| # ***************************************************************************** |
| # |
| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| # |
| # ****************************************************************************** |
| |
| auth_param basic program LDAP_AUTH_PATH -b "LDAP_DN" -D "LDAP_SERVICE_USERNAME,LDAP_DN" -w LDAP_SERVICE_PASSWORD -f uid=%s LDAP_HOST |
| |
| acl DLab_user_src_subnet src PROXY_SUBNET |
| VPC_CIDRS |
| ALLOWED_CIDRS |
| |
| |
| acl SSL_ports port 443 |
| acl Safe_ports port 80 # http |
| acl Safe_ports port 21 # ftp |
| acl Safe_ports port 22 # ssh |
| acl Safe_ports port 443 # https |
| acl Safe_ports port 70 # gopher |
| acl Safe_ports port 210 # wais |
| acl Safe_ports port 1025-65535 # unregistered ports |
| acl Safe_ports port 280 # http-mgmt |
| acl Safe_ports port 488 # gss-http |
| acl Safe_ports port 591 # filemaker |
| acl Safe_ports port 777 # multiling http |
| acl CONNECT method CONNECT |
| |
| acl ldap-auth proxy_auth EDGE_USER_NAME |
| |
| http_access deny !Safe_ports |
| http_access allow localhost manager |
| http_access deny manager |
| http_access allow DLab_user_src_subnet |
| http_access allow AllowedCIDRS ldap-auth |
| http_access allow localhost |
| http_access deny all |
| |
| http_port 3128 |
| |
| cache deny all |
| cache_dir null /tmp |
| coredump_dir /var/spool/squid |
| |
| refresh_pattern ^ftp: 1440 20% 10080 |
| refresh_pattern ^gopher: 1440 0% 1440 |
| refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 |
| refresh_pattern . 0 20% 4320 |