Advertisement
Guest User

squid.conf

a guest
Mar 1st, 2016
182
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.67 KB | None | 0 0
  1. # Kerberos Authentication (DOMAIN)
  2. auth_param negotiate program /usr/sbin/negotiate_kerberos_auth -s HTTP/sharky.main.varndean.ac.uk@MAIN.VARNDEAN.AC.UK
  3. auth_param negotiate children 20 startup=0 idle=1
  4. auth_param negotiate keep_alive on
  5.  
  6. # NTLM Authentication (WIFI)
  7. auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --domain=MAIN
  8. auth_param ntlm children 20 startup=0 idle=1
  9. auth_param ntlm keep_alive off # Needed for prompt logins to work
  10.  
  11. # Require proxy authentication
  12. acl auth proxy_auth REQUIRED
  13.  
  14. # MSSQL Block list
  15. url_rewrite_program /usr/local/bin/beached2
  16. url_rewrite_children 5 startup=0 idle=2
  17.  
  18. # Number of workers (SMP), mkdir /var/run/squid!!!!!!!
  19. workers 8
  20.  
  21. # Maximum open files
  22. max_filedesc 8192
  23.  
  24. # Internal IP networks from where browsing should be allowed
  25. acl localnet src 10.10.0.0/16
  26.  
  27. # ACL of all "safe" ports
  28. acl SSL_ports port 443
  29. acl Safe_ports port 80 # http
  30. acl Safe_ports port 21 # ftp
  31. acl Safe_ports port 443 # https
  32. acl Safe_ports port 70 # gopher
  33. acl Safe_ports port 210 # wais
  34. acl Safe_ports port 1025-65535 # unregistered ports
  35. acl Safe_ports port 280 # http-mgmt
  36. acl Safe_ports port 488 # gss-http
  37. acl Safe_ports port 591 # filemaker
  38. acl Safe_ports port 777 # multiling http
  39. acl CONNECT method CONNECT
  40.  
  41. # Proxy access rules
  42. http_access deny !Safe_ports
  43. http_access deny CONNECT !SSL_ports
  44. http_access allow localhost manager
  45. http_access deny manager
  46. http_access deny !auth
  47. http_access allow auth
  48. http_access deny all
  49.  
  50. # HTTP filtering port
  51. http_port 3128
  52.  
  53. # Try connecting to first 25 ips of a domain name
  54. forward_max_tries 25
  55.  
  56. # Memory cache
  57. cache_mem 512 MB
  58. maximum_object_size_in_memory 1024 KB
  59.  
  60. # Limit download to 500 overall, none for the subnet and 50 individual
  61. delay_pools 1
  62. delay_class 1 3
  63. delay_access 1 allow all
  64. delay_parameters 1 524288000/524288000 none 52428800/52428800
  65.  
  66. # Limit upload !!WORK IN PROGRESS!!
  67. client_delay_pools 1
  68. client_delay_access 1 allow all
  69. client_delay_parameters 1 52428800 52428800
  70.  
  71. # Leave coredumps in the first cache dir
  72. coredump_dir /var/cache/squid
  73.  
  74. # Log format
  75. logformat squid %>a %un %tl %rm %<st %Ss/%>Hs %ru %Sh/%<A %mt
  76.  
  77. # SNMP required settings
  78. snmp_port 3401
  79. acl snmppublic snmp_community public
  80. snmp_access allow snmppublic all
  81.  
  82. # Make squid shutdown faster
  83. shutdown_lifetime 3 seconds
  84.  
  85. # Add any of your own refresh_pattern entries above these.
  86. refresh_pattern ^ftp: 1440 20% 10080
  87. refresh_pattern ^gopher: 1440 0% 1440
  88. refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
  89. refresh_pattern . 0 20% 4320
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement