LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
14870 Commits
1 Branch
46 MiB
Tree: 5765c130ea
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '5765c130ea'
${ noResults }
openwrt-packages-dist/net/squid/files/squid.conf

80 lines
2.6 KiB
Raw Normal View History

squid: incorporated ideas from PR#5196 Incorporated @ratkaj configuration options and patches. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
7 years ago
squid: initial import from old-packages Signed-off-by: Luka Perkov <luka@openwrt.org>
10 years ago
squid: incorporated ideas from PR#5196 Incorporated @ratkaj configuration options and patches. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
7 years ago
squid: initial import from old-packages Signed-off-by: Luka Perkov <luka@openwrt.org>
10 years ago
squid: incorporated ideas from PR#5196 Incorporated @ratkaj configuration options and patches. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
7 years ago
squid: initial import from old-packages Signed-off-by: Luka Perkov <luka@openwrt.org>
10 years ago
squid: incorporated ideas from PR#5196 Incorporated @ratkaj configuration options and patches. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
7 years ago
squid: initial import from old-packages Signed-off-by: Luka Perkov <luka@openwrt.org>
10 years ago
squid: incorporated ideas from PR#5196 Incorporated @ratkaj configuration options and patches. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
7 years ago
squid: initial import from old-packages Signed-off-by: Luka Perkov <luka@openwrt.org>
10 years ago
squid: incorporated ideas from PR#5196 Incorporated @ratkaj configuration options and patches. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
7 years ago
squid: initial import from old-packages Signed-off-by: Luka Perkov <luka@openwrt.org>
10 years ago
squid: incorporated ideas from PR#5196 Incorporated @ratkaj configuration options and patches. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
7 years ago
squid: initial import from old-packages Signed-off-by: Luka Perkov <luka@openwrt.org>
10 years ago
squid: incorporated ideas from PR#5196 Incorporated @ratkaj configuration options and patches. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
7 years ago
 
  1. #

  2. # Recommended minimum configuration:

  3. #

  4. 

  5. # Example rule allowing access from your local networks.

  6. # Adapt to list your (internal) IP networks from where browsing

  7. # should be allowed

  8. acl localnet src 0.0.0.1-0.255.255.255	# RFC 1122 "this" network (LAN)

  9. acl localnet src 10.0.0.0/8		# RFC 1918 local private network (LAN)

  10. acl localnet src 100.64.0.0/10		# RFC 6598 shared address space (CGN)

  11. acl localhet src 169.254.0.0/16 	# RFC 3927 link-local (directly plugged) machines

  12. acl localnet src 172.16.0.0/12		# RFC 1918 local private network (LAN)

  13. acl localnet src 192.168.0.0/16		# RFC 1918 local private network (LAN)

  14. acl localnet src fc00::/7       	# RFC 4193 local private network range

  15. acl localnet src fe80::/10      	# RFC 4291 link-local (directly plugged) machines

  16. 

  17. acl SSL_ports port 443

  18. acl Safe_ports port 80		# http

  19. acl Safe_ports port 21		# ftp

  20. acl Safe_ports port 443		# https

  21. acl Safe_ports port 70		# gopher

  22. acl Safe_ports port 210		# wais

  23. acl Safe_ports port 1025-65535	# unregistered ports

  24. acl Safe_ports port 280		# http-mgmt

  25. acl Safe_ports port 488		# gss-http

  26. acl Safe_ports port 591		# filemaker

  27. acl Safe_ports port 777		# multiling http

  28. acl CONNECT method CONNECT

  29. 

  30. #

  31. # Recommended minimum Access Permission configuration:

  32. #

  33. # Deny requests to certain unsafe ports

  34. http_access deny !Safe_ports

  35. 

  36. # Deny CONNECT to other than secure SSL ports

  37. http_access deny CONNECT !SSL_ports

  38. 

  39. # Only allow cachemgr access from localhost

  40. http_access allow localhost manager

  41. http_access deny manager

  42. 

  43. # We strongly recommend the following be uncommented to protect innocent

  44. # web applications running on the proxy server who think the only

  45. # one who can access services on "localhost" is a local user

  46. #http_access deny to_localhost

  47. 

  48. #

  49. # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS

  50. #

  51. 

  52. # Example rule allowing access from your local networks.

  53. # Adapt localnet in the ACL section to list your (internal) IP networks

  54. # from where browsing should be allowed

  55. http_access allow localnet

  56. http_access allow localhost

  57. 

  58. # And finally deny all other access to this proxy

  59. http_access deny all

  60. 

  61. # Uncomment and adjust the following to add a disk cache directory.

  62. #cache_dir ufs /usr/local/squid/var/cache/squid 100 16 256

  63. 

  64. #

  65. # Add any of your own refresh_pattern entries above these.

  66. #

  67. refresh_pattern ^ftp:		1440	20%	10080

  68. refresh_pattern ^gopher:	1440	0%	1440

  69. refresh_pattern -i (/cgi-bin/|\?) 0	0%	0

  70. refresh_pattern .		0	20%	4320

  71. 

  72. # Squid user

  73. cache_effective_user squid

  74. 

  75. #

  76. # Logs, best to use only for debugging as they can become very large

  77. #

  78. 

  79. access_log none  # daemon:/tmp/squid_access.log

  80. cache_log /dev/null  # /tmp/squid_cache.log