[Cialug] Any Squid folks on the list?
L. V. Lammert
lvl at omnitec.net
Thu Feb 17 16:16:10 CST 2011
Had to rebuild a proxy server, .. got to the squid configuration and
nobody had backed it up <sigh>.
Two problems with the config below:
1) allowed_urls is not blocking sites
2) https is not working
Have I have missed something?
TIA,
Lee
=============================
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl localnet src <internel net>/24
acl allowed_urls dstdomain "/etc/squid/allowed_urls"
acl SSL_ports port 443
acl Safe_ports port 80
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
http_access allow allowed_urls
http_access deny all
http_reply_access allow localnet
http_reply_access deny all
icp_access allow localnet
icp_access deny all
http_port 3128 transparent
hierarchy_stoplist cgi-bin ?
cache_mem 256 MB
cache_dir ufs /var/spool/squid 2048 16 256
access_log /var/log/squid/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern . 0 20% 4320
visible_hostname <hostname>
always_direct allow all
forwarded_for off
coredump_dir /var/spool/squid
More information about the Cialug
mailing list