API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 29th, 2016
135
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.33 KB | None | 0 0
raw download clone embed print report
  1. #
  2. # Recommended minimum configuration:
  3. #
  4.  
  5. # Example rule allowing access from your local networks.
  6. # Adapt to list your (internal) IP networks from where browsing
  7. # should be allowed
  8. acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
  9. acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
  10. acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
  11. acl localnet src fc00::/7 # RFC 4193 local private network range
  12. acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
  13.  
  14. acl SSL_ports port 443
  15. acl Safe_ports port 80 # http
  16. acl Safe_ports port 21 # ftp
  17. acl Safe_ports port 443 # https
  18. acl Safe_ports port 70 # gopher
  19. acl Safe_ports port 210 # wais
  20. acl Safe_ports port 1025-65535 # unregistered ports
  21. acl Safe_ports port 280 # http-mgmt
  22. acl Safe_ports port 488 # gss-http
  23. acl Safe_ports port 591 # filemaker
  24. acl Safe_ports port 777 # multiling http
  25. acl CONNECT method CONNECT
  26.  
  27. #
  28. # Recommended minimum Access Permission configuration:
  29. #
  30. # Deny requests to certain unsafe ports
  31. http_access deny !Safe_ports
  32.  
  33. # Deny CONNECT to other than secure SSL ports
  34. http_access deny CONNECT !SSL_ports
  35.  
  36. # Only allow cachemgr access from localhost
  37. http_access allow localhost manager
  38. http_access deny manager
  39.  
  40. # We strongly recommend the following be uncommented to protect innocent
  41. # web applications running on the proxy server who think the only
  42. # one who can access services on "localhost" is a local user
  43. #http_access deny to_localhost
  44.  
  45. #
  46. # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
  47. #
  48.  
  49. # Example rule allowing access from your local networks.
  50. # Adapt localnet in the ACL section to list your (internal) IP networks
  51. # from where browsing should be allowed
  52. http_access allow localnet
  53. http_access allow localhost
  54.  
  55. # And finally deny all other access to this proxy
  56. http_access deny all
  57.  
  58. # Squid normally listens to port 3128
  59. http_port 3128
  60.  
  61. # Uncomment and adjust the following to add a disk cache directory.
  62. #cache_dir ufs /var/cache/squid 100 16 256
  63.  
  64. # Leave coredumps in the first cache dir
  65. coredump_dir /var/cache/squid
  66.  
  67. #
  68. # Add any of your own refresh_pattern entries above these.
  69. #
  70. refresh_pattern ^ftp: 1440 20% 10080
  71. refresh_pattern ^gopher: 1440 0% 1440
  72. refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
  73. refresh_pattern . 0 20% 4320
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!