# $Id: master.m4,v 1.38 2007/12/13 01:04:12 wessels Exp $ # # squid.conf - Squid Object Cache configuration file # # Host: uc.us.ircache.net # Description: NLANR Root Cache in Urbana-Champaign, Illinois # # For more information about the Squid Object Cache, refer to # http://www.nlanr.net/Squid/ # # $Id: body.m4,v 1.553 2010/02/28 00:55:37 wessels Exp $ http_port 127.0.0.1:3128 http_port 141.142.30.135:3128 http_port 141.142.30.135:3120 icp_port 3130 htcp_port 4827 udp_incoming_address 141.142.30.135 snmp_incoming_address 141.142.30.135 # nlanr_peers ACL is referenced by mk-acl.pl # uc acl nlanr_peers src 141.142.30.135 # bo2 acl nlanr_peers src 209.169.10.133 # sv acl nlanr_peers src 208.67.232.138 # sd acl nlanr_peers src 192.172.226.121 # sj acl nlanr_peers src 204.29.239.20 # rtp acl nlanr_peers src 128.109.131.47 # ny acl nlanr_peers src 64.90.188.50 acl nlanr_peers src 64.90.188.52 cache_peer bo2.us.ircache.net sibling 3128 3130 cache_peer_access bo2.us.ircache.net deny nlanr_peers cache_peer sj.us.ircache.net sibling 3128 4827 htcp cache_peer_access sj.us.ircache.net deny nlanr_peers cache_mem 10 MB cache_swap_low 90 cache_swap_high 95 cache_dir diskd /cache0/3Cache 65000 16 256 Q1=72 Q2=64 cache_dir diskd /cache1/3Cache 65000 16 256 Q1=72 Q2=64 cache_dir diskd /cache2/3Cache 65000 16 256 Q1=72 Q2=64 cache_dir diskd /cache3/3Cache 65000 16 256 Q1=72 Q2=64' cache_dir diskd /cache4/3Cache 65000 16 256 Q1=72 Q2=64' cache_dir diskd /cache5/3Cache 65000 16 256 Q1=72 Q2=64' cache_dir diskd /cache6/3Cache 65000 16 256 Q1=72 Q2=64' cache_dir diskd /cache7/3Cache 65000 16 256 Q1=72 Q2=64' cache_dir diskd /cache8/3Cache 65000 16 256 Q1=72 Q2=64' cache_dir diskd /cache9/3Cache 65000 16 256 Q1=72 Q2=64' cache_dir diskd /cacheA/3Cache 65000 16 256 Q1=72 Q2=64' cache_dir diskd /cacheB/3Cache 65000 16 256 Q1=72 Q2=64' cache_dir diskd /cacheC/3Cache 65000 16 256 Q1=72 Q2=64' cache_dir diskd /cacheD/3Cache 65000 16 256 Q1=72 Q2=64' cache_dir diskd /cacheE/3Cache 65000 16 256 Q1=72 Q2=64' cache_dir diskd /cacheF/3Cache 65000 16 256 Q1=72 Q2=64' cache_dir diskd /cacheG/3Cache 65000 16 256 Q1=72 Q2=64' store_dir_select_algorithm round-robin cache_access_log /usr/local/squid/var/logs/access.log cache_log /usr/local/squid/var/logs/cache.log cache_store_log /usr/local/squid/var/logs/store.log pid_filename /usr/local/squid3/squid.pid useragent_log none hierarchy_stoplist cgi-bin hierarchy_stoplist ? acl QUERY urlpath_regex cgi \? no_cache deny QUERY # quick abort: # always finish if less than 10k # finish if more than 50% # always abort if more than 1024k quick_abort_min 20 mb quick_abort_pct 50% quick_abort_max 100 mb #quick_abort_min -1 KB emulate_httpd_log off refresh_pattern . 0 20% 4320 maximum_object_size 1024 MB read_timeout 30 minutes client_lifetime 3 hours pconn_timeout 15 seconds request_timeout 1 minute shutdown_lifetime 10 seconds positive_dns_ttl 53 seconds negative_dns_ttl 29 seconds ipcache_size 10240 ipcache_low 98 ipcache_high 99 cache_mgr wessels@uc.us.ircache.net cache_effective_user squid announce_host tracker.ircache.net announce_port 3131 announce_period 4 hours visible_hostname uc.us.ircache.net hostname_aliases uc.cache.nlanr.net minimum_direct_hops 5 minimum_direct_rtt 50 log_fqdn off #ident_lookup off memory_pools off forwarded_for on icp_hit_stale on logfile_rotate 0 #referer_log /usr/local/squid/var/logs/referer.log store_objects_per_bucket 10 store_avg_object_size 13 kb netdb_high 10000 netdb_low 9900 netdb_ping_period 30 seconds log_icp_queries off #test_reachability off query_icmp on debug_options ALL,1 98,2 error_directory /usr/local/squid3/share/local-errors half_closed_clients off incoming_icp_average 20 acl ircache.net src 209.169.10.132 snmp_access allow ircache.net high_memory_warning 400 mb high_response_time_warning 2000 high_page_fault_warning 2 auth_param basic program /usr/local/squid3/libexec/ncsa_auth /usr/local/squid/etc/passwd auth_param basic children 5 auth_param basic realm IRCache Proxy Access acl NCSAPasswd proxy_auth REQUIRED #acl MaxMissesPerClient max_url_misses 10 #miss_access deny MaxMissesPerClient #deny_info ERR_TOO_MANY_SIMULATENOUS MaxMissesPerClient strip_query_terms off #ignore_only_if_cached IOIC #icp_false_hit_ratio IFHR coredump_dir /usr/local/squid3/var redirect_children 20 redirect_program /usr/local/squid/libexec/myredir.pl redirector_bypass on range_offset_limit 50 KB acl peers src 127.0.0.1 acl peers src 142.90.100.0/24 acl peers src 195.242.9.17 acl peers src 12.160.37.0/28 acl peers src 157.252.10.0/24 acl peers src 129.162.0.0/16 acl peers src 129.10.116.0/24 acl peers src 155.33.248.0/22 acl peers src 204.29.239.0/24 acl peers src 193.233.9.0/24 acl peers src 217.76.96.32/27 acl peers src 192.58.220.0/24 acl peers src 193.232.212.50/32 acl mgr src 127.0.0.1 12.160.37.0/24 209.169.10.128/28 acl Manager proto cache_object #squid3 defines all internally #acl all src 0.0.0.0/0.0.0.0 acl post method POST acl ssl method CONNECT acl purge method PURGE acl IRCACHE dst 12.160.37.6 acl IRCACHE dst 209.169.10.132 acl BADPORTS port 7 9 11 19 22 23 25 53 110 119 513 514 acl VIRUS urlpath_regex winnt/system32/cmd.exe? acl VIRUS urlpath_regex ^/osa..gif acl VIRUS urlpath_regex ^/./fils.php acl VIRUS urlpath_regex ^/./999.jpg acl VIRUS urlpath_regex ^/w.php acl YAHOOATTACK urlpath_regex akamai.*yahoo.*config/login acl INADDR_ANY dst 0.0.0.0/32 acl IpAddrProbeUA browser ^Mozilla/4.0.\(compatible;.MSIE.5.5;.Windows.98\)$ acl IpAddrProbeURL url_regex //[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/$ icp_access deny post icp_access allow all # okay to remove this if chg.ru cleans up its act acl chg.ru src 193.232.212.50 193.233.46.21 acl cvsweb url_regex cvsweb http_access deny chg.ru cvsweb http_access deny IpAddrProbeUA IpAddrProbeURL deny_info TCP_RESET IpAddrProbeURL acl OriginsThatComplainOfAbuse dstdomain .fencing101.com http_access deny OriginsThatComplainOfAbuse deny_info TCP_RESET OriginsThatComplainOfAbuse acl soedirman dstdomain soedirman.gudangupload.com http_access deny soedirman acl SafariOreilly dstdomain safari.oreilly.com acl FromNCSA src 141.142.0.0/16 http_access deny SafariOreilly !FromNCSA acl LiveBentCom dstdomain live.bent.com acl LiveBentComAbuseUserid proxy_auth jun.armirola@gmail.com http_access deny LiveBentCom LiveBentComAbuseUserid http_access allow purge mgr http_access allow purge nlanr_peers http_access deny purge http_access allow Manager mgr http_access allow Manager nlanr_peers http_access deny Manager http_access deny BADPORTS http_access deny ssl http_access deny VIRUS http_access deny YAHOOATTACK http_access deny INADDR_ANY http_access allow nlanr_peers http_access allow peers http_access allow IRCACHE http_access allow NCSAPasswd http_access deny all reply_body_max_size 1073741824 bytes all # END configuration for host uc.us.ircache.net