Source of squid-squid.conf.patch - casa-mp-base

Raw file
Source viewDiff to previous
11.68 KB
xxxxxxxxxx
+refresh_pattern -i \.(deb|rpm|exe|zip|tar|tgz|ram|rar|bin|ppt|doc|tiff)$ 10080 90% 43200 override-expire ignore-no-cache ignore-no-store ignore-private
 
--- ./squid.conf    2019-10-22 22:36:27.000000000 -0400
+++ ./squid.conf    2019-10-22 23:08:00.000000000 -0400
@@ -1294,12 +1294,9 @@
 # Example rule allowing access from your local networks.
 # Adapt to list your (internal) IP networks from where browsing
 # should be allowed
-acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)
-acl localnet src 10.0.0.0/8        # RFC 1918 local private network (LAN)
-acl localnet src 100.64.0.0/10     # RFC 6598 shared address space (CGN)
-acl localnet src 169.254.0.0/16    # RFC 3927 link-local (directly plugged) machines
-acl localnet src 172.16.0.0/12     # RFC 1918 local private network (LAN)
-acl localnet src 192.168.0.0/16        # RFC 1918 local private network (LAN)
+acl localnet src 10.0.0.0/8    # RFC1918 possible internal network
+#acl localnet src 172.16.0.0/12    # RFC1918 possible internal network
+#acl localnet src 192.168.0.0/16   # RFC1918 possible internal network
 acl localnet src fc00::/7          # RFC 4193 local private network range
 acl localnet src fe80::/10         # RFC 4291 link-local (directly plugged) machines
 
@@ -1563,8 +1560,8 @@
 #  See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
 #
 ## Allow ICP queries from local networks only
-##icp_access allow localnet
-##icp_access deny all
+icp_access allow localnet
+icp_access deny all
 #Default:
 # Deny, unless rules exist in squid.conf.
 
@@ -2015,10 +2012,10 @@
 #
 
 # Squid normally listens to port 3128
-http_port 3128
+http_port @PROXY_SERVER@:3128
 
 #  TAG: https_port
-#  Usage:  [ip:]port [mode] tls-cert=certificate.pem [options]
+#  Usage:  [ip:]port cert=certificate.pem [key=key.pem] [mode] [options...]
 #
 #  The socket address where Squid will listen for client requests made
 #  over TLS or SSL connections. Commonly referred to as HTTPS.
@@ -3308,6 +3305,16 @@
 #Default:
 # none
 
+# See http://www.privoxy.org/user-manual/config.html
+# Define Privoxy as parent proxy (without ICP) 
+cache_peer @PROXY_SERVER@ parent 8118 0 no-digest no-query default name=privoxy
+
+# If privoxy is run on the LAN:
+#cache_peer 10.0.1.3 parent 8118 0 no-digest no-query default name=privoxy
+
+# I2P
+# cache_peer @PROXY_SERVER@ parent 4443 0 no-digest no-query default name=i2p
+
 #  TAG: cache_peer_access
 #  Restricts usage of cache_peer proxies.
 #
@@ -3441,6 +3453,7 @@
 #  enough to keep larger objects from hoarding cache_mem.
 #Default:
 # maximum_object_size_in_memory 512 KB
+maximum_object_size_in_memory 64 KB
 
 #  TAG: memory_cache_shared    on|off
 #  Controls whether the memory cache is shared among SMP workers.
@@ -3523,6 +3536,7 @@
 #  and http://fog.hpl.external.hp.com/techreports/98/HPL-98-173.html.
 #Default:
 # cache_replacement_policy lru
+cache_replacement_policy heap LFUDA
 
 #  TAG: minimum_object_size    (bytes)
 #  Objects smaller than this size will NOT be saved on disk.  The
@@ -3547,6 +3561,7 @@
 #  See cache_replacement_policy for a discussion of this policy.
 #Default:
 # maximum_object_size 4 MB
+maximum_object_size 64 MB
 
 #  TAG: cache_dir
 #  Format:
@@ -3702,6 +3717,7 @@
 #Default:
 # No disk cache. Store cache ojects only in memory.
 #
+cache_dir ufs @PREFIX@/var/squid/cache 256 16 256
 
 # Uncomment and adjust the following to add a disk cache directory.
 #cache_dir ufs @PREFIX@/var/squid/cache 100 16 256

casa-mp-base

Source

Add shortcut