1 (edited by opikdesign 02-08-2009 19:11:22)

Topic: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

keanehan saya alami di squid 2.7 stable3 ubuntu 9.04 server Jaunty...

awalnya sih gak ada masalah HIT bisa seputar 30-50%an...
semenjak upgrade ubuntu dgn menggunakan apt-get update && apt-get upgrade disitu juga terjadi upgrade pada Squid-nya, sejak itulah tidak pernah mendapatkan HIT 1% pun selalu TCP_MISS, parah khan?!

yang sudah lakukan saat itu, meng-non-aktif-kan squid dan menghapus isi cache dan log, kemudian melakukan rebuild cache (squid -z) dan mengaktifkan kembali squid.
di test, hasilnya nihil... tetap TCP_MISS...

sampai berulang-ulang saya lakukan tersebut dan reboot ubuntunya,
alhasil masih nihil... TCP_MISS

untuk menguji settingan /etc/squid/squid.conf, sy penasaran, mencari kompi nganggur sy install ubuntu 8.10 server interpid, menggunakan settingan yang sama hasilnya banyak yang HIT.

masih penasaran... ubuntu 8.10 server Interpid saya format dan install dgn ubuntu 9.04 server Jaunty, tetap menggunakan file settingan yg sama dan tanpa upgrade ubuntu-nya, hasil juga banyak yang HIT, tetapi setelah saya lakukan upgrade di ubuntu hasilnya menjadi TCP_MISS semuanya gak ada HIT sama sekali...

di /var/squid/cache.log ada yg belum pernah saya lihat yaitu....

2009/08/02 15:25:35| aioSync: flushing pending I/O operations
2009/08/02 15:25:35| aioSync: done
2009/08/02 15:25:35| aioSync: flushing pending I/O operations
2009/08/02 15:25:35| aioSync: done
2009/08/02 15:25:35| logfileClose: closing log /var/log/squid/access.log
2009/08/02 15:25:35| aioSync: flushing pending I/O operations
2009/08/02 15:25:35| aioSync: done
2009/08/02 15:25:35| aioSync: flushing pending I/O operations
2009/08/02 15:25:35| aioSync: done

dan sebagai berikut file settingan squid...

#==================================$
#  Proxy Server Versi 2.7.Stable3
#  by th@opikdesign.com
#==================================$

#################################################################
# Port
#################################################################
http_port 3128 transparent
icp_port 3130
prefer_direct off

#################################################################
# Cache & Object
#################################################################

cache_mem 6 MB
cache_swap_low 98
cache_swap_high 99

max_filedesc 8192

maximum_object_size 4095 MB
minimum_object_size 0 bytes
maximum_object_size_in_memory 1024 bytes

ipcache_size 5120
ipcache_low 98
ipcache_high 99

fqdncache_size 5120

cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF

cache_dir aufs /home/proxy1 9000 32 256
cache_dir aufs /home/proxy2 9000 32 256

cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
pid_filename /var/run/squid.pid
cache_swap_log /var/log/squid/swap.state

dns_nameservers /etc/resolv.conf

emulate_httpd_log off
hosts_file /etc/hosts
# half_closed_clients off
negative_ttl 1 minutes


#################################################################
# Rules: Safe Port
#################################################################

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8

acl SSL_ports port 443 563 873                    # https snews rsync
acl Safe_ports port 80                        # http
acl Safe_ports port 20 21                        # ftp
acl Safe_ports port 70                        # gopher
acl Safe_ports port 210                        # wais
acl Safe_ports port 1025-65535                    # unregistered ports
acl Safe_ports port 631                        # cups
acl Safe_ports port 10000                        # webmin
acl Safe_ports port 901                        # SWAT
acl Safe_ports port 280                        # http-mgmt
acl Safe_ports port 488                        # gss-http
acl Safe_ports port 591                        # filemaker
acl Safe_ports port 777                        # multiling http
acl Safe_ports port 873                        # rsync
acl Safe_ports port 110                        # POP3
acl Safe_ports port 25                        # SMTP
acl Safe_ports port 2095 2096                    # webmail from cpanel
acl Safe_ports port 2082 2083                    # cpanel

acl purge method PURGE
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost    
http_access deny purge
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports !Safe_ports


#################################################################
# Refresh Pattern
#################################################################

refresh_pattern ^ftp:    1440    20%    10080
refresh_pattern ^gopher:    1440    0%    1440
refresh_pattern ^http:    720    100%    4320

refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|mpg|swf|flv|x-flv)$ 43200 90% 432000 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(deb|rpm|exe|ram|bin|pdf|ppt|doc|tiff)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(zip|gz|arj|lha|lzh|tar|tgz|cab|rar)$ 10080 95% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.index.(html|htm|php|asp|aspx|cgi)$ 0 40% 10080
refresh_pattern -i \.(html|htm|css|js) 1440 40% 40320

refresh_pattern ^http://*.friendster.com/.* 720 100% 4320
refresh_pattern ^http://*.facebook.com/.* 720 100% 4320
refresh_pattern ^http://mail.yahoo.com/.* 720 100% 4320
refresh_pattern ^http://*.yahoo.*/.* 720 100% 4320
refresh_pattern ^http://*.yimg.*/.* 720 100% 4320
refresh_pattern ^http://*.google.*/.* 720 100% 4320
refresh_pattern ^http://*.telkomspeedy.com/.* 720 100% 4320
refresh_pattern ^http://*.kaskus.*/.* 720 100% 4320
refresh_pattern ^http://*.hotmail.*/.* 720 100% 4320
refresh_pattern ^http://*.wikipedia.*/.* 720 100% 4320
refresh_pattern ^http://wiki.*.*/.* 720 100% 4320
refresh_pattern ^http://*.jobsdb.*/.* 720 100% 4320
refresh_pattern ^http://*.karir.*/.* 720 100% 4320
refresh_pattern ^http://mail.plasa.com/.* 720 100% 4320
refresh_pattern ^http://*.detik.*/.* 60 20% 360
refresh_pattern ^http://*.detikinet.*/.* 60 20% 360
refresh_pattern ^http://*.detikhot.*/.* 60 20% 360
refresh_pattern ^http://*.detiportal.*/.* 60 100% 360
refresh_pattern ^http://*.kompas.*/.* 60 20% 360
refresh_pattern ^http://*.okezone.*/.* 60 20% 360
refresh_pattern ^http://*.trans7.*/.* 720 100% 4320
refresh_pattern ^http://*.rcti.*/.* 720 100% 4320
refresh_pattern ^http://*.indosiar.*/.* 720 100% 4320
refresh_pattern ^http://*.metrotvnews.*/.* 720 100% 4320
refresh_pattern ^http://*.transtv.*/.* 720 100% 4320
refresh_pattern ^http://*.kapanlagi.*/.* 720 100% 4320
refresh_pattern ^http://*.ebay.*/.* 720 100% 4320

