|
Squid Proxy Server Configuration in debianIntroductionSquid is a proxy server. It separates the internal network from the Internet for HTTP and FTP access. This way no user can access the Internet directly.
The official web site is not www.squid.org as may be expected, but http://www.squid-cache.org. Squid Installation#apt-get install squid
Configuration The squid configuration can be found in /etc/squid/squid.conf
Configuration Sections Explained Below Generalhttp_port 3128
icp_port 3130
htcp_port 4827
cache_mem 16 MB
refresh_pattern . 0 20% 8640
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
# snews 563
# gopher 70
# wais 210
acl www_ports 80 443
acl ftp_ports 21
acl localhost src 127.0.0.1/32
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl CONNECT method CONNECT
acl PURGE method PURGE
http_access allow manager localhost
http_access deny manager
http_access allow PURGE localhost
http_access deny PURGE
Specials acl executables url_regex [.]exe$
http_access deny executables
authenticate_program /usr/lib/squid/smb_auth -W DOMEIN -U SERVER
acl network proxy_auth REQUIRED
http_access allow users network
cache_peer proxy1.test.net parent 3128 7 no-query default
HTTPacl wwwusers src 192.168.2.0/24
http_access allow wwwusers www_ports
FTPftp_user [email protected]
ftp_passive off
acl ftpusers src 192.168.2.0/24
http_access allow ftpusers ftp_ports
Deny allnever_direct allow all
always_direct deny all
http_access deny all
icp_access allow all
miss_access allow all Reference links http://learnlinux.tsf.org.za/courses/build/electives/ch03s03.html http://www.debian-administration.org/articles/71
|
|