Home Verkennen Help
Inloggen
Leobots
/
mdd
4
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Boom: f3628f8cab
Aftakkingen Labels
mdd
/
thirdparty
/
cpp-httplib
/
test
/
proxy
/
basic_squid.conf

basic_squid.conf 2.7 KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081 
  1. #
    2. 

  2. # Recommended minimum configuration:
    3. 

  3. #
    4. 

  4. 

  5. # Example rule allowing access from your local networks.
    6. 

  6. # Adapt to list your (internal) IP networks from where browsing
    7. 

  7. # should be allowed
    8. 

  8. acl localnet src 0.0.0.1-0.255.255.255	# RFC 1122 "this" network (LAN)
    9. 

  9. acl localnet src 10.0.0.0/8		# RFC 1918 local private network (LAN)
    10. 

  10. acl localnet src 100.64.0.0/10		# RFC 6598 shared address space (CGN)
    11. 

  11. acl localnet src 169.254.0.0/16 	# RFC 3927 link-local (directly plugged) machines
    12. 

  12. acl localnet src 172.16.0.0/12		# RFC 1918 local private network (LAN)
    13. 

  13. acl localnet src 192.168.0.0/16		# RFC 1918 local private network (LAN)
    14. 

  14. acl localnet src fc00::/7       	# RFC 4193 local private network range
    15. 

  15. acl localnet src fe80::/10      	# RFC 4291 link-local (directly plugged) machines
    16. 

  16. 

  17. acl SSL_ports port 443
    18. 

  18. acl Safe_ports port 80		# http
    19. 

  19. acl Safe_ports port 21		# ftp
    20. 

  20. acl Safe_ports port 443		# https
    21. 

  21. acl Safe_ports port 70		# gopher
    22. 

  22. acl Safe_ports port 210		# wais
    23. 

  23. acl Safe_ports port 1025-65535	# unregistered ports
    24. 

  24. acl Safe_ports port 280		# http-mgmt
    25. 

  25. acl Safe_ports port 488		# gss-http
    26. 

  26. acl Safe_ports port 591		# filemaker
    27. 

  27. acl Safe_ports port 777		# multiling http
    28. 

  28. acl CONNECT method CONNECT
    29. 

  29. 

  30. auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd
    31. 

  31. auth_param basic realm proxy
    32. 

  32. acl authenticated proxy_auth REQUIRED
    33. 

  33. http_access allow authenticated
    34. 

  34. 

  35. #
    36. 

  36. # Recommended minimum Access Permission configuration:
    37. 

  37. #
    38. 

  38. # Deny requests to certain unsafe ports
    39. 

  39. http_access deny !Safe_ports
    40. 

  40. 

  41. # Deny CONNECT to other than secure SSL ports
    42. 

  42. http_access deny CONNECT !SSL_ports
    43. 

  43. 

  44. # Only allow cachemgr access from localhost
    45. 

  45. http_access allow localhost manager
    46. 

  46. http_access deny manager
    47. 

  47. 

  48. # We strongly recommend the following be uncommented to protect innocent
    49. 

  49. # web applications running on the proxy server who think the only
    50. 

  50. # one who can access services on "localhost" is a local user
    51. 

  51. #http_access deny to_localhost
    52. 

  52. 

  53. #
    54. 

  54. # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
    55. 

  55. #
    56. 

  56. 

  57. # Example rule allowing access from your local networks.
    58. 

  58. # Adapt localnet in the ACL section to list your (internal) IP networks
    59. 

  59. # from where browsing should be allowed
    60. 

  60. http_access allow localnet
    61. 

  61. http_access allow localhost
    62. 

  62. 

  63. # And finally deny all other access to this proxy
    64. 

  64. http_access deny all
    65. 

  65. 

  66. # Squid normally listens to port 3128
    67. 

  67. http_port 3128
    68. 

  68. 

  69. # Uncomment and adjust the following to add a disk cache directory.
    70. 

  70. #cache_dir ufs /var/spool/squid 100 16 256
    71. 

  71. 

  72. # Leave coredumps in the first cache dir
    73. 

  73. coredump_dir /var/spool/squid
    74. 

  74. 

  75. #
    76. 

  76. # Add any of your own refresh_pattern entries above these.
    77. 

  77. #
    78. 

  78. refresh_pattern ^ftp:		1440	20%	10080
    79. 

  79. refresh_pattern ^gopher:	1440	0%	1440
    80. 

  80. refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
    81. 

  81. refresh_pattern .		0	20%	4320
    82.