1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/squid3_ynh.git synced 2024-09-03 20:26:11 +02:00
squid3_ynh/conf/squid.conf
2024-01-31 23:06:30 +01:00

54 lines
2 KiB
SquidConf
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
###Directive pour nautoriser que les comptes enregistrés dans le LDAP de Yunohost
auth_param basic program /usr/lib/__SQUID__/basic_ldap_auth -b dc=yunohost,dc=org -h 127.0.0.1 -f "uid=%s"
auth_param basic children 50
auth_param basic realm Web-Proxy
auth_param basic credentialsttl 1 minute
acl ldap_auth proxy_auth REQUIRED
visible_hostname web-proxy
http_access allow ldap_auth
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
##cache DNS en local
dns_nameservers 127.0.0.1
##Port d'écoute du Proxy
http_port __PORT__
forwarded_for off ### mode transparant, la vrai IP est cachée
cache_dir aufs /var/spool/__SQUID__ 10000 16 256
hierarchy_stoplist cgi-bin ?
access_log /var/log/__SQUID__/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
refresh_pattern . 0 20% 4320