refresh_pattern .     0    20%    4320


#################################################################
# Memaksa file2 video untuk di cache
#################################################################

acl streaming url_regex -i \.youtube\.com\/get_video\?
acl streaming url_regex -i \.googlevideo\.com\/videoplayback \.googlevideo\.com\/videoplay \.googlevideo\.com\/get_video\?
acl streaming url_regex -i \.google\.com\/videoplayback \.google\.com\/videoplay \.google\.com\/get_video\?
acl streaming url_regex -i \.google\.[a-z][a-z]\/videoplayback \.google\.[a-z][a-z]\/videoplay \.google\.[a-z][a-z]\/get_video\?
acl streaming url_regex -i (25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/videoplayback\?
acl streaming url_regex -i (25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/videoplay\?
acl streaming url_regex -i (25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/get_video\?
acl streaming url_regex -i proxy[a-z0-9\-][a-z0-9][a-z0-9][a-z0-9]?\.dailymotion\.com\/
acl streaming url_regex -i vid\.akm\.dailymotion\.com\/
acl streaming url_regex -i [a-z0-9][0-9a-z][0-9a-z]?[0-9a-z]?[0-9a-z]?\.xtube\.com\/(.*)flv
acl streaming url_regex -i bitcast\.vimeo\.com\/vimeo\/videos\/
acl streaming url_regex -i va\.wrzuta\.pl\/wa[0-9][0-9][0-9][0-9]?
acl streaming url_regex -i \.files\.youporn\.com\/(.*)\/flv\/
acl streaming url_regex -i \.msn\.com\.edgesuite\.net\/(.*)\.flv
acl streaming url_regex -i media[a-z0-9]?[a-z0-9]?[a-z0-9]?\.tube8\.com\/ mobile[a-z0-9]?[a-z0-9]?[a-z0-9]?\.tube8\.com\/
acl streaming url_regex -i \.mais\.uol\.com\.br\/(.*)\.flv
acl streaming url_regex -i \.video[a-z0-9]?[a-z0-9]?\.blip\.tv\/(.*)\.(flv|avi|mov|mp3|m4v|mp4|wmv|rm|ram)
acl streaming url_regex -i video\.break\.com\/(.*)\.(flv|mp4)
acl streaming url_regex -i get_video\?video_id videodownload\?
acl streaming_dom dstdomain .mccont.com dl.redtube.com .cdn.dailymotion.com .youtube.com .googlevideo.com
cache allow streaming
cache allow streaming_dom


#################################################################
# HAVP + Clamav
#################################################################

cache_peer 127.0.0.1 parent 8080 0 no-query no-digest no-netdb-exchange default


#################################################################
# HIERARCHY (BYPASS CGI)
#################################################################

hierarchy_stoplist cgi-bin ? .js .jsp
acl QUERY urlpath_regex cgi-bin \? .js .jsp
no_cache deny QUERY


#################################################################
# SNMP
#################################################################

snmp_port 3401
acl snmpsquid snmp_community public
snmp_access allow snmpsquid localhost
snmp_access deny all


#################################################################
# ALLOWED ACCESS
#################################################################

acl persegi src 192.168.0.0/24  ## Sesuaikan
http_access allow persegi
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow persegi
icp_access allow localhost
icp_access deny all
always_direct deny all


#################################################################
# Cache CGI & Administrative # http://[ip-proxy]/cgi-bin/cachemgr.cgi
#################################################################

cache_mgr th@opikdesign.com
cachemgr_passwd 123456 all  ## sesuaikan
visible_hostname dns.persegi.net
cache_effective_user proxy
cache_effective_group proxy
coredump_dir /var/spool/squid
shutdown_lifetime 10 seconds
logfile_rotate 14


#################################################################
# Marking ZPH for b/w management
#################################################################

zph_mode tos
zph_local 0x04
zph_parent 0
zph_option 136

sekarang yg menjadi pertanyaan sy, apakah ada yg salah pada settingan saya ato ini merupakan bug di ubuntu jaunty?!

mohon pencerahannya para master squid dan proxy.....

Facebook OPiKdesign
http://badge.facebook.com/badge/100000147194199.279.411965916.png
* IT Consultant * Networking Specialist for Internet Cafe/HotSpot/SOHO * Maintenance * Graphic & Web Design, 3D Modeling & 2D/3D Animation * Hosting & Domain * email to: th@opikdesign.com

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

dulu pernah begitu juga tapi bukan yg versi server, tapi waktu itu belum sampai cek ke cache hit-nya, hanya di traffic webhtb yg kosong terus ... Ini setelah menjalankan automatic update ...

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

anto_DIGIT wrote:

dulu pernah begitu juga tapi bukan yg versi server, tapi waktu itu belum sampai cek ke cache hit-nya, hanya di traffic webhtb yg kosong terus ... Ini setelah menjalankan automatic update ...

trus... solusinya apa waktu itu menjadi kembali normal?!

Facebook OPiKdesign
http://badge.facebook.com/badge/100000147194199.279.411965916.png
* IT Consultant * Networking Specialist for Internet Cafe/HotSpot/SOHO * Maintenance * Graphic & Web Design, 3D Modeling & 2D/3D Animation * Hosting & Domain * email to: th@opikdesign.com

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

install ulang saja  ...

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

squidnya crash tu bang Opik..

Kalau Install ulang dan di upgrade dulu sebelum install squid gmn bang Opik??:)

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

xeon wrote:

squidnya crash tu bang Opik..

Kalau Install ulang dan di upgrade dulu sebelum install squid gmn bang Opik??:)

awalnya install dulu squid dan berjalan lama baru upgrade... ketemulah masalah...
terus sy coba di kompi lain, upgrade dulu baru install squid... masih bermasalah... sad

tapi sepertinya menemukan titik kecil terang...
sy coba merubah file /boot/grub/menu.lst agar booting ke kernel lama (Ubuntu 9.04, kernel 2.6.28-11-server) mulai mau HIT biarpun gak besar prosentase HIT-nya mungkin baru hidup...
sebelumnya pakai kernel 2.6.28-14-server bermasalah di squid-nya...

apakah ini sebuah sugesti yg gak pasti ato memang bener kernel terbaru membuat squid jalan gak normal?!

ataukah masalah filesystem yg dipakai cache?!, sedangkan sy dah coba pakai ext3, XFS dan RaiserFS...

ato masalah dimana?!

Facebook OPiKdesign
http://badge.facebook.com/badge/100000147194199.279.411965916.png
* IT Consultant * Networking Specialist for Internet Cafe/HotSpot/SOHO * Maintenance * Graphic & Web Design, 3D Modeling & 2D/3D Animation * Hosting & Domain * email to: th@opikdesign.com

7 (edited by xeon 03-08-2009 14:11:42)

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

Kalau dari penjelasan bang Opik, kelihatannya kernel baru yg membuat squid crash.
Saya belum mempunyai solusi bang Opik smile
Error log yg lengkap gmn bang Opik?

 aioSync: flushing pending I/O operations

Kelihatannya penghapusan proses yg pending karena squid crash, apakah ada informasi error yg lain bang Opik??harusnya sebelum "aioSync: flushing pending I/O operations"

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

bisa jalankan squid dalam mode debug bang opik?

#squid -NXd1

ada pesan2 error yang aneh nggak?

9 (edited by opikdesign 04-08-2009 08:39:17)

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

xeon wrote:

Kalau dari penjelasan bang Opik, kelihatannya kernel baru yg membuat squid crash.
Saya belum mempunyai solusi bang Opik smile
Error log yg lengkap gmn bang Opik?

 aioSync: flushing pending I/O operations

Kelihatannya penghapusan proses yg pending karena squid crash, apakah ada informasi error yg lain bang Opik??harusnya sebelum "aioSync: flushing pending I/O operations"

semuanya kayak gini... ada warning lainnya lagi....

2009/08/04 08:31:22| Starting Squid Cache version 2.7.STABLE3 for i386-debian-linux-gnu...
2009/08/04 08:31:22| Process ID 13913
2009/08/04 08:31:22| With 8192 file descriptors available
2009/08/04 08:31:22| Using epoll for the IO loop
2009/08/04 08:31:22| DNS Socket created at 0.0.0.0, port 34471, FD 6
2009/08/04 08:31:22| Adding nameserver 192.168.0.201 from squid.conf
2009/08/04 08:31:22| Adding nameserver 127.0.0.1 from squid.conf
2009/08/04 08:31:22| helperOpenServers: Starting 5 'ncsa_auth' processes
2009/08/04 08:31:22| User-Agent logging is disabled.
2009/08/04 08:31:22| Referer logging is disabled.
2009/08/04 08:31:22| logfileOpen: opening log /var/log/squid/access.log
2009/08/04 08:31:22| Swap maxSize 36864000 KB, estimated 2835692 objects
2009/08/04 08:31:22| Target number of buckets: 141784
2009/08/04 08:31:22| Using 262144 Store buckets
2009/08/04 08:31:22| Max Mem  size: 6144 KB
2009/08/04 08:31:22| Max Swap size: 36864000 KB
2009/08/04 08:31:22| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2009/08/04 08:31:22| logfileOpen: opening log /var/log/squid/store.log
2009/08/04 08:31:22| Rebuilding storage in /home/proxy1 (DIRTY)
2009/08/04 08:31:22| Rebuilding storage in /home/proxy2 (DIRTY)
2009/08/04 08:31:22| Rebuilding storage in /home/proxy3 (DIRTY)
2009/08/04 08:31:22| Using Least Load store dir selection
2009/08/04 08:31:22| Set Current Directory to /var/spool/squid
2009/08/04 08:31:22| Loaded Icons.
2009/08/04 08:31:22| Accepting transparently proxied HTTP connections at 0.0.0.0, port 3128, FD 19.
2009/08/04 08:31:22| Accepting ICP messages at 0.0.0.0, port 3130, FD 20.
2009/08/04 08:31:22| HTCP Disabled.
2009/08/04 08:31:22| Accepting SNMP messages on port 3401, FD 21.
2009/08/04 08:31:22| WCCP Disabled.
2009/08/04 08:31:22| Configuring 127.0.0.1 Parent 127.0.0.1/8080/0
2009/08/04 08:31:22| Ready to serve requests.
2009/08/04 08:31:44| Preparing for shutdown after 12 requests
2009/08/04 08:31:44| Waiting 10 seconds for active connections to finish
2009/08/04 08:31:44| FD 19 Closing HTTP connection
2009/08/04 08:31:44| Attempt to retrieve interface list failed: (9) Bad file descriptor
2009/08/04 08:31:44| Attempt to retrieve interface list failed: (9) Bad file descriptor
2009/08/04 08:31:44| Attempt to retrieve interface list failed: (9) Bad file descriptor
2009/08/04 08:31:46| Attempt to retrieve interface list failed: (9) Bad file descriptor
2009/08/04 08:31:46| Attempt to retrieve interface list failed: (9) Bad file descriptor
2009/08/04 08:31:46| Attempt to retrieve interface list failed: (9) Bad file descriptor
2009/08/04 08:31:48| Attempt to retrieve interface list failed: (9) Bad file descriptor
2009/08/04 08:31:48| Attempt to retrieve interface list failed: (9) Bad file descriptor
2009/08/04 08:31:48| Attempt to retrieve interface list failed: (9) Bad file descriptor
2009/08/04 08:31:48| Attempt to retrieve interface list failed: (9) Bad file descriptor
2009/08/04 08:31:48| Attempt to retrieve interface list failed: (9) Bad file descriptor
2009/08/04 08:31:56| Shutting down...
2009/08/04 08:31:56| FD 20 Closing ICP connection
2009/08/04 08:31:56| FD 21 Closing SNMP socket
2009/08/04 08:31:56| aioSync: flushing pending I/O operations
2009/08/04 08:31:56| aioSync: done
2009/08/04 08:31:56| aioSync: flushing pending I/O operations
2009/08/04 08:31:56| aioSync: done
2009/08/04 08:31:56| aioSync: flushing pending I/O operations
2009/08/04 08:31:56| aioSync: done
2009/08/04 08:31:56| Not currently OK to rewrite swap log.
2009/08/04 08:31:56| storeDirWriteCleanLogs: Operation aborted.
CPU Usage: 1.480 seconds = 0.280 user + 1.200 sys
Maximum Resident Size: 0 KB
Page faults with physical i/o: 0
Memory usage for squid via mallinfo():
    total space in arena:    5036 KB
    Ordinary blocks:         4883 KB    205 blks
    Small blocks:               0 KB      7 blks
    Holding blocks:          4972 KB      3 blks
    Free Small blocks:          0 KB
    Free Ordinary blocks:     152 KB
    Total in use:            9855 KB 98%
    Total free:               152 KB 2%
2009/08/04 08:31:56| aioSync: flushing pending I/O operations
2009/08/04 08:31:56| aioSync: done
2009/08/04 08:31:56| aioSync: flushing pending I/O operations
2009/08/04 08:31:56| aioSync: done
2009/08/04 08:31:56| aioSync: flushing pending I/O operations
2009/08/04 08:31:56| aioSync: done
2009/08/04 08:31:56| logfileClose: closing log /var/log/squid/store.log
2009/08/04 08:31:56| logfileClose: closing log /var/log/squid/access.log
2009/08/04 08:31:56| aioSync: flushing pending I/O operations
2009/08/04 08:31:56| aioSync: done
2009/08/04 08:31:56| aioSync: flushing pending I/O operations
2009/08/04 08:31:56| aioSync: done
2009/08/04 08:31:56| aioSync: flushing pending I/O operations
2009/08/04 08:31:56| aioSync: done
2009/08/04 08:31:56| Open FD WRITING      16 /var/log/squid/swap.state.00.new
2009/08/04 08:31:56| Open FD WRITING      17 /var/log/squid/swap.state.01.new
2009/08/04 08:31:56| Open FD WRITING      18 /var/log/squid/swap.state.02.new
2009/08/04 08:31:56| Squid Cache (Version 2.7.STABLE3): Exiting normally.
si_faisal wrote:

