diff options
| author |   Justin chi <chigang@huawei.com> | 2017-11-03 08:48:34 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <gerrit@opnfv.org> | 2017-11-03 08:48:34 +0000 |
| commit | cdbfdcb04670bba08b301789c6be08900da44f10 (patch) | |
| tree | e2d20371b26863551ef6907601d06a538d8eea45 /compass-deck/misc/squid/squid.conf | |
| parent | 651da345e4fde74f81213fd08cc3a21a8421089a (diff) | |
| parent | 905b0231e93ce2409a45dd6c4f5f983689fdb790 (diff) | |
Merge "Add compass-deck"
Diffstat (limited to 'compass-deck/misc/squid/squid.conf')
| -rw-r--r-- | compass-deck/misc/squid/squid.conf | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/compass-deck/misc/squid/squid.conf b/compass-deck/misc/squid/squid.conf new file mode 100644 index 0000000..018da20 --- /dev/null +++ b/compass-deck/misc/squid/squid.conf @@ -0,0 +1,71 @@ +# +# Recommended minimum configuration: +# +acl manager proto cache_object +acl localhost src 127.0.0.1/32 ::1 +acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 + +# Example rule allowing access from your local networks. +# Adapt to list your (internal) IP networks from where browsing +# should be allowed +acl localnet src $subnet # the subnet of local network +acl localnet src fc00::/7 # RFC 4193 local private network range +acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines + +acl CONNECT method CONNECT + +# +# Recommended minimum Access Permission configuration: +# +# Only allow cachemgr access from localhost +http_access allow manager localhost +http_access deny manager + +# We strongly recommend the following be uncommented to protect innocent +# web applications running on the proxy server who think the only +# one who can access services on "localhost" is a local user +http_access deny to_localhost + +# +# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS +# + +# Example rule allowing access from your local networks. +# Adapt localnet in the ACL section to list your (internal) IP networks +# from where browsing should be allowed +http_access allow localnet +http_access allow localhost + +# And finally deny all other access to this proxy +http_access deny all + +# Squid normally listens to port 3128 +http_port 3128 + +# We recommend you to use at least the following line. +# hierarchy_stoplist cgi-bin ? + +cache_mem 512 MB +maximum_object_size_in_memory 512 KB +maximum_object_size 512 MB +# Uncomment and adjust the following to add a disk cache directory. +cache_dir aufs /var/squid/cache 25000 16 256 + +cache_store_log /var/log/squid/store.log + +access_log none + +# Leave coredumps in the first cache dir +coredump_dir /var/spool/squid + +# Add any of your own refresh_pattern entries above these. +refresh_pattern . 86400 50% 518400 + +quick_abort_min -1 QB +read_ahead_gap 100 MB + +positive_dns_ttl 30 second +negative_dns_ttl 1 second + +pipeline_prefetch on +request_timeout 15 minute |