文档详情

2squid配置文件.pdf

发布:2018-01-27约5.85千字共4页下载文档
文本预览下载声明
2.squid配置文件 # 目前防火墙配置 (80 基本网页;30061 新邮件端口;5000 case端口;) # ptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 3128 # ptables -t nat -A PREROUTING -p tcp --dport 30061 -j REDIRECT --to-ports 3128 # ptables -t nat -A PREROUTING -p tcp --dport 5000 -j REDIRECT --to-ports 3128 # Example rule allow ng access from your local networks. # Adapt to l st your ( nternal) IP networks from where brows ng # should be allowed acl localnet src /8 # RFC1918 poss ble nternal network acl localnet src /12 # RFC1918 poss ble nternal network acl localnet src /16 # RFC1918 poss ble nternal network acl localnet src fc00::/7 # RFC 4193 local pr vate network range acl localnet src fe80::/10 # RFC 4291 l nk-local (d rectly plugged) mach nes acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wa s acl Safe_ports port 1025-65535 # unreg stered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # f lemaker acl Safe_ports port 777 # mult l ng http acl CONNECT method CONNECT acl broken302 http_status 110 400-404 302 500-505 http_access deny broken302 # # Recommended m n mum Access Perm ss on conf gurat on: # # Deny requests to certa n unsafe ports http_access deny !Safe_ports # Deny CONNECT to other than secure SSL ports #http_access deny CONNECT !SSL_ports #http_access allow CONNECT SSL_ports # Only allow cachemgr access from localhost http_access allow localhost manager http_access deny manager acl QQupload req_m me_type - text/octet no_cache deny QQupload # We strongly recommend the follow ng be uncommented to protect nnocent # web appl cat ons runn ng on the proxy server who th nk the only # one who can access serv
显示全部
相似文档