Untitled

WELCOME TO SQUID 3.1.19


auth_param negotiate program /usr/local/bin/negotiate_wrapper -d --ntlm /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=MYDOMAIN --kerberos /usr/lib/squid3/squid_kerb_auth -d -s GSS_C_NO_NAME
auth_param negotiate children 100
auth_param negotiate keep_alive on


auth_param ntlm program /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=MYDOMAIN
auth_param ntlm children 100
auth_param ntlm keep_alive on


auth_param basic program /usr/lib/squid3/squid_ldap_auth -R -b "dc=mydomain,dc=mycompany,dc=ru" -D squid@ru001110.vw-group.ru -W /etc/squid3/ldappass.txt -f sAMAccountName=%s -h dc.mydomain.mycompany.ru
auth_param basic children 100
auth_param basic realm Internet Proxy
auth_param basic credentialsttl 1 minute

acl auth proxy_auth REQUIRED


http_access deny !auth
http_access allow auth
http_access deny all


acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1


acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT


http_access allow manager localhost
http_access deny manager

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow localhost

http_access deny all

http_port 3128

coredump_dir /var/spool/squid3

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880

refresh_pattern .               0       20%     4320