bisa jalankan squid dalam mode debug bang opik?

#squid -NXd1

ada pesan2 error yang aneh nggak?

pesan aneh?! sama aja seperti di cache.log.... panjang lagi....

Facebook OPiKdesign
http://badge.facebook.com/badge/100000147194199.279.411965916.png
* IT Consultant * Networking Specialist for Internet Cafe/HotSpot/SOHO * Maintenance * Graphic & Web Design, 3D Modeling & 2D/3D Animation * Hosting & Domain * email to: th@opikdesign.com

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

bang, coba cache nya di rebulid lagi, hapus semua file log dan swap

kemudian max filedesc nya biarkan default, di comment aja

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

si_faisal wrote:

bang, coba cache nya di rebulid lagi, hapus semua file log dan swap

kemudian max filedesc nya biarkan default, di comment aja

ok.... dicoba ntar aku report lagi setelah beberapa jam dilihat hasil HIT-nya paling gak ada HIT lah....

sebelum sudah dicoba mengkosongkan cache dan rebuilding cache tapi hasil masih nihil...

Facebook OPiKdesign
http://badge.facebook.com/badge/100000147194199.279.411965916.png
* IT Consultant * Networking Specialist for Internet Cafe/HotSpot/SOHO * Maintenance * Graphic & Web Design, 3D Modeling & 2D/3D Animation * Hosting & Domain * email to: th@opikdesign.com

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

kayak mas si_faisal dah nyerah juga yah setelah remote server2 ku?!.... big_smile
ayo jangan nyerah.... siapa tahu masalah yg sy hadapi nanti ketemu di situ... gak doa-in loh... hehehehe....

Facebook OPiKdesign
http://badge.facebook.com/badge/100000147194199.279.411965916.png
* IT Consultant * Networking Specialist for Internet Cafe/HotSpot/SOHO * Maintenance * Graphic & Web Design, 3D Modeling & 2D/3D Animation * Hosting & Domain * email to: th@opikdesign.com

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

dulu saja pernah, ubuntu diupdate semua sebelum squid diinstall, ternyata sudah langsung tdk jalan semua ....

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

kayaknya memang ada masalah squid di ubuntu.... tapi apa masalahnya?!

Facebook OPiKdesign
http://badge.facebook.com/badge/100000147194199.279.411965916.png
* IT Consultant * Networking Specialist for Internet Cafe/HotSpot/SOHO * Maintenance * Graphic & Web Design, 3D Modeling & 2D/3D Animation * Hosting & Domain * email to: th@opikdesign.com

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

mungkin ada celah scurity yg diperbaiki tapi malah bikin squid ga jalan ...

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

anto_DIGIT wrote:

mungkin ada celah scurity yg diperbaiki tapi malah bikin squid ga jalan ...

apa?! security?! itu mainin apa yah mas?! kayaknya sy pas buat firewall pakai iptables...
coba aku mo non aktifkan dulu deh...
ntar aku report lagi...

Facebook OPiKdesign
http://badge.facebook.com/badge/100000147194199.279.411965916.png
* IT Consultant * Networking Specialist for Internet Cafe/HotSpot/SOHO * Maintenance * Graphic & Web Design, 3D Modeling & 2D/3D Animation * Hosting & Domain * email to: th@opikdesign.com

17 (edited by opikdesign 22-08-2009 03:22:39)

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

Syukur alhamdulillah... akhirnya sy menemukan permasalahan squid yg tiba2 tidak mau HIT... sekedar sharing aja, penyebabnya karena refresh_pattern terlalu peka....

hanya dalam waktu 3 menit, akhirnya di warnet dan jaringan rt/rw-net langsung HIT 25%... berkah dan rahmat hari pertama menunggu makan sahur... coba lihat calamaris di webmin saya...

http://www.opikdesign.com/kios/HIT.jpg

terima kasih atas perhatian dan bantuan rekan2 semuanya terutama mas si_faisal yg sampai sudi mencoba compile dgn meremote beberapa server sy... smoga sharing sy ini berguna...

Facebook OPiKdesign
http://badge.facebook.com/badge/100000147194199.279.411965916.png
* IT Consultant * Networking Specialist for Internet Cafe/HotSpot/SOHO * Maintenance * Graphic & Web Design, 3D Modeling & 2D/3D Animation * Hosting & Domain * email to: th@opikdesign.com

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

Kl boleh tau, pemecahan nya gmn mas opik?

Thanks

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

Jexo wrote:

Kl boleh tau, pemecahan nya gmn mas opik?

Thanks

yah merubah pada refresh_pattern-nya aja... menjadi...

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern ^http:          720     90%     432000

refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|mpg|swf|flv|x-flv)$ 43200 90% 432000 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(deb|rpm|exe|ram|bin|pdf|ppt|doc|tiff)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(zip|gz|arj|lha|lzh|tar|tgz|cab|rar)$ 10080 95% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(php|asp|aspx|cgi|html|htm|css|js) 1440 40% 40320

refresh_pattern .               0       20%     4320
Facebook OPiKdesign
http://badge.facebook.com/badge/100000147194199.279.411965916.png
* IT Consultant * Networking Specialist for Internet Cafe/HotSpot/SOHO * Maintenance * Graphic & Web Design, 3D Modeling & 2D/3D Animation * Hosting & Domain * email to: th@opikdesign.com

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

opikdesign wrote:
Jexo wrote:

Kl boleh tau, pemecahan nya gmn mas opik?

Thanks

yah merubah pada refresh_pattern-nya aja... menjadi...

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern ^http:          720     90%     432000

refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|mpg|swf|flv|x-flv)$ 43200 90% 432000 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(deb|rpm|exe|ram|bin|pdf|ppt|doc|tiff)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(zip|gz|arj|lha|lzh|tar|tgz|cab|rar)$ 10080 95% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(php|asp|aspx|cgi|html|htm|css|js) 1440 40% 40320

refresh_pattern .               0       20%     4320

thanks atas pencerahan nya mas opik

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

Jexo wrote:
opikdesign wrote:
Jexo wrote:

Kl boleh tau, pemecahan nya gmn mas opik?

Thanks

yah merubah pada refresh_pattern-nya aja... menjadi...

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern ^http:          720     90%     432000

refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|mpg|swf|flv|x-flv)$ 43200 90% 432000 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(deb|rpm|exe|ram|bin|pdf|ppt|doc|tiff)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(zip|gz|arj|lha|lzh|tar|tgz|cab|rar)$ 10080 95% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(php|asp|aspx|cgi|html|htm|css|js) 1440 40% 40320

refresh_pattern .               0       20%     4320

thanks atas pencerahan nya mas opik

pak opik, mohon post setingan squid anda donk? refresh_pattern cuma itu saja atau ada lagi punya anda? untuk membandingakan yang ada saat ini di ubuntu saya mas,,, trimakasih

________________________________________
Magelang Jawatengah Indonesia go open source
http://forum.kliwon.linux.or.id/styles/subsilver2/imageset/site_logo.gif
Computer Club smile hardware, desktop, web, multymedia dan gametech

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

opikdesign wrote:
Jexo wrote:

Kl boleh tau, pemecahan nya gmn mas opik?

Thanks

yah merubah pada refresh_pattern-nya aja... menjadi...

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern ^http:          720     90%     432000

refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|mpg|swf|flv|x-flv)$ 43200 90% 432000 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(deb|rpm|exe|ram|bin|pdf|ppt|doc|tiff)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(zip|gz|arj|lha|lzh|tar|tgz|cab|rar)$ 10080 95% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(php|asp|aspx|cgi|html|htm|css|js) 1440 40% 40320

refresh_pattern .               0       20%     4320

Kang Opik, nanya dong...
kenapa ya proxy saya selalu TCP_MISS terus...?
squid.conf :

#######################################################
## SQUID 2.7 - High Performance Configuration
## ====================================================
##
## Updated:    Okt 1,2010
#######################################################
##start of config
http_port 3128 transparent
#server_http11 on
#icp_port 0
# cache_peer 203.128.88.193 parent 8910 0 no-query no-netdb-exchange no-digest

# File Squid
pid_filename /var/run/squid.pid
coredump_dir /var/spool/squid/
error_directory /usr/share/squid/errors/English
icon_directory /usr/share/squid/icons
mime_table /usr/share/squid/mime.conf
visible_hostname proxy

# Log Squid
access_log /var/log/squid/access.log
cache_log /dev/null
cache_store_log /dev/null

# Beberapa log yg tidak signifikan karena opsi2-nya jarang digunakan.
#log_fqdn off
#log_icp_queries off
#buffered_logs off
#emulate_httpd_log off

#===========================================================================
# TAG: FTP section
#---------------------------------------------------------------------------
# Selalu gunakan opsi ini untuk mengurangi beban trafik. FTP mode pasif
# menyebabkan client tidak berhubungan langsung dengan FTP Server tujuan
# dan menggunakan squid sebagai relay sehingga bandwidth utk koneksi FTP
# bisa dikontrol mungkin dengan kombinasi IP filtering (PF (BSD)/ IPTABLES).
#===========================================================================
ftp_list_width 32
ftp_passive on
ftp_sanitycheck on

#===================================================================
# TAG: ACL Section
#-------------------------------------------------------------------
# Allow local network(s) on interface(s)
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
#===================================================================
acl local src 192.168.0.0/22    # IP LOCAL (sesuaikan dg network juragan)
acl proxy src 192.168.10.0/24   # IP PROXY
acl khusus src 192.168.0.31 192.168.0.10 192.168.0.252 192.168.0.231 192.168.0.4 192.168.0.118

url_whitespace strip

#DNS NAMESERVER
dns_nameservers 192.168.10.1

cache_mem 8 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA

cache_dir aufs /home/squid-1 15000 32 256
cache_dir aufs /home/squid-2 15000 32 256
cache_dir aufs /home/squid-3 15000 32 256

minimum_object_size 0 bytes
maximum_object_size 1024 MB
offline_mode off
cache_swap_low 98
cache_swap_high 99

# Setup some default acls
acl all src 0.0.0.0/0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 81 210 280 443 488 563 591 631 777 901 3128 1025-65535
acl sslports port 443 563 81
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin \?
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports
# Always allow localhost connections
acl blokir dstdomain .e-buddy.com .facebook.com .friendster.com .games.co.id .meebo.com .omegle.com .plurk.com .twitter.com .mainmusik.com
acl larang dstdomain .4shared.com .enterupload.com .eramuslim.com .indowebster.com .youtube.com .mediafire.com
acl ilegal dstdomain .proxymice.com .windowsupdate.com .proxyfami.com
acl TIME time MTWHFA 7:15-18:00
acl TIME_PLUS time MTWHFA 9:00-19:00
http_access allow blokir khusus
http_access allow larang khusus
http_access deny blokir TIME
http_access deny larang TIME_plus
http_access deny ilegal
http_access allow localhost

# Allow local network(s) on interface(s)
http_access allow local
http_access allow proxy

# Default block all to be sure
http_access deny all
header_access X-Forwarded-For deny all
#follow_x_forwarded_for allow localnet
#follow_x_forwarded_for allow localhost
http_gzip on
http_gzip_types text/plain,text/html,text/xml,text/css,application/xml,application/xhtml+xml,application/rss+xml,application/javascript,application/x-javascript

#=====================================================
# TAG: ZPH
#=====================================================
tcp_outgoing_tos 0x30 local
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136

#====================================================
# TAG: STORE RULE
#====================================================
# Caching Youtube
acl videocache_allow_url url_regex -i \.youtube\.com\/get_video\?
acl videocache_allow_url url_regex -i \.youtube\.com\/videoplayback \.youtube\.com\/videoplay \.youtube\.com\/get_video\?
acl videocache_allow_url url_regex -i \.youtube\.[a-z][a-z]\/videoplayback \.youtube\.[a-z][a-z]\/videoplay \.youtube\.[a-z][a-z]\/get_video\?
acl videocache_allow_url url_regex -i \.googlevideo\.com\/videoplayback \.googlevideo\.com\/videoplay \.googlevideo\.com\/get_video\?
acl videocache_allow_url url_regex -i \.google\.com\/videoplayback \.google\.com\/videoplay \.google\.com\/get_video\?
acl videocache_allow_url url_regex -i \.google\.[a-z][a-z]\/videoplayback \.google\.[a-z][a-z]\/videoplay \.google\.[a-z][a-z]\/get_video\?
acl videocache_allow_url url_regex -i proxy[a-z0-9\-][a-z0-9][a-z0-9][a-z0-9]?\.dailymotion\.com\/
acl videocache_allow_url url_regex -i vid\.akm\.dailymotion\.com\/
acl videocache_allow_url url_regex -i [a-z0-9][0-9a-z][0-9a-z]?[0-9a-z]?[0-9a-z]?\.xtube\.com\/(.*)flv
acl videocache_allow_url url_regex -i \.vimeo\.com\/(.*)\.(flv|mp4)
acl videocache_allow_url url_regex -i va\.wrzuta\.pl\/wa[0-9][0-9][0-9][0-9]?
acl videocache_allow_url url_regex -i \.youporn\.com\/(.*)\.flv
acl videocache_allow_url url_regex -i \.msn\.com\.edgesuite\.net\/(.*)\.flv
acl videocache_allow_url url_regex -i \.tube8\.com\/(.*)\.(flv|3gp)
acl videocache_allow_url url_regex -i \.mais\.uol\.com\.br\/(.*)\.flv
acl videocache_allow_url url_regex -i \.blip\.tv\/(.*)\.(flv|avi|mov|mp3|m4v|mp4|wmv|rm|ram|m4v)
acl videocache_allow_url url_regex -i \.break\.com\/(.*)\.(flv|mp4)
acl videocache_allow_url url_regex -i redtube\.com\/(.*)\.flv
acl videocache_allow_dom dstdomain .mccont.com .metacafe.com .cdn.dailymotion.com
acl videocache_deny_dom  dstdomain .download.youporn.com .static.blip.tv
acl dontrewrite url_regex redbot\.org \.php
acl getmethod method GET

storeurl_access deny dontrewrite
storeurl_access deny !getmethod
storeurl_access deny videocache_deny_dom
storeurl_access allow videocache_allow_url
storeurl_access allow videocache_allow_dom
storeurl_access deny all

storeurl_rewrite_program /etc/squid/storeurl.pl
storeurl_rewrite_children 7
storeurl_rewrite_concurrency 10

