Hi this is my configuration file. I am sorry, it is so long.
# WELCOME TO SQUID 2
# ------------------
# NETWORK OPTIONS
# -----------------------------------------------------------------------------
# TAG: http_port
#Default:
# http_port 3128
http_port 3128 80
# TAG: https_port
# --enable-ssl option
#Default:
# none
# TAG: ssl_unclean_shutdown
# --enable-ssl option
#Default:
# ssl_unclean_shutdown off
# TAG: icp_port
#Default:
# icp_port 3130
# TAG: htcp_port
# --enable-htcp option
#Default:
# htcp_port 4827
# TAG: mcast_groups
#Default:
# none
# TAG: udp_incoming_address
# TAG: udp_outgoing_address
#Default:
# udp_incoming_address 0.0.0.0
# udp_outgoing_address 255.255.255.255
# OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM
# -----------------------------------------------------------------------------
# TAG: cache_peer
# # proxy icp
# # hostname type port port options
# # -------------------- -------- ----- ----- -----------
# cache_peer parent.foo.net parent 3128 3130 [proxy-only]
# cache_peer sib1.foo.net sibling 3128 3130 [proxy-only]
# cache_peer sib2.foo.net sibling 3128 3130 [proxy-only]
#Default:
# none
# TAG: cache_peer_domain
# cache_peer_domain cache-host domain [domain ...]
# cache_peer_domain cache-host !domain
#Default:
# none
# TAG: neighbor_type_domain
# usage: neighbor_type_domain neighbor parent|sibling domain domain ...
#Default:
# none
# TAG: icp_query_timeout (msec)
#Default:
# icp_query_timeout 0
# TAG: maximum_icp_query_timeout (msec)
#Default:
# maximum_icp_query_timeout 2000
# TAG: mcast_icp_query_timeout (msec)
#Default:
# mcast_icp_query_timeout 2000
# TAG: dead_peer_timeout (seconds)
#Default:
# dead_peer_timeout 10 seconds
# TAG: hierarchy_stoplist
hierarchy_stoplist cgi-bin ?
# TAG: no_cache
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
# OPTIONS WHICH AFFECT THE CACHE SIZE
# -----------------------------------------------------------------------------
# TAG: cache_mem (bytes)
#Default:
# cache_mem 8 MB
cache_mem 128 MB
# TAG: cache_swap_low (percent, 0-100)
# TAG: cache_swap_high (percent, 0-100)
#Default:
cache_swap_low 90
cache_swap_high 95
# TAG: maximum_object_size (bytes)
#Default:
# maximum_object_size 4096 KB
# TAG: minimum_object_size (bytes)
#Default:
# minimum_object_size 0 KB
# TAG: maximum_object_size_in_memory (bytes)
#Default:
maximum_object_size_in_memory 80 KB
# TAG: ipcache_size (number of entries)
# TAG: ipcache_low (percent)
# TAG: ipcache_high (percent)
#Default:
ipcache_size 1024
ipcache_low 90
ipcache_high 95
# TAG: fqdncache_size (number of entries)
#Default:
# fqdncache_size 1024
# TAG: cache_replacement_policy
# lru : Squid's original list based LRU policy
# heap GDSF : Greedy-Dual Size Frequency
# heap LFUDA: Least Frequently Used with Dynamic Aging
# heap LRU : LRU policy implemented using a heap
#Default:
cache_replacement_policy lru
# TAG: memory_replacement_policy
#Default:
memory_replacement_policy lru
# LOGFILE PATHNAMES AND CACHE DIRECTORIES
# -----------------------------------------------------------------------------
# TAG: cache_dir
# cache_dir Type Directory-Name Fs-specific-data [options]
#Default:
# cache_dir ufs /usr/local/squid/var/cache 100 16 256
cache_dir diskd /var/cache 2048 16 256 Q1=72 Q2=64
# cache_dir ufs /var/cache 3072 16 256
# TAG: cache_access_log
#Default:
# cache_access_log /usr/local/squid/var/logs/access.log
cache_access_log /var/log/squid/access.log
# TAG: cache_log
#Default:
# cache_log /usr/local/squid/var/logs/cache.log
cache_log /var/log/squid/cache.log
# TAG: cache_store_log
#Default:
# cache_store_log /usr/local/squid/var/logs/store.log
cache_store_log /var/log/squid/store.log
# TAG: cache_swap_log
#Default:
# none
cache_swap_log /var/log/squid/cache_swap_log.log
