# NETWORK OPTIONS
# -----------------------------------------------------------------------------


http_port 211.211.211.211:80 transparent vhost vport

#
#cache_peer 211.100.59.59 parent 80 0 no-query originserver
#cache_peer 61.235.170.133 parent 80 3130 no-query no-netdb-exchange proxy-only
#cache_peer 211.101.21.114 parent 80 0  no-query originserver
#cache_peer 211.100.23.242 parent 80 0  no-query originserver
#cache_peer 61.135.120.233 parent 80 0  no-query originserver
#cache_peer 219.246.145.145 parent 80 0  no-query originserver

# OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM
# -----------------------------------------------------------------------------

hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
collapsed_forwarding on

# OPTIONS WHICH AFFECT THE CACHE SIZE
# -----------------------------------------------------------------------------
cache_mem 256 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 80 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
cache_replacement_policy lru
memory_replacement_policy lru

# LOGFILE PATHNAMES AND CACHE DIRECTORIES
# -----------------------------------------------------------------------------

#cache_dir ufs /Data/apps/squid/var/cache 1024 56 256
cache_dir ufs /Data/apps/squid/cache 4096 56 256
#access_log /Data/apps/squid/var/logs/access.log squid
cache_log /Data/apps/squid/var/logs/cache.log
emulate_httpd_log on
#cache_store_log /Data/apps/squid/var/logs/store.log
# pid_filename /Data/apps/squid/var/logs/squid.pid


# OPTIONS FOR EXTERNAL SUPPORT PROGRAMS
# -----------------------------------------------------------------------------

dns_children 5
#Recommended minimum configuration per scheme:
#auth_param negotiate program
#auth_param negotiate children 5
#auth_param negotiate keep_alive on
#auth_param ntlm program
#auth_param ntlm children 5
#auth_param ntlm keep_alive on
#auth_param digest program
#auth_param digest children 5
#auth_param digest realm Squid proxy-caching web server
#auth_param digest nonce_garbage_interval 5 minutes
#auth_param digest nonce_max_duration 30 minutes
#auth_param digest nonce_max_count 50
#auth_param basic program
#auth_param basic children 5

auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

# OPTIONS FOR TUNING THE CACHE
# -----------------------------------------------------------------------------

# request_header_max_size 20 KB
# request_body_max_size 0 KB

refresh_pattern ^ftp:        1440    20%    10080
refresh_pattern ^gopher:    1440    0%    1440
refresh_pattern .        0    20%    4320
quick_abort_min 0 KB
quick_abort_max 0 KB
# quick_abort_pct 95
# read_ahead_gap 16 KB
# negative_ttl 5 minutes
# refresh_stale_hit 0 seconds


# TIMEOUTS
# -----------------------------------------------------------------------------

forward_timeout 20 seconds
connect_timeout 15 seconds
# peer_connect_timeout 30 seconds
read_timeout 3 minutes
request_timeout 1 minutes
persistent_request_timeout 15 seconds
client_lifetime 15 minutes
half_closed_clients off
# pconn_timeout 120 seconds
# ident_timeout 10 seconds
shutdown_lifetime 5 seconds


# ADMINISTRATIVE PARAMETERS
# -----------------------------------------------------------------------------

cache_mgr [email][email protected][/email]
cache_effective_user squid
cache_effective_group squid
# httpd_suppress_version_string off
visible_hostname longrujun.name

# OPTIONS FOR THE CACHE REGISTRATION SERVICE
# ----------------------------------------------------------------------------


# HTTPD-ACCELERATOR OPTIONS
# -----------------------------------------------------------------------------

# httpd_accel_no_pmtu_disc off

# MISCELLANEOUS
# -----------------------------------------------------------------------------

logfile_rotate 0
 tcp_recv_bufsize 65535 bytes
# memory_pools on
# memory_pools_limit 5 MB
# via on
# forwarded_for on
# log_icp_queries on
# icp_hit_stale off
# minimum_direct_hops 4
# minimum_direct_rtt 400
# store_avg_object_size 13 KB
# store_objects_per_bucket 20
# client_db on
# netdb_low 900
# netdb_high 1000
# netdb_ping_period 5 minutes
# query_icmp off
# buffered_logs off
# reload_into_ims off
# global_internal_static on
# short_icon_urls off
error_directory /Data/apps/squid/share/errors/Simplify_Chinese
# maximum_single_addr_tries 1
# retry_on_error off

# DELAY POOL PARAMETERS (all require DELAY_POOLS compilation option)
# -----------------------------------------------------------------------------

# delay_initial_bucket_level 50
# max_open_disk_fds 0
# offline_mode off
# uri_whitespace strip
# nonhierarchical_direct on
# prefer_direct off
# coredump_dir none
coredump_dir /Data/apps/squid/cache
# redirector_bypass off
# ignore_unknown_nameservers on
# digest_generation on
# digest_bits_per_entry 5
# digest_rebuild_period 1 hour
# digest_swapout_chunk_size 4096 bytes
# digest_rebuild_chunk_percentage 10
client_persistent_connections off
server_persistent_connections on
# persistent_connection_after_error off
# detect_broken_pconn off
# balance_on_multiple_ip on
# pipeline_prefetch off
# request_entities off
# high_response_time_warning 0
# high_page_fault_warning 0
# high_memory_warning 0
# store_dir_select_algorithm least-load
# ie_refresh off
vary_ignore_expire on
# sleep_after_fork 0
# minimum_expiry_time 60 seconds
# relaxed_header_parser on
strip_query_terms on



# ACCESS CONTROLS
#---------------------------------------------------

acl OverConnLimit maxconn 20
http_access deny OverConnLimit


#acl AntiGoogle req_header User-Agent Googlespider
#http_access deny AntiGoogle

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255 10.10.10.0/24
acl Srvip   dst 211.100.99.0/24 211.100.100.0/24 61.135.100.0/24 60.195.200.159.0/24
acl Srvdm   dstdomain  .longrujun.name .hanlei.name .liuren.com .keso.cn
acl to_localhost dst 127.0.0.0/8 61.135.170.231/255.255.255.255
acl purgehost src   127.0.0.0/8 61.135.170.231/255.255.255.255
acl purgemethod method PURGE     
acl SSL_ports port 443 563
acl Safe_ports port 80          # http    
acl Safe_ports port 81          # http   
acl CONNECT method CONNECT       

always_direct allow Srvdm
never_direct allow !Srvdm
http_access allow manager localhost
http_access deny manager
http_access allow purgemethod purgehost
http_access deny !Safe_ports
http_access deny CONNECT all
http_access allow localhost
http_access allow Srvip
http_access allow Srvdm
http_access deny all
http_reply_access allow all
icp_access deny all
icp_port 0