# ACCESS CONTROLS # ----------------------------------------------------------------------------- acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 # https acl SSL_ports port 563 # snews acl SSL_ports port 873 # rsync acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 631 # cups acl Safe_ports port 873 # rsync acl Safe_ports port 901 # SWAT acl purge method PURGE acl CONNECT method CONNECT # Ijinkan akses cachemgr hanya dari localhost http_access allow manager localhost http_access deny manager # Ijinkan request purge hanya dari localhost http_access allow purge localhost http_access deny purge # Deny request ke ports yang tidak dikenal http_access deny !Safe_ports # Deny CONNECT selain ke port SSL http_access deny CONNECT !SSL_ports # Ini adalah network LAN di kantor Anda acl jaringan_saya src 192.168.1.0/24 192.168.2.0/24 http_access allow jaringan_saya http_access allow localhost # Dan akhirnya deny semua akses ke proxy ini http_access deny all icp_access deny all # NETWORK OPTIONS # ----------------------------------------------------------------------------- # Squid biasanya dijalankan di port 8080 http_port 8080 # DISK CACHE OPTIONS # ----------------------------------------------------------------------------- # Saya alokasikan 10000 MB space harddisk cache_dir ufs /var/spool/squid3 10000 16 256 # LOGFILE OPTIONS # ----------------------------------------------------------------------------- access_log /var/log/squid3/access.log squid # OPTIONS FOR TUNING THE CACHE # ----------------------------------------------------------------------------- acl QUERY urlpath_regex cgi-bin \? cache deny QUERY refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 # HTTP OPTIONS # ----------------------------------------------------------------------------- # Apache mod_gzip and mod_deflate known to be broken so don't trust # Apache to signal ETag correctly on such responses acl apache rep_header Server ^Apache broken_vary_encoding allow apache # TAG: extension_methods # Squid only knows about standardized HTTP request methods. # You can add up to 20 additional "extension" methods here. extension_methods REPORT MERGE MKACTIVITY CHECKOUT # DNS OPTIONS # ----------------------------------------------------------------------------- hosts_file /etc/hosts # MISCELLANEOUS # ----------------------------------------------------------------------------- coredump_dir /var/spool/squid3
sumber : http://ngadimin.com/wp-content/uploads/2009/10/squid.conf.txt
No comments:
Post a Comment
have a question, just spill it :D