http_port 3128 transparent
icp_port 3130
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache_mem 128 MB
memory_pools on
maximum_object_size 100 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 128 KB
cache_dir ufs /01 10000 16 256
cache_dir ufs /02 10000 16 256
cache_dir ufs /03 10000 16 256
cache_dir ufs /04 10000 16 256
cache_dir ufs /05 10000 16 256
cache_dir ufs /06 10000 16 256
coredump_dir /var/spool/squid
cache_access_log /var/log/squid/access.log
cache_store_log /var/log/squid/store.log
cache_log /var/log/squid/cache.log
ftp_user
Info@GMAIL.org
refresh_pattern windowsupdate.com/.*\.(cab|exe|psf) 4320 100% 43200 reload-into-ims
refresh_pattern download.microsoft.com/.*\.(cab|exe|psf) 4320 100% 43200 reload-into-ims
refresh_pattern au.download.windowsupdate.com/.*\.(cab|exe|psf) 4320 100% 43200 reload-into-ims
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
#refresh_pattern -i .htm 10080 80% 28800 reload-into-ims override-lastmod
#refresh_pattern -i .html 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .js 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .exe 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .zip 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .dat 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .rar 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .cap 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .pdf 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .cab 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .rpm 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .bz2 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .tar 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .gz 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .EXE 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .ZIP 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .CAB 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .msi 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .PDF 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .doc 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .tgz 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .txt 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .rfc 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .jpg 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .gif 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .bmp 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .ico 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .swf 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .png 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .mpg 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .mpeg 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .wmv 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .mov 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .avi 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .mp3 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .wav 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .wma 10080 80% 28800 reload-into-ims override-lastmod
refresh_pattern -i .mid 10080 80% 28800 reload-into-ims override-lastmod
quick_abort_min 64 KB
quick_abort_max 512 KB
quick_abort_pct 70%
acl virus1 urlpath_regex -i \.elm$
acl virus2 urlpath_regex -i root.exe
acl virus3 urlpath_regex -i cmd.exe
acl virus4 urlpath_regex -i ^
http://.*www
acl virus5 urlpath_regex -i readme.exe
acl virus6 urlpath_regex -i default.id
acl virus7 urlpath_regex -i :25
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl lan1 src 192.168.30.0/255.255.255.255
acl lan2 src 80.***.***.0/255.255.255.0
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access deny virus1
http_access deny virus2
http_access deny virus3
http_access deny virus4
http_access deny virus5
http_access deny virus6
http_access deny virus7
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow lan1
http_access allow lan2
http_access deny all
icp_access allow all
cache_mgr
support@XXXX.net
cache_effective_user squid
cache_effective_group squid
logfile_rotate 3
forwarded_for on
emulate_httpd_log off
log_fqdn off
acl snmppublic snmp_community public
snmp_access allow snmppublic localhost
snmp_access deny all
snmp_incoming_address 0.0.0.0
snmp_outgoing_address 255.255.255.255
dns_nameservers 217.218.127.104 4.2.2.3
acl files urlpath_regex -i \.mp3$ \.mpg$ \.mpeg$ \.3gp$ \.cab$ \.psf$ \.flv$ \.pdf$ \.ra$ \.ram$ \.avi$ \.wma$ \.wmv$ \.png$ \.doc$ \.swf$ \.exe$ \.zip$ \.bmp$ \.js$ \.jpg$ \.jpeg$ \.css$ \.xml$ \.txt$ \.dat$ \.dll$ \.gif$ \.php$ \.rar$
cache_peer 192.168.60.60 parent 3030 0 proxy-only no-query default
never_direct allow files
always_direct allow !files
acl magic_words1 url_regex -i 80.191
acl magic_words2 url_regex -i ftp .exe .mp3 .vqf .rpm .zip .tar .z .gz .rar .avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav .mov .swf .Z
delay_pools 2
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow magic_words1
delay_class 2 2
delay_parameters 2 12000/40000 12000/40000
delay_access 2 allow magic_words2
-----------------------------------------------------------------------------
iptables -t nat -A POSTROUTING -o eth3 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth3 -p tcp --dport 80 -j REDIRECT --to-port 3128