Saturday, December 21, 2013
SQUID example
example SQUID
# WELCOME TO SQUID 2.7.STABLE3
# ----------------------------
acl hanyabuka url_regex "/etc/squid/hanyabuka"
acl bloksemua dst 0.0.0.0/0.0.0.0
acl bukamanager src "/etc/squid/bukamanager"
acl bukastaff src "/etc/squid/bukastaff"
acl blokport port 999
acl jamkerja time SMTWHFA 07:00-12:00 13:30-18:00
acl blokflash rep_mime_type video/flv video/x-flv
acl blokflash rep_mime_type ^video/x-flv
acl blokflash rep_mime_type ^video/x-ms-asf
acl blokflash rep_mime_type -i ^video/
acl blokflash rep_mime_type -i ^video\/
acl blokflash rep_mime_type ^video/mpeg4
acl blokflash rep_mime_type application/x-shockwave-flash
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 192.168.0.0/24 # RFC1918 possible internal network
acl localnet src 10.0.10.0/24
acl localnet src 172.20.10.0/24
acl bukaport port 21
acl bukaport port 22
acl bukaport port 25
acl bukaport port 53
acl bukaport port 80
acl bukaport port 110
acl bukaport port 143
acl bukaport port 389
#acl bukaport port 443
acl bukaport port 465
acl bukaport port 993
acl bukaport port 995
acl bukaport port 1521
acl bukaport port 3128
acl bukaport port 7025
acl purge method PURGE
acl CONNECT method CONNECT
acl blokip dst "/etc/squid/blokip"
acl blokfile urlpath_regex "/etc/squid/blokfile"
acl blokurl dstdomain "/etc/squid/blokurl"
acl blokurl_schedule dstdomain "/etc/squid/blokurl_schedule"
acl blokkeyword url_regex -i "/etc/squid/blokkeyword"
acl blokkeyword_schedule url_regex -i "/etc/squid/blokkeyword_schedule"
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
#http_access deny !Safe_ports
#http_access deny CONNECT blokhttps
http_access deny CONNECT !bukaport
##http_access deny CONNECT
#http_access deny CONNECT blokurl jaringan jamkerja
http_access deny !bukaport
##http_access deny
http_access allow hanyabuka jamkerja
http_access deny bloksemua jamkerja !bukamanager
http_access deny blokport jamkerja
####http_access deny blokport
http_access deny blokflash jamkerja
http_access deny blokip !bukamanager
http_access deny blokfile !bukamanager
http_access deny blokurl !bukamanager
http_access deny blokkeyword !bukamanager
http_access deny blokurl_schedule jamkerja !bukamanager
http_access deny blokkeyword_schedule jamkerja !bukamanager
####http_access allow jaringan !blokhttps
##http_access allow jaringan
http_access allow bukamanager
http_access allow bukastaff
http_access allow localhost
http_reply_access allow all
http_reply_access deny blokflash !bukamanager
icp_access allow localnet
icp_access deny all
http_port 3128 transparent
#We recommend you to use at least the following line.
hierarchy_stoplist cgi-bin ?
cache_dir ufs /var/spool/squid 500 16 256
access_log /var/log/squid/access.log
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
extension_methods REPORT MERGE MKACTIVITY CHECKOUT
cache_mgr webmaster@your_email.com
visible_hostname www.your_website.com
hosts_file /etc/hosts
coredump_dir /var/spool/squid
no_cache deny all
Subscribe to:
Post Comments (Atom)
Loading...
No comments:
Post a Comment