-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsquid.conf
54 lines (42 loc) · 1.38 KB
/
squid.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# Minimal configuration file.
# Allow access from private network.
acl localhost src 127.0.0.1
acl private-network src 0.0.0.1-0.255.255.255
acl private-network src 10.0.0.0/8
acl private-network src 169.254.0.0/16
acl private-network src 172.16.0.0/12
acl private-network src 192.168.0.0/16
# Allow default well known ports only.
acl SSL_ports port 443
acl Safe_ports port 80 # HTTP
acl Safe_ports port 21 # FTP
acl Safe_ports port 22 # SSH
acl Safe_ports port 443 # HTTPS
# Deny requests to unsafe ports.
http_access deny !Safe_ports
# Deny CONNECT to other than secure SSL ports.
http_access deny CONNECT !SSL_ports
# Only allow cachemgr access from localhost.
http_access allow localhost manager
http_access deny manager
# This default configuration only allows localhost requests.
http_access allow localhost
http_access deny to_localhost
http_access deny to_linklocal
# Squid default port.
http_port 3128
# Allow access for private-network.
http_access allow private-network
# Max file descriptor.
max_filedescriptors 65535
# Forward default logs to /dev/stdout device.
logfile_rotate 0
cache_log stdio:/dev/stdout
access_log stdio:/dev/stdout
cache_store_log stdio:/dev/stdout
# Include custom drop-in configuration files.
# This will allow to override any existing configurations
# or add new configurations.
include /etc/squid/conf.d/*.conf
# Deny all other access.
http_access deny all