API tools faq
paste
Advertisement
riespandi

squid.conf

riespandi
Aug 22nd, 2017
110
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.68 KB | None | 0 0
raw download clone embed print report
  1. # ACL
  2. acl SSL_ports port 443
  3. acl Safe_ports port 80 # http
  4. acl Safe_ports port 21 # ftp
  5. acl Safe_ports port 443 # https
  6. acl Safe_ports port 70 # gopher
  7. acl Safe_ports port 210 # wais
  8. acl Safe_ports port 1025-65535 # unregistered ports
  9. acl Safe_ports port 280 # http-mgmt
  10. acl Safe_ports port 488 # gss-http
  11. acl Safe_ports port 591 # filemaker
  12. acl Safe_ports port 777 # multiling http
  13. acl CONNECT method CONNECT
  14.  
  15. # Squid normally listens to port 3128
  16. http_port 0.0.0.0:3128
  17.  
  18. # Leave coredumps in the first cache dir
  19. coredump_dir /var/spool/squid
  20.  
  21. # TAG: refresh_pattern
  22. refresh_pattern ^ftp: 1440 20% 10080
  23. refresh_pattern ^gopher: 1440 0% 1440
  24. refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
  25. refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
  26. refresh_pattern . 0 20% 4320
  27.  
  28. # Add auth_params
  29. auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwd
  30. auth_param basic children 2
  31. auth_param basic realm My Proxy Server
  32. auth_param basic credentialsttl 24 hours
  33. auth_param basic casesensitive off
  34.  
  35. # Add acl rules
  36. #acl squid_users proxy_auth REQUIRED
  37. acl badsites dstdomain "/etc/squid/badsites.acl"
  38.  
  39. # http access rules
  40. http_access deny CONNECT !SSL_ports
  41. http_access allow localhost manager
  42. http_access deny manager
  43. http_access allow localhost
  44. #http_access allow squid_users
  45. http_access deny badsites
  46. http_access deny all
  47.  
  48. # Anonymous Proxy
  49. forwarded_for off
  50. request_header_access Allow allow all
  51. request_header_access Authorization allow all
  52. request_header_access WWW-Authenticate allow all
  53. request_header_access Proxy-Authorization allow all
  54. request_header_access Proxy-Authenticate allow all
  55. request_header_access Cache-Control allow all
  56. request_header_access Content-Encoding allow all
  57. request_header_access Content-Length allow all
  58. request_header_access Content-Type allow all
  59. request_header_access Date allow all
  60. request_header_access Expires allow all
  61. request_header_access Host allow all
  62. request_header_access If-Modified-Since allow all
  63. request_header_access Last-Modified allow all
  64. request_header_access Location allow all
  65. request_header_access Pragma allow all
  66. request_header_access Accept allow all
  67. request_header_access Accept-Charset allow all
  68. request_header_access Accept-Encoding allow all
  69. request_header_access Accept-Language allow all
  70. request_header_access Content-Language allow all
  71. request_header_access Mime-Version allow all
  72. request_header_access Retry-After allow all
  73. request_header_access Title allow all
  74. request_header_access Connection allow all
  75. request_header_access Proxy-Connection allow all
  76. request_header_access User-Agent allow all
  77. request_header_access Cookie allow all
  78. request_header_access All deny all
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!