LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7016 Commits
1 Branch
46 MiB
Tree: 02d3e96620
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '02d3e96620'
${ noResults }
openwrt-packages-dist/net/tinyproxy/files/tinyproxy.config

251 lines
6.6 KiB
Raw Normal View History

tinyproxy: import from packages, add myself as maintainer Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
11 years ago
net: Fix typos (found by codespell) Signed-off-by: Stefan Weil <sw@weilnetz.de>
9 years ago
tinyproxy: import from packages, add myself as maintainer Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
11 years ago
 
  1. config tinyproxy
  2. 

  3. #
  4. # Enable the proxy
  5. #
  6. option enabled 0
  7. 

  8. #
  9. # Name of the user the tinyproxy daemon should switch to after the port
  10. # has been bound.
  11. #
  12. option User nobody
  13. option Group nogroup
  14. 

  15. #
  16. # Port to listen on.
  17. #
  18. option Port 8888
  19. 

  20. #
  21. # If you have multiple interfaces this allows you to bind to only one. If
  22. # this is commented out, tinyproxy will bind to all interfaces present.
  23. #
  24. #option Listen 192.168.0.1
  25. 

  26. #
  27. # The Bind directive allows you to bind the outgoing connections to a
  28. # particular IP address.
  29. #
  30. #option Bind 192.168.0.1
  31. 

  32. #
  33. # Timeout: The number of seconds of inactivity a connection is allowed to
  34. # have before it closed by tinyproxy.
  35. #
  36. option Timeout 600
  37. 

  38. #
  39. # ErrorFile: Defines the HTML file to send when a given HTTP error
  40. # occurs.  You will probably need to customize the location to your
  41. # particular install.  The usual locations to check are:
  42. #   /usr/local/share/tinyproxy
  43. #   /usr/share/tinyproxy
  44. #   /etc/tinyproxy
  45. #
  46. #option ErrorFile_404 "/usr/share/tinyproxy/404.html"
  47. #option ErrorFile_400 "/usr/share/tinyproxy/400.html"
  48. #option ErrorFile_503 "/usr/share/tinyproxy/503.html"
  49. #option ErrorFile_403 "/usr/share/tinyproxy/403.html"
  50. #option ErrorFile_408 "/usr/share/tinyproxy/408.html"
  51. 

  52. # 
  53. # DefaultErrorFile: The HTML file that gets sent if there is no
  54. # HTML file defined with an ErrorFile keyword for the HTTP error
  55. # that has occurred.
  56. #
  57. option DefaultErrorFile "/usr/share/tinyproxy/default.html"
  58. 

  59. #
  60. # StatFile: The HTML file that gets sent when a request is made
  61. # for the stathost.  If this file doesn't exist a basic page is
  62. # hardcoded in tinyproxy.
  63. #
  64. option StatFile "/usr/share/tinyproxy/stats.html"
  65. 

  66. #
  67. # Where to log the information. Either LogFile or Syslog should be set,
  68. # but not both.
  69. #
  70. option LogFile "/var/log/tinyproxy.log"
  71. #option Syslog 1
  72. 

  73. #
  74. # Set the logging level. Allowed settings are:
  75. #	Critical	(least verbose)
  76. #	Error
  77. #	Warning
  78. #	Notice
  79. #	Connect		(to log connections without Info's noise)
  80. #	Info		(most verbose)
  81. # The LogLevel logs from the set level and above. For example, if the LogLevel
  82. # was set to Warning, than all log messages from Warning to Critical would be
  83. # output, but Notice and below would be suppressed.
  84. #
  85. option LogLevel Info
  86. 

  87. #
  88. # Include the X-Tinyproxy header, which has the client's IP address when
  89. # connecting to the sites listed.
  90. #
  91. # list XTinyproxy mydomain.com
  92. 

  93. #
  94. # This is the absolute highest number of threads which will be created. In
  95. # other words, only MaxClients number of clients can be connected at the
  96. # same time.
  97. #
  98. option MaxClients 100
  99. 

  100. #
  101. # These settings set the upper and lower limit for the number of
  102. # spare servers which should be available. If the number of spare servers
  103. # falls below MinSpareServers then new ones will be created. If the number
  104. # of servers exceeds MaxSpareServers then the extras will be killed off.
  105. #
  106. option MinSpareServers 5
  107. option MaxSpareServers 20
  108. 

  109. #
  110. # Number of servers to start initially.
  111. #
  112. option StartServers 10
  113. 

  114. #
  115. # MaxRequestsPerChild is the number of connections a thread will handle
  116. # before it is killed. In practise this should be set to 0, which disables
  117. # thread reaping. If you do notice problems with memory leakage, then set
  118. # this to something like 10000
  119. #
  120. option MaxRequestsPerChild 0
  121. 

  122. #
  123. # The following is the authorization controls. If there are any access
  124. # control keywords then the default action is to DENY. Otherwise, the
  125. # default action is ALLOW.
  126. #
  127. # Also the order of the controls are important. The incoming connections
  128. # are tested against the controls based on order.
  129. #
  130. list Allow 127.0.0.1
  131. #list Allow 192.168.0.0/16
  132. #list Allow 172.16.0.0/12
  133. #list Allow 10.0.0.0/8
  134. 

  135. #
  136. # The "Via" header is required by the HTTP RFC, but using the real host name
  137. # is a security concern.  If the following directive is enabled, the string
  138. # supplied will be used as the host name in the Via header; otherwise, the
  139. # server's host name will be used.
  140. #
  141. option ViaProxyName "tinyproxy"
  142. 

  143. #
  144. # The location of the filter file.
  145. #
  146. #option Filter "/etc/tinyproxy/filter"
  147. 

  148. #
  149. # Filter based on URLs rather than domains.
  150. #
  151. #option FilterURLs 1
  152. 

  153. #
  154. # Use POSIX Extended regular expressions rather than basic.
  155. #
  156. #option FilterExtended 1
  157. 

  158. #
  159. # Use case sensitive regular expressions.
  160. #                                                                         
  161. #option FilterCaseSensitive 1
  162. 

  163. #
  164. # Change the default policy of the filtering system.  If this directive is
  165. # commented out, or is set to "0" then the default policy is to allow
  166. # everything which is not specifically denied by the filter file.
  167. #
  168. # However, by setting this directive to "1" the default policy becomes to
  169. # deny everything which is _not_ specifically allowed by the filter file.
  170. #
  171. #option FilterDefaultDeny 1
  172. 

  173. #
  174. # If an Anonymous keyword is present, then anonymous proxying is enabled.
  175. # The headers listed are allowed through, while all others are denied. If
  176. # no Anonymous keyword is present, then all header are allowed through.
  177. # You must include quotes around the headers.
  178. #
  179. #list Anonymous "Host"
  180. #list Anonymous "Authorization"
  181. 

  182. #
  183. # This is a list of ports allowed by tinyproxy when the CONNECT method
  184. # is used.  To disable the CONNECT method altogether, set the value to 0.
  185. # If no ConnectPort line is found, all ports are allowed (which is not
  186. # very secure.)
  187. #
  188. # The following two ports are used by SSL.
  189. #
  190. list ConnectPort 443
  191. list ConnectPort 563
  192. 

  193. #
  194. # Turns on upstream proxy support.
  195. #
  196. # The upstream rules allow you to selectively route upstream connections
  197. # based on the host/domain of the site being accessed.
  198. #
  199. # For example:
  200. #  # connection to test domain goes through testproxy
  201. #
  202. #config upstream
  203. #	option type proxy
  204. #	option via testproxy:8008
  205. #	option target ".test.domain.invalid"
  206. #
  207. #config upstream
  208. #	option type proxy
  209. #	option via testproxy:8008
  210. #	option target ".our_testbed.example.com"
  211. #
  212. #config upstream
  213. #	option type proxy
  214. #	option via testproxy:8008
  215. #	option target "192.168.128.0/255.255.254.0"
  216. #
  217. #  # no upstream proxy for internal websites and unqualified hosts
  218. #
  219. #config upstream
  220. #	option type reject
  221. #	option target ".internal.example.com"
  222. #
  223. #config upstream
  224. #	option type reject
  225. #	option target "www.example.com"
  226. #
  227. #config upstream
  228. #	option type reject
  229. #	option target "10.0.0.0/8"
  230. #
  231. #config upstream
  232. #	option type reject
  233. #	option target "192.168.0.0/255.255.254.0"
  234. #
  235. #config upstream
  236. #	option type reject
  237. #	option target "."
  238. #
  239. #  # default upstream is internet firewall
  240. #
  241. #config upstream
  242. #	option type proxy
  243. #	option via firewall.internal.example.com:80
  244. #
  245. # The LAST matching rule wins the route decision.  As you can see, you
  246. # can use a host, or a domain:
  247. #  name     matches host exactly
  248. #  .name    matches any host in domain "name"
  249. #  .        matches any host with no domain (in 'empty' domain)
  250. #  IP/bits  matches network/mask
  251. #  IP/mask  matches network/mask