Want more features on Pastebin? Sign Up, it's FREE!
Guest

Untitled

By: a guest on Oct 21st, 2012  |  syntax: None  |  size: 3.20 KB  |  views: 66  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. #
  2. # Recommended minimum configuration:
  3. #
  4. # Example rule allowing access from your local networks.
  5. # Adapt to list your (internal) IP networks from where browsing
  6. # should be allowed
  7. #acl  all           src    all  
  8. #acl  localhost     src    127.0.0.0/8
  9. visible_hostname "genTooBox"
  10. # Classes
  11. acl  localnet      src         10.0.0.0/8                        # RFC1918 possible internal network
  12. acl  localnet      src         172.16.0.0/12                     # RFC1918 possible internal network
  13. acl  localnet      src         192.168.0.0/16                    # RFC1918 possible internal network
  14. acl  localnet      src         fc00::/7                          # RFC 4193 local private network range
  15. acl  localnet      src         fe80::/10                         # RFC 4291 link-local (directly plugged) machines
  16. acl  localhost     src         127.0.0.1/32                      # Localhost
  17. acl  lan           src         172.16.0.0/24                     # LAN where authorized clients reside
  18. acl  to_localhost  dst         127.0.0.0/8 0.0.0.0/32            # Requests to localhost
  19. acl  local_net     src         192.168.1.1/24
  20. acl  SSL_ports     port        443                               # https port
  21. acl  Safe_ports    port        80 21 443                         # http, ftp, https ports
  22. acl  CONNECT       method      CONNECT                           # SSL CONNECT method
  23.  
  24. # Only allow cachemgr access from localhost
  25. http_access  allow  manager localhost
  26. http_access  deny   manager
  27.  
  28. # Deny requests to unknown ports
  29. http_access  deny   !Safe_ports
  30.  
  31. # Deny CONNECT to other than SSL ports
  32. http_access  deny   CONNECT !SSL_ports
  33.  
  34. # Prevent access to local web applications from remote users
  35. http_access  deny   to_localhost
  36.  
  37. # Allow access from the local network
  38. http_access  allow  lan
  39. http_access  allow local_net
  40. http_access  allow localhost
  41.  
  42. # Default deny (this must be the last rule)
  43. http_access  deny   all
  44.  
  45.  
  46. # Squid normally listens to port 3128
  47. #http_port 192.168.1.1:3128 transparent
  48. http_port 127.0.0.1:3128
  49.  
  50. cache_mem 150 MB
  51.  
  52. cache_dir ufs /var/cache/squid 500 16 256
  53. cache_mgr   genTooBox@moptund.com
  54.  
  55. offline_mode off
  56.  
  57.  
  58. maximum_object_size 102400 KB
  59. reload_into_ims off
  60.  
  61. cache_effective_user    squid
  62. cache_effective_group   squid
  63.  
  64. ftp_user    genTooBox@moptund.com
  65.  
  66. # Define the access log format
  67. logformat squid  %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt
  68.  
  69. # Log client request activities ('squid' is the name of the log format to use)
  70. access_log       /var/log/squid/access.log squid
  71.  
  72. # Log information about the cache's behavior
  73. cache_log        /var/log/squid/cache.log
  74.  
  75. # Log the activities of the storage manager
  76. cache_store_log  /var/log/squid/store.log
  77.  
  78. # Uncomment and adjust the following to add a disk cache directory.
  79. #cache_dir ufs /var/cache/squid 100 16 256
  80.  
  81. always_direct allow all
  82. # Leave coredumps in the first cache dir
  83. coredump_dir /var/cache/squid
  84.  
  85. # Add any of your own refresh_pattern entries above these.
  86. refresh_pattern ^ftp:           1440    20%     10080
  87. refresh_pattern ^gopher:        1440    0%      1440
  88. refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
  89. refresh_pattern .               0       20%     4320
  90.  
  91. redirect_program /usr/bin/squidGuard
  92. redirect_children 5
clone this paste RAW Paste Data