[SQU] Forgot the squid.conf didnt I?

From: <Adam.Shields@dont-contact.us>
Date: Fri, 23 Feb 2001 14:27:19 -0500

Additional information, the server is behind a firewall that is only
allowing traffic from certain IP's, this being one of them, standard http
ports are allowing xfer, we currently have MS Proxy2.0 on the network and
it's too flaky, I know people can get squid working, just have to see if I
can :)

http_port 3128
icp_port 3130
# htcp_port 4827

# TAG: mcast_groups
#Default:
# none
tcp_outgoing_address 0.0.0.0
udp_incoming_address 10.7.0.0
udp_outgoing_address 255.255.255.255

# NOTE: non-ICP neighbors must be specified as 'parent'.
#
#Default:
# none

# TAG: cache_peer_domain
#Default:
# none

# TAG: neighbor_type_domain
#Default:
# none

# TAG: icp_query_timeout (msec)
#Default:
# icp_query_timeout 0

# TAG: maximum_icp_query_timeout (msec)
#Default:
# maximum_icp_query_timeout 2000

# TAG: mcast_icp_query_timeout (msec)
#Default:
# mcast_icp_query_timeout 2000

# TAG: dead_peer_timeout (seconds)
#Default:
# dead_peer_timeout 10 seconds

# TAG: hierarchy_stoplist
#We recommend you to use at least the following line.
hierarchy_stoplist cgi-bin ?

# TAG: no_cache
#We recommend you to use the following two lines.
#acl QUERY urlpath_regex cgi-bin \?
#no_cache deny QUERY

#Default:
cache_mem 8 MB

# TAG: cache_swap_low (percent, 0-100)
# TAG: cache_swap_high (percent, 0-100)
#Default:
cache_swap_low 90
cache_swap_high 95

# TAG: maximum_object_size (bytes)
#Default:
maximum_object_size 4096 KB

# TAG: minimum_object_size (bytes)
#Default:
minimum_object_size 0 KB

#Default:
ipcache_size 1024
ipcache_low 90
ipcache_high 95

#Default:
fqdncache_size 1024

# TAG: cache_replacement_policy
#Default:
cache_replacement_policy lru

# TAG: memory_replacement_policy
#Default:
memory_replacement_policy lru

# LOGFILE PATHNAMES AND CACHE DIRECTORIES

#Default:
#cache_dir ufs -1 /usr/local/squid/cache 100 16 256
#cache_dir null -1 1000

# TAG: cache_access_log
# Logs the client request activity. Contains an entry for
# every HTTP and ICP queries received.
#
#Default:
cache_access_log /usr/local/squid/logs/access.log

# TAG: cache_log
# Cache logging file. This is where general information about
# your cache's behavior goes. You can increase the amount of data
# logged to this file with the "debug_options" tag below.
#
#Default:
cache_log /usr/local/squid/logs/cache.log
cache_store_log /usr/local/squid/logs/store.log

# TAG: cache_swap_log
#Default:
# none

emulate_httpd_log off
log_ip_on_direct on
mime_table /usr/local/squid/etc/mime.conf
log_mime_hdrs off

# TAG: useragent_log
# none

# TAG: referer_log
# none

pid_filename /usr/local/squid/logs/squid.pid

# TAG: debug_options
#Default:
debug_options ALL,1

# TAG: log_fqdn on|off
log_fqdn off

# TAG: client_netmask Our network is funny.
client_netmask 255.255.252.0

#Default:
# ftp_user Squid@
#Default:
# ftp_list_width 32
#Default:
# ftp_passive on
#Default:
# cache_dns_program /usr/local/squid/bin/
#Default:
# dns_children 5
#Default:
# dns_retransmit_interval 5 seconds
#Default:
# dns_timeout 5 minutes
#Default:
# dns_defnames off
# TAG: dns_nameservers
#Default:
# none
#Default:
# unlinkd_program /usr/local/squid/bin/unlinkd
#Default:
# pinger_program /usr/local/squid/bin/
# TAG: redirect_program
#Default:
# none
#Default:
# redirect_children 5

# TAG: redirect_rewrites_host_header
# By default Squid rewrites any Host: header in redirected
# requests. If you are running a accelerator then this may
# not be a wanted effect of a redirector.
#
#Default:
# redirect_rewrites_host_header on

# TAG: redirector_access
# If defined, this access list specifies which requests are
# sent to the redirector processes. By default all requests
# are sent.
#
#Default:
# none

# TAG: authenticate_program
# Specify the command for the external authenticator. Such a
# program reads a line containing "username password" and replies
# "OK" or "ERR" in an endless loop. If you use an authenticator,
# make sure you have 1 acl of type proxy_auth. By default, the
# authenticator_program is not used.
#
# If you want to use the traditional proxy authentication,
# jump over to the ../auth_modules/NCSA directory and
# type:
# % make
# % make install
#
# Then, set this line to something like
#
# authenticate_program /usr/local/squid/bin/ncsa_auth
/usr/local/squid/etc/passwd
#
#Default:
# none
#Default:
# authenticate_children 5
#Default:
# authenticate_ttl 1 hour
#Default:
# authenticate_ip_ttl 0 seconds
#Default:
# authenticate_ip_ttl_is_strict on
#Default:
# wais_relay_port 0
#Default:
# request_header_max_size 10 KB
#Default:
# request_body_max_size 1 MB
#Default:
# reply_body_max_size 0
#Default:
# refresh_pattern ^ftp: 1440 20% 10080
# refresh_pattern ^gopher: 1440 0% 1440
# refresh_pattern . 0 20% 4320
#Default:
# reference_age 1 year
#Default:
# quick_abort_min 16 KB
# quick_abort_max 16 KB
# quick_abort_pct 95
#Default:
# negative_ttl 5 minutes
#Default:
# positive_dns_ttl 6 hours
#Default:
# negative_dns_ttl 5 minutes
#Default:
# range_offset_limit 0 KB
#Default:
# connect_timeout 2 minutes
#Default:
# peer_connect_timeout 30 seconds
#Default:
# siteselect_timeout 4 seconds
#Default:
# read_timeout 15 minutes

# TAG: request_timeout
# How long to wait for an HTTP request after connection
# establishment. For persistent connections, wait this long
# after the previous request completes.
#
#Default:
# request_timeout 30 seconds
#Default:
# client_lifetime 1 day
#Default:
# half_closed_clients on
#Default:
# pconn_timeout 120 seconds
#Default:
# ident_timeout 10 seconds
#Default:
# shutdown_lifetime 30 seconds

#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
#acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl all src 0/0

#Default:
http_access allow all
#http_access allow manager localhost
#http_access deny manager
#http_access deny !Safe_ports
#http_access deny CONNECT !SSL_ports
http_access deny all

#Default:
# icp_access deny all
icp_access allow all

#Default setting:
# miss_access allow all

# TAG: cache_peer_access
#Default:
# none

# Default:
#proxy_auth_realm Squid proxy-caching web server

#Default:
# ident_lookup_access deny all

#Default:
# cache_mgr webmaster

#Default:
cache_effective_user nobody
cache_effective_group root

# TAG: visible_hostname
#Default:
# none

# TAG: unique_hostname
#Default:
# none

# TAG: hostname_aliases
#Default:
# none

#Default:
# announce_period 0

#Default:
# announce_host tracker.ircache.net
# announce_port 3131

#Default:
httpd_accel_port 80

#Default:
httpd_accel_single_host on

#Default:
httpd_accel_with_proxy off

#Default:
httpd_accel_uses_host_header off

#Default:
dns_testnames netscape.com internic.net nlanr.net microsoft.com

#Default:
# logfile_rotate 10

# Tag: append_domain
#Default:
# none

#Default:
tcp_recv_bufsize 1024 bytes

# TAG: err_html_text
#Default:
# none

# TAG: deny_info
#Default:
# none

#Default:
# memory_pools on

# TAG: memory_pools_limit (bytes)
#Default:
# none

# TAG: forwarded_for on|off
#Default:
# forwarded_for on

# TAG: log_icp_queries on|off
#Default:
# log_icp_queries on

# TAG: icp_hit_stale on|off
#Default:
# icp_hit_stale off

# TAG: minimum_direct_hops
#Default:
# minimum_direct_hops 4

#Default:
# store_avg_object_size 13 KB

#Default:
# store_objects_per_bucket 20

#Default:
# client_db on

#Default:
# netdb_low 900
# netdb_high 1000

#Default:
# netdb_ping_period 5 minutes

#Default:
# query_icmp off

#Default:
# test_reachability off

#Default:
# buffered_logs off

#Default:
# reload_into_ims off

# TAG: always_direct
#Default:
# none

# TAG: never_direct
#Default:
# none

# TAG: anonymize_headers
#Default:
# none

# TAG: fake_user_agent
#Default:
# none

#Default:
# icon_directory /usr/local/squid/etc/icons

#Default:
# error_directory /usr/local/squid/etc/errors

#Default:
# minimum_retry_timeout 5 seconds

#Default:
# maximum_single_addr_tries 3

#Default:
# snmp_port 3401

#Default:
# snmp_access deny all

#Default:
# snmp_incoming_address 0.0.0.0
# snmp_outgoing_address 255.255.255.255

#Default:
# as_whois_server whois.ra.net
# as_whois_server whois.ra.net

#Default:
# wccp_router 0.0.0.0

#Default:
# wccp_version 4

#Default:
# wccp_incoming_address 0.0.0.0
# wccp_outgoing_address 255.255.255.255

#Default:
# delay_pools 0

# TAG: delay_class
#Default:
# none

# TAG: delay_access
#Default:
# none

# TAG: delay_parameters
#Default:
# none

#Default:
# delay_initial_bucket_level 50

#Default:
# incoming_icp_average 6
# incoming_http_average 4
# min_icp_poll_cnt 8
# min_http_poll_cnt 8

#Default:
# max_open_disk_fds 0

#Default:
# offline_mode off

#Default:
# uri_whitespace strip

# TAG: broken_posts
#Default:
# none

#Default:
# mcast_miss_addr 255.255.255.255

#Default:
# mcast_miss_ttl 16

#Default:
# mcast_miss_port 3135
#Default:
# mcast_miss_encode_key XXXXXXXXXXXXXXXX
#Default:
# nonhierarchical_direct on

#Default:
# prefer_direct off

#Default:
# strip_query_terms on

# TAG: coredump_dir
#Default:
# none

#Default:
# redirector_bypass off

#Default:
# ignore_unknown_nameservers on

#Default:
# digest_generation on

#Default:
# digest_bits_per_entry 5
#Default:
# digest_rebuild_period 1 hour
#Default:
# digest_rewrite_period 1 hour

#Default:
# digest_swapout_chunk_size 4096 bytes

#Default:
# digest_rebuild_chunk_percentage 10

# TAG: chroot
#Default:
# none

#Default:
# client_persistent_connections on
# server_persistent_connections on

# TAG: extension_methods
#Default:
# none

#Default:
# high_response_time_warning 0

#Default:
# high_page_fault_warning 0

#Default:
# high_memory_warning 0

#Default:
# store_dir_select_algorithm least-load

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Fri Feb 23 2001 - 12:30:16 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:10 MST