Advertisement
Guest User

Untitled

a guest
Mar 8th, 2013
522
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.20 KB | None | 0 0
  1. #
  2. # Recommended minimum configuration:
  3. #
  4.  
  5. # Example rule allowing access from your local networks.
  6. # Adapt to list your (internal) IP networks from where browsing
  7. # should be allowed
  8. acl localnet src 10.0.0.0/24 # RFC1918 possible internal network
  9. #acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
  10. #acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
  11. #acl localnet src fc00::/7 # RFC 4193 local private network range
  12. #acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
  13.  
  14. acl SSL_ports port 443
  15. acl Safe_ports port 80 # http
  16. acl Safe_ports port 21 # ftp
  17. acl Safe_ports port 443 # https
  18. acl Safe_ports port 70 # gopher
  19. acl Safe_ports port 210 # wais
  20. acl Safe_ports port 1025-65535 # unregistered ports
  21. acl Safe_ports port 280 # http-mgmt
  22. acl Safe_ports port 488 # gss-http
  23. acl Safe_ports port 591 # filemaker
  24. acl Safe_ports port 777 # multiling http
  25. acl CONNECT method CONNECT
  26.  
  27. #
  28. # Recommended minimum Access Permission configuration:
  29. #
  30. # Only allow cachemgr access from localhost
  31. http_access allow localhost manager
  32. http_access deny manager
  33.  
  34. # Deny requests to certain unsafe ports
  35. http_access deny !Safe_ports
  36.  
  37. # Deny CONNECT to other than secure SSL ports
  38. http_access deny CONNECT !SSL_ports
  39.  
  40. # We strongly recommend the following be uncommented to protect innocent
  41. # web applications running on the proxy server who think the only
  42. # one who can access services on "localhost" is a local user
  43. #http_access deny to_localhost
  44.  
  45. #
  46. # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
  47. #
  48.  
  49. # Example rule allowing access from your local networks.
  50. # Adapt localnet in the ACL section to list your (internal) IP networks
  51. # from where browsing should be allowed
  52. http_access allow localnet
  53. http_access allow localhost
  54.  
  55. # And finally deny all other access to this proxy
  56. http_access deny all
  57.  
  58. # Squid normally listens to port 3128
  59. http_port 3128
  60. http_port 3129 tproxy
  61.  
  62. # Uncomment and adjust the following to add a disk cache directory.
  63. #cache_dir ufs /usr/local/squid/var/cache/squid 100 16 256
  64.  
  65. workers 4
  66. cache_dir rock /squid-cache/rock-1 3000 max-size=31000 max-swap-rate=250 swap-timeout=350
  67. cache_dir rock /squid-cache/rock-2 3000 max-size=31000 max-swap-rate=250 swap-timeout=350
  68.  
  69.  
  70. # Leave coredumps in the first cache dir
  71. coredump_dir /usr/local/squid/var/cache/squid
  72.  
  73. # Add any of your own refresh_pattern entries above these.
  74. refresh_pattern ^ftp: 1440 20% 10080
  75. refresh_pattern ^gopher: 1440 0% 1440
  76. refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
  77. refresh_pattern . 0 20% 4320
  78.  
  79. #Cambios
  80. max_filedescriptors 65535
  81. cache_mem 2048 MB
  82. maximum_object_size_in_memory 312 KB
  83. cache_mgr xxxxxxx@xxxxxxxxx
  84. cache_effective_user squid
  85. cache_effective_group root
  86. visible_hostname xxxxxxxxxxxxxxxx
  87. access_log none
  88.  
  89.  
  90. #Cache-HIT-Tos
  91. qos_flows local-hit=0x30
  92. qos_flows parent-hit=0x30
  93. qos_flows sibling-hit=0x30
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement