# pra baixar esta configuração via wget # wget http://www.zago.eti.br/modelos/squid.conf-planoreduzido # pro editor "vi" # :r !lynx -dump http://www.zago.eti.br/modelos/squid.conf-planoreduzido # De:  robsoncb2 #Para:  Antonio F. Zago #Assunto:  Squid.conf - Horário reduzido ( Pro FAQ ) #Data:  Wed, 23 Jun 2004 01:18:03 -0300 (ART) #Zago aí vai o meu squid.conf com horários reduzidos, a #qual você tinha me pedido para disponibilizar para o #pessoal. Tem algumas configurações extras no final. #squid.conf #----------------------------------------- http_port 3128 # TAG: hierarchy_stoplist # A list of words which, if found in a URL, cause the object to # be handled directly by this cache. In other words, use this # to not query neighbor caches for certain objects. You may # list this option multiple times. # #We recommend you to use at least the following line. hierarchy_stoplist cgi-bin ? # TAG: no_cache # A list of ACL elements which, if matched, cause the reply to # immediately removed from the cache. In other words, use this # to force certain objects to never be cached. # # You must use the word 'DENY' to indicate the ACL names which should # NOT be cached. # #We recommend you to use the following two lines. acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY cache_mem 32 MB cache_swap_low 90 cache_swap_high 95 maximum_object_size 4096 KB cache_dir ufs /var/cache/squid 5000 16 256 cache_access_log /var/log/squid/access.log cache_log /var/log/squid/cache.log cache_store_log /var/log/squid/store.log # TAG: debug_options # Logging options are set as section,level where each source file # is assigned a unique section. Lower levels result in less # output, Full debugging (level 9) can result in a very large # log file, so be careful. The magic word "ALL" sets debugging # levels for all sections. We recommend normally running with # "ALL,1". # #Default: # debug_options ALL,1 #Recommended minimum configuration: acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl planoreduzido src 172.16.0.0 #acl semanalmanha time MTWHF 00:00-08:00 #acl semanalnoite time MTWHF 22:00-24:00 #acl sabadomanha time A 00:00-08:00 #acl sabadonoite time A 16:00-24:00 #acl domingo time S 00:00-24:00 # TAG: http_access # Allowing or Denying access based on defined access lists # # Access to the HTTP port: # http_access allow|deny [!]aclname ... # # NOTE on default values: # # If there are no "access" lines present, the default is to deny # the request. # # If none of the "access" lines cause a match, the default is the # opposite of the last line in the list. If the last line was # deny, then the default is allow. Conversely, if the last line # is allow, the default will be deny. For these reasons, it is a # good idea to have an "deny all" or "allow all" entry at the end # of your access lists to avoid potential confusion. # #Default: # http_access deny all # #Recommended minimum configuration: # # Only allow cachemgr access from localhost http_access allow manager localhost http_access deny manager # Deny requests to unknown ports http_access deny !Safe_ports # Deny CONNECT to other than SSL ports http_access deny CONNECT !SSL_ports #acl pra sites direto, não passar pelo cache acl NOCACHE url_regex "/etc/squid/direto.txt" \? no_cache deny NOCACHE # # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # # And finally deny all other access to this proxy #http_access allow all http_access allow planoreduzido #http_access allow planoreduzido semanalmanha #http_access allow planoreduzido semanalnoite #http_access allow planoreduzido sabadomanha #http_access allow planoreduzido sabadonoite #http_access allow planoreduzido domingo #http_access deny all cache_effective_user proxy cache_effective_group proxy # TAG: visible_hostname # If you want to present a special hostname in error messages, etc, # then define this. Otherwise, the return value of gethostname() # will be used. If you have multiple caches in a cluster and # get errors about IP-forwarding you must set them to have individual # names with this setting. # #Default: # none httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on logfile_rotate 7 #Extras: # Acrescente no crontab: 59 23 * * * /usr/bin/squid -k rotate # crie o arquivo /etc/squid/direto.txt # Cole neste arquivo as 3 linhas abaixo, sem o sinal #: # gov.br # caixa # fazenda # Robson # robsoncb2@yahoo.com.br