Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- WELCOME TO SQUID 3.1.19
- auth_param negotiate program /usr/local/bin/negotiate_wrapper -d --ntlm /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=MYDOMAIN --kerberos /usr/lib/squid3/squid_kerb_auth -d -s GSS_C_NO_NAME
- auth_param negotiate children 100
- auth_param negotiate keep_alive on
- auth_param ntlm program /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=MYDOMAIN
- auth_param ntlm children 100
- auth_param ntlm keep_alive on
- auth_param basic program /usr/lib/squid3/squid_ldap_auth -R -b "dc=mydomain,dc=mycompany,dc=ru" -D squid@ru001110.vw-group.ru -W /etc/squid3/ldappass.txt -f sAMAccountName=%s -h dc.mydomain.mycompany.ru
- auth_param basic children 100
- auth_param basic realm Internet Proxy
- auth_param basic credentialsttl 1 minute
- acl auth proxy_auth REQUIRED
- http_access deny !auth
- http_access allow auth
- http_access deny all
- acl localhost src 127.0.0.1/32 ::1
- acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
- acl SSL_ports port 443
- acl Safe_ports port 80 # http
- acl Safe_ports port 21 # ftp
- acl Safe_ports port 443 # https
- acl Safe_ports port 70 # gopher
- acl Safe_ports port 210 # wais
- acl Safe_ports port 1025-65535 # unregistered ports
- acl Safe_ports port 280 # http-mgmt
- acl Safe_ports port 488 # gss-http
- acl Safe_ports port 591 # filemaker
- acl Safe_ports port 777 # multiling http
- acl CONNECT method CONNECT
- http_access allow manager localhost
- http_access deny manager
- http_access deny !Safe_ports
- http_access deny CONNECT !SSL_ports
- http_access allow localhost
- http_access deny all
- http_port 3128
- coredump_dir /var/spool/squid3
- refresh_pattern ^ftp: 1440 20% 10080
- refresh_pattern ^gopher: 1440 0% 1440
- refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
- refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
- refresh_pattern . 0 20% 4320
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement