Pages

Sabtu, 17 Maret 2012

Original squid.conf pfsense

# Do not edit manually !
http_port 192.168.1.10:3128 http11 transparent
http_port 127.0.0.1:80 http11 transparent
icp_port 0

pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/English
icon_directory /usr/local/etc/squid/icons
visible_hostname localhost
cache_mgr admin@localhost
access_log /var/squid/logs/access.log
cache_log /var/squid/logs/cache.log
cache_store_log none
logfile_rotate 1
shutdown_lifetime 0 seconds
# Allow local network(s) on interface(s)
acl localnet src  192.168.1.0/255.255.255.0
forwarded_for transparent
via off
server_http11 on
uri_whitespace strip
dns_nameservers 127.0.0.1 203.130.193.74 8.8.8.8

cache_mem 8 MB
maximum_object_size_in_memory 4 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA

cache_dir aufs /var/squid/cache 10000 16 256
minimum_object_size 0 KB
maximum_object_size 256 MB
offline_mode on
cache_swap_low 90
cache_swap_high 95

# No redirector configured



# Setup some default acls
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535
acl sslports port 443 563
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl partialcontent_req req_header Range .*
#acl dynamic urlpath_regex cgi-bin \?
include /usr/local/etc/squid/include.conf
#cache deny dynamic
http_access allow manager localhost


# Allow external cache managers
acl ext_manager_1 src 192.168.1.5
http_access allow manager ext_manager_1

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

# Always allow localhost connections
http_access allow localhost

quick_abort_min 32 KB
quick_abort_max 128 KB
quick_abort_pct 75
range_offset_limit 0 MB
request_body_max_size 0 allow all
reply_body_max_size 0 deny all

delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
# Throttle extensions matched in the url
acl throttle_exts urlpath_regex -i "/var/squid/acl/throttle_exts.acl"
delay_access 1 allow throttle_exts
delay_access 1 deny all

# Allow local network(s) on interface(s)
http_access allow localnet

# Default block all to be sure
http_access deny all
Label:

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)