1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94
|
# WELCOME TO SQUID 3.1.19
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
#
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
# Only allow purge requests from localhost
http_access allow purge localhost
http_access deny purge
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
# Finally deny all other access to this proxy
http_access deny all
#Allow ICP queries from local networks only
icp_access allow localnet
icp_access deny all
icp_port 3130
http_port 3128
# TAG: hierarchy_stoplist
hierarchy_stoplist cgi-bin ?
# MEMORY CACHE OPTIONS
# -----------------------------------------------------------------------------
cache_mem 8 MB
maximum_object_size_in_memory 8 KB
memory_replacement_policy lru
# DISK CACHE OPTIONS
# -----------------------------------------------------------------------------
cache_replacement_policy lru
cache_dir ufs /var/spool/squid3 100 16 256
minimum_object_size 0 KB
maximum_object_size 40000 KB
# LOGFILE OPTIONS
# -----------------------------------------------------------------------------
access_log /var/log/squid3/access.log squid
cache_store_log /var/log/squid3/store.log
# OPTIONS FOR TUNING THE CACHE
# -----------------------------------------------------------------------------
cache allow all
# TAG: refresh_pattern
#Suggested default:
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
# example line deb packages
#refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600
#refresh_pattern . 0 20% 4320
#refresh_pattern -i \.(mov)\??(.*?)$ 0 0% 99999 reload-into-ims refresh-ims
# ADVANCED NETWORKING OPTIONS
# -----------------------------------------------------------------------------
hosts_file /etc/hosts
coredump_dir /var/spool/squid3
cache deny all |
Partager