Created
November 5, 2015 20:15
-
-
Save NiGhTTraX/c5886224b974c6cacf89 to your computer and use it in GitHub Desktop.
squid anonymous proxy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# basic auth settings | |
auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/users.txt | |
auth_param basic children 2 | |
auth_param basic realm nighttrax | |
auth_param basic casesensitive on | |
acl Users proxy_auth REQUIRED | |
http_access allow Users | |
# acl | |
acl manager proto cache_object | |
acl localhost src 127.0.0.1/32 | |
acl to_localhost dst 127.0.0.0/8 | |
# ports | |
acl SSL_ports port 443 | |
acl Safe_ports port 80 443 | |
acl CONNECT method CONNECT | |
http_access allow manager localhost | |
http_access deny manager | |
http_access deny !Safe_ports | |
http_access deny CONNECT !SSL_ports | |
http_access allow localhost | |
http_access deny all | |
icp_access deny all | |
#htcp_access deny all | |
# header anonimosity and paranoid | |
request_header_access Allow allow all | |
request_header_access Authorization allow all | |
request_header_access WWW-Authenticate allow all | |
request_header_access Proxy-Authorization allow all | |
request_header_access Proxy-Authenticate allow all | |
request_header_access Cache-Control allow all | |
request_header_access Content-Range allow all | |
request_header_access Content-Encoding allow all | |
request_header_access Content-Length allow all | |
request_header_access Content-Type allow all | |
request_header_access Cookie allow all | |
request_header_access Set-Cookie allow all | |
request_header_access Date allow all | |
request_header_access Expires allow all | |
request_header_access Host allow all | |
request_header_access If-Modified-Since allow all | |
request_header_access Last-Modified allow all | |
request_header_access Location allow all | |
request_header_access Range allow all | |
request_header_access Referer allow all | |
request_header_access Pragma allow all | |
request_header_access Accept allow all | |
request_header_access Accept-Charset allow all | |
request_header_access Accept-Encoding allow all | |
request_header_access Accept-Language allow all | |
request_header_access Content-Language allow all | |
request_header_access Mime-Version allow all | |
request_header_access Retry-After allow all | |
request_header_access Title allow all | |
request_header_access Connection allow all | |
request_header_access Proxy-Connection allow all | |
request_header_access User-Agent allow all | |
request_header_access All deny all | |
# port to listen on | |
http_port 3128 | |
icp_port 3130 | |
# logging | |
logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %[un %Sh/%<A %mt | |
logformat common %>a %Ss:%Sh %[ui %[un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st | |
logformat combined %>a %[ui %[un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh | |
logformat referrer %ts.%03tu %>a %{Referer}>h %ru | |
logformat useragent %>a [%tl] "%{User-Agent}>h" | |
access_log /var/log/squid3/access.log common | |
# stuff | |
#refresh_pattern ^ftp: 1440 20% 10080 | |
#refresh_pattern ^gopher: 1440 0% 1440 | |
#refresh_pattern (cgi-bin|\?) 0 0% 0 | |
#refresh_pattern . 0 20% 4320 | |
coredump_dir /var/spool/squid3 | |
hierarchy_stoplist cgi-bin ? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment