Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Radiomidun ehf.
- http_port 3128
- hierarchy_stoplist cgi-bin ?
- acl QUERY urlpath_regex cgi-bin \?
- no_cache deny QUERY
- cache_mem 8 MB
- #cache_mem 32 MB
- cache_swap_low 90
- cache_swap_high 95
- maximum_object_size 8 KB
- #maximum_object_size 128 KB
- maximum_object_size_in_memory 8 KB
- #test vegna dagsson, muses.is og kaupstadur.is
- reply_header_max_size 200 KB
- #fqdncache_size 2048
- cache_replacement_policy lru
- memory_replacement_policy lru
- #LOGS
- cache_dir ufs /var/spool/squid 100 16 256
- cache_access_log /var/log/squid/access.log
- cache_log /var/log/squid/cache.log
- cache_store_log none
- # END OF LOGS
- hosts_file /etc/hosts
- # redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
- # Authentication
- auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
- auth_param basic children 5
- auth_param basic realm Squid proxy-caching web server
- auth_param basic credentialsttl 2 hours
- auth_param basic casesensitive off
- refresh_pattern ^ftp: 1440 20% 10080
- refresh_pattern ^gopher: 1440 0% 1440
- refresh_pattern . 0 20% 4320
- #######
- # ACL #
- #######
- #Recommended minimum configuration:
- acl all src 0.0.0.0/0.0.0.0
- acl manager proto cache_object
- acl localhost src 127.0.0.1/255.255.255.255
- acl to_localhost dst 127.0.0.0/8
- acl SSL_ports port 443 563 # https, snews
- acl SSL_ports port 873 # rsync
- acl Safe_ports port 80 # http
- acl Safe_ports port 21 # ftp
- acl Safe_ports port 443 563 # https, snews
- acl Safe_ports port 70 # gopher
- acl Safe_ports port 210 # wais
- acl Safe_ports port 1025-65535 # unregistered ports
- acl Safe_ports port 280 # http-mgmt
- acl Safe_ports port 488 # gss-http
- acl Safe_ports port 591 # filemaker
- acl Safe_ports port 777 # multiling http
- acl Safe_ports port 631 # cups
- acl Safe_ports port 873 # rsync
- acl Safe_ports port 901 # SWAT
- acl purge method PURGE
- acl CONNECT method CONNECT
- ##############
- # BRIM
- acl logmein dstdomain .logmein.com
- acl logmein dstdomain .logme.in
- acl sendlingur dstdomain sendlingur.skrin.is
- acl brim dstdomain 212.30.252.101
- acl brim dstdomain .apf.gl
- acl brim dstdomain kerfisleiga.hysing.is
- acl brim dstdomain mail.hysing.is
- acl brim dstdomain .maxsea.com
- acl brim dstdomain .maxsea.fr
- acl brim dstdomain .app.gl
- acl brim dstdomain .brimhf.is
- acl trend dstdomain .trendmicro.com
- acl trend dstdomain 212.30.237.3
- http_access allow brim
- http_access allow sendlingur
- http_access allow trend
- http_access allow logmein
- acl windowsupdate dstdomain .microsoft.com
- acl windowsupdate dstdomain .windowsupdate.com
- acl office dstdomain .office.com
- acl office dstdomain .office.net
- acl office dstdomain .live.com
- acl windowsupdate dstdomain .windows.com
- acl CONNECT method CONNECT
- acl wuCONNECT dstdomain .microsoft.com
- http_access allow CONNECT wuCONNECT
- http_access allow windowsupdate
- http_access allow office
- #chat fb
- acl chfb dstdomain .chat.facebook.com
- acl chfb dstdomain .messenger.com
- acl chfb dstdomain b-graph.facebook.com
- acl chfb dstdomain b-api.facebook.com
- acl chfb dstdomain graph.facebook.com
- acl chfb dstdomain edge-mqtt.facebook.com
- acl chfb dstdomain api.facebook.com
- http_access allow chfb
- #sjvarp
- acl sjovarp dstdomain .sjovarp.is
- acl sjovarp dstdomain 192.168.1.240
- http_access allow sjovarp
- ################
- # TEAMVIEWER
- acl teamv dstdomain .teamviewer.com
- http_access allow teamv
- http_access allow manager localhost
- http_access deny manager
- http_access allow purge localhost
- http_access deny purge
- http_access deny !Safe_ports
- http_access deny CONNECT !SSL_ports
- acl password proxy_auth REQUIRED
- http_access allow password
- http_access allow localhost
- http_access deny all
- http_reply_access allow all
- icp_access deny all
- cache_mgr radiomidun@radiomidun.is
- visible_hostname none
- cachemgr_passwd oksod10 all
- # Leave coredumps in the first cache dir
- coredump_dir /var/spool/squid
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement