Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- workers 2
- cpu_affinity_map process_numbers=1 cores=1
- cpu_affinity_map process_numbers=2 cores=2
- httpd_suppress_version_string on #Escondemos la version del squid
- #no permitimos que nada pase por nuestro proxy
- via off
- forwarded_for off
- follow_x_forwarded_for deny all
- #escondemos nuestro squid
- request_header_access From deny all
- request_header_access Server deny all
- request_header_access WWW-Authenticate deny all
- request_header_access Link deny all
- request_header_access Cache-Control deny all
- request_header_access Proxy-Connection deny all
- request_header_access X-Cache deny all
- request_header_access X-Cache-Lookup deny all
- request_header_access Via deny all
- request_header_access X-Forwarded-For deny all
- request_header_access Pragma deny all
- request_header_access Keep-Alive deny all
- #acl redlocal src 10.0.0.0/8 #red local de la alcaldia
- acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
- acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
- acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
- acl SSL_ports port 443
- acl SSL_ports port 2083
- acl SSL_ports port 10000
- acl Safe_ports port 80 # http
- acl Safe_ports port 8080 # http
- acl Safe_ports port 25000 # http
- acl Safe_ports port 3389 # http seta
- acl Safe_ports port 21 # ftp
- acl Safe_ports port 443 # https
- acl Safe_ports port 2083 # https yenni
- acl Safe_ports port 1000 # https webmin
- acl Safe_ports port 70 # gopher
- acl Safe_ports port 210 # wais
- acl Safe_ports port 1025-65535 # unregistered ports
- acl Safe_ports port 280 # http-mgmt
- acl Safe_ports port 488 # gss-http
- acl Safe_ports port 591 # filemaker
- acl Safe_ports port 777 # multiling http
- acl Safe_ports port 631 # cups
- acl Safe_ports port 873 # rsync
- acl Safe_ports port 901 # SWAT
- acl redprueba1 src "/etc/squid3/prueba1"
- acl redtotal src "/etc/squid3/total"
- acl redmucho src "/etc/squid3/mucho"
- acl redpoco src "/etc/squid3/poco"
- acl redurlbasico1 src "/etc/squid3/basico1"
- acl redmercadolibre src "/etc/squid3/mercadolibre"
- acl redprohibidas url_regex "/etc/squid3/prohibidas" #negadas
- acl redprohibidas1 url_regex "/etc/squid3/prohibidas_redes_sociales" #negadas permitiendo redes sociales
- acl redmercadolibredst dstdom_regex -i "/etc/squid3/urlmercadolibre" #solo estas url
- acl redinocentes url_regex "/etc/squid3/inocentes" #permito estas palabras paginas
- acl redmultimedia urlpath_regex "/etc/squid3/multimedia" #niego tipos de archivos
- acl snc dstdomain .snc.gob.ve .cgr.gob.ve .banavih.gob.ve .ivss.gov.ve .ivss.gob.ve
- acl CONNECT method CONNECT
- http_access allow localhost manager
- http_access deny manager
- http_access allow !Safe_ports
- http_access deny CONNECT !SSL_ports
- http_access allow redtotal
- http_access allow redmucho !redmultimedia
- http_access allow redpoco !redprohibidas !redmultimedia
- http_access allow redurlbasico1 !redprohibidas1 !redmultimedia
- http_access allow redmercadolibre redmercadolibredst
- http_access allow redinocentes all
- http_access allow localhost
- #http_access allow redlocal
- http_access deny all
- http_port 3128
- cache_mem 384 MB
- cache_replacement_policy heap LFUDA
- maximum_object_size 8 MB
- cache_dir aufs /Squid3Cache 110000 16 256
- coredump_dir /var/spool/squid3
- refresh_pattern ^ftp: 1440 20% 10080
- refresh_pattern ^gopher: 1440 0% 1440
- refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
- refresh_pattern . 0 20% 4320
- cache_effective_user proxy
- visible_hostname proxy7
- dns_nameservers 127.0.0.1 10.0.0.4 200.44.32.12
- forwarded_for off
- cache_effective_group proxy
- access_log daemon:/var/log/squid3/access.log squid
Advertisement
Add Comment
Please, Sign In to add comment
