Scribd Logo
Upload

Welcome to Scribd!

  • Squid Proxy Server Configuration File

    Uploaded by

    bonae
    122 views4 pages
    Squid 2.7.STABLE9 is a STABLE release of the popular multimedia server. It uses acl all src all And the cl manager proto cache_object.

    Original Description:

    Original Title

    Copy of squid.conf

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOC, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Squid 2.7.STABLE9 is a STABLE release of the popular multimedia server. It uses acl all src all And the cl manager proto cache_object.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    122 views4 pages

    Squid Proxy Server Configuration File

    Uploaded by

    bonae
    Squid 2.7.STABLE9 is a STABLE release of the popular multimedia server. It uses acl all src all And the cl manager proto cache_object.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    # WELCOME TO SQUID 2.7.

    STABLE9
    # ----------------------------

    # configuration files.
    #include /etc/squid/multimedia.conf

    #Recommended minimum configuration:


    acl all src all
    acl manager proto cache_object
    acl localhost src 127.0.0.1/32
    acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
    #
    # Example rule allowing access from your local networks.
    # Adapt to list your (internal) IP networks from where browsing
    # should be allowed
    acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
    acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
    acl localnet src 192.168.1.0/24 # RFC1918 possible internal network
    acl localnet src 192.168.10.0/24
    #
    acl SSL_ports port 443 # https
    acl SSL_ports port 563 # snews
    acl SSL_ports port 873 # rsync
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 # https
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl Safe_ports port 631 # cups
    acl Safe_ports port 873 # rsync
    acl Safe_ports port 901 # SWAT
    acl purge method PURGE
    acl CONNECT method CONNECT

    # Only allow cachemgr access from localhost


    http_access allow manager localhost
    http_access deny manager
    # Only allow purge requests from localhost
    http_access allow purge localhost
    http_access deny purge
    # Deny requests to unknown ports
    http_access deny !Safe_ports
    # Deny CONNECT to other than SSL ports
    http_access deny CONNECT !SSL_ports
    # from where browsing should be allowed
    http_access allow localnet
    http_access allow localhost

    # And finally deny all other access to this proxy


    http_access deny all
    #Default:
    # http_reply_access allow all

    #Allow ICP queries from local networks only


    icp_access allow localnet
    icp_access deny all

    #Allow HTCP queries from local networks only


    # htcp_access allow localnet
    # htcp_access deny all

    #
    #Default:
    # reply_body_max_size 0 allow all

    # Squid normally listens to port 3128


    http_port 3128 transparent

    #We recommend you to use at least the following line.


    hierarchy_stoplist cgi-bin ?

    # MEMORY CACHE OPTIONS


    # -----------------------------------------------------------------------------

    #Default:
    cache_mem 8 MB

    #Default:
    maximum_object_size_in_memory 2000 KB

    #Default:
    # memory_replacement_policy lru

    #Default:
    # cache_replacement_policy lru

    #Default:
    cache_dir ufs /var/spool/squid 1000 32 256
    cache_dir aufs /home/faish/squid1 3000 32 256
    cache_dir aufs /home/faish/squid2 3000 32 256
    cache_dir aufs /home/faish/squid3 3000 32 256

    #Default:
    # store_dir_select_algorithm least-load

    #Default:
    minimum_object_size 0 KB

    #Default:
    maximum_object_size 20480 KB

    #Default:
    cache_swap_low 90
    cache_swap_high 95
    access_log /var/log/squid/access.log squid

    #Default:
    logfile_daemon /usr/lib/squid/logfile-daemon

    #Default:
    cache_log /var/log/squid/cache.log

    #Default:
    cache_store_log /var/log/squid/store.log

    #Default:
    # max_stale 1 week

    #Suggested default:
    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
    refresh_pattern (Release|Package(.gz)*)$ 0 20% 2880

    refresh_pattern -i .(class|css|js|gif|jpg)$ 10080 100% 43200 override-expire


    override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i .(jpe|jpeg|png|bmp|tif)$ 10080 100% 43200 override-expire
    override-lastmod reload-into-ims ignore-reload
    refresh_pattern -i .(tiff|mov|avi|qt|mpeg|mp3)$ 10080 100% 43200 override-expire
    refresh_pattern -i .(mpg|mpe|wav|au|mid|flv|mp4)$ 10080 100% 43200 override-
    expire
    refresh_pattern -i .(zip|gz|arj|lha|lzh)$ 10080 100% 43200 override-expire
    refresh_pattern -i .(rar|tgz|tar|exe|bin)$ 10080 100% 43200 override-expire
    refresh_pattern -i .(hqx|pdf|rtf|doc|swf)$ 10080 100% 43200 override-expire
    refresh_pattern -i .(inc|cab|ad|txt|dll)$ 10080 100% 43200 override-expire
    refresh_pattern -i .(asp|acgi|pl|shtml|php3|php|html|xml)$ 10080 100% 4320
    override-expire override-lastmod reload-into-ims
    refresh_pattern -i .facebook.com$ 604800 100% 604800 override-expire override-
    lastmod reload-into-ims
    refresh_pattern -i .google.com$ 604800 100% 604800 override-expire override-
    lastmod reload-into-ims
    refresh_pattern -i .mail.google.com$ 604800 100% 604800 override-expire
    override-lastmod reload-into-ims ignore-reload
    #refresh_pattern -i .flv$ 10080 90% 999999 ignore-no-cache override-expire
    ignore-private
    #acl youtube dstdomain .youtube.com$
    #cache allow youtube
    #refresh_pattern (get_video\?|videoplayback\?|videodownload\?) 5259487 99999999%
    5259487 override-expire ignore-reload ignore-private negative-ttl=0
    # example line deb packages
    refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600
    refresh_pattern . 0 20% 4320

    #Default:
    # quick_abort_min 16 KB
    # quick_abort_max 16 KB
    # quick_abort_pct 95

    #Default:
    # request_header_max_size 20 KB
    #Default:
    # reply_header_max_size 20 KB
    #Default:
    # request_body_max_size 0 KB

    # Don't upgrade ShoutCast responses to HTTP


    acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
    upgrade_http0.9 deny shoutcast

    acl apache rep_header Server ^Apache


    broken_vary_encoding allow apache

    #
    #Default:
    # collapsed_forwarding off

    #Default:
    # refresh_stale_hit 0 seconds

    extension_methods REPORT MERGE MKACTIVITY CHECKOUT


    #
    #Default:
    # cache_mgr webmaster
    #Default:
    # cache_effective_user proxy
    #Default:
    # as_whois_server whois.ra.net
    # as_whois_server whois.ra.net

    acl store_rewrite_list urlpath_regex \/(get_video\?|videodownload\?|


    videoplayback.*id)

    You might also like