Advertisement
Guest User

Untitled

a guest
Jun 3rd, 2013
509
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. WELCOME TO SQUID 3.1.19
  2.  
  3.  
  4. auth_param negotiate program /usr/local/bin/negotiate_wrapper -d --ntlm /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=MYDOMAIN --kerberos /usr/lib/squid3/squid_kerb_auth -d -s GSS_C_NO_NAME
  5. auth_param negotiate children 100
  6. auth_param negotiate keep_alive on
  7.  
  8.  
  9. auth_param ntlm program /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=MYDOMAIN
  10. auth_param ntlm children 100
  11. auth_param ntlm keep_alive on
  12.  
  13.  
  14. auth_param basic program /usr/lib/squid3/squid_ldap_auth -R -b "dc=mydomain,dc=mycompany,dc=ru" -D squid@ru001110.vw-group.ru -W /etc/squid3/ldappass.txt -f sAMAccountName=%s -h dc.mydomain.mycompany.ru
  15. auth_param basic children 100
  16. auth_param basic realm Internet Proxy
  17. auth_param basic credentialsttl 1 minute
  18.  
  19. acl auth proxy_auth REQUIRED
  20.  
  21.  
  22. http_access deny !auth
  23. http_access allow auth
  24. http_access deny all
  25.  
  26.  
  27.  
  28.  
  29. acl localhost src 127.0.0.1/32 ::1
  30. acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
  31.  
  32.  
  33. acl SSL_ports port 443
  34. acl Safe_ports port 80 # http
  35. acl Safe_ports port 21 # ftp
  36. acl Safe_ports port 443 # https
  37. acl Safe_ports port 70 # gopher
  38. acl Safe_ports port 210 # wais
  39. acl Safe_ports port 1025-65535 # unregistered ports
  40. acl Safe_ports port 280 # http-mgmt
  41. acl Safe_ports port 488 # gss-http
  42. acl Safe_ports port 591 # filemaker
  43. acl Safe_ports port 777 # multiling http
  44. acl CONNECT method CONNECT
  45.  
  46.  
  47. http_access allow manager localhost
  48. http_access deny manager
  49.  
  50. http_access deny !Safe_ports
  51. http_access deny CONNECT !SSL_ports
  52.  
  53. http_access allow localhost
  54.  
  55. http_access deny all
  56.  
  57. http_port 3128
  58.  
  59. coredump_dir /var/spool/squid3
  60.  
  61. refresh_pattern ^ftp: 1440 20% 10080
  62. refresh_pattern ^gopher: 1440 0% 1440
  63. refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
  64. refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
  65.  
  66. refresh_pattern . 0 20% 4320
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement