Scribd Logo
Upload

Welcome to Scribd!

  • Squid Conf

    Uploaded by

    bruno vitorio
    923 views2 pages

    Original Title

    Squid.conf

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOC or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC or read online from Scribd
    Flag for inappropriate content
    923 views2 pages

    Squid Conf

    Uploaded by

    bruno vitorio

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC or read online from Scribd
    Flag for inappropriate content
    of 2

    # Squid Alterado por Bruno - Padrao curso Impacta

    #Porta padrao do squid. se mudar alterar tambem no firewall. ATENCAO


    TIRAR NO PROXY DO MANDRIVA 2009 A OPCAO TRANSPARENTE.
    http_port 3128 transparent

    # Nao excluir essas 3 regras sobre cgi. protegendo sites seguros, pois
    nao permite fazer cache de CGI.
    hierarchy_stoplist cgi-bin ?
    acl QUERY urlpath_regex cgi-bin \?
    no_cache deny QUERY

    # Diretivas padrao do Squid do Mandriva 2009 r


    cache_dir diskd /var/spool/squid 256 256 256
    # Criar um arquivo de log para armazenar cache
    cache_store_log /var/log/squid/store.log

    #auth_param basic children 5


    #auth_param basic realm Squid proxy-caching web server
    #auth_param basic credentialsttl 2 hours

    refresh_pattern ^ftp: 1440 20% 10080


    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern . 0 20% 4320
    half_closed_clients off

    # ACL padrao do Squid


    acl all src 0.0.0.0/0.0.0.0
    acl manager proto cache_object
    acl localhost src 127.0.0.1/255.255.255.255
    acl to_localhost dst 127.0.0.0/8
    acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
    acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
    acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
    acl SSL_ports port 443 563
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 563 # https, snews
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl Safe_ports port 901 # SWAT
    acl CONNECT method CONNECT

    # Minhas ACL's - Nao precisa estar na ordem.


    acl eumesmo src 130.54.10.10
    acl minharede src 130.54.0.0/16
    acl bruno src 130.54.10.249
    acl sites_negados url_regex -i "/etc/squid/sites_negados"
    acl sites_permitidos url_regex -i "/etc/squid/sites_permitidos"

    # Acessos padrao do Squid - Mandriva


    http_access allow manager localhost
    http_access deny manager
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access deny to_localhost
    #acl mynetwork src 130.54.0.0/255.255.0.0

    # Meus Acessos Editados


    # Libera acesso total para maquina do bruno
    http_access allow bruno
    # Bloqueia sites negados mas libera tudo o que eh permitido
    http_access deny sites_negados !sites_permitidos
    http_access allow eumesmo
    http_access allow minharede
    http_access allow localhost
    http_reply_access allow all
    icp_access allow all

    # Mostra nome do server na parte inferior.


    visible_hostname TANSERVER_FIREWALL
    append_domain .bkpserver
    err_html_text admin@mydomain.com
    # arquivos erro exibidos
    deny_info ERR_CUSTOM_ACCESS_DENIED all

    memory_pools off
    coredump_dir /var/spool/squid
    ie_refresh on

    You might also like