This shows you the differences between two versions of the page.
— |
proxy [2013/10/18 14:49] (current) dlicious Initial page with basic squid proxy configuration |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ===== Basic proxy with Squid 3.x ===== | ||
+ | ==== Non-default lines from squid.conf ==== | ||
+ | |||
+ | Your IP (the client connecting to the proxy) is 1.2.3.4; only that IP and localhost are allowed to connect | ||
+ | |||
+ | <file - /etc/squid3/squid.conf> | ||
+ | acl manager proto cache_object | ||
+ | acl localhost src 127.0.0.1/32 ::1 | ||
+ | acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 | ||
+ | acl testing src 1.2.3.4/32 | ||
+ | acl SSL_ports port 443 | ||
+ | acl Safe_ports port 80 # http | ||
+ | acl Safe_ports port 21 # ftp | ||
+ | acl Safe_ports port 443 # https | ||
+ | acl Safe_ports port 70 # gopher | ||
+ | acl Safe_ports port 210 # wais | ||
+ | acl Safe_ports port 1025-65535 # unregistered ports | ||
+ | acl Safe_ports port 280 # http-mgmt | ||
+ | acl Safe_ports port 488 # gss-http | ||
+ | acl Safe_ports port 591 # filemaker | ||
+ | acl Safe_ports port 777 # multiling http | ||
+ | acl CONNECT method CONNECT | ||
+ | http_access allow manager localhost | ||
+ | http_access deny manager | ||
+ | http_access deny !Safe_ports | ||
+ | http_access deny CONNECT !SSL_ports | ||
+ | http_access allow localhost | ||
+ | http_access allow testing | ||
+ | http_access deny all | ||
+ | http_port 3128 | ||
+ | coredump_dir /var/spool/squid3 | ||
+ | refresh_pattern ^ftp: 1440 20% 10080 | ||
+ | refresh_pattern ^gopher: 1440 0% 1440 | ||
+ | refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 | ||
+ | refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 | ||
+ | refresh_pattern . 0 20% 4320 | ||
+ | </file> |