Squid from the scratch: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „=Installation= *apt-get install squid =Konfiguration= *cd /etc/squid *mv squid.conf squid.conf.org =Reduzieren auf das notwendige= *grep "^[^#]" squid.conf.org…“) |
Thomas (Diskussion | Beiträge) |
||
| Zeile 6: | Zeile 6: | ||
=Reduzieren auf das notwendige= | =Reduzieren auf das notwendige= | ||
*grep "^[^#]" squid.conf.org > squid.conf | *grep "^[^#]" squid.conf.org > squid.conf | ||
| + | =Die Konfigurationsdatei= | ||
| + | cat /etc/squid/squid.conf | ||
| + | <pre> | ||
| + | #Accesslisten | ||
| + | acl SSL_ports port 443 | ||
| + | acl Safe_ports port 80 # http | ||
| + | acl Safe_ports port 21 # ftp | ||
| + | acl Safe_ports port 443 # https | ||
| + | acl Safe_ports port 70 # gopher | ||
| + | acl Safe_ports port 210 # wais | ||
| + | acl Safe_ports port 1025-65535 # unregistered ports | ||
| + | acl Safe_ports port 280 # http-mgmt | ||
| + | acl Safe_ports port 488 # gss-http | ||
| + | acl Safe_ports port 591 # filemaker | ||
| + | acl Safe_ports port 777 # multiling http | ||
| + | acl CONNECT method CONNECT | ||
| + | |||
| + | #HTTP Access | ||
| + | http_access deny !Safe_ports | ||
| + | http_access deny CONNECT !SSL_ports | ||
| + | http_access allow localhost manager | ||
| + | http_access deny manager | ||
| + | http_access allow localhost | ||
| + | http_access deny all | ||
| + | |||
| + | #Port | ||
| + | http_port 3128 | ||
| + | |||
| + | #Wenn Squid abstürtz wird hier ein Abbild hingeschrieben= | ||
| + | coredump_dir /var/spool/squid | ||
| + | |||
| + | #Caching Verhalten | ||
| + | refresh_pattern ^ftp: 1440 20% 10080 | ||
| + | refresh_pattern ^gopher: 1440 0% 1440 | ||
| + | refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 | ||
| + | refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 | ||
| + | refresh_pattern . 0 20% 4320 | ||
| + | </pre> | ||
Version vom 20. März 2017, 13:55 Uhr
Installation
- apt-get install squid
Konfiguration
- cd /etc/squid
- mv squid.conf squid.conf.org
Reduzieren auf das notwendige
- grep "^[^#]" squid.conf.org > squid.conf
Die Konfigurationsdatei
cat /etc/squid/squid.conf
#Accesslisten
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
#HTTP Access
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localhost
http_access deny all
#Port
http_port 3128
#Wenn Squid abstürtz wird hier ein Abbild hingeschrieben=
coredump_dir /var/spool/squid
#Caching Verhalten
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
refresh_pattern . 0 20% 4320