#=========================================================
# TAG: Refresh Pattern
#=========================================================
# 1 year = 525600 mins, 1 month = 43200 mins, 1 day = 1440
#=========================================================
refresh_pattern (get_video\?|videoplayback\?|videodownload\?|\.flv?)    43200 999999% 43200 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale
refresh_pattern (get_video\?|videoplayback\?id|videoplayback.*id|videodownload\?|\.flv?)    43200 999999% 43200 ignore-no-cache ignore-no-store ignore-private override-expire override-lastmod reload-into-ims store-stale

refresh_pattern \.(ico|video-stats) 43200 999999% 43200 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth override-lastmod ignore-must-revalidate negative-ttl=10080 store-stale
refresh_pattern \.etology\?                                     43200 999999% 43200 override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern galleries\.video(\?|sz)                         43200 999999% 43200 override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern brazzers\?                                      43200 999999% 43200 override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern \.adtology\?                                    43200 999999% 43200 override-expire ignore-reload ignore-no-cache store-stale
refresh_pattern ^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 43200 20% 43200 ignore-no-cache ignore-no-store ignore-private override-expire ignore-reload ignore-auth ignore-must-revalidate store-stale negative-ttl=40320 max-stale=10
refresh_pattern ^.*safebrowsing.*google  43200 999999% 43200 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth ignore-must-revalidate negative-ttl=10080 store-stale
refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.uk)    43200 999999% 43200 override-expire ignore-reload ignore-private store-stale negative-ttl=10080
refresh_pattern ytimg\.com.*\.jpg                                       43200 999999% 43200 override-expire ignore-reload store-stale
refresh_pattern images\.friendster\.com.*\.(png|gif)                    43200 999999% 43200 override-expire ignore-reload store-stale
refresh_pattern garena\.com                                             43200 999999% 43200 override-expire reload-into-ims store-stale
refresh_pattern photobucket.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png)          43200 999999% 43200 override-expire ignore-reload store-stale
refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\?                     43200 999999% 43200 ignore-no-cache override-expire override-lastmod store-stale
refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png)    43200 999999% 43200 reload-into-ims override-expire ignore-private    store-stale
refresh_pattern ^http:\/\/images|pics|thumbs[0-9]\.                     43200 999999% 43200 reload-into-ims ignore-no-cache ignore-no-store ignore-reload override-expire store-stale
refresh_pattern ^http:\/\/www.onemanga.com.*\/                          43200 999999% 43200 reload-into-ims ignore-no-cache ignore-no-store ignore-reload override-expire store-stale
refresh_pattern ^http://v\.okezone\.com/get_video\/([a-zA-Z0-9]) 43200 999999% 43200 override-expire ignore-reload ignore-no-cache ignore-no-store ignore-private ignore-auth override-lastmod ignore-must-revalidate negative-ttl=10080 store-stale

# ANTI VIRUS
refresh_pattern guru.avg.com/.*\.(bin)                                  1440 999999% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
refresh_pattern (avgate|avira).*(idx|gz)$                               1440 999999% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
refresh_pattern kaspersky.*\.avc$                                       1440 999999% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
refresh_pattern kaspersky                                               1440 999999% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
refresh_pattern update.nai.com/.*\.(gem|zip|mcs)                        1440 999999% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
refresh_pattern ^http:\/\/liveupdate.symantecliveupdate.com.*\(zip)     1440 999999% 10080 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale

refresh_pattern windowsupdate.com/.*\.(cab|exe)                 10080  999999%  43200 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
refresh_pattern update.microsoft.com/.*\.(cab|exe)              10080  999999%  43200 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale
refresh_pattern download.microsoft.com/.*\.(cab|exe)            10080  999999%  43200 ignore-no-cache ignore-no-store ignore-reload  reload-into-ims store-stale

#images facebook
refresh_pattern -i \.facebook.com.*\.(jpg|png|gif)                      129600 999999% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-staleas.com.*\/                43200 99999% 129600 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale
refresh_pattern .kompasimages.com.*\.(jpg|gif|png|swf)          43200 99999% 129600 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale
refresh_pattern ^http:\/\/openx.kompas.com.*\/                  43200 99999% 129600 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale
refresh_pattern kaskus.\us.*\.(jp(e?g|e|2)|gif|png|swf)         43200 99999% 129600 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale
refresh_pattern ^http:\/\/img.kaskus.us.*\.(jpg|gif|png|swf)    43200 99999% 129600 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale

#IIX DOWNLOAD
refresh_pattern ^http:\/\/\.www[0-9][0-9]\.indowebster\.com\/(.*)(mp3|rar|zip|flv|wmv|3gp|mp(4|3)|exe|msi|zip) 43200 99999% 129600 reload-into-ims  ignore-reload override-expire ignore-no-cache ignore-no-store  store-stale ignore-auth

#All File
refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt)       43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar)  43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll)         43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale
refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 43200 999999% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale


refresh_pattern -i (/cgi-bin/|\?)  0  0%  0
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern ^ftp:           10080   95% 43200 override-lastmod reload-into-ims store-stale
refresh_pattern .               00     95% 43200 override-lastmod reload-into-ims store-stale

#=====================================================
# SNMP
#=====================================================
snmp_port 3401
acl snmppublic snmp_community public
snmp_access allow snmppublic localhost
snmp_access deny all

#==============================================
# TAG: Extra Tuning Configuration
#==============================================
header_access Accept-Encoding deny  all
client_persistent_connections off
server_persistent_connections on
half_closed_clients off
strip_query_terms off
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 100
vary_ignore_expire on
reload_into_ims on
pipeline_prefetch on
range_offset_limit 512 KB
read_timeout 30 minutes
client_lifetime 6 hours
negative_ttl 30 seconds
positive_dns_ttl 6 hours
negative_dns_ttl 60 seconds
pconn_timeout 15 seconds
request_timeout 1 minute
store_avg_object_size 13 KB
log_icp_queries off
ipcache_size 16384
ipcache_low 98
ipcache_high 99
log_fqdn off
fqdncache_size 16384
memory_pools off
forwarded_for on
logfile_rotate 3
store_dir_select_algorithm round-robin
cache_effective_user proxy
cache_effective_group proxy
max_filedescriptors 8192

##end of config

Re: Squid di Ubuntu Jaunty jadi TCP_MISS setelah upgrade...

opikdesign wrote:

yah merubah pada refresh_pattern-nya aja... menjadi...

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern ^http:          720     90%     432000

refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|mpg|swf|flv|x-flv)$ 43200 90% 432000 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(deb|rpm|exe|ram|bin|pdf|ppt|doc|tiff)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(zip|gz|arj|lha|lzh|tar|tgz|cab|rar)$ 10080 95% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(php|asp|aspx|cgi|html|htm|css|js) 1440 40% 40320

refresh_pattern .               0       20%     4320

sy udah nyoba yg dr mas topik tp kok ttep ga mau ngehit y mas ?
miss'y smp 99%...

ni conf yg sy bikin...
mohon pencerahan'y mas,mksh..

acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl lan src 192.168.5.0/25 192.168.5.128/25 ::1
#acl localnet src 192.168.5.0/25 # RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged)
acl SSL_ports port 443
acl Safe_ports port 80        # http
acl Safe_ports port 21        # ftp
acl Safe_ports port 443        # https
acl Safe_ports port 70        # gopher
acl Safe_ports port 210        # wais
acl Safe_ports port 1025-65535    # unregistered ports
acl Safe_ports port 280        # http-mgmt
acl Safe_ports port 488        # gss-http
acl Safe_ports port 591        # filemaker
acl Safe_ports port 777        # multiling http


acl *pr0m0* url_regex "/etc/squid3/pornourl.txt"
acl ads url_regex "/etc/squid3/denied_ads.txt"

# Some Youtube ACL's 
acl youtube dstdomain .youtube.com .googlevideo.com .video.google.com .video.google.com.au 
acl youtubeip dst 74.125.15.0/24 
acl youtubeip dst 64.15.0.0/16 
cache allow youtube 
cache allow youtubeip 

# These are from http://wiki.squid-cache.org/Features/StoreUrlRewrite 
#acl store_rewrite_list dstdomain mt.google.com mt0.google.com mt1.google.com mt2.google.com 
#acl store_rewrite_list dstdomain mt3.google.com 
#acl store_rewrite_list dstdomain kh.google.com kh0.google.com kh1.google.com kh2.google.com 
#acl store_rewrite_list dstdomain kh3.google.com 
#acl store_rewrite_list dstdomain kh.google.com.au kh0.google.com.au kh1.google.com.au 
#acl store_rewrite_list dstdomain kh2.google.com.au kh3.google.com.au 

# This needs to be narrowed down quite a bit! 
#acl store_rewrite_list dstdomain .youtube.com 
#storeurl_access allow store_rewrite_list 
#storeurl_access deny all 
#storeurl_rewrite_program /usr/local/bin/store_url_rewrite 

deny_info http://google.com *pr0m0*
deny_info http://labkom-elektro.co.cc/iklan/iklan.php ads

acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access deny *pr0m0*
http_access deny ads

#hosts_file /etc/hosts


http_access allow lan
http_access deny all
http_port 3128 transparent
hierarchy_stoplist cgi-bin ?

# YouTube options. 
#quick_abort_min -1 KB 

# This will block other streaming media. Maybe we don't want this, but using 
# it for now. 
#hierarchy_stoplist cgi-bin ? 
#acl QUERY urlpath_regex cgi-bin \? 
#cache deny QUERY 

access_log /var/log/squid3/access.log squid
cache_mem 6 MB 
cache_swap_low 98 #90
cache_swap_high 99 #95
cache_dir ufs /var/spool/squid3 1024 16 256
cache_log /var/log/squid3/cache.log

maximum_object_size 128 MB 
maximum_object_size_in_memory 32 KB 

ipcache_size 2048 
ipcache_low 98 
ipcache_high 99 

cache_replacement_policy heap LFUDA 
memory_replacement_policy heap GDSF

coredump_dir /var/spool/squid3
dns_nameservers 192.168.5.31
positive_dns_ttl 2 minute

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern ^http:          720     90%     432000

refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|mpg|swf|flv|x-flv)$ 43200 90% 432000 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(deb|rpm|exe|ram|bin|pdf|ppt|doc|tiff)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(zip|gz|arj|lha|lzh|tar|tgz|cab|rar)$ 10080 95% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(php|asp|aspx|cgi|html|htm|css|js) 1440 40% 40320

refresh_pattern .               0       20%     4320

#refresh_pattern \.gif 4320 50% 43200
#refresh_pattern \.jpg 4320 50% 43200
#refresh_pattern \.tif 4320 50% 43200
#refresh_pattern ^http://www.facebook.com/.* 720 100% 4320
#refresh_pattern ^http://mail.yahoo.com/.* 720 100% 4320
#refresh_pattern ^http://mail.google.com/.* 720 100% 4320
#refresh_pattern ^http://*.gmail.*/.* 720 100% 4320
#refresh_pattern ^http://www.gmail.com/.* 720 100% 4320
#refresh_pattern ^http://*.yahoo.*/.* 720 100% 4320
#refresh_pattern ^http://*.facebook.*/.* 720 100% 4320
#refresh_pattern ^http://www.yahoo.com/.* 720 100% 4320
#refresh_pattern ^ftp:        1440    20%    10080
#refresh_pattern ^gopher:    1440    0%    1440
#refresh_pattern -i (/cgi-bin/|\?) 0    0%    0
#refresh_pattern .        0    20%    4320
#refresh_pattern .        180    95%    120960 reload-into-ims override-lastmode

request_header_access Referer deny all
request_header_access X-Forwarded-For deny all 
request_header_access Via deny all 
request_header_access Cache-Control deny all
header_access Accept-Encoding deny all
visible_hostname squid.status@labkom-elektro.co.cc

#mematikan n merekonfigur squid
shutdown_lifetime 10 seconds
 
#meningkatkan refersh pattern
reload_into_ims on 
pipeline_prefetch on 
vary_ignore_expire on 

forwarded_for off