Urg, thats like standing front of the class for everyone to stare!
here you go :
cache_effective_user squid
url_rewrite_program /usr/sbin/ufdbgclient -l /var/ufdbguard/logs
url_rewrite_children 64
acl localnet src <subnet>
acl eu-edge-IP src <subnet>
acl eu-buscon-edge-IP src <subnet>
acl eu-inet-dmz src <subnet>
acl na-subnet src <subnet>
acl na-inet-dmz src <subnet>
acl na-buscon-edge-IP src <subnet>
acl st-buscon-vpc src <subnet>
acl eu-mfmgt src <subnet>
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
hosts_file /etc/hosts
dns_nameservers <server> <server> <server>
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl infrastructure src
http_access allow localhost manager
http_access allow infrastructure manager
http_access deny manager
acl mo-whitelist dstdomain "/etc/squid/mo-whitelist"
http_access allow mo-whitelist
acl mo-blockedsites dstdomain "/etc/squid/mo-blockedsites"
deny_info http://<url>restricted_content_blockedsites.html mo-blockedsites
http_access deny mo-blockedsites
acl mo-blockedkeywords urlpath_regex "/etc/squid/mo-blockedkeywords"
deny_info http://<url>restricted_content_keywords.html mo-blockedkeywords
http_access deny mo-blockedkeywords
acl mo-nocache dstdomain "/etc/squid/mo-nocache"
no_cache deny mo-nocache
acl mo-blockedIP src "/etc/squid/mo-blockedIP"
acl mo-allowURLs dstdomain src "/etc/squid/mo-allowURLs"
http_access allow mo-blockedIP mo-allowURLs
http_access deny mo-blockedIP
deny_info http://<url>restricted_content_blockedip.html mo-blockedIP
acl mo-allowNYIP src "/etc/squid/mo-allowNYIP"
http_access allow mo-allowNYIP
http_access allow na-subnet mo-allowURLs
http_access deny na-subnet
deny_info http://<url>restricted_content_subnet.html na-subnet
http_access allow localnet
http_access deny st-buscon-vpc
http_access allow eu-edge-IP
http_access allow eu-inet-dmz
http_access allow eu-buscon-edge-IP
http_access allow na-inet-dmz
http_access allow na-buscon-edge-IP
http_access allow eu-mfmgt
acl ftp proto FTP
always_direct allow ftp
acl purge method PURGE
http_access allow purge localhost
http_access deny purge
http_access allow localhost
http_access deny all
http_port 8080
cache_dir aufs /squid-cache 39322 16 256
cache_replacement_policy heap LFUDA
cache_swap_low 96
cache_swap_high 98
cache_mem 256 MB
maximum_object_size 64 KB
maximum_object_size_in_memory 20 KB
quick_abort_min 0 KB
quick_abort_max 0 KB
memory_pools off
client_db off
half_closed_clients off
buffered_logs on
logfile_rotate 21
coredump_dir /squid-cache
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200
override-expire ignore-no-store ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|swf|flv|x-flv)$ 43200
90% 432000 override-expire ignore-no-store ignore-private
refresh_pattern -i
\.(deb|rpm|exe|zip|tar|tgz|ram|rar|bin|ppt|pptx|doc|docx|tiff)$ 10080
90% 43200 override-expire ignore-no-store ignore-private
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
ftp_user ftpuser@<domain>.com
ftp_passive off
ftp_sanitycheck off
ftp_epsv off
ftp_eprt off
On 15 August 2014 11:24, Eliezer Croitoru <eliezer_at_ngtech.co.il> wrote:
> On 08/15/2014 11:50 AM, Rafael Akchurin wrote:
>>
>> Hello Paul,
>>
>> I presume you are using SSL bump?
>>
>> Raf.
>
> squid.conf is our friend, care to share it Paul?
>
> In any case it seems like the service is unavailable to the proxy settings.
>
> Eliezer
>
>
Received on Fri Aug 15 2014 - 11:22:37 MDT
This archive was generated by hypermail 2.2.0 : Sun Aug 17 2014 - 12:00:06 MDT