hsinhoyeh · December 1, 2017 05:10
diff --git a/my squid configuration on http proxy b/my squid configuration on http proxy
 #### OS ####
 ubuntu 16.04

 #### install ####
 sudo apt-get install -y squid
 sudo apt-get install -y apache2-utils

 #### generate passwords file #####
 sudo htpasswd -c /etc/squid/passwords $username

 #### reload squid config
 service squid reload

 #### my squid.conf #####


 acl SSL_ports port 443
 acl Safe_ports port 80          # http
 acl Safe_ports port 21          # ftp
 acl Safe_ports port 443         # https
 acl Safe_ports port 70          # gopher
 acl Safe_ports port 210         # wais
 acl Safe_ports port 1025-65535  # unregistered ports
 acl Safe_ports port 280         # http-mgmt
 acl Safe_ports port 488         # gss-http
 acl Safe_ports port 591         # filemaker
 acl Safe_ports port 777         # multiling http
 acl CONNECT method CONNECT

 http_access deny !Safe_ports
 http_access deny CONNECT !SSL_ports


 # Squid normally listens to port 3128
 http_port 3128

 # Leave coredumps in the first cache dir
 coredump_dir /var/spool/squid

 refresh_pattern ^ftp:           1440    20%     10080
 refresh_pattern ^gopher:        1440    0%      1440
 refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
 refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
 # example lin deb packages
 #refresh_pattern (\.deb|\.udeb)$   129600 100% 129600
 refresh_pattern .               0       20%     4320

 auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords
 auth_param basic children 5
 auth_param basic realm proxy
 acl authenticated proxy_auth REQUIRED
 http_access deny !authenticated
 http_access allow authenticated
 http_access deny all
	#### OS ####
	ubuntu 16.04

	#### install ####
	sudo apt-get install -y squid
	sudo apt-get install -y apache2-utils

	#### generate passwords file #####
	sudo htpasswd -c /etc/squid/passwords $username

	#### reload squid config
	service squid reload

	#### my squid.conf #####


	acl SSL_ports port 443
	acl Safe_ports port 80 # http
	acl Safe_ports port 21 # ftp
	acl Safe_ports port 443 # https
	acl Safe_ports port 70 # gopher
	acl Safe_ports port 210 # wais
	acl Safe_ports port 1025-65535 # unregistered ports
	acl Safe_ports port 280 # http-mgmt
	acl Safe_ports port 488 # gss-http
	acl Safe_ports port 591 # filemaker
	acl Safe_ports port 777 # multiling http
	acl CONNECT method CONNECT

	http_access deny !Safe_ports
	http_access deny CONNECT !SSL_ports


	# Squid normally listens to port 3128
	http_port 3128

	# Leave coredumps in the first cache dir
	coredump_dir /var/spool/squid

	refresh_pattern ^ftp: 1440 20% 10080
	refresh_pattern ^gopher: 1440 0% 1440
	refresh_pattern -i (/cgi-bin/\|\?) 0 0% 0
	refresh_pattern (Release\|Packages(.gz)*)$ 0 20% 2880
	# example lin deb packages
	#refresh_pattern (\.deb\|\.udeb)$ 129600 100% 129600
	refresh_pattern . 0 20% 4320

	auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords
	auth_param basic children 5
	auth_param basic realm proxy
	acl authenticated proxy_auth REQUIRED
	http_access deny !authenticated
	http_access allow authenticated
	http_access deny all