Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # cat /etc/squid/squid.conf
- visible_hostname gateway
- cache_effective_user nobody
- #cache_peer 192.168.0.1 parent 3128 0 no-query default
- #cache_peer 192.168.0.1 parent 3129 0 no-query default
- http_port 192.168.1.22:3129 tproxy
- http_port 192.168.1.22:3128
- #http_port 192.168.0.1:3129 tproxy
- icp_port 0
- #Не кешировать скрипты
- acl QUERY urlpath_regex cgi-bin
- no_cache deny QUERY
- #cache_mem 32MB
- #Путь к директории кеша и его размер(1000)
- cache_dir ufs /var/spool/squid/cache 5000 16 256
- #Путь к лог-файлу доступа к SQUID(Статистика работы через SQUID)
- cache_access_log /var/log/squid/access.log
- #Путь к лог-файлу SQUID - в нем события запуска SQUID и дочерних программ
- cache_log /var/log/squid/cache.log
- #Ротация логов
- logfile_rotate 30
- #Таблица MIME-типов для SQUID
- mime_table /etc/squid/mime.conf
- #PID-файл SQUID
- pid_filename /var/run/squid.pid
- #Пользователь для анонимного доступа к FTP
- ftp_user anonymous@asdf
- #SQUID формирует страницу с папками на FTP - этот параметр - кол-во папок
- ftp_list_width 32
- #Пассивный режим FTP
- ftp_passive on
- #Проверка подлинности FTP
- ftp_sanitycheck on
- #Адрес(а) DNS сервера(ов)
- #dns_nameservers 10.30.1.11
- dns_nameservers 127.0.0.1
- #Стандартные ACL
- #acl all src 0.0.0.0/0.0.0.0 #Все
- acl manager proto cache_object
- acl localhost src 127.0.0.1/32 ::1 #Адрес localhost
- acl SSL_ports port 443 563 #Порты SSL
- acl SMTP port 25 #Для защиты от спама ;) Оказывается SQUID может делать relay
- #Служебные ACL
- acl Safe_ports port 80 # http
- acl Safe_ports port 8080 # http
- acl Safe_ports port 2082 # cpanel
- acl Safe_ports port 21 # ftp
- acl Safe_ports port 443 563 # https, snews
- acl Safe_ports port 777 # multiling http
- acl CONNECT method CONNECT
- acl allNet src 192.168.1.1-192.168.1.254
- acl routers src 192.168.1.50-192.168.1.59
- acl school src 192.168.1.100-192.168.1.120
- acl school-room src 192.168.1.31-192.168.1.60
- acl room1- src 192.168.1.100-192.168.1.205
- acl uchitelskaiy src 192.168.1.110
- # Список доменов, доступных школьникам
- acl GoodSites dstdomain "/etc/squid/goodsites.lst"
- # Список запрещенных сайтов
- acl BlackList dstdomain "/etc/squid/blacklist.lst"
- # .squid.lan .mozilla.com .i-rs.ru .mozilla.org .freepascal.org .freepascal.ru .joomla.ru .joomlaportal.ru .google.ru .google.com .gmail.com .mail.ru .yandex.ru .presnenskiypark.ru dp-presnenskiy.ru .presnenskiypark.lan .kidsworld.ru .3dmax.com .blender.org .wikisource.org .wikiquote.org .wiktionary.org .wikimedia.org .wikipedia.org .blender3d.org.ua .rambler.ru 192.168.0.1 127.0.0.1 .htmlbook.ru .openoffice.org .gwdg.de
- acl BadRegex url_regex -i foto\. photo\. video\.
- acl Files url_regex -i \.avi$ \.rar$ \.zip$ \.mpg$ \.swf$ \.mp3$ \.exe \.wma \.wmv \.asf
- #http_access deny room2-2 BadRegex
- #http_access deny room2-2 Files
- #http_access allow room2-2 GoodSites
- #http_access deny room2-2 all
- #http_access deny reserv BadRegex
- #http_access deny reserv Files
- #http_access allow reserv GoodSites
- #http_access deny reserv all
- #http_access deny school-room BadRegex
- #http_access deny school-room Files
- #http_access allow school-room GoodSites
- http_access allow school-room all
- http_access allow room1-
- http_access deny !Safe_ports
- http_access deny SMTP
- #http_access deny allNet BlackList
- #http_access allow all
- http_access allow allNet
- #http_access deny all
- #Каталог со страницами неполадок SQUID
- error_directory /usr/share/squid/errors/ru
- refresh_pattern -i \.gif$ 43200 100% 43200 override-lastmod override-expire
- refresh_pattern -i \.png$ 43200 100% 43200 override-lastmod override-expire
- refresh_pattern -i \.jpg$ 43200 100% 43200 override-lastmod override-expire
- refresh_pattern -i \.jpeg$ 43200 100% 43200 override-lastmod override-expire
- refresh_pattern -i \.pdf$ 43200 100% 43200 override-lastmod override-expire
- refresh_pattern -i \.zip$ 43200 100% 43200 override-lastmod override-expire
- refresh_pattern -i \.tar$ 43200 100% 43200 override-lastmod override-expire
- refresh_pattern -i \.gz$ 43200 100% 43200 override-lastmod override-expire
- refresh_pattern -i \.tgz$ 43200 100% 43200 override-lastmod override-expire
- refresh_pattern -i \.exe$ 43200 100% 43200 override-lastmod override-expire
- refresh_pattern -i \.prz$ 43200 100% 43200 override-lastmod override-expire
- refresh_pattern -i \.ppt$ 43200 100% 43200 override-lastmod override-expire
- refresh_pattern -i \.inf$ 43200 100% 43200 override-lastmod override-expire
- refresh_pattern -i \.swf$ 43200 100% 43200 override-lastmod override-expire
- refresh_pattern -i \.mid$ 43200 100% 43200 override-lastmod override-expire
- refresh_pattern -i \.wav$ 43200 100% 43200 override-lastmod override-expire
- refresh_pattern -i \.mp3$ 43200 100% 43200 override-lastmod override-expire
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement