Search squid archive

a better squid.conf? foodconcepts.net? {Scanned}

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello, I posted my squid.conf before, and someone made the observation that
I was allowing a lot of different things and that "someone evil" had
figured this out.   I have tried to tighten it up.     And when I do a
netstat -vat, I keep seeing food?.foodconcepts.net, which is not a
legitimate hostname at all.   Is this as bad as I fear it could be?
Access through this squid box continues to be slow for uploads.    Thanks,
Dean
___________________________________________________

http_port 3128
http_port 80
https_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 64 MB
cache_dir ufs /usr/local/squid/cache 400 16 256
cache_access_log /usr/local/squid/logs/access.log
cache_log /usr/local/squid/logs/cache.log
pid_filename /usr/local/squid/logs/squid.pid
debug_options 4,10 26,2 83,10
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern .               0       20%     4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl fulda dst 130.0.0.0/255.0.0.0
acl origNet src 192.9.70.0/255.255.255.0
acl abyzNetU src 130.16.64.0/255.255.192.0
acl abyzNetW src 130.16.128.0/255.255.192.0
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl scanner dst 192.9.70.243
acl autoweb dst 67.109.76.29
acl SSL_ports port 443 563
acl CONNECT method CONNECT
acl abyz_forbidden url_regex
"/usr/local/squid/etc/abyzforbidden/abyz_blocked.txt"
acl abyz_forbidden_always url_regex
"/usr/local/squid/etc/abyzforbidden/abyz_deny.always"
acl abyz_forbidden_lunch url_regex
"/usr/local/squid/etc/abyzforbidden/abyz_deny.lunch"
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow fulda
http_access allow origNet
http_access allow abyzNetW
http_access allow abyzNetU
http_access deny all
http_reply_access allow all
cache_mgr help@xxxxxxxxxxx
cache_effective_user squid
cache_effective_group squid
visible_hostname srvproxy228
dns_testnames google.com internic.net nlanr.net ibm.com

_________________________________________________________________________________________________________________

Dean Durant



-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux