Squid Config for Transparent Proxy

SUBMITTED BY: HaARiZz

DATE: Oct. 11, 2016, 7:58 a.m.

FORMAT: Text only

SIZE: 1.4 kB

Raw Download

HITS: 759

Report
  1. acl localnet src 192.168.201.0/24
  3. acl SSL_ports port 443
  4. acl Safe_ports port 80 # http
  5. acl Safe_ports port 21 # ftp
  6. acl Safe_ports port 443 # https
  7. acl Safe_ports port 70 # gopher
  8. acl Safe_ports port 210 # wais
  9. acl Safe_ports port 1025-65535 # unregistered ports
  10. acl Safe_ports port 280 # http-mgmt
  11. acl Safe_ports port 488 # gss-http
  12. acl Safe_ports port 591 # filemaker
  13. acl Safe_ports port 777 # multiling http
  14. acl CONNECT method CONNECT
  16. http_access deny !Safe_ports
  17. http_access deny CONNECT !SSL_ports
  19. http_access allow all
  21. http_port 3130
  23. http_port 3128 intercept
  24. https_port 3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/ssl_cert/myca.pem key=/etc/squid/ssl_cert/myca.pem
  26. #always_direct allow all
  27. ssl_bump server-first all
  28. #sslproxy_cert_error deny all
  29. #sslproxy_flags DONT_VERIFY_PEER
  31. sslcrtd_program /usr/lib/squid/ssl_crtd -s /var/lib/ssl_db -M 4MB
  32. sslcrtd_children 8 startup=1 idle=1
  34. coredump_dir /var/spool/squid
  36. # Add any of your own refresh_pattern entries above these.
  37. refresh_pattern ^ftp: 1440 20% 10080
  38. refresh_pattern ^gopher: 1440 0% 1440
  39. refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
  40. refresh_pattern . 0 20% 4320
  43. shutdown_lifetime 1 second
comments powered by Disqus