Proxy Server: Squid 2.0 Sample Configuration File

Analytics

Proxy Server Nedir?

Birden Fazla PC’den internete erişilen ve bu bilgilerin log’landığı sistemlerdir.Linux / Windows ve Appliance Şeklinde Mevcuttur.Bu yazımızda linux / squid v 2.0 proxy sunucuya ait konfigurasyon dosyasını inceleyeceğiz.

 

Squid Server Örnek konfigurasyon dosyası.

 

squid.conf file begin

cache_mem 600 MB
 http_port 3128
 forwarded_for off
 #dns_defnames on
 max_filedesc 8192
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
 auth_param ntlm children 100
 auth_param ntlm keep_alive on
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
 auth_param basic children 5
 auth_param basic realm Squid proxy-caching web server
 auth_param basic credentialsttl 2 hours
authenticate_ttl 1 hour
 authenticate_cache_garbage_interval 1 hour
acl manager proto cache_object
 acl localhost src 127.0.0.1/32
 http_access allow manager localhost
acl all src 0/0
 acl no_auth dst 10.110.24.0/24
 acl no_auth_dmn dstdomain .itmakale.com.tr
 acl blocked url_regex -i "/etc/squid/blockedwords.txt"
 acl allowed_urls url_regex -i "/etc/squid/allowed_urls.txt"
 acl only_itmakale proxy_auth "/etc/squid/only_itmakale.txt"
 acl test_users proxy_auth "/etc/squid/test_users.txt"
 acl kioskdst dst 93.89.224.45 10.110.24.20
 acl AuthorizedUsers proxy_auth REQUIRED
 acl itmakaleDMN dstdomain  .itmakale.com.tr
 acl itmakaleIP dst 10.110.24.0/24
 acl white_list_dst_ip dst 93.89.224.45
 acl numeric url_regex ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
 acl connect method CONNECT
 acl no_auth_src_ip_adr src 10.110.24.0/24
acl download urlpath_regex -i \.exe$
 acl download_users src 10.110.24.0/24
 acl download_link dstdomain .microsoft.com .installshield.com
no_cache deny itmakaleDMN
 no_cache deny itmakaleIP
# deny some source ip addresses
 #http_access deny blocked_src_ip
# allow some source ip addresses
 http_access allow  no_auth_src_ip_adr
# allow some destination ip addresses
 http_access allow white_list_dst_ip
# allow some domains
 http_access allow no_auth_dmn
# allow some URLs
 http_access allow allowed_urls
# block requests that are matched both numeric and have connect method
 http_access deny connect numeric all
# block content of the blocked.txt file
 http_access deny blocked
# Izinli kullanicilar haricinde EXE indirilmesini kisitlamak için aşağıdaki satırlar kullanılabilir.
 http_access allow download_link
 http_access allow download_users download
 http_access deny download
# allow authorized users
 http_access allow AuthorizedUsers
# block all source IP addressess
 http_access deny all
cache_effective_user squid
 cache_effective_group squid
#squid hatalarını turkce olarak dondurmek icin
 cache_dir ufs /var/spool/squid 1024 16 256
 error_directory /usr/share/squid/errors/Turkish
# forward all requests to parent
 cache_peer 10.10.1.5 parent 8080 0 no-query default
 never_direct allow all
half_closed_clients off
 visible_hostname squid
 cache_store_log none
 cache_access_log /var/log/squid/access.log squid
 useragent_log /var/log/squid/useragent.log squid
 cache_log /var/log/squid/cache.log
 logfile_rotate 60
icp_access deny all
 request_header_max_size 10 KB
 request_body_max_size 10 MB
#debug_options ALL,1 33,2
 #debug_options ALL,1 33,2 28,9
# conf file ended

Bir Cevap Yazın

E-posta hesabınız yayımlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir