RE: [squid-users] squid tuning & ACL use

From: Andrew Kenna <andrewk@dont-contact.us>
Date: Wed, 15 Aug 2001 16:21:55 +1000

Is this proxy server live on the net ?

If so you might like to put some restrictions on what ip addresses can use
the proxy by using acl's

Andrew

-----Original Message-----
From: chami [mailto:chami@cmb.ac.lk]
Sent: Wednesday, August 15, 2001 4:49 PM
To: squid-users@squid-cache.org
Subject: [squid-users] squid tuning & ACL use

Hi

I configured squid on BSDi 4.1 and working in a not efficient way. When
my clients connect to my squid proxy it is too slow
but when clients connect to my Parent directly it is working fine. For
your convenient I'll attach my squid.conf file.

And I also want to use ACL in squid.conf, how can I grant access to
192.2.1.0 network using ACL I'm bit confusing with net
mask.

If any one can help me to over come this problem it will be grate.

thanks

chami

Squid.conf

http_port 3128
cache_peer 192.2.1.6 parent 3128 3130
cache_peer_domain 192.2.1.6
cache_mem 8 MB
cache_swap_high 100
maximum_object_size 4096 KB
cache_dir ufs /var/squid/cache 1000 16 256
cache_access_log /var/squid/logs/access.log
reference_age 3 week

acl all src 0.0.0.0/0.0.0.0
acl bsdi domain .xxx.xx.xx
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl ftp port 21
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager !bsdi
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
http_access allow all
Received on Wed Aug 15 2001 - 00:35:30 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:38 MST