4|flv|3gp|mpg|wmv))\?.*/){
                print $x . "storeurl://YouPorn.SQUIDINTERNAL/$1\n";

        #http://cdn1.public.spankwire.phncdn.com/201302/02/709578/240P_300K_709578.mp4?nvb=20130327105920&nva=20130327125920&hash=0c73938b11cee1e872048
} elsif ($X[1] =~ m/^http:\/\/[a-zA-Z0-9\-\_\.\%]*\.spankwire[a-zA-Z0-9\-\_\.\%]*\.com.*\/([a-zA-Z0-9\-\_\.\%]*\.(mp4|flv|3gp|mpg|wmv))\?.*/) {
                print $x . "storeurl://SpankWire.SQUIDINTERNAL/$1\n";

        #http://cdn1b.embed.pornhub.phncdn.com/videos/201102/17/159492/480P_357K_159492.mp4?rs=150&ri=1000&ip=85.112.95.26&s=1364387220&e=1364389020&h=305f8b4ba7973e62a340a2e61dc10868
} elsif ($X[1] =~ m/^http:\/\/[a-zA-Z0-9\-\_\.\%]*\.pornhub[a-zA-Z0-9\-\_\.\%]*\.com.*\/([[a-zA-Z0-9\-\_\.\%]*\.(mp4|flv|3gp|mpg|wmv))\?.*/){
                print $x . "storeurl://PornHub.SQUIDINTERNAL/$1\n";

        #http://v3-xh.clients.cdn13.com/data/1817003.flv?cdn_hash=22591a4c2c98690574bea214ac95618b&cdn_creation_time=1364375095&cdn_ttl=14400
} elsif ($X[1] =~ m/^http:\/\/[a-zA-Z0-9\-\_\.\%\/]*.*\/([a-zA-Z0-9\-\_\.]+\.(flv|mp3|mp4|3gp|wmv))\?.*cdn\_hash.*/){
                print $x . "storeurl://media.SQUIDINTERNAL/$1\n";

        ###################################################################################

## FileHippo
        #http://fs40.filehippo.com/7642/72359c8e25864e74b56e0e922850e803/OriginSetup.exe
        #http://fs41.filehippo.com/7662/0c4cfb998b66473ba1292d6ed807c818/Firefox%20Setup%2020.0b6.exe
} elsif ($X[1] =~ m/^http:\/\/.*filehippo\.com\/.*\/([0-9a-zA-Z\%\.\_\-]+\.(exe|zip|cab|msi|mru|mri|bz2|gzip|tgz|rar|pdf))/){
                $y=$1;
                for ($y) {
                        s/%20//g;
                }
                print $x . "storeurl://FileHippo.SQUIDINTERNAL/$y\n";

                #BLOGSPOT
} elsif ($X[1] =~ m/^http:\/\/[1-4]\.bp\.blogspot\.com\/(.*)/) {
        print $x . "storeurl://blogspot.SQUIDINTERNAL/" . $1  . "\n";

                #ytimg
} elsif ($X[1] =~ m/^http:\/\/i[1-4]\.ytimg\.com(.*)/) {
                print $x . "storeurl://ytimg.SQUIDINTERNAL" . $1  . "\n";

                #AVAST
} elsif ($X[1] =~ m/^http:\/\/download[0-9]{3}\.avast\.com\/(.*)/) {
                print $x . "storeurl://avast.SQUIDINTERNAL/" . $1  .  "\n";

                #KAV
} elsif ($X[1] =~ m/^http:\/\/dnl-[0-9]{2}\.geo\.kaspersky\.com\/(.*)/) {
                print $x . "storeurl://kaspersky.SQUIDINTERNAL/" . $1  .  "\n";

                #maps.google.com
} elsif ($X[1] =~ m/^http:\/\/(cbk|mt|khm|mlt|tbn|mw)[0-9]?\.google\.co(m|\.uk|\.id)\/(.*)/) {
        print $x . "storeurl://google.SQUIDINTERNAL/" . $3 . "\n";

                #gstatic and/or wikimapia
} elsif ($X[1] =~ m/^http:\/\/([a-z])[0-9]?(\.gstatic\.com.*|\.wikimapia\.org)\/(.*)/) {
        print $x . "storeurl://wikimapia.SQUIDINTERNAL/" . $3 . "\n";


                #Cache High Latency Ads
} elsif ($X[1] =~ m/^http:\/\/([a-z0-9.]*)(\.doubleclick\.net|\.quantserve\.com|\.googlesyndication\.com|yieldmanager|cpxinteractive)(.*)/) {
        $y = $3;$z = $2;
        for ($y) {
        s/pixel;.*/pixel/;
        s/activity;.*/activity/;
        s/(imgad[^&]*).*/\1/;
        s/;ord=[?0-9]*//;
        s/;&timestamp=[0-9]*//;
        s/[&?]correlator=[0-9]*//;
        s/&cookie=[^&]*//;
        s/&ga_hid=[^&]*//;
        s/&ga_vid=[^&]*//;
        s/&ga_sid=[^&]*//;
        # s/&prev_slotnames=[^&]*//
        # s/&u_his=[^&]*//;
        s/&dt=[^&]*//;
        s/&dtd=[^&]*//;
        s/&lmt=[^&]*//;
        s/(&alternate_ad_url=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
        s/(&url=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
        s/(&ref=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
        s/(&cookie=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
        s/[;&?]ord=[?0-9]*//;
        s/[;&]mpvid=[^&;]*//;
        s/&xpc=[^&]*//;
        # yieldmanager
        s/\?clickTag=[^&]*//;
        s/&u=[^&]*//;
        s/&slotname=[^&]*//;
        s/&page_slots=[^&]*//;
        }
        print $x . "storeurl://" . $1 . $2 . $y . "\n";

                #cache high latency ads
} elsif ($X[1] =~ m/^http:\/\/(.*?)\/(ads)\?(.*?)/) {
        print $x . "storeurl://" . $1 . "/" . $2  . "\n";

} elsif ($X[1] =~ m/^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*?)/) {
        print $x . "storeurl://" . $1 . "\n";

                #cdn, varialble 1st path
} elsif (($X[1] =~ /filehippo/) && ($X[1] =~ m/^http:\/\/(.*?)\.(.*?)\/(.*?)\/(.*)\.([a-z0-9]{3,4})(\?.*)?/)) {
        @y = ($1,$2,$4,$5);
        $y[0] =~ s/[a-z0-9]{2,5}/cdn./;
        print $x . "storeurl://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";

                #rapidshare
} elsif (($X[1] =~ /rapidshare/) && ($X[1] =~ m/^http:\/\/(([A-Za-z]+[0-9-.]+)*?)([a-z]*\.[^\/]{3}\/[a-z]*\/[0-9]*)\/(.*?)\/([^\/\?\&]{4,})$/)) {
        print $x . "storeurl://cdn." . $3 . "/SQUIDINTERNAL/" . $5 . "\n";

} elsif (($X[1] =~ /maxporn/) && ($X[1] =~ m/^http:\/\/([^\/]*?)\/(.*?)\/([^\/]*?)(\?.*)?$/)) {
        print $x . "storeurl://" . $1 . "/SQUIDINTERNAL/" . $3 . "\n";

                #domain/path/.*/path/filename
} elsif (($X[1] =~ /fucktube/) && ($X[1] =~ m/^http:\/\/(.*?)(\.[^\.\-]*?[^\/]*\/[^\/]*)\/(.*)\/([^\/]*)\/([^\/\?\&]*)\.([^\/\?\&]{3,4})(\?.*?)$/)) {
        @y = ($1,$2,$4,$5,$6);
        $y[0] =~ s/(([a-zA-A]+[0-9]+(-[a-zA-Z])?$)|([^\.]*cdn[^\.]*)|([^\.]*cache[^\.]*))/cdn/;
        print $x . "storeurl://" . $y[0] . $y[1] . "/" . $y[2] . "/" . $y[3] . "." . $y[4] . "\n";

                #like porn hub variables url and center part of the path, filename etention 3 or 4 with or without ? at the end
} elsif (($X[1] =~ /tube8|pornhub|xvideos/) && ($X[1] =~ m/^http:\/\/(([A-Za-z]+[0-9-.]+)*?(\.[a-z]*)?)\.([a-z]*[0-9]?\.[^\/]{3}\/[a-z]*)(.*?)((\/[a-z]*)?(\/[^\/]*){4}\.[^\/\?]{3,4})(\?.*)?$/)) {
        print $x . "storeurl://cdn." . $4 . $6 . "\n";

                #general purpose for cdn servers. add above your specific servers.
} elsif ($X[1] =~ m/^http:\/\/([0-9.]*?)\/\/(.*?)\.(.*)\?(.*?)/) {
        print $x . "storeurl://squid-cdn-url/" . $2  . "." . $3 . "\n";

} elsif ($X[1] =~ m/^http:\/\/(.*?)(\.[^\.\-]*?\..*?)\/([^\?\&\=]*)\.([\w\d]{2,4})\??.*$/) {
        @y = ($1,$2,$3,$4);
        $y[0] =~ s/([a-z][0-9][a-z]dlod[\d]{3})|((cache|cdn)[-\d]*)|([a-zA-A]+-?[0-9]+(-[a-zA-Z]*)?)/cdn/;
        print $x . "storeurl://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";

                        # all that ends with ;
} elsif ($X[1] =~ m/^http:\/\/(.*?)\/(.*?)\;(.*)/) {
        print $x . "storeurl://" . $1 . "/" . $2  . "\n";

} else {
                print $x . $X[1] . "\n";
}
# end
}
kalo saya amati lognya hampir tidak ada TCP_HIT, hampir 90% TCP_MISS.
mohon koreksi & masukannya...

TQ sebelumnya

#update
setelah oprek2 file2 di atas... eng ing eeeeeeeeeng... trataaaaa...


tetep sama miss mulu :crazy:
Last edited by OnniePeWe on 27 Feb 2016, 21:49, edited 1 time in total.
Reason: abis oprek2 squid.conf acl.conf refresh_pattern.conf tune.conf r25.pl


User avatar
FirmanIdiotique
Contact:

Post 09 Apr 2014, 10:38

Ini kenapa yaa...
Help help

Code: Select all

root@ubuntu:~# squid -NDd1
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '(get_video\?|videoplayback\?|videodownload\?|\.flv?)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '(get_video\?|videoplayback\?|videodownload\?|\.flv?)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '(get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '(get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option 'windowsupdate.com/.*\.(cab|exe)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option 'windowsupdate.com/.*\.(cab|exe)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option 'update.microsoft.com/.*\.(cab|exe)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option 'update.microsoft.com/.*\.(cab|exe)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option 'download.microsoft.com/.*\.(cab|exe)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option 'download.microsoft.com/.*\.(cab|exe)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.facebook.com.*\.(jpg|png|gif)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.facebook.com.*\.(jpg|png|gif)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.fbcdn.net.*\.(jpg|gif|png|swf|mp3)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.fbcdn.net.*\.(jpg|gif|png|swf|mp3)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option 'static\.ak\.fbcdn\.net*\.(jpg|gif|png)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option 'static\.ak\.fbcdn\.net*\.(jpg|gif|png)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '^http:\/\/apps.facebook.com.*\/': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '^http:\/\/apps.facebook.com.*\/': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.zynga.com.*\/': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.zynga.com.*\/': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.zynga.com.*\/': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.farmville.com.*\/': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.farmville.com.*\/': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.farmville.com.*\/': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.ninjasaga.com.*\/': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.ninjasaga.com.*\/': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.ninjasaga.com.*\/': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.mafiawars.com.*\/': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.mafiawars.com.*\/': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.mafiawars.com.*\/': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.crowdstar.com.*\/': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.crowdstar.com.*\/': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.crowdstar.com.*\/': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.popcap.com.*\/': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.popcap.com.*\/': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.popcap.com.*\/': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.cityville.com.*\/': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.cityville.com.*\/': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.cityville.com.*\/': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt)': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar)': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll)': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob)': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv)': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '^ftp:': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '.': store-stale
2014/04/09 10:29:04| Starting Squid Cache version 2.7.STABLE9 for i686-pc-linux-gnu...
2014/04/09 10:29:04| Process ID 2017
2014/04/09 10:29:04| With 65535 file descriptors available
2014/04/09 10:29:04| Using epoll for the IO loop
2014/04/09 10:29:04| DNS Socket created at 0.0.0.0, port 33754, FD 6
2014/04/09 10:29:04| Adding nameserver 192.168.1.1 from squid.conf
2014/04/09 10:29:04| helperOpenServers: Starting 5 'storeurl.pl' processes
2014/04/09 10:29:04| Referer logging is disabled.
2014/04/09 10:29:04| logfileOpen: opening log /var/log/squid/access.log
2014/04/09 10:29:04| logfileOpen: opening log /var/log/squid/yt.log
2014/04/09 10:29:04| Unlinkd pipe opened on FD 17
2014/04/09 10:29:04| Swap maxSize 26214400 + 8192 KB, estimated 2017122 objects
2014/04/09 10:29:04| Target number of buckets: 100856
2014/04/09 10:29:04| Using 131072 Store buckets
2014/04/09 10:29:04| Max Mem  size: 8192 KB
2014/04/09 10:29:04| Max Swap size: 26214400 KB
2014/04/09 10:29:04| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2014/04/09 10:29:04| logfileOpen: opening log /dev/null
2014/04/09 10:29:04| Rebuilding storage in /cache (CLEAN)
2014/04/09 10:29:04| Using Round Robin store dir selection
2014/04/09 10:29:04| Set Current Directory to /var/spool/squid/
2014/04/09 10:29:04| Loaded Icons.
2014/04/09 10:29:04| Accepting transparently proxied HTTP connections at 0.0.0.0, port 3128, FD 21.
2014/04/09 10:29:04| Accepting SNMP messages on port 3401, FD 22.
2014/04/09 10:29:04| Pinger socket opened on FD 23
2014/04/09 10:29:04| Ready to serve requests.
2014/04/09 10:29:04| Done reading /cache swaplog (52 entries)
2014/04/09 10:29:04| Finished rebuilding storage from disk.
2014/04/09 10:29:04|        52 Entries scanned
2014/04/09 10:29:04|         0 Invalid entries.
2014/04/09 10:29:04|         0 With invalid flags.
2014/04/09 10:29:04|        52 Objects loaded.
2014/04/09 10:29:04|         0 Objects expired.
2014/04/09 10:29:04|         0 Objects cancelled.
2014/04/09 10:29:04|         0 Duplicate URLs purged.
2014/04/09 10:29:04|         0 Swapfile clashes avoided.
2014/04/09 10:29:04|   Took 0.3 seconds ( 191.8 objects/sec).
2014/04/09 10:29:04| Beginning Validation Procedure
2014/04/09 10:29:04|   Completed Validation Procedure
2014/04/09 10:29:04|   Validated 52 Entries
2014/04/09 10:29:04|   store_swap_size = 464k
2014/04/09 10:29:05| storeLateRelease: released 0 objects
2014/04/09 10:30:01| cachemgrParseUrl: action 'flushdns' not found
2014/04/09 10:30:02| Failed SNMP agent query from : 127.0.0.1.
2014/04/09 10:30:04| Failed SNMP agent query from : 127.0.0.1.
2014/04/09 10:30:06| Failed SNMP agent query from : 127.0.0.1.
2014/04/09 10:30:08| Failed SNMP agent query from : 127.0.0.1.
2014/04/09 10:30:10| Failed SNMP agent query from : 127.0.0.1.
2014/04/09 10:31:01| cachemgrParseUrl: action 'flushdns' not found
2014/04/09 10:31:01| icmpSend: send: (111) Connection refused
2014/04/09 10:31:01| Closing Pinger socket on FD 23
2014/04/09 10:31:04| storeAufsOpenDone: (2) No such file or directory
2014/04/09 10:31:04|    /cache/00/00/00000038
2014/04/09 10:32:01| cachemgrParseUrl: action 'flushdns' not found
2014/04/09 10:33:01| cachemgrParseUrl: action 'flushdns' not found
2014/04/09 10:34:01| cachemgrParseUrl: action 'flushdns' not found
2014/04/09 10:35:01| cachemgrParseUrl: action 'flushdns' not found
2014/04/09 10:35:01| Failed SNMP agent query from : 127.0.0.1.
2014/04/09 10:35:03| Failed SNMP agent query from : 127.0.0.1.
^C2014/04/09 10:35:04| Preparing for shutdown after 36 requests
2014/04/09 10:35:04| Waiting 0 seconds for active connections to finish
2014/04/09 10:35:04| FD 21 Closing HTTP connection
2014/04/09 10:35:05| Shutting down...
2014/04/09 10:35:05| FD 22 Closing SNMP socket
2014/04/09 10:35:05| aioSync: flushing pending I/O operations
2014/04/09 10:35:05| aioSync: done
2014/04/09 10:35:05| Closing unlinkd pipe on FD 17
2014/04/09 10:35:05| storeDirWriteCleanLogs: Starting...
2014/04/09 10:35:05|   Finished.  Wrote 52 entries.
2014/04/09 10:35:05|   Took 0.0 seconds (120930.2 entries/sec).
2014/04/09 10:35:05| aioSync: flushing pending I/O operations
2014/04/09 10:35:05| aioSync: done
2014/04/09 10:35:05| logfileClose: closing log /dev/null
2014/04/09 10:35:05| logfileClose: closing log /var/log/squid/access.log
2014/04/09 10:35:05| logfileClose: closing log /var/log/squid/yt.log
2014/04/09 10:35:05| aioSync: flushing pending I/O operations
2014/04/09 10:35:05| aioSync: done
2014/04/09 10:35:05| Squid Cache (Version 2.7.STABLE9): Exiting normally.
root@ubuntu:~# ^C



User avatar
OnniePeWe

Post 09 Apr 2014, 12:44

kayaknya diawal nyeting squid saya juga begitu mas...
coba otak atik refresh_pattern di squid.conf nya mas.


User avatar
OnniePeWe

Post 09 Apr 2014, 19:55

mas mas...
mau tanya...

TAG -> access_log /var/log/lusca/yt.log squid1 yutub

/var/log/lusca/yt.log -> path file
squid1 -> parameter apa ya?
yutub -> parameter apa ya?

trus mengenai oprek2 lusca...
setelah gonta ganti edat edit file squid.conf, r25.pl dan kawan2nya

access.log nya sedikit berubah yang tadinya dominan dengan TCP_MISS, sekarang dipenuhi TCP_MEM_HIT

1397037748.050 1101 192.168.70.9 TCP_MEM_HIT/302 1080 GET http://r17---sn-npo7en7r.googlevideo.com/videoplayback?
c=web&clen=16073424&cpn=3Y4NcTFMwjO2nFEC&cver=as3&dur=
245.880&expire=1397063730&fexp=939936%2C938649%2C916612
%2C937417%2C913434%2C936916%2C934022%2C936921%2C936923
&gir=yes&id=o-AG0mJSg0V4npSKdyf9njFaDlb5hBflNPaqeCc5Wkervr
&ip=202.182.189.50&ipbits=0&itag=135&keepalive=yes&key=yt5
&lmt=1389188608568356&range=0-1155071&ratebypass=yes&signature
=81BE0200AFCCFF0831D7D459FE8CBE748F139884.EEACAC105DC37491052BDDCD6F8B7204BE441F2F
&source=youtube&sparams=clen%2Cdur%2Cgir%2Cid%2Cip%2Cipbits%2Citag
%2Clmt%2Csource%2Cupn%2Cexpire&sver=3&upn=_wZZ4WM0AXU&redirect_counter=1
&req_id=b6ae8c7c72072321&cms_redirect=yes&ms=nxu&mt=1397037692
&mv=u - NONE/- text/html$
Saya ambil 1 contoh saja, minta tolong bantu terjemahkan.

kalo saya baca2 dari http://www.comfsm.fm/computing/squid/FAQ-6.html

1101 -> size objectnya kah? kalo betul, dalam satuan kb / byte?
TCP_MEM_HIT -> A valid copy of the requested object was in the cache and it was in memory, thus avoiding disk accesses. (object yang diminta client ditemukan ada pada memory sehingga tidak perlu mengecek HDD cache)
302 -> Moved Temporarily (object tsb di move dari mana ke mana ya?)
GET -> object retrieval and simple searches. (maksudnya akses langsung ke web aslinya seperti direct kah?)
NONE -> For TCP HIT, TCP failures, cachemgr requests and all UDP requests, there is no hierarchy information. (?)
text/html -> jenis objectnya kah? kok bukan jenis file video ya?

mohon dibantu...

TQ sebelumnya


User avatar
dermovel

Post 30 Apr 2014, 19:17

master...
bagi2 squid.conf dan storeurl.pl nya donk...

sudah hampir menyerah dengan yutub, apakah youtube sudah tidak bisa di cahce lagi ya...


mohon bantuannya.....


User avatar
riophone

Post 01 May 2014, 07:31

FirmanIdiotique wrote:Ini kenapa yaa...
Help help

Code: Select all

root@ubuntu:~# squid -NDd1
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '(get_video\?|videoplayback\?|videodownload\?|\.flv?)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '(get_video\?|videoplayback\?|videodownload\?|\.flv?)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '(get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '(get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option 'windowsupdate.com/.*\.(cab|exe)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option 'windowsupdate.com/.*\.(cab|exe)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option 'update.microsoft.com/.*\.(cab|exe)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option 'update.microsoft.com/.*\.(cab|exe)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option 'download.microsoft.com/.*\.(cab|exe)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option 'download.microsoft.com/.*\.(cab|exe)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.facebook.com.*\.(jpg|png|gif)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.facebook.com.*\.(jpg|png|gif)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.fbcdn.net.*\.(jpg|gif|png|swf|mp3)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.fbcdn.net.*\.(jpg|gif|png|swf|mp3)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option 'static\.ak\.fbcdn\.net*\.(jpg|gif|png)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option 'static\.ak\.fbcdn\.net*\.(jpg|gif|png)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '^http:\/\/apps.facebook.com.*\/': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '^http:\/\/apps.facebook.com.*\/': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.zynga.com.*\/': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.zynga.com.*\/': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.zynga.com.*\/': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.farmville.com.*\/': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.farmville.com.*\/': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.farmville.com.*\/': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.ninjasaga.com.*\/': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.ninjasaga.com.*\/': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.ninjasaga.com.*\/': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.mafiawars.com.*\/': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.mafiawars.com.*\/': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.mafiawars.com.*\/': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.crowdstar.com.*\/': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.crowdstar.com.*\/': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.crowdstar.com.*\/': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.popcap.com.*\/': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.popcap.com.*\/': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.popcap.com.*\/': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.cityville.com.*\/': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.cityville.com.*\/': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.cityville.com.*\/': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt)': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar)': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll)': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob)': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv)': ignore-no-store
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv)': ignore-must-revalidate
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '\.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv)': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '^ftp:': store-stale
2014/04/09 10:29:04| parse_refreshpattern: Unknown option '.': store-stale
2014/04/09 10:29:04| Starting Squid Cache version 2.7.STABLE9 for i686-pc-linux-gnu...
2014/04/09 10:29:04| Process ID 2017
2014/04/09 10:29:04| With 65535 file descriptors available
2014/04/09 10:29:04| Using epoll for the IO loop
2014/04/09 10:29:04| DNS Socket created at 0.0.0.0, port 33754, FD 6
2014/04/09 10:29:04| Adding nameserver 192.168.1.1 from squid.conf
2014/04/09 10:29:04| helperOpenServers: Starting 5 'storeurl.pl' processes
2014/04/09 10:29:04| Referer logging is disabled.
2014/04/09 10:29:04| logfileOpen: opening log /var/log/squid/access.log
2014/04/09 10:29:04| logfileOpen: opening log /var/log/squid/yt.log
2014/04/09 10:29:04| Unlinkd pipe opened on FD 17
2014/04/09 10:29:04| Swap maxSize 26214400 + 8192 KB, estimated 2017122 objects
2014/04/09 10:29:04| Target number of buckets: 100856
2014/04/09 10:29:04| Using 131072 Store buckets
2014/04/09 10:29:04| Max Mem  size: 8192 KB
2014/04/09 10:29:04| Max Swap size: 26214400 KB
2014/04/09 10:29:04| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2014/04/09 10:29:04| logfileOpen: opening log /dev/null
2014/04/09 10:29:04| Rebuilding storage in /cache (CLEAN)
2014/04/09 10:29:04| Using Round Robin store dir selection
2014/04/09 10:29:04| Set Current Directory to /var/spool/squid/
2014/04/09 10:29:04| Loaded Icons.
2014/04/09 10:29:04| Accepting transparently proxied HTTP connections at 0.0.0.0, port 3128, FD 21.
2014/04/09 10:29:04| Accepting SNMP messages on port 3401, FD 22.
2014/04/09 10:29:04| Pinger socket opened on FD 23
2014/04/09 10:29:04| Ready to serve requests.
2014/04/09 10:29:04| Done reading /cache swaplog (52 entries)
2014/04/09 10:29:04| Finished rebuilding storage from disk.
2014/04/09 10:29:04|        52 Entries scanned
2014/04/09 10:29:04|         0 Invalid entries.
2014/04/09 10:29:04|         0 With invalid flags.
2014/04/09 10:29:04|        52 Objects loaded.
2014/04/09 10:29:04|         0 Objects expired.
2014/04/09 10:29:04|         0 Objects cancelled.
2014/04/09 10:29:04|         0 Duplicate URLs purged.
2014/04/09 10:29:04|         0 Swapfile clashes avoided.
2014/04/09 10:29:04|   Took 0.3 seconds ( 191.8 objects/sec).
2014/04/09 10:29:04| Beginning Validation Procedure
2014/04/09 10:29:04|   Completed Validation Procedure
2014/04/09 10:29:04|   Validated 52 Entries
2014/04/09 10:29:04|   store_swap_size = 464k
2014/04/09 10:29:05| storeLateRelease: released 0 objects
2014/04/09 10:30:01| cachemgrParseUrl: action 'flushdns' not found
2014/04/09 10:30:02| Failed SNMP agent query from : 127.0.0.1.
2014/04/09 10:30:04| Failed SNMP agent query from : 127.0.0.1.
2014/04/09 10:30:06| Failed SNMP agent query from : 127.0.0.1.
2014/04/09 10:30:08| Failed SNMP agent query from : 127.0.0.1.
2014/04/09 10:30:10| Failed SNMP agent query from : 127.0.0.1.
2014/04/09 10:31:01| cachemgrParseUrl: action 'flushdns' not found
2014/04/09 10:31:01| icmpSend: send: (111) Connection refused
2014/04/09 10:31:01| Closing Pinger socket on FD 23
2014/04/09 10:31:04| storeAufsOpenDone: (2) No such file or directory
2014/04/09 10:31:04|    /cache/00/00/00000038
2014/04/09 10:32:01| cachemgrParseUrl: action 'flushdns' not found
2014/04/09 10:33:01| cachemgrParseUrl: action 'flushdns' not found
2014/04/09 10:34:01| cachemgrParseUrl: action 'flushdns' not found
2014/04/09 10:35:01| cachemgrParseUrl: action 'flushdns' not found
2014/04/09 10:35:01| Failed SNMP agent query from : 127.0.0.1.
2014/04/09 10:35:03| Failed SNMP agent query from : 127.0.0.1.
^C2014/04/09 10:35:04| Preparing for shutdown after 36 requests
2014/04/09 10:35:04| Waiting 0 seconds for active connections to finish
2014/04/09 10:35:04| FD 21 Closing HTTP connection
2014/04/09 10:35:05| Shutting down...
2014/04/09 10:35:05| FD 22 Closing SNMP socket
2014/04/09 10:35:05| aioSync: flushing pending I/O operations
2014/04/09 10:35:05| aioSync: done
2014/04/09 10:35:05| Closing unlinkd pipe on FD 17
2014/04/09 10:35:05| storeDirWriteCleanLogs: Starting...
2014/04/09 10:35:05|   Finished.  Wrote 52 entries.
2014/04/09 10:35:05|   Took 0.0 seconds (120930.2 entries/sec).
2014/04/09 10:35:05| aioSync: flushing pending I/O operations
2014/04/09 10:35:05| aioSync: done
2014/04/09 10:35:05| logfileClose: closing log /dev/null
2014/04/09 10:35:05| logfileClose: closing log /var/log/squid/access.log
2014/04/09 10:35:05| logfileClose: closing log /var/log/squid/yt.log
2014/04/09 10:35:05| aioSync: flushing pending I/O operations
2014/04/09 10:35:05| aioSync: done
2014/04/09 10:35:05| Squid Cache (Version 2.7.STABLE9): Exiting normally.
root@ubuntu:~# ^C

Kalau dilihat, yang dipakai itu Squid bukan Lusca.


User avatar
happiers07

Post 05 May 2014, 15:47

udah lama banget ga ubek2 youtube, pusing update mulu dan fungsinya ga sebanding dengan pusingnya hahaha....


User avatar
cah_clacap

Post 20 May 2014, 09:56

teman2 semua ...apa iya nich ....denger2 ID yutub kembali ke dinamic lagi ...????


User avatar
riophone

Post 20 May 2014, 13:28

memang kembali ke dinamis, lihat aja di log


User avatar
cah_clacap

Post 20 May 2014, 15:35

riophone wrote:memang kembali ke dinamis, lihat aja di log
+++++++++++++++++++++++++++++

berarti storan url-nya bagus pake yg mana ya ????
apa perlu pake referer.log lagi??


User avatar
riophone

Post 20 May 2014, 22:11

kalau saya pakai referer sudah 1 bulan yang lalu, krn dinamis, malah saya pernah jumpai youtube pakai 206


User avatar
izal82
Contact:

Post 24 May 2014, 13:31

saya g ngerti bahasa perl, tp ada yg pernah coba ganti
#3 Gambar Video
} elsif ($X[1] =~ m/^http:\/\/video.google.com\/ThumbnailServer.*/) {
@id = m/[&?](contentid=[a-zA-Z0-9\-\_\.\%]*)/;
@itag = m/[&?](itag=[a-zA-Z0-9\-\_\.\%]*)/;
@set = m/[&?](offsetms=[^\&\s]*)/;
print $x . "storeurl://thumbnail.SQUIDINTERNAL/@id&@itag&@set\n";

menjadi
#3 Gambar Video
} elsif ($X[1] =~ m/^http:\/\/video.google.com\/ThumbnailServer.*/) {
@id = m/[&?](contentid=[a-zA-Z0-9\-\_\.\%]*)/;
@itag = m/[&?](itag=[a-zA-Z0-9\-\_\.\%]*)/;
@set = m/[&?](offsetms=[^\&\s]*)/;
print $x . "http://thumbnail.SQUIDINTERNAL/@id&@itag&@set\n";


User avatar
riophone

Post 24 May 2014, 17:06

itukan thumbnail tampilan gambar file streaming di halaman yutub


User avatar
cah_clacap

Post 04 Jul 2014, 14:03

tumben warga FUI ga ada yg nongol ...... udah lama ga da yg share store.url dan config yang baru dr squid atau lusca


User avatar
cah_clacap

Post 04 Jul 2014, 14:04

riophone wrote:kalau saya pakai referer sudah 1 bulan yang lalu, krn dinamis, malah saya pernah jumpai youtube pakai 206
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Pake referer.log juga kadang masih bermasalah ....... sering buffering lama ...... terus berhenti tanpa pemberitahuan .....


User avatar
otonk

Post 07 Aug 2014, 11:41

gan mo tanya cara ngilangin ginian gimana ya, dah didlet manual muncul lagi....???
Image

ada saran gan....????


User avatar
otonk

Post 18 Aug 2014, 22:00

otonk wrote:gan mo tanya cara ngilangin ginian gimana ya, dah didlet manual muncul lagi....???
Image

ada saran gan....????
kok sepi ya......


User avatar
anbel
Contact:

Post 26 Aug 2014, 14:24

otonk wrote:
otonk wrote:gan mo tanya cara ngilangin ginian gimana ya, dah didlet manual muncul lagi....???
Image

ada saran gan....????
kok sepi ya......
@ Mas Otonk
Itu log cpn dari video Youtube
Hapus auto saja setiap lebih 60 menit

Pakai perintah crontab -e
masukan perintah sebagai berikut:
0 * * * * find /var/log/squid/ -type f -mmin +60 -delete >/dev/null 2>&1


User avatar
Novanict

Post 01 Oct 2014, 11:51

Agan agan mastah, apakah youtube eror lagi? ane coba dari kemarin gak ada yg masuk cache sama sekali :(


User avatar
anbel
Contact:

Post 02 Oct 2014, 11:26

Mas Novanict, pakai squid versi berapa?


User avatar
Novanict

Post 06 Oct 2014, 15:12

mas segabdog, boleh tau mas pake flash player versi berapa ya detail nya? soalnya saya juga ngalami ini, resolusi youtube berubah mulu jadi ngadat


User avatar
Novanict

Post 06 Oct 2014, 15:20

mas anbel, saya pake lusca head r14942 permasalahan kemaren ada di flash player nya. sekarang youtube mulai rewel lagi ya ? saya putar video, si youtube gonta ganti resolusi mulu, jadi susah dicache video nya, ada solusi untuk kunci resolusi video nya ?


