All pastes #2074092 Raw Edit

Untitled

public text v1 · immutable
#2074092 ·published 2011-06-03 12:08 UTC
rendered paste body
http_port 127.0.0.1:3128
icp_port 3128

#We recommend you to use the following two lines.
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

# cache_dir ufs /usr/local/squid/var/cache 100 16 256
cache_dir ufs /var/squid/cache 1000 64 256
#MB dirs subdirs

# cache_mem 8 MB
cache_mem 32 MB

cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
pid_filename /var/run/squid/squid.pid

# emulate_httpd_log off
emulate_httpd_log on


#  TAG: debug_options
# debug_options ALL,1
#1-9, 9 is high

# log_fqdn off
# IP is default, "on" for fqdn

# ftp_user Squid@
# ftp_passive on
# if problems, disable that

cache_mgr xx@xx.xx

cache_effective_user squid
cache_effective_group squid

visible_hostname none

forwarded_for on

#  TAG: acl
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1
acl SSL_ports port 443 563
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT


# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager

# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
#http_access deny CONNECT !SSL_ports

#We strongly recommend to uncomment the following to protect innocent web applications running on the proxy server who think that the only one who can access services on "localhost" is a local user
#http_access deny to_localhost

acl our_networks src 192.168.1.0/24 192.168.2.0/24
http_access allow our_networks
http_access allow localhost
http_access deny all

#acl banner url_regex ^http://banner[0-9]*\.
#http_access deny banner

http_port 3128 transparent
always_direct allow all



#cache_peer 127.0.0.1 parent 8080 0 no-query no-digest no-netdb-exchange default
#cache_peer 127.0.0.1 parent 8080 0 no-digest no-netdb-exchange default