Created
April 6, 2018 16:01
-
-
Save blegoh/6a44de49a44d16db4589acd2013f824f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ACCESS CONTROLS OPTIONS | |
# ==================== | |
# | |
acl QUERY urlpath_regex -i cgi-bin \? \.php$ \.asp$ \.shtml$ \.cfm$ \.cfml$ \.phtml$ \.php3$ localhost | |
acl all src | |
acl localnet src 125.164.242.227 36.74.158.54 103.241.205.66 | |
#acl localhost src 127.0.0.1/32 | |
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535 | |
acl sslports port 443 563 81 2087 10000 21 | |
acl ftp proto FTP | |
acl connect method CONNECT | |
acl ym dstdomain .messenger.yahoo.com .psq.yahoo.com | |
acl ym dstdomain .us.il.yimg.com .msg.yahoo.com .pager.yahoo.com | |
acl ym dstdomain .rareedge.com .ytunnelpro.com .chat.yahoo.com | |
acl ym dstdomain .voice.yahoo.com | |
acl ymregex url_regex yupdater.yim ymsgr myspaceim | |
# | |
http_access deny ym | |
http_access deny ymregex | |
http_access allow manager localhost | |
http_access deny manager | |
#http_access allow purge localhost | |
#http_access deny purge | |
http_access allow ftp | |
http_access deny !safeports | |
http_access deny CONNECT !sslports | |
http_access allow localhost | |
http_access allow localnet | |
http_access deny all | |
# | |
# NETWORK OPTIONS | |
# �~@~T�~@~T�~@~T�~@~T�~@~T | |
# | |
http_port 3128 | |
# | |
# OPTIONS WHICH AFFECT THE CACHE SIZE | |
# ============================== | |
# | |
cache_mem 8 MB | |
maximum_object_size_in_memory 32 KB | |
memory_replacement_policy heap GDSF | |
cache_replacement_policy heap LFUDA | |
cache_dir aufs /home/cache 10000 14 256 | |
maximum_object_size 128000 KB | |
cache_swap_low 95 | |
cache_swap_high 99 | |
# | |
# LOGFILE PATHNAMES AND CACHE DIRECTORIES | |
# ================================== | |
# | |
access_log /var/log/squid/access.log | |
cache_log /var/log/squid/cache.log | |
#cache_log /dev/null | |
cache_store_log none | |
logfile_rotate 5 | |
log_icp_queries off | |
# | |
# OPTIONS FOR TUNING THE CACHE | |
# ======================== | |
# | |
cache deny QUERY | |
#refresh_pattern ^ftp: 1440 20% 10080 reload-into-ims | |
refresh_pattern ^gopher: 1440 0% 1440 | |
refresh_pattern -i \.(gif|png|jp?g|ico|bmp|tiff?)$ 10080 95% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private | |
refresh_pattern -i \.(rpm|cab|deb|exe|msi|msu|zip|tar|xz|bz|bz2|lzma|gz|tgz|rar|bin|7z|doc?|xls?|ppt?|pdf|nth|psd|sis)$ 10080 90% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private | |
refresh_pattern -i \.(avi|iso|wav|mid|mp?|mpeg|mov|3gp|wm?|swf|flv|x-flv|axd)$ 43200 95% 432000 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private | |
refresh_pattern -i \.(html|htm|css|js)$ 1440 75% 40320 | |
refresh_pattern -i \.index.(html|htm)$ 0 75% 10080 | |
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 | |
refresh_pattern . 1440 90% 10080 | |
# | |
quick_abort_min 0 KB | |
quick_abort_max 0 KB | |
quick_abort_pct 100 | |
store_avg_object_size 13 KB | |
# | |
# HTTP OPTIONS | |
# =========== | |
vary_ignore_expire on | |
# | |
# ANONIMITY OPTIONS | |
# =============== | |
# | |
request_header_access From deny all | |
request_header_access Server deny all | |
request_header_access Link deny all | |
request_header_access Via deny all | |
request_header_access X-Forwarded-For deny all | |
# | |
# TIMEOUTS | |
# ======= | |
# | |
forward_timeout 240 second | |
connect_timeout 30 second | |
peer_connect_timeout 5 second | |
read_timeout 600 second | |
request_timeout 60 second | |
shutdown_lifetime 10 second | |
# | |
# ADMINISTRATIVE PARAMETERS | |
# ===================== | |
# | |
cache_mgr ninja | |
cache_effective_user proxy | |
cache_effective_group proxy | |
httpd_suppress_version_string on | |
visible_hostname ninja | |
# | |
#ftp_list_width 32 | |
#ftp_passive on | |
#ftp_sanitycheck on | |
# | |
# DNS OPTIONS | |
# ========== | |
# | |
#dns_timeout 10 seconds | |
#dns_nameservers 192.168.1.1 8.8.8.8 8.8.4.4 # DNS Server | |
# | |
# MISCELLANEOUS | |
# =========== | |
# | |
memory_pools off | |
client_db off | |
reload_into_ims on | |
coredump_dir /cache | |
pipeline_prefetch on | |
offline_mode off | |
# | |
#Marking ZPH | |
#========== | |
#zph_mode tos | |
#zph_local 0x04 | |
#zph_parent 0 | |
#zph_option 136 | |
### END CONFIGURATION ### |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment