port 3128,80,8080 dari klient telah didirect oleh mikrotik-box ke squid-box
adapun isi dari squid.conf adalah sbb :

# oleh masedewe
http_port 3128
icp_port 3328
udp_incoming_address 0.0.0.0
udp_outgoing_address 0.0.0.0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 12 MB
cache_swap_low 98
cache_swap_high 99
maximum_object_size 128 MB
maximum_object_size_in_memory 32 KB
ipcache_size 2048
ipcache_low 98
ipcache_high 99
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_dir aufs /cache1 7000 8 256
cache_dir aufs /cache2 7000 8 256
cache_dir aufs /cache3 7000 8 256
log_fqdn off
log_icp_queries off
cache_log none
cache_store_log none
emulate_httpd_log on
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
quick_abort_min 0
quick_abort_max 0
quick_abort_pct 98
negative_ttl 1 minutes
half_closed_clients off
read_timeout 5 minutes
request_timeout 1 minutes
client_lifetime 360 minutes
shutdown_lifetime 10 seconds
memory_pools off
icp_hit_stale on
query_icmp on
reload_into_ims on
pipeline_prefetch on
vary_ignore_expire on
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl lan src 0.0.0.0/0.0.0.0
acl to_localhost dst 127.0.0.0/8
acl PURGE method PURGE
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl buggy_server url_regex ^http://www.hmmmm.cez
broken_posts allow buggy_server
http_access allow manager lan
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow PURGE localhost
http_access deny PURGE
http_access allow localhost
http_access allow lan
http_access deny all
http_reply_access allow all
icp_access allow lan
icp_access deny all
miss_access allow all
cache_mgr NESOL.NGAWI
cache_effective_user netsol
cache_effective_group netsol
visible_hostname proxy1.netsol.ngawi
unique_hostname proxy2.netsol.ngawi
logfile_rotate 1
forwarded_for off
log_icp_queries off
buffered_logs on
client_db off
strip_query_terms off
icon_directory /usr/share/squid/icons
error_directory /usr/share/squid/errors/English
wccp_router 0.0.0.0
offline_mode off
coredump_dir /var/spool/squid