Last active
October 26, 2019 04:39
-
-
Save akiraaisha/22b81c2e212eaf2ecd049e7c8caab893 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN) | |
acl localnet src 10.0.0.0/8 # RFC 1918 local private network (LAN) | |
acl localnet src 100.64.0.0/10 # RFC 6598 shared address space (CGN) | |
acl localnet src 169.254.0.0/16 # RFC 3927 link-local (directly plugged) machines | |
acl localnet src 172.16.0.0/12 # RFC 1918 local private network (LAN) | |
acl localnet src 192.168.0.0/16 # RFC 1918 local private network (LAN) | |
acl localnet src fc00::/7 # RFC 4193 local private network range | |
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines | |
#acl localnet src 167.179.64.0/18 | |
acl localnet src 112.205.160.0/19 | |
acl SSL_ports port 443 | |
acl Safe_ports port 80 # http | |
acl Safe_ports port 21 # ftp | |
acl Safe_ports port 443 # https | |
acl Safe_ports port 70 # gopher | |
acl Safe_ports port 210 # wais | |
acl Safe_ports port 1025-65535 # unregistered ports | |
acl Safe_ports port 280 # http-mgmt | |
acl Safe_ports port 488 # gss-http | |
acl Safe_ports port 591 # filemaker | |
acl Safe_ports port 777 # multiling http | |
acl CONNECT method CONNECT | |
include /etc/squid/conf.d/* | |
http_access allow manager localhost | |
http_access deny manager | |
http_access deny !Safe_ports | |
http_access deny CONNECT !SSL_ports | |
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords | |
auth_param basic children 5 | |
auth_param basic realm Julian's Proxy Server Authentication | |
auth_param basic credentialsttl 6 hours | |
acl auth_users proxy_auth REQUIRED | |
http_access allow auth_users | |
http_reply_access allow all | |
http_access allow all | |
icp_access allow all | |
always_direct allow all | |
http_port 8080 | |
coredump_dir /var/spool/squid | |
refresh_pattern ^ftp: 1440 20% 10080 | |
refresh_pattern ^gopher: 1440 0% 1440 | |
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 | |
refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims | |
refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims | |
refresh_pattern \/InRelease$ 0 0% 0 refresh-ims | |
refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims | |
refresh_pattern . 0 20% 4320 | |
dns_nameservers 1.1.1.1 1.0.0.1 | |
dns_v4_first on | |
cache deny all | |
tcp_outgoing_address 167.179.117.163 | |
via off | |
forwarded_for off | |
follow_x_forwarded_for deny all | |
request_header_access Allow allow all | |
request_header_access Authorization allow all | |
request_header_access WWW-Authenticate allow all | |
request_header_access Proxy-Authorization allow all | |
request_header_access Proxy-Authenticate allow all | |
request_header_access Cache-Control allow all | |
request_header_access Content-Encoding allow all | |
request_header_access Content-Length allow all | |
request_header_access Content-Type allow all | |
request_header_access Date allow all | |
request_header_access Expires allow all | |
request_header_access Host allow all | |
request_header_access If-Modified-Since allow all | |
request_header_access Last-Modified allow all | |
request_header_access Location allow all | |
request_header_access Pragma allow all | |
request_header_access Accept allow all | |
request_header_access Accept-Charset allow all | |
request_header_access Accept-Encoding allow all | |
request_header_access Accept-Language allow all | |
request_header_access Content-Language allow all | |
request_header_access Mime-Version allow all | |
request_header_access Retry-After allow all | |
request_header_access Title allow all | |
request_header_access Connection allow all | |
request_header_access Proxy-Connection allow all | |
request_header_access User-Agent allow all | |
request_header_access Cookie allow all | |
request_header_access All deny all | |
request_header_access From deny all | |
request_header_access Referer deny all | |
request_header_access User-Agent deny all |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment