From 905b0231e93ce2409a45dd6c4f5f983689fdb790 Mon Sep 17 00:00:00 2001 From: Harry Huang Date: Wed, 1 Nov 2017 11:56:50 +0800 Subject: Add compass-deck RESTful API and DB Handlers for Compass Change-Id: I1ce411f279943764c286ea48dca9185d453cf254 Signed-off-by: Harry Huang --- compass-deck/misc/squid/squid.conf | 71 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 compass-deck/misc/squid/squid.conf (limited to 'compass-deck/misc/squid/squid.conf') diff --git a/compass-deck/misc/squid/squid.conf b/compass-deck/misc/squid/squid.conf new file mode 100644 index 0000000..018da20 --- /dev/null +++ b/compass-deck/misc/squid/squid.conf @@ -0,0 +1,71 @@ +# +# Recommended minimum configuration: +# +acl manager proto cache_object +acl localhost src 127.0.0.1/32 ::1 +acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 + +# Example rule allowing access from your local networks. +# Adapt to list your (internal) IP networks from where browsing +# should be allowed +acl localnet src $subnet # the subnet of local network +acl localnet src fc00::/7 # RFC 4193 local private network range +acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines + +acl CONNECT method CONNECT + +# +# Recommended minimum Access Permission configuration: +# +# Only allow cachemgr access from localhost +http_access allow manager localhost +http_access deny manager + +# We strongly recommend the following be uncommented to protect innocent +# web applications running on the proxy server who think the only +# one who can access services on "localhost" is a local user +http_access deny to_localhost + +# +# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS +# + +# Example rule allowing access from your local networks. +# Adapt localnet in the ACL section to list your (internal) IP networks +# from where browsing should be allowed +http_access allow localnet +http_access allow localhost + +# And finally deny all other access to this proxy +http_access deny all + +# Squid normally listens to port 3128 +http_port 3128 + +# We recommend you to use at least the following line. +# hierarchy_stoplist cgi-bin ? + +cache_mem 512 MB +maximum_object_size_in_memory 512 KB +maximum_object_size 512 MB +# Uncomment and adjust the following to add a disk cache directory. +cache_dir aufs /var/squid/cache 25000 16 256 + +cache_store_log /var/log/squid/store.log + +access_log none + +# Leave coredumps in the first cache dir +coredump_dir /var/spool/squid + +# Add any of your own refresh_pattern entries above these. +refresh_pattern . 86400 50% 518400 + +quick_abort_min -1 QB +read_ahead_gap 100 MB + +positive_dns_ttl 30 second +negative_dns_ttl 1 second + +pipeline_prefetch on +request_timeout 15 minute -- cgit 1.2.3-korg