ok again i filter out most of the squid conf with this minimum config should i get any static img or anything as hit or not caus i dont get any i test on squid 3.5.8 and up same think via off forwarded_for off # should be allowed acl localnet src 10.2.3.0/24 acl localnet src 10.2.2.0/24 acl localnet src 10.3.2.0/24 acl localnet src 10.4.4.0/24 #http_access deny all acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT # STOREID ACCESS LIST acl domaincache dstdomain .dailymotion.com cache allow domaincache http_access deny !Safe_ports # Deny CONNECT to other than secure SSL ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access allow localnet http_access allow manager # And finally deny all other access to this proxy http_access allow all http_port 8079 http_port 8080 accel vhost allow-direct store_dir_select_algorithm least-load cache_dir aufs /mnt/sdb 500000 26 256 cache_dir aufs /mnt/sdc 500000 26 256 memory_pools off memory_pools_limit 4 GB cache_mem 5 GB #maximum_object_size_in_memory 64 KB maximum_object_size_in_memory 2048 KB minimum_object_size 1 KB maximum_object_size 3 GB cache_swap_low 98 cache_swap_high 99 logfile_rotate 0 cache_store_log none access_log daemon:/var/log/squid3/access.log !CONNECT cache_log /var/log/squid3/cache.log # FILES TYPE refresh_pattern -i \.(exe|crx|esd)(\?|\/\?) 10080 100% 799000 override-expire override-lastmod ignore-reload ignore-no-store ignore-private ignore-auth ignore-must-revalidate store-stale reload-into-ims refresh_pattern -i \.(3gp|m1v|ace|web(m|p|a)|m2(v|p)|swf|dat|cup|dvr-ms|ram|avi|mk(a|v)|vob|wm(a|v)|flv|x-flv|JPG) 10080 100% 129600 override-expire override-lastmod ignore-reload ignore-no-store ignore-private ignore-auth ignore-must-revalidate store-stale reload-into-ims refresh_pattern -i \.(m3u8|jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|mp(e?g|a|e|1|2|3|4)|deb|ad|f4(f|v)|abst|dll) 10080 100% 129600 override-expire override-lastmod ignore-reload ignore-no-store ignore-private ignore-auth ignore-must-revalidate store-stale reload-into-ims refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|7z|asx|mo(d|v)|arj|lha|lzh|zip|tar|pak|cup|ipa|apk) 10080 100% 43800 override-expire override-lastmod ignore-reload ignore-no-store ignore-private ignore-auth ignore-must-revalidate store-stale refresh_pattern -i \.(rpm|ac4|bin|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|inc|cod|jad|txt) 10080 100% 43800 override-expire override-lastmod ignore-reload ignore-no-store ignore-private ignore-auth ignore-must-revalidate store-stale refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|cab|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|qt|vpx) 10080 100% 43800 override-expire override-lastmod ignore-reload ignore-no-store ignore-private ignore-auth ignore-must-revalidate store-stale refresh_pattern -i .(html|htm|css|js|xml)$ 1440 75% 40320 refresh_pattern -i .index.(html|htm)$ 0 75% 43800 refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/\?) 0 0% 0 refresh_pattern . 0 20% 4320 cache_effective_user proxy cache_effective_group proxy visible_hostname xcache unique_hostname xcache dns_nameservers 8.8.8.8 8.8.4.4 4.2.2.4 shutdown_lifetime 10 second icp_port 0 htcp_port 0 check_hostnames off memory_replacement_policy heap GDSF cache_replacement_policy heap LFUDA forward_timeout 240 seconds connect_timeout 60 seconds #read_timeout 15 minute peer_connect_timeout 30 seconds read_timeout 600 second request_timeout 60 second ipcache_size 16384 ipcache_low 98 ipcache_high 99 ipcache_size 2048 ipcache_low 98 ipcache_high 99 quick_abort_min 0 quick_abort_max 0 quick_abort_pct 100 fqdncache_size 16384 icp_hit_stale on query_icmp off strip_query_terms off retry_on_error on check_hostnames off minimum_expiry_time 0 seconds positive_dns_ttl 6 hour negative_dns_ttl 60 second half_closed_clients off memory_pools off reload_into_ims on store_avg_object_size 82 KB client_db on max_filedescriptors 32768 # QoS MARKING qos_flows local-hit=0x30 tcp_outgoing_tos 0x30 all -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/acl-Question-tp4673648p4673649.html Sent from the Squid - Users mailing list archive at Nabble.com. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
