Marcello Romani ha scritto:
[snip]
Here's my squid.conf:
http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
cache_mem 128 MB
maximum_object_size_in_memory 128 KB
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
cache_dir ufs /var/cache/squid 1500 16 256
access_log /var/log/squid/access.log squid
ftp_user proxy@ottotecnica.com
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 8443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
http_access allow localhost
acl malicious_domains dstdomain .vcodecget.net .vcodecpull.com
.imrworldwide.com .skymasters.biz .redfunny.com .archiviosex.net
.msads.net .workzip.it .videopornazzi.com .storage-tasp.com .antix.it
.pornovideo-gratis.biz .affiliazione1.com .gromozon.com
.trafficredlight.net .hostance.net .hit.gemius.pl .iberporno.com
.videosz.com .pro-advertising.com advideo.altervista.org www.advshop.it
searchingwww.net .isuckall.com .tradedoubler.com .abetterinternet.com
.bestoffersnetworks.com .trafficgeneration.biz .finestresults.com
.coremetrics.com .itrack.it idkqzshcjxr.com 123swiss.com swissgreat.net
.dvdaccess.net
acl adv_domains_re dstdom_regex
(banners?\.|\bad[vs]?\.|ad[vs]-banner\.|adimg\.|adserver\.|adfarm.|ad-catgeo\.|\.swf.*clickTAG)
acl adv_domains dstdomain .doubleclick.net .serving-sys.com
img-catgeo.paginegialle.it .atdmt.com servedby.advertising.com
ad1.neodatagroup.com ad-it.tiscali.it adv-banner.libero.it ads.sfondo.it
.adbrite.com .fastclick.net .mediaplex.com media.intelia.it
.tekno4advertising.com
acl adv_urls url_regex
(\/banner\w*\.swf|\/ads[^k]|[a-z]\.tribalfusion\.(net|com))
http_access deny malicious_domains
http_access deny adv_domains_re
http_access deny adv_domains
http_access deny adv_urls
acl work_morning time MTWHF 08:00-12:00
acl work_afternoon time MTWHF 13:30-17:30
acl montaggio_acl src montaggio.dominio.ottotecnica.it
http_access deny montaggio_acl work_morning
http_access deny montaggio_acl work_afternoon
acl our_networks src 192.9.200.0/24
http_access allow our_networks
http_access deny all
http_reply_access allow all
icp_access allow all
cache_mgr ced@ottotecnica.com
mail_from ced@ottotecnica.com
visible_hostname serverlinux
append_domain .dominio.ottotecnica.it
deny_info err_malicious_domain.html malicious_domains
deny_info err_no_ads_here.html adv_domains
deny_info err_no_ads_here.html adv_domains_re
deny_info err_no_ads_here.html adv_urls
forwarded_for off
error_directory /etc/squid/errors
coredump_dir /var/cache/squid
Thanks
-- Marcello Romani Responsabile IT Ottotecnica s.r.l. http://www.ottotecnica.comReceived on Wed Dec 13 2006 - 02:17:43 MST
This archive was generated by hypermail pre-2.1.9 : Mon Jan 01 2007 - 12:00:01 MST