[squid-users] a better squid.conf? foodconcepts.net? {Scanned}

From: Dean Durant <dean.durant@dont-contact.us>
Date: Fri, 9 May 2008 12:05:16 -0400

Hello, I posted my squid.conf before, and someone made the observation that
I was allowing a lot of different things and that "someone evil" had
figured this out. I have tried to tighten it up. And when I do a
netstat -vat, I keep seeing food?.foodconcepts.net, which is not a
legitimate hostname at all. Is this as bad as I fear it could be?
Access through this squid box continues to be slow for uploads. Thanks,
Dean
___________________________________________________

http_port 3128
http_port 80
https_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 64 MB
cache_dir ufs /usr/local/squid/cache 400 16 256
cache_access_log /usr/local/squid/logs/access.log
cache_log /usr/local/squid/logs/cache.log
pid_filename /usr/local/squid/logs/squid.pid
debug_options 4,10 26,2 83,10
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl fulda dst 130.0.0.0/255.0.0.0
acl origNet src 192.9.70.0/255.255.255.0
acl abyzNetU src 130.16.64.0/255.255.192.0
acl abyzNetW src 130.16.128.0/255.255.192.0
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl scanner dst 192.9.70.243
acl autoweb dst 67.109.76.29
acl SSL_ports port 443 563
acl CONNECT method CONNECT
acl abyz_forbidden url_regex
"/usr/local/squid/etc/abyzforbidden/abyz_blocked.txt"
acl abyz_forbidden_always url_regex
"/usr/local/squid/etc/abyzforbidden/abyz_deny.always"
acl abyz_forbidden_lunch url_regex
"/usr/local/squid/etc/abyzforbidden/abyz_deny.lunch"
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow fulda
http_access allow origNet
http_access allow abyzNetW
http_access allow abyzNetU
http_access deny all
http_reply_access allow all
cache_mgr help@abyz-us.com
cache_effective_user squid
cache_effective_group squid
visible_hostname srvproxy228
dns_testnames google.com internic.net nlanr.net ibm.com

_________________________________________________________________________________________________________________

Dean Durant

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Received on Fri May 09 2008 - 16:04:36 MDT

This archive was generated by hypermail 2.2.0 : Tue May 13 2008 - 12:00:03 MDT