Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- auth_param negotiate program /usr/lib/squid3/squid_kerb_auth -s HTTP/ubuntu.TestAtomtex.net@TESTATOMTEX.NET
- auth_param negotiate children 10
- auth_param negotiate keep_alive on
- auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/basicusers
- external_acl_type ldap_verify %LOGIN /usr/lib/squid3/squid_ldap_group -R -b "dc=TestAtomtex,dc=net" \
- -f "(&(objectclass=user)(sAMAccountName=%v)(memberOf=cn=%a,ou=groups,dc=TestAtomtex,dc=net))" \
- -D squidreader@TestAtomtex.net -K -W /etc/squid3/squidreaderpass 192.168.2.15
- acl inet1_users external ldap_verify Inet1
- acl inet2_users external ldap_verify Inet2
- acl manager proto cache_object
- acl lan proxy_auth REQUIRED
- acl localhost src 192.168.2.2/32 ::1
- acl DeniedSites dstdomain .mail.ru .vk.com
- acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
- acl SSL_ports port 443
- acl Safe_ports port 80 # http
- acl Safe_ports port 21 # ftp
- acl Safe_ports port 443 # https
- acl Safe_ports port 70 # gopher
- acl Safe_ports port 210 # wais
- acl Safe_ports port 1025-65535 # unregistered ports
- acl Safe_ports port 280 # http-mgmt
- acl Safe_ports port 488 # gss-http
- acl Safe_ports port 591 # filemaker
- acl Safe_ports port 777 # multiling http
- acl CONNECT method CONNECT
- http_port 3128
- http_access allow manager localhost
- #http_access deny lan DeniedSites
- http_access allow lan
- http_access deny !Safe_ports
- http_access deny CONNECT !SSL_ports
- http_access allow localhost
- http_access deny inet1_users DeniedSites
- http_access allow inet1_users
- http_access allow inet2_users DeniedSites
- http_access deny !lan all
- http_access deny all
- coredump_dir /var/spool/squid3
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement