Daniel Halbe wrote:
> ########### squid.conf ###################
> client_netmask 255.255.255.0
> dns_nameservers XXX.YYY.172.3
> auth_param ntlm program /usr/bin/ntlm_auth
> --helper-protocol=squid-2.5-ntlmssp
> auth_param ntlm children 15
> auth_param ntlm max_challenge_reuses 0
> auth_param ntlm max_challenge_lifetime 2 minutes
> auth_param basic program /usr/bin/ntlm_auth
> --helper-protocol=squid-2.5-basic
> auth_param basic children 5
> auth_param basic credentialsttl 5 hours
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 563 # https, snews
> acl SSL_ports port 873 # rsync
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl Safe_ports port 631 # cups
> acl Safe_ports port 873 # rsync
> acl Safe_ports port 901 # SWAT
> acl QUERY urlpath_regex cgi-bin \?
> acl purge method PURGE
> acl CONNECT method CONNECT
> acl NTLMUsers proxy_auth REQUIRED
> acl winupdate dstdomain .microsoft.com .windowsupdate.com
> acl ftp proto FTP
> no_cache deny winupdate
> http_access allow all NTLMUsers
move up> http_access allow winupdate
> always_direct allow ftp
remove > always_direct allow winupdate
> no_cache deny QUERY
> http_access deny all
> http_reply_access allow all
> icp_access deny all
> cache_mgr root
> dns_testnames heise.de google.de denic.de internic.net
> ######################################
>
Bye
Stefano
Received on Tue Oct 11 2005 - 03:56:47 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Nov 01 2005 - 12:00:04 MST