Advertisement
Guest User

Untitled

a guest
Oct 21st, 2012
794
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.20 KB | None | 0 0
  1. #
  2. # Recommended minimum configuration:
  3. #
  4. # Example rule allowing access from your local networks.
  5. # Adapt to list your (internal) IP networks from where browsing
  6. # should be allowed
  7. #acl all src all
  8. #acl localhost src 127.0.0.0/8
  9. visible_hostname "genTooBox"
  10. # Classes
  11. acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
  12. acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
  13. acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
  14. acl localnet src fc00::/7 # RFC 4193 local private network range
  15. acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
  16. acl localhost src 127.0.0.1/32 # Localhost
  17. acl lan src 172.16.0.0/24 # LAN where authorized clients reside
  18. acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 # Requests to localhost
  19. acl local_net src 192.168.1.1/24
  20. acl SSL_ports port 443 # https port
  21. acl Safe_ports port 80 21 443 # http, ftp, https ports
  22. acl CONNECT method CONNECT # SSL CONNECT method
  23.  
  24. # Only allow cachemgr access from localhost
  25. http_access allow manager localhost
  26. http_access deny manager
  27.  
  28. # Deny requests to unknown ports
  29. http_access deny !Safe_ports
  30.  
  31. # Deny CONNECT to other than SSL ports
  32. http_access deny CONNECT !SSL_ports
  33.  
  34. # Prevent access to local web applications from remote users
  35. http_access deny to_localhost
  36.  
  37. # Allow access from the local network
  38. http_access allow lan
  39. http_access allow local_net
  40. http_access allow localhost
  41.  
  42. # Default deny (this must be the last rule)
  43. http_access deny all
  44.  
  45.  
  46. # Squid normally listens to port 3128
  47. #http_port 192.168.1.1:3128 transparent
  48. http_port 127.0.0.1:3128
  49.  
  50. cache_mem 150 MB
  51.  
  52. cache_dir ufs /var/cache/squid 500 16 256
  53.  
  54. offline_mode off
  55.  
  56.  
  57. maximum_object_size 102400 KB
  58. reload_into_ims off
  59.  
  60. cache_effective_user squid
  61. cache_effective_group squid
  62.  
  63.  
  64. # Define the access log format
  65. logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt
  66.  
  67. # Log client request activities ('squid' is the name of the log format to use)
  68. access_log /var/log/squid/access.log squid
  69.  
  70. # Log information about the cache's behavior
  71. cache_log /var/log/squid/cache.log
  72.  
  73. # Log the activities of the storage manager
  74. cache_store_log /var/log/squid/store.log
  75.  
  76. # Uncomment and adjust the following to add a disk cache directory.
  77. #cache_dir ufs /var/cache/squid 100 16 256
  78.  
  79. always_direct allow all
  80. # Leave coredumps in the first cache dir
  81. coredump_dir /var/cache/squid
  82.  
  83. # Add any of your own refresh_pattern entries above these.
  84. refresh_pattern ^ftp: 1440 20% 10080
  85. refresh_pattern ^gopher: 1440 0% 1440
  86. refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
  87. refresh_pattern . 0 20% 4320
  88.  
  89. redirect_program /usr/bin/squidGuard
  90. redirect_children 5
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement