Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #========================================================================
- [GENERAL]
- LISTEN_PORT: 3128
- # If you want APS to authenticate you at WWW servers using NTLM then just leave this
- # value blank like PARENT_PROXY: and APS will connect to web servers directly.
- # You can specify more than one proxy by leaving a space between each one, and
- # APS will detect when one fails and automatically fail-over to the next. EG:
- #PARENT_PROXY:first_proxy second_proxy third_proxy
- # And NOTE that NTLM cannot pass through another proxy server.
- PARENT_PROXY: hproxy.iitm.ac.in
- PARENT_PROXY_PORT: 8080
- # APS will poll the upstream proxy and attempt to fail-over to a new one if it doesn't
- # get a response within an appropriate time frame. The amount of time that it will
- # wait for a response before attempting fail-over is specified, in seconds, below:
- PARENT_PROXY_TIMEOUT:15
- # Set to 1 if you want to grant this authorization service to clients from other computers.
- # NOTE: all the users from other hosts that will be using you copy of APS for authentication
- # will be using your credentials in NTLM auth at the remote host.
- ALLOW_EXTERNAL_CLIENTS:0
- # If you want to allow some other but not all computers to use your proxy for authorization,
- # just set ALLOW_EXTERNAL_CLIENTS:0 and put friendly IP addresses here.
- # Use space as a delimiter.
- # NOTE that special addesses don't work here (192.168.3.0 for example).
- FRIENDLY_IPS:
- # Requested URLs are written to "url.log" file. May be useful.
- URL_LOG:0
- # When a network service listens for connections, there is a maximum number of connection
- # attempts to that service that the underlying OS will allow to backlog waiting for a response
- # before the OS will start dropping new connection attempts with 'Connection refused'. The
- # standard method of determining the maximum number of backlogged connections is to use the
- # SOMAXCONN constant, which is supposed to represent the maximum number that an OS will support
- # (for example, 5 on Windows 2000 Pro, and 200 on Windows 2000 server). However, because this
- # is a statically compiled value in a Python distribution, usually this instead represents the
- # the most conservative value (5 on all Windows platforms, and 128 on the GNU/Linux variant I
- # tried). So if you are running (for example) a massively threaded/parallel download manager,
- # the default value of, say, 5, or whatever SOMAXCONN happens to be set to, may be too low and
- # cause some connections to fail. The value below can be set to any integer (it seems that
- # Python just silently caps values above the hard limit for the underlying platform), or it can
- # be set to the special value of SOMAXCONN (i.e. MAX_CONNECTION_BACKLOG:SOMAXCONN), to use
- # whatever this value happens to be set to in your Python build. Setting this higher than
- # necessary may cause APS to consume more memory than you needed to.
- MAX_CONNECTION_BACKLOG:5
- #========================================================================
- [CLIENT_HEADER]
- # This section describes what and how the server should change in the clients headers.
- # Made in order to prevent parent proxy from seeing that you are using wget instead of IE5.5
- Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/msword, application/vnd.ms-powerpoint, */*
- User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)
- # for windows 2000 emulation ;)
- # User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT5)
- # You can uncomment these chages in client's header to mimic IE5+ better, but in this case
- # you may expirience problems with *.html if your client does not really handle compression.
- #Accept-Encoding: gzip, deflate
- #========================================================================
- [NTLM_AUTH]
- # Optional value, if leaved blank then APS will use gethostname() to determine
- # host's name.
- # NOTE1: If you Linux host name differs from Windows host name then it may be that
- # MS server wont recognize you host at all and wont grant you access
- # to resources requested. Then you have to use this option and APS will use
- # this name in NTLM negotiations.
- # NOTE2: There are several reports that you can successfully use "foreign" host name
- # here. Say, if user may access a resource from 'host1' and may not from 'host2'
- # then there is a chance that APS running on 'host2' with NT_HOSTNAME:host1 will
- # be able to be granted access to the restricted resource. However use this on
- # you own risk as such a trick may be considered as a hack or something.
- NT_HOSTNAME:
- # Windows Domain.
- # NOTE: it is not full qualified internet domain, but windows network domain.
- NT_DOMAIN:
- # What user's name to use during authorization. It may differ form real current username.
- # If you enable NTLM_TO_BASIC, below, you can either leave this blank or simply
- # hash it out.
- USER: cs08b039
- # Password. Just leave it blank here and server will request it at the start time,
- # or, if you enable NTLM_TO_BASIC, below, you can either leave this blank or simply
- # hash it out, and you *won't* be prompted for a password at start time.
- PASSWORD:iitmcse7437
- # These two options replace old FULL_NTLM option.
- # NTLM authentication consists virtually of two parts: LM and NT. Windows95/98 use
- # only LM part, WindowsNT/2000 can use NT and LM or just NT part.
- # Almost always using just LM part will be enough. I had several reports
- # about LM and NT requirement and no about just NT.
- # So try to setup 1, 1 only if you have enough reasons to do so and when you understand
- # what you are doing.
- # 0, 0 is an illegal combination
- # NOTE: if you change these options then you have to setup flag option accordingly.
- LM_PART:1
- NT_PART:0
- # Highly experimental option. See research.txt for details.
- # LM - 06820000
- # NT - 05820000
- # LM + NT - 07820000
- NTLM_FLAGS: 06820000
- # This option makes APS try to translate NTLM authentication to very usual "Basic"
- # scheme. Almost all http clients know it. With this option set to 1 user will be requested
- # by his browser to enter his credentials and these username and password will be used by
- # APS for NTLM authentication at MS Proxy server or Web server.
- # In such a case different users can use one runnig APS with their own credentials.
- # NOTE1: currently translation works so it allows only one try for entering
- # username/password. If you make a mistake you will have to restart you browser.
- # NOTE2: With debug:1 basic username/password will be written in log file in clear
- # text format. I could try hide it, but the basic scheme is so weak that anybody
- # who had access to APS would be able to get it.
- NTLM_TO_BASIC:0
- #========================================================================
- [DEBUG]
- # Set this to 1 if you want to see debug info in many log files. One per connection.
- DEBUG:0
- # Set this to 1 to get even more debug info.
- BIN_DEBUG:0
- # Set this to 1 to see some strange activity on screen. Actually you won't want it.
- SCR_DEBUG:0
- # Not actually a debug option but gives you some details on authentication process
- # into *.auth logs. Also see research.txt.
- AUTH_DEBUG:0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement