-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsquid.conf
55 lines (53 loc) · 1.71 KB
/
squid.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# set acl here
acl mylan src 10.8.0.0/24
# set ports here
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
#http_access deny blockfiles
http_access allow mylan
http_access allow localhost
# final deny
http_access deny all
# set IP:port here
http_port 10.8.0.1:3128
#
#tcp_outgoing_address xx.yy.zz.zz
#dns_v4_first on
# disable IPv4 workaround in squid 5.x+
acl to_ipv6 dst ipv6
acl from_ipv6 src ipv6
# set meme here
cache_mem 1024 MB
cache_dir diskd /var/spool/squid 1024 16 256 Q1=72 Q2=64
access_log daemon:/var/log/squid/access.log squid
#cache_store_log daemon:/var/log/squid/store.log
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
refresh_pattern . 0 20% 4320
forwarded_for delete
via off
forwarded_for off
follow_x_forwarded_for deny all
request_header_access X-Forwarded-For deny all
forwarded_for delete
# set dns resolver IP here
dns_nameservers 10.8.0.1
# This is outdated. Do not use it.
#request_header_add X-Custom-Header "admin-vlan-0x01" all