Lucas Albers wrote:
[stuff about squid not working for windows update deleted.] I dont' acl limit what users can connect to. Only users on the local domain can use the proxy cache. I use a debian squid proxy for upwards of 3000 clients. Works perfectly, saves tons of bandwidth, and speeds everything up. attached is my squid.conf file with comments/whitespace removed. Enjoy. hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY cache_mem 16 MB maximum_object_size 1280096 KB cache_dir ufs /var/spool/squid 3000 16 256 refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 refresh_pattern http://*.windowsupdate.microsoft.com/ 0 80% 20160 reload-into-imsrefresh_pattern http://office.microsoft.com/ 0 80% 20160 reload-into-ims refresh_pattern http://windowsupdate.microsoft.com/ 0 80% 20160reload-into-imsrefresh_pattern http://wxpsp2.microsoft.com/ 0 80% 20160 reload-into-ims refresh_pattern http://xpsp1.microsoft.com/ 0 80% 20160 reload-into-ims refresh_pattern http://w2ksp4.microsoft.com/ 0 80% 20160 reload-into-ims refresh_pattern http://download.microsoft.com/ 0 80% 20160 reload-into-imsrefresh_pattern http://download.macromedia.com/ 0 80% 20160 reload-into-ims refresh_pattern ftp://ftp.nai.com/ 0 80% 20160 reload-into-ims refresh_pattern http://ftp.software.ibm.com/ 0 80% 20160 reload-into-ims acl all src 0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl SSL_ports port 873 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 563 acl Safe_ports port 70 acl Safe_ports port 210 acl Safe_ports port 1025-65535 acl Safe_ports port 280 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl Safe_ports port 631 acl Safe_ports port 873 acl Safe_ports port 901 acl purge method PURGE acl CONNECT method CONNECT acl home1 src xxx.xx.133.165-255.255.255.255 acl home2 src xx.xx.0.0/16 http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !Safe_ports http_access deny CONNECT !SSL_ports acl our_networks src xxx.xx.0.0/16 http_access allow our_networks http_access allow localhost http_access deny all http_reply_access allow all http_reply_access allow all icp_access allow all cache_mgr admin@cs.montana.edu cachemgr_passwd mousie all coredump_dir /var/spool/squid --Luke
Thanks a lot Luke .....It works great --me-- -- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.2.4 (GNU/Linux) mQGiBEDato0RBADHD8bKvVCTORppg/pot1Zuyx4Joz/IC34aZlLkG7/JNEVemqiB jSVgnwxa9UNs9Chz9CT6vqzw1pgPXDAb1rD91kbupatgaFUlNEwAW/v2eH8LQEYz 3NicbaysYeeJLBOYlwtmbZWrV8KKoSNrHWxZRjfl4a7TGggllou6+sAQTwCg/2Q2 lLLdPjuaXGiRHqpHFuFWVT8D/Rfzi89GrGWwharBmqNlq3WNJJSK4NdZUy6yFrfY mqaytOBUq6wWoM9OdvAciS4R1qVK2GItV2xIX9N47zeEXspsANF3PyH6PSdXBYfO CDL6jdkL1JS/E+QQcOsqbwkJOa3IpSuJPuE0IuYj9G2pEUNFR9/QiNVq2ysqUK8I V/8VBACmL758SPyrMSwA2sPGiRbSndr0Bc6XW/YPwvJNQsU+zzX+qtAP4K3oEX7R z1OD6LfkJAvrCLswNJbyIlrsFSo/NxlsqnWgKU4K4qsntvMA2UiyAUCOONCn+7Uo V8UVK/3ZKRAlnTM6YdxEWe1c09pP3k4kxGdii5E3cJu6a1a4jbYAAAAxZGViaWFu IChKVVNUIFNJR05BVFVSRSkgPGRlYl9taWxpc3RAeWFob28uY29tLnNnPohbBBMR AgAbBQJA2raNBgsJCAcDAgMVAgMDFgIBAh4BAheAAAoJEP6KKTciHvMpKQgAoLl1 8lYWPDqcTtRwNyPBA5UhlbHIAKDAjaZYyTgyYU2xtacqPDqsMzf/N7kBDQRA2raQ EAQAqzfMQUbVLt/iFTDFcI3XSO26v2BYQAvHdRkMGo8AFrffJCbEFfTlyCrTbhIH KB0D6Z8+lEqdsjJlwleNWDWTu3gYhOvUeGqCiNmPRGeYjM5VatsUNMQLS6qGVbpa iHXZ75e6Vco3MjMEKN1KQDn3QdtWJcW32LPA5XqrEbInV1MAAwYD/idygDdnBgOU NEfN+JVFr3OUuVBTxky6VZ08mYbjVmE/tFDh+H9o0GdHAMrvXbITFau6BR3ykNXt VPRMlT+g1pCe91RovR+WwfLItFnCeB6lfiu4tsdPWeBWPKbdQO7zb1Wj6U/yo5Jc jNjQjBHpxuoTpicYYgKiFIIhHzIGkt9MiEYEGBECAAYFAkDatpAACgkQ/oopNyIe 8ykmwgCfZLcfyNlAVIpfhyhjJPDbLYJsBc8AnRz9PqrchdlrWSonVBgsHg0VZml+ =Ow66 -----END PGP PUBLIC KEY BLOCK-----
Attachment:
signature.asc
Description: OpenPGP digital signature