# TAG: emulate_httpd_log on|off
#Default:
# emulate_httpd_log off
# TAG: log_ip_on_direct on|off
#Default:
# log_ip_on_direct on
# TAG: mime_table
#Default:
# mime_table /usr/local/squid/etc/mime.conf
# TAG: log_mime_hdrs on|off
#Default:
# log_mime_hdrs off
# TAG: useragent_log
# --enable-useragent-log option
#Default:
# none
# TAG: referer_log
# --enable-referer-log option
#Default:
# none
# TAG: pid_filename
#Default:
# pid_filename /usr/local/squid/var/logs/squid.pid
pid_filename /var/log/squid/squid.pid
# TAG: debug_options
#Default:
# debug_options ALL,1
# TAG: log_fqdn on|off
#Default:
# log_fqdn off
# TAG: client_netmask
#Default:
# client_netmask 255.255.255.255
# OPTIONS FOR EXTERNAL SUPPORT PROGRAMS
# -----------------------------------------------------------------------------
# TAG: ftp_user
#Default:
# ftp_user Squid@
# TAG: ftp_list_width
#Default:
# ftp_list_width 32
# TAG: ftp_passive
#Default:
# ftp_passive on
# TAG: ftp_sanitycheck
#Default:
# ftp_sanitycheck on
# TAG: ftp_telnet_protocol
#Default:
# ftp_telnet_protocol on
# TAG: cache_dns_program
# --disable-internal-dns option
#Default:
# cache_dns_program /usr/local/squid/libexec/dnsserver
# TAG: dns_children
# --disable-internal-dns option
#Default:
# dns_children 5
# TAG: dns_retransmit_interval
#Default:
# dns_retransmit_interval 5 seconds
# TAG: dns_timeout
#Default:
# dns_timeout 2 minutes
# TAG: dns_defnames on|off
# --disable-internal-dns option
#Default:
# dns_defnames off
# TAG: dns_nameservers
#Default:
# none
# TAG: hosts_file
#Default:
# hosts_file /etc/hosts
# TAG: diskd_program
#Default:
diskd_program /usr/local/squid/libexec/diskd
# TAG: unlinkd_program
#Default:
unlinkd_program /usr/local/squid/libexec/unlinkd
# TAG: pinger_program
# --enable-icmp option
#Default:
# pinger_program /usr/local/squid/libexec/pinger
# TAG: redirect_program
#Default:
# none
# TAG: redirect_children
#Default:
# redirect_children 5
# TAG: redirect_rewrites_host_header
#Default:
# redirect_rewrites_host_header on
# TAG: redirector_access
#Default:
# none
# TAG: auth_param
#Recommended minimum configuration:
#auth_param digest program <uncomment and complete this line>
#auth_param digest children 5
#auth_param digest realm Squid proxy-caching web server
#auth_param digest nonce_garbage_interval 5 minutes
#auth_param digest nonce_max_duration 30 minutes
#auth_param digest nonce_max_count 50
#auth_param ntlm program <uncomment and complete this line to activate>
#auth_param ntlm children 5
#auth_param ntlm max_challenge_reuses 0
#auth_param ntlm max_challenge_lifetime 2 minutes
#auth_param ntlm use_ntlm_negotiate off
#auth_param basic program <uncomment and complete this line>
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
# TAG: authenticate_cache_garbage_interval
#Default:
# authenticate_cache_garbage_interval 1 hour
# TAG: authenticate_ttl
#Default:
# authenticate_ttl 1 hour
# TAG: authenticate_ip_ttl
#Default:
# authenticate_ip_ttl 0 seconds
# TAG: external_acl_type
#Default:
# none
# OPTIONS FOR TUNING THE CACHE
# -----------------------------------------------------------------------------
# TAG: wais_relay_host
# TAG: wais_relay_port
#Default:
# wais_relay_port 0
# TAG: request_header_max_size (KB)
#Default:
# request_header_max_size 10 KB
# TAG: request_body_max_size (KB)
#Default:
# request_body_max_size 0 KB
# TAG: refresh_pattern
# usage: refresh_pattern [-i] regex min percent max [options]
# options: override-expire
# override-lastmod
# reload-into-ims
# ignore-reload
#Suggested default:
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
# TAG: quick_abort_min (KB)
# TAG: quick_abort_max (KB)
# TAG: quick_abort_pct (percent)
#Default:
quick_abort_min 16 KB
quick_abort_max 64 KB
quick_abort_pct 95
# TAG: negative_ttl time-units
#Default:
# negative_ttl 5 minutes
# TAG: positive_dns_ttl time-units
#Default:
positive_dns_ttl 1 hours
# TAG: negative_dns_ttl time-units
#Default:
# negative_dns_ttl 1 minute
# TAG: range_offset_limit (bytes)
#Default:
# range_offset_limit 0 KB
range_offset_limit 10240 KB
# TIMEOUTS
# -----------------------------------------------------------------------------
# TAG: forward_timeout time-units
#Default:
# forward_timeout 4 minutes
# TAG: connect_timeout time-units
#Default:
# connect_timeout 1 minute
# TAG: peer_connect_timeout time-units
#Default:
# peer_connect_timeout 30 seconds
# TAG: read_timeout time-units
#Default:
# read_timeout 15 minutes
# TAG: request_timeout
#Default:
# request_timeout 5 minutes
# TAG: persistent_request_timeout
#Default:
# persistent_request_timeout 1 minute
# TAG: client_lifetime time-units
#Default:
# client_lifetime 1 day
# TAG: half_closed_clients
#Default:
# half_closed_clients on
half_closed_clients on
# TAG: pconn_timeout
#Default:
pconn_timeout 120 seconds
# TAG: ident_timeout
#Default:
ident_timeout 10 seconds
# TAG: shutdown_lifetime time-units
#Default:
shutdown_lifetime 30 seconds
# ACCESS CONTROLS
# -----------------------------------------------------------------------------
# TAG: acl
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl owns_network src 192.168.8.0/24
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
# TAG: http_access
#Default:
# http_access deny all
#Recommended minimum configuration:
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access allow owns_network
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
http_access deny all
# TAG: http_reply_access
#Default:
# http_reply_access allow all
http_reply_access allow owns_network
http_reply_access deny all
# TAG: icp_access
#Default:
icp_access deny all
#icp_access allow all
# TAG: miss_access
#Default setting:
# miss_access allow all
miss_access allow owns_network
miss_access deny !owns_network
# TAG: cache_peer_access
#Default:
# none
# TAG: ident_lookup_access
#Default:
ident_lookup_access deny all
# TAG: tcp_outgoing_tos
#Default:
# none
# TAG: tcp_outgoing_address
#Default:
# none
# TAG: reply_body_max_size bytes allow|deny acl acl...
#Default:
# reply_body_max_size 0 allow all
# ADMINISTRATIVE PARAMETERS
# -----------------------------------------------------------------------------
# TAG: cache_mgr
#Default:
# cache_mgr webmaster
cache_mgr
master@cybercafe.net
# TAG: cache_effective_user
# TAG: cache_effective_group
#Default:
# cache_effective_user nobody
# TAG: visible_hostname
#Default:
# none
# TAG: unique_hostname
#Default:
# none
# TAG: hostname_aliases
#Default:
# none
# OPTIONS FOR THE CACHE REGISTRATION SERVICE
# -----------------------------------------------------------------------------
#Default:
# announce_period 0
#announce_period 1 day
# TAG: announce_host
# TAG: announce_file
# TAG: announce_port
#Default:
# announce_host tracker.ircache.net
# announce_port 3131
# HTTPD-ACCELERATOR OPTIONS
# -----------------------------------------------------------------------------
# TAG: httpd_accel_host
# TAG: httpd_accel_port
#Default:
httpd_accel_port 80
httpd_accel_host virtual
# TAG: httpd_accel_single_host on|off
#Default:
# httpd_accel_single_host off
# TAG: httpd_accel_with_proxy on|off
#Default:
# httpd_accel_with_proxy off
httpd_accel_with_proxy on
# TAG: httpd_accel_uses_host_header on|off
#Default:
# httpd_accel_uses_host_header off
httpd_accel_uses_host_header on
# MISCELLANEOUS
# -----------------------------------------------------------------------------
# TAG: dns_testnames
#Default:
# dns_testnames netscape.com internic.net nlanr.net microsoft.com
# TAG: logfile_rotate
#Default:
logfile_rotate 10
# TAG: append_domain
#Example:
# append_domain .yourdomain.com
#
#Default:
# none
# TAG: tcp_recv_bufsize (bytes)
#Default:
# tcp_recv_bufsize 0 bytes
# TAG: err_html_text
#Default:
# none
# TAG: deny_info
#Default:
# none
# TAG: memory_pools on|off
#Default:
# memory_pools on
# TAG: memory_pools_limit (bytes)
#Default:
# none
# TAG: forwarded_for on|off
#Default:
forwarded_for on
# TAG: log_icp_queries on|off
#Default:
# log_icp_queries on
# TAG: icp_hit_stale on|off
#Default:
# icp_hit_stale off
# TAG: minimum_direct_hops
#Default:
# minimum_direct_hops 4
# TAG: minimum_direct_rtt
#Default:
# minimum_direct_rtt 400
# TAG: cachemgr_passwd
#Example:
# cachemgr_passwd secret shutdown
# cachemgr_passwd lesssssssecret info stats/objects
# cachemgr_passwd disable all
#
#Default:
# none
# TAG: store_avg_object_size (kbytes)
#Default:
# store_avg_object_size 13 KB
# TAG: store_objects_per_bucket
#Default:
# store_objects_per_bucket 20
# TAG: client_db on|off
#Default:
# client_db on
# TAG: netdb_low
# TAG: netdb_high
#Default:
# netdb_low 900
# netdb_high 1000
# TAG: netdb_ping_period
#Default:
# netdb_ping_period 5 minutes
# TAG: query_icmp on|off
#Default:
# query_icmp off
# TAG: test_reachability on|off
#Default:
# test_reachability off
# TAG: buffered_logs on|off
#Default:
# buffered_logs off
# TAG: reload_into_ims on|off
#Default:
# reload_into_ims off
# TAG: always_direct
# Usage: always_direct allow|deny [!]aclname ...
#Default:
# none
# TAG: never_direct
# Usage: never_direct allow|deny [!]aclname ...
#Default:
# none
# TAG: header_access
#Default:
# none
# TAG: header_replace
#Default:
# none
# TAG: icon_directory
#Default:
# icon_directory /usr/local/squid/share/icons
# TAG: short_icon_urls
#Default:
# short_icon_urls off
# TAG: error_directory
#Default:
error_directory /usr/local/squid/share/errors/English
# TAG: maximum_single_addr_tries
# maximum_single_addr_tries 1
# TAG: snmp_port
#Default:
snmp_port 3401
# TAG: snmp_access
acl snmppublic snmp_community cybercafe
snmp_access allow snmppublic localhost
snmp_access deny all
#
#Default:
# snmp_access deny all
# TAG: snmp_incoming_address
# TAG: snmp_outgoing_address
#Default:
# snmp_incoming_address 0.0.0.0
# snmp_outgoing_address 255.255.255.255
# TAG: as_whois_server
#Default:
# as_whois_server whois.ra.net
# as_whois_server whois.ra.net
# TAG: wccp_router
#Default:
# wccp_router 0.0.0.0
# TAG: wccp_version
#Default:
# wccp_version 4
# TAG: wccp_incoming_address
# TAG: wccp_outgoing_address
#Default:
# wccp_incoming_address 0.0.0.0
# wccp_outgoing_address 255.255.255.255
# DELAY POOL PARAMETERS (all require DELAY_POOLS compilation option)
# -----------------------------------------------------------------------------
# TAG: delay_pools
#Default:
# delay_pools 0
# TAG: delay_class
#Example:
# delay_pools 2 # 2 delay pools
# delay_class 1 2 # pool 1 is a class 2 pool
# delay_class 2 3 # pool 2 is a class 3 pool
#Default:
# none
# TAG: delay_access
#Example:
# delay_access 1 allow some_big_clients
# delay_access 1 deny all
# delay_access 2 allow lotsa_little_clients
# delay_access 2 deny all
#Default:
# none
# TAG: delay_parameters
#Default:
# none
# TAG: delay_initial_bucket_level (percent, 0-100)
#Default:
# delay_initial_bucket_level 50
# TAG: incoming_icp_average
# TAG: incoming_http_average
# TAG: incoming_dns_average
# TAG: min_icp_poll_cnt
# TAG: min_dns_poll_cnt
# TAG: min_http_poll_cnt
#Default:
# incoming_icp_average 6
# incoming_http_average 4
# incoming_dns_average 4
# min_icp_poll_cnt 8
# min_dns_poll_cnt 8
# min_http_poll_cnt 8
# TAG: max_open_disk_fds
#Default:
# max_open_disk_fds 0
# TAG: offline_mode
#Default:
# offline_mode off
# TAG: uri_whitespace
#Default:
# uri_whitespace strip
# TAG: broken_posts
#Example:
# acl buggy_server url_regex ^
http://....
# broken_posts allow buggy_server
#
#Default:
# none
# TAG: mcast_miss_addr
# -DMULTICAST_MISS_STREAM option
#Default:
# mcast_miss_addr 255.255.255.255
# TAG: mcast_miss_ttl
# -DMULTICAST_MISS_TTL option
#Default:
# mcast_miss_ttl 16
# TAG: mcast_miss_port
# -DMULTICAST_MISS_STREAM option
#Default:
# mcast_miss_port 3135
# TAG: mcast_miss_encode_key
# -DMULTICAST_MISS_STREAM option
#Default:
# mcast_miss_encode_key XXXXXXXXXXXXXXXX
# TAG: nonhierarchical_direct
#Default:
# nonhierarchical_direct on
# TAG: prefer_direct
#Default:
# prefer_direct off
# TAG: strip_query_terms
#Default:
# strip_query_terms on
# TAG: coredump_dir
#Default:
# coredump_dir none
coredump_dir /var/cache
# TAG: redirector_bypass
#Default:
# redirector_bypass off
# TAG: ignore_unknown_nameservers
#Default:
# ignore_unknown_nameservers on
# TAG: digest_generation
# --enable-cache-digests option
#Default:
# digest_generation on
# TAG: digest_bits_per_entry
# --enable-cache-digests option
#Default:
# digest_bits_per_entry 5
# TAG: digest_rebuild_period (seconds)
# --enable-cache-digests option
#Default:
# digest_rebuild_period 1 hour
# TAG: digest_rewrite_period (seconds)
# --enable-cache-digests option
#Default:
# digest_rewrite_period 1 hour
# TAG: digest_swapout_chunk_size (bytes)
# --enable-cache-digests option
#Default:
# digest_swapout_chunk_size 4096 bytes
# TAG: digest_rebuild_chunk_percentage (percent, 0-100)
# --enable-cache-digests option
#Default:
# digest_rebuild_chunk_percentage 10
# TAG: chroot
#Default:
# none
# TAG: client_persistent_connections
# TAG: server_persistent_connections
#Default:
# client_persistent_connections on
# server_persistent_connections on
# TAG: detect_broken_pconn
#Default:
# detect_broken_pconn off
# TAG: pipeline_prefetch
#Default:
# pipeline_prefetch off
# TAG: extension_methods
#Default:
# none
# TAG: request_entities
#Default:
# request_entities off
# TAG: high_response_time_warning (msec)
#Default:
# high_response_time_warning 0
# TAG: high_page_fault_warning
#Default:
# high_page_fault_warning 0
# TAG: high_memory_warning
#Default:
# high_memory_warning 0
# TAG: store_dir_select_algorithm
#Default:
# store_dir_select_algorithm least-load
# TAG: forward_log
# -DWIP_FWD_LOG option
#Default:
# none
# TAG: ie_refresh on|off
#Default:
# ie_refresh off
ie_refresh on
# TAG: vary_ignore_expire on|off
#Default:
# vary_ignore_expire off
# TAG: sleep_after_fork (microseconds)
#Default:
# sleep_after_fork 0