API tools faq
paste
Advertisement
Guest User

squid3

a guest
Feb 13th, 2017
161
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 9.92 KB | None | 0 0
raw download clone embed print report
  1. ####################################################################################
  2. http_port 3128
  3. #Cache
  4. icp_port 0
  5. visible_hostname proxy-pai-teste
  6. persistent_connection_after_error off
  7. half_closed_clients off
  8. ####################################################################################
  9. #-----------------------------------------------------------------------------------
  10. # configura proxy pai
  11. #-----------------------------------------------------------------------------------
  12. ####################################################################################
  13. cache_peer 192.168.15.39 parent 3128 0 default no-query
  14. cache_peer_domain 192.168.15.39 !.teste.com.br
  15. ####################################################################################
  16. #-----------------------------------------------------------------------------------
  17. # Tipos de URL's que nao serao armazenadas em cache
  18. #-----------------------------------------------------------------------------------
  19. ####################################################################################
  20. acl TESTENet dst 10.0.0.0/32
  21. acl TESTENetAddr dstdomain .teste.com.br
  22. no_cache deny TESTENet
  23. no_cache deny TESTENetAddr
  24. ####################################################################################
  25. #-----------------------------------------------------------------------------------
  26. # Criar cache na memoria
  27. #-----------------------------------------------------------------------------------
  28. ####################################################################################
  29. cache_mem 512 MB
  30. maximum_object_size_in_memory 64 MB
  31. maximum_object_size 128 MB
  32. minimum_object_size 10 KB
  33. cache_swap_low 80
  34. cache_swap_high 95
  35. refresh_pattern ^ftp: 15 20% 2280
  36. refresh_pattern ^gopher: 15 0% 2280
  37. refresh_pattern . 15 20% 2280
  38. quick_abort_pct 98
  39. ####################################################################################
  40. #-----------------------------------------------------------------------------------
  41. # Politica de troca de paginas armazenadas na memoria RAM
  42. #-----------------------------------------------------------------------------------
  43. ####################################################################################
  44. cache_replacement_policy heap GDSF
  45. ####################################################################################
  46. #-----------------------------------------------------------------------------------
  47. # Politica de troca de paginas armazenadas no disco (HD)
  48. #-----------------------------------------------------------------------------------
  49. ####################################################################################
  50. memory_replacement_policy heap LFUDA
  51. ####################################################################################
  52. #-----------------------------------------------------------------------------------
  53. # Log
  54. #-----------------------------------------------------------------------------------
  55. ####################################################################################
  56. cache_access_log /var/log/squid3/access.log
  57. cache_store_log /var/log/squid3/store.log
  58. cache_log /var/log/squid3/cache.log
  59. access_log syslog:local5.info squid
  60. ####################################################################################
  61. #-----------------------------------------------------------------------------------
  62. # [logfile_rotate n]
  63. # Define a quantidade de arquivos access.log que serao gerados antes de haver
  64. # uma sobrescricao (efeito ciclico).
  65. #-----------------------------------------------------------------------------------
  66. ####################################################################################
  67. logfile_rotate 20
  68. ####################################################################################
  69. #-----------------------------------------------------------------------------------
  70. # Criar um cache em disco de 8 GB
  71. #-----------------------------------------------------------------------------------
  72. ####################################################################################
  73. cache_dir aufs /var/spool/squid3 8192 32 256
  74. ####################################################################################
  75. #-----------------------------------------------------------------------------------
  76. # Autenticacao de usuarios
  77. #-----------------------------------------------------------------------------------
  78. ####################################################################################
  79. auth_param basic realm Usuario e Senha do Servidor de TESTES
  80. auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/passwd
  81. acl passwd proxy_auth REQUIRED
  82. ####################################################################################
  83. #-----------------------------------------------------------------------------------
  84. # ACLs e Autoriza�ao de Acesso Portas
  85. #-----------------------------------------------------------------------------------
  86. ####################################################################################
  87. acl redelocal src 10.0.0.0/32
  88. acl manager proto cache_object
  89. acl localhost src 127.0.0.1/32
  90. acl SSL_ports port 443 563 563 23000 8999 82 8888 3026 995 465 1935
  91. acl Safe_ports port 1935    # Uso Streamer Temp p/ Curso
  92. acl Safe_ports port 8641 8643 1298 1299 8293 4073 4001 8441 8095 9311 9999 1935 6195 6199 # ERMES
  93. acl Safe_ports port 80      # http
  94. acl Safe_ports port 8080    # http2
  95. acl Safe_ports port 995 465 # Gmail
  96. acl Safe_ports port 500 4500    # VPN
  97. acl Safe_ports port 21      # ftp
  98. acl Safe_ports port 443 563 # https, snews
  99. acl Safe_ports port 70      # gopher
  100. acl Safe_ports port 210     # wais
  101. acl Safe_ports port 28      # http-mgmt
  102. acl Safe_ports port 488     # gss-http
  103. acl Safe_ports port 591     # filemaker
  104. acl Safe_ports port 777     # multiling http
  105. acl Safe_ports port 901     # swat
  106. acl Safe_ports port 1025-65535  # portas altas
  107. acl Safe_ports port 22      # SSH
  108. acl Safe_ports port 82      # PEG
  109. acl Safe_ports port 2082    # PEG
  110. acl Safe_ports port 8888    # PEG
  111. acl Safe_ports port 7071    # Zimbra
  112. acl Safe_ports port 6866    # Redmine
  113. acl Safe_ports port 4320    # Video Conferencia
  114. acl purge method PURGE
  115. acl CONNECT method CONNECT
  116. ##################################################################################
  117. #---------------------------------------------------------------------------------
  118. # Regra de ACLs
  119. #---------------------------------------------------------------------------------
  120. ##################################################################################
  121. # Lista de IPs autorizados a acessar
  122. acl autorizados src "/etc/squid3/arquivos/autorizados"
  123. # Lista de IPs com acesso sem senha (usuarios especiais)
  124. acl sem_senha src "/etc/squid3/arquivos/sem_senha"
  125. # Bloqueio acesso a sites proibidos                        
  126. acl proibidos url_regex -i "/etc/squid3/arquivos/proibidos"
  127. # Lista de IPs com acesso irrestrito (usuarios especiais)
  128. acl super src "/etc/squid3/arquivos/super"
  129. # Sites liberados
  130. acl liberados url_regex -i "/etc/squid3/arquivos/liberados"
  131. # Limita um usuario por conexao
  132. acl limite max_user_ip -s 1
  133.  
  134. acl purge method PURGE
  135.  
  136. ###################################################################################
  137. #----------------------------------------------------------------------------------
  138. # Direitos de Acessos
  139. #----------------------------------------------------------------------------------
  140. ###################################################################################
  141.  
  142. #Libera sites
  143. http_access allow liberados
  144.  
  145. # Super
  146. http_access allow super
  147.  
  148.  
  149. #Bloqueia sites proibidos
  150. #http_access deny proibidos
  151.  
  152. #Libera redelocal
  153. http_access allow redelocal
  154.  
  155. #Bloquear as portas nao citadas
  156. http_access deny !Safe_ports
  157. http_access deny CONNECT !SSL_ports
  158.  
  159. http_access allow manager localhost
  160. http_access deny manager
  161. http_access allow purge localhost
  162. http_access deny purge
  163.  
  164.  
  165.  
  166. http_access allow comprasnet
  167.  
  168.  
  169. # Permite acesso sem senha a enderecos internos (TESTENet)
  170. http_access allow TESTENet
  171. http_access allow TESTENetAddr
  172.  
  173. # Permite acesso sem_senha a servidores e usuarios especiais (arquivo "sem_senha")
  174. http_access allow sem_senha
  175.  
  176. # Proibe o acesso para quem nao esta cadastrado
  177. http_access allow passwd autorizados
  178.  
  179. #Bloqueia sites!
  180. http_access deny proibidos
  181.  
  182.  
  183. # Limita um usuario por conexao
  184. #http_access deny limite
  185.  
  186. # ? (Procurar explicacao...)
  187. snmp_access allow SNMP all
  188. snmp_incoming_address 0.0.0.0
  189.  
  190.  
  191.  
  192. ###############################################################################
  193. #------------------------------------------------------------------------------
  194. # Bloqueando todo o Resto
  195. #------------------------------------------------------------------------------
  196. ###############################################################################
  197.  
  198.  
  199. ###############################################################################
  200. #------------------------------------------------------------------------------
  201. # Diretorio de erro com imagem personalizada
  202. #------------------------------------------------------------------------------
  203. ###############################################################################
  204.  
  205. error_directory /usr/share/squid3/errors/pt-br
  206.  
  207. ###############################################################################
  208. #------------------------------------------------------------------------------
  209. # Finalizando SQUID3
  210. #------------------------------------------------------------------------------
  211. ###############################################################################
  212.  
  213.  
  214. forwarded_for off
  215. never_direct deny TESTENet
  216. never_direct deny TESTENetAddr
  217. never_direct allow all
  218.  
  219. ###############################################################################
  220. #------------------------------------------------------------------------------
  221. #                                   FIM
  222. #------------------------------------------------------------------------------
  223. ###############################################################################
  224. http_access deny all
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!