Last active
June 9, 2016 17:20
-
-
Save VictorLowther/60ebbf9f7ee062f98a7ea3b3597d64aa to your computer and use it in GitHub Desktop.
Example squid cache config including upstream proxy stuff
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# These should be customized to reflect the local address ranges of the networks Rebar nodes use | |
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network | |
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network | |
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network | |
acl localnet src fc00::/7 # RFC 4193 local private network range | |
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines | |
acl to_localnet dst 10.0.0.0/8 # RFC1918 possible internal network | |
acl to_localnet dst 172.16.0.0/12 # RFC1918 possible internal network | |
acl to_localnet dst 192.168.0.0/16 # RFC1918 possible internal network | |
acl to_localnet dst fc00::/7 # RFC 4193 local private network range | |
acl to_localnet dst fe80::/10 # RFC 4291 link-local (directly plugged) machines | |
acl SSL_ports port 443 | |
acl Safe_ports port 80 # http | |
acl Safe_ports port 21 # ftp | |
acl Safe_ports port 443 # https | |
acl Safe_ports port 70 # gopher | |
acl Safe_ports port 210 # wais | |
acl Safe_ports port 1025-65535 # unregistered ports | |
acl Safe_ports port 280 # http-mgmt | |
acl Safe_ports port 488 # gss-http | |
acl Safe_ports port 591 # filemaker | |
acl Safe_ports port 777 # multiling http | |
acl CONNECT method CONNECT | |
always_direct allow to_localnet | |
# If you have an upstream http cache to talk to, | |
# customize the next two lines and uncomment them. | |
#cache_peer upstream.cache.address parent upsreeam-cache-port 0 default | |
#never_direct allow all | |
http_access deny !Safe_ports | |
http_access deny CONNECT !SSL_ports | |
http_access allow localhost manager | |
http_access deny manager | |
http_access deny to_localhost | |
http_access allow localnet | |
http_access allow localhost | |
http_access deny all | |
http_port 3128 | |
coredump_dir /var/spool/squid3 | |
refresh_pattern ^ftp: 1440 20% 10080 | |
refresh_pattern ^gopher: 1440 0% 1440 | |
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 | |
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 | |
refresh_pattern . 0 20% 432 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment