daily pastebin goal
46%
SHARE
TWEET

Untitled

a guest Dec 16th, 2018 76 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #
  2. # Recommended minimum configuration:
  3. #
  4. acl manager proto cache_object
  5. acl localhost src 127.0.0.1/32
  6. acl localhost src ::1/128
  7. acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
  8. acl to_localhost dst ::1/128
  9.  
  10. # Example rule allowing access from your local networks.
  11. # Adapt to list your (internal) IP networks from where browsing
  12. # should be allowed
  13. acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
  14. acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
  15. acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
  16. acl localnet src fc00::/7   # RFC 4193 local private network range
  17. acl localnet src fe80::/10  # RFC 4291 link-local (directly plugged) machines
  18.  
  19. acl SSL_ports port 443
  20. acl Safe_ports port 80          # http
  21. acl Safe_ports port 21          # ftp
  22. acl Safe_ports port 443         # https
  23. acl Safe_ports port 70          # gopher
  24. acl Safe_ports port 210         # wais
  25. acl Safe_ports port 1025-65535  # unregistered ports
  26. acl Safe_ports port 280         # http-mgmt
  27. acl Safe_ports port 488         # gss-http
  28. acl Safe_ports port 591         # filemaker
  29. acl Safe_ports port 777         # multiling http
  30. acl CONNECT method CONNECT
  31.  
  32. #
  33. # Recommended minimum Access Permission configuration:
  34. #
  35. # Only allow cachemgr access from localhost
  36. http_access allow manager localhost
  37. http_access deny manager
  38.  
  39. # Deny requests to certain unsafe ports
  40. http_access deny !Safe_ports
  41.  
  42. # Deny CONNECT to other than secure SSL ports
  43. http_access deny CONNECT !SSL_ports
  44.  
  45. # We strongly recommend the following be uncommented to protect innocent
  46. # web applications running on the proxy server who think the only
  47. # one who can access services on "localhost" is a local user
  48. #http_access deny to_localhost
  49.  
  50. #
  51. # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
  52. #
  53.  
  54. # Example rule allowing access from your local networks.
  55. # Adapt localnet in the ACL section to list your (internal) IP networks
  56. # from where browsing should be allowed
  57. http_access allow localnet
  58. http_access allow localhost
  59.  
  60. # And finally deny all other access to this proxy
  61. http_access deny all
  62.  
  63. # Squid normally listens to port 3128
  64. http_port 3128 transparent
  65.  
  66. # We recommend you to use at least the following line.
  67. hierarchy_stoplist cgi-bin ?
  68.  
  69. # Uncomment and adjust the following to add a disk cache directory.
  70. #cache_dir ufs /var/spool/squid 5000 16 256
  71.  
  72. # Leave coredumps in the first cache dir
  73. coredump_dir /var/spool/squid
  74.  
  75. # Add any of your own refresh_pattern entries above these.
  76. refresh_pattern ^ftp:           1440    20%     10080
  77. refresh_pattern ^gopher:        1440    0%      1440
  78. refresh_pattern -i (/cgi-bin/|\?) 0     0%  0
  79. refresh_pattern .               0   20%     4320
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top