zoukankan      html  css  js  c++  java
  • squid配置

    #
    # Recommended minimum configuration:
    #

    # Example rule allowing access from your local networks.
    # Adapt to list your (internal) IP networks from where browsing
    # should be allowed
    acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
    acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
    acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
    acl localnet src fc00::/7 # RFC 4193 local private network range
    acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines

    acl SSL_ports port 443
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 # https
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl CONNECT method CONNECT

    #只允许别名为client,的ip地址192.168.10.20
    acl client src 192.168.10.20

    #此处定义一个别名为 deny_keyword的关键词
    acl deny_keyword url_regex -i linux

    #
    # Recommended minimum Access Permission configuration:
    #
    # Deny requests to certain unsafe ports
    http_access allow client

    #当squid服务程序读到此出发现所访问的网站有别名为deny_keyword 的关键词时,直接拒绝掉返回
    http_access deny deny_keyword

    #此处为实验用,squid服务读到此出立即停止
    http_access deny all

    http_access deny !Safe_ports

    # Deny CONNECT to other than secure SSL ports
    http_access deny CONNECT !SSL_ports

    # Only allow cachemgr access from localhost
    http_access allow localhost manager
    http_access deny manager

    # We strongly recommend the following be uncommented to protect innocent
    # web applications running on the proxy server who think the only
    # one who can access services on "localhost" is a local user
    #http_access deny to_localhost

    #
    # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
    #
    #允许从本地网络访问的示例规则。
    #在ACL访问控制列表中调整localnet以列出您的(内部)IP网络
    #应该允许浏览的网址
    #

    http_access allow localnet
    http_access allow localhost

    # 最后拒绝对该代理的所有其他访问
    http_access deny all

    # 代理服务器所监听的端口
    http_port 10000

    # Uncomment and adjust the following to add a disk cache directory.
    #cache_dir ufs /var/spool/squid 100 16 256

    # Leave coredumps in the first cache dir
    coredump_dir /var/spool/squid

    #
    # Add any of your own refresh_pattern entries above these.
    #
    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
    refresh_pattern . 0 20% 4320

  • 相关阅读:
    Paxos算法理解
    JavaScript笔记
    JVM基础知识(二)
    JVM基础知识(一)
    书单
    centos6.3环境下升级python及MySQLdb的安装
    winform中button的image属性无法更改
    未能找到任何适合于指定的区域性或非特定区域性的资源
    Spring注解开发第十二讲--@Profile注解讲解
    Spring注解驱动第十一讲--引用Spring底层组件
  • 原文地址:https://www.cnblogs.com/languang9801/p/10941214.html
Copyright © 2011-2022 走看看