User avatar
anbel
Contact:

Post 10 Oct 2014, 13:53

@Mas Novanict
Silahkan dibrowser ditambahkan addon Majig Video for youtube dan seting sesuai keinginan resolusinya: Majig Action

Kalau yg mau ribet install apache2, node.js & npm nanti buat server dg port 80 & 443
Dijamin yahut, tapi dijamin mumet juga :D


User avatar
adriano

Post 15 Oct 2014, 00:39

anbel wrote:@Mas Novanict
Silahkan dibrowser ditambahkan addon Majig Video for youtube dan seting sesuai keinginan resolusinya: Majig Action

Kalau yg mau ribet install apache2, node.js & npm nanti buat server dg port 80 & 443
Dijamin yahut, tapi dijamin mumet juga :D
nyubi ikutan nimbrung gan...:)
stuju sekali untuk penggunaan addon di browser pake"magic action for youtube" untuk mematikan auto resolution bawaan youtube..:)

hal menarik lainnya dari fitur add on ini adalah kita bisa seolah2 mendapatkan "single link" videonya youtube, bahkan emang bener2 single link (lusca only).
tips nya,
masuk option,
- enable auto HD ,set fix resulution,eg.360p
- hide ads (optional)
- force player type > flash
- Speed Booster - Better video preloading / buffering
-- HIT youtube serasa single link
real youtube single link (lusca and firefox only)
- enable auto HD ,set fix resulution,eg.360p
- hide ads (optional)
- force player type > HTML5
- Speed Booster - Better video preloading / buffering
-- HIT youtube single link (status 206) :)


User avatar
izal82
Contact:

Post 23 Oct 2014, 17:00

Ada yang pernah pakai Apache Traffic SErver g? ini punya ku kok aneh di video muncul "an error .........." tapi kok lagu nya masih suara masih jalan.
Elapsed time stats Min Max Avg Std Deviation
------------------------------------------------------------------------------
Cache hit 1 78,331 533.42 3860.49
Cache hit IMS 1 372 52.56 44.09
Cache hit refresh 20 20,198 1645.81 3780.75
Cache hit other 1 66,330 7314.99 10915.09
Cache hit total 1 78,331 1427.88 6143.91
Cache miss 15 50,785 1340.15 3653.08
Cache miss IMS 67 21,353 2805.98 5152.91
Cache miss refresh 40 43,235 2598.09 5481.68
Cache miss other 0 0 0.00 0.00
Cache miss total 15 50,785 1369.64 3703.73




Request Result Count Percent Bytes Percent
------------------------------------------------------------------------------
Cache hit 1,462 10.59% 39.95MB 21.37%
Cache hit IMS 802 5.81% 194.33KB 0.10%
Cache hit refresh 98 0.71% 1.25MB 0.67%
Cache hit other 1,370 9.93% 35.79MB 19.15%
Cache hit total 3,732 27.04% 77.18MB 41.29%

Cache miss 9,061 65.65% 83.04MB 44.43%
Cache miss IMS 86 0.62% 459.70KB 0.24%
Cache miss refresh 117 0.85% 2.16MB 1.16%
Cache miss other 0 0.00% 0.00KB 0.00%
Cache miss total 9,264 67.12% 85.65MB 45.83%

Client aborted 787 5.70% 23.87MB 12.77%
Connect failed 3 0.02% 1.33KB 0.00%
Invalid request 2 0.01% 0.43KB 0.00%
Unknown error(99) 9 0.07% 0.00KB 0.00%
Other errors 0 0.00% 0.00KB 0.00%
Errors total 801 5.80% 23.88MB 12.77%
..............................................................................
Total requests 13,803 100.00% 186.90MB 100.00%


User avatar
Novanict

Post 26 Nov 2014, 12:40

selamat siang masta masta, cache youtube saya eror lagi ni. apa ada yang mengalami sama seperti saya akir2 ini ?


User avatar
kuroseno

Post 09 Dec 2014, 06:25

master2 ada ngalamin kejadian yang baru terjadi di tempat saya, dua hari yang lalu youtube videonya semua miss , liat di log sepertinya youtube ganti eextensi video ke webm kalo audionya masih mp4 dan hit di log lusca server dtempat saya, nah kejadiannya mulai kemaren saya coba buka youtube lagi eh malah langsung redirect ke port 443 alias socket, dan server luscanya langsung mengheningkan cipta deh master,,, :(


User avatar
Novanict

Post 09 Dec 2014, 12:19

saya sudah ngalamin itu hampir 2 minggu yang lalu om kuroseno, semua video youtube miss gak ada yang masuk ke cache, apa ada update an storeurl nya yg baru ?


User avatar
paten

Post 10 Dec 2014, 07:45

youtube ngak bisa lagi http barangkali


User avatar
kuroseno

Post 15 Dec 2014, 10:48

Novanict wrote:saya sudah ngalamin itu hampir 2 minggu yang lalu om kuroseno, semua video youtube miss gak ada yang masuk ke cache, apa ada update an storeurl nya yg baru ?

kemungkinan begitu gan, mana fiber optik belum sampai ditempat saya...


User avatar
maleonet

Post 05 Jan 2015, 15:17

maap, mau gelar squid conf yg dapet dr pastebin om syaifuddin_jw, trus saya edit dikit buat pemakaian squid 2.7Stable9 os Debian 7.6 x86 pada virtual private server.

mengikuti aturan pada om q_p pada page 38 :
acl.conf
#FPUI
# acl.conf r25

acl yutub url_regex -i .*youtube\.com\/.*$
acl yutub url_regex -i .*youtu\.be\/.*$

acl all src all
acl localhost src 127.0.0.1/32
#acl localnet src 192.168.0.0/24
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl ncsa_users proxy_auth REQUIRED

acl SSL_ports port 443 563 873
acl Safe_ports port 80 20 21 221 70 210 1025-65535 631 10000 901 280 488 591 777 873 110 995 25 587 995 2095 2096 2082 2083 18901-18909
acl manager proto cache_object
acl purge method PURGE
acl CONNECT method CONNECT

# Don't upgrade ShoutCast responses to HTTP
acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
# Apache mod_gzip and mod_deflate known to be broken so don't trust Apache to signal ETag correctly on such responses
acl apache rep_header Server ^Apache
acl crome url_regex -i ^http:\/\/.*\.pack.google.com\/edgedl\/chrome\/win\/.*
acl crome url_regex -i ^http:\/\/cache.pack.google.com\/edgedl\/.*
acl crome url_regex -i ^http:\/\/www.google.com\/dl\/chrome\/win\/.*
http_access deny crome

range_offset_limit 1 KB

acl redir urlpath_regex -i \.htm$ cgi-bin \.php$ \.asp$ \.shtml$ \.cfm$ \.cfml$ \.phtml$ \.php3$
acl redir urlpath_regex -i &redirect_counter=.*cms_redirect=yes
acl nocache url_regex -i \.(form&lang=in_ID|pointblank.css|Login.do|login_form.css|form.css)$
acl nocache url_regex -i \.(j_spring_security_check|noupdate.ui|afs.dat|PatchTimeCheck.dat|PatchPath.dat|wpad.dat|cacheKey=|sources|captcha|recaptcha|reset|version|latest|login|notice|patchinfo.xml|patcherContent.php|gs_service_login.php|iepngfix.htc|str_mission_id.stg|str_id.stg|dc-canvas|BotDetectCaptcha.ashx)
acl nocache url_regex -i \.*gemscool\.com\/registration\/.*
acl nocache url_regex -i \.*gemscool\.com\/isiGcash\/.*
acl nocache url_regex -i ^http.*garenanow\.com\/imupdate\/.*garena\.game\.plugins\/.*
acl nocache url_regex -i ^http.*(youtube|google).*\/s?.*\=.*&vq\=.*&fs\=.*$
acl nocache url_regex -i ^http.*mdn\.net\/instream\/flash\/v[0-9]\/adsapi.*.swf
acl nocache url_regex -i ^http.*app\.ninjasaga\.com\/.*
acl nocache url_regex -i ^http.*(youtube|google).*(&redirect_counter=1&cms_redirect=yes|&ir=1&rr=12).*
acl nocache url_regex -i ^http.*live\.mytrans\.com.*
acl nocache url_regex -i ^http.*socialpointgames\.com\/dragoncity.*USERID.*
acl nocache url_regex -i ^http.*fb_source=bookmark_apps.*
acl nocache url_regex -i ^http.*gvoucher.*
#acl nocache url_regex -i ^http.*gemscool\.com.*hackshield.*
acl nocache url_regex -i ^http.*squid\-cache\.org\/Versions\/v\d\/\d\.\d\/
acl nocache url_regex -i ^http:\/\/m\.detik\.com\/urchin\.js$
acl nocache url_regex -i ^https?:\/\/(192|1)\.(168|1)\.(1|87)\.[0-9]+.*
acl nocache url_regex -i ^http.*soxdn\.com.*\.(css|html|js|swf)$
acl nocache url_regex -i boxza\.com.*
acl nocache url_regex -i star\.gif$
acl nocache url_regex -i idol-street\.com.*\.(js|css)$
acl nocache url_regex -i ^http:\/\/202\.93\.17\.199.*\/ext\.cfg\.[0-9]+$
acl nocache url_regex -i ^http:\/\/202\.93\.17\.199.*\/xyz\.ids\.[0-9]+$
acl nocache url_regex -i ^http:\/\/103\.13\.229\.115.*\.(js|css|xml)$

# ACL storeurl
# -----------------------------------------------------------------------------
acl norewrite url_regex -i redbot\.org (get_video|videoplayback\?id|videoplayback.*id).*begin\=[1-9][0-9]*
acl norewrite url_regex -i s\-platform\.ak\.fbcdn\.net
acl norewrite url_regex redirector\.c\.android\.clients\.google\.com

acl storeurl-helper url_regex -i ^http:\/\/(videos|photos).*\.ak\.instagram\.com\/hphotos.*
acl storeurl-helper url_regex -i youtube.*(ptracking|stream_204|player_204|gen_204).*(video_id|docid|v)\=.*
acl storeurl-helper url_regex -i ^https?:\/\/.*(youtube|google).*(videoplayback|liveplay).*
acl storeurl-helper url_regex -i ^https?:\/\/.*\.steampowered\.com\/depot\/[0-9]+\/chunk\/([^\?]*)
acl storeurl-helper url_regex -i ^https?:\/\/.*(akamaihd|fbcdn)\.net\/.*
acl storeurl-helper url_regex -i ^https?:\/\/.*\.google\.com\/chrome\/win\/.+\/(.*\.exe)
acl storeurl-helper url_regex -i ^https?:\/\/.*\.ytimg\.com(.*\.(webp|jpg|gif))
acl storeurl-helper url_regex -i ^https?:\/\/.*firedrive\.com\/download\/[0-9]+\/[0-9]+\/.*\?h=.*e\=.*f\=(.*)\&.*
acl storeurl-helper url_regex -i ^https?:\/\/.*\.4shared\.com\/.*\/dlink__[23]F([\w]+)_[23]F(.*)\_3Ftsid_[\w].*
acl storeurl-helper url_regex -i ^https?:\/\/.*\.4shared\.com\/download\/([^\/]*).*
acl storeurl-helper url_regex -i ^https?:\/\/.*\.[a-z]+\.bing\.net\/(.*)\&w=.*
acl storeurl-helper url_regex -i ^https?:\/\/.*\.bing\.(net|com)\/.*\?id=([a-zA-Z]\.[0-9]+)&pid=.*
acl storeurl-helper url_regex -i ^https?:\/\/.*\.gstatic\.com\/images\?q=tbn\:(.*)
acl storeurl-helper url_regex -i ^https?:\/\/.*\.reverbnation\.com\/.*\/(ec_stream_song|download_song_direct|stream_song)\/([0-9]*).*
acl storeurl-helper url_regex -i ^https?:\/\/.*\.dl\.sourceforge\.net\/(.*\.(exe|zip|mp3|mp4))
acl storeurl-helper url_regex -i ^https?:\/\/fs[0-9]+\.filehippo\.com\/[^\/]*\/[^\/]*\/(.*)
acl storeurl-helper url_regex -i ^https?:\/\/download[0-9]+.mediafire\.com\/.*\/\w+\/(.*)
acl storeurl-helper url_regex -i ^https?:\/\/.*android\.clients\.google\.com\/[a-z]+\/[a-zA-Z]+\/[a-zA-Z]+\/(.*)\/([0-9]+)\?.*
acl storeurl-helper url_regex -i ^https?:\/\/.*(googleusercontent.com|blogspot.com)\/(.*)\/([a-z0-9]+)(-[a-z]-[a-z]-[a-z]+)?\/(.*\.(jpg|png))
acl storeurl-helper url_regex -i ^https?:\/\/global-shared-files-[a-z][0-9]\.softonic\.com\/.{3}\/.{3}\/.*\/.*\=(.*\.exe)
acl storeurl-helper url_regex -i ^https?:\/\/.*netmarble\.co\.id\/.*\/(data|ModooMarble)\/(.*)
acl storeurl-helper url_regex -i ^https?:\/\/(.*)\.windowsupdate\.com\/(.*)\/(.*)\/([a-z].*)
acl storeurl-helper url_regex -i ^https?:\/\/.*filetrip\.net\/.*\/((.*)\.([^\/\?\&]{2,4}))\?.*$
acl storeurl-helper url_regex -i ^https?:\/\/.*get4mobile\.net\/.*f=([^\/\?\&]*).*$
acl storeurl-helper url_regex -i ^https?:\/\/.*thestaticvube\.com\/.*\/(.*)
acl storeurl-helper url_regex -i ^https?:\/\/113\.6\.235\.171\/youku\/.*\/(.*\.flv)
acl storeurl-helper url_regex -i ^https?:\/\/\d+\.\d+\.\d+\.\d+\/drama\/(.*\.mp4)\?.*\=(\d+)
acl storeurl-helper url_regex -i ^https?:\/\/([a-z])[\d]{1,2}?(.gstatic\.com.*|\.wikimapia\.org.*)
acl storeurl-helper url_regex -i ^https?:\/\/.*\.[a-z][0-9]\.(tiles\.virtualearth\.net)\/(.*\&n=z)
acl storeurl-helper url_regex -i ^https?:\/\/imgv2-[0-9]\.scribdassets\.com\/(.*)
acl storeurl-helper url_regex -i ^https?:\/\/(.*?)\/(archlinux\/[a-zA-Z].*\/os\/.*)
acl storeurl-helper url_regex -i ^https?:\/\/(.*?)\/speedtest\/(.*\.(jpg|txt))\??.*$
acl storeurl-helper url_regex -i ^https?:\/\/i[1-9]{3}\.photobucket\.com\/(.*)
acl storeurl-helper url_regex -i ^https?:\/\/i[1-9]{4}\.photobucket\.com\/(.*)
acl storeurl-helper url_regex -i ^https?:\/\/avideos\.5min\.com\/.*\/(.*)\?.*
acl storeurl-helper url_regex -i ^https?:\/\/.*\.catalog\.video\.msn\.com\/.*\/(.*\.(mp4|flv|m4v))
acl storeurl-helper url_regex -i ^https?:\/\/v\.imwx\.com\/.*\/(.*)\?.*
acl storeurl-helper url_regex -i ^https?:\/\/video[0-9]\.break\.com\/.*\/(.*)\?.*
acl storeurl-helper url_regex -i ^https?:\/\/.*\.video[0-9]\.blip\.tv\/.*\/(.*)\?.*
acl storeurl-helper url_regex -i ^https?:\/\/ss[0-9]\.vidivodo\.com\/vidivodo\/vidservers\/server[0-9]*\/videos\/.*\/([a-zA-Z0-9.]*)\?.*
acl storeurl-helper url_regex -i ^https?:\/\/video\-http\.media\-imdb\.com\/([a-zA-Z0-9\@\_\-]+\.(mp4|flv|m4v))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/(vl|v)\.mccont\.com\/(.*)\/(.*\.(mp4|m4v|flv))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/(vid.{0,2}|proxy.*)(\.ak|\.ec|\.akm|)\.(dmcdn\.net|dailymotion\.com)\/.*\/(frag.*\.(flv|mp4|m4v)).*
acl storeurl-helper url_regex -i ^https?:\/\/[a-zA-Z0-9\-\_\.\%]*\.vimeo[a-zA-Z0-9\-\_\.\%]*\.com.*\/([[a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg|web))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/fcache\.veoh\.com\/.*\/.*(l[0-9]*\.(mp4|flv))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/video\.thestaticvube\.com\/.*\/(.*)
acl storeurl-helper url_regex -i ^https?:\/\/cdn[0-9]\.videos\.videobash\.com\/.*\/(.*\.(mp4|m4v|flv))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/[a-zA-Z0-9\-\_\.\%]*\.phncdn[a-zA-Z0-9\-\_\.\%]*\.com.*\/([[a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/.*\.xvideos\.com\/.*\/([a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/[a-zA-Z0-9\-\_\.\%]*\.tube8[a-zA-Z0-9\-\_\.\%]*\.com.*\/([a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/.*\.(redtube|redtubefiles)\.com\/.*\/([a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\/.*\/xh.*\/([a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))
acl storeurl-helper url_regex -i ^https?:\/\/[a-zA-Z0-9\-\_\.\%]*\.xhcdn[a-zA-Z0-9\-\_\.\%]*\.com.*\/([a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/[a-zA-Z0-9\-\_\.\%]*\.nsimg[a-zA-Z0-9\-\_\.\%]*\.net.*\/([a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/.*\.youjizz\.com.*\/([a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/[a-zA-Z0-9\-\_\.\%]*\.public\.keezmovies[a-zA-Z0-9\-\_\.\%]*\.com.*\/([a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/[a-zA-Z0-9\-\_\.\%]*\.youporn[a-zA-Z0-9\-\_\.\%]*\.com.*\/([a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/[a-zA-Z0-9\-\_\.\%]*\.spankwire[a-zA-Z0-9\-\_\.\%]*\.com.*\/([a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/[a-zA-Z0-9\-\_\.\%]*\.pornhub[a-zA-Z0-9\-\_\.\%]*\.com.*\/([[a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/[a-zA-Z0-9\-\_\.\%]*\.us.playvid[a-zA-Z0-9\-\_\.\%]*\.com.*\/([[a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/[a-zA-Z0-9\-\_\.\%]*\.slutload-media[a-zA-Z0-9\-\_\.\%]*\.com.*\/([[a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/[a-zA-Z0-9\-\_\.\%]*\.hardsextube[a-zA-Z0-9\-\_\.\%]*\.com.*\/([[a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/[a-zA-Z0-9\-\_\.\%]*\.public\.extremetube[a-zA-Z0-9\-\_\.\%]*\.com.*\/([[a-zA-Z0-9\-\_\.\%]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*
acl storeurl-helper url_regex -i ^https?:\/\/([a-z0-9.]*)(\.doubleclick\.net|\.quantserve\.com|.exoclick\.com|interclick.\com|\.googlesyndication\.com|\.auditude\.com|.visiblemeasures\.com|yieldmanager|cpxinteractive)(.*)
acl storeurl-helper url_regex -i ^https?:\/\/(.*?)\/(ads)\?(.*?)
acl storeurl-helper url_regex -i ^https?:\/\/[a-zA-Z0-9\-\_\.\%]*phobos\.apple\.com\/.*\/([a-zA-Z0-9\-\_\.\%]*\.ipa)
acl storeurl-helper url_regex -i ^https?:\/\/fs\w*\.fileserve\.com\/file\/(\w*)\/[\w-]*\.\/(.*)
acl storeurl-helper url_regex -i ^https?:\/\/s[0-9]*\.filesonic\.com\/download\/([0-9]*)\/(.*)
acl storeurl-helper url_regex -i ^https?:\/\/download[0-9]{3}\.avast\.com\/(.*)
acl storeurl-helper url_regex -i ^https?:\/\/[a-zA-Z0-9]+\.[a-zA-Z0-9]+x\.[a-z]\.avast\.com\/[a-zA-Z0-9]+x\/(.*\.vpx)
acl storeurl-helper url_regex -i ^https?:\/\/[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*\/(iavs.*)
acl storeurl-helper url_regex -i ^https?:\/\/.*\.starhub\.com\/[a-z]+\/[a-z]+\/[a-z]+\/(.*exe)\?[0-9]
acl storeurl-helper url_regex -i ^https?:\/\/dnl-[0-9]{2}\.geo\.kaspersky\.com\/(.*)
acl storeurl-helper url_regex -i ^https?:\/\/([^\.]*)\.yimg\.com\/(.*)
acl getmethod method GET
acl snmppublic snmp_community public

http_access allow manager localhost
http_access allow purge localhost
http_access deny manager
http_access deny purge
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports !Safe_ports
#http_access allow localnet
http_access allow localhost
http_access allow ncsa_users
#http_access deny to_localhost
http_access deny all

upgrade_http0.9 deny shoutcast
broken_vary_encoding allow apache
extension_methods REPORT MERGE MKACTIVITY CHECKOUT

#cache deny redirec

header_access Accept-Encoding deny all
header_access X-Forwarded-For deny all

storeurl_rewrite_program /etc/squid/storeurl.pl
#storeurl_program /etc/squid/test.rb
storeurl_rewrite_children 50 startup=40 idle=30 concurrency=1
storeurl_access deny !getmethod
storeurl_access deny norewrite
storeurl_access allow storeurl-helper
storeurl_access deny all
#end of file
squid.conf
#FPUI
# storeurl release using r25

auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Warnet d'MaLeOn_Net
auth_param basic credentialsttl 24 hours
auth_param basic casesensitive off

#baris di bawah ini u/ antivirus HAVP (comment-out jika tdk pakai HAVP)
cache_peer 127.0.0.1 parent 8080 0 no-query no-digest no-netdb-exchange default

http_port 3128 transparent
server_http11 on
icp_port 0

include /etc/squid/acl.conf

#baris di bawah ini u/ squidGuard (comment-out jika tdk pakai squiGuard)
#url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf

storeurl_rewrite_program /etc/squid/storeurl.pl
storeurl_rewrite_children 5
storeurl_rewrite_concurrency 1

include /etc/squid/tune.conf

#baris di bawah ini mohon disesuaikan dengan path cache_dir anda
cache_dir aufs /cache/cache01 11000 32 256 min-size=0 max-size=8388607
cache_dir aufs /cache/cache02 11000 32 256 min-size=8388608 max-size=67108864

#path log di bawah ini mohon di receck pada saat Anda build squid
icon_directory /usr/share/squid/icons
cache_swap_log /var/log/squid/swap.state
cache_access_log /var/log/squid/access.log
cache_log /dev/null
cache_store_log /dev/null
pid_filename /var/run/squid.pid
coredump_dir /var/spool/squid/
error_directory /usr/share/squid/errors/English
#mime_table /etc/squid/mime.conf
logformat squid1 %{Referer}>h %ru
access_log /var/log/squid/yt.log squid1 yutub

include /etc/squid/refresh_pattern.conf

#baris di bawah ini mohon disesuaikan dengan dns yang anda pakai
dns_nameservers 8.8.8.8 8.8.4.4

cache_effective_user proxy
cache_effective_group proxy
cache_mgr FPUI
cachemgr_passwd none all
visible_hostname Maleonet
tune.conf
#FPUI
# tune.conf
# r25

strip_query_terms off # Harus ada jika pakai r25
cache_mem 8 MB
cache_swap_low 98
cache_swap_high 99
minimum_object_size 0 KB
maximum_object_size 512 MB
maximum_object_size_in_memory 32 KB
ipcache_size 2048 # Mohon sesuaikan dengan RAM
ipcache_low 98
ipcache_high 99
fqdncache_size 2048 # Mohon sesuaikan dengan RAM
log_fqdn off
log_icp_queries off
half_closed_clients off
quick_abort_min 0
quick_abort_max 0
quick_abort_pct 98
vary_ignore_expire on
pipeline_prefetch on
reload_into_ims on
forwarded_for off
via off
client_db on
client_persistent_connections off
server_persistent_connections off
icp_hit_stale on
query_icmp on
memory_pools off
negative_ttl 30 seconds
max_filedescriptors 65535
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
store_dir_select_algorithm round-robin
uri_whitespace strip
emulate_httpd_log off
shutdown_lifetime 10 seconds
logfile_rotate 1
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136
#end of file
refresh_pattern.conf
#FPUI
# refresh_pattern.conf
# r25

refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?) 43200 999999% 43200 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims
refresh_pattern (get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?) 43200 999999% 43200 ignore-no-cache ignore-private override-expire override-lastmod reload-into-ims

refresh_pattern windowsupdate.com/.*\.(cab|exe) 10080 999999% 43200 ignore-no-cache ignore-reload reload-into-ims
refresh_pattern update.microsoft.com/.*\.(cab|exe) 10080 999999% 43200 ignore-no-cache ignore-reload reload-into-ims
refresh_pattern download.microsoft.com/.*\.(cab|exe) 10080 999999% 43200 ignore-no-cache ignore-reload reload-into-ims

refresh_pattern -i \.facebook.com.*\.(jpg|png|gif) 129600 999999% 129600 ignore-reload ignore-no-cache
refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3) 129600 999999% 129600 ignore-reload ignore-no-cache
refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png) 129600 999999% 129600 ignore-reload ignore-no-cache
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png) 129600 999999% 129600 ignore-reload ignore-no-cache

refresh_pattern ^http:\/\/apps.facebook.com.*\/ 10080 999999% 43200 ignore-reload ignore-no-cache
refresh_pattern -i \.zynga.com.*\/ 10080 999999% 43200 ignore-reload ignore-no-cache
refresh_pattern -i \.farmville.com.*\/ 10080 999999% 43200 ignore-reload ignore-no-cache
refresh_pattern -i \.ninjasaga.com.*\/ 10080 999999% 43200 ignore-reload ignore-no-cache
refresh_pattern -i \.mafiawars.com.*\/ 10080 999999% 43200 ignore-reload ignore-no-cache
refresh_pattern -i \.crowdstar.com.*\/ 10080 999999% 43200 ignore-reload ignore-no-cache
refresh_pattern -i \.popcap.com.*\/ 10080 999999% 43200 ignore-reload ignore-no-cache
refresh_pattern -i \.cityville.com.*\/ 10080 999999% 43200 ignore-reload ignore-no-cache

refresh_pattern -i ^http.*squid\.internal.* 43200 100% 79900 override-expire override-lastmod ignore-reload ignore-private ignore-auth

# GAME ONLINE
refresh_pattern -i ^http.*gemscool.*\.(zip|pkg|pak|nzp|cab)$ 10080 100% 43200 override-expire override-lastmod ignore-reload ignore-private ignore-auth
refresh_pattern -i ^http.*(garenanow|starhub).*\.exe\?.* 10080 100% 43200 override-expire override-lastmod ignore-reload ignore-private ignore-auth
refresh_pattern -i ^http.*(122\.102\.49\.(132|202)|103\.13\.229\.115|rohan|csonline|prodigy|netmarble|crossfire|cabalonline|megaxus|lytogame).*\.(wdp|comp|exe|kom|nar|npz|nzp|pack|dat|pak|pkg|rp|rtp|stg|thor|vck|xem|xfs|xml|xt|xtp|z|zip)(\?.*)?$ 10080 100% 43200 override-expire override-lastmod ignore-reload ignore-private ignore-auth

# FILE TYPE
refresh_pattern -i \.(mp(3|2|4)|3gp|flv|swf|exe|jpg|gif|png|webm|avi) 43200 100% 43200 override-expire override-lastmod ignore-reload ignore-private ignore-auth

# DEFAULT
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern .* 0 0% 0
#end of file
storeurl.pl credit om Syaifuddin_JW
#!/usr/bin/perl
###########################
#
# storeurl dengan asumsi chanel berapapun
#
###########################
$|=1;
while () {
my $chan = "";
if (s/^(\d+\s+)//o) {
$chan = $1;
}
$_ =~ s/(\s+.+)//o;

if ($_ =~ m/^https?\:\/\/.*youtube.*(ptracking|stream_204|player_204|gen_204).*(video_id|docid|v)\=([^\&\s]*).*/){
$vid = $3 ;
@cpn = m/[&?]cpn\=([^\&\s]*)/;
$fn = "/var/log/squid/@cpn";
unless (-e $fn) {
open FH,">".$fn ;
print FH "$vid\n";
close FH;
}
print $chan, "ERR\n" ;

} elsif ($_ =~ m/^https?\:\/\/.*(youtube|google).*videoplayback.*/){
@itag = m/[&?](itag=[0-9]*)/;
@ids = m/[&?]id\=([^\&\s]*)/;
@mime = m/[&?](mime\=[^\&\s]*)/;
@cpn = m/[&?]cpn\=([^\&\s]*)/;
@range = m/[&?](range=[^\&\s]*)/;
if (defined($cpn[0])) {
$fn = "/var/log/squid/@cpn";
if (-e $fn) {
open FH,";
chomp $id ;
close FH ;
} else {
$id = $ids[0] ;
}
print $chan, "OK storeurl=http://googlevideo.squid.internal/id=" . $id . "&@itag@range@mime\n" ;
} else {
print $chan, "ERR\n" ;
}

} elsif ($_ =~ m/^http:\/\/(videos|photos|scontent)[\-a-z0-9\.]*instagram\.com\/hphotos[\-a-z0-9]*\/([\w\d\-\_\/\.]*.(mp4|jpg))/){
print $chan, "OK storeurl=http://instagram.squid.internal/$2\n" ;
} elsif ($_ =~ m/^http:\/\/distilleryimage[\-a-z0-9\.]*instagram\.com\/(.*)/){
print $chan, "OK storeurl=http://instagram.squid.internal/$1\n" ;

} elsif ($_ =~ m/^https?:\/\/.*\.steampowered\.com\/depot\/[0-9]+\/chunk\/([^\?]*)/){
print $chan, "OK storeurl=http://steampowered.squid.internal/$1\n" ;

} elsif ($_ =~ m/^https?:\/\/.*(fbcdn|akamaihd)\.net\/.*\/(.*\.mp4)(.*)/) {
print $chan, "OK storeurl=storeurl://facebook.squid.internal/$2\n" ;

} elsif ($_ =~ m/^https?:\/\/.*(static|profile).*a\.akamaihd\.net(\/static-ak\/rsrc\.php\/v[0-9]\/(.*\.(mp4|jpg|bmp|png|flv|m4v|gif|jpeg)))/) {
print $chan, "OK storeurl=http://facebook.squid.internal/$3\n" ;
} elsif ($_ =~ m/^https?:\/\/.*(static|profile).*\.ak\.fbcdn\.net(\/static-ak\/rsrc\.php\/v[0-9]\/(.*\.(mp4|jpg|bmp|png|flv|m4v|gif|jpeg)))/) {
print $chan, "OK storeurl=http://facebook.squid.internal/$3\n" ;
} elsif ($_ =~ m/^https?:\/\/.*(static|profile).*a\.akamaihd\.net(\/rsrc\.php\/v[0-9]\/(.*))/) {
print $chan, "OK storeurl=http://facebook.squid.internal/$3\n" ;
} elsif ($_ =~ m/^https?:\/\/.*(static|profile).*\.ak\.fbcdn\.net(\/rsrc\.php\/v[0-9]\/(.*))/) {
print $chan, "OK storeurl=http://facebook.squid.internal/$3\n" ;
} elsif ($_ =~ m/^https?:\/\/[^\/]*(fbcdn|akamaihd)[^\/]*net\/rsrc\.php\/(.*\.(mp4|jpg|bmp|png|flv|m4v|gif|jpeg))/) {
print $chan, "OK storeurl=http://facebook.squid.internal/$2\n" ;

} elsif ($_ =~ m/^https?:\/\/[^\/]*(fbcdn|akamaihd)[^\/]*net\/safe\_image\.php\?.*(url\=.*\.(mp4|jpg|bmp|png|flv|m4v|gif|jpeg)).*/) {
print $chan, "OK storeurl=http://facebook.squid.internal/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/i[0-2].wp\.com\/graph\.facebook\.com\/(.*)/) {
print $chan, "OK storeurl=http://facebook.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/(video\.ak\.fbcdn\.net)\/(.*?)\/(.*\.mp4)\??.*$/) {
print $chan, "OK storeurl=http://facebook.squid.internal/$1/$3\n" ;
} elsif ($_ =~ m/^https?:\/\/video\.(.*)\.fbcdn\.net\/(.*?)\/([0-9_]+\.(mp4|flv|avi|mkv|m4v|mov|wmv|3gp|mpg|mpeg)?)(.*)/) {
print $chan, "OK storeurl=http://facebook.squid.internal/$3\n" ;
} elsif ($_ =~ m/^https?:\/\/(fbcdn|scontent).*(akamaihd|fbcdn)\.net\/(h|s)(profile|photos).*\/((p|s).*\.(png|gif|jpg))(\?.+)?$/){
print $chan, "OK storeurl=http://facebook.squid.internal/$5\n" ;
} elsif ($_ =~ m/^https?:\/\/(fbcdn|scontent).*(akamaihd|fbcdn)\.net\/(h|s)(profile|photos).*\/(.*\.(png|gif|jpg))(\?.+)?$/){
print $chan, "OK storeurl=http://facebook.squid.internal/$5\n" ;

