API tools faq
paste
Advertisement
Guest User

squid.conf

a guest
Mar 1st, 2016
165
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.67 KB | None | 0 0
raw download clone embed print report
  1. # Kerberos Authentication (DOMAIN)
  2. auth_param negotiate program /usr/sbin/negotiate_kerberos_auth -s HTTP/sharky.main.varndean.ac.uk@MAIN.VARNDEAN.AC.UK
  3. auth_param negotiate children 20 startup=0 idle=1
  4. auth_param negotiate keep_alive on
  5.  
  6. # NTLM Authentication (WIFI)
  7. auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --domain=MAIN
  8. auth_param ntlm children 20 startup=0 idle=1
  9. auth_param ntlm keep_alive off # Needed for prompt logins to work
  10.  
  11. # Require proxy authentication
  12. acl auth proxy_auth REQUIRED
  13.  
  14. # MSSQL Block list
  15. url_rewrite_program /usr/local/bin/beached2
  16. url_rewrite_children 5 startup=0 idle=2
  17.  
  18. # Number of workers (SMP), mkdir /var/run/squid!!!!!!!
  19. workers 8
  20.  
  21. # Maximum open files
  22. max_filedesc 8192
  23.  
  24. # Internal IP networks from where browsing should be allowed
  25. acl localnet src 10.10.0.0/16
  26.  
  27. # ACL of all "safe" ports
  28. acl SSL_ports port 443
  29. acl Safe_ports port 80 # http
  30. acl Safe_ports port 21 # ftp
  31. acl Safe_ports port 443 # https
  32. acl Safe_ports port 70 # gopher
  33. acl Safe_ports port 210 # wais
  34. acl Safe_ports port 1025-65535 # unregistered ports
  35. acl Safe_ports port 280 # http-mgmt
  36. acl Safe_ports port 488 # gss-http
  37. acl Safe_ports port 591 # filemaker
  38. acl Safe_ports port 777 # multiling http
  39. acl CONNECT method CONNECT
  40.  
  41. # Proxy access rules
  42. http_access deny !Safe_ports
  43. http_access deny CONNECT !SSL_ports
  44. http_access allow localhost manager
  45. http_access deny manager
  46. http_access deny !auth
  47. http_access allow auth
  48. http_access deny all
  49.  
  50. # HTTP filtering port
  51. http_port 3128
  52.  
  53. # Try connecting to first 25 ips of a domain name
  54. forward_max_tries 25
  55.  
  56. # Memory cache
  57. cache_mem 512 MB
  58. maximum_object_size_in_memory 1024 KB
  59.  
  60. # Limit download to 500 overall, none for the subnet and 50 individual
  61. delay_pools 1
  62. delay_class 1 3
  63. delay_access 1 allow all
  64. delay_parameters 1 524288000/524288000 none 52428800/52428800
  65.  
  66. # Limit upload !!WORK IN PROGRESS!!
  67. client_delay_pools 1
  68. client_delay_access 1 allow all
  69. client_delay_parameters 1 52428800 52428800
  70.  
  71. # Leave coredumps in the first cache dir
  72. coredump_dir /var/cache/squid
  73.  
  74. # Log format
  75. logformat squid %>a %un %tl %rm %<st %Ss/%>Hs %ru %Sh/%<A %mt
  76.  
  77. # SNMP required settings
  78. snmp_port 3401
  79. acl snmppublic snmp_community public
  80. snmp_access allow snmppublic all
  81.  
  82. # Make squid shutdown faster
  83. shutdown_lifetime 3 seconds
  84.  
  85. # Add any of your own refresh_pattern entries above these.
  86. refresh_pattern ^ftp: 1440 20% 10080
  87. refresh_pattern ^gopher: 1440 0% 1440
  88. refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
  89. refresh_pattern . 0 20% 4320
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!