[squid-users] About my squid.conf

From: Anderson dos Santos Donda <andersondonda@dont-contact.us>
Date: Wed, 13 Feb 2008 09:32:20 -0300

Here in my simple server, the squid works fine, but after post a
message about radio, Amos sad:

" Squid is actually an
interceptor, not fully transparent. When they go down clients can expect
'Unable to Connect' errors. "

And, this is true. When my squid go down, my clients can't be surf
because squid is not working.

I don't have anotherr server, and I don't need too.

I need only control the navegation of my clients on the internet.

So, if possible, I want if anyone can see my squid.conf and tell me if
it is good or need improvement.

Thanks for all.

 My squid.conf:

  http_port 10.0.0.250:3128 transparent

  icp_port 0

  cache_mem 128 MB
  cache_swap_low 90
  cache_swap_high 95
  cache_dir ufs /usr/local/squid/var/cache 1024 16 256
  cache_access_log /usr/local/squid/var/logs/access.log
  cache_log /usr/local/squid/var/logs/cache.log
  cache_store_log none
  maximum_object_size_in_memory 1 MB
  maximum_object_size 100 MB
  minimum_object_size 0 MB

  pid_filename /usr/local/squid/var/logs/squid.pid

  visible_hostname squid.provider.com.br

  cache_effective_user squidaemon
  cache_effective_group squid

  acl autologinDSA dst 10.0.0.250/32

  acl diretor src 10.0.0.55/32
  acl recepcao src 10.0.0.57/32
  acl financeiro src 10.0.0.56/32
  acl suporte src 10.0.0.248/32
  acl suporte2 src 10.0.0.13/32

  acl vip1 src 10.0.1.0/28
  acl vip2 src 10.0.2.0/28
  acl vip3 src 10.0.3.0/28
  acl vip4 src 10.0.4.0/28

  acl forbidden_words url_regex -i "/usr/local/squid/etc/forbidden_words"
  acl forbidden_down url_regex -i "/usr/local/squid/etc/forbidden_down"

 external_acl_type checkip children=40 % SRC
/usr/local/mwsystem/squid/sbin/checkv2.sh

 acl checkblock external checkip

  acl all src 0.0.0.0/0.0.0.0
  acl localnet src 10.0.0.0/16
  acl localhost src 127.0.0.0/32
  acl method_control proto cache_object

  http_access allow method_control localhost
  http_access deny method_control

  http_access allow autologinDSa

  http_access deny checkblock !autologinDSA

  http_access allow diretor
  http_access allow diretor forbidden_down

  http_access allow recepcao autologinDSA
  http_access allow recepcao

  http_access deny financeiro

  http_access allow suporte
  http_access allow suporte2

  http_access deny forbidden_words
  http_access deny forbidden_down

  http_access allow vip1
  http_access allow vip2
  http_access allow vip3
  http_access allow vip4

  http_access deny localnet !autologinDSA
  http_access deny all
  http_access deny localnet
Received on Wed Feb 13 2008 - 05:32:22 MST

This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:05 MST