} elsif ($_ =~ m/^https?:\/\/attachment\.fbsbx\.com\/.*\?(id=[0-9]*).*/) {
print $chan, "OK storeurl=http://facebook.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https:\/\/.*\.google\.com\/chrome\/win\/.+\/(.*\.exe)/){
print $chan, "OK storeurl=http://update-google.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.ytimg\.com\/(.*\.(webp|jpg|gif))/){
print $chan, "OK storeurl=http://ytimg.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*firedrive\.com\/download\/[0-9]+\/[0-9]+\/.*\?h=.*e\=.*f\=(.*)\&.*/){
print $chan, "OK storeurl=http://firedrive.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.4shared\.com\/.*\/dlink__[23]F([\w]+)_[23]F(.*)\_3Ftsid_[\w].*/){
print $chan, "OK storeurl=http://4shared.squid.internal/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.4shared\.com\/download\/([^\/]*).*/){
print $chan, "OK storeurl=http://4shared.squid.internal/$1\n" ;

} elsif ($_ =~ m/^https?:\/\/.*\.[a-z]+\.bing\.net\/(.*)\&w=.*/){
print $chan, "OK storeurl=http://bing.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.bing\.(net|com)\/.*\?id=([a-zA-Z]\.[0-9]+)&pid=.*/){
print $chan, "OK storeurl=http://bing.squid.internal/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.gstatic\.com\/images\?q=tbn\:(.*)/){
print $chan, "OK storeurl=http://gstatic.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.reverbnation\.com\/.*\/(ec_stream_song|download_song_direct|stream_song)\/([0-9]*).*/){
print $chan, "OK storeurl=http://reverbnation.squid.internal/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.dl\.sourceforge\.net\/(.*\.(exe|zip|mp3|mp4))/){
print $chan, "OK storeurl=http://sourceforge.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/fs[0-9]+\.filehippo\.com\/[^\/]*\/[^\/]*\/(.*)/){
print $chan, "OK storeurl=http://filehippo.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/download[0-9]+.mediafire\.com\/.*\/\w+\/(.*)/){
print $chan, "OK storeurl=http://mediafire.squid.internal$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*android\.clients\.google\.com\/[a-z]+\/[a-zA-Z]+\/[a-zA-Z]+\/(.*)\/([0-9]+)\?.*/){
print $chan, "OK storeurl=http://android.squid.internal/$1/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/.*(googleusercontent.com|blogspot.com)\/(.*)\/([a-z0-9]+)(-[a-z]-[a-z]-[a-z]+)?\/(.*\.(jpg|png))/){
print $chan, "OK storeurl=http://googleusercontent.squid.internal/$5\n" ;
} elsif ($_ =~ m/^https?:\/\/global-shared-files-[a-z][0-9]\.softonic\.com\/.{3}\/.{3}\/.*\/.*\=(.*\.exe)/){
print $chan, "OK storeurl=http://softonic.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*netmarble\.co\.id\/.*\/(data|ModooMarble)\/(.*)/){
print $chan, "OK storeurl=http://netmarble.squid.internal/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/(.*)\.windowsupdate\.com\/(.*)\/(.*)\/([a-z].*)/){
print $chan, "OK storeurl=http://windowsupdate.squid.internal/$4\n" ;
} elsif ($_ =~ m/^https?:\/\/.*filetrip\.net\/.*\/((.*)\.([^\/\?\&]{2,4}))\?.*$/){
print $chan, "OK storeurl=http://filetrip.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*get4mobile\.net\/.*f=([^\/\?\&]*).*$/){
print $chan, "OK storeurl=http://get4mobile.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*thestaticvube\.com\/.*\/(.*)/){
print $chan, "OK storeurl=http://thestaticvube.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/113\.6\.235\.171\/youku\/.*\/(.*\.flv)/){
print $chan, "OK storeurl=http://youku.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/\d+\.\d+\.\d+\.\d+\/drama\/(.*\.mp4)\?.*\=(\d+)/){
print $chan, "OK storeurl=http://drama.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/([a-z])[\d]{1,2}?(.gstatic\.com.*|\.wikimapia\.org.*)/){
print $chan, "OK storeurl=http://gstatic.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.[a-z][0-9]\.(tiles\.virtualearth\.net)\/(.*\&n=z)/){
print $chan, "OK storeurl=http://virtualearth.squid.internal/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/imgv2-[0-9]\.scribdassets\.com\/(.*)/){
print $chan, "OK storeurl=http://scribdassets.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/(.*?)\/(archlinux\/[a-zA-Z].*\/os\/.*)/){
print $chan, "OK storeurl=http://archlinux.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/(.*?)\/speedtest\/(.*\.(jpg|txt))\??.*$/){
print $chan, "OK storeurl=http://speedtest.squid.internal/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/i[1-9]{3}\.photobucket\.com\/(.*)/){
print $chan, "OK storeurl=http://photobucket.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/i[1-9]{4}\.photobucket\.com\/(.*)/){
print $chan, "OK storeurl=http://photobucket.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/avideos\.5min\.com\/.*\/(.*)\?.*/){
print $chan, "OK storeurl=http://avideos.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.catalog\.video\.msn\.com\/.*\/(.*\.(mp4|flv|m4v))/){
print $chan, "OK storeurl=http://msn-video.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/v\.imwx\.com\/.*\/(.*)\?.*/){
print $chan, "OK storeurl=http://imwx.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/video[0-9]\.break\.com\/.*\/(.*)\?.*/){
print $chan, "OK storeurl=http://break.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.video[0-9]\.blip\.tv\/.*\/(.*)\?.*/){
print $chan, "OK storeurl=http://blip.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/ss[0-9]\.vidivodo\.com\/vidivodo\/vidservers\/server[0-9]*\/videos\/.*\/([a-zA-Z0-9.]*)\?.*/){
print $chan, "OK storeurl=http://vidivodo.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/video\-http\.media\-imdb\.com\/([a-zA-Z0-9\@\_\-]+\.(mp4|flv|m4v))\?.*/){
print $chan, "OK storeurl=http://imdb-video.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/(vl|v)\.mccont\.com\/(.*)\/(.*\.(mp4|m4v|flv))\?.*/){
print $chan, "OK storeurl=http://mccont.squid.internal/$3\n" ;
} elsif ($_ =~ m/^https?:\/\/(vid.{0,2}|proxy.*)(\.ak|\.ec|\.akm|)\.(dmcdn\.net|dailymotion\.com)\/.*\/(frag.*\.(flv|mp4|m4v)).*/){
print $chan, "OK storeurl=http://dailymotion.squid.internal/$4\n" ;
} elsif ($_ =~ m/^https?:\/\/[^\/]*\.vimeo[^\/]*\.com.*\/([[^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg|web))\?.*/){
print $chan, "OK storeurl=http://vimeo.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/fcache\.veoh\.com\/.*\/.*(l[0-9]*\.(mp4|flv))\?.*/){
print $chan, "OK storeurl=http://veoh.squid.internal$1\n" ;
} elsif ($_ =~ m/^https?:\/\/video\.thestaticvube\.com\/.*\/(.*)/){
print $chan, "OK storeurl=http://thestaticvube.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/cdn[0-9]\.videos\.videobash\.com\/.*\/(.*\.(mp4|m4v|flv))\?.*/){
print $chan, "OK storeurl=http://videobash.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/[^\/]*\.phncdn[^\/]*\.com.*\/([[^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
print $chan, "OK storeurl=http://phncdn.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.xvideos\.com\/.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
print $chan, "OK storeurl=http://xvideos.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/[^\/]*\.tube8[^\/]*\.com.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
print $chan, "OK storeurl=http://tube8.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.(redtube|redtubefiles)\.com\/.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
print $chan, "OK storeurl=http://redtube.squid.internal/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\/.*\/xh.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))/){
print $chan, "OK storeurl=http://xhcdn.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/[^\/]*\.xhcdn[^\/]*\.com.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
print $chan, "OK storeurl=http://xhcdn.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/[^\/]*\.nsimg[^\/]*\.net.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
print $chan, "OK storeurl=http://nsimg.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.youjizz\.com.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
print $chan, "OK storeurl=http://youjizz.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/[^\/]*\.public\.keezmovies[^\/]*\.com.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
print $chan, "OK storeurl=http://keezmovies.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/[^\/]*\.youporn[^\/]*\.com.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
print $chan, "OK storeurl=http://youporn.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/[^\/]*\.spankwire[^\/]*\.com.*\/([^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
print $chan, "OK storeurl=http://spankwire.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/[^\/]*\.pornhub[^\/]*\.com.*\/([[^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
print $chan, "OK storeurl=http://pornhub.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/[^\/]*\.us.playvid[^\/]*\.com.*\/([[^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
print $chan, "OK storeurl=http://playvid.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/[^\/]*\.slutload-media[^\/]*\.com.*\/([[^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
print $chan, "OK storeurl=http://slutload-media.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/[^\/]*\.hardsextube[^\/]*\.com.*\/([[^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
print $chan, "OK storeurl=http://hardsextube.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/[^\/]*\.public\.extremetube[^\/]*\.com.*\/([[^\/]*\.(flv|mp4|avi|mkv|mp3|rm|rmvb|m4v|mov|wmv|3gp|mpg|mpeg))\?.*/){
print $chan, "OK storeurl=http://extremetube.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/([a-z0-9.]*)(\.doubleclick\.net|\.quantserve\.com|.exoclick\.com|interclick.\com|\.googlesyndication\.com|\.auditude\.com|.visiblemeasures\.com|yieldmanager|cpxinteractive)(.*)/){
print $chan, "OK storeurl=http://ads.squid.internal/$3\n" ;
} elsif ($_ =~ m/^https?:\/\/(.*?)\/(ads)\?(.*?)/){
print $chan, "OK storeurl=http://ads.squid.internal/$3\n" ;
} elsif ($_ =~ m/^https?:\/\/[^\/]*phobos\.apple\.com\/.*\/([^\/]*\.ipa)/){
print $chan, "OK storeurl=http://apple.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/fs\w*\.fileserve\.com\/file\/(\w*)\/[\w-]*\.\/(.*)/){
print $chan, "OK storeurl=http://fileserve.squid.internal/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/s[0-9]*\.filesonic\.com\/download\/([0-9]*)\/(.*)/){
print $chan, "OK storeurl=http://filesonic.squid.internal/$2\n" ;
} elsif ($_ =~ m/^https?:\/\/download[0-9]{3}\.avast\.com\/(.*)/){
print $chan, "OK storeurl=http://avast.squid.internal/41\n" ;
} elsif ($_ =~ m/^https?:\/\/[a-zA-Z0-9]+\.[a-zA-Z0-9]+x\.[a-z]\.avast\.com\/[a-zA-Z0-9]+x\/(.*\.vpx)/){
print $chan, "OK storeurl=http://avast.squid.internal\$1\n" ;
} elsif ($_ =~ m/^https?:\/\/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\/(iavs.*)/){
print $chan, "OK storeurl=http://iavs.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/.*\.starhub\.com\/[a-z]+\/[a-z]+\/[a-z]+\/(.*exe)\?[0-9]/){
print $chan, "OK storeurl=http://starhub.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/dnl-[0-9]{2}\.geo\.kaspersky\.com\/(.*)/){
print $chan, "OK storeurl=http://kaspersky.squid.internal/$1\n" ;
} elsif ($_ =~ m/^https?:\/\/([^\.]*)\.yimg\.com\/(.*)/){
print $chan, "OK storeurl=http://yimg.squid.internal/$1\n" ;
} else {
print $chan, "ERR\n" ;
}
}
yang ingin saya tanyakan, kenapa yah setelah di inject ke firefox or chrome muncul pop-up f.txt berupa googleads?
terjadi saat test cache pada lagado.com/tools/cache-test.
sudi kiranya para suhu mau ikut membantu koreksi.

dan apabila saya memakain config om q_p pada page 38, hasil copas semua (Terima Kasih Banyak om q_P)
dengan menyesuaikan aturan sedikit pada pemakain squid 2.7Stable.9 pada vps debian 7.6 x86,, lancar jaya.
hanya kendala pada caching video pada website yg sama, selalu rollback pada video yang pertama x di buffer??!

--regards--


User avatar
riophone

Post 07 Jan 2015, 02:46

@maleonet
Sepertinya acl.conf dan storeurl.pl yang digunakan bukan untuk squid-2.7xxx melainkan untuk squid-3.4xxx atau squid-3-Head.
Coba perhatikan di acl.conf dan storeurl.pl ==> (store-id.pl) mengandung HTTPS yang tidak di support oleh squid-2.7xxx.


User avatar
maleonet

Post 07 Jan 2015, 22:52

riophone wrote:@maleonet
Sepertinya acl.conf dan storeurl.pl yang digunakan bukan untuk squid-2.7xxx melainkan untuk squid-3.4xxx atau squid-3-Head.
Coba perhatikan di acl.conf dan storeurl.pl ==> (store-id.pl) mengandung HTTPS yang tidak di support oleh squid-2.7xxx.
wew, iyah jg yah..

tapi setelah replace all dari https -> http tetep sama aja kak.
msh pop up f.txt saat test proxy dan cache di lagado.com

sepertinya ada di acl yg allow pop up nih.... ehmmm :o
dan setelah memperhatikan lbh dalam, lbh lelap (ciakakak)

ada tag ads yg di allow, mungkin msh bug.
jd itu saya pagerin(#) aja baek di acl.conf maupun di storeurl.pl..
alhasil ga pop-up yg annoying lg.

thx kak udah mau membantu :blush:


User avatar
cah_clacap

Post 08 Mar 2015, 09:41

sekarang kayaknya si YUTUB sudah bealih ke https semua ..... dicache pake squid 2 atau lusca ga akan berhasil ..... saaatnya skrng beralih ke SQUID3


User avatar
cah_clacap

Post 08 Mar 2015, 09:43

OnniePeWe wrote:sebelumnya minta maaf kalo terlalu dasar.
saya baru aja install ubuntu & lusca & mikrotik.
root@krisna:~# lsb_release -r
Release: 12.04
root@krisna:~# lusca -v
Squid Cache: Version LUSCA_HEAD-r14809
configure options: '--build=i686-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--libexecdir=${prefix}/lib/lusca' '--srcdir=.' '--disable-maintainer-mode' '--disable-dependency-tracking' '--disable-silent-rules' '--enable-stacktraces' '--sysconfdir=/etc/lusca' '--localstatedir=/var' '--datadir=/usr/share/lusca' '--libexecdir=/usr/lib/lusca' '--mandir=/usr/share/man' '--enable-removal-policies=lru,heap' '--enable-snmp' '--enable-delay-pools' '--enable-cache-digests' '--enable-referer-log' '--enable-useragent-log' '--enable-auth=basic,digest,ntlm,negotiate' '--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,DB,POP3,getpwnam,squid_radius_auth,multi-domain-NTLM' '--enable-ntlm-auth-helpers=SMB,' '--enable-digest-auth-helpers=ldap,password' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-external-acl-helpers=ip_user,ldap_group,session,unix_group,wbinfo_group' '--enable-follow-x-forwarded-for' '--with-large-files' '--with-maxfd=65535' '--enable-http-violations' '--enable-linux-netfilter' 'build_alias=i686-linux-gnu' 'CFLAGS=-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -Wall' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro' 'CPPFLAGS=-D_FORTIFY_SOURCE=2'
untuk setingan lusca saya ngikutin arahan mas q_p yang ada di page38, dengan sedikit penyesuaian (http://ubuntu-indonesia.com/forums/ubbt ... Post132223)
squid.conf

Code: Select all

#FPUI
# storeurl release using r25

#SQUID.CONF



#baris di bawah ini u/ antivirus HAVP (comment-out jika tdk pakai HAVP)
#cache_peer 127.0.0.1 parent 8080 0 no-query no-digest no-netdb-exchange default

http_port 3128 transparent
server_http11 on
icp_port 0

include /etc/squid/acl.conf

#baris di bawah ini u/ squidGuard (comment-out jika tdk pakai squiGuard)
#url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf

storeurl_rewrite_program /etc/squid/r25.pl
storeurl_rewrite_children 5
storeurl_rewrite_concurrency 10

include /etc/squid/tune.conf

#baris di bawah ini mohon disesuaikan dengan path cache_dir anda
#cache_dir aufs /proxy_1 15000 32 256 min-size=0         max-size=8388607
#cache_dir aufs /proxy_2 15000 32 256 min-size=8388608   max-size=67108864

cache_dir aufs /cache1 240000 481 256

#path log di bawah ini mohon di receck pada saat Anda build squid

icon_directory /usr/share/lusca/icons
cache_swap_log /cache1/swap.state
cache_access_log /var/log/lusca/access.log
cache_log /dev/null
cache_store_log /var/log/lusca/store.log
pid_filename /var/run/lusca.pid
coredump_dir /var/spool/lusca
error_directory /usr/share/lusca/errors/English
mime_table /usr/share/lusca/mime.conf
logformat squid1 %{Referer}>h %ru
access_log /var/log/lusca/yt.log squid1 yutub
referer_log /var/log/lusca/referer.log

include /etc/squid/refresh_pattern.conf

dns_nameservers 8.8.8.8 8.8.4.4

cache_effective_user proxy
cache_effective_group proxy
cache_mgr FPUI
cachemgr_passwd none all
visible_hostname localhost
acl.conf

