Daniel Halbe wrote:
########### squid.conf ################### client_netmask 255.255.255.0 dns_nameservers XXX.YYY.172.3 auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 15 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic credentialsttl 5 hours acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 # https, snews acl SSL_ports port 873 # rsync acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 631 # cups acl Safe_ports port 873 # rsync acl Safe_ports port 901 # SWAT acl QUERY urlpath_regex cgi-bin \? acl purge method PURGE acl CONNECT method CONNECT acl NTLMUsers proxy_auth REQUIRED acl winupdate dstdomain .microsoft.com .windowsupdate.com acl ftp proto FTP no_cache deny winupdate
http_access allow all NTLMUsers
move up> http_access allow winupdate
always_direct allow ftp
remove > always_direct allow winupdate
no_cache deny QUERY http_access deny all http_reply_access allow all icp_access deny all cache_mgr root dns_testnames heise.de google.de denic.de internic.net ######################################
Bye Stefano
