squid cache (squid.conf)
squid proxy server
Categoria: Networking
Software: squid cache
[ Hits: 8.970 ]
Por: nao quero informar
Este arquivo e o que eu uso no meu trabalho num dos laboratorios da estacio para configurar um servidor proxy, que controla a internet nos laboratorios, consigo dividir o fluxo por salas aqui no caso sao 4 salas e tambem bloqueios e taxa de internet, este arquivo esta configurado para verificar codigo de placa de rede.
# [ NETWORK OPTIONS ] #### http_port 10.12.20.4:3128 #https_port 80 #ssl_unclean_shutdown off #icp_port 3128 #htcp_port 4827 #mcast_groups #tcp_outgoing_address udp_incoming_address 0.0.0.0 udp_outgoing_address 255.255.255.255 #### [ OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM ] #### cache_peer 10.12.20.3 parent 80 80 multicast-responder #neighbor_type_domain icp_query_timeout 2000 maximum_icp_query_timeout 2000 mcast_icp_query_timeout 2000 dead_peer_timeout 20 seconds #hierarchy_stoplist cgi-bin \? acl all src 10.12.196.0/255.255.252.0 acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY #### [ OPTIONS WHICH AFFECT THE CACHE SIZE ] #### ############################################################################ cache_mem 100 MB cache_swap_low 90 cache_swap_high 95 maximum_object_size 4096 KB minimum_object_size 0 KB maximum_object_size_in_memory 8 KB ipcache_size 4096 ipcache_low 24 ipcache_high 90 fqdncache_size 4096 memory_replacement_policy lru #### [ LOGFILE PATHNAMES AND CACHE DIRECTORIES ] #### ############################################################################ cache_dir ufs /usr/local/squid/var/cache 4000 16 256 cache_access_log /usr/local/squid/var/logs/access.log cache_log /usr/local/squid/var/logs/cache.log cache_store_log /usr/local/squid/var/logs/store.log #cache_swap_log /usr/local/squid/var/cache/swap.lo%1 emulate_httpd_log off log_ip_on_direct on mime_table /usr/local/squid/etc/mime.conf #log_mime_hdrs off #useragent_log /usr/local/squid/var/logs/agend.log #referer_log /usr/local/squid/var/logs/referer.log pid_filename /usr/local/squid/var/logs/squid.pid debug_options ALL,1 log_fqdn off client_netmask 255.255.255.255 #### [ OPTIONS FOR EXTERNAL SUPPORT PROGRAMS ] #### ############################################################################## #ftp_user lab.bangu@estacio.br #ftp_list_width 32 #ftp_passive on #ftp_sanitycheck on #cache_dns_program /usr/local/squid/libexec/dnsserver #dns_children 22 dns_retransmit_interval 5 seconds dns_timeout 3 minutes #dns_defnames on dns_nameservers 10.12.20.13 hosts_file /etc/hosts #diskd_program /usr/local/squid/libexec/diskd #unlinkd_program /usr/local/squid/libexec/unlinkd #pinger_program /usr/local/squid/libexec/pinger #redirect_program /usr/local/squid/etc/bannerfilter/redirector.pl #redirect_children 5 #redirect_rewrites_host_header on #redirector_access #auth_param digest program <uncomment and complete this line> #auth_param digest children 5 #auth_param digest realm Squid proxy-caching web server #auth_param digest nonce_garbage_interval 5 minutes #auth_param digest nonce_max_duration 30 minutes #auth_param digest nonce_max_count 50 #auth_param ntlm program <uncomment and complete this line to activate> #auth_param ntlm children 5 #auth_param ntlm max_challenge_reuses 0 #auth_param ntlm max_challenge_lifetime 2 minutes #auth_param basic program <uncomment and complete this line> #auth_param basic children 5 #auth_param basic realm Squid proxy-caching web server #auth_param basic credentialsttl 2 hours authenticate_cache_garbage_interval 1 hour authenticate_ttl 1 hour authenticate_ip_ttl 60 seconds #external_acl_type #### [ OPTIONS FOR TUNING THE CACHE ] #### ############################################################################# #wais_relay_host 10.12.20.3 #wais_relay_port 80 request_header_max_size 10 KB request_body_max_size 0 KB reply_body_max_size 0 allow all refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 50% 4320 #reference_age 1 quick_abort_min 0 KB quick_abort_max 10 MB quick_abort_pct 95 negative_ttl 30 seconds positive_dns_ttl 6 hours negative_dns_ttl 60 seconds range_offset_limit 0 KB #### [ TIMEOUTS ] #### ############################################################################# connect_timeout 2 minutes peer_connect_timeout 30 seconds #siteselect_timeout 4 seconds read_timeout 15 minutes request_timeout 120 seconds persistent_request_timeout 1 minute client_lifetime 1 hour half_closed_clients off pconn_timeout 120 seconds #ident_timeout 10 seconds shutdown_lifetime 30 seconds #### [ ACCESS CONTROLS ] #### ############################################################################ #acl password proxy_auth REQUIRED acl fileupload req_mime_type -i ^multipart/form-data$ acl javascript rep_mime_type -i ^application/x-javascript$ #acl bigblock url_regex -i "/usr/local/squid/etc/bigblock.txt" acl blockedsites url_regex -i "/usr/local/squid/etc/block.txt" acl blockblibli url_regex -i "/usr/local/squid/etc/blockbi.txt" acl unblockedsites url_regex -i "/usr/local/squid/etc/unblock.txt" acl unblocksites url_regex -i "/usr/local/squid/etc/unblocks.txt" acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 70 acl Safe_ports port 210 acl Safe_ports port 1025-65535 acl Safe_ports port 280 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl serv arp 00:01:03:BF:F1:FC 00:00:21:48:85:EC 00:01:02:62:13:FB acl lab1 arp 00:01:03:C0:09:80 00:01:02:CC:F4:21 00:A1:B0:00:05:37 00:01:02:CC:F3:01 00:01:02:CC:F2:08 00:01:03:C0:00:85 00:01:02:CC:F3:5E 00:01:03:BF:F7:11 00:01:03:BF:F8:15 00:01:02:CC:F2:6A 00:01:03:C0:06:26 00:01:03:BF:FB:9F 00:01:03:BF:FC:A5 00:01:02:CC:F3:7C 00:01:03:BF:35:BF 00:01:03:BF:2B:5F 00:01:03:BF:3A:B8 00:01:03:DF:E8:C3 00:01:03:BF:EE:08 00:01:03:E0:0C:46 00:01:02:CC:F3:82 00:01:03:C0:06:53 acl lab2 arp 00:40:A7:06:EB:79 00:40:A7:06:5D:75 00:40:A7:06:22:4C 00:40:A7:06:5C:C0 00:40:A7:06:5B:B8 00:40:A7:06:5E:49 00:40:A7:06:5D:6E 00:40:A7:06:46:62 00:40:A7:06:5B:E7 00:40:A7:06:39:06 00:40:A7:06:5D:76 00:40:A7:06:5B:CC 00:40:A7:06:46:47 00:40:A7:06:3E:46 00:40:A7:06:5C:DC 00:40:A7:06:11:F5 00:40:A7:06:3E:48 00:40:A7:06:5B:D0 00:40:A7:06:5D:71 00:40:A7:06:5F:70 acl lab3 arp 00:01:03:D1:E9:08 00:01:03:DF:DC:A7 00:01:03:DF:E7:BF 00:01:03:CF:88:79 00:50:FC:B6:A3:43 00:01:03:E0:16:2B 00:01:03:E0:16:0F 00:01:03:D7:0D:55 00:E0:4C:78:3C:37 00:01:03:E4:14:C9 00:01:03:E0:14:1D 00:01:03:CF:88:3C 00:01:03:DF:D6:BD 00:01:03:CF:8C:7F 00:01:03:DF:DD:2A 00:01:03:DF:E4:51 00:01:03:E0:16:27 00:E0:4C:78:40:B9 00:01:03:E0:13:A5 00:01:03:DC:35:DE acl lab4 arp 00:D0:09:46:8B:8A 00:50:FC:B6:9A:4A 00:E0:7D:B3:7A:43 00:C0:26:80:26:31 00:D0:09:44:51:1A 00:D0:09:48:83:44 00:D0:09:3F:72:91 00:D0:09:48:2D:24 00:D0:09:3F:72:6D 00:D0:09:48:3C:27 E2:20:03:00:FF:5E 00:D0:09:48:2D:30 00:D0:09:44:51:21 00:D0:09:44:4F:A8 00:D0:09:44:4D:F3 00:D0:09:44:51:20 00:D0:09:44:4D:F0 00:D0:09:48:88:19 00:D0:09:49:12:7F 00:D0:09:BF:24:B0 00:D0:09:BE:CF:2C 00:D0:B7:80:C7:84 acl biblioteca arp 00:D0:09:64:3B:38 00:D0:09:66:96:DD 00:00:21:CD:0C:86 acl lab11 time T 19:00-21:00 acl lab12 time MH 21:10-23:10 acl lab21 time F 19:00-21:00 acl lab22 time MTF 21:10-23:10 acl lab31 time MF 19:00-21:00 acl lab32 time MTW 21:00-23:10 acl lab41 time M 19:00-21:00 acl lab42 time A 05:00-22:00 acl allhora time MTWHFA 07:00-23:00 acl compblock arp 00:00:00:00:00:00 acl tempo1 time MTWHF 19:00-21:00 acl tempo2 time MTWHF 21:10-23:00 acl sabado time A 7:00-23:00 http_access deny !Safe_ports !SSL_ports #http_access deny bigblock http_access deny blockedsites http_access allow unblockedsites http_access allow lab1 allhora !lab11 !compblock http_access allow lab2 allhora !lab21 !compblock http_access allow lab3 allhora !compblock http_access allow lab4 allhora !compblock http_access allow serv http_access allow biblioteca !blockblibli http_access allow localhost http_access allow javascript http_access allow fileupload http_access deny all #http_reply_access allow all #icp_access deny all #miss_access allow all #cache_peer_access 10.12.20.3 allow all #ident_lookup_access allow all #### [ AUTH_PARAM ] #### ########################################################################### #auth_param basic program /path/do/programa /path/do/arquiv/senhas #auth_param basic children 88 #auth_param basic realm texto de login #auth_param basic credentialsttl 1 hour #### [ ADMINISTRATIVE PARAMETERS ] #### ############################################################################### cache_mgr lab.bangu@estacio.br cache_effective_user nobody cache_effective_group nogroup visible_hostname servbangu02 #hostname_aliases #### [ OPTIONS FOR THE CACHE REGISTRATION SERVICE ] #### ############################################################################### #announce_period 0 #announce_period 1 day #announce_host tracker.ircache.net #announce_port 3131 #### [ HTTPD-ACCELERATOR OPTIONS ] #### ############################################################################# httpd_accel_host 10.12.20.3 httpd_accel_port 80 httpd_accel_single_host off httpd_accel_with_proxy on httpd_accel_uses_host_header off #### [ MISCELLANEOUS ] #### ############################################################################## dns_testnames 10.12.20.13 logfile_rotate 10 #append_domain .estacioacad.rj.br tcp_recv_bufsize 1024 bytes #deny_info #memory_pools_limit 24 icp_hit_stale off #minimum_direct_hops 8 #minimum_direct_rtt 400 #cachemgr_passwd secret shutdown store_avg_object_size 13 KB store_objects_per_bucket 20 #netdb_low 900 #netdb_high 1000 #netdb_ping_period 5 minutes #query_icmp off test_reachability off buffered_logs off #reload_into_ims off #always_direct #never_direct #header_access #header_replace icon_directory /usr/local/squid/share/icons error_directory /usr/local/squid/share/errors/Portuguese minimum_retry_timeout 5 seconds maximum_single_addr_tries 3 #snmp_port 3401 #snmp_access deny all #snmp_incoming_address 0.0.0.0 #snmp_outgoing_address 255.255.255.255 #as_whois_server 10.12.20.40 #wccp_router 0.0.0.0 #wccp_version 4 #wccp_incoming_address 0.0.0.0 #wccp_outgoing_address 255.255.255.255 #### [ DELAY POOL PARAMETERS (all require DELAY_POOLS compilation option) ] #### ################################################################################ delay_pools 4 delay_class 1 3 delay_class 2 3 delay_class 3 3 delay_class 4 3 delay_parameters 1 256000/256000 1250000/1250000 256000/256000 delay_parameters 2 256000/256000 1250000/1250000 256000/256000 delay_parameters 3 256000/256000 1250000/1250000 256000/256000 delay_parameters 4 256000/256000 1250000/1250000 256000/256000 delay_access 1 allow lab1 delay_access 2 allow lab2 delay_access 3 allow lab3 delay_access 4 allow lab4 incoming_http_average 4 incoming_dns_average 4 min_icp_poll_cnt 8 min_dns_poll_cnt 8 min_http_poll_cnt 8 max_open_disk_fds 0 offline_mode off uri_whitespace strip #broken_posts allow buggy_server #mcast_miss_addr 255.255.255.255 #mcast_miss_ttl 16 #mcast_miss_port 3135 #mcast_miss_encode_key XXXXXXXXXXXXXXXX nonhierarchical_direct off prefer_direct off strip_query_terms on coredump_dir /usr/local/squid/var/cache redirector_bypass off ignore_unknown_nameservers on digest_generation on digest_bits_per_entry 5 digest_rebuild_period 1 hour digest_rewrite_period 1 hour digest_swapout_chunk_size 4096 bytes digest_rebuild_chunk_percentage 10 #chroot disable client_persistent_connections on server_persistent_connections on pipeline_prefetch on #extension_methods request_entities off high_response_time_warning 1 hour high_page_fault_warning 5 minutes high_memory_warning 99 MB store_dir_select_algorithm least-load #forward_log ie_refresh off vary_ignore_expire off sleep_after_fork 0
Compartilhando a tela do Computador no Celular via Deskreen
Como Configurar um Túnel SSH Reverso para Acessar Sua Máquina Local a Partir de uma Máquina Remota
Configuração para desligamento automatizado de Computadores em um Ambiente Comercial
Efeito "livro" em arquivos PDF
Como resolver o erro no CUPS: Unable to get list of printer drivers
Flatpak: remover runtimes não usados e pacotes
Mudar o gerenciador de login (GDM para SDDM e vice-versa) - parte 2
Estou com sede em aprender sobre o nosso querido Linux. (1)
big linux sem audio como resolver (2)
Como faz para dar um update-grub por shell script [RESOLVIDO] (3)
[Python] Automação de scan de vulnerabilidades
[Python] Script para analise de superficie de ataque
[Shell Script] Novo script para redimensionar, rotacionar, converter e espelhar arquivos de imagem
[Shell Script] Iniciador de DOOM (DSDA-DOOM, Doom Retro ou Woof!)
[Shell Script] Script para adicionar bordas às imagens de uma pasta