Last active
October 13, 2022 23:00
-
-
Save peter279k/ea81a487ae0db811894687b8178b3175 to your computer and use it in GitHub Desktop.
The url redirection configuration for Squid Proxy Server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# WELCOME TO SQUID 3.5.12 | |
# ---------------------------- | |
# | |
# This is the documentation for the Squid configuration file. | |
# This documentation can also be found online at: | |
# http://www.squid-cache.org/Doc/config/ | |
# | |
# You may wish to look at the Squid home page and wiki for the | |
# FAQ and other documentation: | |
# http://www.squid-cache.org/ | |
# http://wiki.squid-cache.org/SquidFaq | |
# http://wiki.squid-cache.org/ConfigExamples | |
# | |
# This documentation shows what the defaults for various directives | |
# happen to be. If you don't need to change the default, you should | |
# leave the line out of your squid.conf in most cases. | |
acl SSL_ports port 443 | |
acl Safe_ports port 80 # http | |
acl Safe_ports port 21 # ftp | |
acl Safe_ports port 443 # https | |
acl Safe_ports port 70 # gopher | |
acl Safe_ports port 210 # wais | |
acl Safe_ports port 1025-65535 # unregistered ports | |
acl Safe_ports port 280 # http-mgmt | |
acl Safe_ports port 488 # gss-http | |
acl Safe_ports port 591 # filemaker | |
acl Safe_ports port 777 # multiling http | |
acl CONNECT method CONNECT | |
# Recommended minimum Access Permission configuration: | |
# | |
# Deny requests to certain unsafe ports | |
http_access deny !Safe_ports | |
# Deny CONNECT to other than secure SSL ports | |
http_access deny CONNECT !SSL_ports | |
# Only allow cachemgr access from localhost | |
http_access allow localhost manager | |
http_access deny manager | |
# Squid normally listens to port 3128 | |
http_port 3128 | |
# TAG: https_port | |
# If shared memory caching is enabled, Squid does not use the shared | |
# cache space for in-transit objects, but they still consume as much | |
# local memory as they need. For more details about the shared memory | |
# cache, see memory_cache_shared. | |
#Default: | |
cache_mem 8 MB | |
# TAG: maximum_object_size_in_memory (bytes) | |
# Objects greater than this size will not be attempted to kept in | |
# the memory cache. This should be set high enough to keep objects | |
# accessed frequently in memory to improve performance whilst low | |
# enough to keep larger objects from hoarding cache_mem. | |
#Default: | |
maximum_object_size_in_memory 1024 KB | |
# See also cache_swap_high and cache_replacement_policy | |
#Default: | |
cache_swap_low 90 | |
# TAG: cache_swap_high (percent, 0-100) | |
# See also cache_swap_low and cache_replacement_policy | |
#Default: | |
cache_swap_high 95 | |
# Leave coredumps in the first cache dir | |
coredump_dir /var/spool/squid | |
# The refresh_pattern lines are checked in the order listed here. | |
# The first entry which matches is used. If none of the entries | |
# match the default will be used. | |
# | |
# Note, you must uncomment all the default lines if you want | |
# to change one. The default setting is only active if none is | |
# used. | |
# | |
# | |
# | |
# Add any of your own refresh_pattern entries above these. | |
# | |
refresh_pattern ^ftp: 1440 20% 10080 | |
refresh_pattern ^gopher: 1440 0% 1440 | |
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 | |
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 | |
# example lin deb packages | |
#refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600 | |
refresh_pattern . 0 20% 4320 | |
# ADMINISTRATIVE PARAMETERS | |
# ----------------------------------------------------------------------------- | |
# TAG: cache_mgr | |
# Email-address of local cache manager who will receive | |
# mail if the cache dies. The default is "webmaster". | |
cache_mgr peter279k@gmail.com | |
#Default: | |
# cache_mgr webmaster | |
# TAG: visible_hostname | |
visible_hostname lab223 | |
# TAG: ipcache_size (number of entries) | |
# Maximum number of DNS IP cache entries. | |
#Default: | |
ipcache_size 1024 | |
# TAG: ipcache_low (percent) | |
#Default: | |
ipcache_low 90 | |
# TAG: ipcache_high (percent) | |
# The size, low-, and high-water marks for the IP cache. | |
#Default: | |
ipcache_high 95 | |
# TAG: fqdncache_size (number of entries) | |
# Maximum number of FQDN cache entries. | |
#Default: | |
fqdncache_size 1024 | |
# Custom configuration | |
acl MyNetwork src 192.168.0.1 | |
acl BLKSite dstdomain www.google.com.pa | |
deny_info https://google.com.tw all | |
http_reply_access deny BLKSite all | |
http_access allow MyNetwork | |
url_rewrite_program /etc/squid/url_redirect.php | |
url_rewrite_children 5 | |
#http_access deny all | |
forwarded_for off | |
request_header_access Allow allow all | |
request_header_access Authorization allow all | |
request_header_access WWW-Authenticate allow all | |
request_header_access Proxy-Authorization allow all | |
request_header_access Proxy-Authenticate allow all | |
request_header_access Cache-Control allow all | |
request_header_access Content-Encoding allow all | |
request_header_access Content-Length allow all | |
request_header_access Content-Type allow all | |
request_header_access Date allow all | |
request_header_access Expires allow all | |
request_header_access Host allow all | |
request_header_access If-Modified-Since allow all | |
request_header_access Last-Modified allow all | |
request_header_access Location allow all | |
request_header_access Pragma allow all | |
request_header_access Accept allow all | |
request_header_access Accept-Charset allow all | |
request_header_access Accept-Encoding allow all | |
request_header_access Accept-Language allow all | |
request_header_access Content-Language allow all | |
request_header_access Mime-Version allow all | |
request_header_access Retry-After allow all | |
request_header_access Title allow all | |
request_header_access Connection allow all | |
request_header_access Proxy-Connection allow all | |
request_header_access User-Agent allow all | |
request_header_access Cookie allow all | |
request_header_access All deny all |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment