SpecialistOff.NET / Вопросы / Статьи / Фрагменты кода / Резюме / Метки / Помощь / Файлы
Список вопросов Печать| RemiZOffAlex Создано: 2017-03-23 02:58:40.125807 Обновлено: 2017-03-23 02:58:40.125807 |
|---|
yum -y install squid squid.confacl localnet src 192.168.0.0/24 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT # Exclude internal network acl WorkNet dst 192.168.0.0/24 # Exclude friend url's acl MyURL url_regex ^http://specialistoff.net/ always_direct allow MyURL # # Recommended minimum Access Permission configuration: # # Deny requests to certain unsafe ports http_access deny !Safe_ports # Deny CONNECT to other than secure SSL ports http_access deny CONNECT !SSL_ports # Only allow cachemgr access from localhost http_access allow localhost manager http_access deny manager http_access allow localnet http_access allow localhost # And finally deny all other access to this proxy http_access deny all # Squid normally listens to port 3128 http_port 192.168.0.1:3128 intercept cache_mem 512 MB # # Add any of your own refresh_pattern entries above these. # refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 # squidGuard url_rewrite_program /usr/bin/squidGuard url_rewrite_children 5 dns_nameservers 127.0.0.1 visible_hostname specialistoff.net via off forwarded_for delete access_log daemon:/var/log/squid/access.log squid !MyURL !WorkNet # access_log daemon:/var/log/squid/access.log test !MyURL !WorkNet logfile_rotate 10 iptablesiptables -t nat -A PREROUTING -i ens18 -s 192.168.0.0/24 ! -d 192.168.0.0/24 -p tcp --dport 80 -j REDIRECT --to-port 3128 |