| # Licensed to the Apache Software Foundation (ASF) under one or more |
| # contributor license agreements. See the NOTICE file distributed with |
| # this work for additional information regarding copyright ownership. |
| # The ASF licenses this file to You under the Apache License, Version 2.0 |
| # (the "License"); you may not use this file except in compliance with |
| # the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| # ========================================================================== |
| |
| http_port 8888 |
| http_port 8889 |
| |
| coredump_dir /var/spool/squid3 |
| |
| auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid3/htpasswd |
| auth_param basic realm test-proxy |
| |
| acl all src 0.0.0.0/0.0.0.0 |
| acl localnet src 10.0.0.0/8 # RFC1918 possible internal network |
| acl localnet src 172.16.0.0/12 # RFC1918 possible internal network |
| acl localnet src 192.168.0.0/16 # RFC1918 possible internal network |
| acl localnet src fc00::/7 # RFC 4193 local private network range |
| acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines |
| |
| acl secure_port myport 8888 |
| acl insecure_port myport 8889 |
| |
| acl SSL_ports port 443 |
| acl SSL_ports port 8443 |
| acl Safe_ports port 80 # http |
| acl Safe_ports port 21 # ftp |
| acl Safe_ports port 443 # https |
| acl Safe_ports port 70 # gopher |
| acl Safe_ports port 210 # wais |
| acl Safe_ports port 1025-65535 # unregistered ports |
| acl Safe_ports port 280 # http-mgmt |
| acl Safe_ports port 488 # gss-http |
| acl Safe_ports port 591 # filemaker |
| acl Safe_ports port 777 # multiling http |
| acl CONNECT method CONNECT |
| acl authenticated proxy_auth REQUIRED |
| |
| http_access deny !Safe_ports |
| http_access deny CONNECT !SSL_ports |
| |
| http_access allow localhost manager |
| http_access deny manager |
| |
| http_access allow secure_port localnet |
| http_access allow secure_port localhost |
| http_access allow insecure_port authenticated |
| |
| http_access deny all |
| |
| http_reply_access allow all |
| |
| cache deny all |
| |
| refresh_pattern ^ftp: 1440 20% 10080 |
| refresh_pattern ^gopher: 1440 0% 1440 |
| refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 |
| refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 |
| refresh_pattern . 0 20% 4320 |