Pessoal não cbq ou htb para limitar a banda dos clientes ., utilizo o delay pools do próprio squid gostaria de saber se posso fazer cache full? abaixo segue o squid.conf ., como ficaram as regras no ipatbles nesse caso?
Existem linhas a serem acrescentadas para otimizar o uso squid?
O módulo zph ja foi aplicado.
#------------------------------------------------------------------------------
# NETWORK OPTIONS
# -----------------------------------------------------------------------------
http_port 3128 transparent
error_directory /usr/share/squid/errors/pt-br/
# OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM
# -----------------------------------------------------------------------------
# TAG: hierarchy_stoplist
#hierarchy_stoplist cgi-bin ?
# TAG: no_cache
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
# OPTIONS WHICH AFFECT THE CACHE SIZE
# -----------------------------------------------------------------------------
# TAG: cache_mem (bytes)
cache_mem 1000 MB
maximum_object_size_in_memory 32 kb
# TAG: cache_swap_low (percent, 0-100)
# TAG: cache_swap_high (percent, 0-100)
cache_swap_low 90
cache_swap_high 95
# TAG: maximum_object_size (bytes)
maximum_object_size 150 mb
maximum_object_size_in_memory 2048 kb
minimum_object_size 0 KB
# LOGFILE PATHNAMES AND CACHE DIRECTORIES
# -----------------------------------------------------------------------------
# TAG: cache_dir
cache_dir ufs /var/spool/squid 10048 16 256
# TAG: cache_access_log
cache_access_log /var/log/squid/access.log
# TAG: cache_log
cache_log /var/log/squid/cache.log
#Intervalos de tempos que o proxy verificara os arquivos dos site acessado
#conferem com o do cache, o valor 10080 significa aproximadamente 09 dias
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
#Mantendo objetos recentes e pequenos na memoria
memory_replacement_policy heap GDSF
acl shoutcast rep_header X-HTTP09-First-Line ^ICY\s[0-9]
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
# ACCESS CONTROLS
# -----------------------------------------------------------------------------
# TAG: acl
icp_port 0
acl all src 10.0.0.0/255.255.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl extensoes urlpath_regex -i "/etc/squid/extensoes.reg"
########################################################
# ACL´s para Portal CAPES
########################################################
acl portal_capes url_regex -i "/etc/squid/portalcapes.txt"
acl bandabaixa src "/etc/squid/bandabaixa"
acl bandamedia src "/etc/squid/bandamedia"
acl bandaalta src "/etc/squid/bandaalta"
# Delay Pools
delay_pools 3
delay_class 1 2
delay_class 2 2
delay_class 3 2
delay_access 1 allow bandabaixa
delay_access 2 allow bandamedia
delay_access 3 allow bandaalta
delay_parameters 1 -1/-1 8000/8000
delay_parameters 2 -1/-1 18000/18000
delay_parameters 3 -1/-1 52000/52000
# TAG: http_access
http_access allow manager localhost
http_access deny manager
http_access deny extensoes
http_access allow all
http_reply_access allow all
##########################################################
# Redirecionamento para o MCT
##########################################################
cache_peer prx.mct.gov.br parent 80 0 no-query
cache_peer_access prx.mct.gov.br allow portal_capes
always_direct allow !portal_capes
http_reply_access allow all portal_capes
# TAG: icp_access
icp_access allow all portal_capes
visible_hostname aruana
# MARCAR PACOTES TOS
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136