Senin, 02 Februari 2015

setting squid basic

# ACCESS CONTROLS
# -----------------------------------------------------------------------------
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443  # https
acl SSL_ports port 563  # snews
acl SSL_ports port 873  # rsync
acl Safe_ports port 80  # http
acl Safe_ports port 21  # ftp
acl Safe_ports port 443  # https
acl Safe_ports port 70  # gopher
acl Safe_ports port 210  # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280  # http-mgmt
acl Safe_ports port 488  # gss-http
acl Safe_ports port 591  # filemaker
acl Safe_ports port 777  # multiling http
acl Safe_ports port 631  # cups
acl Safe_ports port 873  # rsync
acl Safe_ports port 901  # SWAT
acl purge method PURGE
acl CONNECT method CONNECT

# Ijinkan akses cachemgr hanya dari localhost
http_access allow manager localhost
http_access deny manager

# Ijinkan request purge hanya dari localhost
http_access allow purge localhost
http_access deny purge

# Deny request ke ports yang tidak dikenal
http_access deny !Safe_ports

# Deny CONNECT selain ke port SSL
http_access deny CONNECT !SSL_ports


# Ini adalah network LAN di kantor Anda
acl jaringan_saya src 192.168.1.0/24 192.168.2.0/24
http_access allow jaringan_saya 
http_access allow localhost

# Dan akhirnya deny semua akses ke proxy ini
http_access deny all

icp_access deny all


# NETWORK OPTIONS
# -----------------------------------------------------------------------------

# Squid biasanya dijalankan di port 8080
http_port 8080


# DISK CACHE OPTIONS
# -----------------------------------------------------------------------------

# Saya alokasikan 10000 MB space harddisk
cache_dir ufs /var/spool/squid3 10000 16 256


# LOGFILE OPTIONS
# -----------------------------------------------------------------------------
access_log /var/log/squid3/access.log squid


# OPTIONS FOR TUNING THE CACHE
# -----------------------------------------------------------------------------
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY

refresh_pattern ^ftp:  1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern .  0 20% 4320


# HTTP OPTIONS
# -----------------------------------------------------------------------------

# Apache mod_gzip and mod_deflate known to be broken so don't trust
# Apache to signal ETag correctly on such responses
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache

#  TAG: extension_methods
# Squid only knows about standardized HTTP request methods.
# You can add up to 20 additional "extension" methods here.
extension_methods REPORT MERGE MKACTIVITY CHECKOUT


# DNS OPTIONS
# -----------------------------------------------------------------------------
hosts_file /etc/hosts


# MISCELLANEOUS
# -----------------------------------------------------------------------------
coredump_dir /var/spool/squid3


sumber : http://ngadimin.com/wp-content/uploads/2009/10/squid.conf.txt

Tidak ada komentar:

Posting Komentar

have a question, just spill it :D

Related Posts Plugin for WordPress, Blogger...