Code: Select all

#FPUI
# acl.conf r25

acl yutub url_regex -i .*youtube\.com\/.*$      #Harus ada jika pakai r25
acl yutub url_regex -i .*youtu\.be\/.*$         #Harus ada jika pakai r25

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/32
acl localnet src 192.168.2.0/24                  #NETWORK PROXY
acl localnet src 192.168.70.0/24		#NETWORK LOKAL
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32

acl SSL_ports port 443 563 873                  # https snews rsync
acl Safe_ports port 80 20 21 221 70 210 1025-65535 631 10000 901 280 488 591 777 873 110 995 25 587 995 2095 2096 2082 2083 18901-18909 3389          # default
acl manager proto cache_object
acl purge method PURGE
acl CONNECT method CONNECT

# Don't upgrade ShoutCast responses to HTTP
acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
# Apache mod_gzip and mod_deflate known to be broken so don't trust Apache to signal ETag correctly on such responses
acl apache rep_header Server ^Apache

acl redirec urlpath_regex -i .*&redirect_counter=1&cms_redirect=yes     #Harus ada jika pakai r25
acl redirec urlpath_regex -i .*&ir=1&rr=12                              #Harus ada jika pakai r25

acl reddeny url_regex -i c\.youtube\.com\/videoplayback.*redirect_counter=1.*$  #Harus ada jika pakai r25
acl reddeny url_regex -i c\.youtube\.com\/videoplayback.*cms_redirect=yes.*$    #Harus ada jika pakai r25

acl store_rewrite_list_domain url_regex ^http:\/\/([a-zA-Z-]+[0-9-]+)\.[A-Za-z]*\.[A-Za-z]*
acl store_rewrite_list_domain url_regex (([a-z]{1,2}[0-9]{1,3})|([0-9]{1,3}[a-z]{1,2}))\.[a-z]*[0-9]?\.[a-z]{3}
acl store_rewrite_list_path urlpath_regex \.(3gp|mp(3|4)|flv|(m|f)4v|on2|fid|avi|mov|wm(a|v)|(mp(e?g|a|e|1|2))|mk(a|v)|jp(e?g|e|2)|gif|png|tiff?|bmp|tga|svg|ico|swf|exe|ms(i|u|p)|cab|psf|mar|bin|z(ip|[0-9]{2})|r(ar|[0-9]{2})|7z|pkg)\?
acl store_rewrite_list_path urlpath_regex \.(3gp|mp(3|4)|flv|(m|f)4v|on2|fid|avi|mov|wm(a|v)|(mp(e?g|a|e|1|2))|mk(a|v)|jp(e?g|e|2)|gif|png|tiff?|bmp|tga|svg|ico|swf|exe|ms(i|u|p)|cab|psf|mar|bin|z(ip|[0-9]{2})|r(ar|[0-9]{2})|7z|pkg)$
acl store_rewrite_list_domain_CDN url_regex (khm|mt)[0-9]?(.google.com.*)/)
acl store_rewrite_list_domain_CDN url_regex (cbk|mt|khm|mlt|tbn)[0-9]?(.google\.co(m|\.uk|\.id).*)/)
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/photos-[a-z]?(.ak.fbcdn.net.*)/)
acl store_rewrite_list_domain_CDN url_regex \.rapidshare\.com.*\/[0-9]*\/.*\/[^\/]*
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*)
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/i[1-9]{3}(.photobucket.com.*)/)
acl store_rewrite_list_domain_CDN url_regex ^http:\/\/i[1-9]{4}(.photobucket.com.*)/)
acl store_rewrite_list_domain_CDN url_regex streamate.doublepimp.com.*\.js\? \.doubleclick\.net.* yieldmanager cpxinteractive  quantserve\.com
acl store_rewrite_list url_regex \.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|flv|wmv|3gp|mp(4|3)|exe|msi|zip|on2|mar|swf)\?
acl store_rewrite_list url_regex -i \.youtube\.com\/videoplayback \.youtube\.com\/videoplay \.youtube\.com\/get_video\?
acl store_rewrite_list url_regex -i \.youtube\.[a-z][a-z]\/videoplayback \.youtube\.[a-z][a-z]\/videoplay \.youtube\.[a-z][a-z]\/get_video\?
acl store_rewrite_list url_regex -i \.google\.com\/videoplayback \.google\.com\/videoplay \.google\.com\/get_video\?
acl store_rewrite_list url_regex -i \.google\.[a-z][a-z]\/videoplayback \.google\.[a-z][a-z]\/videoplay \.google\.[a-z][a-z]\/get_video\?
acl store_rewrite_list url_regex -i proxy[a-z0-9\-][a-z0-9][a-z0-9][a-z0-9]?\.dailymotion\.com\/
acl store_rewrite_list url_regex -i vid\.akm\.dailymotion\.com\/
acl store_rewrite_list url_regex -i [a-z0-9][0-9a-z][0-9a-z]?[0-9a-z]?[0-9a-z]?\.xtube\.com\/(.*)flv
acl store_rewrite_list url_regex -i \.vimeo\.com\/(.*)\.(flv|mp4)
acl store_rewrite_list url_regex -i va\.wrzuta\.pl\/wa[0-9][0-9][0-9][0-9]?
acl store_rewrite_list url_regex -i \.msn\.com\.edgesuite\.net\/(.*)\.flv
acl store_rewrite_list url_regex -i \.mais\.uol\.com\.br\/(.*)\.flv
acl store_rewrite_list url_regex -i \.blip\.tv\/(.*)\.(flv|avi|mov|mp3|m4v|mp4|wmv|rm|ram|m4v)
acl store_rewrite_list url_regex -i \.break\.com\/(.*)\.(flv|mp4)

acl store_rewrite_allow_dom dstdomain .mccont.com .metacafe.com .cdn.dailymotion.com
acl store_rewrite_deny_dom  dstdomain .download.youporn.com .static.blip.tv
acl dontrewrite url_regex redbot\.org \.php
acl getmethod method GET

http_access allow manager localhost
http_access allow purge localhost
http_access deny manager
http_access deny purge
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports !Safe_ports
http_access allow localnet
http_access allow localhost
http_access deny to_localhost
http_access deny all

upgrade_http0.9 deny shoutcast
broken_vary_encoding allow apache

cache deny redirec

header_access Accept-Encoding deny all
header_access X-Forwarded-For deny all

storeurl_access deny reddeny
storeurl_access allow store_rewrite_list_domain
storeurl_access allow store_rewrite_list_path
storeurl_access allow store_rewrite_list_domain_CDN
storeurl_access allow store_rewrite_list
storeurl_access allow store_rewrite_allow_dom
storeurl_access deny store_rewrite_deny_dom
storeurl_access deny dontrewrite
storeurl_access deny !getmethod
storeurl_access deny all
#end of file
refresh_pattern.conf

Code: Select all

#FPUI
# refresh_pattern.conf
# r25

refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?)                            43200 999999% 43200 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern (get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?)        43200 999999% 43200 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale

refresh_pattern windowsupdate.com/.*\.(cab|exe)                 10080  999999%  43200 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
refresh_pattern update.microsoft.com/.*\.(cab|exe)              10080  999999%  43200 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
refresh_pattern download.microsoft.com/.*\.(cab|exe)            10080  999999%  43200 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale

refresh_pattern -i \.facebook.com.*\.(jpg|png|gif)                      129600 999999% 129600 ignore-reload ignore-no-cache ignore-no-store store-stale
refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3)                 129600 999999% 129600 ignore-reload ignore-no-cache ignore-no-store store-stale
refresh_pattern  static\.ak\.fbcdn\.net*\.(jpg|gif|png)                 129600 999999% 129600 ignore-reload ignore-no-cache ignore-no-store store-stale
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png)        129600 999999% 129600 ignore-reload ignore-no-cache ignore-no-store store-stale

refresh_pattern ^http:\/\/apps.facebook.com.*\/         10080 999999% 43200 ignore-reload ignore-no-cache ignore-no-store store-stale
refresh_pattern -i \.zynga.com.*\/                      10080 999999% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate store-stale
refresh_pattern -i \.farmville.com.*\/                  10080 999999% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate store-stale
refresh_pattern -i \.ninjasaga.com.*\/                  10080 999999% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate store-stale
refresh_pattern -i \.mafiawars.com.*\/                  10080 999999% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate store-stale
refresh_pattern -i \.crowdstar.com.*\/                  10080 999999% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate store-stale
refresh_pattern -i \.popcap.com.*\/                     10080 999999% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate store-stale
refresh_pattern -i \.cityville.com.*\/                  10080 999999% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate store-stale


refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt)                        43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar)                   43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll)                          43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob)     43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv)     43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-lastmod reload-into-ims store-stale

refresh_pattern -i (/cgi-bin/|\?)       0       0%      0
refresh_pattern ^gopher:                1440    0%      1440
refresh_pattern ^ftp:                   10080   95%     241920  override-lastmod reload-into-ims store-stale
refresh_pattern .                       180     95%     120960  override-lastmod reload-into-ims store-stale
#end of file
tune.conf

Code: Select all

#FPUI
# tune.conf
# r25

strip_query_terms off           # Harus ada jika pakai r25
cache_mem 8 MB
cache_swap_low 98
cache_swap_high 99
minimum_object_size 0 KB
maximum_object_size 512 MB
maximum_object_size_in_memory 32 KB
ipcache_size 4096               # Mohon sesuaikan dengan RAM
ipcache_low 98
ipcache_high 99
fqdncache_size 2048             # Mohon sesuaikan dengan RAM
log_fqdn off
log_icp_queries off
half_closed_clients off
quick_abort_min 0
quick_abort_max 0
quick_abort_pct 98
vary_ignore_expire on
pipeline_prefetch on
reload_into_ims on
forwarded_for off
via off
client_db on
client_persistent_connections off
server_persistent_connections off
icp_hit_stale on
query_icmp on
memory_pools off
negative_ttl 30 seconds
max_filedescriptors 65535
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
store_dir_select_algorithm round-robin
uri_whitespace strip
emulate_httpd_log off
shutdown_lifetime 10 seconds
logfile_rotate 1
zph_mode tos
zph_local 0x04
zph_parent 0
zph_option 136
#end of file
r25.pl

Code: Select all

#!/usr/bin/perl

# Facebook Group https://www.facebook.com/groups/Mikrotik.Squid.Indonesia
# Forum ubuntu indonesia http://ubuntu-indonesia.com/

# mohon maaf lahir batin atas kesalahan yang telah diperbuat baik sengaja ataupun tidak
# storeurl ini hasil nyontek kepunyaan chudy ( chudy_fernandez@yahoo.com )
# link asalnya adalah
# https://code.google.com/p/pfsense-cacheboy/source/browse/trunk/lusca/storeurl.pl

# ADA BAIKNYA BANDINGKAN JUGA, AGAR TAU APAKAH SAYA COPAS MENTAH MENTAH
# SAYA TIDAK ADA MAKSUD CARI NAFKAH DARI STOREURL INI, SAYA TIDAK MENERIMA JASA SETTING WARNET ATAUPUN MEMILIKI WARNET

# for ALL Youtube ( range & non range )
# acl youtube url_regex -i youtube.*(ptracking|stream_204|player_204|gen_204) .*$
# acl youtube url_regex -i (youtube|googlevideo)\.com\/(get_video|videoplayback|videoplay).*$
# storeurl_access allow youtube

# dikarenakan ada keterangan di squid config dokumentasi seperti berikut
#       NOTE: when using StoreID refresh_pattern will apply to the StoreID
#             returned from the helper and not the URL.
# untuk refresh pattern di squid-3.head gunakan refresh pattern berikut untuk seluruh yg ada di sini
# refresh_pattern -i storeurl://.*SQUIDINTERNAL 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
# dan untuk storeid maka replace '$x . "' dengan '$X[0] . " OK store-id=' tanpa tanda petik tunggal (') tentunya

$|=1;
while (<>) {
    @X = split;
       $x = $X[0] . " ";
       $_ = $X[1];
       $u = $X[1];

        # Poto Pesbuk

# acl dontrewrite url_regex -i s\-platform\.ak\.fbcdn\.net
# acl store_rewrite_list url_regex -i fbcdn.*net
# refresh_pattern -i fbcdn.*net 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale

        # http://external.ak.fbcdn.net/safe_image.php?d=AQDfyygmJfvPVGen&w=154&h=154&url=http%3A%2F%2Fassets.kompas.com%2Fdata%2Fphoto%2F2013%2F04%2F10%2F1054532-jantungserangan780x390.jpg&cfs=1
        # http://static.ak.fbcdn.net/rsrc.php/v2/yb/r/GsNJNwuI-UM.gif
        # http://static.ak.fbcdn.net/rsrc.php/v2/y1/r/lBvtSWSBAGQ.png
        # http://s-platform.ak.fbcdn.net/www/app_full_proxy.php?app=211923588878449&v=1&size=z&cksum=d06fe084823f168f335a831a949bf61b&src=http%3A%2F%2Fbycdn8-i.akamaihd.net%2Fantwars_id%2Fimages%2Fcontinueslogin.png
        # hasil atas http://bycdn8-i.akamaihd.net/antwars_id/images/continueslogin.png
        # http://profile.ak.fbcdn.net/hprofile-ak-ash2/274241_1187750150_2088800094_q.jpg

if ($X[1] =~ m/^http\:\/\/[a-zA-Z0-9\-\_\.\%]*fbcdn[a-zA-Z0-9\-\_\.\%]*net\/safe\_image\.php\?(.*)/) {
        print $x . "storeurl://fbcdn.SQUIDINTERNAL/" . $1  . "\n";

} elsif ($X[1] =~ m/^http\:\/\/[a-zA-Z0-9\-\_\.\%]*fbcdn[a-zA-Z0-9\-\_\.\%]*net\/rsrc\.php\/(.*)/) {
        print $x . "storeurl://fbcdn.SQUIDINTERNAL/" . $1  . "\n";

} elsif ($X[1] =~ m/^http\:\/\/[a-zA-Z0-9\-\_\.\%]*fbcdn[a-zA-Z0-9\-\_\.\%]*net\/[a-zA-Z0-9\-\_\.\%]*\/(.*)/) {
        print $x . "storeurl://fbcdn.SQUIDINTERNAL/" . $1  . "\n";

        # Survey Google Menggelitik
# acl store_rewrite_list url_regex -i www\.google\-analytics\.com
# refresh_pattern -i google\-analytics\.com.*gif 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
        # http://www.google-analytics.com/__utm.gif?utmwv=5.4.3&utms=27&utmn=938635439&utmhn=handphone.tokobagus.com&utmt=event&utme=5(image*browse-photo*26201942)8(5!Detail)9(5!Handphone)&utmcs=UTF-8&utmsr=1366x768&utmvp=1350x641&utmsc=32-bit&utmul=en-us&utmje=1&utmfl=11.2%20r202&utmdt=Sony%20Ericsson%20Xperia%20Arc%20S%20-%20Tokobagus.com&utmhid=1672766072&utmr=0&utmp=%2Fsony-ericsson%2Fsony-ericsson-xperia-arc-s-26201942.html%3Frelated%3D1&utmht=1374079248247&utmac=UA-5908313-1&utmcc=__utma%3D223717764.136894205.1374078869.1374078869.1374078869.1%3B%2B__utmz%3D223717764.1374078869.1.1.utmcsr%3Dgoogle%7Cutmccn%3D(organic)%7Cutmcmd%3Dorganic%7Cutmctr%3Dtoko%2520bagus%3B&utmu=6RAAAC%7E

} elsif ($X[1] =~ m/^http:\/\/www\.google-analytics\.com\/__utm.gif\?.*/) {
                print $x . "storeurl://analytic.SQUIDINTERNAL/utm.gif\n";

        # Gambar Video
# acl store_rewrite_list url_regex -i video\.google\.com\/ThumbnailServer
# refresh_pattern -i video\.google\.com\/ThumbnailServer 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
        # http://video.google.com/ThumbnailServer2?app=blogger&contentid=32b710e374d15805&offsetms=5000&itag=w160&sigh=zQUsG2TTuxfG4g4nwoGvWdRMGy8
} elsif ($X[1] =~ m/^http:\/\/video.google.com\/ThumbnailServer.*/) {
        @id = m/[&?](contentid=[a-zA-Z0-9\-\_\.\%]*)/;
                @itag = m/[&?](itag=[a-zA-Z0-9\-\_\.\%]*)/;
        @set = m/[&?](offsetms=[^\&\s]*)/;
                print $x . "storeurl://Thumbnail.SQUIDINTERNAL/@id&@itag&@set\n";

 # Video Youtube
# acl dontrewrite url_regex redbot\.org (get_video|videoplayback\?id|videoplayback.*id).*begin\=[1-9][0-9]*
# acl store_rewrite_list url_regex -i (youtube|google).*(videoplayback|liveplay)
# refresh_pattern -i (youtube|google).*(videoplayback|liveplay) 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale

} elsif ($X[1] =~ m/^http(|s)\:\/\/.*youtube.*(ptracking|stream_204|player_204|gen_204).*(video_id|docid|v)\=([^\&\s]*).*/){
        $vid = $4 ;
        @cpn = m/[&?]cpn\=([^\&\s]*)/;
        if (defined($vid )) {
                $fn = "/var/log/squid/@cpn";
                unless (-e $fn) {
                        open FH,">".$fn ;
                        print FH "$vid\n";
                        close FH;
                }
        }
        print $x . $X[1] . "\n";

} elsif ($X[1] =~ m/^http\:\/\/.*(youtube|google).*videoplayback.*/){
        @itag = m/[&?](itag=[0-9]*)/;
        @ids = m/[&?]id\=([^\&\s]*)/;
        @mime = m/[&?](mime\=[^\&\s]*)/;
        @cpn = m/[&?]cpn\=([^\&\s]*)/;
        if (defined($cpn[0])) {
            $fn = "/var/log/squid/@cpn";
            if (-e $fn) {
                open FH,"<".$fn ;
                $id  = <FH>;
                chomp $id ;
                close FH ;
                  } else {
                $id = $ids[0] ;
            }
        } else {
          $id = $ids[0] ;
        }
        @range = m/[&?](range=[^\&\s]*)/;
        print $x . "http://video-srv.youtube.com.SQUIDINTERNAL/id=" . $id . "&@itag@range@mime\n";

        # Aplikasi Android
# acl dontrewrite url_regex redirector\.c\.android\.clients\.google\.com
# acl store_rewrite_list url_regex -i c\.android\.clients\.google\.com
# refresh_pattern -i c\.android\.clients\.google\.com 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
        #http://android.clients.google.com/market/download/Download?packageName=com.android.vending&versionCode=80210006&ch=zen2II1nK1Sx2swLcCn16w&ssl=0&token=AOTCm0RgtgrM6lpRdy7yASnedjpL9BHCO4mYdpfWfe6XifwG17ezhCxOQYadJKIITyEzF6Z-ihOthW61UOjraurXqeyoS2VWd-GU-gWMGBs&downloadId=-6463850153931383785
        #http://r3---sn-vgpvopq-jb3e.c.android.clients.google.com/market/GetBinary/com.android.vending/80210006/chzen2II1nK1Sx2swLcCn16w?ms=au&mt=1373980310&mv=m&expire=1374153183&ipbits=0&ip=0.0.0.0&cp=Snp1a2J1Q1g6MjI4MDkyNTE4ODIyNDUwMzUzMjM&sparams=expire,ipbits,ip,q:,cp&signature=BAF0CEF16EFEB23FA2CAB930E5ACDB983270B60D.5EBE4632F00487F6F5E9D7370762434C5AB9782D&key=am2

} elsif ($X[1] =~ m/^http:\/\/.*\.c\.android\.clients\.google\.com\/market\/GetBinary\/([a-zA-Z0-9\-\_\.\%]*)\/([0-9]*)\/.*/){
                print $x . "storeurl://android-apps.SQUIDINTERNAL/$1/$2\n";
} elsif ($X[1] =~ m/^http:\/\/.*\.c\.android\.clients\.google\.com\/market\/GetBinary\/([a-zA-Z0-9\-\_\.\%]*)\/([0-9]*)\?.*/){
                print $x . "storeurl://android-apps.SQUIDINTERNAL/$1/$2\n";

        # APPS APPLE
        # http://a1720.phobos.apple.com/us/r1000/085/Purple2/v4/6b/b9/f1/6bb9f130-d560-0b75-f5e5-16e4fdc1a3c0/mzps5959496558908157977.D2.dpkg.ipa
# refresh_pattern -i phobos\.apple\.com.*ipa 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale

} elsif ($X[1] =~ m/^http:\/\/[a-zA-Z0-9\-\_\.\%]*phobos\.apple\.com\/.*\/([a-zA-Z0-9\-\_\.\%]*\.ipa)/) {
                print $x . "storeurl://apple-apps.SQUIDINTERNAL/$1\n";

        #Speedtest
# acl store_rewrite_list url_regex -i \/speedtest\/.*(jpg|txt|png|swf)
# refresh_pattern -i \/speedtest\/.*(jpg|txt|png|swf)) 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale
} elsif ($X[1] =~ m/^http\:\/\/.*\/speedtest\/([a-zA-Z0-9\-\_\.\%]*\.(jpg|txt|png|swf))\?.*/) {
        print $x . "storeurl://testspeed.SQUIDINTERNAL/" . $1 . "\n";

        ##################################################################################

        ## PORN Movies
        #http://porn.im.d4628d22.1534715.x.xvideos.com/videos/oldmobile/8/2/b/xvideos.com_82b853581318116942fd41e0e8e4e805.3gp?e=1364299432&ri=1024&rs=85&h=64c9096e902f6a28fbaa18942a4034d4
# acl store_rewrite_list url_regex -i \.xvideos\.com\/.*(3gp|mpg|flv|mp4)
# refresh_pattern -i \.xvideos\.com\/.*(3gp|mpg|flv|mp4) 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale

} elsif ($X[1] =~ m/^http:\/\/.*\.xvideos\.com\/.*\/([a-zA-Z0-9\-\_\.\%]*\.(3gp|mpg|flv|mp4))\?.*/){
                print $x . "storeurl://xvideos.SQUIDINTERNAL/$1\n";

                #http://154.46.32.87/key=5e2qYlZXbj6,end=1364305769/data=18446744072977812770/reftag=5412162/buffer=450K/speed=83200/1/xh/6/1815672_mom_gives_awesome_handjob.flv
# refresh_pattern -i \/xh.*(3gp|mpg|flv|mp4) 1440 99% 14400 override-expire override-lastmod ignore-no-cache ignore-private reload-into-ims ignore-must-revalidate ignore-reload store-stale

} elsif ($X[1] =~ m/^http:\/\/[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\/.*\/xh.*\/([a-zA-Z0-9\-\_\.\%]*\.flv)/){
                print $x . "storeurl://Xhamster.SQUIDINTERNAL/$1\n";

        #http://213.174.156.23/key=kDRhok4XZMk,end=1364295197/reftag=5412166/buffer=1M/speed=170987/2/sp/6/repack117226.flv?start=0
} elsif ($X[1] =~ m/^http:\/\/[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+.*\/([a-zA-Z0-9\-\_\.\%]*\.flv)\?start=0/){
                print $x . "storeurl://Xhamster2.SQUIDINTERNAL/$1\n";

        #http://cdn2b.youjizz.com/videos/4/e/7/e/2/4e7e2b0ce3036.mp4?2792b87c889e01ca3b1a331e03d5a0718c4b4e7d777eff211b92848d3a84590620e5
} elsif ($X[1] =~ m/^http:\/\/.*\.youjizz\.com.*\/([a-zA-Z0-9\-\_\.\%]*\.(mp4|flv|3gp))\?.*/){
                print $x . "storeurl://YouJizz.SQUIDINTERNAL/$1\n";

        #http://cdn1.public.keezmovies.phncdn.com/200810/30/327964/240P_383K_327964.mp4?sr=6000&int=6000000b&nvb=20130327103508&nva=20130327123508&hash=085da11d99756faa95822
} elsif ($X[1] =~ m/^http:\/\/[a-zA-Z0-9\-\_\.\%]*\.keezmovies[a-zA-Z0-9\-\_\.\%]*\.com.*\/([a-zA-Z0-9\-\_\.\%]*\.(mp4|flv|3gp|mpg|wmv))\?.*/){
                print $x . "storeurl://KeezMovies.SQUIDINTERNAL/$1\n";

        #http://cdn1.public.tube8.com/201208/30/5436441/240P_195K_5436441.mp4?sr=3600&int=614400b&nvb=20130327104052&nva=20130327124052&hash=025102b4bdc2b07ec01fd
} elsif ($X[1] =~ m/^http:\/\/[a-zA-Z0-9\-\_\.\%]*\.tube8[a-zA-Z0-9\-\_\.\%]*\.com.*\/([a-zA-Z0-9\-\_\.\%]*\.(mp4|flv|3gp|mpg|wmv))\?.*/) {
                print $x . "storeurl://Tube8.SQUIDINTERNAL/$1\n";

        #http://cdn1b.public.youporn.phncdn.com/200612/02/2865/480p_370k_2865/YouPorn%20-%20very%20good%202Girls%201guy%20hard.mp4?s=1364341242&e=1364427642&ri=600&rs=750&h=fe3d1bfda00e560af0e7fa8cfb60d7b2
} elsif ($X[1] =~ m/^http:\/\/[a-zA-Z0-9\-\_\.\%]*\.youporn[a-zA-Z0-9\-\_\.\%]*\.com.*\/([a-zA-Z0-9\-\_\.\%]*\.(mp4|flv|3gp|mpg|wmv))\?.*/){
                print $x . "storeurl://YouPorn.SQUIDINTERNAL/$1\n";

        #http://cdn1.public.spankwire.phncdn.com/201302/02/709578/240P_300K_709578.mp4?nvb=20130327105920&nva=20130327125920&hash=0c73938b11cee1e872048
} elsif ($X[1] =~ m/^http:\/\/[a-zA-Z0-9\-\_\.\%]*\.spankwire[a-zA-Z0-9\-\_\.\%]*\.com.*\/([a-zA-Z0-9\-\_\.\%]*\.(mp4|flv|3gp|mpg|wmv))\?.*/) {
                print $x . "storeurl://SpankWire.SQUIDINTERNAL/$1\n";

        #http://cdn1b.embed.pornhub.phncdn.com/videos/201102/17/159492/480P_357K_159492.mp4?rs=150&ri=1000&ip=85.112.95.26&s=1364387220&e=1364389020&h=305f8b4ba7973e62a340a2e61dc10868
} elsif ($X[1] =~ m/^http:\/\/[a-zA-Z0-9\-\_\.\%]*\.pornhub[a-zA-Z0-9\-\_\.\%]*\.com.*\/([[a-zA-Z0-9\-\_\.\%]*\.(mp4|flv|3gp|mpg|wmv))\?.*/){
                print $x . "storeurl://PornHub.SQUIDINTERNAL/$1\n";

        #http://v3-xh.clients.cdn13.com/data/1817003.flv?cdn_hash=22591a4c2c98690574bea214ac95618b&cdn_creation_time=1364375095&cdn_ttl=14400
} elsif ($X[1] =~ m/^http:\/\/[a-zA-Z0-9\-\_\.\%\/]*.*\/([a-zA-Z0-9\-\_\.]+\.(flv|mp3|mp4|3gp|wmv))\?.*cdn\_hash.*/){
                print $x . "storeurl://media.SQUIDINTERNAL/$1\n";

        ###################################################################################

## FileHippo
        #http://fs40.filehippo.com/7642/72359c8e25864e74b56e0e922850e803/OriginSetup.exe
        #http://fs41.filehippo.com/7662/0c4cfb998b66473ba1292d6ed807c818/Firefox%20Setup%2020.0b6.exe
} elsif ($X[1] =~ m/^http:\/\/.*filehippo\.com\/.*\/([0-9a-zA-Z\%\.\_\-]+\.(exe|zip|cab|msi|mru|mri|bz2|gzip|tgz|rar|pdf))/){
                $y=$1;
                for ($y) {
                        s/%20//g;
                }
                print $x . "storeurl://FileHippo.SQUIDINTERNAL/$y\n";

                #BLOGSPOT
} elsif ($X[1] =~ m/^http:\/\/[1-4]\.bp\.blogspot\.com\/(.*)/) {
        print $x . "storeurl://blogspot.SQUIDINTERNAL/" . $1  . "\n";

                #ytimg
} elsif ($X[1] =~ m/^http:\/\/i[1-4]\.ytimg\.com(.*)/) {
                print $x . "storeurl://ytimg.SQUIDINTERNAL" . $1  . "\n";

                #AVAST
} elsif ($X[1] =~ m/^http:\/\/download[0-9]{3}\.avast\.com\/(.*)/) {
                print $x . "storeurl://avast.SQUIDINTERNAL/" . $1  .  "\n";

                #KAV
} elsif ($X[1] =~ m/^http:\/\/dnl-[0-9]{2}\.geo\.kaspersky\.com\/(.*)/) {
                print $x . "storeurl://kaspersky.SQUIDINTERNAL/" . $1  .  "\n";

                #maps.google.com
} elsif ($X[1] =~ m/^http:\/\/(cbk|mt|khm|mlt|tbn|mw)[0-9]?\.google\.co(m|\.uk|\.id)\/(.*)/) {
        print $x . "storeurl://google.SQUIDINTERNAL/" . $3 . "\n";

                #gstatic and/or wikimapia
} elsif ($X[1] =~ m/^http:\/\/([a-z])[0-9]?(\.gstatic\.com.*|\.wikimapia\.org)\/(.*)/) {
        print $x . "storeurl://wikimapia.SQUIDINTERNAL/" . $3 . "\n";


                #Cache High Latency Ads
} elsif ($X[1] =~ m/^http:\/\/([a-z0-9.]*)(\.doubleclick\.net|\.quantserve\.com|\.googlesyndication\.com|yieldmanager|cpxinteractive)(.*)/) {
        $y = $3;$z = $2;
        for ($y) {
        s/pixel;.*/pixel/;
        s/activity;.*/activity/;
        s/(imgad[^&]*).*/\1/;
        s/;ord=[?0-9]*//;
        s/;&timestamp=[0-9]*//;
        s/[&?]correlator=[0-9]*//;
        s/&cookie=[^&]*//;
        s/&ga_hid=[^&]*//;
        s/&ga_vid=[^&]*//;
        s/&ga_sid=[^&]*//;
        # s/&prev_slotnames=[^&]*//
        # s/&u_his=[^&]*//;
        s/&dt=[^&]*//;
        s/&dtd=[^&]*//;
        s/&lmt=[^&]*//;
        s/(&alternate_ad_url=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
        s/(&url=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
        s/(&ref=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
        s/(&cookie=http%3A%2F%2F[^(%2F)]*)[^&]*/\1/;
        s/[;&?]ord=[?0-9]*//;
        s/[;&]mpvid=[^&;]*//;
        s/&xpc=[^&]*//;
        # yieldmanager
        s/\?clickTag=[^&]*//;
        s/&u=[^&]*//;
        s/&slotname=[^&]*//;
        s/&page_slots=[^&]*//;
        }
        print $x . "storeurl://" . $1 . $2 . $y . "\n";

                #cache high latency ads
} elsif ($X[1] =~ m/^http:\/\/(.*?)\/(ads)\?(.*?)/) {
        print $x . "storeurl://" . $1 . "/" . $2  . "\n";

} elsif ($X[1] =~ m/^http:\/\/(www\.ziddu\.com.*\.[^\/]{3,4})\/(.*?)/) {
        print $x . "storeurl://" . $1 . "\n";

                #cdn, varialble 1st path
} elsif (($X[1] =~ /filehippo/) && ($X[1] =~ m/^http:\/\/(.*?)\.(.*?)\/(.*?)\/(.*)\.([a-z0-9]{3,4})(\?.*)?/)) {
        @y = ($1,$2,$4,$5);
        $y[0] =~ s/[a-z0-9]{2,5}/cdn./;
        print $x . "storeurl://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";

                #rapidshare
} elsif (($X[1] =~ /rapidshare/) && ($X[1] =~ m/^http:\/\/(([A-Za-z]+[0-9-.]+)*?)([a-z]*\.[^\/]{3}\/[a-z]*\/[0-9]*)\/(.*?)\/([^\/\?\&]{4,})$/)) {
        print $x . "storeurl://cdn." . $3 . "/SQUIDINTERNAL/" . $5 . "\n";

} elsif (($X[1] =~ /maxporn/) && ($X[1] =~ m/^http:\/\/([^\/]*?)\/(.*?)\/([^\/]*?)(\?.*)?$/)) {
        print $x . "storeurl://" . $1 . "/SQUIDINTERNAL/" . $3 . "\n";

                #domain/path/.*/path/filename
} elsif (($X[1] =~ /fucktube/) && ($X[1] =~ m/^http:\/\/(.*?)(\.[^\.\-]*?[^\/]*\/[^\/]*)\/(.*)\/([^\/]*)\/([^\/\?\&]*)\.([^\/\?\&]{3,4})(\?.*?)$/)) {
        @y = ($1,$2,$4,$5,$6);
        $y[0] =~ s/(([a-zA-A]+[0-9]+(-[a-zA-Z])?$)|([^\.]*cdn[^\.]*)|([^\.]*cache[^\.]*))/cdn/;
        print $x . "storeurl://" . $y[0] . $y[1] . "/" . $y[2] . "/" . $y[3] . "." . $y[4] . "\n";

                #like porn hub variables url and center part of the path, filename etention 3 or 4 with or without ? at the end
} elsif (($X[1] =~ /tube8|pornhub|xvideos/) && ($X[1] =~ m/^http:\/\/(([A-Za-z]+[0-9-.]+)*?(\.[a-z]*)?)\.([a-z]*[0-9]?\.[^\/]{3}\/[a-z]*)(.*?)((\/[a-z]*)?(\/[^\/]*){4}\.[^\/\?]{3,4})(\?.*)?$/)) {
        print $x . "storeurl://cdn." . $4 . $6 . "\n";

                #general purpose for cdn servers. add above your specific servers.
} elsif ($X[1] =~ m/^http:\/\/([0-9.]*?)\/\/(.*?)\.(.*)\?(.*?)/) {
        print $x . "storeurl://squid-cdn-url/" . $2  . "." . $3 . "\n";

} elsif ($X[1] =~ m/^http:\/\/(.*?)(\.[^\.\-]*?\..*?)\/([^\?\&\=]*)\.([\w\d]{2,4})\??.*$/) {
        @y = ($1,$2,$3,$4);
        $y[0] =~ s/([a-z][0-9][a-z]dlod[\d]{3})|((cache|cdn)[-\d]*)|([a-zA-A]+-?[0-9]+(-[a-zA-Z]*)?)/cdn/;
        print $x . "storeurl://" . $y[0] . $y[1] . "/" . $y[2] . "." . $y[3] . "\n";

                        # all that ends with ;
} elsif ($X[1] =~ m/^http:\/\/(.*?)\/(.*?)\;(.*)/) {
        print $x . "storeurl://" . $1 . "/" . $2  . "\n";

} else {
                print $x . $X[1] . "\n";
}
# end
}
kalo saya amati lognya hampir tidak ada TCP_HIT, hampir 90% TCP_MISS.
mohon koreksi & masukannya...

TQ sebelumnya

#update
setelah oprek2 file2 di atas... eng ing eeeeeeeeeng... trataaaaa...


tetep sama miss mulu :crazy:

++++++++++++++++++++++++++++++++++++++++++++++

sekarang si yutub sudah https semua ...... jadi pake squid 2 dan lusca ga akan berhasil HIT



sudah saatnya beralih ke SQUID3 pake intercept atau TPROXY


User avatar
cah_clacap

Post 08 Mar 2015, 10:02

This feature was Sponsored by Balabit and developed by Laszlo Attilla Toth and AmosJeffries. Production tested and debugged with the help of Krisztian Kovacs and Nicholas Ritter.

WCCPv2 configuration is derived from testing by Steven Wilton and Adrian Chadd. It has not changed significantly since older TPROXY.

Minimum Requirements (IPv6 and IPv4)

Linux Kernel 2.6.37


Official releases page

iptables 1.4.10


Official releases page

Squid 3.1


Official releases page

libcap-dev or libcap2-dev


any

libcap 2.09 or later


any

{i} libcap2 is needed at run time. To build you need the developer versions (*-dev) to compile with Squid.

{i} NP: the versions above are a minimum from the expected working versions for the below config.
TPROXYv4 support reached a usable form in 2.6.28. However several Kernels have various known bugs:

{X} older than 2.6.28 are known to supply IPs wrongly to Squid and other client programs. Avoid!
2.6.28 to 2.6.32 have different rp_filter configuration. The rp_filter settings (0 or 1) for these kernels will silently block TPROXY if used on newer kernels.
2.6.28 to 2.6.36 are known to have ICMP and TIME_WAIT issues.
2.6.32 to 2.6.34 have bridging issues on some systems.

Squid Configuration

Configure build options

./configure --enable-linux-netfilter

squid.conf settings

http_port 3128
http_port 3129 tproxy

{i} NP: A dedicated squid port for tproxy is REQUIRED. The way TPROXYv4 works makes it incompatible with NAT interception, reverse-proxy acceleration, and standard proxy traffic. The intercept, accel and related flags cannot be set on the same http_port with tproxy flag.

Obsolete --enable-tproxy option. Remains only for legacy v2.2 ctt proxy support.

NP: The Balabit document still refers to using options tproxy transparent. Do not do this. It was only needed short-term for a bug which is now fixed.

Linux Kernel Configuration

/!\ Requires kernel built with the configuration options:

NF_CONNTRACK=m
NETFILTER_TPROXY=m
NETFILTER_XT_MATCH_SOCKET=m
NETFILTER_XT_TARGET_TPROXY=m

So far we have this:

https://lists.balabit.hu/pipermail/tpro ... 00853.html

Routing configuration

The routing features in your kernel also need to be configured to enable correct handling of the intercepted packets. Both arriving and leaving your system.

# IPv4-only
ip -f inet rule add fwmark 1 lookup 100
ip -f inet route add local default dev eth0 table 100

# IPv6-only
ip -f inet6 rule add fwmark 1 lookup 100
ip -f inet6 route add local default dev eth0 table 100

Every OS has different security and limitations around what you can do here.

/!\ some systems require that lo is the interface TPROXY uses.

/!\ some systems require that an ethN is the interface TPROXY uses.

/!\ some systems require that each receiving interface have its own unique table.

/!\ Some OS block multiple interfaces being linked to the table. You will see a rejected route when a second ip -f inet route is added to the table. To erase the custom route entry repeat the rule with del instead of add.

On each boot startup set:

echo 1 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter

Or configure /etc/sysctl.conf:

net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0

/!\ your OS also may require the keyword set before each of those sysctl.conf lines.

/!\ since we are removing the RP filter on 'default' and 'all' sysctl you may want to set it to 1 or 2 individually on all devices not using TPROXY.

Some routing problems to be aware of

/!\ Systems with strict localhost interface security boundaries require each interface to have a separate "table" entry for looking up packets via that device.

{X} in this situation the tables often cannot use the same number. When experimenting finding out how to erase the route table is useful.

eth0 is shown above, change to match your TPROXY interface(s).

{X} the particular device needed differs between OS. eth0 seems to be the least troublesome. Although dev lo may be the only one that works.

/!\ your OS may require the keyword set before each sysctl.conf line.

iptables Configuration

iptables on a Router device

{i} For IPv6 the rules are identical. But the ip6tables tool needs to be used in place of iptables

Setup a chain DIVERT to mark packets

iptables -t mangle -N DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT

Use DIVERT to prevent existing connections going through TPROXY twice:

iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT

Mark all other (new) packets and use TPROXY to pass into Squid:

iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3129

ebtables on a Bridging device

Bridging configuration in Linux is done with the ebtables utility.

You also need to follow all the steps for setting up the Squid box as a router device. These bridging rules are additional steps to move packets from bridging mode to routing mode:

## interface facing clients
CLIENT_IFACE=eth0

## interface facing Internet
INET_IFACE=eth1


ebtables -t broute -A BROUTING \
-i $CLIENT_IFACE -p ipv6 --ip6-proto tcp --ip6-dport 80 \
-j redirect --redirect-target DROP

ebtables -t broute -A BROUTING \
-i $CLIENT_IFACE -p ipv4 --ip-proto tcp --ip-dport 80 \
-j redirect --redirect-target DROP

ebtables -t broute -A BROUTING \
-i $INET_IFACE -p ipv6 --ip6-proto tcp --ip6-sport 80 \
-j redirect --redirect-target DROP

ebtables -t broute -A BROUTING \
-i $INET_IFACE -p ipv4 --ip-proto tcp --ip-sport 80 \
-j redirect --redirect-target DROP


cd /proc/sys/net/bridge/
for i in *
do
echo 0 > $i
done
unset i

/!\ The bridge interfaces also need to be configured with public IP addresses for Squid to use in its normal operating traffic (DNS, ICMP, TPROXY failed requests, peer requests, etc)

Bypassing TPROXY intercept

As always, bypassing the firewall rules is always an option. They need to go first, naturally.

Bridges need to place the bypass in ebtables BROUTE before the DROP rules.
Routers need to place the bypass in iptables PREROUTING before the DIVERT chain.

If you do not understand how to do that or what to write in the bypass rules, please locate any beginners guide on iptables or ebtables and read up on how to operate them.

SELINUX Policy tuning

On Linux versions with selinux enabled you also need to tune the selinux policy to allow Squid to use TPROXY. By default the SELINUX policy for Squid denies some of the operations needed for TPROXY. You can tune the policy to allow this by setting a couple selinux booleans:

setsebool squid_connect_any=yes
setsebool squid_use_tproxy=yes

If your version of the selinux policy is missing any of these then see the troubleshooting section for alternative approaches.

WCCP Configuration (only if you use WCCP)

by Steve Wilton {i} $ROUTERIP needs to be replaced with the IP Squid uses to contact the WCCP router.

squid.conf

It is highly recommended that these definitions be used for the two wccp services, otherwise things will break if you have more than one cache (specifically, you will have problems when the a web server's name resolves to multiple ip addresses).

wccp2_router $ROUTERIP
wccp2_forwarding_method gre
wccp2_return_method gre
wccp2_service dynamic 80
wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240 ports=80
wccp2_service dynamic 90
wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source priority=240 ports=80

Router config

On the router, you need to make sure that all traffic going to/from the customer will be processed by _both_ WCCP rules. The way we implement this is to apply:

WCCP service 80 applied to all traffic coming in from a customer-facing interface

WCCP service 90 applied to all traffic going out to a customer-facing interface.

WCCP exclude in rule to all traffic coming in from the proxy-facing interface.

For Example:

interface GigabitEthernet0/3.100
description ADSL customers
encapsulation dot1Q 502
ip address x.x.x.x y.y.y.y
ip wccp 80 redirect in
ip wccp 90 redirect out

interface GigabitEthernet0/3.101
description Dialup customers
encapsulation dot1Q 502
ip address x.x.x.x y.y.y.y
ip wccp 80 redirect in
ip wccp 90 redirect out

interface GigabitEthernet0/3.102
description proxy servers
encapsulation dot1Q 506
ip address x.x.x.x y.y.y.y
ip wccp redirect exclude in

Single Squid behind WCCP interceptor

Cluster of Sibling Squid behind WCCP interceptor

When two sibling peers are both behind a WCCP interception gateway and using TPROXY to spoof the client IP, the WCCP gateway will get confused by two identical sources and redirect packets at the wrong sibling.

This is now resolved by adding the no-tproxy flag to the cluster sibling cache_peer lines. This disables TPROXY spoofing on requests which are received through another peer in the cluster.

cache_peer ip.of.peer sibling 3128 0 no-tproxy ...

Troubleshooting

Squid not spoofing the client IP

Could be a few things. Check cache.log for messages like those listed here in Troubleshooting.

/!\ The warning about missing libcap appears to be issued before cache.log is started. So does not always show up when Squid starts. Start testing this problem by making sure of that dependency manually.

Stopping full transparency: Error enabling needed capabilities.

Something went wrong while setting advanced privileges. What exactly, we don't know at this point. Unfortunately its not logged anywhere either. Perhaps your syslog or /var/log/messages log will have details recorded by the OS.

Stopping full transparency: Missing needed capability support.

libcap support appears to be missing. The library needs to be built into Squid so a rebuild is required after installed the related packages for your system.

commBind: cannot bind socket FD X to X.X.X.X: (99) cannot assign requested address

This error has many reasons for occurring.

It might be seen repeatedly when Squid is running with TPROXY configured:

If the squid port receives traffic by other means than TPROXY interception.
Ports using the tproxy flag /!\ MUST NOT /!\ receive traffic for any other mode Squid can run in.

If Squid is receiving TPROXY traffic on a port without the tproxy flag.
If the kernel is missing the capability to bind to any random IP.

It may also be seen only at startup due to unrelated issues:

Another program already using the port

Address not assigned to any interface

Traffic going through Squid but the timing out

This is usually seen when the network design prevents packets coming back to Squid.

Check that the Routing portion of the config above is set correctly.

Check that the DIVERT is done before TPROXY rules in iptables PREROUTING chain.

Timeouts with Squid not running in the router directly

{i} /!\ The above configuration assumes that squid is running on the router OR has a direct connection to the Internet without having to go through the capture router again. For both outbound and return traffic.

If your network topology uses a squid box sitting the inside the router which passes packets to Squid. Then you will need to explicitly add some additional configuration.

The WCCPv2 example is provided for people using Cisco boxes. For others we can't point to exact routing configuration since it will depend on your router. But you will need to figure out some rule(s) which identify the Squid outbound traffic. Dedicated router interface, service groups, TOS set by Squid tcp_outgoing_tos, and MAC source have all been found to be useful under specific situations. IP address rules are the one thing guaranteed to fail.

{i} We should not really need to say it; but these exception rules MUST be placed before any of the capture TPROXY/DIVERT rules.

Timeouts with Squid running as a bridge or multiple-NIC

When using the bridge configuration or when multi-homing the system care needs to be taken that the default route is correct and will route packets to the Internet. Ideally there is only one default route, but for a bridge with routing enabled or for multi-homed systems there may be multiple.

/!\ There has been one confirmed case of the default route being set automatically by the OS to the dead-end route/NIC used only for administering the bridge.

Wccp2 dst_ip_hash packet loops

by Michael Bowe

Referring to the wccps_service_info settings detailed above.

First method:

dst_ip_hash on 80
src_ip_hash on 90

Ties a particular web server to a particular cache

Second method:

src_ip_hash on 80
dst_ip_hash on 90

Ties a particular client to a particular cache

When using TPROXY the second method must be used. The problem with the first method is this sequence of events which starts to occur:

Say a client wants to access http://some-large-site, their PC resolves the address and gets x.x.x.1

GET request goes off to the network, Cisco sees it and hashes the dst_ip.
Hash for this IP points to cache-A
Router sends the request to cache-A.

This cache takes the GET and does another DNS lookup of that host. This time it resolves to x.x.x.2

Cache sends request off to the !Internet
Reply comes back from x.x.x.2, and arrives at the Cisco.
Cisco does hash on src_ip and this happens to map to cache-B

Reply arrives at cache-B and it doesn�t know anything about it. Trouble! {X}

selinux policy denials

When configuring TPROXY support on Fedora 12 using the Squid shipped with Fedora selinux initially blocked Squid from usng the TPROXY feature.

The quick fix is disabling selinux entirely, but this is not generally desired.

A more permanent fix until the squid part of the selinux policy is updated is to make a custom selinux policy module allowing Squid access to the net operations is needs for TPROXY.

# Temporarily set eslinux in permissive mode and test..
setenforce 0
service squid start
# Make a request via Squid and verity that it works.
service squid stop
setenforce 1
# build & install selinux module based on the denials seen
grep AVC.*squid /var/log/audit/autdit.log | audit2allow -M squidtproxy
semodule -i squidtproxy.pp

Alternatively you can download and install a precomposed policy module from http://www.henriknordstrom.net/code/squidtproxy.te

wget http://www.henriknordstrom.net/code/squidtproxy.te
checkmodule -M -m -o squidtproxy.mod squidtproxy.te
semodule_package -o squidtproxy.pp squidtproxy.mod
semodule -i squidtproxy.pp
setsebool -P squid_connect_any true

References

Older config how-to from before the kernel and iptables bundles were available... http://wiki.squid-cache.org/ConfigExamp ... hingCentOS

Shorewall Firewall Configuration http://www1.shorewall.net/Shorewall_Squ ... tml#TPROXY

++++++++++++++++++++++++++++++++++++++++++++++++++++++

bingung artinya apa itu???


Post Reply

Who is online

Users browsing this forum: No registered users and 121 guests